Processed: Re: smbc: ftbfs with GCC-10

[Debian Bug Tracking System]

Processing control commands:

> tags -1 patch
Bug #957817 [src:smbc] smbc: ftbfs with GCC-10
Added tag(s) patch.

-- 
957817: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=957817
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#957817: smbc: ftbfs with GCC-10

[Logan Rosen]

Control: tags -1 patch

Hi,

In Ubuntu, the attached patch was applied to achieve the following:

  * static_str.{c,h}: Fix multiple definitions of variables causing FTBFS with
GCC 10.

Thanks for considering the patch.

Logan
diff -Nru smbc-1.2.2/src/static_str.c smbc-1.2.2/src/static_str.c
--- smbc-1.2.2/src/static_str.c 2005-06-29 08:14:02.0 -0400
+++ smbc-1.2.2/src/static_str.c 2021-04-06 18:22:24.0 -0400
@@ -21,6 +21,32 @@
 #include "static_str.h"
 #include "fnet.h"
 
+char *Rm1, *Rm2, *Rm3, *Rm4, *Rm5, *Rm6, *Rm7, *Rm8, *Rm9, *Rm10, *Rm11,
+
+ *Rm18, *Rm19,
+ *Rm20, *Rm21, *Rm22, *Rm23, *Rm24, *Rm25, *Rm26, *Rm27, *Rm28, *Rm29,
+ *Rm30, *Rm31, *Rm32, *Rm33, *Rm34, *Rm35, *Rm36, *Rm37, *Rm38, *Rm39,
+ *Rm40, *Rm41, *Rm42, *Rm43, *Rm44, *Rm45, *Rm46,*Rm48, *Rm49,
+ *Rm50, *Rm51, *Rm52, *Rm53, *Rm54, *Rm55,   *Rm58, *Rm59,
+ *Rm60, *Rm61, *Rm62, *Rm63, *Rm64, *Rm65,*Rm67, *Rm68, *Rm69,
+ *Rm70, *Rm71, *Rm72, *Rm73, *Rm74, *Rm75, *Rm76, *Rm77, *Rm78, *Rm79,
+ *Rm80, *Rm81, *Rm82, *Rm83, *Rm84, *Rm85, *Rm86, *Rm87, *Rm88,
+ *Rm90, *Rm91, *Rm92, *Rm93, *Rm94, *Rm95, *Rm96, *Rm97, *Rm98, *Rm99,
+ *Rm100, *Rm101, *Rm102, *Rm103, *Rm104, *Rm105, *Rm106, *Rm107, *Rm108,
+ *Rm111, *Rm113, *Rm114, *Rm115, *Rm116, *Rm117, *Rm118, 
*Rm119,
+ *Rm121, *Rm123, *Rm124, *Rm125, 
*Rm129,
+ *Rm131, *Rm133, *Rm134, *Rm135, *Rm136, *Rm137, *Rm138, 
*Rm139,
+ *Rm140, *Rm141, *Rm142, *Rm143, *Rm144, *Rm145, *Rm146, *Rm147, *Rm148, 
*Rm149,
+ *Rm150, *Rm151, *Rm152, *Rm153, *Rm154, *Rm156, *Rm157, *Rm158, 
*Rm159,
+ *Rm160, *Rm162, *Rm163, *Rm168, 
*Rm169,
+ *Rm170, *Rm171, *Rm172, *Rm173, *Rm175, *Rm176, *Rm177, *Rm178, 
*Rm179,
+ *Rm180, *Rm181, *Rm182,
+
+ *Rm231, *Rm232, *Rm233, *Rm234, *Rm235, *Rm236, *Rm237, *Rm238, *Rm239,
+ *Rm240, *Rm241, *Rm242, *Rm243, *Rm244, *Rm245,
+
+ *Rm300, *Rm301, *Rm302, *Rm303, *Rm304, *Rm305, *Rm306, *Rm307;
+
 void 
 RinitStrings()
 {
diff -Nru smbc-1.2.2/src/static_str.h smbc-1.2.2/src/static_str.h
--- smbc-1.2.2/src/static_str.h 2005-06-29 08:14:02.0 -0400
+++ smbc-1.2.2/src/static_str.h 2021-04-06 18:22:24.0 -0400
@@ -9,7 +9,7 @@
 */
 // ---
 
-char *Rm1, *Rm2, *Rm3, *Rm4, *Rm5, *Rm6, *Rm7, *Rm8, *Rm9, *Rm10, *Rm11,
+extern char *Rm1, *Rm2, *Rm3, *Rm4, *Rm5, *Rm6, *Rm7, *Rm8, *Rm9, *Rm10, *Rm11,
 
  *Rm18, *Rm19,
  *Rm20, *Rm21, *Rm22, *Rm23, *Rm24, *Rm25, *Rm26, *Rm27, *Rm28, *Rm29,

Bug#953947: marked as done (debci: autopkgtest regularly times out)

[Debian Bug Tracking System]

Your message dated Tue, 06 Apr 2021 22:18:21 +
with message-id 
and subject line Bug#953947: fixed in debci 2.15.1
has caused the Debian Bug report #953947,
regarding debci: autopkgtest regularly times out
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
953947: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953947
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: debci
Version: 2.6
User: debian...@lists.debian.org
Usertags: timeout

Dear Antonio, myself and all,

Debci fails its own autopkgtest on arm64. Moreover, it regularly times out.

Can we please investigate the situation?

To avoid wasting lots of time on the ci.debian.net infrastructure, I
have add our own package to the ignore list for arm64.

Paul

https://ci.debian.net/data/autopkgtest/testing/arm64/d/debci/4053173/log.gz

autopkgtest [23:45:55]: test test-suite: [---
/tmp/autopkgtest-lxc.vflp3dij/downtmp/build.YMO/src/test/test_migration_tests.sh
autopkgtest [02:32:37]: ERROR: timed out on command "su -s /bin/bash
debci -c set -e; export USER=`id -nu`; . /etc/profile >/dev/null 2>&1 ||
true;  . ~/.profile >/dev/null 2>&1 || true;
buildtree="/tmp/autopkgtest-lxc.vflp3dij/downtmp/build.YMO/src"; mkdir
-p -m 1777 --
"/tmp/autopkgtest-lxc.vflp3dij/downtmp/test-suite-artifacts"; export
AUTOPKGTEST_ARTIFACTS="/tmp/autopkgtest-lxc.vflp3dij/downtmp/test-suite-artifacts";
export ADT_ARTIFACTS="$AUTOPKGTEST_ARTIFACTS"; mkdir -p -m 755
"/tmp/autopkgtest-lxc.vflp3dij/downtmp/autopkgtest_tmp"; export
AUTOPKGTEST_TMP="/tmp/autopkgtest-lxc.vflp3dij/downtmp/autopkgtest_tmp";
export ADTTMP="$AUTOPKGTEST_TMP"; export DEBIAN_FRONTEND=noninteractive;
export LANG=C.UTF-8; export DEB_BUILD_OPTIONS=parallel=32; unset
LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE   LC_MONETARY
LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS   LC_TELEPHONE LC_MEASUREMENT
LC_IDENTIFICATION LC_ALL;rm -f /tmp/autopkgtest_script_pid; set -C; echo
$$ > /tmp/autopkgtest_script_pid; set +C; trap "rm -f
/tmp/autopkgtest_script_pid" EXIT INT QUIT PIPE; cd "$buildtree"; chmod
+x
/tmp/autopkgtest-lxc.vflp3dij/downtmp/build.YMO/src/debian/tests/test-suite;
touch /tmp/autopkgtest-lxc.vflp3dij/downtmp/test-suite-stdout
/tmp/autopkgtest-lxc.vflp3dij/downtmp/test-suite-stderr;
/tmp/autopkgtest-lxc.vflp3dij/downtmp/build.YMO/src/debian/tests/test-suite
2> >(tee -a /tmp/autopkgtest-lxc.vflp3dij/downtmp/test-suite-stderr >&2)
> >(tee -a /tmp/autopkgtest-lxc.vflp3dij/downtmp/test-suite-stdout);"
(kind: test)
autopkgtest [02:32:37]: test test-suite: ---]



signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: debci
Source-Version: 2.15.1
Done: Antonio Terceiro 

We believe that the bug you reported is fixed in the latest version of
debci, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 953...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Antonio Terceiro  (supplier of updated debci package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 06 Apr 2021 18:53:57 -0300
Source: debci
Architecture: source
Version: 2.15.1
Distribution: unstable
Urgency: medium
Maintainer: Debian CI team 
Changed-By: Antonio Terceiro 
Closes: 953947
Changes:
 debci (2.15.1) unstable; urgency=medium
 .
   * test_helper: ensure a unique rabbitmq node name on CI environments.
 This hopefully fixes the unreliability of the functional tests on
 ci.debian.net. (Closes: #953947)
   * debian/tests/integration-test: don't install lxc or schroot
Checksums-Sha1:
 c135f0ed8024fb7f4d066fc6ca3bf9d5bafdd115 2833 debci_2.15.1.dsc
 4dc1d99e34fab4b7b14c8302c7e2d753f0c1405c 119660 debci_2.15.1.tar.xz
 1abb0ca9740679b316d640e280f9862b2d0ce519 13138 debci_2.15.1_amd64.buildinfo
Checksums-Sha256:
 b75295de8fc9dafda822a195eae73c8893c8feed981d0074c0851dc58df45f07 2833 
debci_2.15.1.dsc
 748247d096a7b88bbc678b8016280c885a69f5766be1466a4db7b4273767328b 119660 
debci_2.15.1.tar.xz
 88eb8fc6a21dfb8fbc8f41e2e5ecb9871b7f076fa5c395dbaf88713f2bb8cbe6 13138 
debci_2.15.1_amd64.buildinfo
Files:
 eb52d57b893422459ffb9945e0db996f 2833 devel optional 

Processed: Bug#953947 marked as pending in debci

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #953947 [src:debci] debci: autopkgtest regularly times out
Added tag(s) pending.

-- 
953947: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953947
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#953947: marked as pending in debci

[Antonio Terceiro]

Control: tag -1 pending

Hello,

Bug #953947 in debci reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/ci-team/debci/-/commit/40d3220b6a2bd3cacafff13e7a3b7842d6841880


test_helper: ensure a unique rabbitmq node name on CI environments

This hopefully fixes the unreliability of the functional tests on
ci.debian.net.

Closes: #953947
Gbp-Dch: full


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/953947

Bug#953947: debci: arm64 autopkgtest regularly times out

[Antonio Terceiro]

Hi,

On Mon, Apr 05, 2021 at 10:14:47PM +0200, Paul Gevers wrote:
> Control: severity -1 serious
> Control: retitle -1 debci: autopkgtest regularly times out
> 
> Hi Chris,
> 
> On 02-04-2021 22:13, Chris Hofstaedtler wrote:
> > This can also be seen on armhf, and amd64:
> > 
> > https://ci.debian.net/data/autopkgtest/testing/armhf/d/debci/11403517/log.gz
> > https://ci.debian.net/data/autopkgtest/testing/amd64/d/debci/11311391/log.gz
> > 
> > Might make sense to disable this test for bullseye if it cannot be fixed?
> 
> I think you're right, we should disable the test-suite test until we
> figure out what's wrong.
> 
> What I see in all the logs I checked is something like:
> Error: operation wait on node debci-test@ci-091-b3ce2841 timed out.
> Timeout value used: 1
> 
> For amd64, it mostly happens (but not always) on our worker13, which is
> our multi debci runner amd64 host. So it seems that our test-suite is
> not reliable on hosts which have multiple debci runners.

This reminded me of #956152. I looked into the debci test suite  and
realized the functional tests always start the test rabbitmq-server with
a fixed node name prefix, and that's probably why this happens. I will
use the hostname and and a random value for the node name - that should
do the trick.


signature.asc
Description: PGP signature

Bug#922981: tagging 922981 (ca-certificates-java: /etc/ca-certificates/update.d/jks-keystore doesn't update /etc/ssl/certs/java/cacerts)

[Ivo De Decker]

Hi Julien,

Do you have any comment on the merge request Andreas submitted to
ca-certificates, to allow breaking to dependency cycle in
ca-certificates-java (see mail quoted below, from #922981)?

Thanks,

Ivo

On Fri, Mar 19, 2021 at 03:04:35AM +0100, Andreas Beckmann wrote:
> On Thu, 11 Mar 2021 09:11:37 +0100 Paul Gevers  wrote:
> > Is it possible that we get this uploaded soon? If you have the fix
> > ready, it would be good to have it sooner rather than later as we're in
> > the freeze, so it gets a bit of exposure.
> 
> I'd like to get some maintainer feedback on
> 
> https://salsa.debian.org/java-team/ca-certificates-java/-/merge_requests/5
> 
> https://salsa.debian.org/debian/ca-certificates/-/merge_requests/6
> 
> I have now run some tests in my piuparts instance by injecting these
> packages into buster->bullseye upgrades and have not observed any upgrade
> issues related to ca-certificates-java.
> 
> 
> Andreas
> 

Bug#953562: Bug#974552: upgrade-reports: libc6/libcrypt split breaks perl during buster->bullseye upgrade

[Ivo De Decker]

Hi,

On Fri, Mar 19, 2021 at 04:52:57PM +0100, Ivo De Decker wrote:
> > > I wonder if all this might be caused by the breaks from libcrypt1 (against
> > > libc6 (<< 2.29-4)). Is there a way to remove the breaks without causing
> > > issues?  Maybe this is somewhat similar to the situation in
> 
> I tried this with a modified libcrypt1 binary (removing the breaks), and it
> fails (/lib/x86_64-linux-gnu/libcrypt.so.1 is missing after the libc6 unpack).
> I guess that's because of #953562: libc6 shipped
> /lib/x86_64-linux-gnu/libcrypt.so.1 while libcrypt1 ships
> /usr/lib/x86_64-linux-gnu/libcrypt.so.1 Obviously, for dpkg these are 2
> different files, but on a system with merged /usr they are not.

I created a patch to move libcrypt back to /lib, and that seems to solve the
issue. The patch is attached. With this patch, libcrypt1 is installed before
libc6 is upgraded, and the takeover of the library works correctly.

This also fixes #953562, which reported that this move is necessary.

Note that the original move from /lib to /usr/lib was more complicated than my
patch:
https://salsa.debian.org/md/libxcrypt/-/commit/1fb86fde5410088580f8032834037facb26d2d49
I didn't look into the details of the -dev package, because they are not
relevant to this bug. The patch might need to be adapted.


I ran a number of (partial and full) upgrade tests, and they all seem to work
fine. In all cases, libcrypt1 is installed before libc6, and there is no
intermediate situations where libcrypt.so.1 is missing.

> > The problem of removing the break, is that we loose the possibility of
> > downgrades. Is it something acceptable?
> 
> Well, I guess if that is the cost of not breaking people's systems on upgrade,
> that sounds like an acceptable trade-off. But I might be overlooking certain
> scenarios.
> 
> 
> > > https://bugs.debian.org/972936#24: libgcc-s1 takes over binaries from 
> > > libgcc1,
> > > but only 'replaces' it, without breaks (note that extra steps had to be 
> > > taken
> > > to avoid further issues (adding Important: yes and Protected: yes)).
> > 
> > Are this extra-steps basically required to prevent downgrades?
> 
> They are required to prevent you from removing libcrypt1 again: on a buster
> system, install such a hypothetical libcrypt1 from bullseye (which takes over
> libcrypt.so.1). Then remove that again. Now libcrypt.so.1 is missing. If the
> breaks is present, libcrypt1 can only be installed together with the new
> libc6, which prevents you from removing libcrypt1 afterwards.

As in #972936, my patch adds Important and Protected, which prevents removal of
libcrypt1 once it's installed.

Cheers,

Ivo

diff --git a/debian/changelog b/debian/changelog
index b5088dc..16d25ff 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,16 @@
+libxcrypt (2:4.4.17-1.1) UNRELEASED; urgency=medium
+
+  * Make sure takeover of libcrypt.so.1 from libc6 works correctly on upgrades
+from buster to bullseye (Closes: #974552):
+- Move the library back from /usr/lib/ to /lib/, because that's where it
+  was in the old libc6 (Closes: #953562)
+- Remove breaks from libcrypt1, to allow installing libcrypt1 before libc6
+  is upgraded
+- Mark libcrypt1 as Important and Protected, to prevent removal after a
+  partial upgrade
+
+ -- Ivo De Decker   Tue, 06 Apr 2021 19:46:44 +
+
 libxcrypt (1:4.4.17-1) unstable; urgency=medium
 
   * New upstream release.
diff --git a/debian/control b/debian/control
index 35939dd..a2ae60a 100644
--- a/debian/control
+++ b/debian/control
@@ -16,11 +16,8 @@ Architecture: any
 Multi-Arch: same
 Pre-Depends: ${misc:Pre-Depends}
 Depends: ${shlibs:Depends}, ${misc:Depends}
-Breaks:
- libc6 (<< 2.29-4),
- libc6.1 (<< 2.29-4) [alpha ia64],
- libc0.1 (<< 2.29-4) [kfreebsd-amd64 kfreebsd-i386],
- libc0.3 (<< 2.29-4) [hurd-i386],
+XB-Important: yes
+Protected: yes
 Replaces:
  libc6 (<< 2.29-4),
  libc6.1 (<< 2.29-4) [alpha ia64],
diff --git a/debian/libcrypt-dev.files b/debian/libcrypt-dev.files
index 94387de..fc172a1 100644
--- a/debian/libcrypt-dev.files
+++ b/debian/libcrypt-dev.files
@@ -1,5 +1,5 @@
 /usr/include/
 /usr/share/man/
-/usr/lib/*/pkgconfig/
-/usr/lib/*/*.a
-/usr/lib/*/*.so
+/lib/*/pkgconfig/
+/lib/*/*.a
+/lib/*/*.so
diff --git a/debian/rules b/debian/rules
index 2969306..26f2bcd 100755
--- a/debian/rules
+++ b/debian/rules
@@ -34,11 +34,11 @@ CONFFLAGS = --disable-werror --prefix=/usr \
 CONFFLAGS_deb  = $(CONFFLAGS) \
   $(shell DEB_BUILD_MAINT_OPTIONS="hardening=+bindnow" \
 dpkg-buildflags --export=configure || true) \
-  --libdir=/usr/lib/$(DEB_HOST_MULTIARCH)
+  --libdir=/lib/$(DEB_HOST_MULTIARCH)
 CONFFLAGS_udeb = $(CONFFLAGS) \
   $(subst -O2,-Os -fomit-frame-pointer,$(shell DEB_BUILD_MAINT_OPTIONS="hardening=-all" \
 dpkg-buildflags --export=configure || true)) \
-  --libdir=/usr/lib
+  --libdir=/lib
 
 ##
 DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture 

Bug#986488: pyspread: autogpktest regression

[Sebastian Ramacher]

Source: pyspread
Version: 1.99.6-1
Severity: serious
X-Debbugs-Cc: sramac...@debian.org

pyspread's autopkgtest fail with:

| === FAILURES 
===
|  TestGrid.test_on_font 
_
|
| self = 
|
| def test_on_font(self):
| """Unit test for on_font"""
| 
| self.grid.selectRow(2)
| 
| fixed_font = 
QFontDatabase.systemFont(QFontDatabase.FixedFont).family()
| 
| main_window.widgets.font_combo.font = fixed_font
| self.grid.on_font()
| >   assert self.cell_attributes[(2, 0, 0)]["textfont"] == fixed_font
| E   AssertionError: assert 'Bitstream Vera Sans Mono' == 'monospace'
| E - monospace
| E + Bitstream Vera Sans Mono


See
https://ci.debian.net/data/autopkgtest/testing/amd64/p/pyspread/11493120/log.gz

Cheers
-- 
Sebastian Ramacher


signature.asc
Description: PGP signature

Processed: tagging 918984

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 918984 + sid bullseye
Bug #918984 [src:fuse3] fuse3: provide upgrade path fuse -> fuse3 for bullseye
Added tag(s) bullseye and sid.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
918984: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918984
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#918984: fuse3 still not co-installable with fuse

[Debian Bug Tracking System]

Processing control commands:

> severity -1 serious
Bug #918984 [src:fuse3] fuse3 still not co-installable with fuse
Severity set to 'serious' from 'important'
> retitle -1 fuse3: provide upgrade path fuse -> fuse3 for bullseye
Bug #918984 [src:fuse3] fuse3 still not co-installable with fuse
Changed Bug title to 'fuse3: provide upgrade path fuse -> fuse3 for bullseye' 
from 'fuse3 still not co-installable with fuse'.

-- 
918984: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918984
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#986452: marked as done (libkf5messagelist5abi1: KMail fails to start because it can't load libKF5MessageList.so.5abi1)

[Debian Bug Tracking System]

Your message dated Tue, 06 Apr 2021 19:04:39 +
with message-id 
and subject line Bug#986452: fixed in kf5-messagelib 4:20.08.3-4
has caused the Debian Bug report #986452,
regarding libkf5messagelist5abi1: KMail fails to start because it can't load 
libKF5MessageList.so.5abi1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
986452: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986452
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libkf5messagelist5abi1
Version: 4:20.08.3-3
Severity: important

Since upgrading of libkf5messagelist5abi1 KMail fails to load with the
following error message (I actually load it via Kontact):
"Cannot load part for Mail.
Cannot load library /usr/lib/x86_64-linux-gnu/qt5/plugins/kmailpart.so: 
(libKF5MessageList.so.5abi1: kan gedeeld objectbestand niet openen: 
Bestand of map bestaat niet)"

Translation of last part: 
"can't load shared object: file or folder not found"
(I want my system in English, but more and more Dutch things creep in)

The testing version (4:20.08.3-2) has this file list:
$ dpkg -L libkf5messagelist5abi1 | grep -v '/usr/share/doc'
/.
/usr
/usr/lib
/usr/lib/x86_64-linux-gnu
/usr/lib/x86_64-linux-gnu/libKF5MessageList.so.5.15.3.abi1
/usr/share
/usr/lib/x86_64-linux-gnu/libKF5MessageList.so.5abi1

The unstable version (4:20.08.3-3) has this file list:
$ dpkg -L libkf5messagelist5abi1 | grep -v '/usr/share/doc'
/.
/usr
/usr/lib
/usr/lib/x86_64-linux-gnu
/usr/lib/x86_64-linux-gnu/libKF5MessageList.so.5.15.3
/usr/share
/usr/lib/x86_64-linux-gnu/libKF5MessageList.so.5

So the [.]abi1 suffix is no longer there.
My guess is that either the [.]abi1 suffix should be added back again or
the component(s) that are linked to it, should be recompiled to link to
the new name.

Downgrading libkf5messagelist5abi1 (and it's dependencies) to the
testing version makes KMail work again.

On my system that meant these packages:
kf5-messagelib-data libkf5messagecomposer5abi1 libkf5messagecore5abi1 
libkf5messagelist5abi1 libkf5messageviewer5abi1 libkf5mimetreeparser5abi1
libkf5templateparser5 libkf5webengineviewer5abi1


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 
'unstable'), (500, 'testing'), (101, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-5-amd64 (SMP w/16 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libkf5messagelist5abi1 depends on:
ii  kf5-messagelib-data  4:20.08.3-3
ii  kio  5.78.0-4
ii  libc62.31-11
ii  libgcc-s110.2.1-6
ii  libkf5akonadicore5abi2 [libkf5akonadicore5-20.08]4:20.08.3-2
ii  libkf5akonadimime5 [libkf5akonadimime5-20.08]4:20.08.3-1
ii  libkf5akonadisearchpim5 [libkf5akonadisearchpim5-20.08]  4:20.08.3-1
ii  libkf5configcore55.78.0-4
ii  libkf5configgui5 5.78.0-4
ii  libkf5configwidgets5 5.78.0-2
ii  libkf5coreaddons55.78.0-4
ii  libkf5i18n5  5.78.0-2
ii  libkf5iconthemes55.78.0-2
ii  libkf5itemmodels55.78.0-2
ii  libkf5kiocore5   5.78.0-4
ii  libkf5messagecore5abi1 [libkf5messagecore5-20.08]4:20.08.3-3
ii  libkf5mime5abi1 [libkf5mime5-20.08]  20.08.3-1
ii  libkf5pimcommon5abi2 [libkf5pimcommon5-20.08]4:20.08.3-1
ii  libkf5pimcommonakonadi5abi1 [libkf5pimcommonakonadi5-20.08]  4:20.08.3-1
ii  libkf5textwidgets5   5.78.0-2
ii  libkf5widgetsaddons5 5.78.0-2
ii  libkf5xmlgui55.78.0-2
ii  libqt5core5a 5.15.2+dfsg-5
ii  libqt5gui5   5.15.2+dfsg-5
ii  libqt5widgets5   5.15.2+dfsg-5
ii  libstdc++6   

Bug#986434: marked as done (kmail FTBFS: /usr/bin/ld: /usr/lib/x86_64-linux-gnu/libKF5MailCommon.so.5.15.3.abi2: undefined reference to `MessageCore::MailingList::MailingList()@ABI_5_1')

[Debian Bug Tracking System]

Your message dated Tue, 06 Apr 2021 19:04:39 +
with message-id 
and subject line Bug#986452: fixed in kf5-messagelib 4:20.08.3-4
has caused the Debian Bug report #986452,
regarding kmail FTBFS: /usr/bin/ld: 
/usr/lib/x86_64-linux-gnu/libKF5MailCommon.so.5.15.3.abi2: undefined reference 
to `MessageCore::MailingList::MailingList()@ABI_5_1'
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
986452: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986452
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: kmail
Version: 4:20.08.3-1
Severity: serious
Tags: ftbfs

kmail fails to build from source in unstable on amd64. It runs into a
pile of linker errors while linking the kmail executable. Example:

| /usr/bin/ld: /usr/lib/x86_64-linux-gnu/libKF5MailCommon.so.5.15.3.abi2: 
undefined reference to `MessageCore::MailingList::MailingList()@ABI_5_1'

Maybe libkf5mailcommon5abi2 is underlinked? Please reassign the bug if
necessary. Seems to be a fairly recent issue as reproducible.d.n didn't
run into it on 2021-03-24. I don't see what could have caused this.
Should be trivially reproducible though.

Helmut
--- End Message ---
--- Begin Message ---
Source: kf5-messagelib
Source-Version: 4:20.08.3-4
Done: Sandro Knauß 

We believe that the bug you reported is fixed in the latest version of
kf5-messagelib, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 986...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sandro Knauß  (supplier of updated kf5-messagelib package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 06 Apr 2021 16:22:38 +0200
Source: kf5-messagelib
Architecture: source
Version: 4:20.08.3-4
Distribution: unstable
Urgency: medium
Maintainer: Debian/Kubuntu Qt/KDE Maintainers 
Changed-By: Sandro Knauß 
Closes: 986452
Changes:
 kf5-messagelib (4:20.08.3-4) unstable; urgency=medium
 .
   * Fix broken patch series file (Closes: #986452).
Checksums-Sha1:
 e19c76668cc27a8b81389955cccf051f4883e615 4982 kf5-messagelib_20.08.3-4.dsc
 c078b6f60dca1eb74d5f02425dd407717bf0c7ec 20556 
kf5-messagelib_20.08.3-4.debian.tar.xz
 be7cb634a0cdc90f3c3391bc7656af6c0ae13353 25520 
kf5-messagelib_20.08.3-4_source.buildinfo
Checksums-Sha256:
 63c344468d66547c3dc912030b942d5bda7d907a5b3d470c28a374cd7665 4982 
kf5-messagelib_20.08.3-4.dsc
 4fa67118d63df8f47d50b3d67caa6a82c6d3342eba58d53129e849f409a4b6e0 20556 
kf5-messagelib_20.08.3-4.debian.tar.xz
 a477d202e6bbf75b1a818b6fb6e3ca9593dbc3484186a0611a202008041aa895 25520 
kf5-messagelib_20.08.3-4_source.buildinfo
Files:
 398883589e7234621d2316a4e6dc6c49 4982 libs optional 
kf5-messagelib_20.08.3-4.dsc
 c706c4896ff93ba606ed3d8134a26e34 20556 libs optional 
kf5-messagelib_20.08.3-4.debian.tar.xz
 f775b8c2c7fda8be2829e4c28938d780 25520 libs optional 
kf5-messagelib_20.08.3-4_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJFBAEBCgAvFiEEOewRoCAWtykmSRoG462wCFBgVjYFAmBsp7gRHGhlZmVlQGRl
Ymlhbi5vcmcACgkQ462wCFBgVjZa2BAAsT5QuhZCkZ5mqIyFYbSYxAPq2GpvsFZF
7QS7UeJdbvAm/sf1x5gnP53DB/J+//zuyh6GcUHgpSrSojddA9KQ4aFY3WF7yMZA
24E9zYm3Wt2FJD2Z9OW1SWATDBq1LPWwHz7XU1lsGqDyDlX+HYHJ5CugiaS6acFA
nuoa8j8tu8O9eBnEW0SqdC8gAaUNowHCi7/gAvhXduHDosU877iLO7mx5ZSxM5HA
RszUwONI7zKdQq1BptCIDpHdwN4SdinIkGQ82CklUoObb0FJu6LuusgMPYIhWFBz
T91VxDPrutbNiiUWds6WkmfOQID8XrU2kkCcoS/ZSLRziaXAkFFZecWZqCQzob5Q
rF/GZXyaV5zWkkbFty832+a1sShlK37AJnUs9WiA6x9es7HEDTeREDoZqMCDR7cC
YHyekbq44yqNsDPPlf/7bwJEMDoZSfPTft1X3tNqkr9h4VmcA7BF3KJ6Rjgj+QEa
9vcD5zB2LvqvmGv6hq7r7H07Ntk6QJHudnKE5Oj5+8+Kh6XiNbz1t5PJP8QqANpW
B7CamyIAwF/5yovID3KetJ88WLD36FceW//IY6CMV430CNkssh2cn1azM8zTs/ch
E9o0+58oVtnvbKFfW6oKruvBRcgSDYf3LXzMHeDS5zO7Zw5XATUe0EttGnzDLK2R
3BDanMg93rM=
=fSef
-END PGP SIGNATURE End Message ---

Bug#985859: cpqarrayd - ship with bullseye? - no driver support

[Thijs Kinkhorst]

Hi Chris,

On Thu, March 25, 2021 02:42, Chris Hofstaedtler wrote:
> Source: cpqarrayd
> Version: 2.3.6
> Severity: serious
>
> Linux upstream has removed the "cciss" driver in 4.14-rc1. cpqarrayd
> needs the cciss driver to function.
>
> I imagine we shouldn't ship software that did not work with buster's
> kernel in bullseye.

As the previous maintainer of cpqarrayd, I fully agree. Since nothing
happened since we orphaned the package 3 years ago, I think it's safe to
just request removal. I have just done so in #986483.


Kind regards,
Thijs

Processed: Re: libkf5messagelist5abi1: KMail fails to start because it can't load libKF5MessageList.so.5abi1

[Debian Bug Tracking System]

Processing control commands:

> affects -1 akregator
Bug #986452 [libkf5messagelist5abi1] libkf5messagelist5abi1: KMail fails to 
start because it can't load libKF5MessageList.so.5abi1
Bug #986434 [libkf5messagelist5abi1] kmail FTBFS: /usr/bin/ld: 
/usr/lib/x86_64-linux-gnu/libKF5MailCommon.so.5.15.3.abi2: undefined reference 
to `MessageCore::MailingList::MailingList()@ABI_5_1'
Added indication that 986452 affects akregator
Added indication that 986434 affects akregator

-- 
986434: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986434
986452: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986452
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#986452: libkf5messagelist5abi1: KMail fails to start because it can't load libKF5MessageList.so.5abi1

[Marcel Ilg]

Control: affects -1 akregator

Dear Maintainer,

this bug affects akregator too.

Marcel

Processed: forcemerge 986452 986434

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign  986434 libkf5messagelist5abi1 4:20.08.3-3
Bug #986434 [src:kmail] kmail FTBFS: /usr/bin/ld: 
/usr/lib/x86_64-linux-gnu/libKF5MailCommon.so.5.15.3.abi2: undefined reference 
to `MessageCore::MailingList::MailingList()@ABI_5_1'
Bug reassigned from package 'src:kmail' to 'libkf5messagelist5abi1'.
No longer marked as found in versions kmail/4:20.08.3-1.
Ignoring request to alter fixed versions of bug #986434 to the same values 
previously set
Bug #986434 [libkf5messagelist5abi1] kmail FTBFS: /usr/bin/ld: 
/usr/lib/x86_64-linux-gnu/libKF5MailCommon.so.5.15.3.abi2: undefined reference 
to `MessageCore::MailingList::MailingList()@ABI_5_1'
Marked as found in versions kf5-messagelib/4:20.08.3-3.
> affects 986434 kmail
Bug #986434 [libkf5messagelist5abi1] kmail FTBFS: /usr/bin/ld: 
/usr/lib/x86_64-linux-gnu/libKF5MailCommon.so.5.15.3.abi2: undefined reference 
to `MessageCore::MailingList::MailingList()@ABI_5_1'
Ignoring request to set affects of bug 986434 to the same value previously set
> forcemerge 986452 986434
Bug #986452 [libkf5messagelist5abi1] libkf5messagelist5abi1: KMail fails to 
start because it can't load libKF5MessageList.so.5abi1
Bug #986452 [libkf5messagelist5abi1] libkf5messagelist5abi1: KMail fails to 
start because it can't load libKF5MessageList.so.5abi1
Added tag(s) ftbfs.
Bug #986434 [libkf5messagelist5abi1] kmail FTBFS: /usr/bin/ld: 
/usr/lib/x86_64-linux-gnu/libKF5MailCommon.so.5.15.3.abi2: undefined reference 
to `MessageCore::MailingList::MailingList()@ABI_5_1'
Merged 986434 986452
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
986434: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986434
986452: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986452
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#986161: fixed in droopy 0.20160830-4

[Benjamin Drung]

Hi,

Am Montag, den 05.04.2021, 20:16 +0200 schrieb Ivo De Decker:
> Hi,
> 
> On Sat, Apr 03, 2021 at 02:17:47PM +, Debian FTP Masters wrote:
> > Binary: droopy
> > Architecture: source all
> 
> Please note that you uploaded binaries. If you want the fix to (potentially)
> migrate to testing, you'll need to do a new source-only upload (and file an
> unblock request after that).

Thanks for pointing out my mistake. I accidentally uploaded my test
binary build and forgot to build the source build for upload. I'll do a
source-only upload.

-- 
Benjamin Drung
Debian & Ubuntu Developer

Processed: simka: flaky amd64 autopkgtest: regularly times out after 2:47 h

[Debian Bug Tracking System]

Processing control commands:

> reopen -1
Bug #986256 {Done: Étienne Mollier } [src:simka] 
simka: flaky amd64 autopkgtest: regularly times out after 2:47 h
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions simka/1.5.3-3.

-- 
986256: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986256
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#986256: simka: flaky amd64 autopkgtest: regularly times out after 2:47 h

[Graham Inggs]

Control: reopen -1

This is still occurring with simka 1.5.3-3, see:
https://ci.debian.net/packages/s/simka/testing/amd64/

Bug#986474: i2p-router: broken symlink: /usr/share/i2p/lib/ecj.jar -> ../../java/ecj.jar

[Andreas Beckmann]

Package: i2p-router
Version: 0.9.48-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package ships (or creates)
a broken symlink.

>From the attached log (scroll to the bottom...):

0m41.7s ERROR: FAIL: Broken symlinks:
  /usr/share/i2p/lib/ecj.jar -> ../../java/ecj.jar (i2p-router)

Is i2p-router missing a dependency on libecj-java?

Severity set on the assumption the package is broken without ecj.jar.

cheers,

Andreas


i2p-router_0.9.48-1.log.gz
Description: application/gzip

Processed (with 2 errors): forcemerge 986452 986434

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign  986434 libkf5messagelist5abi1/4:20.08.3-3
Unknown command or malformed arguments to command.
> affects 986434 kmail
Bug #986434 [src:kmail] kmail FTBFS: /usr/bin/ld: 
/usr/lib/x86_64-linux-gnu/libKF5MailCommon.so.5.15.3.abi2: undefined reference 
to `MessageCore::MailingList::MailingList()@ABI_5_1'
Added indication that 986434 affects kmail
> forcemerge 986452 986434
Bug #986452 [libkf5messagelist5abi1] libkf5messagelist5abi1: KMail fails to 
start because it can't load libKF5MessageList.so.5abi1
Unable to merge bugs because:
package of #986434 is 'src:kmail' not 'libkf5messagelist5abi1'
Failed to forcibly merge 986452: Did not alter merged bugs.

> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
986434: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986434
986452: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986452
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#858498: Please reject simgrid_3.27+dfsg-1

[Martin Quinson]

Hello FTP masters,

I'm sorry for the extra burden, but I uploaded the new upstream
release to unstable by error instead of experimental.

This upload needs to be canceled so that I can fix the version in
testing. #858498 is RC and was reopened an hour ago.

Sorry again for the extra burden,
Mt.

signature.asc
Description: PGP signature

Bug#986467: r-cran-rcdklibs: broken symlinks: /usr/lib/R/site-library/rcdklibs/cont/*.jar -> ../../../../../share/java/*.jar

[Andreas Beckmann]

Package: r-cran-rcdklibs
Version: 2.3+dfsg-5
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package ships (or creates)
a broken symlink.

>From the attached log (scroll to the bottom...):

1m2.5s ERROR: FAIL: Broken symlinks:
  /usr/lib/R/site-library/rcdklibs/cont/xz.jar -> 
../../../../../share/java/xz.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/xom.jar -> 
../../../../../share/java/xom.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/xmlgraphics-commons.jar -> 
../../../../../share/java/xmlgraphics-commons.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/xmlParserAPIs.jar -> 
../../../../../share/java/xmlParserAPIs.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/xml-resolver.jar -> 
../../../../../share/java/xml-resolver.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/xml-commons-external.jar -> 
../../../../../share/java/xml-commons-external.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/xml-apis.jar -> 
../../../../../share/java/xml-apis.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/xml-apis-ext.jar -> 
../../../../../share/java/xml-apis-ext.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/xercesSamples.jar -> 
../../../../../share/java/xercesSamples.jar (r-cran-rcdklibs)
...
  /usr/lib/R/site-library/rcdklibs/cont/asm-analysis.jar -> 
../../../../../share/java/asm-analysis.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/asm-all.jar -> 
../../../../../share/java/asm-all.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/aopalliance.jar -> 
../../../../../share/java/aopalliance.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/ant.jar -> 
../../../../../share/java/ant.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/ant-launcher.jar -> 
../../../../../share/java/ant-launcher.jar (r-cran-rcdklibs)
  /usr/lib/R/site-library/rcdklibs/cont/ant-bootstrap.jar -> 
../../../../../share/java/ant-bootstrap.jar (r-cran-rcdklibs)


I assume the package is not functional with all these .jars missing, thus the 
severity.


cheers,

Andreas


r-cran-rcdklibs_2.3+dfsg-5.log.gz
Description: application/gzip

Processed: libncarg-dev: broken symlinks: /lib/libNG*.so -> libNG*.so.1

[Debian Bug Tracking System]

Processing control commands:

> affects -1 + libncarg0
Bug #986460 [libncarg-dev] libncarg-dev: broken symlinks: /lib/libNG*.so -> 
libNG*.so.1
Added indication that 986460 affects libncarg0

-- 
986460: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986460
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#986460: libncarg-dev: broken symlinks: /lib/libNG*.so -> libNG*.so.1

[Andreas Beckmann]

Package: libncarg-dev
Version: 6.6.2-6
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: affects -1 + libncarg0

Hi,

during a test with piuparts I noticed your package ships (or creates)
a broken symlink.

>From the attached log (scroll to the bottom...):

0m53.0s ERROR: FAIL: Broken symlinks:
  /lib/libfftpack5_dp.so -> libfftpack5_dp.so.1 (libncarg-dev:amd64)
  /lib/libNGras.so -> libNGras.so.1 (libncarg-dev:amd64)
  /lib/libNGnfpfort.so -> libNGnfpfort.so.1 (libncarg-dev:amd64)
  /lib/libNGnfp.so -> libNGnfp.so.1 (libncarg-dev:amd64)
  /lib/libNGncl.so -> libNGncl.so.1 (libncarg-dev:amd64)
  /lib/libNGmp.so -> libNGmp.so.1 (libncarg-dev:amd64)
  /lib/libNGmisc2.so -> libNGmisc2.so.1 (libncarg-dev:amd64)
  /lib/libNGmisc.so -> libNGmisc.so.1 (libncarg-dev:amd64)
  /lib/libNGmath.so -> libNGmath.so.1 (libncarg-dev:amd64)
  /lib/libNGlluC.so -> libNGlluC.so.1 (libncarg-dev:amd64)
  /lib/libNGllu.so -> libNGllu.so.1 (libncarg-dev:amd64)
  /lib/libNGictrans.so -> libNGictrans.so.1 (libncarg-dev:amd64)
  /lib/libNGhlu.so -> libNGhlu.so.1 (libncarg-dev:amd64)
  /lib/libNGgksX.so -> libNGgksX.so.1 (libncarg-dev:amd64)
  /lib/libNGgksPS.so -> libNGgksPS.so.1 (libncarg-dev:amd64)
  /lib/libNGgksPDF.so -> libNGgksPDF.so.1 (libncarg-dev:amd64)
  /lib/libNGgksCTXT.so -> libNGgksCTXT.so.1 (libncarg-dev:amd64)
  /lib/libNGgks.so -> libNGgks.so.1 (libncarg-dev:amd64)
  /lib/libNGff.so -> libNGff.so.1 (libncarg-dev:amd64)
  /lib/libNGctrans.so -> libNGctrans.so.1 (libncarg-dev:amd64)
  /lib/libNGcn.so -> libNGcn.so.1 (libncarg-dev:amd64)
  /lib/libNGcgm.so -> libNGcgm.so.1 (libncarg-dev:amd64)
  /lib/libNGc.so -> libNGc.so.1 (libncarg-dev:amd64)

libncarg0 ships the libraries in /usr/lib/ (not /lib)
therefore the soname links should be there as well.


cheers,

Andreas


libncarg0_6.6.2-6+b1.log.gz
Description: application/gzip

Bug#858498: libsimgrid-dev: missing Depends: simgrid-java (= ${binary:Version})

[Andreas Beckmann]

Followup-For: Bug #858498

The dependency is gone again and the broken symlink is back:

0m41.6s ERROR: FAIL: Broken symlinks:
  /usr/lib/libsimgrid-java.so -> libsimgrid-java.so.3.25 (libsimgrid-dev)


Andreas

Processed: tagging 985859, found 939763 in 2.2.11-2, tagging 939763

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 985859 + sid bullseye
Bug #985859 [src:cpqarrayd] cpqarrayd - ship with bullseye? - no driver support
Added tag(s) sid and bullseye.
> found 939763 2.2.11-2
Bug #939763 [src:sphinxsearch] sphinxsearch: Still maintained (same version 
since stretch)?
Marked as found in versions sphinxsearch/2.2.11-2.
> tags 939763 + sid bullseye
Bug #939763 [src:sphinxsearch] sphinxsearch: Still maintained (same version 
since stretch)?
Added tag(s) bullseye and sid.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
939763: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939763
985859: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985859
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: unarchiving 858498, found 858498 in 3.25+dfsg-4

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> unarchive 858498
Bug #858498 {Done: Martin Quinson } [libsimgrid-dev] 
libsimgrid-dev: missing Depends: simgrid-java (= ${binary:Version})
Unarchived Bug 858498
> found 858498 3.25+dfsg-4
Bug #858498 {Done: Martin Quinson } [libsimgrid-dev] 
libsimgrid-dev: missing Depends: simgrid-java (= ${binary:Version})
Marked as found in versions simgrid/3.25+dfsg-4 and reopened.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
858498: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858498
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#986269: curl: diff for NMU version 7.74.0-1.2

[Salvatore Bonaccorso]

Control: tags 986269 + pending
Control: tags 986270 + pending

Hi Alessandro,

I've prepared an NMU for curl (versioned as 7.74.0-1.2) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards,
Salvatore
diff -Nru curl-7.74.0/debian/changelog curl-7.74.0/debian/changelog
--- curl-7.74.0/debian/changelog	2021-02-10 01:42:40.0 +0100
+++ curl-7.74.0/debian/changelog	2021-04-03 14:43:39.0 +0200
@@ -1,3 +1,13 @@
+curl (7.74.0-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * transfer: strip credentials from the auto-referer header field
+(CVE-2021-22876) (Closes: #986269)
+  * vtls: add 'isproxy' argument to Curl_ssl_get/addsessionid()
+(CVE-2021-22890) (Closes: #986270)
+
+ -- Salvatore Bonaccorso   Sat, 03 Apr 2021 14:43:39 +0200
+
 curl (7.74.0-1.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru curl-7.74.0/debian/patches/14_transfer-strip-credentials-from-the-auto-referer-hea.patch curl-7.74.0/debian/patches/14_transfer-strip-credentials-from-the-auto-referer-hea.patch
--- curl-7.74.0/debian/patches/14_transfer-strip-credentials-from-the-auto-referer-hea.patch	1970-01-01 01:00:00.0 +0100
+++ curl-7.74.0/debian/patches/14_transfer-strip-credentials-from-the-auto-referer-hea.patch	2021-04-03 14:43:39.0 +0200
@@ -0,0 +1,140 @@
+From: Viktor Szakats 
+Date: Tue, 23 Feb 2021 14:54:46 +0100
+Subject: transfer: strip credentials from the auto-referer header field
+Origin: https://github.com/curl/curl/commit/7214288898f5625a6cc196e22a74232eada7861c
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-22876
+
+Added test 2081 to verify.
+
+CVE-2021-22876
+
+Bug: https://curl.se/docs/CVE-2021-22876.html
+---
+ lib/transfer.c  | 25 ++--
+ tests/data/Makefile.inc |  2 +-
+ tests/data/test2081 | 66 +
+ 3 files changed, 90 insertions(+), 3 deletions(-)
+ create mode 100644 tests/data/test2081
+
+--- a/lib/transfer.c
 b/lib/transfer.c
+@@ -1588,6 +1588,9 @@ CURLcode Curl_follow(struct Curl_easy *d
+   data->set.followlocation++; /* count location-followers */
+ 
+   if(data->set.http_auto_referer) {
++CURLU *u;
++char *referer;
++
+ /* We are asked to automatically set the previous URL as the referer
+when we get the next URL. We pick the ->url field, which may or may
+not be 100% correct */
+@@ -1597,9 +1600,27 @@ CURLcode Curl_follow(struct Curl_easy *d
+   data->change.referer_alloc = FALSE;
+ }
+ 
+-data->change.referer = strdup(data->change.url);
+-if(!data->change.referer)
++/* Make a copy of the URL without crenditals and fragment */
++u = curl_url();
++if(!u)
++  return CURLE_OUT_OF_MEMORY;
++
++uc = curl_url_set(u, CURLUPART_URL, data->change.url, 0);
++if(!uc)
++  uc = curl_url_set(u, CURLUPART_FRAGMENT, NULL, 0);
++if(!uc)
++  uc = curl_url_set(u, CURLUPART_USER, NULL, 0);
++if(!uc)
++  uc = curl_url_set(u, CURLUPART_PASSWORD, NULL, 0);
++if(!uc)
++  uc = curl_url_get(u, CURLUPART_URL, , 0);
++
++curl_url_cleanup(u);
++
++if(uc || referer == NULL)
+   return CURLE_OUT_OF_MEMORY;
++
++data->change.referer = referer;
+ data->change.referer_alloc = TRUE; /* yes, free this later */
+   }
+ }
+--- a/tests/data/Makefile.inc
 b/tests/data/Makefile.inc
+@@ -218,7 +218,7 @@ test2064 test2065 test2066 test2067 test
+ test2064 test2065 test2066 test2067 test2068 test2069 test2070 \
+  test2071 test2072 test2073 test2074 test2075 test2076 test2077 \
+ test2078 \
+-test2080 \
++test2080 test2081 \
+ test2100 \
+ \
+ test3000 test3001 test3002 test3003 test3004 test3005 test3006 test3007 \
+--- /dev/null
 b/tests/data/test2081
+@@ -0,0 +1,66 @@
++
++
++
++HTTP
++HTTP GET
++referer
++followlocation
++--write-out
++
++
++
++# Server-side
++
++
++HTTP/1.1 301 This is a weirdo text message swsclose
++Location: data/%TESTNUMBER0002.txt?coolsite=yes
++Content-Length: 62
++Connection: close
++
++This server reply is for testing a simple Location: following
++
++
++
++# Client-side
++
++
++http
++
++ 
++Automatic referrer credential and anchor stripping check
++ 
++ 
++http://user:pass@%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER#anchor --location --referer ';auto' --write-out '%{referer}\n'
++
++
++
++# Verify data after the test has been "shot"
++
++
++52
++
++
++GET /we/want/our/%TESTNUMBER HTTP/1.1
++Host: %HOSTIP:%HTTPPORT
++Authorization: Basic dXNlcjpwYXNz
++User-Agent: curl/%VERSION
++Accept: */*
++
++GET /we/want/our/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1
++Host: %HOSTIP:%HTTPPORT
++Authorization: Basic dXNlcjpwYXNz
++User-Agent: curl/%VERSION
++Accept: */*
++Referer: http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER
++
++
++
++HTTP/1.1 301 This is a weirdo text message 

Processed: curl: diff for NMU version 7.74.0-1.2

[Debian Bug Tracking System]

Processing control commands:

> tags 986269 + pending
Bug #986269 [src:curl] curl: CVE-2021-22876
Added tag(s) pending.
> tags 986270 + pending
Bug #986270 [src:curl] curl: CVE-2021-22890
Added tag(s) pending.

-- 
986269: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269
986270: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986270
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: curl: diff for NMU version 7.74.0-1.2

[Debian Bug Tracking System]

Processing control commands:

> tags 986269 + pending
Bug #986269 [src:curl] curl: CVE-2021-22876
Ignoring request to alter tags of bug #986269 to the same tags previously set
> tags 986270 + pending
Bug #986270 [src:curl] curl: CVE-2021-22890
Ignoring request to alter tags of bug #986270 to the same tags previously set

-- 
986269: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269
986270: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986270
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: kicad: this beta/pre-release/... should have gone to experimental

[Debian Bug Tracking System]

Processing control commands:

> affects -1 + kicad-libraries
Bug #986455 [src:kicad] kicad: this beta/pre-release/... should have gone to 
experimental
Added indication that 986455 affects kicad-libraries

-- 
986455: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986455
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#986455: kicad: this beta/pre-release/... should have gone to experimental

[Andreas Beckmann]

Source: kicad
Version: 5.99.0~20210403.2b89511+dfsg1-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: affects -1 + kicad-libraries

Hi,

during a test with piuparts I noticed your package is no longer
installable in sid:

The following packages have unmet dependencies:
 kicad-libraries : Depends: kicad-footprints (>= 5.99.0~) but 5.1.7-1 is to be 
installed
   Depends: kicad-symbols (>= 5.99.0~) but 5.1.9-1 is to be 
installed
   Depends: kicad-templates (>= 5.99.0~) but 5.1.7-1 is to be 
installed
E: Unable to correct problems, you have held broken packages.

The dependencies are only available in experimental (and that
will probably not change before bullseye is released).


Cheers,

Andreas

Bug#986389: marked as done (bfh-server: please add Breaks: exim4-config)

[Debian Bug Tracking System]

Your message dated Tue, 06 Apr 2021 11:18:24 +
with message-id 
and subject line Bug#986389: fixed in bfh-metapackages 20210101-2
has caused the Debian Bug report #986389,
regarding bfh-server: please add Breaks: exim4-config
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
986389: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986389
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: bfh-server
Version: 20210101-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

a similar issue like #985658 in progress-linux-server exists in
bfh-server, too.
I'd assume the same solution will work here, too, but I haven't
tried it.

[partially quoting from #985658]
during a test with piuparts I noticed your package failed to install
with --install-recommends enabled. (It installed fine with
--install-recommends disabled.) Apt does not find a proper dependency
solution due to exim vs. postfix, but adding a Breaks: exim4-config
to progress-linux-server makes the install succeed because possible
solutions that include installing exim (because some dependency of
progress-linux-server (transitively) recommends some MTA) are discarded
early and postfix wins.

>From the attached log (scroll to the bottom...):

0m12.5s DEBUG: Starting command: ['chroot', '/srv/piuparts/tmp/tmp9dNz5P', 
'apt-get', '-y', 'install', 'bfh-server=20210101-1']
0m13.1s DUMP: 
  Reading package lists...
  Building dependency tree...
  Some packages could not be installed. This may mean that you have
  requested an impossible situation or if you are using the unstable
  distribution that some required packages have not yet been created
  or been moved out of Incoming.
  The following information may help to resolve the situation:
  
  The following packages have unmet dependencies:
   exim4-config : Conflicts: postfix but 3.5.6-1 is to be installed
  E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by 
held packages.
0m13.1s ERROR: Command failed (status=100): ['chroot', 
'/srv/piuparts/tmp/tmp9dNz5P', 'apt-get', '-y', 'install', 
'bfh-server=20210101-1']

cheers,

Andreas


bfh-server_20210101-1.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: bfh-metapackages
Source-Version: 20210101-2
Done: Daniel Baumann 

We believe that the bug you reported is fixed in the latest version of
bfh-metapackages, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 986...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Daniel Baumann  (supplier of updated 
bfh-metapackages package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 06 Apr 2021 12:51:07 +0200
Source: bfh-metapackages
Architecture: source
Version: 20210101-2
Distribution: sid
Urgency: medium
Maintainer: Daniel Baumann 
Changed-By: Daniel Baumann 
Closes: 986389
Changes:
 bfh-metapackages (20210101-2) sid; urgency=medium
 .
   * Uploading to sid.
   * Adding breaks exim4-config in bfh-server, thanks to Andreas Beckmann
  (Closes: #986389).
Checksums-Sha1:
 a9d386f1950d7a214a01063e7dfaabe88ae31bd3 2399 bfh-metapackages_20210101-2.dsc
 1f8c6f24673ad559137ede988ea3ca4830a36e34 3612 
bfh-metapackages_20210101-2.debian.tar.xz
 5f756707675db71643da9715baf2618bd9632089 7418 
bfh-metapackages_20210101-2_amd64.buildinfo
Checksums-Sha256:
 3d5791796f973cf5a26a3678e718f9a839952bce2db4d10c3587cac15a34e6d5 2399 
bfh-metapackages_20210101-2.dsc
 3a96b361459fb4910d5e675128ea182fb9fc3366a476a072b97fb59d16206160 3612 
bfh-metapackages_20210101-2.debian.tar.xz
 632a3c7a9ec3fd408b2167c271955173bd7c817df8078d3020a8f559a7c897ca 7418 
bfh-metapackages_20210101-2_amd64.buildinfo
Files:
 afcc4354d8568b4ff30ac0c096fc75e5 2399 metapackages optional 
bfh-metapackages_20210101-2.dsc
 29797139423697b997e83a4d80d88491 3612 metapackages optional 
bfh-metapackages_20210101-2.debian.tar.xz
 3392656ed3022abe41f008a540915e07 7418 metapackages optional 
bfh-metapackages_20210101-2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEgTbtJcfWfpLHSkKSVc8b+YaruccFAmBsPecACgkQVc8b+Yar

Bug#986447: marked as done (python-django: CVE-2021-28658)

[Debian Bug Tracking System]

Your message dated Tue, 06 Apr 2021 11:04:11 +
with message-id 
and subject line Bug#986447: fixed in python-django 2:2.2.20-1
has caused the Debian Bug report #986447,
regarding python-django: CVE-2021-28658
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
986447: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986447
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: python-django
Version: 1.7.11-1+deb8u11
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for python-django.

CVE-2021-28658[0][1]:

  MultiPartParser allowed directory-traversal via uploaded files with
  suitably crafted file names.

  Built-in upload handlers were not affected by this vulnerability.

This affects all versions in Debian, including 1.7.11-1+deb8u11 in
jessie ELTS.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-28658
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28658
[1] https://www.djangoproject.com/weblog/2021/apr/06/security-releases/


Regards,

--
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
--- End Message ---
--- Begin Message ---
Source: python-django
Source-Version: 2:2.2.20-1
Done: Chris Lamb 

We believe that the bug you reported is fixed in the latest version of
python-django, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 986...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Lamb  (supplier of updated python-django package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 06 Apr 2021 11:44:51 +0100
Source: python-django
Built-For-Profiles: nocheck
Architecture: source
Version: 2:2.2.20-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team 
Changed-By: Chris Lamb 
Closes: 986447
Changes:
 python-django (2:2.2.20-1) unstable; urgency=medium
 .
   * New upstream security release:
 .
 - CVE-2021-28658: The MultiPartParser class allowed directory-traversal
   via uploaded files via maliciously crafted filenames. (Closes: #986447)
Checksums-Sha1:
 0469befab0a844899c20387cfcdd3cc6bc64d6dc 2779 python-django_2.2.20-1.dsc
 fcff4fda6d8db0d95ccc4d738f0c307930ed4770 9182853 
python-django_2.2.20.orig.tar.gz
 9743574f2cc908a3e11b4efb9001a3a5c3132832 26764 
python-django_2.2.20-1.debian.tar.xz
 93c2243bdf1a16b224fd6dce13c5f9e795df1841 7734 
python-django_2.2.20-1_amd64.buildinfo
Checksums-Sha256:
 f9b90330334cd284591347581fbeb84c27ba2a2058d62618d649937b4cffdf44 2779 
python-django_2.2.20-1.dsc
 2569f9dc5f8e458a5e988b03d6b7a02bda59b006d6782f4ea0fd590ed7336a64 9182853 
python-django_2.2.20.orig.tar.gz
 2e9fa9c26055a26c14068da560ddf1bf6d6dbd594caac9d596139a5914d42eeb 26764 
python-django_2.2.20-1.debian.tar.xz
 4c7ad54c65acf259d8d18f5f52bb298a2a3ba4008b0b34665648b1833e1b24b0 7734 
python-django_2.2.20-1_amd64.buildinfo
Files:
 157521cdbabd57d8879edc0abf913da5 2779 python optional 
python-django_2.2.20-1.dsc
 947060d96ccc0a05e8049d839e541b25 9182853 python optional 
python-django_2.2.20.orig.tar.gz
 10f271eea8296b83bc4df25ac4e96019 26764 python optional 
python-django_2.2.20-1.debian.tar.xz
 5010e0cf73c841aa85ff14d6809a6e91 7734 python optional 
python-django_2.2.20-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmBsPJ0ACgkQHpU+J9Qx
HlhtjA/+Kw9h+j4+0O16EnyyAPf1mPQBjFibdT6hcvYcNno9HeVSUOL56gZm+Jwu
q4Xnq5T4TE1LmS16nRg0QP2y5GDgDj7ZI1CimCNiqupL97+WTd0OAuah7RwuHE2L
rbjQS+Op7Af46emGxV7MHyChk9HOl1zI+JXkDxe8BsoyswUgaIn1Q3/V/++AvwAb
7D2oZxdDssT4aFCsIGzEU24mH+H9KqF/qkl5eikcUhY+1QuUjI0kbq8FP+eej0bK
NfFGRx3hDYnLYPrH3huaNW/wZve+uwm4xFPRA73EwSnrMS7zr4D3hckJRBy8/AN8
lTBBMHYnEGfP7qn8jjWZ5ASLGW6Un6T/tMCgEvMgvZkF3GeECZ+bCvMATf2TnS5A
Tvq0/0+Zb5GhzfsZNch3+xBl/VR3YdP59TDBUUQHioP3TKZH6Md5bbxn1FS9RM0r
V5byZCtx5SrIk5Zp8k9mSBH5IXiQIEkOmLQ/kC02wxO0eUy3Kg44ATz7FOCQpatZ
xLuYQyrhDj+Ca6AW8gaqhRYADpbHQAapGd4cl8+7nB66a+RCKlA6lPUWo7wQZpem

Bug#985524: iso2mesh-tools: broken symlink: /usr/bin/tetgen1.5 -> tetgen

[Sébastien Villemot]

Le vendredi 02 avril 2021 à 14:56 -0400, Qianqian Fang a écrit :
> On 4/2/21 9:26 AM, Sébastien Villemot wrote:
> > Thanks for looking at this issue.
> > 
> > I don’t think that creating those symlinks in iso2mesh-tools is the
> > right solution. Such symlinks should only be created by the tetgen
> > package, otherwise this only creates confusion over package
> > boundaries.
> > 
> > I think the right solution is to drop the symlinks, and rather to
> > create a Debian-specific patch that replaces “tetgen1.5” with
> > “tetgen” in brain2mesh.m.
> 
> understood. I agree patching brain2mesh and other related demo
> scripts is a better solution than the symbolic link, however,
> iso2mesh has been used by other widely distributed tools, like
> brainstorm, fieldtrip etc, and I am afraid that dropping this link
> can lead to broken scripts (unless all upstream codes are patched).

Note that I’m not suggesting that you patch the code upstream at this
stage. Only that you modify the code shipped by Debian.

> can we upload this temporary fix for now, and I will add a fall-back
> mechanism (in mcpath.m) in the next release of iso2mesh? once that is
> added, I will remove the symbolic link.

I still think that the symlink is the wrong solution.

Nevertheless, in the context of the freeze, the ultimate decision will
be taken by the Release Team members, who will decide to unblock (or
not) your proposed fix.

I therefore suggest that you submit a so-called “pre-approval” unblock
request, so that we know their decision. If it is positive, then I will
make the upload. 

For instructions on unblock requests, see: 
https://release.debian.org/bullseye/freeze_policy.html#appropriate
(you should explicitly say in your bug report that this is a “pre-
approval” unblock request)

Best,

-- 
⢀⣴⠾⠻⢶⣦⠀  Sébastien Villemot
⣾⠁⢠⠒⠀⣿⡁  Debian Developer
⢿⡄⠘⠷⠚⠋⠀  https://sebastien.villemot.name
⠈⠳⣄  https://www.debian.org



signature.asc
Description: This is a digitally signed message part

Bug#986452: Updating metadata and found the cause

[Diederik de Haas]

Control: tag -1 affects kmail

The problem is caused by an incorrect modification of
https://salsa.debian.org/qt-kde-team/kde/messagelib/-/commits/master/debian/patches/series

Instead of adding (twice) a new/extra patch, it replaced the series.
Kind of like using '>' while you meant using '>>'.

signature.asc
Description: This is a digitally signed message part.

Bug#986447: marked as done (python-django: CVE-2021-28658)

[Debian Bug Tracking System]

Your message dated Tue, 06 Apr 2021 10:48:45 +
with message-id 
and subject line Bug#986447: fixed in python-django 2:3.2-1
has caused the Debian Bug report #986447,
regarding python-django: CVE-2021-28658
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
986447: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986447
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: python-django
Version: 1.7.11-1+deb8u11
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for python-django.

CVE-2021-28658[0][1]:

  MultiPartParser allowed directory-traversal via uploaded files with
  suitably crafted file names.

  Built-in upload handlers were not affected by this vulnerability.

This affects all versions in Debian, including 1.7.11-1+deb8u11 in
jessie ELTS.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-28658
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28658
[1] https://www.djangoproject.com/weblog/2021/apr/06/security-releases/


Regards,

--
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
--- End Message ---
--- Begin Message ---
Source: python-django
Source-Version: 2:3.2-1
Done: Chris Lamb 

We believe that the bug you reported is fixed in the latest version of
python-django, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 986...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Lamb  (supplier of updated python-django package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 06 Apr 2021 11:38:48 +0100
Source: python-django
Built-For-Profiles: nocheck
Architecture: source
Version: 2:3.2-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Python Team 
Changed-By: Chris Lamb 
Closes: 986447
Changes:
 python-django (2:3.2-1) experimental; urgency=medium
 .
   * New upstream major release:
 .
 - Full release notes: 
 - CVE-2021-28658: The MultiPartParser class allowed directory-traversal
   via uploaded files via maliciously crafted filenames. (Closes: #986447)
Checksums-Sha1:
 3226dac62dc09fdfb17ff35ff2f737f12d3464ef 2765 python-django_3.2-1.dsc
 00abafe8e50230aa41892b28456c35ae18c16b8b 9819119 python-django_3.2.orig.tar.gz
 9d5bb398767edd9622b483e7e4efeb03334a0b21 26444 
python-django_3.2-1.debian.tar.xz
 30af278f69307584dd05b045c80b772302d8c26d 7542 
python-django_3.2-1_amd64.buildinfo
Checksums-Sha256:
 18b2a604dc7eeddd83fadfc743bcda7c1114e1e323879e1bf57d39fc095d6722 2765 
python-django_3.2-1.dsc
 21f0f9643722675976004eb683c55d33c05486f94506672df3d6a141546f389d 9819119 
python-django_3.2.orig.tar.gz
 6b1c2fb6079a05a6a1f3453e4708fd82ca96bba9651ad786d1b3235e9a1ef20e 26444 
python-django_3.2-1.debian.tar.xz
 3185c782e891274a8ef3470637222c5a328107c0b23b79c314de2d011f4bece6 7542 
python-django_3.2-1_amd64.buildinfo
Files:
 40a2aa2e8d12cf00e363f07db342d64a 2765 python optional python-django_3.2-1.dsc
 0db580470a6a1dc20ccb805f94479ffa 9819119 python optional 
python-django_3.2.orig.tar.gz
 25a9427609467fd1cced3e10f260e1f2 26444 python optional 
python-django_3.2-1.debian.tar.xz
 85483eceb99eb4ed3d79ec49b8d2439d 7542 python optional 
python-django_3.2-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmBsOxoACgkQHpU+J9Qx
HlgqLA//apKKEf1jmiOgywq5b/+Yy4Ea5SMpMruSP1rOwxvYVbbhWHAd5RYRfHMu
51fu2+4Zf9W9sXjEti2FuXqDjbpkXQkyz+NfDUkzcLGicXlTOirUytj/PcXZTzxS
/QPJgM8wjBG5a+YsioIgemkIkukzVKeAfo97W5faDCn/c8B9VfualYc2MAow2lmY
nbzzqz/O1UyFcqVLyjStf76QNFk4lJ8HP1cSiNwkyG8XdFRO0NT421pvkFyqod4R
EkV56l+7dss+LzoXVa1MU/gfVf/fd/xnbKRa3x2eaQj5Xj66JD7yiXcAQ7QXjow0
gMs9SSRAO//+9Cukf6ApqKUe92Pmv2wvVLyQniLIK6fGIOvgvJIl/DL74BDdbM0s
6Y4vadpfHn2quXFwApMgFJwWpOH+FXMI7VTHjOgrlQnUXAdgRiCOw5D60psUf16d
wq+bWXUcXgfXtKsO7uTefDj+toS03C75nIsIvVyrRqon8FFGnOYhWS6wsi3RQT8W

Processed: severity of 986452 is serious, affects 986452

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 986452 serious
Bug #986452 [libkf5messagelist5abi1] libkf5messagelist5abi1: KMail fails to 
start because it can't load libKF5MessageList.so.5abi1
Ignoring request to change severity of Bug 986452 to the same value.
> affects 986452 kmail
Bug #986452 [libkf5messagelist5abi1] libkf5messagelist5abi1: KMail fails to 
start because it can't load libKF5MessageList.so.5abi1
Added indication that 986452 affects kmail
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
986452: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986452
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#986452: libkf5messagelist5abi1: KMail fails to start because it can't load libKF5MessageList.so.5abi1

[Debian Bug Tracking System]

Processing control commands:

> severity -1 serious
Bug #986452 [libkf5messagelist5abi1] libkf5messagelist5abi1: KMail fails to 
start because it can't load libKF5MessageList.so.5abi1
Severity set to 'serious' from 'important'

-- 
986452: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986452
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 986447

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 986447 + upstream fixed-upstream
Bug #986447 [python-django] python-django: CVE-2021-28658
Added tag(s) upstream and fixed-upstream.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
986447: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986447
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 986447 in 2:2.2.19-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 986447 2:2.2.19-1
Bug #986447 [python-django] python-django: CVE-2021-28658
There is no source info for the package 'python-django' at version '2:2.2.19-1' 
with architecture ''
Unable to make a source version for version '2:2.2.19-1'
Marked as found in versions 2:2.2.19-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
986447: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986447
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#986447: python-django: CVE-2021-28658

[Chris Lamb]

Package: python-django
Version: 1.7.11-1+deb8u11
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for python-django.

CVE-2021-28658[0][1]:

  MultiPartParser allowed directory-traversal via uploaded files with
  suitably crafted file names.

  Built-in upload handlers were not affected by this vulnerability.

This affects all versions in Debian, including 1.7.11-1+deb8u11 in
jessie ELTS.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-28658
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28658
[1] https://www.djangoproject.com/weblog/2021/apr/06/security-releases/


Regards,

--
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#986276: marked as done (procps: missing Breaks+Replaces: manpages-fr-extra (<< 20151231+nmu1))

[Debian Bug Tracking System]

Your message dated Tue, 06 Apr 2021 07:33:22 +
with message-id 
and subject line Bug#986276: fixed in procps 2:3.3.17-5
has caused the Debian Bug report #986276,
regarding procps: missing Breaks+Replaces: manpages-fr-extra (<< 20151231+nmu1)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
986276: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986276
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: procps
Version: 2:3.3.17-4
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: affects -1 + manpages-fr-extra

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'jessie' to 'stretch' to 'buster'.
It installed fine in 'jessie', and upgraded to 'stretch' and 'buster'
successfully, but then the upgrade to 'bullseye' failed.

In case the package was not part of an intermediate stable release,
the version from the preceding stable release was kept installed.

>From the attached log (scroll to the bottom...):

[...]
  Preparing to unpack .../03-procps_2%3a3.3.17-4_amd64.deb ...
  Unpacking procps (2:3.3.17-4) over (2:3.3.15-2) ...
  dpkg: error processing archive 
/tmp/apt-dpkg-install-chSi0P/03-procps_2%3a3.3.17-4_amd64.deb (--unpack):
   trying to overwrite '/usr/share/man/fr/man1/free.1.gz', which is also in 
package manpages-fr-extra 20151231
  dpkg-deb: error: paste subprocess was killed by signal (Broken pipe)
  dpkg: error while cleaning up:
   new procps package post-removal script subprocess returned error exit status 
1
[...]
  Preparing to unpack .../14-manpages-fr-extra_20151231+nmu1_all.deb ...
  Unpacking manpages-fr-extra (20151231+nmu1) over (20151231) ...
  Selecting previously unselected package manpages-fr-dev.
  Preparing to unpack .../15-manpages-fr-dev_4.9.3-4_all.deb ...
  Unpacking manpages-fr-dev (4.9.3-4) ...
  Selecting previously unselected package manpages-fr.
  Preparing to unpack .../16-manpages-fr_4.9.3-4_all.deb ...
  Unpacking manpages-fr (4.9.3-4) ...
  Errors were encountered while processing:
   /tmp/apt-dpkg-install-chSi0P/03-procps_2%3a3.3.17-4_amd64.deb

Up to stretch, the localized manpages were part of manpages-fr-extra.
That package did not exist in buster (but may have survived from
stretch) and was resurrected as a transitional package in bullseye.
Therefore the missing B+R only show up in more complicated upgrade
scenarios.


cheers,

Andreas


manpages-fr-extra_20151231+nmu1.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: procps
Source-Version: 2:3.3.17-5
Done: Craig Small 

We believe that the bug you reported is fixed in the latest version of
procps, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 986...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Craig Small  (supplier of updated procps package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 06 Apr 2021 17:17:53 +1000
Source: procps
Architecture: source
Version: 2:3.3.17-5
Distribution: unstable
Urgency: medium
Maintainer: Craig Small 
Changed-By: Craig Small 
Closes: 986276
Changes:
 procps (2:3.3.17-5) unstable; urgency=medium
 .
   * Add break/replace for conflicting manpages-fr-extra Closes: #986276
Checksums-Sha1:
 f5e40cf8c5bddd48f9218df5c82b6ef03ffb4610 2136 procps_3.3.17-5.dsc
 b06e5b4609c3253a9c903dcf7d426208648bcc21 28608 procps_3.3.17-5.debian.tar.xz
 0a42c839333b8d67b44ba20923d4e486f125ae02 7284 procps_3.3.17-5_amd64.buildinfo
Checksums-Sha256:
 3b1d9a3d3bc9ec24360ed20721d4235fcd4b4dbb9a86c1eba6c42899a50ecff8 2136 
procps_3.3.17-5.dsc
 e6b5f9ef22eca9f03f79dc79b4c389249368216df8702a8cc380e10f29eda8c9 28608 
procps_3.3.17-5.debian.tar.xz
 3af5f2da30988d707732b38cb620894e0550d49361d7fc3d31463b443ccd44fd 7284 
procps_3.3.17-5_amd64.buildinfo
Files:
 345171f6fd68e4c7841467d7c514c5aa 2136 admin optional procps_3.3.17-5.dsc
 46ea1b4b1fe71652a402adbcb15150c0 28608 admin optional 
procps_3.3.17-5.debian.tar.xz
 011c47b4b197f46e666107c2d5263a98 7284 admin optional 
procps_3.3.17-5_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAmBsC+EACgkQAiFmwP88