Processed: Re: Bug#980192: ruby-2.7: autopkgtest regression in testing: Errno::ENAMETOOLONG: File name too long

[Debian Bug Tracking System]

Processing control commands:

> reassign -1 ruby2.7 2.7.2-3
Bug #980192 [src:ruby-2.7] ruby-2.7: autopkgtest regression in testing: 
Errno::ENAMETOOLONG: File name too long
Warning: Unknown package 'src:ruby-2.7'
Bug reassigned from package 'src:ruby-2.7' to 'ruby2.7'.
No longer marked as found in versions ruby-2.7/2.7.2-3.
Ignoring request to alter fixed versions of bug #980192 to the same values 
previously set
Bug #980192 [ruby2.7] ruby-2.7: autopkgtest regression in testing: 
Errno::ENAMETOOLONG: File name too long
Marked as found in versions ruby2.7/2.7.2-3.

-- 
980192: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980192
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#980192: ruby-2.7: autopkgtest regression in testing: Errno::ENAMETOOLONG: File name too long

[Andrei POPESCU]

Control: reassign -1 ruby2.7 2.7.2-3

On Vi, 15 ian 21, 21:51:44, Paul Gevers wrote:
> Source: ruby-2.7
> Version: 2.7.2-3
> X-Debbugs-CC: debian...@lists.debian.org
> Severity: serious
> User: debian...@lists.debian.org
> Usertags: regression
> 
> Dear maintainer(s),
> 
> With a recent (december 2020) in testing the autopkgtest of your package
> started to fail. I copied some of the output at the bottom of this
> report. Can you please investigate the situation and fix it?
> 
> More information about this bug and the reason for filing it can be found on
> https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation
> 
> Paul
> 
> https://ci.debian.net/data/autopkgtest/testing/amd64/r/ruby2.7/9537123/log.gz
> 
> 
> 264) Error:
> TestTempfile#test_open_traversal_dir:
> Errno::ENAMETOOLONG: File name too long @ rb_sysopen -
> /tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/..tmpautopkgtest-lxc.r54r7gkwdowntmpautopkgtest_tmptmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmpd20210109-4115-ihpyim20210109-4115-1l9j1dpfoo
> /usr/lib/ruby/2.7.0/tempfile.rb:129:in `initialize'
> /usr/lib/ruby/2.7.0/tempfile.rb:129:in `open'
> /usr/lib/ruby/2.7.0/tempfile.rb:129:in `block in initialize'
> /usr/lib/ruby/2.7.0/tmpdir.rb:129:in `create'
> /usr/lib/ruby/2.7.0/tempfile.rb:127:in `initialize'
> /usr/lib/ruby/2.7.0/tempfile.rb:287:in `new'
> /usr/lib/ruby/2.7.0/tempfile.rb:287:in `open'
> 
> /tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tempfile.rb:368:in
> `block in test_open_traversal_dir'
> 
> /tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tempfile.rb:401:in
> `block in assert_mktmpdir_traversal'
> /usr/lib/ruby/2.7.0/tmpdir.rb:89:in `mktmpdir'
> 
> /tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tempfile.rb:397:in
> `assert_mktmpdir_traversal'
> 
> /tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tempfile.rb:367:in
> `test_open_traversal_dir'
> 
> 265) Error:
> TestTmpdir#test_mktmpdir_traversal:
> Errno::ENAMETOOLONG: File name too long @ dir_s_mkdir -
> /tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/..tmpautopkgtest-lxc.r54r7gkwdowntmpautopkgtest_tmptmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmpd20210109-4115-c6vju4foo20210109-4115-o3w6ci
> /usr/lib/ruby/2.7.0/tmpdir.rb:85:in `mkdir'
> /usr/lib/ruby/2.7.0/tmpdir.rb:85:in `block in mktmpdir'
> /usr/lib/ruby/2.7.0/tmpdir.rb:129:in `create'
> /usr/lib/ruby/2.7.0/tmpdir.rb:83:in `mktmpdir'
> 
> /tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tmpdir.rb:68:in
> `block in test_mktmpdir_traversal'
> 
> /tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tmpdir.rb:87:in
> `block in assert_mktmpdir_traversal'
> /usr/lib/ruby/2.7.0/tmpdir.rb:89:in `mktmpdir'
> 
> /tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tmpdir.rb:83:in
> `assert_mktmpdir_traversal'
> 
> /tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tmpdir.rb:67:in
> `test_mktmpdir_traversal'
> 
> 266) Error:
> TestTmpdir#test_mktmpdir_traversal_array:
> Errno::ENAMETOOLONG: File name too long @ dir_s_mkdir -
> 

Bug#980211: libextractor: FTBFS against librpm9 (test failure)

[Graham Inggs]

Source: libextractor
Version: 1:1.10-2
Severity: serious
Tags: ftbfs

Hi Maintainer

During a recent rebuild against librpm9, libextractor FTBFS on several
architectures where it built previously [1].

I've copied what I hope is the relevant part of the log below.

Regards
Graham


[1] https://buildd.debian.org/status/package.php?p=libextractor


===
   libextractor 1.10: src/plugins/test-suite.log
===

# TOTAL: 32
# PASS:  31
# SKIP:  0
# XFAIL: 0
# FAIL:  1
# XPASS: 0
# ERROR: 0

.. contents:: :depth: 2

FAIL: test_rpm
==

FAIL test_rpm (exit status: 141)

Bug#980199: marked as done (erlang: CVE-2020-35733)

[Debian Bug Tracking System]

Your message dated Sat, 16 Jan 2021 06:48:33 +
with message-id 
and subject line Bug#980199: fixed in erlang 1:23.2.2+dfsg-1
has caused the Debian Bug report #980199,
regarding erlang: CVE-2020-35733
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
980199: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980199
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: erlang
Version: 1:23.2.1+dfsg-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for erlang.

CVE-2020-35733[0]:
| An issue was discovered in Erlang/OTP before 23.2.2. The ssl
| application 10.2 accepts and trusts an invalid X.509 certificate chain
| to a trusted root Certification Authority.

It is specific to OTP-23.2, see the security-tracker information.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-35733
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35733
[1] https://erlang.org/pipermail/erlang-questions/2021-January/100357.html

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: erlang
Source-Version: 1:23.2.2+dfsg-1
Done: Sergei Golovan 

We believe that the bug you reported is fixed in the latest version of
erlang, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 980...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sergei Golovan  (supplier of updated erlang package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 16 Jan 2021 08:50:49 +0300
Source: erlang
Architecture: source
Version: 1:23.2.2+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Erlang Packagers 
Changed-By: Sergei Golovan 
Closes: 980199
Changes:
 erlang (1:23.2.2+dfsg-1) unstable; urgency=medium
 .
   * New upstream release, which includes a fix for CVE-2020-35733 (the ssl
 application 10.2 accepts and trusts an invalid X.509 certificate chain
 to a trusted root Certification Authority, closes: #980199).
Checksums-Sha1:
 ee7c3c8e356b82fe3966ca270f1153e828d0b79f 5105 erlang_23.2.2+dfsg-1.dsc
 437c31bb7937bb991715466108a9fa7d6b288ebf 45295328 
erlang_23.2.2+dfsg.orig.tar.xz
 20b524b84a78e828868b95321f11ed4779e43dad 61916 
erlang_23.2.2+dfsg-1.debian.tar.xz
 a4e33925ab43ea5be6eed9313459ef46251f7dd8 28377 
erlang_23.2.2+dfsg-1_amd64.buildinfo
Checksums-Sha256:
 650fa6ab3ae212b85633a9e1a93d18a29d73ee3c430228d690484c8d68a691bd 5105 
erlang_23.2.2+dfsg-1.dsc
 993261d96fbf1ea1e5dbaf2e8ceb64b22aef4ffbb11ddac10a0ad339ae8fd608 45295328 
erlang_23.2.2+dfsg.orig.tar.xz
 e6dfc204500b239bac4d2cd304bb68195e757c5c666004cd5debb76bde9bdbed 61916 
erlang_23.2.2+dfsg-1.debian.tar.xz
 aa6e7e7944a776bc0253e55049b68f8063f2934dee926d4e2c54e95c4c0162a0 28377 
erlang_23.2.2+dfsg-1_amd64.buildinfo
Files:
 4050c32df178f90e2129b6da3aeef348 5105 interpreters optional 
erlang_23.2.2+dfsg-1.dsc
 db5911ed8dfd22422c74d4719729f63b 45295328 interpreters optional 
erlang_23.2.2+dfsg.orig.tar.xz
 5c6b7705db2c45f558216d3810ffe8ff 61916 interpreters optional 
erlang_23.2.2+dfsg-1.debian.tar.xz
 89f8f54c3166dd6b64812fc55adee494 28377 interpreters optional 
erlang_23.2.2+dfsg-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEE/SYPsyDB+ShSnvc4Tyrk60tj54cFAmACh7QACgkQTyrk60tj
54fCjhAA0ZXTiQ6xkGUw5DF6NuACQ1jKNbPHciy6hw6jsNbuKWfNcRgWN/DbnQ9Z
ryfLlBFnYBn879005eltTOp/DuLpz4K320p114phPwg21jC8T2eh0o+C/osFZR1E
Srp9jH+VMyckpBLLwhBbtK+D49cJdwXuG+6lwNXwryGM8Ax3Br8efXL/XDC8f4t7
v9coKfsHW26P9ptJsth38VRrNuCjycN0DUKrdS1nKpTUCvAS7POxjEIVXXnYBOL+
Eg1tYNSRom+ljnp82uEp1Lf7EzWswUU0R0hRpzXhQZiRdcVCvgGH5PnV0jDuJn/H
hXhrEY9QBxnP/qVlYkj4gjKzHUztjL0WTFohEfk1CmaPbYf+SGrw0aIgd2zgvA4q
9giHu0lXEU6CsM3E7YzIRWIP7DBoqPK/Y5qsx8Z9iDugq7tP4dqD8l/MbY2iv5G/
qMCU3qhD7j/IIu9HMi2oKoDhBUpQGvc+ybDOrqdwlVMn/yhZGsETOylWKC2jKNIb
nubDzlpJRiswU130Ndj2aE10DaHwqMOcgF85JYriy6Fbz1SG87gNpJcWsjh8zC59
j1lO6h0RpO88qsEx0FDlKNVn5btz0smwot3HTcHaLTjBeZ7L7qQJolDysCuAed8S

Processed: Bug#976935 marked as pending in inkscape

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #976935 [src:inkscape] inkscape: FTBFS on ppc64el: make[3]: *** No rule to 
make target 'po/zh_TW.gmo', needed by 
'share/templates/default_templates.timestamp'. Stop.
Added tag(s) pending.

-- 
976935: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976935
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#976935: marked as pending in inkscape

[Mattia Rizzolo]

Control: tag -1 pending

Hello,

Bug #976935 in inkscape reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/multimedia-team/inkscape/-/commit/2e2b302c34c7be0dad92a1cbd1b30fafcb73d8b5


Switch build system from cmake+make to cmake+ninja.

+ Fixes FTBFS with a very high level of parallelism.  Closes: #976935

Signed-off-by: Mattia Rizzolo 


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/976935

Bug#957577: nast: ftbfs with GCC-10

[Logan Rosen]

Package: nast
Version: 0.2.0-7
Followup-For: Bug #957577
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu hirsute ubuntu-patch
Control: tags -1 patch

Hi,

In Ubuntu, the attached patch was applied to achieve the following:

  * d/p/gcc-10: Fix FTBFS with GCC 10.

Thanks for considering the patch.

Logan
diff -Nru nast-0.2.0/debian/patches/gcc-10 nast-0.2.0/debian/patches/gcc-10
--- nast-0.2.0/debian/patches/gcc-101969-12-31 19:00:00.0 -0500
+++ nast-0.2.0/debian/patches/gcc-102021-01-15 23:30:25.0 -0500
@@ -0,0 +1,327 @@
+--- a/include/nast.h
 b/include/nast.h
+@@ -95,32 +95,32 @@
+ void init_scr(void);
+ 
+ /* variable */
+-FILE *logd;
+-short offset;
+-int npkt;
+-u_char *packet;
+-u_char *buf;
+-struct pcap_pkthdr hdr;
+-pcap_t* descr;
+-pcap_dumper_t *dumper;
+-struct pcap_stat statistic;
+-bpf_u_int32 maskp;  /* subnet mask   */
+-bpf_u_int32 netp; /* ip*/
+-int datalink;
+-struct bpf_program fp;  /* hold compiled program */
+-char *logname;
+-char *tcpdl;
+-u_short tr,tl;
+-u_short graph;  /* global var for ncurses mode */
+-u_short cont;
++extern FILE *logd;
++extern short offset;
++extern int npkt;
++extern u_char *packet;
++extern u_char *buf;
++extern struct pcap_pkthdr hdr;
++extern pcap_t* descr;
++extern pcap_dumper_t *dumper;
++extern struct pcap_stat statistic;
++extern bpf_u_int32 maskp;  /* subnet mask   */
++extern bpf_u_int32 netp;  /* ip*/
++extern int datalink;
++extern struct bpf_program fp;  /* hold compiled program */
++extern char *logname;
++extern char *tcpdl;
++extern u_short tr,tl;
++extern u_short graph;  /* global var for ncurses mode */
++extern u_short cont;
+ /* golbal var*/
+-int stream_glob;
+-int bc_glob;
+-int sniff_glob;
+-int rst_glob;
+-int arp_glob;
+-pthread_t pt[2];
+-int lg;
++extern int stream_glob;
++extern int bc_glob;
++extern int sniff_glob;
++extern int rst_glob;
++extern int arp_glob;
++extern pthread_t pt[2];
++extern int lg;
+ 
+ struct host
+ {
+@@ -129,13 +129,13 @@
+ };
+ 
+ /* time variable */
+-time_t tm;
+-char timed[60];
++extern time_t tm;
++extern char timed[60];
+ 
+ /* for demonize nast */
+-u_short demonize;
++extern u_short demonize;
+ 
+-int line_s;
+-int row_s;
++extern int line_s;
++extern int row_s;
+ 
+ 
+--- a/main.c
 b/main.c
+@@ -26,6 +26,43 @@
+ # include "missing/getopt.h"
+ #endif
+ 
++/* variable */
++FILE *logd;
++short offset;
++int npkt;
++u_char *packet;
++u_char *buf;
++struct pcap_pkthdr hdr;
++pcap_t* descr;
++struct pcap_stat statistic;
++bpf_u_int32 maskp;  /* subnet mask   */
++bpf_u_int32 netp; /* ip*/
++int datalink;
++struct bpf_program fp;  /* hold compiled program */
++char *logname;
++char *tcpdl;
++u_short tr,tl;
++u_short graph;  /* global var for ncurses mode */
++u_short cont;
++/* golbal var*/
++int stream_glob;
++int bc_glob;
++int sniff_glob;
++int rst_glob;
++int arp_glob;
++pthread_t pt[2];
++int lg;
++
++/* time variable */
++time_t tm;
++char timed[60];
++
++/* for demonize nast */
++u_short demonize;
++
++int line_s;
++int row_s;
++
+ void usage(char *name);
+ 
+ int main(int argc,char **argv)
+--- a/ncurses/n_nast.c
 b/ncurses/n_nast.c
+@@ -21,6 +21,48 @@
+ 
+ #ifdef HAVE_LIBNCURSES
+ 
++WINDOW *query;
++WINDOW *werror;
++WINDOW *help;
++N_SCROLLWIN *princ;
++N_SCROLLWIN *winfo;
++N_SCROLLWIN *wstream;
++N_SCROLLWIN *wconn;
++
++MENU *my_nmenu;
++ITEM *curr_item;
++WINDOW *my_nmenu_win;
++WINDOW *pop_up;
++
++u_short mvar;
++u_short promisc,hex,ascii,ld,f,lr,l;
++u_short flg;
++int linm;
++int fileds;
++char dev[10];
++char n_filter[60];
++char ldfile[50];
++char tcpdfile[50];
++char reportl[50];
++char logfile[50];
++/*descriptor for stream*/
++pcap_t* str;
++pcap_dumper_t *dumper;
++
++/* thread for database connections */
++pthread_t thID[7];
++
++struct thread_conn th_data[1];
++struct thread_conn_rst th_r_data[1];
++struct thread_arp th_arp_data[1];
++
++struct connections c_inf[30];
++
++struct cnn sf[30];
++
++/* num max of db connections */
++int nmax;
++
+ void init_curs(void);
+ void title(void);
+ int get_info(void);
+--- a/ncurses/n_nast.h
 b/ncurses/n_nast.h
+@@ -84,36 +84,36 @@
+ int shutdown_thread(void);
+ void help_win(void);
+ 
+-WINDOW *query;
+-WINDOW *werror;
+-WINDOW *help;
+-N_SCROLLWIN *princ;
+-N_SCROLLWIN *winfo;
+-N_SCROLLWIN *wstream;
+-N_SCROLLWIN *wconn;
+-
+-MENU *my_nmenu;
+-ITEM *curr_item;
+-WINDOW *my_nmenu_win;
+-WINDOW *pop_up;
+-
+-u_short mvar;
+-u_short promisc,hex,ascii,ld,f,lr,l;
+-u_short flg;
+-int linm;
+-int fileds;
+-char dev[10];
+-char n_filter[60];
+-char ldfile[50];
+-char tcpdfile[50];
+-char reportl[50];
+-char logfile[50];
++extern WINDOW *query;
++extern WINDOW *werror;
++extern WINDOW *help;
++extern N_SCROLLWIN *princ;
++extern N_SCROLLWIN *winfo;
++extern N_SCROLLWIN *wstream;

Processed: Re: nast: ftbfs with GCC-10

[Debian Bug Tracking System]

Processing control commands:

> tags -1 patch
Bug #957577 [src:nast] nast: ftbfs with GCC-10
Added tag(s) patch.

-- 
957577: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=957577
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#957585: ncurses-hexedit: ftbfs with GCC-10

[Logan Rosen]

Package: ncurses-hexedit
Version: 0.9.7+orig-7
Followup-For: Bug #957585
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu hirsute ubuntu-patch
Control: tags -1 patch

Hi,

In Ubuntu, the attached patch was applied to achieve the following:

  * d/p/gcc_10.patch: Fix FTBFS with GCC 10.

Thanks for considering the patch.

Logan
diff -Nru ncurses-hexedit-0.9.7+orig/debian/patches/gcc_10.patch 
ncurses-hexedit-0.9.7+orig/debian/patches/gcc_10.patch
--- ncurses-hexedit-0.9.7+orig/debian/patches/gcc_10.patch  1969-12-31 
19:00:00.0 -0500
+++ ncurses-hexedit-0.9.7+orig/debian/patches/gcc_10.patch  2021-01-15 
23:13:37.0 -0500
@@ -0,0 +1,44 @@
+--- a/src/hexedit.h
 b/src/hexedit.h
+@@ -343,7 +343,7 @@
+ 
+ 
+/* Global structure, keep most global variables here. */
+-struct
++struct Globals_t
+ {
+WINDOW *wmain, *wstatus, *whelp; /* three windows used throughout. */
+unsigned long filesize;  /* size of the file buffer. */
+@@ -365,7 +365,9 @@
+ /* buf end. */
+int beeping; /* Allow beeping or not. */
+int help_msg_count;  /* Number of messages in help menu. */
+-} Globals;
++};
++
++extern struct Globals_t Globals;
+ 
+ 
+ struct foundit
+@@ -400,7 +402,9 @@
+int s;
+struct Change *base;
+struct Change *top;
+-} UndoStack;
++};
++
++extern struct ChangeLog UndoStack;
+ 
+ 
+ struct FileNames
+--- a/src/init.c
 b/src/init.c
+@@ -35,6 +35,8 @@
+ 
+ extern char **environ;
+ 
++struct ChangeLog UndoStack;
++struct Globals_t Globals;
+ 
+/* This is called once at the start of the program.  Handles HEXEDIT
+ * Environment variable, command line arguments, sets up signal
diff -Nru ncurses-hexedit-0.9.7+orig/debian/patches/series 
ncurses-hexedit-0.9.7+orig/debian/patches/series
--- ncurses-hexedit-0.9.7+orig/debian/patches/series2019-01-30 
22:29:46.0 -0500
+++ ncurses-hexedit-0.9.7+orig/debian/patches/series2021-01-15 
23:11:19.0 -0500
@@ -16,3 +16,4 @@
 enforce_readonly_mode.patch
 fix_buffer_overruns.patch
 fix_spelling_errors.patch
+gcc_10.patch

Processed: Re: ncurses-hexedit: ftbfs with GCC-10

[Debian Bug Tracking System]

Processing control commands:

> tags -1 patch
Bug #957585 [src:ncurses-hexedit] ncurses-hexedit: ftbfs with GCC-10
Added tag(s) patch.

-- 
957585: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=957585
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: netdiag: ftbfs with GCC-10

[Debian Bug Tracking System]

Processing control commands:

> tags -1 patch
Bug #957596 [src:netdiag] netdiag: ftbfs with GCC-10
Added tag(s) patch.

-- 
957596: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=957596
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#957596: netdiag: ftbfs with GCC-10

[Logan Rosen]

Package: netdiag
Version: 1.2-1
Followup-For: Bug #957596
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu hirsute ubuntu-patch
Control: tags -1 patch

Hi,

In Ubuntu, the attached patch was applied to achieve the following:

  * d/p/gcc-10.diff: Fix FTBFS with GCC 10.
  * d/p/pcap_init.diff: Rename pcap_init() to traf_pcap_init() to avoid
conflict with libpcap.

Thanks for considering the patch.

Logan
diff -u netdiag-1.2/debian/patches/series netdiag-1.2/debian/patches/series
--- netdiag-1.2/debian/patches/series
+++ netdiag-1.2/debian/patches/series
@@ -6,3 +6,5 @@
 adapt_netload_to_bsd.diff
 adaption_to_kfreebsd.diff 
 clang-ftbfs.diff
+gcc-10.diff
+pcap_init.diff
only in patch2:
unchanged:
--- netdiag-1.2.orig/debian/patches/gcc-10.diff
+++ netdiag-1.2/debian/patches/gcc-10.diff
@@ -0,0 +1,39 @@
+--- a/netwatch-1.3.1-2/netwatch.c
 b/netwatch-1.3.1-2/netwatch.c
+@@ -151,6 +151,10 @@
+ #include "netresolv.h"
+ #include "netwatch.h"
+ 
++struct port_info *tcp_port_types[TCPHASH];
++
++struct port_info *udp_port_types[UDPHASH];
++
+ extern int errno;
+ 
+ #define MAXFILENAME 256
+--- a/netwatch-1.3.1-2/netwatch.h
 b/netwatch-1.3.1-2/netwatch.h
+@@ -209,10 +209,10 @@
+ };
+ 
+ #define TCPHASH 1786
+-struct port_info *tcp_port_types[TCPHASH];
++EXTERN_DEF struct port_info *tcp_port_types[TCPHASH];
+ 
+ #define UDPHASH 1786
+-struct port_info *udp_port_types[UDPHASH];
++EXTERN_DEF struct port_info *udp_port_types[UDPHASH];
+ 
+ int hashport( int port, int hash);
+ void initlist(struct port_info *first[], int hash);
+--- a/netwatch-1.3.1-2/dispdata.c
 b/netwatch-1.3.1-2/dispdata.c
+@@ -178,7 +178,7 @@
+ extern int simchange;
+ extern int simfwdir;
+ extern int simarr[8];
+-char *simfmt;
++extern char *simfmt;
+ extern int iseth;
+ extern int nw_logall;
+ extern char nw_allname[256];
only in patch2:
unchanged:
--- netdiag-1.2.orig/debian/patches/pcap_init.diff
+++ netdiag-1.2/debian/patches/pcap_init.diff
@@ -0,0 +1,29 @@
+--- a/trafshow-5.2.3/trafshow.c
 b/trafshow-5.2.3/trafshow.c
+@@ -58,7 +58,7 @@
+ static void vers();
+ static void usage();
+ static pcap_if_t *pcap_matchdev(pcap_if_t *dp, const char *name);
+-static int pcap_init(PCAP_HANDLER **ph_list, pcap_if_t *dp);
++static int traf_pcap_init(PCAP_HANDLER **ph_list, pcap_if_t *dp);
+ static void *pcap_feed(void *arg); /* PCAP_HANDLER *ph */
+ #ifdefHAVE_PCAP_GET_SELECTABLE_FD
+ static void *pcap_feed2(void *arg); /* PCAP_HANDLER *ph */
+@@ -172,7 +172,7 @@
+   }
+ 
+   /* initialize list of pcap handlers */
+-  if ((op = pcap_init(_list, dev_list)) < 1) {
++  if ((op = traf_pcap_init(_list, dev_list)) < 1) {
+   fprintf(stderr, "No packet capture device available (no 
permission?)\n");
+   exit(1);
+   }
+@@ -301,7 +301,7 @@
+ }
+ 
+ static int
+-pcap_init(ph_list, dp)
++traf_pcap_init(ph_list, dp)
+   PCAP_HANDLER **ph_list;
+   pcap_if_t *dp;
+ {

Bug#977081: fixed in pytest-rerunfailures 9.1.1-1

[Paul Wise]

On Mon, 04 Jan 2021 04:49:07 + Paul Wise wrote:

>* New upstream release.
>  - Increases pytest requirement to 5.0
>  - Fixes FTBFS with pytest 6 (Closes: #977081)

This hasn't migrated yet because of the pytest transition.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#980048: marked as done (FTBFS: -Werror=array-bounds in dlls/shell32/cpanelfolder.c)

[Debian Bug Tracking System]

Your message dated Sat, 16 Jan 2021 02:34:29 +
with message-id 
and subject line Bug#980048: fixed in wine 5.0.3-2
has caused the Debian Bug report #980048,
regarding FTBFS: -Werror=array-bounds in dlls/shell32/cpanelfolder.c
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
980048: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980048
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: wine
Version: 5.0.3-1
Severity: serious
Tags: upstream fixed-upstream patch ftbfs
Justification: fails to build from source (but built successfully in the past)

wine_5.0.3-1 failed to build from source on all architectures. Was the
upload perhaps tested with an older toolchain than the one currently
in unstable?

> In function ‘_ILCreateCPanelApplet’,
> inlined from ‘SHELL_RegisterCPanelApp’ at cpanelfolder.c:323:20:
> cpanelfolder.c:262:5: error: ‘strcpy’ offset 12 from the object at ‘pidl’ is 
> out of the bounds of referenced subobject ‘szName’ with type ‘CHAR[1]’ {aka 
> ‘char[1]’} at offset 12 [-Werror=array-bounds]
>   262 | strcpy(p->szName, name);
>   | ^~~
> In file included from cpanelfolder.c:44:
> cpanelfolder.c: In function ‘SHELL_RegisterCPanelApp’:
> pidl.h:119:10: note: subobject ‘szName’ declared here
>   119 | CHAR szName[1];  /*10*/ /* terminated by 0x00, followed by 
> display name and comment string */
>   |  ^~
> In file included from cpanelfolder.c:34:
> In function ‘lstrcpyA’,
> inlined from ‘IShellExecuteHookA_fnExecute’ at cpanelfolder.c:1080:5:
> ../../include/winbase.h:2853:12: error: ‘strcpy’ offset 10 from the object at 
> ‘pdata’ is out of the bounds of referenced subobject ‘szName’ with type 
> ‘CHAR[1]’ {aka ‘char[1]’} at offset 10 [-Werror=array-bounds]
>  2853 | return strcpy( dst, src );
>   |^~
> In file included from cpanelfolder.c:44:
> cpanelfolder.c: In function ‘IShellExecuteHookA_fnExecute’:
> pidl.h:119:10: note: subobject ‘szName’ declared here
>   119 | CHAR szName[1];  /*10*/ /* terminated by 0x00, followed by 
> display name and comment string */
>   |  ^~

This appears to be a false positive caused by an array of length 1 being
used as though it was a C99 flexible array member.

The attached upstream patch seems to fix this, at least on amd64 (I haven't
tried i386 or arm*).

smcv
From: Alexandre Julliard 
Date: Thu, 26 Nov 2020 17:31:53 +0100
Subject: shell32: Silence buffer overflow compiler warnings.

Signed-off-by: Alexandre Julliard 
Origin: upstream, 6.0-rc1, commit:6624cabbb7cfe33c179a02238b4c9b91d3c3297e
---
 dlls/shell32/cpanelfolder.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/dlls/shell32/cpanelfolder.c b/dlls/shell32/cpanelfolder.c
index ea5e9e2..114eb6b 100644
--- a/dlls/shell32/cpanelfolder.c
+++ b/dlls/shell32/cpanelfolder.c
@@ -259,9 +259,9 @@ static LPITEMIDLIST _ILCreateCPanelApplet(LPCSTR name, LPCSTR displayName,
 memcpy(pidl->mkid.abID, , 2+size0);
 
 p = &((PIDLDATA*)pidl->mkid.abID)->u.cpanel;
-strcpy(p->szName, name);
-strcpy(p->szName+tmp.u.cpanel.offsDispName, displayName);
-strcpy(p->szName+tmp.u.cpanel.offsComment, comment);
+memcpy(p->szName, name, strlen(name) + 1);
+memcpy(p->szName+tmp.u.cpanel.offsDispName, displayName, strlen(displayName) + 1);
+memcpy(p->szName+tmp.u.cpanel.offsComment, comment, strlen(comment) + 1);
 
 *(WORD*)((char*)pidl+(size+2)) = 0;
 
@@ -1077,7 +1077,7 @@ static HRESULT WINAPI IShellExecuteHookA_fnExecute(IShellExecuteHookA *iface,
 	return E_INVALIDARG;
 
 path[0] = '\"';
-lstrcpyA(path+1, pcpanel->szName);
+memcpy(path+1, pcpanel->szName, strlen(pcpanel->szName) + 1);
 
 /* pass applet name to Control_RunDLL to distinguish between applets in one .cpl file */
 lstrcatA(path, "\" ");
--- End Message ---
--- Begin Message ---
Source: wine
Source-Version: 5.0.3-2
Done: Michael Gilbert 

We believe that the bug you reported is fixed in the latest version of
wine, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 980...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Gilbert  (supplier of updated wine package)

(This message was generated automatically at their request; if you
believe that there is a 

Processed: Bug#978353 marked as pending in serf

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #978353 [src:serf] serf: FTBFS: tests failed with OpenSSL 1.1.1i
Added tag(s) pending.

-- 
978353: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978353
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#978353: marked as pending in serf

[James McCoy]

Control: tag -1 pending

Hello,

Bug #978353 in serf reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/jamessan/serf/-/commit/17baa8f922362010416a91dadbcada79c2c2d447


Include upstream patch to fix OpenSSL 1.1.1i compat

Closes: #978353
Signed-off-by: James McCoy 


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/978353

Bug#978353: serf: FTBFS: test_ssl_handshake fails with OpenSSL 1.1.1i

[James McCoy]

On Fri, Jan 15, 2021 at 08:36:22AM -0500, Justin Erenkrantz wrote:
> Sadly, my Debian sid box ran into other issues and is currently inaccessible.
> 
> I *think* that this would address the 1.3.x test issues, but 1.3.x doesn't
> build on Mac OS for me for other reasons...so, let me know how it goes?  =)  
> --

Success!

Thanks,
-- 
James
GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7  2D23 DFE6 91AE 331B A3DB

Bug#980193: [Pkg-rust-maintainers] Bug#980193: rust-flate2: autopkgtest regression in testing: [librust-flate2-dev] build failed

[peter green]

This test has never passed, it failed back in December 2019, then was
neutral for some time, before returning to failure recently/

Unfortunately debci doesn't keep logs long-term, but I suspect that
the test was neutral due to unsatisfiable test dependencies.

The first error in the log is


[crossbeam-utils 0.7.2] error[E0412]: cannot find type `AtomicU128` in module 
`core::sync::atomic`
[crossbeam-utils 0.7.2] --> :1:38
[crossbeam-utils 0.7.2]  |
[crossbeam-utils 0.7.2] 1|   pub type Probe = 
core::sync::atomic::AtomicU128;
[crossbeam-utils 0.7.2]  |
^^ help: a struct with a similar name exists: `AtomicU16`
[crossbeam-utils 0.7.2] 
[crossbeam-utils 0.7.2] error: aborting due to previous error
[crossbeam-utils 0.7.2] 
[crossbeam-utils 0.7.2] For more information about this error, try `rustc --explain E0412`.


But after some googling I belive this is a false positive.

The real errors seem to start at.


error[E0433]: failed to resolve: use of undeclared crate or module `miniz_oxide`
 --> src/ffi/rust.rs:6:5
  |
6 | use miniz_oxide::deflate::core::CompressorOxide;
  | ^^^ use of undeclared crate or module `miniz_oxide`


I suspect this is a case of a crate that is simply not buildable
in a plain no-default-features configuration.

Bug#980202: FTBFS: gscan2pdf tests fail

[Sergio Durigan Junior]

Source: gscan2pdf
Version: 2.10.2-1
Severity: serious
Justification: FTBFS on amd64
Tags: sid ftbfs

While trying to rebuild gscan2pdf on a clean amd64 schroot using sbuild,
I found this FTBFS:

--8<---cut here---start->8---
ok 27 - POD test for blib/script/gscan2pdf
ok

Test Summary Report
---
t/1122_save_pdf_with_hocr.t (Wstat: 512 Tests: 2 Failed: 2)
  Failed tests:  1-2
  Non-zero exit status: 2
t/113_save_pdf_with_downsample.t(Wstat: 512 Tests: 2 Failed: 2)
  Failed tests:  1-2
  Non-zero exit status: 2
t/134_save_tiff_alpha.t (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=242, Tests=1168, 276 wallclock secs ( 0.48 usr  0.18 sys + 108.21 cusr 
19.84 csys = 128.71 CPU)
Result: FAIL
Failed 3/242 test programs. 5/1168 subtests failed.
make[2]: *** [Makefile:912: test_dynamic] Error 255
make[2]: Leaving directory '/<>'
dh_auto_test: error: make -j32 test TEST_VERBOSE=1 returned exit code 2
make[1]: *** [debian/rules:9: override_dh_auto_test] Error 25
make[1]: Leaving directory '/<>'
make: *** [debian/rules:3: binary] Error 2
dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2

Build finished at 2021-01-16T00:02:23Z

Finished



+--+
| Cleanup  |
+--+

Purging /<>
Not cleaning session: cloned chroot in use
E: Build failure (dpkg-buildpackage died)
--8<---cut here---end--->8---

I tried running the build twice, and both attempts failed with the same
reason.

Thanks,

-- 
Sergio
GPG key ID: 237A 54B1 0287 28BF 00EF  31F4 D0EB 7628 65FC 5E36
Please send encrypted e-mail if possible
https://sergiodj.net/


signature.asc
Description: PGP signature

Bug#980194: [Pkg-privacy-maintainers] Bug#980194: mat2: autopkgtest regression in testing: AssertionError: ValueError not raised

[Georg Faerber]

Hi Paul,

Thanks for telling!

On 21-01-15 22:09:18, Paul Gevers wrote:
> With a very recent change in testing the autopkgtest of your package
> started to fail. I copied some of the output at the bottom of this
> report. Can you please investigate the situation and fix it?

I'm wondering if this is related to the recent upload of media-types
[1].

This test [2], which installed media-types 1.0.1, was successful,
whereas the test [3], which installed media-types 1.1.0, wasn't.

Cheers,
Georg


[1] 
https://tracker.debian.org/news/1208854/accepted-media-types-110-source-into-unstable/
[2] https://ci.debian.net/data/autopkgtest/testing/amd64/m/mat2/9452897/log.gz
[3] https://ci.debian.net/data/autopkgtest/testing/amd64/m/mat2/9663226/log.gz

Bug#980195: marked as done (ts-node: autopkgtest regression in testing: Cannot find name 'process')

[Debian Bug Tracking System]

Your message dated Fri, 15 Jan 2021 22:03:43 +
with message-id 
and subject line Bug#980195: fixed in pkg-js-tools 0.9.63
has caused the Debian Bug report #980195,
regarding ts-node: autopkgtest regression in testing: Cannot find name 'process'
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
980195: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980195
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ts-node
Version: 9.1.1-4
X-Debbugs-CC: debian...@lists.debian.org
Severity: serious
User: debian...@lists.debian.org
Usertags: regression

Dear maintainer(s),

With a very recent change in testing the autopkgtest of your package
started to fail. I copied some of the output at the bottom of this
report. Can you please investigate the situation and fix it?

More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

https://ci.debian.net/data/autopkgtest/testing/amd64/t/ts-node/9718737/log.gz

  39 passing (1m)
  8 failing

  1) ts-node
   cli
 should provide registered information globally:
 Uncaught expected [Error: Command failed:
"/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/tests/node_modules/.bin/ts-node"
--project
"/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/tests/tsconfig.json"
tests/env

/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:513
return new TSError(diagnosticText, diagnosticCodes)
   ^
TSError: ⨯ Unable to compile TypeScript:
tests/env.ts(1,20): error TS2580: Cannot find name 'process'. Do you
need to install type definitions for node? Try `npm i --save-dev
@types/node`.

at createTSError
(/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:513:12)
at reportTSError
(/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:517:19)
at getOutput
(/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:752:36)
at Object.compile
(/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:968:32)
at Module.m._compile
(/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:1056:42)
at Module._extensions..js (internal/modules/cjs/loader.js:1035:10)
at Object.require.extensions. [as .ts]
(/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:1059:12)
at Module.load (internal/modules/cjs/loader.js:879:32)
at Function.Module._load (internal/modules/cjs/loader.js:724:14)
at Function.executeUserEntryPoint [as runMain]
(internal/modules/run_main.js:60:12)
] to equal null
  AssertionError: expected [Error: Command failed:
"/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/tests/node_modules/.bin/ts-node"
--project
"/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/tests/tsconfig.json"
tests/env


/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:513
  return new TSError(diagnosticText, diagnosticCodes)
 ^
  TSError: ⨯ Unable to compile TypeScript:
  tests/env.ts(1,20): error TS2580: Cannot find name 'process'. Do you
need to install type definitions for node? Try `npm i --save-dev
@types/node`.

  at createTSError (src/index.ts:513:12)
  at reportTSError (src/index.ts:517:19)
  at getOutput (src/index.ts:752:36)
  at Object.compile (src/index.ts:968:32)
  at Module.m._compile (src/index.ts:1056:42)
  at Module._extensions..js (internal/modules/cjs/loader.js:1035:10)
  at Object.require.extensions. [as .ts]
(src/index.ts:1059:12)
  at Module.load (internal/modules/cjs/loader.js:879:32)
  at Function.Module._load (internal/modules/cjs/loader.js:724:14)
  at Function.executeUserEntryPoint [as runMain]
(internal/modules/run_main.js:60:12)
  ] to equal null
  at
/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/dist/index.spec.js:123:39
  at ChildProcess.exithandler (child_process.js:315:5)
  at maybeClose (internal/child_process.js:1021:16)
  at Process.ChildProcess._handle.onexit
(internal/child_process.js:286:5)

  2) ts-node
   cli
 should provide registered information on register:
 Uncaught AssertionError: expected [Error: Command failed: node -r
ts-node/register env.ts

/usr/share/nodejs/ts-node/src/index.ts:513
return new TSError(diagnosticText, diagnosticCodes)
   ^
TSError: ⨯ Unable to compile TypeScript:
env.ts(1,20): 

Bug#980199: erlang: CVE-2020-35733

[Salvatore Bonaccorso]

Source: erlang
Version: 1:23.2.1+dfsg-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for erlang.

CVE-2020-35733[0]:
| An issue was discovered in Erlang/OTP before 23.2.2. The ssl
| application 10.2 accepts and trusts an invalid X.509 certificate chain
| to a trusted root Certification Authority.

It is specific to OTP-23.2, see the security-tracker information.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-35733
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35733
[1] https://erlang.org/pipermail/erlang-questions/2021-January/100357.html

Regards,
Salvatore

Bug#953289: ABI change in libsoxr 0.1.3

[Paul Gevers]

Hi all,

On Sat, 7 Mar 2020 09:57:02 +0100 Max Kellermann  wrote:
> Package: libsoxr0
> Version: 0.1.3-2
> 
> In version 0.1.3, libsoxr has made an undocumented ABI change which
> causes MPD (Music Player Daemon) to crash:
> 
>  https://github.com/MusicPlayerDaemon/MPD/issues/773
> 
> The commit which changed the ABI was:
>  
> https://sourceforge.net/p/soxr/code/ci/52888cd410ae356bf3aa26d8fa106754b8fd8990

Any progress here? The transition freeze already started. How do you
propose we solve this issue?

Paul



OpenPGP_signature
Description: OpenPGP digital signature

Processed: Bug#980195 marked as pending in pkg-js-tools

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #980195 [pkg-js-autopkgtest] ts-node: autopkgtest regression in testing: 
Cannot find name 'process'
Added tag(s) pending.

-- 
980195: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980195
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#980195: marked as pending in pkg-js-tools

[Xavier Guimard]

Control: tag -1 pending

Hello,

Bug #980195 in pkg-js-tools reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/js-team/pkg-js-tools/-/commit/d2739c95b6b1439c997dc3f657ff11c87ca21acd


autopkgtest: fix regexp that parse debian/nodejs/ext*

Closes: #980195


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/980195

Processed: Re: ts-node: autopkgtest regression in testing: Cannot find name 'process'

[Debian Bug Tracking System]

Processing control commands:

> reassign -1 pkg-js-autopkgtest
Bug #980195 [src:ts-node] ts-node: autopkgtest regression in testing: Cannot 
find name 'process'
Bug reassigned from package 'src:ts-node' to 'pkg-js-autopkgtest'.
No longer marked as found in versions ts-node/9.1.1-4.
Ignoring request to alter fixed versions of bug #980195 to the same values 
previously set
> affects -1 ts-node
Bug #980195 [pkg-js-autopkgtest] ts-node: autopkgtest regression in testing: 
Cannot find name 'process'
Added indication that 980195 affects ts-node

-- 
980195: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980195
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#980195: ts-node: autopkgtest regression in testing: Cannot find name 'process'

[Xavier]

Control: reassign -1 pkg-js-autopkgtest
Control: affects -1 ts-node

Le 15/01/2021 à 22:14, Paul Gevers a écrit :
> Source: ts-node
> Version: 9.1.1-4
> X-Debbugs-CC: debian...@lists.debian.org
> Severity: serious
> User: debian...@lists.debian.org
> Usertags: regression
> 
> Dear maintainer(s),
> 
> With a very recent change in testing the autopkgtest of your package
> started to fail. I copied some of the output at the bottom of this
> report. Can you please investigate the situation and fix it?
> 
> More information about this bug and the reason for filing it can be found on
> https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation
> 
> Paul

This is due to a Perl change:

Now:
  $ cat debian/nodejs/extcopies|perl -pe 's/\s+.*$//'
  axiossemver@types/node@types/react

Before:
  $ cat debian/nodejs/extcopies|perl -pe 's/\s+.*$//'
  axios
  semver
  @types/node
  @types/react

I'm going to fix pkg-js-autopkgtest

Bug#971754: ABI breakage from 1.4.1 to 1.4.2

[Sebastian Dröge]

On Fri, 2021-01-15 at 22:37 +0100, Paul Gevers wrote:
> Hi Sebastian,
> 
> On Thu, 14 Jan 2021 11:39:24 +0200 Sebastian =?ISO-8859-1?Q?Dr=F6ge?=
>  wrote:
> > Upstream fixed this now by making the soversion 1.4 and from now on
> > guaranteeing that patch versions (1.4.0 -> 1.4.X) do not break ABI.
> > 
> > It would make sense to backport that fix and then rename the
> > library package accordingly to libsrt1.4.
> > 
> > For gst-plugins-bad1.0 only a binNMU would be needed once this is
> > all
> > sorted out here.
> 
> Can you do this please? srt is orphaned, your package depend on it,
> could you please help us get us out of this situation? (if this
> happens soon, we'll accept the transition to fix this).

I'll try to have some time for that this weekend.


signature.asc
Description: This is a digitally signed message part

Bug#971754: ABI breakage from 1.4.1 to 1.4.2

[Paul Gevers]

Hi Sebastian,

On Thu, 14 Jan 2021 11:39:24 +0200 Sebastian =?ISO-8859-1?Q?Dr=F6ge?=
 wrote:
> Upstream fixed this now by making the soversion 1.4 and from now on
> guaranteeing that patch versions (1.4.0 -> 1.4.X) do not break ABI.
> 
> It would make sense to backport that fix and then rename the library
> package accordingly to libsrt1.4.
> 
> For gst-plugins-bad1.0 only a binNMU would be needed once this is all
> sorted out here.

Can you do this please? srt is orphaned, your package depend on it,
could you please help us get us out of this situation? (if this happens
soon, we'll accept the transition to fix this).

Paul



OpenPGP_signature
Description: OpenPGP digital signature

Bug#980195: ts-node: autopkgtest regression in testing: Cannot find name 'process'

[Paul Gevers]

Source: ts-node
Version: 9.1.1-4
X-Debbugs-CC: debian...@lists.debian.org
Severity: serious
User: debian...@lists.debian.org
Usertags: regression

Dear maintainer(s),

With a very recent change in testing the autopkgtest of your package
started to fail. I copied some of the output at the bottom of this
report. Can you please investigate the situation and fix it?

More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

https://ci.debian.net/data/autopkgtest/testing/amd64/t/ts-node/9718737/log.gz

  39 passing (1m)
  8 failing

  1) ts-node
   cli
 should provide registered information globally:
 Uncaught expected [Error: Command failed:
"/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/tests/node_modules/.bin/ts-node"
--project
"/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/tests/tsconfig.json"
tests/env

/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:513
return new TSError(diagnosticText, diagnosticCodes)
   ^
TSError: ⨯ Unable to compile TypeScript:
tests/env.ts(1,20): error TS2580: Cannot find name 'process'. Do you
need to install type definitions for node? Try `npm i --save-dev
@types/node`.

at createTSError
(/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:513:12)
at reportTSError
(/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:517:19)
at getOutput
(/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:752:36)
at Object.compile
(/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:968:32)
at Module.m._compile
(/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:1056:42)
at Module._extensions..js (internal/modules/cjs/loader.js:1035:10)
at Object.require.extensions. [as .ts]
(/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:1059:12)
at Module.load (internal/modules/cjs/loader.js:879:32)
at Function.Module._load (internal/modules/cjs/loader.js:724:14)
at Function.executeUserEntryPoint [as runMain]
(internal/modules/run_main.js:60:12)
] to equal null
  AssertionError: expected [Error: Command failed:
"/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/tests/node_modules/.bin/ts-node"
--project
"/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/tests/tsconfig.json"
tests/env


/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/src/index.ts:513
  return new TSError(diagnosticText, diagnosticCodes)
 ^
  TSError: ⨯ Unable to compile TypeScript:
  tests/env.ts(1,20): error TS2580: Cannot find name 'process'. Do you
need to install type definitions for node? Try `npm i --save-dev
@types/node`.

  at createTSError (src/index.ts:513:12)
  at reportTSError (src/index.ts:517:19)
  at getOutput (src/index.ts:752:36)
  at Object.compile (src/index.ts:968:32)
  at Module.m._compile (src/index.ts:1056:42)
  at Module._extensions..js (internal/modules/cjs/loader.js:1035:10)
  at Object.require.extensions. [as .ts]
(src/index.ts:1059:12)
  at Module.load (internal/modules/cjs/loader.js:879:32)
  at Function.Module._load (internal/modules/cjs/loader.js:724:14)
  at Function.executeUserEntryPoint [as runMain]
(internal/modules/run_main.js:60:12)
  ] to equal null
  at
/tmp/autopkgtest-lxc.cgibtj7d/downtmp/autopkgtest_tmp/smokeed1RaQ/dist/index.spec.js:123:39
  at ChildProcess.exithandler (child_process.js:315:5)
  at maybeClose (internal/child_process.js:1021:16)
  at Process.ChildProcess._handle.onexit
(internal/child_process.js:286:5)

  2) ts-node
   cli
 should provide registered information on register:
 Uncaught AssertionError: expected [Error: Command failed: node -r
ts-node/register env.ts

/usr/share/nodejs/ts-node/src/index.ts:513
return new TSError(diagnosticText, diagnosticCodes)
   ^
TSError: ⨯ Unable to compile TypeScript:
env.ts(1,20): error TS2580: Cannot find name 'process'. Do you need to
install type definitions for node? Try `npm i --save-dev @types/node`.

at createTSError (/usr/share/nodejs/ts-node/src/index.ts:513:12)
at reportTSError (/usr/share/nodejs/ts-node/src/index.ts:517:19)
at getOutput (/usr/share/nodejs/ts-node/src/index.ts:752:36)
at Object.compile (/usr/share/nodejs/ts-node/src/index.ts:968:32)
at Module.m._compile (/usr/share/nodejs/ts-node/src/index.ts:1056:42)
at Module._extensions..js (internal/modules/cjs/loader.js:1035:10)
at Object.require.extensions. [as .ts]
(/usr/share/nodejs/ts-node/src/index.ts:1059:12)
at Module.load (internal/modules/cjs/loader.js:879:32)
at Function.Module._load (internal/modules/cjs/loader.js:724:14)
at Function.executeUserEntryPoint [as runMain]

Bug#980194: mat2: autopkgtest regression in testing: AssertionError: ValueError not raised

[Paul Gevers]

Source: mat2
Version: 0.12.0-1
X-Debbugs-CC: debian...@lists.debian.org
Severity: serious
User: debian...@lists.debian.org
Usertags: regression

Dear maintainer(s),

With a very recent change in testing the autopkgtest of your package
started to fail. I copied some of the output at the bottom of this
report. Can you please investigate the situation and fix it?

More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

https://ci.debian.net/data/autopkgtest/testing/amd64/m/mat2/9718736/log.gz

=== FAILURES
===
_ TestGetMeta.test_png
_

self = 

def test_png(self):
proc = subprocess.Popen(mat2_binary + ['--show',
'./tests/data/dirty.png'],
stdout=subprocess.PIPE)
stdout, _ = proc.communicate()
>   self.assertIn(b'Comment: This is a comment, be careful!', stdout)
E   AssertionError: b'Comment: This is a comment, be careful!' not
found in b"[-] ./tests/data/dirty.png's format (image/vnd.mozilla.apng)
is not supported\n"

tests/test_climat2.py:192: AssertionError
___ TestCorruptedEmbedded.test_docx


self = 

def test_docx(self):
shutil.copy('./tests/data/embedded_corrupted.docx',
'./tests/data/clean.docx')
parser, _ = parser_factory.get_parser('./tests/data/clean.docx')
with self.assertRaises(ValueError):
>   parser.remove_all()
E   AssertionError: ValueError not raised

tests/test_corrupted_files.py:69: AssertionError
_ TestCorruptedFiles.test_png2
_

self = 

def test_png2(self):
shutil.copy('./tests/test_libmat2.py', './tests/clean.png')
with self.assertRaises(ValueError):
>   parser_factory.get_parser('./tests/clean.png')
E   AssertionError: ValueError not raised

tests/test_corrupted_files.py:126: AssertionError
_ TestCorruptedFiles.test_tar
__

self = 

def test_tar(self):
with tarfile.TarFile.open('./tests/data/clean.tar', 'w') as zout:
zout.add('./tests/data/dirty.flac')
zout.add('./tests/data/dirty.docx')
zout.add('./tests/data/dirty.jpg')
zout.add('./tests/data/embedded_corrupted.docx')
tarinfo = tarfile.TarInfo(name='./tests/data/dirty.png')
tarinfo.mtime = time.time()
tarinfo.uid = 1337
tarinfo.gid = 1338
tarinfo.size = os.stat('./tests/data/dirty.png').st_size
with open('./tests/data/dirty.png', 'rb') as f:
zout.addfile(tarinfo, f)
p, mimetype = parser_factory.get_parser('./tests/data/clean.tar')
self.assertEqual(mimetype, 'application/x-tar')
with self.assertRaises(ValueError):
>   p.get_meta()
E   AssertionError: ValueError not raised

tests/test_corrupted_files.py:321: AssertionError
_ TestCorruptedFiles.test_zip
__

self = 

def test_zip(self):
with zipfile.ZipFile('./tests/data/clean.zip', 'w') as zout:
zout.write('./tests/data/dirty.flac')
zout.write('./tests/data/dirty.docx')
zout.write('./tests/data/dirty.jpg')
zout.write('./tests/data/embedded_corrupted.docx')
p, mimetype = parser_factory.get_parser('./tests/data/clean.zip')
self.assertEqual(mimetype, 'application/zip')
with self.assertRaises(ValueError):
>   p.get_meta()
E   AssertionError: ValueError not raised

tests/test_corrupted_files.py:243: AssertionError
 TestReadOnlyArchiveMembers.test_onlymember_tar


self = 

def test_onlymember_tar(self):
with tarfile.open('./tests/data/clean.tar', 'w') as zout:
zout.add('./tests/data/dirty.png')
tarinfo = tarfile.TarInfo('./tests/data/dirty.jpg')
tarinfo.mtime = time.time()
tarinfo.uid = 1337
tarinfo.gid = 0
tarinfo.mode = 0o000
tarinfo.size = os.stat('./tests/data/dirty.jpg').st_size
with open('./tests/data/dirty.jpg', 'rb') as f:
zout.addfile(tarinfo=tarinfo, fileobj=f)
p, mimetype = parser_factory.get_parser('./tests/data/clean.tar')
self.assertEqual(mimetype, 'application/x-tar')
meta = p.get_meta()
self.assertEqual(meta['./tests/data/dirty.jpg']['uid'], '1337')
>   self.assertTrue(p.remove_all())
E   AssertionError: False is not true

tests/test_corrupted_files.py:347: AssertionError
___ TestZipMetadata.test_libreoffice
___

self = 

def test_libreoffice(self):
shutil.copy('./tests/data/dirty.odt', './tests/data/clean.odt')
p = 

Bug#980193: rust-flate2: autopkgtest regression in testing: [librust-flate2-dev] build failed

[Paul Gevers]

Source: rust-flate2
Version: 1.0.13-2
X-Debbugs-CC: debian...@lists.debian.org
Severity: serious
User: debian...@lists.debian.org
Usertags: regression

Dear maintainer(s),

With a recent in testing the autopkgtest of your package started to
fail. I copied some of the output at the bottom of this report. Can you
please investigate the situation and fix it?

More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

https://ci.debian.net/data/autopkgtest/testing/amd64/r/rust-flate2/9658111/log.gz


   Compiling crossbeam-queue v0.2.1
 Running `CARGO=/usr/bin/cargo CARGO_CRATE_NAME=crossbeam_queue
CARGO_MANIFEST_DIR=/tmp/tmp.5okCKKABz7/registry/crossbeam-queue-0.2.1
CARGO_PKG_AUTHORS='The Crossbeam Project Developers'
CARGO_PKG_DESCRIPTION='Concurrent queues'
CARGO_PKG_HOMEPAGE='https://github.com/crossbeam-rs/crossbeam/tree/master/crossbeam-utils'
CARGO_PKG_LICENSE='MIT/Apache-2.0 AND BSD-2-Clause'
CARGO_PKG_LICENSE_FILE='' CARGO_PKG_NAME=crossbeam-queue
CARGO_PKG_REPOSITORY='https://github.com/crossbeam-rs/crossbeam'
CARGO_PKG_VERSION=0.2.1 CARGO_PKG_VERSION_MAJOR=0
CARGO_PKG_VERSION_MINOR=2 CARGO_PKG_VERSION_PATCH=1
CARGO_PKG_VERSION_PRE=''
LD_LIBRARY_PATH='/tmp/tmp.5okCKKABz7/target/debug/deps:/usr/lib' rustc
--crate-name crossbeam_queue
/tmp/tmp.5okCKKABz7/registry/crossbeam-queue-0.2.1/src/lib.rs
--error-format=json --json=diagnostic-rendered-ansi,artifacts
--crate-type lib --emit=dep-info,metadata,link -Cembed-bitcode=no -C
debuginfo=2 --cfg 'feature="default"' --cfg 'feature="std"' -C
metadata=36555ddb05f00958 -C extra-filename=-36555ddb05f00958 --out-dir
/tmp/tmp.5okCKKABz7/target/x86_64-unknown-linux-gnu/debug/deps --target
x86_64-unknown-linux-gnu -L
dependency=/tmp/tmp.5okCKKABz7/target/x86_64-unknown-linux-gnu/debug/deps -L
dependency=/tmp/tmp.5okCKKABz7/target/debug/deps --extern
cfg_if=/tmp/tmp.5okCKKABz7/target/x86_64-unknown-linux-gnu/debug/deps/libcfg_if-87dc31f0cbfaa003.rmeta
--extern
crossbeam_utils=/tmp/tmp.5okCKKABz7/target/x86_64-unknown-linux-gnu/debug/deps/libcrossbeam_utils-e6652b26c70c443c.rmeta
--cap-lints warn -C debuginfo=2 --cap-lints warn -C
linker=x86_64-linux-gnu-gcc -C link-arg=-Wl,-z,relro --remap-path-prefix
/usr/share/cargo/registry/flate2-1.0.13=/usr/share/cargo/registry/flate2-1.0.13`
error: aborting due to 29 previous errors; 2 warnings emitted

Some errors have detailed explanations: E0412, E0425, E0432, E0433.
For more information about an error, try `rustc --explain E0412`.
error: could not compile `flate2`.

Caused by:
  process didn't exit successfully: `CARGO=/usr/bin/cargo
CARGO_CRATE_NAME=flate2
CARGO_MANIFEST_DIR=/usr/share/cargo/registry/flate2-1.0.13
CARGO_PKG_AUTHORS='Alex Crichton '
CARGO_PKG_DESCRIPTION='Bindings to miniz.c for DEFLATE compression and
decompression exposed as
  Reader/Writer streams. Contains bindings for zlib, deflate, and gzip-based
  streams.
  ' CARGO_PKG_HOMEPAGE='https://github.com/alexcrichton/flate2-rs'
CARGO_PKG_LICENSE=MIT/Apache-2.0 CARGO_PKG_LICENSE_FILE=''
CARGO_PKG_NAME=flate2
CARGO_PKG_REPOSITORY='https://github.com/alexcrichton/flate2-rs'
CARGO_PKG_VERSION=1.0.13 CARGO_PKG_VERSION_MAJOR=1
CARGO_PKG_VERSION_MINOR=0 CARGO_PKG_VERSION_PATCH=13
CARGO_PKG_VERSION_PRE=''
LD_LIBRARY_PATH='/tmp/tmp.5okCKKABz7/target/debug/deps:/usr/lib' rustc
--crate-name flate2 --edition=2018 src/lib.rs --error-format=json
--json=diagnostic-rendered-ansi --crate-type lib
--emit=dep-info,metadata,link -Cembed-bitcode=no -C debuginfo=2 -C
metadata=75ebde93a25b92f7 -C extra-filename=-75ebde93a25b92f7 --out-dir
/tmp/tmp.5okCKKABz7/target/x86_64-unknown-linux-gnu/debug/deps --target
x86_64-unknown-linux-gnu -C
incremental=/tmp/tmp.5okCKKABz7/target/x86_64-unknown-linux-gnu/debug/incremental
-L
dependency=/tmp/tmp.5okCKKABz7/target/x86_64-unknown-linux-gnu/debug/deps -L
dependency=/tmp/tmp.5okCKKABz7/target/debug/deps --extern
cfg_if=/tmp/tmp.5okCKKABz7/target/x86_64-unknown-linux-gnu/debug/deps/libcfg_if-87dc31f0cbfaa003.rmeta
--extern
crc32fast=/tmp/tmp.5okCKKABz7/target/x86_64-unknown-linux-gnu/debug/deps/libcrc32fast-57af730d59c7a53c.rmeta
--extern
libc=/tmp/tmp.5okCKKABz7/target/x86_64-unknown-linux-gnu/debug/deps/liblibc-fcc534cc5513956a.rmeta
-C debuginfo=2 --cap-lints warn -C linker=x86_64-linux-gnu-gcc -C
link-arg=-Wl,-z,relro --remap-path-prefix
/usr/share/cargo/registry/flate2-1.0.13=/usr/share/cargo/registry/flate2-1.0.13`
(exit code: 1)
warning: build failed, waiting for other jobs to finish...
error: build failed
autopkgtest [18:00:00]: test librust-flate2-dev: ---]



OpenPGP_signature
Description: OpenPGP digital signature

Bug#972297: marked as done (scram: FTBFS with DEB_BUILD_OPTIONS=reproducible=+fixfilepath)

[Debian Bug Tracking System]

Your message dated Fri, 15 Jan 2021 20:53:29 +
with message-id 
and subject line Bug#972297: fixed in scram 0.16.2-3
has caused the Debian Bug report #972297,
regarding scram: FTBFS with DEB_BUILD_OPTIONS=reproducible=+fixfilepath
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
972297: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972297
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: scram
Severity: normal
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: fixfilepath ftbfs
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

When the reproducible=+fixfilepath feature is enabled (either through
DEB_BUILD_OPTIONS, or using a dpkg that enables this by default),
scram fails to build from source:

  
http://qa-logs.debian.net/2020/09/26.fixfilepath/scram_0.16.2-1_unstable_fixfilepath.log

While the "fixfilepath" feature is not currently enabled by
dpkg-buildflags by default, it may become the default at some point in
the future, and can by triggered manually by setting
DEB_BUILD_OPTIONS=reproducible=+fixfilepath in the build environment. It
is also used in the tests.reproducible-builds.org infrastructure when
testing unstable and experimental.

More information about this issue is available at:

  
https://tests.reproducible-builds.org/debian/issues/unstable/ftbfs_due_to_f-file-prefix-map_issue.html

I have not identified the exact cause of this issue, but a common
trigger is test suites expecting __FILE__ to resolve to an absolute
path.

The attached patch works around this issue by disabling the fixfilepath
feature in debian/rules using DEB_BUILD_MAINT_OPTIONS=-fixfilepath.

Thanks for maintaining scram!

live well,
  vagrant

From b36a07c9a62491c4ebef648318e5f919c04017b7 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian 
Date: Thu, 15 Oct 2020 23:31:33 +
Subject: [PATCH] debian/rules: Disable fixfilepath feature, as it triggers
 build failures when enabled.

https://tests.reproducible-builds.org/debian/issues/unstable/ftbfs_due_to_f-file-prefix-map_issue.html
---
 debian/rules | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/debian/rules b/debian/rules
index 0ae598f..b1fe31b 100755
--- a/debian/rules
+++ b/debian/rules
@@ -4,7 +4,8 @@
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
-export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+# Disable fixfilepath as it triggers a build failure.
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all reproducible=-fixfilepath
 export DEB_LDFLAGS_MAINT_PREPEND = -Wl,-z,defs -Wl,--as-needed
 export QT_SELECT=qt5
 
-- 
2.28.0



signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: scram
Source-Version: 0.16.2-3
Done: Nilesh Patra 

We believe that the bug you reported is fixed in the latest version of
scram, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 972...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nilesh Patra  (supplier of updated scram package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 15 Jan 2021 22:07:59 +0530
Source: scram
Architecture: source
Version: 0.16.2-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Nilesh Patra 
Closes: 972297
Changes:
 scram (0.16.2-3) unstable; urgency=medium
 .
   * Team Upload.
   * Fix FTBFS with DEB_BUILD_OPTIONS=reproducible=+fixfilepath
 - Thank you, Vagrant Cascadian (Closes: #972297)
   * Fix HOME to Enable building on sbuild
   * Bump debhelper-compat version to 13
   * Add "Rules-Requires-Root:no"
Checksums-Sha1:
 2d2cef0e4edcc2088f60b0c79fe799c3456edb9c 2187 scram_0.16.2-3.dsc
 834c63260769e9095b82d42e6f3990bf0a61fc63 5492 scram_0.16.2-3.debian.tar.xz
 52fa1894e107441bd4289d5832270285aa617adb 17952 scram_0.16.2-3_amd64.buildinfo
Checksums-Sha256:
 59ddd5cf0767b22fe58974874fd74b0ac6ab16d929ccb737cd5cc1c1600adcdf 2187 
scram_0.16.2-3.dsc
 4da9ccdcea9d16c6745fb8beea8361b3e9646cd34d8e72988ca9bc4a6a92aeb1 5492 
scram_0.16.2-3.debian.tar.xz
 50fd0ad42c71af2710accfd384794342cb5a922ae9bebb1182f42fa9ac17d182 17952 
scram_0.16.2-3_amd64.buildinfo

Bug#980192: ruby-2.7: autopkgtest regression in testing: Errno::ENAMETOOLONG: File name too long

[Paul Gevers]

Source: ruby-2.7
Version: 2.7.2-3
X-Debbugs-CC: debian...@lists.debian.org
Severity: serious
User: debian...@lists.debian.org
Usertags: regression

Dear maintainer(s),

With a recent (december 2020) in testing the autopkgtest of your package
started to fail. I copied some of the output at the bottom of this
report. Can you please investigate the situation and fix it?

More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

https://ci.debian.net/data/autopkgtest/testing/amd64/r/ruby2.7/9537123/log.gz


264) Error:
TestTempfile#test_open_traversal_dir:
Errno::ENAMETOOLONG: File name too long @ rb_sysopen -
/tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/..tmpautopkgtest-lxc.r54r7gkwdowntmpautopkgtest_tmptmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmpd20210109-4115-ihpyim20210109-4115-1l9j1dpfoo
/usr/lib/ruby/2.7.0/tempfile.rb:129:in `initialize'
/usr/lib/ruby/2.7.0/tempfile.rb:129:in `open'
/usr/lib/ruby/2.7.0/tempfile.rb:129:in `block in initialize'
/usr/lib/ruby/2.7.0/tmpdir.rb:129:in `create'
/usr/lib/ruby/2.7.0/tempfile.rb:127:in `initialize'
/usr/lib/ruby/2.7.0/tempfile.rb:287:in `new'
/usr/lib/ruby/2.7.0/tempfile.rb:287:in `open'

/tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tempfile.rb:368:in
`block in test_open_traversal_dir'

/tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tempfile.rb:401:in
`block in assert_mktmpdir_traversal'
/usr/lib/ruby/2.7.0/tmpdir.rb:89:in `mktmpdir'

/tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tempfile.rb:397:in
`assert_mktmpdir_traversal'

/tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tempfile.rb:367:in
`test_open_traversal_dir'

265) Error:
TestTmpdir#test_mktmpdir_traversal:
Errno::ENAMETOOLONG: File name too long @ dir_s_mkdir -
/tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/test_rubygems_4115/tmp/..tmpautopkgtest-lxc.r54r7gkwdowntmpautopkgtest_tmptmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmptest_rubygems_4115tmpd20210109-4115-c6vju4foo20210109-4115-o3w6ci
/usr/lib/ruby/2.7.0/tmpdir.rb:85:in `mkdir'
/usr/lib/ruby/2.7.0/tmpdir.rb:85:in `block in mktmpdir'
/usr/lib/ruby/2.7.0/tmpdir.rb:129:in `create'
/usr/lib/ruby/2.7.0/tmpdir.rb:83:in `mktmpdir'

/tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tmpdir.rb:68:in
`block in test_mktmpdir_traversal'

/tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tmpdir.rb:87:in
`block in assert_mktmpdir_traversal'
/usr/lib/ruby/2.7.0/tmpdir.rb:89:in `mktmpdir'

/tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tmpdir.rb:83:in
`assert_mktmpdir_traversal'

/tmp/autopkgtest-lxc.r54r7gkw/downtmp/autopkgtest_tmp/test/test_tmpdir.rb:67:in
`test_mktmpdir_traversal'

266) Error:
TestTmpdir#test_mktmpdir_traversal_array:
Errno::ENAMETOOLONG: File name too long @ dir_s_mkdir -

Bug#980132: openvswitch: CVE-2020-27827

[Salvatore Bonaccorso]

Hi Thomas,

On Fri, Jan 15, 2021 at 01:59:18PM +0100, Salvatore Bonaccorso wrote:
> Hi Thomas,
> 
> On Fri, Jan 15, 2021 at 09:29:47AM +0100, Thomas Goirand wrote:
> > On 1/14/21 10:38 PM, Salvatore Bonaccorso wrote:
> > > Source: openvswitch
> > > Version: 2.15.0~git20210104.def6eb1ea+dfsg1-3
> > > Severity: grave
> > > Tags: security upstream
> > > Justification: user security hole
> > > X-Debbugs-Cc: car...@debian.org, Debian Security Team 
> > > 
> > > Control: found -1 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12+deb10u2
> > > Control: found -1 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12
> > > 
> > > Hi,
> > > 
> > > The following vulnerability was published for openvswitch.
> > > 
> > > CVE-2020-27827[0]:
> > > | lldp: avoid memory leak from bad packets
> > > 
> > > If you fix the vulnerability please also make sure to include the
> > > CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> > > 
> > > For further information see:
> > > 
> > > [0] https://security-tracker.debian.org/tracker/CVE-2020-27827
> > > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27827
> > > [1] 
> > > https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000269.html
> > > [2] 
> > > https://github.com/openvswitch/ovs/commit/78e712c0b1dacc2f12d2a03d98f083d8672867f0
> > > 
> > > Regards,
> > > Salvatore
> > 
> > Hi Salvatore,
> > 
> > Thanks for the bug report.
> > 
> > Please find, attached, the debdiff to fix the CVE in Buster. Note that
> > Unstable/Sid has already been patched.
> > 
> > Please allow me to upload this to buster-security.
> 
> Thanks, this is probably fine for a DSA.
> 
> *but* please respin the package and include the fix for CVE-2015-8011
> as well, this is fixed in unstable already.
> 
> For details and upstream commit see:
> https://security-tracker.debian.org/tracker/CVE-2015-8011
> 
> (while at it, please set urgency=high for consistency).
> 
> Can you repost a debdiff with the CVE-2015-8011 fix as well?
> 
> Can you test the package in production?

Actually about the DSA need of both issue I would like to clarify
first one aspect:

https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000268.html

We have found that Open vSwitch is subject to a remote code execution
exploit when LLDP processing is enabled on an interface.  By default,
interfaces are not configured to process LLDP messages.

(which probably reduces to denial of service with source
fortification)

https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000269.html

We have found that Open vSwitch is subject to a denial of service
exploit when LLDP processing is enabled on an interface.  By default,
interfaces are not configured to process LLDP messages.

What is your take here on the use of the LLDP processing beeing
enabled?

Regards,
Salvatore

Bug#980189: flask-security: CVE-2021-21241

[Salvatore Bonaccorso]

On Fri, Jan 15, 2021 at 08:59:31PM +0100, Salvatore Bonaccorso wrote:
[...]
> Admitelly the CVE description currently on MITRE is quite confusing
> reffering to Flask-Security-Too package. But the other references
> pointed out and reviewing the changes seem to apply to the original
> project as well (I might miss something here).

I can answer this part myself "Flask-Security-Too" is the "upstream".

flask-security (3.4.2-1) unstable; urgency=medium
[...]
  * Switch upstream to Flask-Security-Too.
[...]

Regards,
Salvatore

Bug#947681: marked as done (libspring-java: build-depends on no longer available libjasperreports-java)

[Debian Bug Tracking System]

Your message dated Fri, 15 Jan 2021 20:59:07 +0100
with message-id <05f7ba55-1607-70e8-fd34-261f5f769...@debian.org>
and subject line Re: libspring-java: build-depends on no longer available 
libjasperreports-java
has caused the Debian Bug report #947681,
regarding libspring-java: build-depends on no longer available 
libjasperreports-java
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
947681: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947681
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libspring-java
Version: 4.3.23~git20190308-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source

Hi,

libspring-java/experimental build-depends on the removed package
libjasperreports-java.


Andreas
--- End Message ---
--- Begin Message ---
Hi Andreas,

On Sun, 29 Dec 2019 03:05:52 +0100 Andreas Beckmann  wrote:
> Source: libspring-java
> Version: 4.3.23~git20190308-1
> Severity: serious
> Tags: ftbfs
> Justification: fails to build from source
> 
> Hi,
> 
> libspring-java/experimental build-depends on the removed package
> libjasperreports-java.

There is no libspring-java in experimental anymore and the most recent
upload successfully built.

Paul



OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---

Bug#980189: flask-security: CVE-2021-21241

[Salvatore Bonaccorso]

Source: flask-security
Version: 3.4.2-2
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://github.com/Flask-Middleware/flask-security/issues/421
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for flask-security.

CVE-2021-21241[0]:
| The Python "Flask-Security-Too" package is used for adding security
| features to your Flask application. It is an is a independently
| maintained version of Flask-Security based on the 3.0.0 version of
| Flask-Security. In Flask-Security-Too from version 3.3.0 and before
| version 3.4.5, the /login and /change endpoints can return the
| authenticated user's authentication token in response to a GET
| request. Since GET requests aren't protected with a CSRF token, this
| could lead to a malicious 3rd party site acquiring the authentication
| token. Version 3.4.5 and version 4.0.0 are patched. As a workaround,
| if you aren't using authentication tokens - you can set the
| SECURITY_TOKEN_MAX_AGE to "0" (seconds) which should make the token
| unusable.

Admitelly the CVE description currently on MITRE is quite confusing
reffering to Flask-Security-Too package. But the other references
pointed out and reviewing the changes seem to apply to the original
project as well (I might miss something here).


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-21241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21241
[1] 
https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-hh7m-rx4f-4vpv
[2] https://github.com/Flask-Middleware/flask-security/pull/422
[3] 
https://github.com/Flask-Middleware/flask-security/commit/61d313150b5f620d0b800896c4f2199005e84b1f
[4] https://github.com/Flask-Middleware/flask-security/issues/421

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#967126: marked as done (discover-data: Unversioned Python removal in sid/bullseye)

[Debian Bug Tracking System]

Your message dated Fri, 15 Jan 2021 19:18:19 +
with message-id 
and subject line Bug#967126: fixed in discover-data 2.2013.01.11+nmu1
has caused the Debian Bug report #967126,
regarding discover-data: Unversioned Python removal in sid/bullseye
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
967126: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=967126
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:discover-data
Version: 2.2013.01.11
Severity: serious
Tags: sid bullseye
User: debian-pyt...@lists.debian.org
Usertags: py2unversioned

Python2 becomes end-of-live upstream, and Debian aims to remove
Python2 from the distribution, as discussed in
https://lists.debian.org/debian-python/2019/07/msg00080.html

We will keep some Python2 package as discussed in
https://lists.debian.org/debian-python/2020/07/msg00039.html
but removing the unversioned python packages python-minimal, python,
python-dev, python-dbg, python-doc.

Your package either build-depends, depends on one of those packages.
Please either convert these packages to Python3, or if that is not
possible, replaces the dependencies on the unversioned Python
packages with one of the python2 dependencies (python2, python2-dev,
python2-dbg, python2-doc).

Please check for dependencies, build dependencies AND autopkg tests.

If there are questions, please refer to the wiki page for the removal:
https://wiki.debian.org/Python/2Removal, or ask for help on IRC
#debian-python, or the debian-pyt...@lists.debian.org mailing list.
--- End Message ---
--- Begin Message ---
Source: discover-data
Source-Version: 2.2013.01.11+nmu1
Done: Holger Levsen 

We believe that the bug you reported is fixed in the latest version of
discover-data, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 967...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Holger Levsen  (supplier of updated discover-data package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 15 Jan 2021 20:05:45 +0100
Source: discover-data
Architecture: source
Version: 2.2013.01.11+nmu1
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team 
Changed-By: Holger Levsen 
Closes: 967126
Changes:
 discover-data (2.2013.01.11+nmu1) unstable; urgency=medium
 .
   [ Holger Levsen ]
   * Non maintainer upload by the Reproducible Builds team.
   * Source upload to rebuild on buildd with .buildinfo files.
   * Switch to python3. Closes:  #967126
   * Confirm using diffoscope that the janitor made changes below result in
 sensible changes in the binaries being built.
   * Drop Vcs- headers as they pointed to alioth/svn.
 .
   [ Debian Janitor ]
   * Add missing debian/rules targets build-indep, build-arch.
   * Bump debhelper from deprecated 8 to 12.
   * Set debhelper-compat version in Build-Depends.
   * Fix day-of-week for changelog entry 2.2007.03.22.
   * Trim trailing whitespace.
Checksums-Sha1:
 f9c0ef3a3100ba0af94b825a0c28cb05ad3d140c 1686 
discover-data_2.2013.01.11+nmu1.dsc
 559018319dcde81f4069063b027c4e5873828211 883468 
discover-data_2.2013.01.11+nmu1.tar.gz
 da643df3aa30d64985a1eeb54ac5393801f6e3f0 5520 
discover-data_2.2013.01.11+nmu1_source.buildinfo
Checksums-Sha256:
 c800680a052d7893d1e09b72214ca41c8f040d525f04244f51c0e9fee36dc1a8 1686 
discover-data_2.2013.01.11+nmu1.dsc
 3d18542961d52a732789ed30be1e27ae02091c2f563f12443c4b8bea9db4ad71 883468 
discover-data_2.2013.01.11+nmu1.tar.gz
 ce130c8d401bbc5c1729cfeaf200c2c54932e37b338cf914e04675f02d5b63e4 5520 
discover-data_2.2013.01.11+nmu1_source.buildinfo
Files:
 62bcebca33d3182884c069f37364d388 1686 libs optional 
discover-data_2.2013.01.11+nmu1.dsc
 c856324977e2ddd6e7900d8a576e8c46 883468 libs optional 
discover-data_2.2013.01.11+nmu1.tar.gz
 6ac14e8d2a2bace86ae5c2f768181b9a 5520 libs optional 
discover-data_2.2013.01.11+nmu1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEuL9UE3sJ01zwJv6dCRq4VgaaqhwFAmAB6DAACgkQCRq4Vgaa
qhw1qQ/+JXkLMfvXy22btbNiYJeAf8v9KaUQ9GnTbJ13uGxPVJ+HDZr5pmUc1XIV
OWs4OeyQqNpvOIFOsfiV3cz1xPCbSDvelJHsElGSTIowylkkzreeD2yuoELZ20CY

Bug#979984: breaks on check with "NameError: name 'get_binary_stdin' is not defined"

[Timo van Roermund]

This bug was fixed in version 1:1.0.0-6.

Cheers,

Timo

Bug#975365: marked as done (musl: CVE-2020-28928)

[Debian Bug Tracking System]

Your message dated Fri, 15 Jan 2021 18:34:31 +
with message-id 
and subject line Bug#975365: fixed in musl 1.2.2-1
has caused the Debian Bug report #975365,
regarding musl: CVE-2020-28928
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
975365: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975365
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: musl
Severity: grave
Tags: security

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi,

The following vulnerability was published for musl.

CVE-2020-28928[0]:
wcsnrtombs destination buffer overflow

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-28928
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928

Please adjust the affected versions in the BTS as needed.

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEIYZ1DR4ae5UL01q7ldFmTdL1kUIFAl+4oRoACgkQldFmTdL1
kUL5nhAAwJuNKh1eQodFdOANhHFe9Bi8q7Cf9/RFqONVhoUpD8cna7ANY472sfy/
0xZKPatOXvWBFJTyUTs2Z/AhNGy4+TomF4v0DQydo8PmZRY0SRkyqpdOr1bHEFx7
YbBX1XdBJLfCq4Uj8T+kGDSZvueqtdDIe8fGoGKnQD2UFKc9JSXBRZ0CZzwxyGda
feEsYfU/dFiP1aJgVv86WqJw5KYOtKEgmKmcur5PkfUfdrqL3wqR1JlP0OfxsT9H
SjGBVkmlUINWMfrKBZRirYTJUKFPxLPJDZNOB5dqvENVMxigEeIgGRYvPfJxK4P5
dc+1ayAUFBbwUq2k4Vs9TR+E6spyEbodwZXHUXCBchQb6+V8uVTa6Xd6Egvkah7E
xoIMnbre/5vlaWRJH09NaKhFKsE6eXMTv4boPdCC0IprGWIvo99PwuAFLrmpD7pK
TOQMt1XFts0nddMHtD2oVDiepT0NUhNFtUxzO05ZWZMC5eFDlCfiOgPjiFQV7/6U
UXSkEiB41Z5MHXmIJEKBD4gHutu0+nq/hhCsCKAO4vNbbHio2QE6zu7Yi9nKZlpt
aa7IZPWlgcw7yp2hBrz1ENSEPUWhpYUsUL6mq9HiqqWA7wrujbWzDOCvxEQg/TrU
BkyzFVZdMk3wFcjxy6bQipMlY4A5rq6yRPNflSUhHup8Gxoyfzs=
=Badk
-END PGP SIGNATURE-
--- End Message ---
--- Begin Message ---
Source: musl
Source-Version: 1.2.2-1
Done: Reiner Herrmann 

We believe that the bug you reported is fixed in the latest version of
musl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 975...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Reiner Herrmann  (supplier of updated musl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 15 Jan 2021 19:03:01 +0100
Source: musl
Architecture: source
Version: 1.2.2-1
Distribution: unstable
Urgency: medium
Maintainer: Reiner Herrmann 
Changed-By: Reiner Herrmann 
Closes: 975365 977130
Changes:
 musl (1.2.2-1) unstable; urgency=medium
 .
   * New upstream release.
 - fix wcsnrtombs destination buffer overflow (CVE-2020-28928)
   (Closes: #975365)
   * Fix MUSL_ARCH/MUSL_TRIPLE on sh4 (-> sh). (Closes: #977130)
   * Update copyrights.
   * Update watch file to version 4.
   * Bump Standards-Version to 4.5.1.
Checksums-Sha1:
 e446f19652a789db697dcfa44c61cf7878b1cd69 3119 musl_1.2.2-1.dsc
 e7ba5f0a5f89c13843b955e916f1d9a9d4b6ab9a 1055220 musl_1.2.2.orig.tar.gz
 174a6a246d0b00e8b5f83704165f9c79cce693d9 490 musl_1.2.2.orig.tar.gz.asc
 c47e30c1b8bea2804f18ad08c5013ef93ddf75a2 11760 musl_1.2.2-1.debian.tar.xz
 5dace9f7e0a932e1ddf0da200abd326c4e475d9d 5990 musl_1.2.2-1_source.buildinfo
Checksums-Sha256:
 659d3f7b95e550fb798e7a2898ab4644d6d28b48f4413cdd56515cda4f393b5a 3119 
musl_1.2.2-1.dsc
 9b969322012d796dc23dda27a35866034fa67d8fb67e0e2c45c913c3d43219dd 1055220 
musl_1.2.2.orig.tar.gz
 706094dc74fd589b74e3ce5a6ef7ccc29489e9a2a78a6539989f6468000c71ae 490 
musl_1.2.2.orig.tar.gz.asc
 18664aa246e52784fcfa7cae3d41ca0f6c0f8ec3b0b4d02601f11235c13c999b 11760 
musl_1.2.2-1.debian.tar.xz
 12e2105c1e941c31622de1d312bb968a0a852615e084101da452fd0e427979e2 5990 
musl_1.2.2-1_source.buildinfo
Files:
 2d98df1b4980c30c957429b5c5b587ce 3119 libs optional musl_1.2.2-1.dsc
 aed8ae9e2b0898151b36a204088292dd 1055220 libs optional musl_1.2.2.orig.tar.gz
 aa6b0aff08641f78f3f2e12429085e82 490 libs optional musl_1.2.2.orig.tar.gz.asc
 783549d06d8f0f5c962c8d417c5a881f 11760 libs optional musl_1.2.2-1.debian.tar.xz
 ab254068dbb688a683a869ae4469ee6b 5990 libs optional 
musl_1.2.2-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEE2Pb6feok2Q1urHM7zPBJKNsO6qcFAmAB2WUACgkQzPBJKNsO

Processed: Bug#978640: undefined symbol: _ZTIN3fmt2v612format_errorE

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> package nheko
Limiting to bugs with field 'package' containing at least one of 'nheko'
Limit currently set to 'package':'nheko'

> fixed 978640 0.7.2-3
Bug #978640 {Done: Hubert Chathi } [nheko] undefined symbol: 
_ZTIN3fmt2v612format_errorE
Marked as fixed in versions nheko/0.7.2-3.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
978640: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978640
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#980172: kodi-pvr-hts: kodi crashes when switching to TV with pvr hts plugin activated and configured

[Stephan Skrodzki]

Hi Vasyl,

Am 15.01.21 um 17:47 schrieb Vasyl Gello:

> If that works, the next upload wi.l fix the issue for general public.

Wow, that was fast :-)

Thank you all for your help, everything works fine now!

Cheers
 Stephan

Bug#980172: kodi-pvr-hts: kodi crashes when switching to TV with pvr hts plugin activated and configured

[Vasyl Gello]

Hi Stephan!

Please install the test build available at https://fex.net/s/kkea8fe
It is signed with my Debian key (changes file, buildinfo & dsc).

If that works, the next upload wi.l fix the issue for general public.
-- 
Vasyl Gello
==
Certified SolidWorks Expert

Mob.:+380 (98) 465 66 77

E-Mail: vasek.ge...@gmail.com

Skype: vasek.gello
==
호랑이는 죽어서 가죽을 남기고 사람은 죽어서 이름을 남긴다

15 січня 2021 р. 16:19:36 UTC, Stephan Skrodzki  
написав(-ла):
>Package: kodi-pvr-hts
>Version: 8.1.2+ds1-1
>Severity: normal
>
>
>thanks for updating the pvr-hts plugin. After configuration, everything seems
>to work fine, but choosing the TV entry on the main menu let's Kodi crash...
>
>Kodi is 2:19.0~beta2+dfsg1-5
>
>I deleted the whole .kodi dir, so there was no old configuration there.
>
>Crash log is attached.
>
>I have no clue what to do :-)
>
>
>
>-- System Information:
>Debian Release: bullseye/sid
>  APT prefers unstable
>  APT policy: (500, 'unstable')
>Architecture: amd64 (x86_64)
>Foreign Architectures: i386
>
>Kernel: Linux 5.10.0-1-amd64 (SMP w/8 CPU threads)
>Kernel taint flags: TAINT_CPU_OUT_OF_SPEC, TAINT_OOT_MODULE, 
>TAINT_UNSIGNED_MODULE
>Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not 
>set
>Shell: /bin/sh linked to /usr/bin/dash
>Init: systemd (via /run/systemd/system)
>LSM: AppArmor: enabled
>
>Versions of packages kodi-pvr-hts depends on:
>ii  kodi [kodi-api-pvr]  2:19.0~beta2+dfsg1-5
>ii  libc62.31-9
>ii  libgcc-s110.2.1-6
>ii  libstdc++6   10.2.1-6
>
>kodi-pvr-hts recommends no packages.
>
>kodi-pvr-hts suggests no packages.
>
>-- no debconf information
>

Processed: Re: Bug#980172: kodi-pvr-hts: kodi crashes when switching to TV with pvr hts plugin activated and configured

[Debian Bug Tracking System]

Processing control commands:

> reassign -1 kodi
Bug #980172 [kodi-pvr-hts] kodi-pvr-hts: kodi crashes when switching to TV with 
pvr hts plugin activated and configured
Bug reassigned from package 'kodi-pvr-hts' to 'kodi'.
No longer marked as found in versions kodi-pvr-hts/8.1.2+ds1-1.
Ignoring request to alter fixed versions of bug #980172 to the same values 
previously set
> forcemerge 980038 -1
Bug #980038 [kodi] Kodi crashes on listing of PVR recordings
Bug #980172 [kodi] kodi-pvr-hts: kodi crashes when switching to TV with pvr hts 
plugin activated and configured
Severity set to 'serious' from 'normal'
Marked as found in versions kodi/2:19.0~beta2+dfsg1-1.
Added tag(s) pending.
Merged 980038 980172
> affects 980038 kodi-pvr-hts
Bug #980038 [kodi] Kodi crashes on listing of PVR recordings
Bug #980172 [kodi] kodi-pvr-hts: kodi crashes when switching to TV with pvr hts 
plugin activated and configured
Added indication that 980038 affects kodi-pvr-hts
Added indication that 980172 affects kodi-pvr-hts

-- 
980038: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980038
980172: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980172
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#978954: pepperflashplugin-nonfree: should not be part of next stable Debian release

[Debian Bug Tracking System]

Processing control commands:

> severity -1 important
Bug #978954 [pepperflashplugin-nonfree] pepperflashplugin-nonfree: should not 
be part of next stable Debian release
Severity set to 'important' from 'grave'
> retitle -1 pepperflashplugin-nonfree: should not be part of bookworm
Bug #978954 [pepperflashplugin-nonfree] pepperflashplugin-nonfree: should not 
be part of next stable Debian release
Changed Bug title to 'pepperflashplugin-nonfree: should not be part of 
bookworm' from 'pepperflashplugin-nonfree: should not be part of next stable 
Debian release'.

-- 
978954: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978954
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#978954: pepperflashplugin-nonfree: should not be part of next stable Debian release

[Andreas Beckmann]

Control: severity -1 important
Control: retitle -1 pepperflashplugin-nonfree: should not be part of bookworm

On Tue, 12 Jan 2021 15:14:49 +0100 Gunnar Hjalmarsson  
wrote:
> But let me add that even if Opera fixes that, users may think they want 
> to enable flash, try to install pepperflashplugin-nonfree, and with that 
> screw up dpkg. So the issue happens before they try to enable it in a 
> browser. I.e. as long as the package in its current state is present in 
> the archive.

I've just uploaded 1.8.8 turning the package into a dummy removing
the broken download/install functionality and the chromium integration
s.t. people will upgrade to a "fixed" version (that does not block trying
to download unavailable bits). That should be cleaner than removing it
from the archive while leaving it installed in broken state on users
systems.


Andreas

Bug#980061: caribou: Segfault as regression of xorg CVE-2020-25712 fix that cause security issue for cinnamon

[Fabio Fantoni]

Prepared a MR:
https://salsa.debian.org/gnome-team/caribou/-/merge_requests/2

Already tested build
(http://debomatic-amd64.debian.net/distribution#unstable/caribou/0.4.21-7.1~/buildlog
),
installed and verified that issue is not reproducible anymore

Bug#979689: marked as done (pepperflashplugin-nonfree: Installation script fails to download flash from adobe's servers)

[Debian Bug Tracking System]

Your message dated Fri, 15 Jan 2021 16:18:53 +
with message-id 
and subject line Bug#979689: fixed in pepperflashplugin-nonfree 1.8.8
has caused the Debian Bug report #979689,
regarding pepperflashplugin-nonfree: Installation script fails to download 
flash from adobe's servers
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
979689: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979689
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: pepperflashplugin-nonfree
Version: 1.8.7
Severity: grave
Tags: upstream
Justification: renders package unusable
X-Debbugs-Cc: pitsior...@gmail.com

Dear Maintainer,

Please consider this a followup of #978954, which talks about flash's
deprecation from adobe.
As mentioned in the title, the installation script fails to download the
relevant file. Wget tries 3 times, but the download url redirects here

https://www.adobe.com/products/flashplayer/end-of-life.html

where there is nothing to download, rendering the package not installable. Here
is the full output of apt

Unpacking pepperflashplugin-nonfree (1.8.7) ...
Setting up pepperflashplugin-nonfree (1.8.7) ...
--2021-01-10 07:26:28--
https://get.adobe.com/flashplayer/webservices/json/?platform_type=Linux_arch=x86_64_dist=Chrome
Resolving get.adobe.com (get.adobe.com)... 193.104.215.66
Connecting to get.adobe.com (get.adobe.com)|193.104.215.66|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.adobe.com/products/flashplayer/end-of-
life.html?platform_type=Linux_arch=x86_64_dist=Chrome
[following]
--2021-01-10 07:26:29--  https://www.adobe.com/products/flashplayer/end-of-
life.html?platform_type=Linux_arch=x86_64_dist=Chrome
Resolving www.adobe.com (www.adobe.com)... 212.205.43.11, 212.205.43.26,
2a02:587:8ff:25::d4cd:4da2, ...
Connecting to www.adobe.com (www.adobe.com)|212.205.43.11|:443... connected.
HTTP request sent, awaiting response... Read error (Connection timed out) in
headers.
Retrying.

--2021-01-10 07:26:45--  (try: 2)
https://www.adobe.com/products/flashplayer/end-of-
life.html?platform_type=Linux_arch=x86_64_dist=Chrome
Connecting to www.adobe.com (www.adobe.com)|212.205.43.11|:443... connected.
HTTP request sent, awaiting response... Read error (Connection timed out) in
headers.
Retrying.

--2021-01-10 07:27:02--  (try: 3)
https://www.adobe.com/products/flashplayer/end-of-
life.html?platform_type=Linux_arch=x86_64_dist=Chrome
Connecting to www.adobe.com (www.adobe.com)|212.205.43.11|:443... connected.
HTTP request sent, awaiting response... Read error (Connection timed out) in
headers.
Giving up.

ERROR: failed to determine upstream version
More information might be available at:
  http://wiki.debian.org/PepperFlashPlayer



-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-1-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pepperflashplugin-nonfree depends on:
ii  binutils 2.35.1-7
ii  ca-certificates  20200601
ii  libgcc-s110.2.1-3
ii  libstdc++6   10.2.1-3
ii  wget 1.21-1+b1

pepperflashplugin-nonfree recommends no packages.

Versions of packages pepperflashplugin-nonfree suggests:
pn  chromium   
pn  ttf-dejavu 
ii  ttf-mscorefonts-installer  3.8
pn  ttf-xfree86-nonfree

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: pepperflashplugin-nonfree
Source-Version: 1.8.8
Done: Andreas Beckmann 

We believe that the bug you reported is fixed in the latest version of
pepperflashplugin-nonfree, which is due to be installed in the Debian FTP 
archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 979...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann  (supplier of updated 
pepperflashplugin-nonfree package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED 

Processed: affects 980168

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> affects 980168 nomad-driver-lxc
Bug #980168 [golang-github-hashicorp-nomad-dev] Missing dependency causes 
nomad-driver-lxc FTBFS
Added indication that 980168 affects nomad-driver-lxc
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
980168: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980168
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#980168: Missing dependency causes nomad-driver-lxc FTBFS

[Shengjing Zhu]

Package: golang-github-hashicorp-nomad-dev
Version: 0.12.9+dfsg1-1
Severity: serious
X-Debbugs-Cc: z...@debian.org

https://tests.reproducible-builds.org/debian/rbuild/unstable/amd64/nomad-driver-lxc_0.3.0-1.rbuild.log.gz

src/github.com/hashicorp/nomad/helper/mount/mount_linux.go:6:2: cannot find 
package "github.com/docker/docker/pkg/mount" in any of:

/build/1st/nomad-driver-lxc-0.3.0/_build/src/github.com/hashicorp/nomad/vendor/github.com/docker/docker/pkg/mount
 (vendor tree)
/usr/lib/go-1.15/src/github.com/docker/docker/pkg/mount (from $GOROOT)

/build/1st/nomad-driver-lxc-0.3.0/_build/src/github.com/docker/docker/pkg/mount 
(from $GOPATH)
src/github.com/hashicorp/nomad/client/pluginmanager/csimanager/volume.go:12:2: 
cannot find package "github.com/grpc-ecosystem/go-grpc-middleware/retry" in any 
of:

/build/1st/nomad-driver-lxc-0.3.0/_build/src/github.com/hashicorp/nomad/vendor/github.com/grpc-ecosystem/go-grpc-middleware/retry
 (vendor tree)
/usr/lib/go-1.15/src/github.com/grpc-ecosystem/go-grpc-middleware/retry 
(from $GOROOT)

/build/1st/nomad-driver-lxc-0.3.0/_build/src/github.com/grpc-ecosystem/go-grpc-middleware/retry
 (from $GOPATH)

The FTBFS of nomad-driver-lxc is in the src/github.com/hashicorp/nomad, so I 
think it's problem in golang-github-hashicorp-nomad-dev.

Bug#980105: marked as done (zfsutils-linux: /usr/share/man/man1/arcstat.1.gz is already shipped by nordugrid-arc-client)

[Debian Bug Tracking System]

Your message dated Fri, 15 Jan 2021 14:54:07 +
with message-id 
and subject line Bug#980105: fixed in zfs-linux 2.0.1-2
has caused the Debian Bug report #980105,
regarding zfsutils-linux: /usr/share/man/man1/arcstat.1.gz is already shipped 
by nordugrid-arc-client
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
980105: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980105
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: zfsutils-linux
Version: 2.0.1-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'testing'.
It installed fine in 'testing', then the upgrade to 'sid' fails
because it tries to overwrite other packages files.

>From the attached log (scroll to the bottom...):

  Preparing to unpack .../zfsutils-linux_2.0.1-1_amd64.deb ...
  Unpacking zfsutils-linux (2.0.1-1) ...
  dpkg: error processing archive 
/var/cache/apt/archives/zfsutils-linux_2.0.1-1_amd64.deb (--unpack):
   trying to overwrite '/usr/share/man/man1/arcstat.1.gz', which is also in 
package nordugrid-arc-client 6.9.0-3
  dpkg-deb: error: paste subprocess was killed by signal (Broken pipe)
  Errors were encountered while processing:
   /var/cache/apt/archives/zfsutils-linux_2.0.1-1_amd64.deb


cheers,

Andreas


nordugrid-arc-client=6.9.0-3_zfsutils-linux=2.0.1-1.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: zfs-linux
Source-Version: 2.0.1-2
Done: Mo Zhou 

We believe that the bug you reported is fixed in the latest version of
zfs-linux, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 980...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mo Zhou  (supplier of updated zfs-linux package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 15 Jan 2021 22:27:09 +0800
Source: zfs-linux
Architecture: source
Version: 2.0.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian ZFS on Linux maintainers 

Changed-By: Mo Zhou 
Closes: 980105
Changes:
 zfs-linux (2.0.1-2) unstable; urgency=medium
 .
   * Patch: move manpage arcstat(1) to arcstat(8). (Closes: #980105)
   * Cherry-pick patches from upstream zfs-2.0.2-staging branch.
  + 0001-zpool-Dryrun-fails-to-list-some-devices.patch
Checksums-Sha1:
 294ad9cc33d321528a723f61fbbb89c92d4e404a 3563 zfs-linux_2.0.1-2.dsc
 c680ef17a9ea92edbe3d0ccbe7f561494eec2d94 87512 zfs-linux_2.0.1-2.debian.tar.xz
 01a312d60c419365ad39e57235f254b618782fe2 7033 
zfs-linux_2.0.1-2_source.buildinfo
Checksums-Sha256:
 4b4052824d985d28a3615e0812524afebf42e25109f32a2cf56cfce4a9c796c5 3563 
zfs-linux_2.0.1-2.dsc
 3302e7b4c9448ec224734106cac723f0b979d4875694449faf5a800809a98771 87512 
zfs-linux_2.0.1-2.debian.tar.xz
 e891ca15b4d5afb9fb0ad2677fee81573cc2eab1f318c54f7ac32d202eaf906a 7033 
zfs-linux_2.0.1-2_source.buildinfo
Files:
 1a96e19fe0c6021a9bc66f858d0368dd 3563 contrib/kernel optional 
zfs-linux_2.0.1-2.dsc
 d89701f9a179b9513f252cbb0f8f9764 87512 contrib/kernel optional 
zfs-linux_2.0.1-2.debian.tar.xz
 e49422d4adb5942b1e80e5fb816cae1c 7033 contrib/kernel optional 
zfs-linux_2.0.1-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJFBAEBCgAvFiEEY4vHXsHlxYkGfjXeYmRes19oaooFAmABppMRHGx1bWluQGRl
Ymlhbi5vcmcACgkQYmRes19oaopNwg/6AmIRb31nMhNxmBRYWcG7kkvYYm75Egn6
PWLbqZaQdFYI9y/A86VVpsQHroE67SLh7OBlfbH9zeggzIeFndth8EB9n+KtafbC
qmqiivsjG68Zvt79lnaeRO/u7WH/0ypnQn9QHHTYWgwjgP22m7aY6j1K2XYyJddf
K55NdhNZs4HAufI2ud5JISeWG39J3lC1YHRRT3t9G4ZOpRpPVca6u2Jr/lNgAD5V
ZmFLFceOkofVlkxB0k2LISPl0RwRshBefqsUAc01WIUJ4LB49NCisaf6tpt+SSMi
q+uY8mVUbTqy608DA5bG5Ll6SNjKcO8NJNpNSo+mbWLadGKoetIbMem8fLnP0w+A
D0DOvx17kc6L6cdnUmKvLFG6mZbBNP3zEhGZQRv01su2BPrsD9HBJ22B3HMa0ZFA
98Konb0BdjeJLDe2wIOaHiitZIEHblQrtFgiWmCc4sp4+y4h7ChN3HV1Cuxzj32i
amO3ryasvgpBckUt1eGCBfQustXHhJwRZz3X6C4Dv0wUBYxtAAV7uRkYJ9QWnr+N
Krm6JHLUfvngG6xa85PjP+xeMuPtikJiby2SpxwevLbqSmLIALyiO1R+21XIod32
UqeMpneLaIpxFZ9H9PPapYq+KqS9FbL0uuG0iRUzjeb/Ke6isJHv9+CDScwCNFcG
JsJYeEGyxHg=
=r/DE
-END PGP SIGNATURE End Message ---

Bug#906057: marked as done (linphone: Linphone "cannot start transport on port 5060, maybe this port is already used" although it is not.)

[Debian Bug Tracking System]

Your message dated Fri, 15 Jan 2021 15:43:51 +0100
with message-id 
and subject line Closing bugs opened for old Gtk client
has caused the Debian Bug report #906057,
regarding linphone: Linphone "cannot start transport on port 5060, maybe this 
port is already used" although it is not.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
906057: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906057
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: linphone
Version: 3.6.1-3
Severity: grave
Tags: ipv6
Justification: renders package unusable

Dear Maintainer,

After upgrading from Jessie 8 to Stretch 9 (64bits), Linphone has become
inoperative.

Linphone was used without problem with the setup and parameters under Jessie.
With the same configuration under Stretch, at start-up Linphone complains as
follows:

Could not start tls transport on port 5060, maybe this port is already
used.

It is impossible to establish a call, or register to a SIP server.

The following approaches were attempted:

a) Changing from TLS to UDP or TCP

Result: exactly the same problem remains.

b) Modifying the port number

Result: no matter what port number is put, exactly the same issue
occurs.

Checking with lsof -i -n -P, it appears that none of the ports
introduced
are actually used. Linphone believes a port is in use while it is not.

d) Relying upon IPv6 instead of IPv4.

Result:
c.1) Linphone no longer complains about an occupied port.
c.2) Linphone starts correctly listening to the port in question.
 lsof -i -n -P | egrep -i 5060 shows (for instance)

linphone  9737 casaise   25u  IPv6 281289  0t0  UDP
*:5060

c.3) However, it remains impossible to register the accounts to SIP
servers.
c.4) Calling test accounts results in Linphone attempting to establish
the
 call but never managing to do it (timing out).

e) Some in the Internet suggest that the reason is a lack of privileges for the
user
   and that adding the user to the group plugdev or netdev could resolve the
situation.

Result: the problem remains as it is.

f) The SIP utility Ekiga was also installed (but not started). Using Synaptic,
it was
   removed from the installation.

Result: the problem remains as it is.

It may be that the in-place upgrade from Jessie to Stretch has left Linphone in
an
inconsistent state. I respectfully ask whether there is a workaround to the
above
problem.



-- System Information:
Debian Release: 9.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-7-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), 
LANGUAGE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages linphone depends on:
ii  libasound21.1.3-5
ii  libatk1.0-0   2.22.0-1
ii  libavcodec57  7:3.2.12-1~deb9u1
ii  libavutil55   7:3.2.12-1~deb9u1
ii  libc6 2.24-11+deb9u3
ii  libcairo2 1.14.8-1
ii  libexosip2-11 4.1.0-2.1
ii  libfontconfig12.11.0-6.7+b1
ii  libfreetype6  2.6.3-3.2
ii  libgdk-pixbuf2.0-02.36.5-2+deb9u2
ii  libgl1-mesa-glx [libgl1]  13.0.6-1+b2
ii  libglew2.02.0.0-3+b1
ii  libglib2.0-0  2.50.3-2
ii  libglu1-mesa [libglu1]9.0.0-2.1
ii  libgtk2.0-0   2.24.31-2
ii  liblinphone5  3.6.1-3
ii  libmediastreamer-base33.6.1-3
ii  libnotify40.7.7-2
ii  libogg0   1.3.2-1
ii  libopus0  1.2~alpha2-1
ii  libortp9  3.6.1-3
ii  libosip2-11   4.1.0-2.1
ii  libpango-1.0-01.40.5-1
ii  libpangocairo-1.0-0   1.40.5-1
ii  libpangoft2-1.0-0 1.40.5-1
ii  libpulse0 10.0-1+deb9u1
ii  libsoup2.4-1  2.56.0-2+deb9u2
ii  libspandsp2   0.0.6+dfsg-0.1
ii  libspeex1 1.2~rc1.2-1+b2
ii  libspeexdsp1  1.2~rc1.2-1+b2
ii  libsqlite3-0  3.16.2-5+deb9u1
ii  libswscale4   7:3.2.12-1~deb9u1
ii  libtheora01.1.1+dfsg.1-14+b1
ii  libudev1  232-25+deb9u4
ii  libupnp6  1:1.6.19+git20160116-1.2
ii  libv4l-0  1.12.3-1
ii  libvpx4   1.6.1-3+deb9u1
ii  libx11-6  2:1.6.4-3
ii  libxv1  

Processed: Merge #980042 and #980144

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 980042 grave
Bug #980042 [mailutils] mailutils: movemail doesn't remove extracted emails
Severity set to 'grave' from 'important'
> merge 980042 980144
Bug #980042 [mailutils] mailutils: movemail doesn't remove extracted emails
Bug #980144 [mailutils] mailutils: movemail does not remove start mailbox when 
moving
Merged 980042 980144
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
980042: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980042
980144: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980144
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#980144: mailutils: movemail does not remove start mailbox when moving

[Francesco Potortì]

>This appears to be a duplicate of #980042:
>  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980042

It is.  Sorry.  Please merge.

Thanks for your work

-- 
Francesco Potortì (ricercatore)Voice:  +39.050.621.3058
ISTI - Area della ricerca CNR  Mobile: +39.348.8283.107
via G. Moruzzi 1, I-56124 Pisa Skype:  wnlabisti
(gate 20, 1st floor, room C71) Web:http://fly.isti.cnr.it

Bug#980144: mailutils: movemail does not remove start mailbox when moving

[Florent Rougon]

Hello,

This appears to be a duplicate of #980042:

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980042

Regards

-- 
Florent

Bug#978353: serf: FTBFS: test_ssl_handshake fails with OpenSSL 1.1.1i

[Justin Erenkrantz]

Sadly, my Debian sid box ran into other issues and is currently
inaccessible.

I *think* that this would address the 1.3.x test issues, but 1.3.x doesn't
build on Mac OS for me for other reasons...so, let me know how it goes?
=)  -- justin

Index: test/test_context.c
===
--- test/test_context.c (revision 1885525)
+++ test/test_context.c (working copy)
@@ -1138,7 +1138,7 @@

 /* We expect an error from the certificate validation function. */
 if (failures & expected_failures)
-return APR_SUCCESS;
+return APR_EGENERAL;
 else
 return SERF_ERROR_ISSUE_IN_TESTSUITE;
 }
@@ -1206,8 +1206,8 @@

 create_new_request(tb, _ctx[0], "GET", "/", 1);

-test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx,
-   test_pool);
+test_helper_run_requests_expect_fail(tc, tb, num_requests, handler_ctx,
+ test_pool);
 }

 /* Set up the ssl context with the CA and root CA certificates needed for
@@ -1774,8 +1774,8 @@

 create_new_request(tb, _ctx[0], "GET", "/", 1);

-test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx,
-   test_pool);
+test_helper_run_requests_expect_fail(tc, tb, num_requests, handler_ctx,
+ test_pool);
 }

 /* Validate that the expired certificate is reported as failure in the
@@ -1820,8 +1820,8 @@

 create_new_request(tb, _ctx[0], "GET", "/", 1);

-test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx,
-   test_pool);
+test_helper_run_requests_expect_fail(tc, tb, num_requests, handler_ctx,
+ test_pool);
 }


Index: test/test_serf.h
===
--- test/test_serf.h (revision 1885525)
+++ test/test_serf.h (working copy)
@@ -239,6 +239,12 @@
int num_requests,
handler_baton_t handler_ctx[],
apr_pool_t *pool);
+void
+test_helper_run_requests_expect_fail(CuTest *tc, test_baton_t *tb,
+ int num_requests,
+ handler_baton_t handler_ctx[],
+ apr_pool_t *pool);
+
 serf_bucket_t* accept_response(serf_request_t *request,
serf_bucket_t *stream,
void *acceptor_baton,
Index: test/test_util.c
===
--- test/test_util.c (revision 1885525)
+++ test/test_util.c (working copy)
@@ -461,6 +461,19 @@
 CuAssertIntEquals(tc, num_requests, tb->handled_requests->nelts);
 }

+void
+test_helper_run_requests_expect_fail(CuTest *tc, test_baton_t *tb,
+ int num_requests,
+ handler_baton_t handler_ctx[],
+ apr_pool_t *pool)
+{
+apr_status_t status;
+
+status = test_helper_run_requests_no_check(tc, tb, num_requests,
+   handler_ctx, pool);
+CuAssertIntEquals(tc, APR_EGENERAL, status);
+}
+
 serf_bucket_t* accept_response(serf_request_t *request,
serf_bucket_t *stream,
void *acceptor_baton,

On Thu, Jan 14, 2021 at 11:35 PM James McCoy  wrote:

> Happy New Year!
>
> On Wed, Dec 30, 2020 at 10:39:28PM -0500, James McCoy wrote:
> > On Tue, Dec 29, 2020 at 02:35:11PM -0500, Justin Erenkrantz wrote:
> > > The OpenSSL devs intended this to be a breaking change - but it's not
> > > documented anywhere.  Sigh.
> > >
> > > I've got a WIP patch against trunk that causes test_ssl to pass - see
> below.
> > > It also seems to work with OpenSSL 1.1.1h as well as OpenSSL 1.1.1i /
> > > 1.1.1-stable, AFAICT.
> > >
> > > James: can you please give it a try as well?
> >
> > Yes, I can confirm this fixes test_ssl_handshake on trunk.  There's
> > enough difference between trunk and branches/1.3.x that it doesn't apply
> > cleanly there.
>
> Any chance you would be able to make a patch for 1.3.x?  Although a 1.4
> release would be nice, it's a bit late in the Debian release cycle to
> upload a major new version.
>
> A targeted fix for the test suite would address the immediate issue,
> though.
>
> Cheers,
> --
> James
> GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7  2D23 DFE6 91AE 331B A3DB
>

Bug#980132: openvswitch: CVE-2020-27827

[Salvatore Bonaccorso]

Hi Thomas,

On Fri, Jan 15, 2021 at 09:29:47AM +0100, Thomas Goirand wrote:
> On 1/14/21 10:38 PM, Salvatore Bonaccorso wrote:
> > Source: openvswitch
> > Version: 2.15.0~git20210104.def6eb1ea+dfsg1-3
> > Severity: grave
> > Tags: security upstream
> > Justification: user security hole
> > X-Debbugs-Cc: car...@debian.org, Debian Security Team 
> > 
> > Control: found -1 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12+deb10u2
> > Control: found -1 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12
> > 
> > Hi,
> > 
> > The following vulnerability was published for openvswitch.
> > 
> > CVE-2020-27827[0]:
> > | lldp: avoid memory leak from bad packets
> > 
> > If you fix the vulnerability please also make sure to include the
> > CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> > 
> > For further information see:
> > 
> > [0] https://security-tracker.debian.org/tracker/CVE-2020-27827
> > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27827
> > [1] 
> > https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000269.html
> > [2] 
> > https://github.com/openvswitch/ovs/commit/78e712c0b1dacc2f12d2a03d98f083d8672867f0
> > 
> > Regards,
> > Salvatore
> 
> Hi Salvatore,
> 
> Thanks for the bug report.
> 
> Please find, attached, the debdiff to fix the CVE in Buster. Note that
> Unstable/Sid has already been patched.
> 
> Please allow me to upload this to buster-security.

Thanks, this is probably fine for a DSA.

*but* please respin the package and include the fix for CVE-2015-8011
as well, this is fixed in unstable already.

For details and upstream commit see:
https://security-tracker.debian.org/tracker/CVE-2015-8011

(while at it, please set urgency=high for consistency).

Can you repost a debdiff with the CVE-2015-8011 fix as well?

Can you test the package in production?

Regards,
Salvatore

Bug#979534: wolfssl: CVE-2020-36177

[Bastian Germann]

On Thu, 07 Jan 2021 21:09:25 +0100 Salvatore Bonaccorso > The following 
vulnerability was published for wolfssl.


CVE-2020-36177[0]:
| RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-
| of-bounds write for certain relationships between key size and digest
| size.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-36177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36177
[1] https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26567
[2] https://github.com/wolfSSL/wolfssl/pull/3426


#978676 has patches to import the fixed upstream version 4.6.0.

Processed: severity of 979597 is serious

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # should be fixed for bullseye ideally
> severity 979597 serious
Bug #979597 [src:cairosvg] cairosvg: CVE-2021-21236: Regular Expression Denial 
of Service (REDoS)
Severity set to 'serious' from 'important'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
979597: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979597
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#979041: libopempi3: aborts python code due to libfabric fork() issues

[Alastair McKinstry]

Ugh. Thanks Drew.
What are the contents of  /etc/openmpi/openmpi-mca-params.conf on the node?
Does a simple hello world (see Debian/tests/hello* ) work without errors in the 
environment ?

Regards
Alastair

On 15/01/2021, 08:39, "Drew Parsons"  wrote:

Package: libopenmpi3
Version: 4.1.0-5
Followup-For: Bug #979041

There's evidence this libfabric bug is not fully fixed.

pytest-mpi (0.4-3) is failing tests:

  A process has executed an operation involving a call
  to the fork() system call to create a child process.

  As a result, the libfabric EFA provider is operating in
  a condition that could result in memory corruption or
  other system errors.

  For the libfabric EFA provider to work safely when fork()
  is called, you will need to set the following environment
  variable:
RDMAV_FORK_SAFE

  However, setting this environment variable can result in
  signficant performance impact to your application due to
  increased cost of memory registration.

  You may want to check with your application vendor to see
  if an application-level alternative (of not using fork)
  exists.

  Your job will now abort.
  Fatal Python error: Aborted

  Current thread 0x7f2978647740 (most recent call first):
File "/usr/lib/python3.9/subprocess.py", line 1756 in _execute_child
File "/usr/lib/python3.9/subprocess.py", line 951 in __init__
File "/usr/lib/python3/dist-packages/_pytest/pytester.py", line 1193 in 
popen
File "/usr/lib/python3/dist-packages/_pytest/pytester.py", line 1234 in 
run
File "/tmp/autopkgtest.5dpwa6/build.XvQ/real-tree/tests/conftest.py", 
line 44 in runpytest_subprocess
File "/tmp/autopkgtest.5dpwa6/build.XvQ/real-tree/tests/conftest.py", 
line 52 in runpytest
File 
"/tmp/autopkgtest.5dpwa6/build.XvQ/real-tree/tests/test_markers.py", line 113 
in test_mpi_xfail_under_mpi
File "/usr/lib/python3/dist-packages/_pytest/python.py", line 180 in 
pytest_pyfunc_call



pytest-mpi is also affected by the UCX bug and possibly a pytest6 problem, 
but
I guess they would not trigger this libfabric RDMAV_FORK_SAFE error.


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-1-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_AU:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libopenmpi3 depends on:
ii  libc62.31-9
ii  libevent-core-2.1-7  2.1.12-stable-1
ii  libevent-pthreads-2.1-7  2.1.12-stable-1
ii  libfabric1   1.11.0-2
ii  libgcc-s110.2.1-6
ii  libhwloc-plugins 2.4.0+dfsg-3
ii  libhwloc15   2.4.0+dfsg-3
ii  libibverbs1  33.0-1
ii  libnl-3-200  3.4.0-1+b1
ii  libpmix2 4.0.0-3
ii  libpsm-infinipath1   3.3+20.604758e7-6.1
ii  libpsm2-211.2.185-1
ii  libstdc++6   10.2.1-6
ii  libucx0  1.10.0~rc1-2
ii  zlib1g   1:1.2.11.dfsg-2

libopenmpi3 recommends no packages.

libopenmpi3 suggests no packages.

-- no debconf information

Bug#957828: sparskit: ftbfs with GCC-10

[Étienne Mollier]

Control: tag -1 patch

Hi,

I prepared a targeted patch to fix Gcc-10 issues with sparskit,
and ran the embedded ./dotests to make sure it did not introduce
any errors.  This fixes the argument type mismatch in the csrcsc
call by introducing the one dimension vector iziama of type
real(8), instead of an integer(4) scalar, while trying to
maintain compatibility with Fortran 77.

Kind Regards,
-- 
Étienne Mollier 
Fingerprint:  8f91 b227 c7d6 f2b1 948c  8236 793c f67e 8f0d 11da
Sent from /dev/pts/5, please excuse my verbosity.

--- sparskit-2.0.0.orig/ORDERINGS/ccn.f
+++ sparskit-2.0.0/ORDERINGS/ccn.f
@@ -90,7 +90,7 @@
 c  July 1992 - Update: March 1994
 C---
   integer izs(nw), lpw(n), nsbloc(0:nblcmx), ia(n+1), ja(*)
-  real*8 amat(*)
+  real*8 amat(*), iziama(1)
   logical impr
   character*6 chsubr
 C---
@@ -147,10 +147,12 @@
  *ja, ia, izs(ilpw), izs(ilpw), job)
ipos = 1
 c..We sort columns inside JA.
-   call csrcsc(n, job, ipos, amat, ja, ia, izs(iamat),
+   iziama(1) = izs(iamat)
+   call csrcsc(n, job, ipos, amat, ja, ia, iziama,
  * izs(ijat), izs(iiat))
-   call csrcsc(n, job, ipos, izs(iamat), izs(ijat), izs(iiat),
+   call csrcsc(n, job, ipos, iziama, izs(ijat), izs(iiat),
  * amat, ja, ia)
+   izs(iamat) = iziama(1)
   endif
 c.We modify the ordering of unknowns in LPW
   call compos(n, lpw, izs(ilpw))


signature.asc
Description: PGP signature

Processed: Re: sparskit: ftbfs with GCC-10

[Debian Bug Tracking System]

Processing control commands:

> tag -1 patch
Bug #957828 [src:sparskit] sparskit: ftbfs with GCC-10
Added tag(s) patch.

-- 
957828: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=957828
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#957471: marked as done (librcsb-core-wrapper: ftbfs with GCC-10)

[Debian Bug Tracking System]

Your message dated Fri, 15 Jan 2021 11:03:45 +
with message-id 
and subject line Bug#957471: fixed in librcsb-core-wrapper 1.005-9
has caused the Debian Bug report #957471,
regarding librcsb-core-wrapper: ftbfs with GCC-10
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
957471: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=957471
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:librcsb-core-wrapper
Version: 1.005-8
Severity: normal
Tags: sid bullseye
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-10

Please keep this issue open in the bug tracker for the package it
was filed for.  If a fix in another package is required, please
file a bug for the other package (or clone), and add a block in this
package. Please keep the issue open until the package can be built in
a follow-up test rebuild.

The package fails to build in a test rebuild on at least amd64 with
gcc-10/g++-10, but succeeds to build with gcc-9/g++-9. The
severity of this report will be raised before the bullseye release,
so nothing has to be done for the buster release.

The full build log can be found at:
http://people.debian.org/~doko/logs/gcc10-20200225/librcsb-core-wrapper_1.005-8_unstable_gcc10.log
The last lines of the build log are at the end of this report.

To build with GCC 10, either set CC=gcc-10 CXX=g++-10 explicitly,
or install the gcc, g++, gfortran, ... packages from experimental.

  apt-get -t=experimental install g++ 

Common build failures are new warnings resulting in build failures with
-Werror turned on, or new/dropped symbols in Debian symbols files.
For other C/C++ related build failures see the porting guide at
http://gcc.gnu.org/gcc-10/porting_to.html

[...]
 Cleaning pdbml-parser 

make[3]: Entering directory '/<>/pdbml-parser'
make[3]: warning: jobserver unavailable: using -j1.  Add '+' to parent make 
rule.
make[3]: Leaving directory '/<>/pdbml-parser'


 Cleaning cctbx 

make[3]: Entering directory '/<>/cctbx'
make[3]: warning: jobserver unavailable: using -j1.  Add '+' to parent make 
rule.
make[3]: Leaving directory '/<>/cctbx'
make[2]: Leaving directory '/<>'
rm -rf wrapper/python/build
make[1]: Leaving directory '/<>'
   dh_clean
 debian/rules build
dh build --with python3
   dh_update_autotools_config
   dh_autoreconf
   dh_auto_configure
   debian/rules override_dh_auto_build
make[1]: Entering directory '/<>'
dh_auto_build
make -j4
make[2]: Entering directory '/<>'
sh -c '\
 export PIC=-fPIC; \
 export WWPDB_XERCESC_INC=/usr/include; \
 export WWPDB_XERCESC_LIB_DIR=/usr/lib; \
 export WWPDB_XERCESC_LIB=xerces-c; \
( cd ./util; ./compile.sh ); \
libtool --mode=link g++ -version-info 0:1:0 -rpath /usr/lib -Wdate-time 
-D_FORTIFY_SOURCE=2 -g -O2 -fdebug-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro 
-Wl,-z,now -Wl,--as-needed -l${WWPDB_XERCESC_LIB} -o 
lib/librcsb-core-wrapper.la lib/*.lo'


 Making etc 

Warning: this seems to be an unsupported operating system.
 
Supported systems are:
  SunOS .. version 4.1.x and 5.2 or higher
  Linux .. any version 
  SGI IRIX ... version 5.3-6.4


 Making common 

make[3]: Entering directory '/<>/common'
libtool --mode=compile  -Wdate-time -D_FORTIFY_SOURCE=2  -c src/RcsbPlatform.C 
-o ./obj/RcsbPlatform.o
libtool --mode=compile  -Wdate-time -D_FORTIFY_SOURCE=2  -c src/RcsbFile.C -o 
./obj/RcsbFile.o
libtool --mode=compile  -Wdate-time -D_FORTIFY_SOURCE=2  -c src/BlockIO.C -o 
./obj/BlockIO.o
libtool --mode=compile  -Wdate-time -D_FORTIFY_SOURCE=2  -c src/Serializer.C -o 
./obj/Serializer.o
libtool:   error: unsupported warning category: 'date-time'
make[3]: *** [Makefile:156: RcsbPlatform.o] Error 1
make[3]: *** Waiting for unfinished jobs
libtool:   error: unsupported warning category: 'date-time'
make[3]: *** [Makefile:156: RcsbFile.o] Error 1
libtool:   error: unsupported warning category: 'date-time'
make[3]: *** [Makefile:156: BlockIO.o] Error 1
libtool:   error: unsupported warning category: 'date-time'
make[3]: *** [Makefile:156: Serializer.o] Error 1
make[3]: Leaving directory '/<>/common'
libtool:   error: 

Bug#980144: mailutils: movemail does not remove start mailbox when moving

[Francesco Potortì]

Package: mailutils
Version: 1:3.11.1-4
Severity: grave
X-Debbugs-Cc: none, Francesco Potortì 
File: /usr/bin/movemail.mailutils

By chance, I installed mailutis from the unstable branch and I
discovered that movemail does not work (while 1:3.10-3 works).

This is 
mailutils (1:3.11.1-4) unstable; urgency=medium

When called like

movemail --emacs inbox outbox

it copies inbox to outbox rather than moving it, i.e. it does not delete
outbox even after successful operation

-- 
Francesco Potortì (ricercatore)Voice:  +39.050.621.3058
ISTI - Area della ricerca CNR  Mobile: +39.348.8283.107
via G. Moruzzi 1, I-56124 Pisa Skype:  wnlabisti
(gate 20, 1st floor, room C71) Web:http://fly.isti.cnr.it

Bug#979041: libopempi3: aborts python code due to libfabric fork() issues

[Drew Parsons]

Package: libopenmpi3
Version: 4.1.0-5
Followup-For: Bug #979041

There's evidence this libfabric bug is not fully fixed.

pytest-mpi (0.4-3) is failing tests:

  A process has executed an operation involving a call
  to the fork() system call to create a child process.
  
  As a result, the libfabric EFA provider is operating in
  a condition that could result in memory corruption or
  other system errors.
  
  For the libfabric EFA provider to work safely when fork()
  is called, you will need to set the following environment
  variable:
RDMAV_FORK_SAFE
  
  However, setting this environment variable can result in
  signficant performance impact to your application due to
  increased cost of memory registration.
  
  You may want to check with your application vendor to see
  if an application-level alternative (of not using fork)
  exists.
  
  Your job will now abort.
  Fatal Python error: Aborted
  
  Current thread 0x7f2978647740 (most recent call first):
File "/usr/lib/python3.9/subprocess.py", line 1756 in _execute_child
File "/usr/lib/python3.9/subprocess.py", line 951 in __init__
File "/usr/lib/python3/dist-packages/_pytest/pytester.py", line 1193 in 
popen
File "/usr/lib/python3/dist-packages/_pytest/pytester.py", line 1234 in run
File "/tmp/autopkgtest.5dpwa6/build.XvQ/real-tree/tests/conftest.py", line 
44 in runpytest_subprocess
File "/tmp/autopkgtest.5dpwa6/build.XvQ/real-tree/tests/conftest.py", line 
52 in runpytest
File "/tmp/autopkgtest.5dpwa6/build.XvQ/real-tree/tests/test_markers.py", 
line 113 in test_mpi_xfail_under_mpi
File "/usr/lib/python3/dist-packages/_pytest/python.py", line 180 in 
pytest_pyfunc_call



pytest-mpi is also affected by the UCX bug and possibly a pytest6 problem, but
I guess they would not trigger this libfabric RDMAV_FORK_SAFE error.


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-1-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_AU:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libopenmpi3 depends on:
ii  libc62.31-9
ii  libevent-core-2.1-7  2.1.12-stable-1
ii  libevent-pthreads-2.1-7  2.1.12-stable-1
ii  libfabric1   1.11.0-2
ii  libgcc-s110.2.1-6
ii  libhwloc-plugins 2.4.0+dfsg-3
ii  libhwloc15   2.4.0+dfsg-3
ii  libibverbs1  33.0-1
ii  libnl-3-200  3.4.0-1+b1
ii  libpmix2 4.0.0-3
ii  libpsm-infinipath1   3.3+20.604758e7-6.1
ii  libpsm2-211.2.185-1
ii  libstdc++6   10.2.1-6
ii  libucx0  1.10.0~rc1-2
ii  zlib1g   1:1.2.11.dfsg-2

libopenmpi3 recommends no packages.

libopenmpi3 suggests no packages.

-- no debconf information

Bug#957471: ready for upload: librcsb-core-wrapper: ftbfs with GCC-10

[Andreas Tille]

Dear Juhani,

On Fri, Jan 15, 2021 at 11:51:05AM +0200, Juhani Numminen wrote:
> > 
> > make[3]: Entering directory '/<>/common'
> > libtool --mode=compile  -Wdate-time -D_FORTIFY_SOURCE=2  -c 
> > src/RcsbPlatform.C -o ./obj/RcsbPlatform.o
> ^
> ^
> There is a missing "g++" or "gcc" in that space.
> Might be stemming from the "unsupported operating system" complaint.
> 
> Based on that intuition I have managed to fix the remaining FTBFS in this 
> package.
> The patch is now in git: 
> https://salsa.debian.org/med-team/librcsb-core-wrapper
> 
> Dear members of Debian Med Team: if you would please check it out and upload 
> :)

Thanks again for your very welcome help.  The package is currently building on
my machine and will be uploaded soon.

Kind regards

   Andreas.

-- 
http://fam-tille.de

Bug#957471: ready for upload: librcsb-core-wrapper: ftbfs with GCC-10

[Juhani Numminen]

On Fri, 17 Apr 2020 11:04:53 + Matthias Klose  wrote:
> Package: src:librcsb-core-wrapper
> Version: 1.005-8
> Severity: normal
> Tags: sid bullseye
> User: debian-...@lists.debian.org
> Usertags: ftbfs-gcc-10
...
> 
>  Making etc 
> 
> Warning: this seems to be an unsupported operating system.
>  
> Supported systems are:
>   SunOS .. version 4.1.x and 5.2 or higher
>   Linux .. any version 
>   SGI IRIX ... version 5.3-6.4
> 
> 
>  Making common 
> 
> make[3]: Entering directory '/<>/common'
> libtool --mode=compile  -Wdate-time -D_FORTIFY_SOURCE=2  -c 
> src/RcsbPlatform.C -o ./obj/RcsbPlatform.o
^
^
There is a missing "g++" or "gcc" in that space.
Might be stemming from the "unsupported operating system" complaint.

Based on that intuition I have managed to fix the remaining FTBFS in this 
package.
The patch is now in git: https://salsa.debian.org/med-team/librcsb-core-wrapper

Dear members of Debian Med Team: if you would please check it out and upload :)

--
Juhani

Processed: Bug#957471 marked as pending in librcsb-core-wrapper

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #957471 [src:librcsb-core-wrapper] librcsb-core-wrapper: ftbfs with GCC-10
Added tag(s) pending.

-- 
957471: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=957471
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#957471: marked as pending in librcsb-core-wrapper

[Juhani Numminen]

Control: tag -1 pending

Hello,

Bug #957471 in librcsb-core-wrapper reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/med-team/librcsb-core-wrapper/-/commit/30df69086fc53d7f3b617169c1bb0b1b7e79e382


Replace gcc5.patch with platformcheck.patch to bypass problematic gcc version 
check. Closes: #957471


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/957471

Processed: severity of 979283 is important

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 979283 important
Bug #979283 [ddccontrol] ddccontrol: FTBFS with glibc 2.30+ due to sys/io.h 
removal on arm
Severity set to 'important' from 'serious'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
979283: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979283
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#980132: openvswitch: CVE-2020-27827

[Thomas Goirand]

On 1/14/21 10:38 PM, Salvatore Bonaccorso wrote:
> Source: openvswitch
> Version: 2.15.0~git20210104.def6eb1ea+dfsg1-3
> Severity: grave
> Tags: security upstream
> Justification: user security hole
> X-Debbugs-Cc: car...@debian.org, Debian Security Team 
> 
> Control: found -1 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12+deb10u2
> Control: found -1 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12
> 
> Hi,
> 
> The following vulnerability was published for openvswitch.
> 
> CVE-2020-27827[0]:
> | lldp: avoid memory leak from bad packets
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2020-27827
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27827
> [1] 
> https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000269.html
> [2] 
> https://github.com/openvswitch/ovs/commit/78e712c0b1dacc2f12d2a03d98f083d8672867f0
> 
> Regards,
> Salvatore

Hi Salvatore,

Thanks for the bug report.

Please find, attached, the debdiff to fix the CVE in Buster. Note that
Unstable/Sid has already been patched.

Please allow me to upload this to buster-security.

Cheers,

Thomas Goirand (zigo)
diff -Nru openvswitch-2.10.0+2018.08.28+git.8ca7c82b7d+ds1/debian/changelog 
openvswitch-2.10.0+2018.08.28+git.8ca7c82b7d+ds1/debian/changelog
--- openvswitch-2.10.0+2018.08.28+git.8ca7c82b7d+ds1/debian/changelog   
2019-09-19 14:40:49.0 +0200
+++ openvswitch-2.10.0+2018.08.28+git.8ca7c82b7d+ds1/debian/changelog   
2021-01-15 08:27:23.0 +0100
@@ -1,3 +1,12 @@
+openvswitch (2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12+deb10u3) buster-security; 
urgency=medium
+
+  * CVE-2020-27827: denial of service attacks in which crafted LLDP packets
+could cause memory to be lost when allocating data to handle specific
+optional TLVs. Applied upstream patch: lldp: do not leak memory on multiple
+instances of TLVs (Closes: #980132).
+
+ -- Thomas Goirand   Fri, 15 Jan 2021 08:27:23 +0100
+
 openvswitch (2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12+deb10u2) buster; 
urgency=medium
 
   * Fixed debian/ifupdown.sh typo: ovs_vsctl -> ovs-vsctl.
diff -Nru 
openvswitch-2.10.0+2018.08.28+git.8ca7c82b7d+ds1/debian/patches/CVE-2020-27827_lldp_do_not_leak_memory_on_multiple_instances_of_TLVs.patch
 
openvswitch-2.10.0+2018.08.28+git.8ca7c82b7d+ds1/debian/patches/CVE-2020-27827_lldp_do_not_leak_memory_on_multiple_instances_of_TLVs.patch
--- 
openvswitch-2.10.0+2018.08.28+git.8ca7c82b7d+ds1/debian/patches/CVE-2020-27827_lldp_do_not_leak_memory_on_multiple_instances_of_TLVs.patch
  1970-01-01 01:00:00.0 +0100
+++ 
openvswitch-2.10.0+2018.08.28+git.8ca7c82b7d+ds1/debian/patches/CVE-2020-27827_lldp_do_not_leak_memory_on_multiple_instances_of_TLVs.patch
  2021-01-15 08:27:23.0 +0100
@@ -0,0 +1,38 @@
+Description: CVE-2020-27827: lldp: do not leak memory on multiple instances of 
TLVs
+ lldp: avoid memory leak from bad packets
+ .
+ A packet that contains multiple instances of certain TLVs will cause
+ lldpd to continually allocate memory and leak the old memory.  As an
+ example, multiple instances of system name TLV will cause old values
+ to be dropped by the decoding routine.
+ .
+ Reported-at: https://github.com/openvswitch/ovs/pull/337
+ Reported-by: Jonas Rudloff 
+ Signed-off-by: Aaron Conole 
+Author: Aaron Conole 
+Date: Wed, 13 Jan 2021 10:47:19 -0500
+Vulnerability: CVE-2020-27827
+Signed-off-by: Aaron Conole 
+Signed-off-by: Ilya Maximets 
+Origin: upstream, 
https://github.com/openvswitch/ovs/commit/78e712c0b1dacc2f12d2a03d98f083d8672867f0.patch
+Bug-Debian: https://bugs.debian.org/bug=980132
+Last-Update: 2021-01-15
+
+Index: openvswitch/lib/lldp/lldp.c
+===
+--- openvswitch.orig/lib/lldp/lldp.c
 openvswitch/lib/lldp/lldp.c
+@@ -464,10 +464,13 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED
+ b = xzalloc(tlv_size + 1);
+ PEEK_BYTES(b, tlv_size);
+ if (tlv_type == LLDP_TLV_PORT_DESCR) {
++free(port->p_descr);
+ port->p_descr = b;
+ } else if (tlv_type == LLDP_TLV_SYSTEM_NAME) {
++free(chassis->c_name);
+ chassis->c_name = b;
+ } else {
++free(chassis->c_descr);
+ chassis->c_descr = b;
+ }
+ break;
diff -Nru 
openvswitch-2.10.0+2018.08.28+git.8ca7c82b7d+ds1/debian/patches/series 
openvswitch-2.10.0+2018.08.28+git.8ca7c82b7d+ds1/debian/patches/series
--- openvswitch-2.10.0+2018.08.28+git.8ca7c82b7d+ds1/debian/patches/series  
2019-09-19 14:40:49.0 +0200
+++ openvswitch-2.10.0+2018.08.28+git.8ca7c82b7d+ds1/debian/patches/series  
2021-01-15 08:27:23.0 +0100
@@ -11,3 +11,4 @@
 remove-yet-another-mips-failing-test.patch
 remove-non-deterministic-tests.patch
 

Bug#978220: marked as done (hylafax: FTBFS: Incompatible TIFF Library.)

[Debian Bug Tracking System]

Your message dated Fri, 15 Jan 2021 08:21:24 +
with message-id 
and subject line Bug#978220: fixed in hylafax 3:6.0.7-3.1
has caused the Debian Bug report #978220,
regarding hylafax: FTBFS: Incompatible TIFF Library.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
978220: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978220
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: hylafax
Version: 3:6.0.7-3
Severity: serious
Justification: FTBFS on amd64
Tags: bullseye sid ftbfs
Usertags: ftbfs-20201226 ftbfs-bullseye

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.

Relevant part (hopefully):
> make[1]: Entering directory '/<>'
> cp -p /usr/share/misc/config.* .
> yes | /bin/bash ./configure \
>   --with-HTML=yes \
>   --with-REGEX=no \
>   --with-LIBREGEX='' \
>   --with-REGEXINC='' \
>   --with-UTMP=auto \
>   --with-DIR_BIN="/usr/bin" \
>   --with-DIR_LIBDATA="/etc/hylafax" \
>   --with-DIR_LIB="/usr/lib/hylafax" \
>   --with-DIR_LIBEXEC="/usr/sbin" \
>   --with-DIR_MAN="/usr/share/man" \
>   --with-DIR_SBIN="/usr/sbin" \
>   --with-DIR_LOCKS="/var/lock" \
>   --with-PATH_AFM="/usr/share/fonts/type1/gsfonts" \
>   --with-FONTMAP="/usr/share/ghostscript/9.19/lib" \
>   --with-MANSCHEME="bsd-source-gzip-strip" \
>   --with-DIR_HTML="/usr/share/doc/hylafax" \
>   --with-DIR_CGI="/usr/lib/cgi-bin" \
>   --with-HTMLPATH="/doc/hylafax" \
>   --with-SYSGID="root" \
>   --with-SYSUID="root" \
>   --with-PATH_GETTY="/etc/hylafax/getty-link" \
>   --with-PATH_VGETTY="/etc/hylafax/vgetty-link" \
>   --with-PATH_EGETTY="/etc/hylafax/egetty-link" \
>   --with-CONFIG_MAXGID="65534" \
>   --with-CMP="/usr/bin/cmp" \
>   --with-COL="/usr/bin/col" \
>   --with-MKFIFO="/usr/bin/mkfifo" \
>   --with-SORT="/usr/bin/sort" \
>   --with-OPTIMIZER="-g -O2 -fdebug-prefix-map=/<>=. 
> -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time 
> -D_FORTIFY_SOURCE=2" \
>   --with-MANDIR="/usr/share/man" \
>   --with-PATH_DPSRIP="" \
>   --with-PATH_IMPRIP="/usr/bin/psrip" \
>   --with-AWK="/usr/bin/awk"
> 
> Configuring HylaFAX (tm) (aka FlexFAX) 6.0.7.
> 
> If configure does the wrong thing, check the file config.log for
> information that may help you understand what went wrong.
> 
> Reading site-wide parameters from ./config.site.
> Gosh, aren't you lucky to have a x86_64-pc-linux-gnu system!
> Using /usr/bin/gcc for a C compiler (set CC to override).
> Looks like /usr/bin/gcc supports the -g option.
> ... but not together with the -O option, not using it.
> Looks like /usr/bin/gcc has an ANSI C preprocessor.
> ... but __ANSI_CPP__ is not automatically defined, will compensate.
> Looks like /usr/bin/gcc supports the -M option for generating make 
> dependencies.
> Using /usr/bin/g++ for a C++ compiler (set CXX to override).
> Looks like /usr/bin/g++ supports the -g option.
> Using " -g" for C++ compiler options.
> Looks like /usr/bin/g++ has an ANSI C preprocessor.
> ... but __ANSI_CPP__ is not automatically defined, will compensate.
> Using /usr/bin/make to configure the software.
> Using "include file" syntax for Makefiles.
> Looks like make supports "sinclude" for conditional includes.
> Using /bin/bash to process command scripts.
> Looks like the system has a CXX runtime
> Checking for PAM (Pluggable Authentication Module) support
> ... found. Enabling PAM support
> Checking for JBIG library support
> ... found. Enabling JBIG support
> Checking for NLS (gettext) library support
> ... found. Enabling NLS support
> Looks like -lcrypt is needed for crypt.
> Looks like -lutil is needed for wtmp file logging.
> 
> Creating port.h with necessary definitions.
> ... open FIFO files read+write to avoid select bug
> ... using call-by-reference for TIOCMBIS ioctl
> ... max client ID too large (65534); using default
> ... configure use of 
> ... configure use of 
> ... use (sig_t) for sigaction handler type
> ... use (sig_t) for signal handler type
> ... configure use of mmap for memory-mapped files
> ... configure use of sysconf
> ... configure use of ulimit
> ... configure use of getdtablesize
> ... add #define for howmany
> ... add function prototype for sigvec
> ... configure use of fchown
> ... configure use of fchmod
> ... configure use of  (internationalization support)
> ... configure use of 
> ... configure use of logwtmp (BSD-style wtmp logging)
> ... configure use of logout (BSD-style utmp support)
> ... configure use 

Bug#978220: Bug#964198: hylafax: diff for NMU version 3:6.0.7-3.1

[Gianfranco Costamagna]

On Wed, 13 Jan 2021 15:08:31 +0100 Giuseppe Sacco  wrote:
> Hello Bastien,
> thank you very much for your NMU.
> 
> Bye,
> Giuseppe
> 
> 
Since this seems a maintainer ack, I'm rescheduling from deferred queue to now 
:)

thanks!
dcut ssh-upload reschedule -d 0 -f hylafax_6.0.7-3.1_source.changes

G.