Processed: Bug#955119 marked as pending in pygame

2020-05-31 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 pending
Bug #955119 [src:pygame] pygame: FTBFS with Sphinx 2.4: KeyError: 
'versionextended'
Added tag(s) pending.

-- 
955119: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955119
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#955119: marked as pending in pygame

2020-05-31 Thread Sandro Tosi 
Control: tag -1 pending

Hello,

Bug #955119 in pygame reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/python-team/modules/pygame/-/commit/cadab72d1a6f2423f96fc75ea79884e24833d04f


fix doc build with newer versions of Sphinx; Closes: #955119


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/955119

Bug#961958: librdkafka++1: Zero-size library on several architectures

2020-05-31 Thread Adrian Bunk 
Package: librdkafka++1
Version: 1.4.2-1
Severity: grave
Tags: patch fixed-upstream
Forwarded: https://github.com/edenhill/librdkafka/pull/2874

https://buildd.debian.org/status/fetch.php?pkg=librdkafka&arch=amd64&ver=1.4.2-1&stamp=1589341196&raw=0

...
librdkafka++1_1.4.2-1_amd64.deb
...
-rw-r--r-- root/root 0 2020-05-13 03:17 
./usr/lib/x86_64-linux-gnu/librdkafka++.so.1
...

Bug#961907: ca-certificates: Remove expired mozilla/AddTrust_External_Root.crt

2020-05-31 Thread Martin Bagge / brother 
On Mon, Jun 1, 2020 at 1:29 AM Axel Beckert  wrote:

> > You will need to workaround this. As such this motivates critical me
> think.
>
> I think "grave" is severe enough, as it "only" breaks HTTPS including
> apt with HTTPS-based mirrors (as the one mentioned above) and hence
> only "unrelated software/packages", not the whole system (like the
> kernel or the bootloader would do if the system won't boot anymore
> after an upgrade).
>

ok.
I read the description about unrelated software a bit differently indeed.
("makes unrelated software on the system (or the whole system) break, or
causes serious data loss, or introduces a security hole on systems where
you install the package.")


> > just doing a straight up curl will hang until timeout. With the expired
> > cert disabled this is bypassaed (without curl -k).
>
> Nope. curl exits immediately for me, at least in unstable (7.68.0-1):
>

Indeed. Sorry, me being inaccurate. I was testing this on old stable.
As you noted later on as well =)

Ack, stretch is affected, too, at least with lynx and — funnily again
> — curl (7.52.1-5+deb9u10).
>

Thanks for digging further into this issue.

Processed: bug 959652 is forwarded to https://github.com/alberanid/imdbpy/issues/262

2020-05-31 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> forwarded 959652 https://github.com/alberanid/imdbpy/issues/262
Bug #959652 [src:imdbpy] imdbpy: FTBFS: AttributeError: module 
'setuptools.dist' has no attribute 'Feature'
Set Bug forwarded-to-address to 
'https://github.com/alberanid/imdbpy/issues/262'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
959652: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959652
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: closing 959647

2020-05-31 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> close 959647 0.1+git20200419.5d3c63c+ds-1
Bug #959647 [src:lasagne] lasagne: FTBFS: dh_auto_test: error: pybuild --test 
--test-pytest -i python{version} -p 3.8 returned exit code 13
Marked as fixed in versions lasagne/0.1+git20200419.5d3c63c+ds-1.
Bug #959647 [src:lasagne] lasagne: FTBFS: dh_auto_test: error: pybuild --test 
--test-pytest -i python{version} -p 3.8 returned exit code 13
Marked Bug as done
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
959647: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959647
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#961940: libsqlite3-0:i386: trying to overwrite shared '/usr/share/doc/libsqlite3-0/changelog.gz', which is different […]

2020-05-31 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 +pending
Bug #961940 [libsqlite3-0] libsqlite3-0:i386: trying to overwrite shared 
'/usr/share/doc/libsqlite3-0/changelog.gz', which is different […]
Added tag(s) pending.

-- 
961940: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961940
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#961940: libsqlite3-0:i386: trying to overwrite shared '/usr/share/doc/libsqlite3-0/changelog.gz', which is different […]

2020-05-31 Thread GCS 
Control: tags -1 +pending

On Sun, May 31, 2020 at 9:45 PM Thorsten Glaser  wrote:
> On Sun, 31 May 2020, Thorsten Glaser wrote:
> > These files indeed differ:
> >
> > - a. Extending FTS5 → requires sqlite3_bind_pointer() to find the
> > + a. Extending FTS5 -> requires sqlite3_bind_pointer() to find the
 Ouch. Didn't expect character set conversion. First, locale setting
should be the same on all buildds and lynx should only dump the text.

> Fix looks trivial: adding…
>
> export LC_ALL:=C.UTF-8
>
> … after the first two lines of debian/rules ought to do the trick.
 I did local builds for i386 and amd64 to test if the generated
changelog - those were same. But it seems some buildds may use
somewhat different locale setting. Strange.

Thanks for the help,
Laszlo/GCS

Bug#959814: marked as done (oggvideotools: Test dependency on pysycache-i18n that will likely be removed)

2020-05-31 Thread Debian Bug Tracking System 
Your message dated Mon, 01 Jun 2020 04:34:35 +
with message-id 
and subject line Bug#959814: fixed in oggvideotools 0.9.1-5.1
has caused the Debian Bug report #959814,
regarding oggvideotools: Test dependency on pysycache-i18n that will likely be 
removed
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
959814: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959814
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: oggvideotools
Version: 0.9.1-5
Severity: serious
Tags: ftbfs bullseye sid
Control: block 912504 by -1
Control: block 937553 by -1

pysycache-i18n will likely be removed due to #912504 and #937553.

Options are to change yet again to another ogg for this test,
or to remove this specific test.
--- End Message ---
--- Begin Message ---
Source: oggvideotools
Source-Version: 0.9.1-5.1
Done: Adrian Bunk 

We believe that the bug you reported is fixed in the latest version of
oggvideotools, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 959...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adrian Bunk  (supplier of updated oggvideotools package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 22 May 2020 21:49:26 +0300
Source: oggvideotools
Architecture: source
Version: 0.9.1-5.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers 
Changed-By: Adrian Bunk 
Closes: 959814
Changes:
 oggvideotools (0.9.1-5.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Don't run test-oggjoin that depends on pysycache-i18n
 that will likely be removed. (Closes: #959814)
Checksums-Sha1:
 5147d616cea63dea37ef17d91fa3fc101c2d3959 2324 oggvideotools_0.9.1-5.1.dsc
 235c6a8c6aaa4a574a43f8f348a6630d98d5a075 8524 
oggvideotools_0.9.1-5.1.debian.tar.xz
Checksums-Sha256:
 11cd83c932cac3209b8e09d21688531eb49fe96f80e9dca4ca0aace760e24f10 2324 
oggvideotools_0.9.1-5.1.dsc
 6f8e937a74e654183464ac2c6c080c1d1bf15b03adcb59774e9b3b34f0f62897 8524 
oggvideotools_0.9.1-5.1.debian.tar.xz
Files:
 e2e3d8e735057c17348ede2583aec61d 2324 video optional 
oggvideotools_0.9.1-5.1.dsc
 272db5cba9823009768afa4f289c8b84 8524 video optional 
oggvideotools_0.9.1-5.1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl7III0ACgkQiNJCh6LY
mLFcdxAAt9B/2GGQVnc0ceBg/hy7Qvi6z3XCMk2HpaBsge0BRmm8JpzlxPAxUtOO
Yb40QNDXEp9xeuoLe+byYd+6O1npFLGHbTC/tQ89thpKqguPWDyPpgqd6gkmAHkF
O5CqXfWKcXU516QtiA4Xe3qe+D0g0VfjTFXzNh/yBiAtFOMiWyurLzwRTPJOHuFm
yV/Y6SzZ3Knlpob2epcnS+Q4AAGG1pIIdNQXBxTPpqAX9wjkqsl/CDjDsDze80v0
Ohj8gPEKQ/sSKGl+8DhralfjFd5VV+MNtFzpgnUY+fEpWudeli9aUfOKxyiB9WKv
VudSnYO70kVlAuY1qxbBItisi2L+NNfYtrnYBTtbxcflIYTzQNi5jEjOA2ieLG3v
c9BDV0iQvP49YjPmYUHSrY+IH6W7nCWKwv9pcG1SiV+bEheTgrXF18q3gO734VYn
hUqQkFydyRmJbMdDoq0zkeYgRrz2weKWlw8j+871MISTBelOTh4uk0wcbes/+Rik
Yl8FAfIHhKbuJoGtRdQqwbBiqXyRmd/PNXA4/SttTD5D2L5siQ0EZv6qDi+hPEpf
Rz71BiQL5DFb1ihPB6+FtfYb/qQqtE1iFtycjD/2UEECtC08IpYc0mpfTOWhSz1K
UJztr1a/mrA7ZQWq2cFS43miBWhqNBkMYzaLpJ2jpTlHhwb8sIM=
=0wXE
-END PGP SIGNATURE End Message ---

Bug#961851: Processed: make-dfsg breaks cross-toolchain-base autopkgtest: debian/kernelarch.make:5: *** empty variable name

2020-05-31 Thread Ben Hutchings 
On Sun, 2020-05-31 at 18:06 -0700, Manoj Srivastava wrote:
>   Error verifying signature: security library: improperly formatted 
> DER-encoded message. (-8183) - Decoder failed
> notfound 961851 make-dfsg/4.3-1
> thanks
> 
> Hi,
> 
> The file NEWS.Debian for make-dfsg states:
> ,
> >   * WARNING: Backward-incompatibility!
> > Previously appending using '+=' to an empty variable would result in a 
> > value
> > starting with a space.  Now the initial space is only added if the 
> > variable
> > already contains some value.  Similarly, appending an empty string does 
> > not
> > add a trailing space.
> `

It's pretty sad that make upstream keeps making incompatible changes
without a compelling reason for them.

> The bug lies here:
> ,[ debian/kernelarch.make ]
> > # Black-belt magic
> > , := ,
> > space :=
> > space +=
> > $(space) := 
> > $(space) +=
> `

Anyway, this is what Kbuild does; hopefully this hasn't broken too:

empty   :=
space   := $(empty) $(empty)

Ben.

-- 
Ben Hutchings
Absolutum obsoletum. (If it works, it's out of date.) - Stafford Beer




signature.asc
Description: This is a digitally signed message part

Bug#961851: Processed: make-dfsg breaks cross-toolchain-base autopkgtest: debian/kernelarch.make:5: *** empty variable name

2020-05-31 Thread Manoj Srivastava 
notfound 961851 make-dfsg/4.3-1
thanks

Hi,

The file NEWS.Debian for make-dfsg states:
,
|   * WARNING: Backward-incompatibility!
| Previously appending using '+=' to an empty variable would result in a 
value
| starting with a space.  Now the initial space is only added if the 
variable
| already contains some value.  Similarly, appending an empty string does 
not
| add a trailing space.
`
The bug lies here:
,[ debian/kernelarch.make ]
| # Black-belt magic
| , := ,
| space :=
| space +=
| $(space) := 
| $(space) +=
`

Manoj

--
flannister, n.: The plastic yoke that holds a six-pack of beer together.
-- "Sniglets", Rich Hall & Friends
Manoj Srivastava    
4096R/C5779A1C E37E 5EC5 2A01 DA25 AD20  05B6 CF48 9438 C577 9A1C


smime.p7s
Description: S/MIME cryptographic signature

Processed: Re: Processed: make-dfsg breaks cross-toolchain-base autopkgtest: debian/kernelarch.make:5: *** empty variable name

2020-05-31 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> notfound 961851 make-dfsg/4.3-1
Bug #961851 [src:make-dfsg, src:cross-toolchain-base] make-dfsg breaks 
cross-toolchain-base autopkgtest: debian/kernelarch.make:5: *** empty variable 
name
No longer marked as found in versions make-dfsg/4.3-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
961851: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961851
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#961839: closure-compiler: FTBFS: is not abstract and does not override abstract method test(Object) in Predicate

2020-05-31 Thread Sandro Tosi 
> If that helps, building closure-compiler with source/target=8 should fix
> this issue. I did that for Gradle this week to fix the same issue.

if you guys fix this bug, can you also take care of #942965 at the
same time? it should be just a matter of
s/python-docutils/python3-docutils/

thanks!

-- 
Sandro "morph" Tosi
My website: http://sandrotosi.me/
Me at Debian: http://wiki.debian.org/SandroTosi
Twitter: https://twitter.com/sandrotosi

-- 
Sandro "morph" Tosi
My website: http://sandrotosi.me/
Me at Debian: http://wiki.debian.org/SandroTosi
Twitter: https://twitter.com/sandrotosi

Bug#961850: in package dpkg marked as pending

2020-05-31 Thread Guillem Jover 
Control: tag 961850 pending

Hi!

Bug #961850 in package dpkg reported by you has been fixed in
the dpkg/dpkg.git Git repository. You can see the changelog below, and
you can check the diff of the fix at:

https://git.dpkg.org/cgit/dpkg/dpkg.git/diff/?id=7b6c09424

---
commit 7b6c094240a722889693ea39e62ae7c380cf9484
Author: Guillem Jover 
Date:   Sun Aug 14 00:36:20 2016 +0200

build: Do not use make prerequisites on suffix rule definitions

This do not have the intended effect of declaring a dependency, and
might be considered instead as normal files with funky names with
newer make versions.

Warned-by: make
Closes: #961850

diff --git a/debian/changelog b/debian/changelog
index 58169b065..30df7a1ba 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -74,6 +74,8 @@ dpkg (1.20.1) UNRELEASED; urgency=medium
   repeating it for each man page.
 - Use po4a conditional addendum support, and remove empty addenda.
 - Use po4a mode=eof support in addenda.
+- Do not use make prerequisites on suffix rule definitions.
+  Closes: #961850
   * Packaging:
 - Switch to debhelper compatibility level 13.
 - Remove debian/tmp prefix from manpages debhelper fragment files.

Processed: Bug#961850 in package dpkg marked as pending

2020-05-31 Thread Debian Bug Tracking System 
Processing control commands:

> tag 961850 pending
Bug #961850 [src:dpkg] dpkg: autopkgtest needs update for new version of 
make-dfsg: fails on warning
Added tag(s) pending.

-- 
961850: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961850
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#961938: Debootstrap log

2020-05-31 Thread Michel Le Bihan 
You can find my debootstrap log here: 
https://lebihan.pl/files/debootstrap.log

Bug#961907: ca-certificates: Remove expired mozilla/AddTrust_External_Root.crt

2020-05-31 Thread Axel Beckert 
Hi,

Axel Beckert wrote:
> Certificate chain
>  0 s:OU = Domain Control Validated, OU = Globe Standard SSL, CN = 
> mirror.sinavps.ch
> i:C = US, ST = DE, L = Wilmington, O = "Globe Hosting, Inc.", CN = 
> GlobeSSL DV Certification Authority 2
>  1 s:C = US, ST = DE, L = Wilmington, O = "Globe Hosting, Inc.", CN = 
> GlobeSSL DV Certification Authority 2
>i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN 
> = USERTrust RSA Certification Authority
>  2 s:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN 
> = USERTrust RSA Certification Authority
>i:C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = 
> AddTrust External CA Root
> ---

https://archive.raspberrypi.org/ also seems to have been affected
(four hours ago, about 20:30 UTC) but is no more as of writing this
mail. Common demoniater with the affected https://mirror.sinavps.ch/
is the above mentioned "USERTrust RSA Certification Authority"
certificate.

> The longer I think about the more I think it is a bug in both OpenSSL
> and GnuTLS, because the certificate above is totally valid because the
> second last CA is actually no more an Intermediate CA but in
> ca-certificates, too.
> 
> But for some reason, even though the third certificate in the chain is
> trusted, both, OpenSSL and GnuTLS seem to see the fourth certificate
> and only seem to check if that one is trusted and not any inbetween.

This might be related to the used Intermediate CA certificate used on
the server side.

Because if https://archive.raspberrypi.org/ could be fixed on the
server side, this smells a lot like the Intermediate CA certificate.

So if that Intermediate CA certificate on the server includes the
"USERTrust RSA Certification Authority" certification, the client
doesn't seem to trust it even if a certificate with the same serial is
in it's own list of trusted certificates, and it tries to verify the
included signature, which is from the expired AddTrust.

So the amount of "bug" which could be argued is in OpenSSL and GnuTLS
is probably rather small. It's more a kind of missing feature to check
every Intermediate CA certificate if it is also by chance in the local
list of trusted CAs.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Bug#958491: marked as done (acpica-unix: FTBFS on s390x)

2020-05-31 Thread Debian Bug Tracking System 
Your message dated Mon, 01 Jun 2020 00:03:36 +
with message-id 
and subject line Bug#958491: fixed in acpica-unix 20200430-1
has caused the Debian Bug report #958491,
regarding acpica-unix: FTBFS on s390x
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
958491: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958491
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: acpica-unix
Version: 20200326-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)

acpica-unix failed to build on s390x:
https://buildd.debian.org/status/fetch.php?pkg=acpica-unix&arch=s390x&ver=20200326-1&stamp=1585774833&raw=0

Cheers
-- 
Sebastian Ramacher


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: acpica-unix
Source-Version: 20200430-1
Done: Al Stone 

We believe that the bug you reported is fixed in the latest version of
acpica-unix, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 958...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Al Stone  (supplier of updated acpica-unix package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 31 May 2020 17:16:52 -0600
Source: acpica-unix
Binary: acpica-tools acpica-tools-dbgsym
Architecture: source amd64
Version: 20200430-1
Distribution: unstable
Urgency: medium
Maintainer: Al Stone 
Changed-By: Al Stone 
Description:
 acpica-tools - ACPICA tools for the development and debug of ACPI tables
Closes: 956980 958491
Changes:
 acpica-unix (20200430-1) unstable; urgency=medium
 .
   * Upgrade to 20200430 upstream
   * Refresh patches as needed
   * Add in dbtest.patch that fixes s390 build.  Closes: #958491
   * Tested and verified builds work properly with GCC 10.  Closes: #956980
Checksums-Sha1:
 8c8123d1806cb19a6471eac198a885b5ce4d98c3 1858 acpica-unix_20200430-1.dsc
 a3e1be83278ca716ecc258875935f006e4685a66 3797408 
acpica-unix_20200430.orig.tar.gz
 8eefde0d292d1efb80d06ac29d18c07f663a9155 61436 
acpica-unix_20200430-1.debian.tar.xz
 6b82b362596fb023114f070a30f2fa85f60bd527 6370260 
acpica-tools-dbgsym_20200430-1_amd64.deb
 a05e4c0958d86c4f995ee784dc68756b6bbbc6ab 879712 
acpica-tools_20200430-1_amd64.deb
 829200a88788b679783105f76dccd5ff1736a54e 6006 
acpica-unix_20200430-1_amd64.buildinfo
Checksums-Sha256:
 a1c9e16ef10ae5492671d0f593277c87003f906682a4bd6bc674108a79e33dbe 1858 
acpica-unix_20200430-1.dsc
 74e963fde236671d572a18c4df00920fafb89bbb5a2a4270cec532234a81b789 3797408 
acpica-unix_20200430.orig.tar.gz
 436d70137f8d7b123fd463f8b7bbfa72bf80442f819b21738138cf334a9ef1bb 61436 
acpica-unix_20200430-1.debian.tar.xz
 770958b4ab3f94a396fff642bfe7425c9ea23ac0cb73e772ebede33a8042887d 6370260 
acpica-tools-dbgsym_20200430-1_amd64.deb
 6dccbf644f2ef8920185c6622db417f8c1388ba207214f79d014b60a47dce6cc 879712 
acpica-tools_20200430-1_amd64.deb
 35f3ffbb28dfa370431af64583676c2c2ad41d25f7ff482f020776dc48c9bc57 6006 
acpica-unix_20200430-1_amd64.buildinfo
Files:
 fa2bddd35fcd0e6e01be06c1f9f9ea7a 1858 devel optional acpica-unix_20200430-1.dsc
 590b013170aa4d927478c21414129a5c 3797408 devel optional 
acpica-unix_20200430.orig.tar.gz
 f3241beb1c98c8be0c50fe2520e74308 61436 devel optional 
acpica-unix_20200430-1.debian.tar.xz
 7699c7c5ceb0f5b63eadca6d1eb231ff 6370260 debug optional 
acpica-tools-dbgsym_20200430-1_amd64.deb
 524222c8c458c9dbb492959e109786ac 879712 devel optional 
acpica-tools_20200430-1_amd64.deb
 4b524e3972448d3781fa4afcee0c1250 6006 devel optional 
acpica-unix_20200430-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEiclaKI7ZGQ+4GJLWUwywAtdhsWwFAl7UQuIACgkQUwywAtdh
sWzl3hAAuQJK2uxcRJQtI7HeLyf429s/mpShhPPgLWfO+kXD/JttQ7zYfLuBhFJC
pnGPtYhgyKVBWypWz2Nu86Z85cx82bhZaPMs0NkRIzU7YvY2ex0jE9KYt5Tr9xpP
Om+HBzDmUq99j8+9wn4cJK8OE+K7aW38+s/+wHUrLAsoDsCon+gzOCvhtY9Y/Qxg
kkVKsWbZeiuXeVixFMD1rMpMNRxb9YcWVxCefKDIoqT6ZqV4B+OWqZHOjd1Plt0Q
foVtFjBpZ+WXccl9FYI6wPlvhzuYDXmHPsMRP002VrEztI/LqPpIByLqCPCX5mDn
6jbCojC07wP338Dxn6inuX4t4kvLfbuVz/NDuCP+cjTTOMe7yJghNROWg3j96pgL
Vq8kFZWPgDct9hkn6ohG/Wk+KIPYddqP2JXevC2GIoagGtm4cfzCJtD7fMBAo5nk
RPYeSqE9R+6UOigad6aNHuNzTUqNlWezcdq0zImAr

Processed: Re: Bug#961907: ca-certificates: Remove expired mozilla/AddTrust_External_Root.crt

2020-05-31 Thread Debian Bug Tracking System 
Processing control commands:

> affects -1 + lynx libwww-perl wget links links2 apt aptitude w3m curl openssl 
> dillo mpv epiphany vlc luakit surf aptitude-robot
Bug #961907 [ca-certificates] ca-certificates: Remove expired 
mozilla/AddTrust_External_Root.crt
Added indication that 961907 affects lynx, libwww-perl, wget, links, links2, 
apt, aptitude, w3m, curl, openssl, dillo, mpv, epiphany, vlc, luakit, surf, and 
aptitude-robot

-- 
961907: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961907
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#961907: ca-certificates: Remove expired mozilla/AddTrust_External_Root.crt

2020-05-31 Thread Axel Beckert 
Control: affects -1 + lynx libwww-perl wget links links2 apt aptitude w3m curl 
openssl dillo mpv epiphany vlc luakit surf aptitude-robot

Hi,

Rémi Denis-Courmont wrote:
> The AddTrust_External_Root.crt certificate has expired, and its
> continued inclusion in the ca-certificates set is causing GnuTLS-based
> client applications (and OpenSSL 1.0.x) to barf on a lot of sites.

Not only OpenSSL 1.0.x, also OpenSSL in unstable is affected:


→ openssl version
OpenSSL 1.1.1g  21 Apr 2020
→ openssl s_client -connect mirror.sinavps.ch:443
CONNECTED(0003)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = 
AddTrust External CA Root
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
verify return:1
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = 
AddTrust External CA Root
notAfter=May 30 10:48:38 2020 GMT
verify return:1
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN 
= USERTrust RSA Certification Authority
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
verify return:1
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN 
= USERTrust RSA Certification Authority
notAfter=May 30 10:48:38 2020 GMT
verify return:1
depth=1 C = US, ST = DE, L = Wilmington, O = "Globe Hosting, Inc.", CN = 
GlobeSSL DV Certification Authority 2
notAfter=Sep  9 23:59:59 2024 GMT
verify return:1
depth=0 OU = Domain Control Validated, OU = Globe Standard SSL, CN = 
mirror.sinavps.ch
notAfter=Jul 16 23:59:59 2021 GMT
verify return:1
---
Certificate chain
 0 s:OU = Domain Control Validated, OU = Globe Standard SSL, CN = 
mirror.sinavps.ch
i:C = US, ST = DE, L = Wilmington, O = "Globe Hosting, Inc.", CN = GlobeSSL 
DV Certification Authority 2
 1 s:C = US, ST = DE, L = Wilmington, O = "Globe Hosting, Inc.", CN = GlobeSSL 
DV Certification Authority 2
   i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = 
USERTrust RSA Certification Authority
 2 s:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = 
USERTrust RSA Certification Authority
   i:C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust 
External CA Root
---
[...]


> It could probably be argued that this is a bug in GnuTLS rather than
> ca-certificates,

The longer I think about the more I think it is a bug in both OpenSSL
and GnuTLS, because the certificate above is totally valid because the
second last CA is actually no more an Intermediate CA but in
ca-certificates, too.

But for some reason, even though the third certificate in the chain is
trusted, both, OpenSSL and GnuTLS seem to see the fourth certificate
and only seem to check if that one is trusted and not any inbetween.

Because "USERTrust RSA Certification Authority" is actually not
expired, just a certificate, which signed it (obviously as shown
above):

(on a buster system)

$ openssl x509 -in /etc/ssl/certs/USERTrust_RSA_Certification_Authority.pem 
-noout -text | egrep 'Not After|Subject:'
Not After : Jan 18 23:59:59 2038 GMT
Subject: C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST 
Network, CN = USERTrust RSA Certification Authority
$ openssl x509 -in /etc/ssl/certs/AddTrust_External_Root.pem -noout -text | 
egrep 'Not After|Subject:'
Not After : May 30 10:48:38 2020 GMT
Subject: C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, 
CN = AddTrust External CA Root


> but I don't see the point in keeping an expired certificate here.

Ack.

> The problem is confirmed to affect Epiphany and VLC.

Tons more: I ran into it with aptitude-robot (via aptitude and apt)
first and was able to confirm it in nearly all browsers and streaming
videoplayer I could think of. The only exceptions were firefox-esr,
chromium, and — to my surprise — qutebrowser.

Martin Bagge / brother wrote:
> severity: critical
> Thanks
> 
> You will need to workaround this. As such this motivates critical me think.

I think "grave" is severe enough, as it "only" breaks HTTPS including
apt with HTTPS-based mirrors (as the one mentioned above) and hence
only "unrelated software/packages", not the whole system (like the
kernel or the bootloader would do if the system won't boot anymore
after an upgrade).

> just doing a straight up curl will hang until timeout. With the expired
> cert disabled this is bypassaed (without curl -k).

Nope. curl exits immediately for me, at least in unstable (7.68.0-1):


→ time curl https://mirror.sinavps.ch
curl: (60) SSL certificate problem: certificate has expired
More detai

Bug#923438: NMU to fix SSL issue in tinc experimental

2020-05-31 Thread Don Armstrong 
I've just made an upload to delay-3 to address the SSL issue. Debdiff
attached. Let me know if I should delete the upload.

-- 
Don Armstrong  https://www.donarmstrong.com

"You know," said Arthur, "it's at times like this, when I'm trapped in
a Vogon airlock with a man from Betelgeuse, and about to die from
asphyxiation in deep space that I really wish I'd listened to what my
mother told me when I was young."
"Why, what did she tell you?"
"I don't know, I didn't listen."
 –- Douglas Adams _The Hitchhikers Guide To The Galaxy_
diff -Nru tinc-1.1~pre17/debian/changelog tinc-1.1~pre17/debian/changelog
--- tinc-1.1~pre17/debian/changelog	2018-10-09 19:58:42.0 -0700
+++ tinc-1.1~pre17/debian/changelog	2020-05-31 15:11:34.0 -0700
@@ -1,3 +1,10 @@
+tinc (1.1~pre17-1.2) experimental; urgency=medium
+
+  * Non-maintainer upload.
+  * Add patch to fix EVP_DecryptUpdate issue. Closes: #923438
+  
+ -- Don Armstrong   Sun, 31 May 2020 15:11:34 -0700
+
 tinc (1.1~pre17-1.1) experimental; urgency=medium
 
   * Non-maintainer upload.
diff -Nru tinc-1.1~pre17/debian/patches/fix_use_of_decrypt tinc-1.1~pre17/debian/patches/fix_use_of_decrypt
--- tinc-1.1~pre17/debian/patches/fix_use_of_decrypt	1969-12-31 16:00:00.0 -0800
+++ tinc-1.1~pre17/debian/patches/fix_use_of_decrypt	2020-05-31 15:11:00.0 -0700
@@ -0,0 +1,16 @@
+Description: Fix EVP_EncryptUpdate use (use EVP_DecryptUpdate)
+Author: Don Armstrong 
+Origin: https://www.tinc-vpn.org/pipermail/tinc-devel/2019-February/000941.html
+Last-Update: 2020-05-31
+
+--- tinc-1.1~pre17.orig/src/openssl/cipher.c
 tinc-1.1~pre17/src/openssl/cipher.c
+@@ -189,7 +189,7 @@ bool cipher_decrypt(cipher_t *cipher, co
+ 	} else {
+ 		int len;
+ 
+-		if(EVP_EncryptUpdate(cipher->ctx, outdata, &len, indata, inlen)) {
++		if(EVP_DecryptUpdate(cipher->ctx, outdata, &len, indata, inlen)) {
+ 			if(outlen) {
+ *outlen = len;
+ 			}
diff -Nru tinc-1.1~pre17/debian/patches/series tinc-1.1~pre17/debian/patches/series
--- tinc-1.1~pre17/debian/patches/series	2017-09-05 12:02:21.0 -0700
+++ tinc-1.1~pre17/debian/patches/series	2019-03-28 18:23:53.0 -0700
@@ -1 +1,2 @@
 fix-version-number
+fix_use_of_decrypt

Bug#961938: libreoffice: Installing Debian with Debootstrap and gnome included results in broken install

2020-05-31 Thread Michel Le Bihan 
Source: libreoffice
Version: 6.4.4-1
Severity: grave
Justification: renders package unusable

Installing Debian with:
debootstrap --include=linux-image-amd64,grub-pc,xserver-xorg-video-all,gnome
--arch amd64 bullseye /mnt/hd http://ftp.pl.debian.org/debian/

fails at

W: Failure while configuring base packages.  This will be re-attempted up to
five times.
W: See /mnt/hd/debootstrap/debootstrap.log for details (possibly the package
libreoffice-writer is at fault)
W: Failure while configuring base packages.  This will be re-attempted up to
five times.
W: See /mnt/hd/debootstrap/debootstrap.log for details (possibly the package
libreoffice-writer is at fault)
W: Failure while configuring base packages.  This will be re-attempted up to
five times.
W: See /mnt/hd/debootstrap/debootstrap.log for details (possibly the package
libreoffice-writer is at fault)
W: Failure while configuring base packages.  This will be re-attempted up to
five times.
W: See /mnt/hd/debootstrap/debootstrap.log for details (possibly the package
libreoffice-writer is at fault)
W: Failure while configuring base packages.  This will be re-attempted up to
five times.
W: See /mnt/hd/debootstrap/debootstrap.log for details (possibly the package
libreoffice-writer is at fault)

A quick inspection confirms that libreoffice package caused the issue:

chroot /mnt/hd apt --fix-broken install
Reading package lists... Done
Building dependency tree... Done
Correcting dependencies... Done
The following additional packages will be installed:
  libpaper-utils libreoffice-core
The following packages will be REMOVED:
  libreoffice-core-nogui
The following NEW packages will be installed:
  libpaper-utils libreoffice-core
0 upgraded, 2 newly installed, 1 to remove and 0 not upgraded.
6 not fully installed or removed.
Need to get 18.3 kB/30.8 MB of archives.
After this operation, 5728 kB of additional disk space will be used.
Do you want to continue? [Y/n]

I have no clue why `libreoffice-core-nogui` was pulled.



-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (700, 'testing'), (650, 'unstable'), (600, 'experimental'), (500, 
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.6.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), 
LANGUAGE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#942876: marked as done (openjdk-11-jre-dcevm: Doesn't start up anymore after updating openjdk-11-jre)

2020-05-31 Thread Debian Bug Tracking System 
Your message dated Sun, 31 May 2020 21:48:46 +
with message-id 
and subject line Bug#942876: fixed in openjdk-11-jre-dcevm 11.0.7+1-1
has caused the Debian Bug report #942876,
regarding openjdk-11-jre-dcevm: Doesn't start up anymore after updating 
openjdk-11-jre
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
942876: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942876
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: openjdk-11-jre-dcevm
Version: 11.0.3+1-1
Severity: grave
Justification: renders package unusable

java -dvecm can't be executed anymore:

java -dcevm
java: relocation error: /usr/lib/jvm/java-11-openjdk-amd64/lib/libjava.so:
symbol JVM_InitializeFromArchive version SUNWprivate_1.1 not defined in file
libjvm.so with link time reference

This seems to be the case since yesterday my system updated openjdk-11-jre to
version 11.0.5 from the security repository



-- System Information:
Debian Release: 10.1
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-updates'), (400, 'testing'), (300, 
'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.2.0-2-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_USER, TAINT_WARN, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages openjdk-11-jre-dcevm depends on:
ii  libc62.29-2
ii  openjdk-11-jre-headless  11.0.5+10-1~deb10u1

openjdk-11-jre-dcevm recommends no packages.

openjdk-11-jre-dcevm suggests no packages.

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: openjdk-11-jre-dcevm
Source-Version: 11.0.7+1-1
Done: Emmanuel Bourg 

We believe that the bug you reported is fixed in the latest version of
openjdk-11-jre-dcevm, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 942...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Emmanuel Bourg  (supplier of updated openjdk-11-jre-dcevm 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 31 May 2020 23:36:58 +0200
Source: openjdk-11-jre-dcevm
Architecture: source
Version: 11.0.7+1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers 

Changed-By: Emmanuel Bourg 
Closes: 942876
Changes:
 openjdk-11-jre-dcevm (11.0.7+1-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream release (Closes: #942876)
 - Refreshed the patch
   * Switch to debhelper level 12
Checksums-Sha1:
 33670dc0d0734d7a6707497c8b7e4a3ffb23c88e 2294 
openjdk-11-jre-dcevm_11.0.7+1-1.dsc
 044b0431af5b6b5f7249929e719288a9a9582b2a 17034980 
openjdk-11-jre-dcevm_11.0.7+1.orig.tar.xz
 d1eb191679c6b29a8dd3688f1edc548f321d1fff 5668 
openjdk-11-jre-dcevm_11.0.7+1-1.debian.tar.xz
 29b3610ad01a08f72e8bbff32fb43ba8ce734e5d 10069 
openjdk-11-jre-dcevm_11.0.7+1-1_source.buildinfo
Checksums-Sha256:
 f6cf3d333fb0cb365f0d8bedc9045c2fd42ae63e56f4426c23ef9b7e642ca6f3 2294 
openjdk-11-jre-dcevm_11.0.7+1-1.dsc
 1b6a552836c534e49e7b3810e0fdaa1ee63ee4c7428e26f84c209ba0fcd01558 17034980 
openjdk-11-jre-dcevm_11.0.7+1.orig.tar.xz
 d5aa9e9208419d2b4264733bf553248926f7cd0f03008681e31a54d8d1234067 5668 
openjdk-11-jre-dcevm_11.0.7+1-1.debian.tar.xz
 eda87881d31fb66d61b6a4e85ae3037aedbcaf72e0fd5ed455a8104099ac4d6e 10069 
openjdk-11-jre-dcevm_11.0.7+1-1_source.buildinfo
Files:
 c8182507a7ffbb4a1d4c2f0c31f31bf1 2294 java optional 
openjdk-11-jre-dcevm_11.0.7+1-1.dsc
 490d8c6dc29aab7a0832a2bad3105697 17034980 java optional 
openjdk-11-jre-dcevm_11.0.7+1.orig.tar.xz
 170258c257c2bf731e30879c47444511 5668 java optional 
openjdk-11-jre-dcevm_11.0.7+1-1.debian.tar.xz
 43d5b4a529fd54735de9ad87cb5393cf 10069 java optional 
openjdk-11-jre-dcevm_11.0.7+1-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEuM5N4hCA3PkD4WxA9RPEGeS50KwFAl7UI7gSHGVib3VyZ0Bh
cGFjaGUub3JnAAoJEPUTxBnkudCs2k8P/jzIcipw7oFNLtuwokiNHz5yAmQc17dZ
NeNMm4pvgJfYhAOlxNukA6/GLMnYGSAKM9sDb2EEq6wKGrqUUYXIUK/h4DYOSN7I
SwY5YAzjNQuUg6kjbNDiUg8PidngN7+qzZLJ5wyOiNwhX+9VCUre

Bug#942876: openjdk-11-jre-dcevm: Doesn't start up anymore after updating openjdk-11-jre

2020-05-31 Thread Emmanuel Bourg 
Le 14/05/2020 à 17:10, Ruedi Steinmann a écrit :

> According to upstream the issue is fixed now.

Just tried the version 11.0.7+1 and it looks good now. Uploading soon.

Emmanuel Bourg

Bug#961926: rr: record fails on i386

2020-05-31 Thread Bernhard Übelacker 
Hello Stephen,

Am 31.05.20 um 22:52 schrieb Stephen Kitt:
> On Sun, 31 May 2020 18:03:01 +0200, Bernhard Übelacker
>  wrote:
>> Unfortunately I found recording not working in a small test [1].
>>
>> A git bisect led to a helper function introduced by upstream in [2].
>> This helper uses a function parameter of type off_t.
>> But the pwrite64 from glibc uses off64_t.
>> Therefore offset values with the highest bit set get incorrectly
>> converted to the 64 bit type, e.g.: 0xb622 -> 0xb622
>> Therefore the write fails and rr stops.
>>
>> Attached patch makes rr work on i386 and passing most tests
>> in my test VM, except [3]. Have not tested for side effects at amd64.
>>
>> I am going to try to forward this to upstream too,
>> will update this bug then.
> 
> Ah, I assumed it would work, and I didn’t even test, let alone run the test
> suite.
> 
> Thanks for the patch, I’ll see if the failing tests mean anything to me...
> 
> Regards,
> 
> Stephen


I reported to upstream this issue:
   https://github.com/mozilla/rr/issues/2597
Let's see what they think about it.

The failing tests might be related to me using a VM maybe ...
To do the make test I had to link rr_page_* and rr_exec_stub from
rr-5.3.0/debian/rr/usr/lib/rr/ to rr-5.3.0/build/bin/../lib/rr/.
Therefore I don't know if the failures might be a result of
just some more files missing not found ...

Kind regards,
Bernhard

Processed: close 961938

2020-05-31 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> close 961938
Bug #961938 [src:libreoffice] libreoffice: Installing Debian with Debootstrap 
and gnome included results in broken install
Marked Bug as done
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
961938: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961938
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#961926: rr: record fails on i386

2020-05-31 Thread Debian Bug Tracking System 
Processing control commands:

> severity -1 grave
Bug #961926 [rr] rr: record fails on i386
Severity set to 'grave' from 'normal'

-- 
961926: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Critical actually

2020-05-31 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> Severity 961907 critical
Bug #961907 [ca-certificates] ca-certificates: Remove expired 
mozilla/AddTrust_External_Root.crt
Severity set to 'critical' from 'important'
> Thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
961907: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961907
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#961940: libsqlite3-0:i386: trying to overwrite shared '/usr/share/doc/libsqlite3-0/changelog.gz', which is different […]

2020-05-31 Thread Thorsten Glaser 
On Sun, 31 May 2020, Thorsten Glaser wrote:

> These files indeed differ:
> 
> - a. Extending FTS5 → requires sqlite3_bind_pointer() to find the
> + a. Extending FTS5 -> requires sqlite3_bind_pointer() to find the

Fix looks trivial: adding…

export LC_ALL:=C.UTF-8

… after the first two lines of debian/rules ought to do the trick.

Reproducible Builds would also have caught that, but this was quicker.

bye,
//mirabilos
-- 
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-235
HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

Bug#961940: libsqlite3-0:i386: trying to overwrite shared '/usr/share/doc/libsqlite3-0/changelog.gz', which is different […]

2020-05-31 Thread Thorsten Glaser 
Package: libsqlite3-0
Version: 3.32.1-1
Severity: grave
Justification: renders package unusable

[…]
Preparing to unpack .../179-libsqlite3-0_3.32.1-1_x32.deb ...
De-configuring libsqlite3-0:i386 (3.31.1-5) ...
Unpacking libsqlite3-0:x32 (3.32.1-1) over (3.31.1-5) ...
Preparing to unpack .../180-libsqlite3-0_3.32.1-1_i386.deb ...
Unpacking libsqlite3-0:i386 (3.32.1-1) over (3.31.1-5) ...
dpkg: error processing archive 
/tmp/apt-dpkg-install-D2l5oU/180-libsqlite3-0_3.32.1-1_i386.deb (--unpack):
 trying to overwrite shared '/usr/share/doc/libsqlite3-0/changelog.gz', which 
is different from other instances of package libsqlite3-0:i386
[…]

These files indeed differ:

- a. Extending FTS5 → requires sqlite3_bind_pointer() to find the
+ a. Extending FTS5 -> requires sqlite3_bind_pointer() to find the


-- System Information:
Debian Release: bullseye/sid
  APT prefers unreleased
  APT policy: (500, 'unreleased'), (500, 'buildd-unstable'), (500, 'unstable'), 
(100, 'experimental')
Architecture: x32 (x86_64)
Foreign Architectures: i386, amd64

Kernel: Linux 5.5.0-2-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)

Versions of packages libsqlite3-0:i386 depends on:
ii  libc6  2.30-8

libsqlite3-0:i386 recommends no packages.

libsqlite3-0:i386 suggests no packages.

-- no debconf information

Bug#961939: bind9: CVE-2020-8616 CVE-2020-8617

2020-05-31 Thread Salvatore Bonaccorso 
Source: bind9
Version: 1:9.16.2-3
Severity: grave
Tags: security upstream
Justification: user security hole
Control: fixed -1 1:9.11.5.P4+dfsg-5.1+deb10u1 
Control: fixed -1 1:9.10.3.dfsg.P4-12.3+deb9u6
Control: found -1 1:9.11.5.P4+dfsg-5.1
Control: found -1 1:9.10.3.dfsg.P4-12.3+deb9u5
Control: found -1 1:9.10.3.dfsg.P4-12.3

Hi,

The following vulnerabilities were published for bind9. Filling mainly
for tracking and making sure there is not stable -> unstable
regression.

CVE-2020-8616[0]:
| A malicious actor who intentionally exploits this lack of effective
| limitation on the number of fetches performed when processing
| referrals can, through the use of specially crafted referrals, cause a
| recursing server to issue a very large number of fetches in an attempt
| to process the referral. This has at least two potential effects: The
| performance of the recursing server can potentially be degraded by the
| additional work required to perform these fetches, and The attacker
| can exploit this behavior to use the recursing server as a reflector
| in a reflection attack with a high amplification factor.


CVE-2020-8617[1]:
| Using a specially-crafted message, an attacker may potentially cause a
| BIND server to reach an inconsistent state if the attacker knows (or
| successfully guesses) the name of a TSIG key used by the server. Since
| BIND, by default, configures a local session key even on servers whose
| configuration does not otherwise make use of it, almost all current
| BIND servers are vulnerable. In releases of BIND dating from March
| 2018 and after, an assertion check in tsig.c detects this inconsistent
| state and deliberately exits. Prior to the introduction of the check
| the server would continue operating in an inconsistent state, with
| potentially harmful results.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-8616
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616
[1] https://security-tracker.debian.org/tracker/CVE-2020-8617
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617

Regards,
Salvatore

Processed: bind9: CVE-2020-8616 CVE-2020-8617

2020-05-31 Thread Debian Bug Tracking System 
Processing control commands:

> fixed -1 1:9.11.5.P4+dfsg-5.1+deb10u1
Bug #961939 [src:bind9] bind9: CVE-2020-8616 CVE-2020-8617
Marked as fixed in versions bind9/1:9.11.5.P4+dfsg-5.1+deb10u1.
> fixed -1 1:9.10.3.dfsg.P4-12.3+deb9u6
Bug #961939 [src:bind9] bind9: CVE-2020-8616 CVE-2020-8617
Marked as fixed in versions bind9/1:9.10.3.dfsg.P4-12.3+deb9u6.
> found -1 1:9.11.5.P4+dfsg-5.1
Bug #961939 [src:bind9] bind9: CVE-2020-8616 CVE-2020-8617
Marked as found in versions bind9/1:9.11.5.P4+dfsg-5.1.
> found -1 1:9.10.3.dfsg.P4-12.3+deb9u5
Bug #961939 [src:bind9] bind9: CVE-2020-8616 CVE-2020-8617
Marked as found in versions bind9/1:9.10.3.dfsg.P4-12.3+deb9u5.
> found -1 1:9.10.3.dfsg.P4-12.3
Bug #961939 [src:bind9] bind9: CVE-2020-8616 CVE-2020-8617
Marked as found in versions bind9/1:9.10.3.dfsg.P4-12.3.

-- 
961939: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 961302 in 1.0.25-1

2020-05-31 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> found 961302 1.0.25-1
Bug #961302 {Done: =?utf-8?q?J=C3=B6rg_Frings-F=C3=BCrst?= } 
[src:sane-backends] sane-backends 1.0.30 released with security fixes
Marked as found in versions sane-backends/1.0.25-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
961302: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#947437: flang in bullseye - llvm 11 ?

2020-05-31 Thread Gianfranco Costamagna 
On Sat, 18 Apr 2020 17:09:35 +0200 Sylvestre Ledru  wrote:
> Le 18/04/2020 à 16:10, Alastair McKinstry a écrit :
> > Hi,
> > 
> > flang is now merged into LLVM base.
> > 
> > I can build flang/f18 from the LLVM main install, but this targets llvm-11.
> > 
> > Are we likely to have llvm-11 (not necessarily default) in Debian
> > Bullseye ? what approach should be taken ?
> Quite likely.
> I think llvm 11 will be released end of 2020 / early 2021
> and is already available in experimental.
> 
> Cheers,
> Sylvestre
> 
> 
> 

So, since flang is the last llvm-toolchain-7 reverse-dependency, what about 
removing it
for now or break it so we can drop llvm-7 while 11 becomes available in sid?

G.

Bug#947005: marked as done (nethack: CVE-2019-19905: buffer overflow when parsing config files)

2020-05-31 Thread Debian Bug Tracking System 
Your message dated Sun, 31 May 2020 17:49:17 +
with message-id 
and subject line Bug#947005: fixed in nethack 3.6.6-1
has caused the Debian Bug report #947005,
regarding nethack: CVE-2019-19905: buffer overflow when parsing config files
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
947005: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947005
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: nethack
Version: 3.6.0-1
Severity: grave
Tags: security
X-Debbugs-Cc: t...@security.debian.org

Hi,

a new version of NetHack has been released that fixes a privilege
escalation issue introduced in 3.6.0 [0] [1]:

> A buffer overflow issue exists when reading very long lines from a
> NetHack configuration file (usually named .nethackrc).
> 
> This vulnerability affects systems that have NetHack installed suid/sgid
> and shared systems that allow users to upload their own configuration
> files.
> 
> All users are urged to upgrade to NetHack 3.6.4 as soon as possible. 

As the Debian packages ship setgid binaries, I think they are affected by it.

At least these two commits look related:
 https://github.com/NetHack/NetHack/commit/f4a840a
 https://github.com/NetHack/NetHack/commit/f001de7

Regards,
  Reiner

[0] https://nethack.org/security/index.html
[1] https://nethack.org/v364/release.html


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: nethack
Source-Version: 3.6.6-1
Done: Markus Koschany 

We believe that the bug you reported is fixed in the latest version of
nethack, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 947...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Markus Koschany  (supplier of updated nethack package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 31 May 2020 18:57:45 +0200
Source: nethack
Architecture: source
Version: 3.6.6-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Games Team 
Changed-By: Markus Koschany 
Closes: 947005 953978 957598
Changes:
 nethack (3.6.6-1) unstable; urgency=medium
 .
   * Team upload.
 .
   [ Reiner Herrmann ]
   * Update watch file.
 The sourceforge page seem to be no longer kept up-to-date.
 Use the official site instead, but mangle the page a bit,
 to point to the correct tarball location.
 .
   [ Markus Koschany ]
   * New upstream version 3.6.6.
 - Fixes CVE-2020-5254, CVE-2020-5214, CVE-2020-5213, CVE-2020-5212,
   CVE-2020-5211, CVE-2020-5210, CVE-2020-5209 and CVE-2019-19905.
   (Closes: #947005, #953978)
   * Fixes FTBFS with GCC 10. (Closes: #957598)
   * Switch to debhelper-compat = 13
   * Declare compliance with Debian Policy 4.5.0.
   * Drop u1-fix-H7138-sys-unix-setup.sh-fails-with-no-arguments.patch.
 Fixed upstream.
   * Rebase all patches for new version 3.6.6.
   * Remove all lisp patches. Broken and unmaintained with 3.6.6.
 Maintainers are welcome. nethack-lisp can be salvaged by fixing the errors
 on the lisp branch in Git. If they are not fixed before the bullseye
 release nethack-lisp will be removed.
Checksums-Sha1:
 d5659ae7da59e1a9947f0b5fe0c4415f5a9deb6e 2433 nethack_3.6.6-1.dsc
 d425d447892157c2efa612e31d02a062e72040e2 5577633 nethack_3.6.6.orig.tar.gz
 9752bd9177e6cb0cc0c216ccebc4ae81ee97a767 49608 nethack_3.6.6-1.debian.tar.xz
 2d07c0841e16da9490db4a4e778fba460819f01d 8572 nethack_3.6.6-1_amd64.buildinfo
Checksums-Sha256:
 0fe55067dbd878615c1f4b04a3d1898a452fb306b205baac8e7d0f1c1bee0367 2433 
nethack_3.6.6-1.dsc
 cfde0c3ab6dd7c22ae82e1e5a59ab80152304eb23fb06e3129439271e5643ed2 5577633 
nethack_3.6.6.orig.tar.gz
 92404b459d929698ab36729d15473b2f46e26a93f91ca7496a5c8bef7a885168 49608 
nethack_3.6.6-1.debian.tar.xz
 897ff26e28299e9ea3ae183f45e32f32833dfc8ea8b8137cf09ba7881719654b 8572 
nethack_3.6.6-1_amd64.buildinfo
Files:
 841c989a12e22b427e480a0a2bea2d58 2433 games optional nethack_3.6.6-1.dsc
 6c9a75f556d24c66801d74d8727a602e 5577633 games optional 
nethack_3.6.6.orig.tar.gz
 9df770eba517625b38eac596bee1fcb5 49608 games optional 
nethack_3.6.6-1.debian.tar.xz
 606470a4fa6b304b8151655572dde74b 8572 games optional 
n

Bug#961933: odt2txt: autopkgtest failure: file: command not found

2020-05-31 Thread Paul Gevers 
Source: odt2txt
Version: 0.5-3
X-Debbugs-CC: debian...@lists.debian.org
Severity: serious
User: debian...@lists.debian.org
Usertags: fails-always

Dear maintainer(s),

You recently added an autopkgtest to your package odt2txt, great.
However, it fails. Currently this failure is blocking the migration to
testing [1]. Can you please investigate the situation and fix it?

I copied some of the output at the bottom of this report. Seems like
you're missing a test dependency.

More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[1] https://qa.debian.org/excuses.php?package=odt2txt

https://ci.debian.net/data/autopkgtest/testing/amd64/o/odt2txt/5614340/log.gz

autopkgtest [09:10:31]: test command2: cp debian/tests/file.odt
$AUTOPKGTEST_TMP;   odt2txt --raw --output=$AUTOPKGTEST_TMP/file.xml
$AUTOPKGTEST_TMP/file.odt;   file $AUTOPKGTEST_TMP/file.xml
autopkgtest [09:10:31]: test command2: [---
bash: file: command not found
autopkgtest [09:10:31]: test command2: ---]



signature.asc
Description: OpenPGP digital signature

Bug#961839: closure-compiler: FTBFS: is not abstract and does not override abstract method test(Object) in Predicate

2020-05-31 Thread Emmanuel Bourg 
Le 31/05/2020 à 19:36, tony mancill a écrit :

> Thank you for the bug report.  This is due to the recent Guava update
> from 19.0 -> 29.0.  test() was introduced in version 21.  Somewhat
> ironically, test() appears to lack any Javadoc [1] because it was added
> to more closely emulate java.util.function.Predicate [2] and use of the
> Guava Predicate is discouraged by its authors anyway [3].


If that helps, building closure-compiler with source/target=8 should fix
this issue. I did that for Gradle this week to fix the same issue.

Emmanuel Bourg

Bug#961932: nethack-lisp: broken and unmaintained

2020-05-31 Thread Markus Koschany 
Package: nethack-lisp
Version: 3.6.6-1
Severity: serious

I have just updated nethack to the latest upstream version to fix
several security vulnerabilities and a compilation error with GCC 10.
Unfortunately the Debian specific lisp patches don't work anymore with
the current release. I could fix a few minor errors but there are more
issues and I'm not really interested in maintaining a fork of nethack.
Though I guess someone else can fix it. I have pushed all lisp related
patches to a new lisp branch in Git.

I wonder if we should drop nethack-lisp completely or try to upstream
the code. It is quite obvious that the additional work to make the
lisp port work prevents more regular updates.

Bug#961839: closure-compiler: FTBFS: is not abstract and does not override abstract method test(Object) in Predicate

2020-05-31 Thread tony mancill 
On Sat, May 30, 2020 at 02:13:25AM -0400, Sandro Tosi wrote:
> Source: closure-compiler
> Version: 20130227+dfsg1-10
> Severity: serious
> 
> 
>
> [javac] 
> /build/closure-compiler-20130227+dfsg1/src/com/google/javascript/jscomp/Scope.java:67:
>  error:  is not abstract and 
> does not override abstract method test(Var) in Predicate
> [javac]   new Predicate() {
> [javac]^

Hi Sandro,

Thank you for the bug report.  This is due to the recent Guava update
from 19.0 -> 29.0.  test() was introduced in version 21.  Somewhat
ironically, test() appears to lack any Javadoc [1] because it was added
to more closely emulate java.util.function.Predicate [2] and use of the
Guava Predicate is discouraged by its authors anyway [3].

Since closure-compiler is hopelessly old, I think we should reevaluate
where we are with respect to the necessary build-dependencies to update
to a modern version of closure-compiler.

Cheers,
tony

[1] 
https://www.javadoc.io/doc/com.google.guava/guava/29.0-jre/src-html/com/google/common/base/Predicate.html#line.77
[2] 
https://cr.openjdk.java.net/~iris/se/11/latestSpec/api/java.base/java/util/function/Predicate.html#test(T)
[3] https://github.com/google/guava/wiki/FunctionalExplained#caveats


signature.asc
Description: PGP signature

Bug#961649: marked as done (php-horde-gollem: CVE-2020-8034)

2020-05-31 Thread Debian Bug Tracking System 
Your message dated Sun, 31 May 2020 14:43:26 +
with message-id 
and subject line Bug#961649: fixed in php-horde-gollem 3.0.12-6
has caused the Debian Bug report #961649,
regarding php-horde-gollem: CVE-2020-8034
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
961649: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961649
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: php-horde-gollem
Version: 3.0.12-5
Severity: grave
Tags: security upstream
Control: found -1 3.0.12-3

Hi,

The following vulnerability was published for php-horde-gollem.

CVE-2020-8034[0]:
| Gollem before 3.0.13, as used in Horde Groupware Webmail Edition
| 5.2.22 and other products, is affected by a reflected Cross-Site
| Scripting (XSS) vulnerability via the HTTP GET dir parameter in the
| browser functionality, affecting breadcrumb output. An attacker can
| obtain access to a victim's webmail account by making them visit a
| malicious URL.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-8034
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8034
[1] https://lists.horde.org/archives/announce/2020/001289.html

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: php-horde-gollem
Source-Version: 3.0.12-6
Done: Mike Gabriel 

We believe that the bug you reported is fixed in the latest version of
php-horde-gollem, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 961...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mike Gabriel  (supplier of updated php-horde-gollem 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 31 May 2020 16:13:54 +0200
Source: php-horde-gollem
Architecture: source
Version: 3.0.12-6
Distribution: unstable
Urgency: medium
Maintainer: Horde Maintainers 
Changed-By: Mike Gabriel 
Closes: 961649
Changes:
 php-horde-gollem (3.0.12-6) unstable; urgency=medium
 .
   * debian/patches:
 + Add CVE-2020-8034.patch. Fix XSS vulnerability in breadcrumb output
   (Reported by: polict of Shielder). (Closes: #961649).
Checksums-Sha1:
 4e85b6170d98ed48a28a69c38ed6233e27877e54 2067 php-horde-gollem_3.0.12-6.dsc
 52bf13ef1fc004df726e98a838a26ba2e85ea39b 4328 
php-horde-gollem_3.0.12-6.debian.tar.xz
 8721330439f7ac1c403a6a555476762a24619bd4 7017 
php-horde-gollem_3.0.12-6_source.buildinfo
Checksums-Sha256:
 98297a267ce877ef0207332ddc3faa6c2e8f780462aa20aac5c857b44b3e692d 2067 
php-horde-gollem_3.0.12-6.dsc
 aadd3444a862d15dfedb9ad21f96c921f084ea1d11fe8a1d5dbe088f73f58faa 4328 
php-horde-gollem_3.0.12-6.debian.tar.xz
 35f70e7abdfa3d7963861be84a6eb6ae6dfbba0fda743779a12ad50728c6127a 7017 
php-horde-gollem_3.0.12-6_source.buildinfo
Files:
 c4cc390484b310e94c9b0557cac2a1d5 2067 php optional 
php-horde-gollem_3.0.12-6.dsc
 ca9dcf94e1f6beeb7255665570927010 4328 php optional 
php-horde-gollem_3.0.12-6.debian.tar.xz
 86661b16338491e407fe389933d3686c 7017 php optional 
php-horde-gollem_3.0.12-6_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAl7Tu7kVHHN1bndlYXZl
ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxTIwP/3MLGG+60nBWvhYQyYFPe0RWQfF7
v4KUBr0byaDiYUmKmY9wIidW4o6k+f8Iq2QYL0vXmF5ri8NVi7KWyzTwfNcg+Vpv
caQj+kwN6fpXj/xi7OTanl4fUVxhTTQ/jPYhaZ7F0AerdrjQE3Sk+gn0BicxPwrP
uzcMCu1noNRtAdawo8PK+Ydm/q5YB9fuY5wW7E8Cc61nhPjM2/9ZXMGMQrLW0U0g
7VS0JMdAzkPSro19wKu1XnL0zSISIm/CpM8vZ9L8NTYVGD2796d+RLP/4jz6age8
A4X2/1gsOrUKKBF0BC4G2rr0kNjjgI6c/KyqZUZfNWtES0GPIZX/PJAicmsbcqWB
XYgoNfjzVGNVvx4uiCDtMd+Z2zWaKABcTBvX1LbAAENmfwZRzsbwAEbG/2upTpT0
3xFMYcE1s+1XDxj7jeeYjiYTh5hAZ988x7t2wi6J/dALCOl6XwFs3rBGeibdz+Cu
9MYF4jzeLeAfY/REdLURIQP++n3F1fTPmP2cAIPaBdL3/pZarJAS+IvKLQO03hxW
TFzYKCCu3yGB/iCjTfZPopSXi+//9IOZKzbyfo7lRw5kzc+GaLBuYmy1I6zyHitm
sOFYXoBbGLWm9U4VCNxri42OidVPCCzmwuAOEhOdd4NTlTLM2LlPWjElPxkEnGGr
AjS5rnBNPWfpBtt7
=qfx2
-END PGP SIGNATURE End Message ---

Processed: Re: Bug#947005: nethack: buffer overflow when parsing config files

2020-05-31 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 947005 pending
Bug #947005 [src:nethack] nethack: CVE-2019-19905: buffer overflow when parsing 
config files
Added tag(s) pending.
> tags 953978 pending
Bug #953978 [src:nethack] nethack: CVE-2020-5254
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
947005: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947005
953978: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953978
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Bug#961649 marked as pending in php-horde-gollem

2020-05-31 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 pending
Bug #961649 [src:php-horde-gollem] php-horde-gollem: CVE-2020-8034
Ignoring request to alter tags of bug #961649 to the same tags previously set

-- 
961649: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961649
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#961649: marked as pending in php-horde-gollem

2020-05-31 Thread Mike Gabriel 
Control: tag -1 pending

Hello,

Bug #961649 in php-horde-gollem reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/horde-team/php-horde-gollem/-/commit/c5a6c9779f5a18c286e92ea3c9ddad33ee61fb80


debian/patches: Add CVE-2020-8034.patch. Fix XSS vulnerability in breadcrumb 
output (Reported by: polict of Shielder). (Closes: #961649).


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/961649

Processed: Bug#961649 marked as pending in php-horde-gollem

2020-05-31 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 pending
Bug #961649 [src:php-horde-gollem] php-horde-gollem: CVE-2020-8034
Ignoring request to alter tags of bug #961649 to the same tags previously set

-- 
961649: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961649
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#961649: marked as pending in php-horde-gollem

2020-05-31 Thread Mike Gabriel 
Control: tag -1 pending

Hello,

Bug #961649 in php-horde-gollem reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/horde-team/php-horde-gollem/-/commit/dd0d95f019f67ed2b722db373b37da64b2ebd80d


debian/patches: Add CVE-2020-8034.patch. Fix XSS vulnerability in breadcrumb 
output (Reported by: polict of Shielder). (Closes: #961649).


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/961649

Processed: Bug#961649 marked as pending in php-horde-gollem

2020-05-31 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 pending
Bug #961649 [src:php-horde-gollem] php-horde-gollem: CVE-2020-8034
Added tag(s) pending.

-- 
961649: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961649
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#961649: marked as pending in php-horde-gollem

2020-05-31 Thread Mike Gabriel 
Control: tag -1 pending

Hello,

Bug #961649 in php-horde-gollem reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/horde-team/php-horde-gollem/-/commit/1f5cf5cd9ec0d159c11a77296bbdf3783dd3055c


debian/patches: Add CVE-2020-8034.patch. Fix XSS vulnerability in breadcrumb 
output (Reported by: polict of Shielder). (Closes: #961649).


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/961649

Bug#961382: hyphy: baseline violation on amd64/i386

2020-05-31 Thread Michael Crusoe 
Sure, I'll add this to my queue

On Sun, May 31, 2020 at 7:54 AM Andreas Tille  wrote:

> Hi Michael,
>
> On Sat, May 23, 2020 at 11:10:37PM +0300, Adrian Bunk wrote:
> > Source: hyphy
> > Version: 2.2.7+dfsg-1
> > Severity: serious
> >
> > https://buildd.debian.org/status/package.php?p=hyphy
> >
> > That package in stretch and buster builds with -msse3
> > for no apparent reason.
> >
> > The package in unstable/testing is built with
> > "-march=native -mtune=native -mavx  -mfma".
>
> do you think this package could be a target for simde in the near future
> or should we rather remove those options for the moment.
>
> Kind regards
>
>Andreas.
>
> --
> http://fam-tille.de
>


-- 
Michael R. Crusoe

Bug#948129: marked as done (gnome-pie FTBFS: vala error: Creation method of abstract class cannot be public)

2020-05-31 Thread Debian Bug Tracking System 
Your message dated Sun, 31 May 2020 12:04:30 +
with message-id 
and subject line Bug#948129: fixed in gnome-pie 0.7.2-2
has caused the Debian Bug report #948129,
regarding gnome-pie FTBFS: vala error: Creation method of abstract class cannot 
be public
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
948129: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948129
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: gnome-pie
Version: 0.7.2-1
Severity: serious
Tags: ftbfs

gnome-pie fails to build from source in unstable on amd64 in sbuild:

| /<>/src/actions/action.vala:72.5-72.17: error: Creation method 
of abstract class cannot be public.
| public Action(string name, string icon, bool is_quickaction) {
| ^
| Command-line option `--thread` is deprecated and will be ignored
| Compilation failed: 1 error(s), 11 warning(s)
| make[4]: *** [src/CMakeFiles/gnome-pie.dir/build.make:128: 
src/actionGroups/actionGroup.c] Error 1
| make[4]: Leaving directory '/<>/obj-x86_64-linux-gnu'
| make[3]: *** [CMakeFiles/Makefile2:124: src/CMakeFiles/gnome-pie.dir/all] 
Error 2
| make[3]: Leaving directory '/<>/obj-x86_64-linux-gnu'
| make[2]: *** [Makefile:133: all] Error 2
| make[2]: Leaving directory '/<>/obj-x86_64-linux-gnu'
| dh_auto_build: cd obj-x86_64-linux-gnu && make -j8 "INSTALL=install 
--strip-program=true" returned exit code 2
| make[1]: *** [debian/rules:11: override_dh_auto_build] Error 255
| make[1]: Leaving directory '/<>'
| make: *** [debian/rules:7: build] Error 2
| dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2

Also observed by crossqa:
http://crossqa.debian.net/build/gnome-pie_0.7.2-1_armhf_20200104102536.log
Also observed by reproducible:
https://tests.reproducible-builds.org/debian/rbuild/unstable/amd64/gnome-pie_0.7.2-1.rbuild.log.gz

Helmut
--- End Message ---
--- Begin Message ---
Source: gnome-pie
Source-Version: 0.7.2-2
Done: =?utf-8?q?J=C3=B6rg_Frings-F=C3=BCrst?= 

We believe that the bug you reported is fixed in the latest version of
gnome-pie, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 948...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jörg Frings-Fürst  (supplier of updated gnome-pie package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 31 May 2020 11:28:29 +0200
Source: gnome-pie
Architecture: source
Version: 0.7.2-2
Distribution: unstable
Urgency: medium
Maintainer: Jörg Frings-Fürst 
Changed-By: Jörg Frings-Fürst 
Closes: 948129
Changes:
 gnome-pie (0.7.2-2) unstable; urgency=medium
 .
   * New debian/patches/0110-Fix-Build-error.patch (Closes: 948129):
 - Fix build error.
   * Migrate to debhelper-compat 13:
 - Remove debian/compat.
 - debian/control:
   + Bump minimum debhelper-compat version to = 13.
   * Declare compliance with Debian Policy 4.5.0 (No changes needed).
   * debian/control:
 - Add Rules-Requires-Root: no.
 - Change homepage to the new one.
   * debian/copyright:
 - Add year 2020 to myself.
   * Remove unused patches.
Checksums-Sha1:
 0d3e024edcb106dd0cbfe130193db27a7afe1c69 2033 gnome-pie_0.7.2-2.dsc
 b921ae7dd7812a574b14fa1e8c6fd564168a379b 5788 gnome-pie_0.7.2-2.debian.tar.xz
Checksums-Sha256:
 224da8733a015a5a5b075ba3efd321bbe46b1176f5d221d5fb5388bade7498c7 2033 
gnome-pie_0.7.2-2.dsc
 6ce4d0e526b842a8a6ce41374290e1bf233f7f4fe0a3f0f6c9f88c4eda9b1667 5788 
gnome-pie_0.7.2-2.debian.tar.xz
Files:
 3e77dfb608f221ef18990e4e91c10dde 2033 gnome optional gnome-pie_0.7.2-2.dsc
 b3b3d10d565829b6718178001f070e14 5788 gnome optional 
gnome-pie_0.7.2-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEZaEt9P4xrWusTXauM1X01jtYIcwFAl7TmhcACgkQM1X01jtY
IcyEBQ/9GZrCWJAzhQlyItv1aK1/PZXOdZ6YPb8NGHSF9guomwQo2P74d1pr30Fk
ExnP7UEjXgYwmU2QGlUxAooR3OVGYhwBEmuO78z/zbqu/lDHX47CyzZQp4R733XG
vMZfPd4NGei+4wi49skH+Up8N35D2CsTHlGqmXm30O+h/dUYN5/enLKRI4XZ+gTD
ro3+9wo1G/ERCzlilGC68S8aeZbcI2EIPy/keCp22fFfiYJ++iVJWYM7sr6JVG5z
HS0whi3ksRlPWlanukUwiQAw8kBBNMjleJOP2cY97+U1lKoZMSkuzkOwCgdYWZ+h
zDkok/pZRtGkHm74GCSfipoEhgOLmIF54Nz0UGKxQMjOCiaUEB/+xnTO0udWcbc1
jbagZRCHC8UjcLddAdKFaVT9tTC

Bug#953287: marked as done (libpsl: binary-all FTBFS)

2020-05-31 Thread Debian Bug Tracking System 
Your message dated Sun, 31 May 2020 09:34:37 +
with message-id 
and subject line Bug#953287: fixed in libpsl 0.21.0-1.1
has caused the Debian Bug report #953287,
regarding libpsl: binary-all FTBFS
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
953287: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953287
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libpsl
Version: 0.21.0-1
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/fetch.php?pkg=libpsl&arch=all&ver=0.21.0-1&stamp=1583346789&raw=0

...
   dh_installman -i
dh_installman: error: Cannot find (any matches for) 
"usr/share/man/man1/psl-make-dafsa.1" (tried in ., debian/tmp)

dh_installman: error: Aborting due to earlier error
make: *** [debian/rules:6: binary-indep] Error 25
--- End Message ---
--- Begin Message ---
Source: libpsl
Source-Version: 0.21.0-1.1
Done: Adrian Bunk 

We believe that the bug you reported is fixed in the latest version of
libpsl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 953...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adrian Bunk  (supplier of updated libpsl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 16 May 2020 17:24:03 +0300
Source: libpsl
Architecture: source
Version: 0.21.0-1.1
Distribution: unstable
Urgency: low
Maintainer: Tim Rühsen 
Changed-By: Adrian Bunk 
Closes: 953287 955439
Changes:
 libpsl (0.21.0-1.1) unstable; urgency=low
 .
   * Non-maintainer upload.
   * Build the binaries also during indep build, required for
 installation of psl-make-dafsa.1. (Closes: #953287)
   * Remove essential diffutils from the test dependencies.
 (Closes: #955439)
Checksums-Sha1:
 4947adf1777ad027f0d543803bbfd7d395fb7b93 2228 libpsl_0.21.0-1.1.dsc
 09d42d1bc9029e93fd0e31a73817d7b26af70b51 12432 libpsl_0.21.0-1.1.debian.tar.xz
Checksums-Sha256:
 88e9ead32ef07fd807dd9b2eac7184baea346bd8b13878c9002b32e6286a4237 2228 
libpsl_0.21.0-1.1.dsc
 aaf2dc28ed4b1b3d754895e3c21b0fb2be1f725fdec1f6d35a856cbe0b32cf46 12432 
libpsl_0.21.0-1.1.debian.tar.xz
Files:
 f7c328b2a1dd884e15c21866d3c25e8b 2228 libs optional libpsl_0.21.0-1.1.dsc
 4881efc647e1691b292595eede030124 12432 libs optional 
libpsl_0.21.0-1.1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl7AAaIACgkQiNJCh6LY
mLEMmA//aqCUpGj8+kvoZOjWzBVR91yPKZGMOdMzf4iv1WaJv2F61ikMuV86wa6U
savxZWIowzMJKpFfWJhPfqq9ts32Htha9rGzxiu6A5qKoJSvqB9AgZ6+1svzFnUf
Jh1JqM3ITbLWPrNIvNA/OmZoOsTVrbskKWdNwBIRbxneYEQnjaUIwL8F/Tf+2X3u
vkTVlN5eCghwr4EMlNY29TPSaUT204bnXyfkMnQJJ4q8AlFSfsfml696YvuBDqIB
url14Ey8j2jTYFc5a38PT9phmnZA7IgLRXBu8h+uM+U13BDX7biuIXfSPAmiWv5D
1/jLnm4dK3bcItolPGqPUIh8DQNt2+G0FqH3jSFn5hbVr5c0hPebix5V9jvJiGjA
O4oaYYDtJil4VFaOYqL5jFz9Cb7eW1XTSxZaFoDLYPsOC2EROSpY8cWgrQE5GJqP
9/uR1Z5MdHqZtnkR8YtL90ZMxS55odK751i/FvPaU/Eun3YbhA7JHyBMkWcPMIwf
m9WrwnuFmJ/KdurNfSbyjV7MViit71Q0qrZmkfdLIShOzlibXTkf3yQrB4Mo7Gea
wG2e4w/gIwniYkabnK/2Zy2ShGovzv8oMwSdFjsHBc1IXHPXOAeevj7zxRdR2BCO
1Yi4s6dwD6i4UJlqMFFtgUeWxf2+/Vt/4zS2SBwLRVI2BxUH0JU=
=9jvh
-END PGP SIGNATURE End Message ---

Bug#954501: marked as done (publicsuffix: FTBFS: build-dependency not installable: psl-make-dafsa)

2020-05-31 Thread Debian Bug Tracking System 
Your message dated Sun, 31 May 2020 09:34:37 +
with message-id 
and subject line Bug#953287: fixed in libpsl 0.21.0-1.1
has caused the Debian Bug report #953287,
regarding publicsuffix: FTBFS: build-dependency not installable: psl-make-dafsa
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
953287: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953287
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: publicsuffix
Version: 20200303.0012-1
Severity: serious
Justification: FTBFS on amd64
Tags: bullseye sid ftbfs
Usertags: ftbfs-20200321 ftbfs-bullseye

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.

Relevant part (hopefully):
> +--+
> | Install package build dependencies  
>  |
> +--+
> 
> 
> Setup apt archive
> -
> 
> Merged Build-Depends: debhelper-compat (= 12), psl-make-dafsa, 
> python3-minimal, build-essential, fakeroot
> Filtered Build-Depends: debhelper-compat (= 12), psl-make-dafsa, 
> python3-minimal, build-essential, fakeroot
> dpkg-deb: building package 'sbuild-build-depends-main-dummy' in 
> '/<>/apt_archive/sbuild-build-depends-main-dummy.deb'.
> Ign:1 copy:/<>/apt_archive ./ InRelease
> Get:2 copy:/<>/apt_archive ./ Release [957 B]
> Ign:3 copy:/<>/apt_archive ./ Release.gpg
> Get:4 copy:/<>/apt_archive ./ Sources [391 B]
> Get:5 copy:/<>/apt_archive ./ Packages [470 B]
> Fetched 1818 B in 0s (0 B/s)
> Reading package lists...
> Reading package lists...
> 
> Install main build dependencies (apt-based resolver)
> 
> 
> Installing build dependencies
> Reading package lists...
> Building dependency tree...
> Reading state information...
> Some packages could not be installed. This may mean that you have
> requested an impossible situation or if you are using the unstable
> distribution that some required packages have not yet been created
> or been moved out of Incoming.
> The following information may help to resolve the situation:
> 
> The following packages have unmet dependencies:
>  sbuild-build-depends-main-dummy : Depends: psl-make-dafsa but it is not 
> installable
> E: Unable to correct problems, you have held broken packages.
> apt-get failed.

The full build log is available from:
   
http://qa-logs.debian.net/2020/03/21/publicsuffix_20200303.0012-1_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Source: libpsl
Source-Version: 0.21.0-1.1
Done: Adrian Bunk 

We believe that the bug you reported is fixed in the latest version of
libpsl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 953...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adrian Bunk  (supplier of updated libpsl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 16 May 2020 17:24:03 +0300
Source: libpsl
Architecture: source
Version: 0.21.0-1.1
Distribution: unstable
Urgency: low
Maintainer: Tim Rühsen 
Changed-By: Adrian Bunk 
Closes: 953287 955439
Changes:
 libpsl (0.21.0-1.1) unstable; urgency=low
 .
   * Non-maintainer upload.
   * Build the binaries also during indep build, required for
 installation of psl-make-dafsa.1. (Closes: #953287)
   * Remove essential diffutils from the test dependencies.
 (Closes: #955439)
Checksums-Sha1:
 4947adf1777ad027f0d543803bbfd7d395fb7b93 2228 libpsl_0.21.0-1.1.dsc
 09d42d1bc9029e93fd0e31a73817d7b26af70b51 12432 libpsl_0.21.0-1.1.debian.tar.xz
Checksums-Sha256:
 88e9ead32ef07fd807dd9b2eac7184baea346bd8b13878c9002b32e6286a4237 2228 
libpsl_0.21.0-1.1.dsc
 aaf2dc28ed4b1b3d754895e3c21b0fb2be1f725fdec1f6d3

Bug#961122: marked as done (giac: FTBFS on armhf)

2020-05-31 Thread Debian Bug Tracking System 
Your message dated Sun, 31 May 2020 09:03:35 +
with message-id 
and subject line Bug#961122: fixed in giac 1.5.0.87+dfsg1-6
has caused the Debian Bug report #961122,
regarding giac: FTBFS on armhf
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
961122: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961122
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: giac
Version: 1.5.0.87+dfsg1-1
Severity: serious
Tags: ftbfs bullseye sid

Hi Maintainer

d-workaround-armhf-hang.patch was recently dropped [1], however, as
can be seen on buildds [2] and reproducibles builds [3], that giac
still FTBFS on armhf with:

E: Build killed with signal TERM after 300 minutes of inactivity

Regards
Graham


[1] 
https://salsa.debian.org/science-team/giac/-/commit/67485addcc95870c3f4a5756cbba21a4d8889900
[2] https://buildd.debian.org/status/logs.php?pkg=giac&arch=armhf
[3] https://tests.reproducible-builds.org/debian/history/armhf/giac.html
--- End Message ---
--- Begin Message ---
Source: giac
Source-Version: 1.5.0.87+dfsg1-6
Done: Julien Puydt 

We believe that the bug you reported is fixed in the latest version of
giac, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 961...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Julien Puydt  (supplier of updated giac package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 31 May 2020 10:33:10 +0200
Source: giac
Architecture: source
Version: 1.5.0.87+dfsg1-6
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Julien Puydt 
Closes: 961122
Changes:
 giac (1.5.0.87+dfsg1-6) experimental; urgency=medium
 .
   * Uploading to unstable : the experimental pari code is
   accepted upstream, will be in the next official version,
   and fixes an armhf issue. (Closes: #961122)
Checksums-Sha1:
 d26728fdbc4d9bfa30d278de29859b82143663a3 2850 giac_1.5.0.87+dfsg1-6.dsc
 7ba13d5f7962d00b763b2874acdbc5f5369c1362 300300 
giac_1.5.0.87+dfsg1-6.debian.tar.xz
 d7de183d42075dae04a98c0a94ef6ae3b56dcce0 9384 
giac_1.5.0.87+dfsg1-6_source.buildinfo
Checksums-Sha256:
 e34d0a0bf6e193e460f10af5a9a86df842924f16c77895500057d9ecbda40f85 2850 
giac_1.5.0.87+dfsg1-6.dsc
 181fa58f69d0e0b5456d4b1c162e7cbccb570ead1ddc0efa1aebe19fcb623bae 300300 
giac_1.5.0.87+dfsg1-6.debian.tar.xz
 d22cc72af2a5146c3c8c9eb46485594b941eca110f280fa7fd167fbdb09cc1c7 9384 
giac_1.5.0.87+dfsg1-6_source.buildinfo
Files:
 61271e25a97e6232e6dac33dd92e065f 2850 science optional 
giac_1.5.0.87+dfsg1-6.dsc
 60584b1e9ec480e591d53d8be0444edc 300300 science optional 
giac_1.5.0.87+dfsg1-6.debian.tar.xz
 9f6313921c7fdc3296cfece09ff6483a 9384 science optional 
giac_1.5.0.87+dfsg1-6_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEgS7v2KP7pKzk3xFLBMU71/4DBVEFAl7TbD0SHGpwdXlkdEBk
ZWJpYW4ub3JnAAoJEATFO9f+AwVRtWMP/3iaF/kd/HIlYXzOG62eaWUsJqdAo3DB
QcPeZg3zsL4SgylEzpsXjr3O8ZtFG5dUUKn2s1XOU4xK6axXc08HwbaqYOVzkV/n
2accqyTIZRbx80BWSp8Rnkj+AE/8R8ByLA+QvEfykRNjSOIY6rVzpbWd72XtZ5tB
pw0dLakZC64uKxqZQbtY3W9XWaN2mgEglkdtHIBD4lx+nYNNtfVDbqtaHqxJzjNs
MLqr8ZVoRjhFOSE9fXgzxxKohFdLvW0SKrI8bhxGK4yFGwJ0cRNgSGhYXW7oKLKf
YJVVWvp5E2o5NMZVxIRAoXhigmUt1NQzbdpq/j3ZMOJEXQafZjccTA3+RvCNJp73
/LNIs+imOarbRZLiwsBsrcRlipPMKvwje9VbaF0t2Ht7T6xhmn/axZm37y/rHERc
geUB8EKCjyXvzkNxwhAkDRO9kPBNzITwVTGH9y6TEV4ssKifCx3Wz7hKE5WyF+g9
iczTton9J/yJT98vQbYzyfcBzpkPWjXbzmHWKFNL8PHjpv7zAjTj6WDeHDoDtd5s
UcKRt2WaiQdzUNGcZipsNQCLUOuiGJW/IRNTAYHBIa+EiUBvbr9v8qitK4+FO1df
M5SZYlFCLK7E0iCGOTDM3MWzrowc2/OIXF86J80HnsiPV1r8cqubgf4TBXeeLHlQ
Q9kecWDlcaZ8
=uzII
-END PGP SIGNATURE End Message ---

Bug#959572: sasmodels: FTBFS: TypeError: object of type cannot be safely interpreted as an integer.

2020-05-31 Thread Stuart Prescott 
This is fixed in the recent 1.0.2 release which is design to go with SasView 
5.0.2.

I've got this packaged locally but have to hunt down a failing test before 
uploading.

-- 
Stuart Prescotthttp://www.nanonanonano.net/   stu...@nanonanonano.net
Debian Developer   http://www.debian.org/ stu...@debian.org
GPG fingerprint90E2 D2C1 AD14 6A1B 7EBB 891D BBC1 7EBB 1396 F2F7