Bug#988428: marked as done (mariadb-10.5: CVE-2021-2154 CVE-2021-2166)

2021-05-16 Thread Debian Bug Tracking System 
Your message dated Mon, 17 May 2021 03:03:45 +
with message-id 
and subject line Bug#988428: fixed in mariadb-10.5 1:10.5.10-1
has caused the Debian Bug report #988428,
regarding mariadb-10.5: CVE-2021-2154 CVE-2021-2166
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
988428: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988428
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mariadb-10.5
Version: 1:10.5.9-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerabilities were published for mariadb-10.5.

CVE-2021-2154[0]:
| Vulnerability in the MySQL Server product of Oracle MySQL (component:
| Server: DML). Supported versions that are affected are 5.7.33 and
| prior. Easily exploitable vulnerability allows high privileged
| attacker with network access via multiple protocols to compromise
| MySQL Server. Successful attacks of this vulnerability can result in
| unauthorized ability to cause a hang or frequently repeatable crash
| (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability
| impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).


CVE-2021-2166[1]:
| Vulnerability in the MySQL Server product of Oracle MySQL (component:
| Server: DML). Supported versions that are affected are 5.7.33 and
| prior and 8.0.23 and prior. Easily exploitable vulnerability allows
| high privileged attacker with network access via multiple protocols to
| compromise MySQL Server. Successful attacks of this vulnerability can
| result in unauthorized ability to cause a hang or frequently
| repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score
| 4.9 (Availability impacts). CVSS Vector:
| (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

They are fixed in 10.5.10.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-2154
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2154
[1] https://security-tracker.debian.org/tracker/CVE-2021-2166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2166

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: mariadb-10.5
Source-Version: 1:10.5.10-1
Done: Otto Kekäläinen 

We believe that the bug you reported is fixed in the latest version of
mariadb-10.5, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 988...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Otto Kekäläinen  (supplier of updated mariadb-10.5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 16 May 2021 11:36:38 -0700
Source: mariadb-10.5
Binary: libmariadb-dev libmariadb-dev-compat libmariadb3 libmariadbd19 
libmariadbd-dev mariadb-common mariadb-client-core-10.5 mariadb-client-10.5 
mariadb-server-core-10.5 mariadb-server-10.5 mariadb-server mariadb-client 
mariadb-backup mariadb-plugin-connect mariadb-plugin-s3 mariadb-plugin-rocksdb 
mariadb-plugin-oqgraph mariadb-plugin-mroonga mariadb-plugin-spider 
mariadb-plugin-gssapi-server mariadb-plugin-gssapi-client 
mariadb-plugin-cracklib-password-check mariadb-test mariadb-test-data
Architecture: source
Version: 1:10.5.10-1
Distribution: unstable
Urgency: medium
Maintainer: Debian MySQL Maintainers 
Changed-By: Otto Kekäläinen 
Description:
 libmariadb-dev - MariaDB database development files
 libmariadb-dev-compat - MariaDB Connector/C, compatibility symlinks
 libmariadb3 - MariaDB database client library
 libmariadbd-dev - MariaDB embedded database, development files
 libmariadbd19 - MariaDB embedded database, shared library
 mariadb-backup - Backup tool for MariaDB server
 mariadb-client - MariaDB database client (metapackage depending on the latest 
vers
 mariadb-client-10.5 - MariaDB database client binaries
 mariadb-client-core-10.5 - MariaDB database core client binaries
 mariadb-common - MariaDB common configuration files
 mariadb-plugin-connect - Connect storage engine for MariaDB
 mariadb-plugin-cracklib-password-check -

Processed: Re: Bug#988217: bootefi causes boot failure with boot.scr

2021-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> severity 988217 serious
Bug #988217 [u-boot-sunxi] bootefi causes boot failure with boot.scr
Severity set to 'serious' from 'important'

-- 
988217: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988217
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: your mail

2021-05-16 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> fixed 985142 89.0.4389.114-1~deb10u1
Bug #985142 {Done: Michel Le Bihan } [chromium] chromium: 
CVE-2021-21193 (RCE) in Blink
Marked as fixed in versions chromium/89.0.4389.114-1~deb10u1.
> fixed 987358 90.0.4430.85-1~deb10u1
Bug #987358 {Done: Michel Le Bihan } [chromium] chromium: 
Update to version 90.0.4430.85 (security-fixes)
Marked as fixed in versions chromium/90.0.4430.85-1~deb10u1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
985142: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985142
987358: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987358
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#988562: marked as done (Fails to build due to unspecified debhelper compatibility level)

2021-05-16 Thread Debian Bug Tracking System 
Your message dated Sun, 16 May 2021 23:18:31 +
with message-id 
and subject line Bug#988562: fixed in broadcom-sta 6.30.223.271-16.1
has caused the Debian Bug report #988562,
regarding Fails to build due to unspecified debhelper compatibility level
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
988562: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988562
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: broadcom-sta-source
Version: 6.30.223.271-16
Severity: grave

The source package embedded in broadcom-sta-source cannot be built.
It does not define a debhelper compatibility level, which is mandatory
since debhelper 9.20160618, so all debhelper commands fail.

Ben.

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-5-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages broadcom-sta-source depends on:
ii  debhelper [debhelper-compat]  13.3.4
ii  make  4.3-4
ii  xz-utils  5.2.5-2

Versions of packages broadcom-sta-source recommends:
ii  module-assistant  0.11.10

broadcom-sta-source suggests no packages.
--- End Message ---
--- Begin Message ---
Source: broadcom-sta
Source-Version: 6.30.223.271-16.1
Done: Ben Hutchings 

We believe that the bug you reported is fixed in the latest version of
broadcom-sta, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 988...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ben Hutchings  (supplier of updated broadcom-sta package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 17 May 2021 01:06:42 +0200
Source: broadcom-sta
Architecture: source
Version: 6.30.223.271-16.1
Distribution: unstable
Urgency: medium
Maintainer: Eduard Bloch 
Changed-By: Ben Hutchings 
Closes: 988562
Changes:
 broadcom-sta (6.30.223.271-16.1) unstable; urgency=medium
 .
   * Non-maintainer upload
   * debian/control.modules.in:
 - Declare debhelper compat level through a build-dependency
   (Closes: #988562)
   * debian/rules:
 - Fix copying of Debian files in install-source rule
Checksums-Sha1:
 7af771fe929e2791c5b597a4b0270dc4522caf67 2255 
broadcom-sta_6.30.223.271-16.1.dsc
 e87b983ad5bd42f41099d20ea45c5cb8a75b8267 28612 
broadcom-sta_6.30.223.271-16.1.debian.tar.xz
 fd3ce3b39d414e28e33bf1fbc776bc38e63fa270 5912 
broadcom-sta_6.30.223.271-16.1_source.buildinfo
Checksums-Sha256:
 69d6b568c0e998e03dbddcb678d5b6801729dd45b9836bf7daf75768876ac881 2255 
broadcom-sta_6.30.223.271-16.1.dsc
 6b00674087a03734711a1153f0a9a8a3b69041ca5733feaa5f926bd6c3537d84 28612 
broadcom-sta_6.30.223.271-16.1.debian.tar.xz
 84e45f15571ffd32c6cd5a8c1532f097eab4cc26b22ff0202f604462e9a877e6 5912 
broadcom-sta_6.30.223.271-16.1_source.buildinfo
Files:
 4a249a008c6e9e416ae225594f6cf714 2255 non-free/kernel optional 
broadcom-sta_6.30.223.271-16.1.dsc
 c15b0ecf762c1c95a8118f3fd078bc58 28612 non-free/kernel optional 
broadcom-sta_6.30.223.271-16.1.debian.tar.xz
 4c53837d02529d881db95edddb03b840 5912 non-free/kernel optional 
broadcom-sta_6.30.223.271-16.1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmChp/cACgkQ57/I7JWG
EQmIVg//f1yYxRRKs8hlF0zsxkmdHHuReKHMAzTZgwWnVe5vaRm6EsrEe2D+/xLj
1SHQ9XtGEWVDw91ia93aRDBL4lO0wWka1JuhgFOnmF+3TdC8YcItXOXLJu1SBV5L
gM5HhQ2SUX5f/8KM8SFGYP8CYOULxaduScOSabf6q9Lpo8sDrc4KUQ7vn31c+rO3
ymSQab51q5PBmTjadtLrWDzDeMuxDTFMhZw0jAJQztobWtcE3x1/rIAozoBxkK7O
/PyZfy0Xjzws6EN1GnaMGpTDu2dnemds9leR4TgFgDrxU9CBg/hV4M8jgBuwndAe
3iI+rh7a6r+/mEh5qmU7VrWRYPnnxmR8yzjR5opf8ZJYha6Z8WgfaMBuzIBAGz4B
9/QmTSXDuYXOYHUIVTofRzHVz1/g114EkGfU2aMlaB3wS6vl5j8Q56yFhfUSfDDP
S5I+gqNPdIrZUv2vqSmklO2b9waAf/G4SVVEPepgrP12pc1ix8mpnpFpMHqZOGRK

Bug#988562: broadcom-sta: diff for NMU version 6.30.223.271-16.1

2021-05-16 Thread Ben Hutchings 
Control: tags 988562 + patch
Control: tags 988562 + pending

Dear maintainer,

I've prepared an NMU for broadcom-sta (versioned as 6.30.223.271-16.1)
and uploaded it.

The changes are attached as a debdiff, but you can also merge the
"debian" branch of .

Ben.

-- 
Ben Hutchings
Never attribute to conspiracy what can adequately be explained
by stupidity.
diff -Nru broadcom-sta-6.30.223.271/debian/changelog broadcom-sta-6.30.223.271/debian/changelog
--- broadcom-sta-6.30.223.271/debian/changelog	2021-05-04 11:11:49.0 +0200
+++ broadcom-sta-6.30.223.271/debian/changelog	2021-05-17 01:06:42.0 +0200
@@ -1,3 +1,14 @@
+broadcom-sta (6.30.223.271-16.1) unstable; urgency=medium
+
+  * Non-maintainer upload
+  * debian/control.modules.in:
+- Declare debhelper compat level through a build-dependency
+  (Closes: #988562)
+  * debian/rules:
+- Fix copying of Debian files in install-source rule
+
+ -- Ben Hutchings   Mon, 17 May 2021 01:06:42 +0200
+
 broadcom-sta (6.30.223.271-16) unstable; urgency=medium
 
   * Upload to unstable.
diff -Nru broadcom-sta-6.30.223.271/debian/control.modules.in broadcom-sta-6.30.223.271/debian/control.modules.in
--- broadcom-sta-6.30.223.271/debian/control.modules.in	2021-05-04 11:11:49.0 +0200
+++ broadcom-sta-6.30.223.271/debian/control.modules.in	2021-05-17 00:56:52.0 +0200
@@ -2,7 +2,7 @@
 Section: non-free/kernel
 Priority: optional
 Maintainer: Cyril Lacoux 
-Build-Depends: debhelper (>= 8)
+Build-Depends: debhelper-compat (= 12)
 Standards-Version: 3.9.4
 Homepage: http://www.broadcom.com/support/802.11/linux_sta.php
 
diff -Nru broadcom-sta-6.30.223.271/debian/rules broadcom-sta-6.30.223.271/debian/rules
--- broadcom-sta-6.30.223.271/debian/rules	2021-05-04 11:11:49.0 +0200
+++ broadcom-sta-6.30.223.271/debian/rules	2021-05-17 00:56:28.0 +0200
@@ -45,8 +45,8 @@
 	
 	# Copy Debian files
 	install -D -m 0755 debian/rules.modules $(source_debdir)/rules
-	for file in changelog compat control control.modules.in copyright; do \
-		install -m 644 debian/$$file $(source_debdir); \
+	for file in changelog control control.modules.in copyright; do \
+		install -m 644 debian/$$file $(source_debdir) || exit; \
 	done
 	
 	# Make suitable tarball for module-assisant and kernel-package


signature.asc
Description: PGP signature

Processed: broadcom-sta: diff for NMU version 6.30.223.271-16.1

2021-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> tags 988562 + patch
Bug #988562 [broadcom-sta-source] Fails to build due to unspecified debhelper 
compatibility level
Added tag(s) patch.
> tags 988562 + pending
Bug #988562 [broadcom-sta-source] Fails to build due to unspecified debhelper 
compatibility level
Added tag(s) pending.

-- 
988562: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988562
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#988558: marked as done (Fails to build against Linux version 5.3+)

2021-05-16 Thread Debian Bug Tracking System 
Your message dated Sun, 16 May 2021 23:04:03 +
with message-id 
and subject line Bug#988558: fixed in leds-alix 0.0.1-1.3
has caused the Debian Bug report #988558,
regarding Fails to build against Linux version 5.3+
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
988558: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988558
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: leds-alix
Version: 0.0.1-1.2
Severity: grave
Tags: bullseye sid patch

The Makefile in leds-alix invokes the kernel build system with the
SUBDIRS variable set.  This was deprecated long ago and is no longer
supported since Linux 5.3.  The patch below allows it to build again,
though I don't know whether it *works*.

Ben.

--- a/Makefile
+++ b/Makefile
@@ -19,10 +19,10 @@
 all: $(MODULE)
 
 $(MODULE): $(SOURCE)
-   $(MAKE) -C $(KERNEL_DIR) SUBDIRS=$(PWD) modules
+   $(MAKE) -C $(KERNEL_DIR) M=$(PWD) modules
 
 install: $(MODULE)
-   $(MAKE) -C $(KERNEL_DIR) SUBDIRS=$(PWD) 
INSTALL_MOD_DIR=$(INSTALL_MOD_DIR) modules_install
+   $(MAKE) -C $(KERNEL_DIR) M=$(PWD) INSTALL_MOD_DIR=$(INSTALL_MOD_DIR) 
modules_install
depmod -ae
 
 uninstall:
--- END ---

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-5-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---
Source: leds-alix
Source-Version: 0.0.1-1.3
Done: Ben Hutchings 

We believe that the bug you reported is fixed in the latest version of
leds-alix, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 988...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ben Hutchings  (supplier of updated leds-alix package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 17 May 2021 00:42:59 +0200
Source: leds-alix
Architecture: source
Version: 0.0.1-1.3
Distribution: unstable
Urgency: medium
Maintainer: Adam Cécile (Le_Vert) 
Changed-By: Ben Hutchings 
Closes: 988558
Changes:
 leds-alix (0.0.1-1.3) unstable; urgency=medium
 .
   * Non-maintainer upload
   * Fix build after removal of SUBDIRS support in Linux 5.3 (Closes: #988558)
Checksums-Sha1:
 132eca8acc884ce722e5fbedb8113b1f14107cad 1714 leds-alix_0.0.1-1.3.dsc
 f705ac1bd5782def53866ea2a7696a5b8aec9aa9 2974 leds-alix_0.0.1-1.3.diff.gz
 10ae957304f8c807541b4ae77d902353f75e4680 5384 
leds-alix_0.0.1-1.3_amd64.buildinfo
Checksums-Sha256:
 23f2e2f34b5466363e95b0d3caada7ee5c16a84b4aba8c3ac317eb956bc67852 1714 
leds-alix_0.0.1-1.3.dsc
 d00bf2b4f25e29f06bef486055d31ec3e5c136adb1183d98314f9206d9dc1215 2974 
leds-alix_0.0.1-1.3.diff.gz
 1318c2b66bf80c0e4f58073964231a279bf5b4af9e6f4aeb29ad711a65bac435 5384 
leds-alix_0.0.1-1.3_amd64.buildinfo
Files:
 30b205070d812de879183681d413ad42 1714 utils optional leds-alix_0.0.1-1.3.dsc
 965befe52d40b8a236c10f6af4b02647 2974 utils optional 
leds-alix_0.0.1-1.3.diff.gz
 d23368f278df45946190427bc32cace1 5384 utils optional 
leds-alix_0.0.1-1.3_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmChoTUACgkQ57/I7JWG
EQla5A/+Kniqy1PAcxJdorhvZSNape1G27NQ/C5va+3PrEGLwCwp3LbaaqcY/KmP
pBWRHvsDIBdQR9CU2HfovUbiURSRLRQ+xJ5p6W/YgCFuPkymJWFCXJU688Lglc74
MnJYUoHR726dU49tZnwZfDkcxJzDz9hINtlug0gE6UTxdcznlbk0UqAecKG+za6U
UM+PcnIPFbabbRbJh7w6Eq0c3C4YRGQaC32Sk/u2/dqtf/LjsfCccltdPBqOsE49
MgcCazRVqcQ9fwZK+IDofceqj4H8XFqKkC+i0aQYWYJs0z/EWrQJhXBAfSNjcJuR
235/R/ygl1mSmOIC5kNNa/MPBnBwYXTslk/fg0zH636LeqpBKKtA3bWRdWQq4YM4
0TkOkfFrlC9ySJgLaZXrwRWuSr/WSKYjUy8/v0DSqnh22TooxwYVBdnRd/mZb1Ri
Hda8rhDVr3QRtiYHLOOl3I/4RfjIFTEyI7KCa1NcZADAIq9ojpNyfd01OSOAkNnZ
jfjiioXeVTUckLOOKv1sux6lHtq2PlPVdaZo6IjQPhWPxTLDyRMet9yzg5rL9HgD
UbbbXHY6DPbuJqEMb8pHnhEKQLGWc2T6R181om3+9CrgLsaGuBYqjA0gJ6snyUMF

Bug#988564: marked as done (Fails to build for Linux 5.6+)

2021-05-16 Thread Debian Bug Tracking System 
Your message dated Sun, 16 May 2021 22:51:16 +
with message-id 
and subject line Bug#988564: fixed in vpb-driver 4.2.61-1.2
has caused the Debian Bug report #988564,
regarding Fails to build for Linux 5.6+
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
988564: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988564
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: vpb-driver-source
Version: 4.2.61-1.1
Severity: grave
Tags: bullseye sid

vpb-driver-source fails to build for Linux kernel version 5.6 and
later.  This is due to a change in the proc_create_data() API.

Ben

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-5-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages vpb-driver-source depends on:
ii  bzip2 1.0.8-4
ii  debhelper 13.3.4
ii  make  4.3-4
ii  module-assistant  0.11.10

vpb-driver-source recommends no packages.

vpb-driver-source suggests no packages.
--- End Message ---
--- Begin Message ---
Source: vpb-driver
Source-Version: 4.2.61-1.2
Done: Ben Hutchings 

We believe that the bug you reported is fixed in the latest version of
vpb-driver, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 988...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ben Hutchings  (supplier of updated vpb-driver package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 17 May 2021 00:36:41 +0200
Source: vpb-driver
Architecture: source
Version: 4.2.61-1.2
Distribution: unstable
Urgency: medium
Maintainer: Ron Lee 
Changed-By: Ben Hutchings 
Closes: 917865 988564
Changes:
 vpb-driver (4.2.61-1.2) unstable; urgency=medium
 .
   * Non-maintainer upload
   * Use struct proc_ops for proc file operations on Linux 5.6+
 (Closes: #988564)
   * Use ioremap() instead of (formerly equivalent, now removed)
 ioremap_nocache()
   * Pass target kernel version to depmod (Closes: #917865)
   * Only run depmod or modprobe if installing modules to host filesystem
Checksums-Sha1:
 639609301de25ee0778a7cace3d5d121df4d 2029 vpb-driver_4.2.61-1.2.dsc
 368dfa32542eab80501ee89d4212b6a2e72f8c5a 19358 vpb-driver_4.2.61-1.2.diff.gz
 ce8e1e2f92ef06fb68b420137bf367718a838966 8583 
vpb-driver_4.2.61-1.2_amd64.buildinfo
Checksums-Sha256:
 ae01aef7dae3a9a413ef8772d27939ab370bfd1f6dcaf6f78c2e8ce0119a3f5e 2029 
vpb-driver_4.2.61-1.2.dsc
 53068fbfb48eeddfa4cf0f69f965b86e3e0647b5b094212c4dec8ddd421908d2 19358 
vpb-driver_4.2.61-1.2.diff.gz
 40bbe307ff86fb1a2917cfbedd7c19e699907ceba7ce7e70f332eea4b0006d02 8583 
vpb-driver_4.2.61-1.2_amd64.buildinfo
Files:
 71d67d2f9c88ad1c6b96250e5f3f1b9b 2029 comm optional vpb-driver_4.2.61-1.2.dsc
 45f28b9c5d49c5fc8dd045c9a27b0cc7 19358 comm optional 
vpb-driver_4.2.61-1.2.diff.gz
 c3787b592e6c81e9de0bdf601c52533f 8583 comm optional 
vpb-driver_4.2.61-1.2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmChn1IACgkQ57/I7JWG
EQma7w/+K2LPvAwtyJOd+ZiRDiYLNCjybVof6ojhpSb3vS3ocV3YeNk3w/D2jNz/
4W6GIrckUIK614afd5i9gPecP27MClIAm647yJPnD7o/oCU0KBSsD9jl3DNPT5Ou
Ew/RoxWm4FBj5dn0ZWaCfHO4TQRLQgmxG/HdNaliWb86bADoAVhw4F8tI8xm+yEu
37b1fYaJQCuyfpzHfDDXTznfhTWUaPAfdfet8AuHnE7d5C+qiFiToA1sAkDZ7jyu
tg0duz+lH+GpoKCzxJ+tXTp1YQjAeYE39CtheJp3ucniWBHks+axEyERWaCL7sEX
l7AbiURgwi9wPkgIuFitBc/gB3EJCpWzx9t68Jv4lsaitwgUAtk3zM6b56J+SpxO
hOzlQuGmfgAeLsvMPFKbqBwMLZLVp8TEW4sBIoYh53Csn3mUPXfVfyDlKC9fAEs9
fBh/ocYV4SIEhzLV0X0qwxv42WK38ZZu8EXTBT9/48JHlNsHqhR5l8h6osGonKdW
ykmpWAoud8FETHoMM2VHvEFTOHcb5Y8/FK+BKpa06TUWuedR4p5bi25COtx0ooYV
dk21DbVPfggqwwPJge6hNQa2sH/Rpj6YAnQIBrACHn17me/QJcfyFH24mE9dSanr
hw2PHQEhLhNhnUCK4nV14AIxnrAkLwzg9I6tYOtVZamFgMgmx5s=
=JDm7
-END PGP SIGNATURE End Message ---

Processed: leds-alix: diff for NMU version 0.0.1-1.3

2021-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> tags 988558 + pending
Bug #988558 [src:leds-alix] Fails to build against Linux version 5.3+
Added tag(s) pending.

-- 
988558: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988558
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#988558: leds-alix: diff for NMU version 0.0.1-1.3

2021-05-16 Thread Ben Hutchings 
Control: tags 988558 + pending

Dear maintainer,

I've prepared an NMU for leds-alix (versioned as 0.0.1-1.3) and
uploaded it.

Ben.

-- 
Ben Hutchings
Never attribute to conspiracy what can adequately be explained
by stupidity.
diff -u leds-alix-0.0.1/debian/changelog leds-alix-0.0.1/debian/changelog
--- leds-alix-0.0.1/debian/changelog
+++ leds-alix-0.0.1/debian/changelog
@@ -1,3 +1,10 @@
+leds-alix (0.0.1-1.3) unstable; urgency=medium
+
+  * Non-maintainer upload
+  * Fix build after removal of SUBDIRS support in Linux 5.3 (Closes: #988558)
+
+ -- Ben Hutchings   Mon, 17 May 2021 00:42:59 +0200
+
 leds-alix (0.0.1-1.2) unstable; urgency=medium
 
   * Non maintainer upload by the Reproducible Builds team.
only in patch2:
unchanged:
--- leds-alix-0.0.1.orig/Makefile
+++ leds-alix-0.0.1/Makefile
@@ -19,10 +19,10 @@
 all: $(MODULE)
 
 $(MODULE): $(SOURCE)
-	$(MAKE) -C $(KERNEL_DIR) SUBDIRS=$(PWD) modules
+	$(MAKE) -C $(KERNEL_DIR) M=$(PWD) modules
 
 install: $(MODULE)
-	$(MAKE) -C $(KERNEL_DIR) SUBDIRS=$(PWD) INSTALL_MOD_DIR=$(INSTALL_MOD_DIR) modules_install
+	$(MAKE) -C $(KERNEL_DIR) M=$(PWD) INSTALL_MOD_DIR=$(INSTALL_MOD_DIR) modules_install
 	depmod -ae
 
 uninstall:


signature.asc
Description: PGP signature

Bug#987537: RM: scrollz -- RoQA unmaintained, dead upstream, has security issues

2021-05-16 Thread Mike Markley 
On Mon, May 03, 2021 at 07:58:06AM +0200, Tobias Frost  wrote:
> I just gave upstream a pointer to the ircii code that fixes this CVE. Maybe
> they have tested it?

I reached out via email yesterday and I'm awaiting a response.

> (MIA Team hat partly on) That sounds a bit like the package should be
> orphaned or some RFH/RFA bug being filed? Or join efforts in some team?
> As said, you can use mentors.debian.net for uploading. The only hard
> point I can't give you advice is the time issue…

Well, there was a time issue and a potential employer issue (and I can't
expect advice from you on either :). I've spoken with my employer and
confirmed that there actually isn't an issue there.

> But maybe you'll find a bit of time working to update your package;
> But note, we are currently frozen, uploads to unstable should be
> minimal and targeted fixes only…

Understood; I've updated the 2.2.3-1 package from the PR and from a small
patch upstream made to that, and, as noted above, just want to make sure
it's tested before bugging mentors.debian.net for assistance uploading.
(I'm still unclear on if the package version should be updated to indicate
that this is a security fix, but that's obviously a very small detail
overall that can be dealt with at any point before upload.)

On Thu, May 13, 2021 at 02:10:05PM +0300, Adrian Bunk  wrote:
> https://security-tracker.debian.org/tracker/CVE-2021-29376
> [buster] - scrollz  (Minor issue)
> 
> So the correct instructions are in this case
> https://www.debian.org/doc/manuals/developers-reference/pkgs.html#special-case-uploads-to-the-stable-and-oldstable-distributions

I can build/test on a stable and an oldstable system, but per those
instructions, I'll first focus on getting a 2.2.3-2 uploaded to unstable
that contains just the fix that would then go into 2.2.3-1+deb10u1 (and
potentially 2.2.3-1+deb9u1, if that even makes sense timing-wise anymore).

Given the existence of a CVE and a security-tracker entry, what is the
appropriate urgency for these uploads? (I'm happy to reach out to the team
if that's more appropriate.)

-- 
Mike Markley

Bug#983533: marked as done ([vinagre] black screen when launching RDP session)

2021-05-16 Thread Debian Bug Tracking System 
Your message dated Sun, 16 May 2021 21:33:30 +
with message-id 
and subject line Bug#983533: fixed in vinagre 3.22.0-8.1
has caused the Debian Bug report #983533,
regarding [vinagre] black screen when launching RDP session
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
983533: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983533
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: src:vinagre
Severity: grave
Version: 3.22.0-8

For a while now, vinagre when running against FreeRDP >= 2.0.0 has  
been broken in Debian. When launching an RDP session, the user sees a  
GTK window with a black rectangle in the middle.


A fix proposed by FreeRDP upstream is
https://gitlab.gnome.org/GNOME/vinagre/-/commit/404a56a11469ef24a1df632847465030d81db091.patch

See:
https://gitlab.gnome.org/GNOME/vinagre/-/merge_requests/12

However, the vinagre version in Debian will not be fixed after the  
referenced patch (an adapted version of it for vinagre 3.22.0) has  
been applied (I just tested that).


Let me know, if I can give any more input on this. I saw from other  
open bugs that vinagre upstream is scarcely maintained. Does it make  
sense to ship vinagre in Debian 11? If yes, let me know how I can help  
fixing this issue.


Greets,
Mike
--

DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de

>From 404a56a11469ef24a1df632847465030d81db091 Mon Sep 17 00:00:00 2001
From: Ondrej Holy 
Date: Fri, 15 May 2020 15:43:37 +0200
Subject: [PATCH] plugins/rdp: Fix hangs with recent FreeRDP versions

Connection to all my testing servers fails with "SERVER BUG: The support
for this feature was not announced! Use /relax-order-checks to ignore"
currently. This happens always with current FreeRDP versions after
https://github.com/FreeRDP/FreeRDP/pull/4926 has been merged. This can be
fixed by the usage of /relax-order-checks option, however, this option
should be used only if necessary needed and it should not be needed in
most of the cases. This currenlty happens always as it interfere with our
custom OrderSupports settings. Let's use the default OrderSupports
settings to fix this issue, which is possible thanks to
https://github.com/FreeRDP/FreeRDP/pull/5057.

See: https://gitlab.gnome.org/GNOME/gtk-frdp/-/issues/27
---
 configure.ac  |  2 +-
 plugins/rdp/vinagre-rdp-tab.c | 27 ---
 2 files changed, 1 insertion(+), 28 deletions(-)

--- a/configure.ac
+++ b/configure.ac
@@ -58,7 +58,7 @@
 AM_CONDITIONAL([VINAGRE_ENABLE_SSH], [test "x$have_ssh" = "xyes"])
 
 # Whether to enable support for RDP.
-RDP_DEPS="freerdp2 x11"
+RDP_DEPS="freerdp2 >= 2.0.0 x11"
 AC_ARG_ENABLE([rdp],
   [AS_HELP_STRING([--disable-rdp],
 [Disable Remote Desktop Protocol (RDP) support])])
--- a/plugins/rdp/vinagre-rdp-tab.c
+++ b/plugins/rdp/vinagre-rdp-tab.c
@@ -522,9 +522,9 @@
 static BOOL
 frdp_pre_connect (freerdp *instance)
 {
+#if HAVE_FREERDP_1_1
   rdpSettings *settings = instance->settings;
 
-#if HAVE_FREERDP_1_1
   settings->OrderSupport[NEG_DSTBLT_INDEX] = TRUE;
   settings->OrderSupport[NEG_PATBLT_INDEX] = TRUE;
   settings->OrderSupport[NEG_SCRBLT_INDEX] = TRUE;
@@ -549,31 +549,6 @@
   settings->OrderSupport[NEG_POLYGON_CB_INDEX] = FALSE;
   settings->OrderSupport[NEG_ELLIPSE_SC_INDEX] = FALSE;
   settings->OrderSupport[NEG_ELLIPSE_CB_INDEX] = FALSE;
-#else
-  settings->order_support[NEG_DSTBLT_INDEX] = true;
-  settings->order_support[NEG_PATBLT_INDEX] = true;
-  settings->order_support[NEG_SCRBLT_INDEX] = true;
-  settings->order_support[NEG_OPAQUE_RECT_INDEX] = true;
-  settings->order_support[NEG_DRAWNINEGRID_INDEX] = false;
-  settings->order_support[NEG_MULTIDSTBLT_INDEX] = false;
-  settings->order_support[NEG_MULTIPATBLT_INDEX] = false;
-  settings->order_support[NEG_MULTISCRBLT_INDEX] = false;
-  settings->order_support[NEG_MULTIOPAQUERECT_INDEX] = true;
-  settings->order_support[NEG_MULTI_DRAWNINEGRID_INDEX] = false;
-  settings->order_support[NEG_LINETO_INDEX] = true;
-  settings->order_support[NEG_POLYLINE_INDEX] = true;
-  settings->order_support[NEG_MEMBLT_INDEX] = true;
-  settings->order_support[NEG_MEM3BLT_INDEX] = false;
-  settings->order_support[NEG_MEMBLT_V2_INDEX] = true;
-  settings->order_support[NEG_MEM3BLT_V2_INDEX] = false;
-  settings->order_support[NEG_SAVEBITMAP_INDEX] = false;
-

Bug#988604: plocate: autopkgtest regression: plocate and mlocate can't be co-installed anymore

2021-05-16 Thread Steinar H. Gunderson 
On Sun, May 16, 2021 at 10:46:30PM +0200, Paul Gevers wrote:
>> Thanks for noticing. Given how annoying everything in autopkgtest is,
>> perhaps the easiest thing is just deleting the tests. (1.1.7-3 wouldn't
>> migrate to bullseye, then, but that's fine.)
> As it stands, you'd only need to remove the third test, not all three.

This is true, but the ergonomics of autopkgtest have been a huge
disappointment for me in general (plocate was the first, and so far only,
package I've tried it on), and I'm not convinced they are likely to catch
any real bugs in the package.

/* Steinar */
-- 
Homepage: https://www.sesse.net/

Bug#988604: plocate: autopkgtest regression: plocate and mlocate can't be co-installed anymore

2021-05-16 Thread Paul Gevers 
Hi Steinar,

On 16-05-2021 21:41, Steinar H. Gunderson wrote:
> On Sun, May 16, 2021 at 09:17:57PM +0200, Paul Gevers wrote:
>> With a recent upload of plocate the autopkgtest of plocate fails in
>> testing when that autopkgtest is run with the binary packages of plocate
>> from unstable. It passes when run with only packages from testing. In
>> tabular form:
> 
> Thanks for noticing. Given how annoying everything in autopkgtest is,
> perhaps the easiest thing is just deleting the tests. (1.1.7-3 wouldn't
> migrate to bullseye, then, but that's fine.)

As it stands, you'd only need to remove the third test, not all three.

Paul



OpenPGP_signature
Description: OpenPGP digital signature

Bug#988604: plocate: autopkgtest regression: plocate and mlocate can't be co-installed anymore

2021-05-16 Thread Steinar H. Gunderson 
On Sun, May 16, 2021 at 09:17:57PM +0200, Paul Gevers wrote:
> With a recent upload of plocate the autopkgtest of plocate fails in
> testing when that autopkgtest is run with the binary packages of plocate
> from unstable. It passes when run with only packages from testing. In
> tabular form:

Thanks for noticing. Given how annoying everything in autopkgtest is,
perhaps the easiest thing is just deleting the tests. (1.1.7-3 wouldn't
migrate to bullseye, then, but that's fine.)

/* Steinar */
-- 
Homepage: https://www.sesse.net/

Bug#986012: marked as done (fatrace: autopkgtest regression: ^rm(.*): D /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src$ not found in log)

2021-05-16 Thread Debian Bug Tracking System 
Your message dated Sun, 16 May 2021 19:18:30 +
with message-id 
and subject line Bug#986012: fixed in fatrace 0.16.2-2
has caused the Debian Bug report #986012,
regarding fatrace: autopkgtest regression: ^rm(.*): D 
/tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src$ not found in log
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
986012: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986012
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: fatrace
Version: 0.16.2-1
X-Debbugs-CC: debian...@lists.debian.org
Severity: serious
User: debian...@lists.debian.org
Usertags: regression

Dear maintainer(s),

With a recent upload of fatrace the autopkgtest of fatrace fails in
testing when that autopkgtest is run with the binary packages of fatrace
from unstable. It passes when run with only packages from testing. In
tabular form:

   passfail
fatracefrom testing0.16.2-1
all others from testingfrom testing

I copied some of the output at the bottom of this report.

Currently this regression is blocking the migration to testing [1]. Can
you please investigate the situation and fix it?

More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[1] https://qa.debian.org/excuses.php?package=fatrace

https://ci.debian.net/data/autopkgtest/testing/amd64/f/fatrace/11288159/log.gz

autopkgtest [23:08:44]: test fatrace-currentmount: [---
starting fatrace...
read a file...
create a file...
moving a file within the same directory
robustness against ELOOP
waiting for fatrace...
checking log...
^rm(.*): D /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src$ not
found in log
^touch(.*): + /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src$ not
found in log
^mkdir(.*): + /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src$ not
found in log
^mv(.*): <>\? /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src not
found in log
^mv(.*): <\?> /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src not
found in log
^mv(.*): < /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src$ not
found in log
^mv(.*): > /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src/dest$ not
found in log
^ln(.*): + /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src$ not
found in log
^rm(.*): D /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src$ not
found in log
autopkgtest [23:08:47]: test fatrace-currentmount: ---]



OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: fatrace
Source-Version: 0.16.2-2
Done: Martin Pitt 

We believe that the bug you reported is fixed in the latest version of
fatrace, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 986...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Martin Pitt  (supplier of updated fatrace package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 16 May 2021 20:51:50 +0200
Source: fatrace
Architecture: source
Version: 0.16.2-2
Distribution: unstable
Urgency: medium
Maintainer: Martin Pitt 
Changed-By: Martin Pitt 
Closes: 986012
Changes:
 fatrace (0.16.2-2) unstable; urgency=medium
 .
   * autopkgtest: Add isolation-machine to fatrace-currentmount.
 Current LXC's default security profile does not allow fanotify() or
 open_by_handle_at() any more, thus the `fatrace-currentmount` test has
 no chance of doing anything meaningful in debci production.
 So Add isolation-machine restriction. (Closes: #986012)
Checksums-Sha1:
 700583a16005498f4cda4baf0af8550e73898207 1888 fatrace_0.16.2-2.dsc
 af7b0be986827c13c52d96350e488226c389e61e 3452 fatrace_0.16.2-2.debian.tar.xz
 595e5c9ccf32c8194320d615d8e5ff6f7f88e0b6 5242 fatrace_0.16.2-2_source.buildinfo
Checksums-Sha256:
 844a9a41a4844741fc82df2874f1a3b091d9c5fa65c006ff0e95c3fbae608e32 1888 
fatrace_0.16.2-2.dsc
 7682a6f90736986a106585687f9f93a84888163e843bb8249ef2fc1453033f0c 3452 
fatrace_0.16.2-2.debian.tar.xz
 db19900d23b1332f00e45e32d0bb76cae0424e48b154d955054102a53e875192

Bug#988604: plocate: autopkgtest regression: plocate and mlocate can't be co-installed anymore

2021-05-16 Thread Paul Gevers 
Source: plocate
Version: 1.1.7-2
X-Debbugs-CC: debian...@lists.debian.org
Severity: serious
User: debian...@lists.debian.org
Usertags: regression

Dear maintainer(s),

With a recent upload of plocate the autopkgtest of plocate fails in
testing when that autopkgtest is run with the binary packages of plocate
from unstable. It passes when run with only packages from testing. In
tabular form:

   passfail
plocatefrom testing1.1.7-2
all others from testingfrom testing

I copied some of the output at the bottom of this report.

Currently this regression is blocking the migration to testing [1]. Can
you please investigate the situation and fix it? It seems you forgot
that one of your tests tries to coinstall both mlocate and plocate. With
your latest changes, that's not intended to be possible, making the test
fail. Please drop the test, or fix it. I think you could just depend on
mlocate and run apt-get install plocate in the test.

More information about this bug and the reason for filing it can be found 
on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[1] https://qa.debian.org/excuses.php?package=plocate

https://ci.debian.net/data/autopkgtest/testing/amd64/p/plocate/12377970/log.gz




OpenPGP_signature
Description: OpenPGP digital signature

Bug#986012: fatrace: autopkgtest regression: ^rm(.*): D /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src$ not found in log

2021-05-16 Thread Martin Pitt 
Control: tag -1 pending

Paul Gevers [2021-03-27 21:43 +0100]:
> https://ci.debian.net/data/autopkgtest/testing/amd64/f/fatrace/11288159/log.gz
> 
> autopkgtest [23:08:44]: test fatrace-currentmount: [---
> ^rm(.*): D /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src$ not
> found in log

I finally found some time to reproduce this with [1]. I tested fatrace
manually, and I don't find any way any more to get open_by_handle_at() or
fanotify to work in an LXC container with the default security profile any
more. As I don't have any influence over the container setting in production
debci, I'm afraid my only way out is to apply "isolation-machine" to
fatrace-currentmount as well.

At least all the tests are runnning both in upstream and Ubuntu CI.

Thanks,

Martin

[1] https://ci.debian.net/doc/file.MAINTAINERS.html

Processed: Re: Bug#986012: fatrace: autopkgtest regression: ^rm(.*): D /tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src$ not found in log

2021-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 pending
Bug #986012 [src:fatrace] fatrace: autopkgtest regression: ^rm(.*): D 
/tmp/autopkgtest-lxc.yky1gevw/downtmp/build.jzI/src$ not found in log
Added tag(s) pending.

-- 
986012: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986012
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#988565: marked as done (slapd-contrib: smbk5pwd crashes when enabling krb5 (again))

2021-05-16 Thread Debian Bug Tracking System 
Your message dated Sun, 16 May 2021 17:48:28 +
with message-id 
and subject line Bug#988565: fixed in openldap 2.4.57+dfsg-3
has caused the Debian Bug report #988565,
regarding slapd-contrib: smbk5pwd crashes when enabling krb5 (again)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
988565: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988565
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: slapd-contrib
Version: 2.4.57+dfsg-2
Severity: serious

# ldapmodify -H ldapi:// -Y EXTERNAL << eof

dn: olcOverlay=smbk5pwd,olcDatabase={1}mdb,cn=config
changetype: add
objectClass: olcSmbK5PwdConfig
olcSmbK5PwdEnable: krb5
eof

SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcOverlay=smbk5pwd,olcDatabase={1}mdb,cn=config"
ldap_result: Can't contact LDAP server (-1)

Thread 3 "slapd" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffb5e98700 (LWP 2843)]
initialize_kadm5_error_table_r (list=0x7fffa8105048,
   list@entry=) at 
kadm5_err.c:101
101 kadm5_err.c: No such file or directory.


Same symptoms and root cause as #917129. Different package causing it.

This time the dependency chain is:
slapd -> libwrap.so.0 -> libnsl.so.2 -> libtirpc.so.3 -> libgssapi_krb5.so.2 -> libkrb5.so.3 
--- End Message ---
--- Begin Message ---
Source: openldap
Source-Version: 2.4.57+dfsg-3
Done: Ryan Tandy 

We believe that the bug you reported is fixed in the latest version of
openldap, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 988...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ryan Tandy  (supplier of updated openldap package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 15 May 2021 16:03:34 -0700
Source: openldap
Architecture: source
Version: 2.4.57+dfsg-3
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenLDAP Maintainers 

Changed-By: Ryan Tandy 
Closes: 988565
Changes:
 openldap (2.4.57+dfsg-3) unstable; urgency=medium
 .
   * Link smbk5pwd with -lkrb5. (Closes: #988565)
Checksums-Sha1:
 df953c8932d5a7c5b6f838db19b1e4b57d2edd9a 3061 openldap_2.4.57+dfsg-3.dsc
 7d750cf34ad3bfde4897e70111b450dfee510182 168536 
openldap_2.4.57+dfsg-3.debian.tar.xz
Checksums-Sha256:
 e51b6c564567aca61508b0bfc6dd53c39564f5b4284155ac51c436abb6ff7496 3061 
openldap_2.4.57+dfsg-3.dsc
 68e93e3c0a2167196f730d44fba31c5408930223c6900ca5a4e57e09bd5884c6 168536 
openldap_2.4.57+dfsg-3.debian.tar.xz
Files:
 c12055a72c1d1a211b1cd944c3fae204 3061 net optional openldap_2.4.57+dfsg-3.dsc
 f35b83922c6c938fc4acf8d4b0c17750 168536 net optional 
openldap_2.4.57+dfsg-3.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJDBAEBCgAtFiEEPSfh0nqdQTd5kOFlIp/PEvXWa7YFAmChT84PHHJ5YW5AbmFy
ZGlzLmNhAAoJECKfzxL11mu2lHkP/1SzH0V/iBORkq8sPq1tF6k2AerpZijn9CJ4
Zx1vH/8ctK9tezcBmFdvCQ0opKfArnNe+O9PkSl9YDYTnewPh+sqqm9gBo27iAH8
dgTPU92+BE3VO2FupjGlICDtCvi43NAHXk2fKiFZbOxrVnWeJEYqx9MtW+Sa5vxR
W4RrIMseE/ixwkyL857hxz9K4syhD3vGix39oLk1O8Bj0AFldaWU/QLAJykEZTAa
dmCJdH1z+Y0xRX4TQPYxrYHbqRLwT6DftgL01CE1mfgi48vEko1TCIH682E2KvTX
KBFC5uZ+exXh7CndF5ZSG1Ji8xxUyTZ7gbDSCPqBip2J3vI3ePa4Cp57EF6C0+2s
eeDZ3FJ/+eAE9TQLOMCtPbbzDOTyyH7y54GGzF185q+vHGEXdOBgBNjgzw3Pocw2
Fqp4GiDfTqn7PUB1iNdZBNy45DT+PMpzzKk5GmNEeQFxnIbEsi4MrIvPBYniqy5g
4vt/15KbaHjpEY+pKS0txW7KjjppyGfHQGbgNaVw8XwzIngsLqAdiTflTMHQe0IR
XW8Japb/SvArclB8pISGGVlMfzWcs1ptBfM7Nix47xWNtQXuxFD8Ob74IqB8XOFS
UQdedu+fd1wUOGjEq2UfYPS0sMVB9SmtJC1RaPUtBij4gVvhcyjzoslV5SgZyUwb
gbY4BngN
=S4kg
-END PGP SIGNATURE End Message ---

Bug#975270: rdiff-backup: Can't talk to the version from buster

2021-05-16 Thread Samuel Thibault 
Hello,

Gregor Zattler, le dim. 16 mai 2021 18:50:42 +0200, a ecrit:
> * Samuel Thibault  [13. Mai. 2021]:
> > Kurt Roeckx, le jeu. 19 nov. 2020 20:40:05 +0100, a ecrit:
> >> I recently found out that my backup has broken for months.
> >
> > Not for month, but this does break my backups now that I try to upgrade
> > some machines, and I don't have another solution than to either
> > downgrade the package, or upgrade all my machines at the same time (!?)
> > to get my backups working again.
> 
> the rdiff-backup project provides a helpful document
> regarding this:
> 
> https://github.com/rdiff-backup/rdiff-backup/blob/master/docs/migration.md
> 
> providing this document in the NEWS.Debian file might be
> enough in order to close this bug?

Perhaps we could have a buster-backports package, so that before
upgrading machines to bullseye, we first just upgrade rdiff-backup on
all buster machines?

Samuel

Bug#975270: rdiff-backup: Can't talk to the version from buster

2021-05-16 Thread Gregor Zattler 
Hi Samuel, debian developers,
* Samuel Thibault  [13. Mai. 2021]:
> Control: severity -1 serious
>
> Kurt Roeckx, le jeu. 19 nov. 2020 20:40:05 +0100, a ecrit:
>> I recently found out that my backup has broken for months.
>
> Not for month, but this does break my backups now that I try to upgrade
> some machines, and I don't have another solution than to either
> downgrade the package, or upgrade all my machines at the same time (!?)
> to get my backups working again.

the rdiff-backup project provides a helpful document
regarding this:

https://github.com/rdiff-backup/rdiff-backup/blob/master/docs/migration.md

providing this document in the NEWS.Debian file might be
enough in order to close this bug?


Ciao; Gregor

Bug#987353: CVE-2020-8903 CVE-2020-8907 CVE-2020-8933

2021-05-16 Thread Theodore Y. Ts'o 
On Thu, May 13, 2021 at 09:56:53PM +0100, Marcin Kulisz wrote:
> 
> I hope that we're be able to change it, but for me fundamental
> question is if Google is interested in participating in effort to
> keep those packages in Debian main and if so what resources can be
> committed to do so.  From my side I can say that I'll try to find
> time to work on the relevant packages or to sponsor uploads if
> somebody else want to take on this task.

I'd be interested in helping; while I happen to work for Google, this
would only be in my personal compacity.  One caveat, though, which is
why I've hesitated in replying, is I don't have any experience
packaging Python applications.

In particular, if the Google SDK requires python packages that are
either newer or older than what is packaged in Debian, Debian's
prohibition of private copies of dependencies could make this quite
painful (if nothing else, just simply testing to make sure things
still work with variations in the Python packages available in
Debian)

- Ted

Bug#988326: marked as done (libboost-python-dev: Linking against boost_python requires the python version number ex: -lboost_python39)

2021-05-16 Thread Debian Bug Tracking System 
Your message dated Sun, 16 May 2021 17:14:46 +0200
with message-id 

and subject line Re: Bug#988326: libboost-python-dev: Linking against 
boost_python requires the python version number ex: -lboost_python39
has caused the Debian Bug report #988326,
regarding libboost-python-dev: Linking against boost_python requires the python 
version number ex: -lboost_python39
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
988326: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988326
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libboost-python-dev
Version: 1.74.0.3
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: d...@groolot.net

Dear Maintainer,

   * What led up to the situation?
 When I try to compile `mididings' and link against
 `-lboost_python' the linker failed with undefined reference to
 'libboost_python'.
   
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
 I try with a minimal `main.c' example and:
   * link against `-lboost_python', INEFFECTIVE
   * link against `-lboost_python39', EFFECTIVE
   * symlink `libboost_python.so' to `libboost_python39.so' and
 link against `-lboost_python', EFFECTIVE

-- System Information:
Debian Release: 11.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.11.0-19.1-liquorix-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libboost-python-dev depends on:
ii  libboost-python1.74-dev  1.74.0-9

libboost-python-dev recommends no packages.

libboost-python-dev suggests no packages.

-- no debconf information
--- End Message ---
--- Begin Message ---
Control: tags -1 wontfix

Hi, I am closing this bug. See an explanation above.

Best regards

Anton
--- End Message ---

Bug#988326: libboost-python-dev: Linking against boost_python requires the python version number ex: -lboost_python39

2021-05-16 Thread Anton Gladky 
Control: tags -1 wontfix

Hi, I am closing this bug. See an explanation above.

Best regards

Anton

Processed: Re: Bug#988326: libboost-python-dev: Linking against boost_python requires the python version number ex: -lboost_python39

2021-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 wontfix
Bug #988326 [libboost-python-dev] libboost-python-dev: Linking against 
boost_python requires the python version number ex: -lboost_python39
Added tag(s) wontfix.

-- 
988326: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988326
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: bug 983515 is forwarded to https://gitlab.gnome.org/World/OpenPaperwork/paperwork/-/issues/981

2021-05-16 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> forwarded 983515 
> https://gitlab.gnome.org/World/OpenPaperwork/paperwork/-/issues/981
Bug #983515 [src:paperwork] paperwork: autopkgtest armhf regression: Libinsane 
item->get_options() error: 0x4006, I/O Error (7)
Set Bug forwarded-to-address to 
'https://gitlab.gnome.org/World/OpenPaperwork/paperwork/-/issues/981'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
983515: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983515
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#986293: virtuoso-opensource: diff for NMU version 7.2.5.1+dfsg-3.1

2021-05-16 Thread Adrian Bunk 
Control: tags 982569 + pending
Control: tags 982628 + pending
Control: tags 983414 + pending
Control: tags 986293 + patch
Control: tags 986293 + pending

Dear maintainer,

I've prepared an NMU for virtuoso-opensource (versioned as 7.2.5.1+dfsg-3.1)
and uploaded it to DELAYED/7. Please feel free to tell me if I should 
cancel it.

The proper fix for the part of #986293 that is not a duplicate of 
#986275 would be fixing whatever made libvirtuoso5.5-cil lose its
dependencies, Debian Mono Group copied in case someone has an idea
what broke that.

cu
Adrian
diff -Nru virtuoso-opensource-7.2.5.1+dfsg/debian/changelog virtuoso-opensource-7.2.5.1+dfsg/debian/changelog
--- virtuoso-opensource-7.2.5.1+dfsg/debian/changelog	2021-02-08 16:33:53.0 +0200
+++ virtuoso-opensource-7.2.5.1+dfsg/debian/changelog	2021-05-16 16:11:30.0 +0300
@@ -1,3 +1,14 @@
+virtuoso-opensource (7.2.5.1+dfsg-3.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Drop the libvirtuoso5.5-cil package. (Closes: #986293)
+  * Updated debconf translations:
+- Dutch from Frans Spiesschaert. (Closes: #983414)
+- German from Helge Kreutzmann. (Closes: #982628)
+- Portuguese from Américo Monteiro. (Closes: #982569)
+
+ -- Adrian Bunk   Sun, 16 May 2021 16:11:30 +0300
+
 virtuoso-opensource (7.2.5.1+dfsg-3) unstable; urgency=medium
 
   [ Debian Janitor ]
diff -Nru virtuoso-opensource-7.2.5.1+dfsg/debian/control virtuoso-opensource-7.2.5.1+dfsg/debian/control
--- virtuoso-opensource-7.2.5.1+dfsg/debian/control	2021-02-08 16:33:53.0 +0200
+++ virtuoso-opensource-7.2.5.1+dfsg/debian/control	2021-05-16 16:09:41.0 +0300
@@ -5,7 +5,6 @@
 Section: database
 Priority: optional
 Build-Depends: bison,
-   cli-common-dev [amd64 arm64 armel armhf i386 kfreebsd-amd64 kfreebsd-i386 mipsel ppc64 ppc64el s390x],
debhelper (>= 12~),
docbook2x,
docbook-xml,
@@ -21,7 +20,6 @@
libwbxml2-dev,
libxml2-dev,
m4,
-   mono-devel [amd64 arm64 armel armhf i386 kfreebsd-amd64 kfreebsd-i386 mipsel ppc64 ppc64el s390x],
net-tools,
pkg-kde-tools,
po-debconf,
@@ -350,16 +348,16 @@
  .
  This package contains the Virtuoso ODBC client libraries.
 
-Package: libvirtuoso5.5-cil
-Architecture: amd64 arm64 armel armhf i386 kfreebsd-amd64 kfreebsd-i386 mipsel ppc64 ppc64el s390x
-Section: cli-mono
-Depends: ${cli:Depends},
- ${misc:Depends}
-Description: high-performance database - Mono assemblies
- OpenLink Virtuoso is a high-performance object-relational SQL database.
- It provides transactions, a smart SQL compiler, hot backup, SQL:1999
- support, a powerful stored-procedure language supporting server-side
- Java or .NET, and more. It supports all major data-access interfaces,
- including ODBC, JDBC, ADO.NET, and OLE/DB.
- .
- This package contains Virtuoso's ADO.NET data provider for Mono.
+#Package: libvirtuoso5.5-cil
+#Architecture: amd64 arm64 armel armhf i386 kfreebsd-amd64 kfreebsd-i386 mipsel ppc64 ppc64el s390x
+#Section: cli-mono
+#Depends: ${cli:Depends},
+# ${misc:Depends}
+#Description: high-performance database - Mono assemblies
+# OpenLink Virtuoso is a high-performance object-relational SQL database.
+# It provides transactions, a smart SQL compiler, hot backup, SQL:1999
+# support, a powerful stored-procedure language supporting server-side
+# Java or .NET, and more. It supports all major data-access interfaces,
+# including ODBC, JDBC, ADO.NET, and OLE/DB.
+# .
+# This package contains Virtuoso's ADO.NET data provider for Mono.
diff -Nru virtuoso-opensource-7.2.5.1+dfsg/debian/po/de.po virtuoso-opensource-7.2.5.1+dfsg/debian/po/de.po
--- virtuoso-opensource-7.2.5.1+dfsg/debian/po/de.po	2021-02-08 16:33:53.0 +0200
+++ virtuoso-opensource-7.2.5.1+dfsg/debian/po/de.po	2021-05-16 16:11:30.0 +0300
@@ -3,20 +3,20 @@
 # package.
 #
 # Martin Eberhard Schauer , 2010.
+# Helge Kreutzmann , 2021.
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: virtuoso-opensource6.1.0+dfsg2-2\n"
+"Project-Id-Version: virtuoso-opensource 7.2.5.1+dfsg-3\n"
 "Report-Msgid-Bugs-To: virtuoso-opensou...@packages.debian.org\n"
 "POT-Creation-Date: 2018-08-24 07:47+0200\n"
-"PO-Revision-Date: 2010-03-27 14:12+\n"
-"Last-Translator: Martin Eberhard Schauer \n"
-"Language-Team:  \n"
-"Language: \n"
+"PO-Revision-Date: 2021-02-12 17:19+0100\n"
+"Last-Translator: Helge Kreutzmann \n"
+"Language-Team:  German \n"
+"Language: de\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"X-Generator: KBabel 1.11.4\n"
 
 #. Type: password
 #. Description
@@ -153,6 +153,16 @@
 #. Description
 #: ../virtuoso-opensource-7.templates:7001
 msgid ""
+"The /var/lib/virtuoso-opensource-7 directory which contains the Virtuoso "
+"databases is about to be removed."
+msgstr ""
+"Das Verzeichnis

Processed: virtuoso-opensource: diff for NMU version 7.2.5.1+dfsg-3.1

2021-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> tags 982569 + pending
Bug #982569 [virtuoso-opensource] virtuoso-opensource: [INTL:pt] Updated 
Portuguese translation - debconf messages
Ignoring request to alter tags of bug #982569 to the same tags previously set
> tags 982628 + pending
Bug #982628 [virtuoso-opensource] virtuoso-opensource: [INTL:de] updated German 
debconf translation
Ignoring request to alter tags of bug #982628 to the same tags previously set
> tags 983414 + pending
Bug #983414 [virtuoso-opensource] virtuoso-opensource: [INTL:nl] Dutch 
translation of debconf messages
Ignoring request to alter tags of bug #983414 to the same tags previously set
> tags 986293 + patch
Bug #986293 [libvirtuoso5.5-cil] libvirtuoso5.5-cil: fails to upgrade from 
'buster': The type initializer for 'Sys' threw an exception.
Ignoring request to alter tags of bug #986293 to the same tags previously set
> tags 986293 + pending
Bug #986293 [libvirtuoso5.5-cil] libvirtuoso5.5-cil: fails to upgrade from 
'buster': The type initializer for 'Sys' threw an exception.
Ignoring request to alter tags of bug #986293 to the same tags previously set

-- 
982569: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982569
982628: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982628
983414: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983414
986293: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986293
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: virtuoso-opensource: diff for NMU version 7.2.5.1+dfsg-3.1

2021-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> tags 982569 + pending
Bug #982569 [virtuoso-opensource] virtuoso-opensource: [INTL:pt] Updated 
Portuguese translation - debconf messages
Ignoring request to alter tags of bug #982569 to the same tags previously set
> tags 982628 + pending
Bug #982628 [virtuoso-opensource] virtuoso-opensource: [INTL:de] updated German 
debconf translation
Ignoring request to alter tags of bug #982628 to the same tags previously set
> tags 983414 + pending
Bug #983414 [virtuoso-opensource] virtuoso-opensource: [INTL:nl] Dutch 
translation of debconf messages
Ignoring request to alter tags of bug #983414 to the same tags previously set
> tags 986293 + patch
Bug #986293 [libvirtuoso5.5-cil] libvirtuoso5.5-cil: fails to upgrade from 
'buster': The type initializer for 'Sys' threw an exception.
Ignoring request to alter tags of bug #986293 to the same tags previously set
> tags 986293 + pending
Bug #986293 [libvirtuoso5.5-cil] libvirtuoso5.5-cil: fails to upgrade from 
'buster': The type initializer for 'Sys' threw an exception.
Ignoring request to alter tags of bug #986293 to the same tags previously set

-- 
982569: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982569
982628: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982628
983414: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983414
986293: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986293
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: virtuoso-opensource: diff for NMU version 7.2.5.1+dfsg-3.1

2021-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> tags 982569 + pending
Bug #982569 [virtuoso-opensource] virtuoso-opensource: [INTL:pt] Updated 
Portuguese translation - debconf messages
Ignoring request to alter tags of bug #982569 to the same tags previously set
> tags 982628 + pending
Bug #982628 [virtuoso-opensource] virtuoso-opensource: [INTL:de] updated German 
debconf translation
Ignoring request to alter tags of bug #982628 to the same tags previously set
> tags 983414 + pending
Bug #983414 [virtuoso-opensource] virtuoso-opensource: [INTL:nl] Dutch 
translation of debconf messages
Ignoring request to alter tags of bug #983414 to the same tags previously set
> tags 986293 + patch
Bug #986293 [libvirtuoso5.5-cil] libvirtuoso5.5-cil: fails to upgrade from 
'buster': The type initializer for 'Sys' threw an exception.
Ignoring request to alter tags of bug #986293 to the same tags previously set
> tags 986293 + pending
Bug #986293 [libvirtuoso5.5-cil] libvirtuoso5.5-cil: fails to upgrade from 
'buster': The type initializer for 'Sys' threw an exception.
Ignoring request to alter tags of bug #986293 to the same tags previously set

-- 
982569: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982569
982628: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982628
983414: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983414
986293: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986293
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: virtuoso-opensource: diff for NMU version 7.2.5.1+dfsg-3.1

2021-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> tags 982569 + pending
Bug #982569 [virtuoso-opensource] virtuoso-opensource: [INTL:pt] Updated 
Portuguese translation - debconf messages
Added tag(s) pending.
> tags 982628 + pending
Bug #982628 [virtuoso-opensource] virtuoso-opensource: [INTL:de] updated German 
debconf translation
Added tag(s) pending.
> tags 983414 + pending
Bug #983414 [virtuoso-opensource] virtuoso-opensource: [INTL:nl] Dutch 
translation of debconf messages
Added tag(s) pending.
> tags 986293 + patch
Bug #986293 [libvirtuoso5.5-cil] libvirtuoso5.5-cil: fails to upgrade from 
'buster': The type initializer for 'Sys' threw an exception.
Added tag(s) patch.
> tags 986293 + pending
Bug #986293 [libvirtuoso5.5-cil] libvirtuoso5.5-cil: fails to upgrade from 
'buster': The type initializer for 'Sys' threw an exception.
Added tag(s) pending.

-- 
982569: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982569
982628: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982628
983414: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983414
986293: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986293
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#952067: marked as done (hpcc: FTBFS: mpi.h:322:57: error: expected expression before ‘_Static_assert’)

2021-05-16 Thread Debian Bug Tracking System 
Your message dated Sun, 16 May 2021 13:18:38 +
with message-id 
and subject line Bug#952067: fixed in hpcc 1.5.0-2.1
has caused the Debian Bug report #952067,
regarding hpcc: FTBFS: mpi.h:322:57: error: expected expression before 
‘_Static_assert’
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
952067: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952067
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: hpcc
Version: 1.5.0-2
Severity: serious
Justification: FTBFS on amd64
Tags: buster sid
Usertags: ftbfs-20200222 ftbfs-buster

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.

Relevant part (hopefully):
> make[3]: Entering directory '/<>/hpl/lib/arch/build'
> mpicc -o ../../../src/auxil/HPL_dlacpy.o -c ../../../src/auxil/HPL_dlacpy.c  
> -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian   
> -fomit-frame-pointer -O3 -funroll-loops -W -Wall -g -O2 
> -fdebug-prefix-map=/<>/hpl/lib/arch/build=. 
> -fstack-protector-strong -Wformat -Werror=format-security
> mpicc -o ../../../src/auxil/HPL_dlatcpy.o -c ../../../src/auxil/HPL_dlatcpy.c 
>  -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian   
> -fomit-frame-pointer -O3 -funroll-loops -W -Wall -g -O2 
> -fdebug-prefix-map=/<>/hpl/lib/arch/build=. 
> -fstack-protector-strong -Wformat -Werror=format-security
> mpicc -o ../../../src/auxil/HPL_fprintf.o -c ../../../src/auxil/HPL_fprintf.c 
>  -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian   
> -fomit-frame-pointer -O3 -funroll-loops -W -Wall -g -O2 
> -fdebug-prefix-map=/<>/hpl/lib/arch/build=. 
> -fstack-protector-strong -Wformat -Werror=format-security
> mpicc -o ../../../src/auxil/HPL_warn.o -c ../../../src/auxil/HPL_warn.c  
> -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian   
> -fomit-frame-pointer -O3 -funroll-loops -W -Wall -g -O2 
> -fdebug-prefix-map=/<>/hpl/lib/arch/build=. 
> -fstack-protector-strong -Wformat -Werror=format-security
> mpicc -o ../../../src/auxil/HPL_abort.o -c ../../../src/auxil/HPL_abort.c  
> -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian   
> -fomit-frame-pointer -O3 -funroll-loops -W -Wall -g -O2 
> -fdebug-prefix-map=/<>/hpl/lib/arch/build=. 
> -fstack-protector-strong -Wformat -Werror=format-security
> mpicc -o ../../../src/auxil/HPL_dlaprnt.o -c ../../../src/auxil/HPL_dlaprnt.c 
>  -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian   
> -fomit-frame-pointer -O3 -funroll-loops -W -Wall -g -O2 
> -fdebug-prefix-map=/<>/hpl/lib/arch/build=. 
> -fstack-protector-strong -Wformat -Werror=format-security
> mpicc -o ../../../src/auxil/HPL_dlange.o -c ../../../src/auxil/HPL_dlange.c  
> -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian   
> -fomit-frame-pointer -O3 -funroll-loops -W -Wall -g -O2 
> -fdebug-prefix-map=/<>/hpl/lib/arch/build=. 
> -fstack-protector-strong -Wformat -Werror=format-security
> mpicc -o ../../../src/auxil/HPL_dlamch.o -c ../../../src/auxil/HPL_dlamch.c  
> -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian  
> mpicc -o ../../../src/blas/HPL_dcopy.o -c ../../../src/blas/HPL_dcopy.c  
> -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian   
> -fomit-frame-pointer -O3 -funroll-loops -W -Wall -g -O2 
> -fdebug-prefix-map=/<>/hpl/lib/arch/build=. 
> -fstack-protector-strong -Wformat -Werror=format-security
> mpicc -o ../../../src/blas/HPL_daxpy.o -c ../../../src/blas/HPL_daxpy.c  
> -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian   
> -fomit-frame-pointer -O3 -funroll-loops -W -Wall -g -O2 
> -fdebug-prefix-map=/<>/hpl/lib/arch/build=. 
> -fstack-protector-strong -Wformat -Werror=format-security
> mpicc -o ../../../src/blas/HPL_dscal.o -c ../../../src/blas/HPL_dscal.c  
> -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian   
> -fomit-frame-pointer -O3 -funroll-loops -W -Wall -g -O2 
> -fdebug-prefix-map=/<>/hpl/lib/arch/build=. 
> -fstack-protector-strong -Wformat -Werror=format-security
> mpicc -o ../../../src/blas/HPL_idamax.o -c ../../../src/blas/HPL_idamax.c  
> -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian   
> -fomit-frame-pointer -O3 -funroll-loops -W -Wall -g -O2 
> -fdebug-prefix-map=/<>/hpl/lib/arch/build=. 
> -fstack-protector-strong -Wformat -Werror=format-security
> mpicc -o ../../../src/blas/HPL_dgemv.o -c ../../../src/blas/HPL_dgemv.c  
> -DHPL_CALL_CBLAS -I../../../include -I../../../include/Debian   
> -fomit-frame-pointer -O3 -funroll-loops -W -Wall -g -O2 
> -fdebug-prefix-map=/<>/hpl/lib/arch/build=. 
> -fstack-protector-strong

Bug#988584: manpages-hu: Contains undistributable content - All rights reserved

2021-05-16 Thread Mario Blättermann 
Hello,

Helge Kreutzmann  schrieb am So., 16. Mai 2021, 12:27:

> Package: manpages-hu
> Version: 20010119-7
> Severity: serious
> Justification: Policy 2.3
> X-Debbugs-Cc: Mario Blättermann 
>
> Short:
> man8/ssh.8 states:
> .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
> .\"All rights reserved
>
> Long:
> The copyright situation is very unclear. I reviewed some files and besides
> the above one some are "GNU licensed" (without version), some require
> redistribution of copyright information in binary versions (I'm not sure
> if
> 2.3 Nr.3 remedies this), while others don't come with any statement at all.
> And debian/copyright places the burden of proof on the users in case
> comercial
> distribution is intended (e.g. Debian downstreams like Ubuntu). I wonder
> how
> this passed debian-legal?
>
> (This is just a selection, e.g. man.7,tsort.1,as.1 are interesting as
> well…)
>
> I tried looking at the mentioned upstream homepage, i.e.
> http://lme.linux.hu/forditas/index.html
> but this page is down atm.
>
> To resolve this bug, I suggest the following:
> 1. Remove all pages like ssh.8 which are clearly not distributable
>(After contacting with upstream or the respective authors they might
> be included in later versions again, if the license is updated)
>
> 2. Create a machine readable copyright including all authors (both of the
>english version and the respective translators) and the respective
> licenses.
>
> 3. Get the copyrights reviewed, e.g. on debian-legal, possibly catching
> more pages
>which cannot be distributed.
>
> 4. Check with upstream about a newer version. The pages are *old*. Is this
> really a
>service to your users?


See below for the plans to get rid of this outdated stuff.


> 5. Talk to manpages-l10n for integration of those pages, where copyright
> allows so.
>This way the maintance both for legal reasons and for updating (we use
> po4a) is
>vastly improved. Bonus if some translators are available, who could
> update the
>pages (its much easier with po4a).
>

We are planning to merge the remaining outdated manpages-* packages into
manpages-l10n anyway. So manpages-hu will be the next candidate for the
import. I will create a framework for Hungarian soon, and import the old
files step by step. The creation of the translated versions remains
disabled until the import is finished; once it is done, manpages-hu needs
to be removed from Debian to avoid package conflicts.

Best Regards,
Mario

Processed: Re: Bug#988583: elpa-debian-el: Cannot report any bugs at all. It is broken.

2021-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 unreproducible
Bug #988583 [elpa-debian-el] elpa-debian-el: Cannot report  any bugs at all. It 
is broken.
Added tag(s) unreproducible.
> severity -1 normal
Bug #988583 [elpa-debian-el] elpa-debian-el: Cannot report  any bugs at all. It 
is broken.
Severity set to 'normal' from 'grave'

-- 
988583: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988583
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#988583: elpa-debian-el: Cannot report any bugs at all. It is broken.

2021-05-16 Thread David Bremner 
Control: tag -1 unreproducible
Control: severity -1 normal

Salman Mohammadi  writes:

> Package: elpa-debian-el
> Version: 37.10
> Severity: grave
> Justification: renders package unusable
> X-Debbugs-Cc: sal...@smoha.org
>
> Dear Maintainer,
>
> I cannot report any bugs using M-x debian-bug at all. After entering the bug
> summary, I get the following error message, and cannot correctly reach the 
> page
> where I should write the actual bug report.
>
>   Getting package information from reportbug...
>   debian-bug-prefill-report: Reportbug did not produce expected output!
> Bailing out.
>   Reportbug may have sent an empty report!

I can't reproduce this behaviour. I guess it might be related to
something in your reportbug configuration. Can you share your .reportbugrc?

By the way, this bug by itself does not "render package unusable", since
the package provides other functionality.

Bug#988249: marked as done (golang-github-getkin-kin-openapi: flaky autopkgtest: output order changed)

2021-05-16 Thread Debian Bug Tracking System 
Your message dated Sun, 16 May 2021 10:48:34 +
with message-id 
and subject line Bug#988249: fixed in golang-github-getkin-kin-openapi 0.32.0-2
has caused the Debian Bug report #988249,
regarding golang-github-getkin-kin-openapi: flaky autopkgtest: output order 
changed
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
988249: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988249
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: golang-github-getkin-kin-openapi
Version: 0.32.0-1
Severity: serious
Tags: sid bullseye
X-Debbugs-CC: debian...@lists.debian.org
User: debian...@lists.debian.org
Usertags: flaky

Dear maintainer(s),

Your package has an autopkgtest, great. However, because of the failure
"caused" by golang-testify, I looked into the history of your
autopkgtest [1] and I noticed it fails regularly. In all the logs I
looked at the error is the same, it happens on multiple architectures.

Because the unstable-to-testing migration software now blocks on
regressions in testing, flaky tests, i.e. tests that flip between
passing and failing without changes to the list of installed packages,
are causing people unrelated to your package to spend time on these
tests.

Paul

[1]

https://ci.debian.net/data/autopkgtest/testing/amd64/g/golang-github-getkin-kin-openapi/11903910/log.gz

=== RUN   TestConvOpenAPIV3ToV2
openapi2_conv_test.go:30:
Error Trace:openapi2_conv_test.go:30
Error:  Not equal:
expected: map[string]interface
{}{"basePath":"/v2", "consumes":[]interface {}{"application/json",
"application/xml"}, "definitions":map[string]interface
{}{"Error":map[string]interface {}{"description":"Error response.",
"properties":map[string]interface {}{"message":map[string]interface
{}{"type":"string"}}, "required":[]interface {}{"message"},
"type":"object"}, "Item":map[string]interface
{}{"additionalProperties":true, "properties":map[string]interface
{}{"foo":map[string]interface {}{"type":"string"},
"quux":map[string]interface {}{"$ref":"#/definitions/ItemExtension"}},
"type":"object"}, "ItemExtension":map[string]interface
{}{"description":"It could be anything.", "type":"boolean"}},
"externalDocs":map[string]interface {}{"description":"Example
Documentation", "url":"https://example/doc/"},
"host":"test.example.com", "info":map[string]interface
{}{"title":"MyAPI", "version":"0.1", "x-info":"info extension"},
"parameters":map[string]interface {}{"banana":map[string]interface
{}{"in":"path", "name":"banana", "required":true, "type":"string"},
"post_form_ref":map[string]interface {}{"description":"param
description", "in":"formData", "name":"fileUpload2", "required":true,
"type":"file", "x-formData-name":"fileUpload2",
"x-mimetype":"text/plain"}, "put_body":map[string]interface
{}{"in":"body", "name":"banana", "required":true,
"schema":map[string]interface {}{"type":"string"},
"x-originalParamName":"banana"}}, "paths":map[string]interface
{}{"/another/{banana}/{id}":map[string]interface
{}{"parameters":[]interface {}{map[string]interface
{}{"$ref":"#/parameters/banana"}, map[string]interface {}{"in":"path",
"name":"id", "required":true, "type":"integer"}}},
"/example":map[string]interface {}{"delete":map[string]interface
{}{"description":"example delete", "operationId":"example-delete",
"parameters":[]interface {}{map[string]interface {}{"in":"query",
"name":"x", "type":"string", "x-parameter":"parameter extension 1"},
map[string]interface {}{"default":250, "description":"The y parameter",
"in":"query", "maximum":1, "minimum":1, "name":"y",
"type":"integer"}, map[string]interface {}{"description":"Only return
results that intersect the provided bounding box.", "in":"query",
"items":map[string]interface {}{"type":"number"}, "maxItems":4,
"minItems":4, "name":"bbox", "type":"array"}},
"responses":map[string]interface {}{"200":map[string]interface
{}{"description":"ok", "schema":map[string]interface
{}{"items":map[string]interface {}{"$ref":"#/definitions/Item"},
"type":"array"}}, "404":map[string]interface {}{"description":"404
response"}, "default":map[string]interface {}{"description":"default
response", "x-response":"response extension 1"}}, "security":[]interface
{}{map[string]interface {}{"get_security_0":[]interface {}{"scope0",
"scope1"}, "get_security_1":[]interface {}{}}}, "summary":"example get",
"tags":[]interface {}{"Example"}}, "get":map[string]interface
{}{"description":"example get", "responses":map[string]interface
{}{"403":map[string]interface {}{"$ref":"#/responses/ForbiddenError"},

Processed: Bug#988249 marked as pending in golang-github-getkin-kin-openapi

2021-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 pending
Bug #988249 [src:golang-github-getkin-kin-openapi] 
golang-github-getkin-kin-openapi: flaky autopkgtest: output order changed
Added tag(s) pending.

-- 
988249: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988249
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#988249: marked as pending in golang-github-getkin-kin-openapi

2021-05-16 Thread Shengjing Zhu 
Control: tag -1 pending

Hello,

Bug #988249 in golang-github-getkin-kin-openapi reported by you has been fixed 
in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/go-team/packages/golang-github-getkin-kin-openapi/-/commit/9f098dbc7cd782b40b10b22cd3450b7871799fdc


Backport patch to make 2to3 more deterministic (Closes: #988249)


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/988249

Processed: bug 988249 is forwarded to https://github.com/getkin/kin-openapi/pull/278

2021-05-16 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> forwarded 988249 https://github.com/getkin/kin-openapi/pull/278
Bug #988249 [src:golang-github-getkin-kin-openapi] 
golang-github-getkin-kin-openapi: flaky autopkgtest: output order changed
Set Bug forwarded-to-address to 
'https://github.com/getkin/kin-openapi/pull/278'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
988249: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988249
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#988584: manpages-hu: Contains undistributable content - All rights reserved

2021-05-16 Thread Helge Kreutzmann 
Package: manpages-hu
Version: 20010119-7
Severity: serious
Justification: Policy 2.3
X-Debbugs-Cc: Mario Blättermann 

Short:
man8/ssh.8 states:
.\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
.\"All rights reserved

Long:
The copyright situation is very unclear. I reviewed some files and besides 
the above one some are "GNU licensed" (without version), some require 
redistribution of copyright information in binary versions (I'm not sure if 
2.3 Nr.3 remedies this), while others don't come with any statement at all.
And debian/copyright places the burden of proof on the users in case comercial
distribution is intended (e.g. Debian downstreams like Ubuntu). I wonder how
this passed debian-legal?

(This is just a selection, e.g. man.7,tsort.1,as.1 are interesting as well…)

I tried looking at the mentioned upstream homepage, i.e. 
http://lme.linux.hu/forditas/index.html
but this page is down atm.

To resolve this bug, I suggest the following:
1. Remove all pages like ssh.8 which are clearly not distributable
   (After contacting with upstream or the respective authors they might
be included in later versions again, if the license is updated)

2. Create a machine readable copyright including all authors (both of the
   english version and the respective translators) and the respective licenses.

3. Get the copyrights reviewed, e.g. on debian-legal, possibly catching more 
pages 
   which cannot be distributed.

4. Check with upstream about a newer version. The pages are *old*. Is this 
really a 
   service to your users?

5. Talk to manpages-l10n for integration of those pages, where copyright allows 
so.
   This way the maintance both for legal reasons and for updating (we use po4a) 
is
   vastly improved. Bonus if some translators are available, who could update 
the 
   pages (its much easier with po4a).


-- System Information:
Debian Release: 11.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to de_DE.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

manpages-hu depends on no packages.

manpages-hu recommends no packages.

Versions of packages manpages-hu suggests:
ii  man-db [man]  2.9.4-2

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#988583: elpa-debian-el: Cannot report any bugs at all. It is broken.

2021-05-16 Thread Salman Mohammadi 
Package: elpa-debian-el
Version: 37.10
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: sal...@smoha.org

Dear Maintainer,

I cannot report any bugs using M-x debian-bug at all. After entering the bug
summary, I get the following error message, and cannot correctly reach the page
where I should write the actual bug report.

  Getting package information from reportbug...
  debian-bug-prefill-report: Reportbug did not produce expected output!
Bailing out.
  Reportbug may have sent an empty report!


Thanks, Salman

-- System Information:
Debian Release: 11.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-6-amd64 (SMP w/4 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not
set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages elpa-debian-el depends on:
ii  bzip2   1.0.8-4
ii  dh-elpa-helper  2.0.8
ii  dpkg1.20.9
ii  emacsen-common  3.0.4
ii  reportbug   7.10.3
ii  xz-utils5.2.5-2

Versions of packages elpa-debian-el recommends:
ii  emacs  1:27.1+1-3.1
ii  emacs-gtk [emacs]  1:27.1+1-3.1
ii  wget   1.21-1+b1

elpa-debian-el suggests no packages.

Bug#988243: marked as done (golang-github-ulikunitz-xz: CVE-2021-29482)

2021-05-16 Thread Debian Bug Tracking System 
Your message dated Sun, 16 May 2021 09:18:29 +
with message-id 
and subject line Bug#988243: fixed in golang-github-ulikunitz-xz 0.5.6-2
has caused the Debian Bug report #988243,
regarding golang-github-ulikunitz-xz: CVE-2021-29482
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
988243: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988243
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: golang-github-ulikunitz-xz
Version: 0.5.6-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for golang-github-ulikunitz-xz.

CVE-2021-29482[0]:
| xz is a compression and decompression library focusing on the xz
| format completely written in Go. The function readUvarint used to read
| the xz container format may not terminate a loop provide malicous
| input. The problem has been fixed in release v0.5.8. As a workaround
| users can limit the size of the compressed file input to a reasonable
| size for their use case. The standard library had recently the same
| issue and got the CVE-2020-16845 allocated.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-29482
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29482
[1] https://github.com/ulikunitz/xz/security/advisories/GHSA-25xm-hr59-7c27
[2] 
https://github.com/ulikunitz/xz/commit/69c6093c7b2397b923acf82cb378f55ab2652b9b

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: golang-github-ulikunitz-xz
Source-Version: 0.5.6-2
Done: Shengjing Zhu 

We believe that the bug you reported is fixed in the latest version of
golang-github-ulikunitz-xz, which is due to be installed in the Debian FTP 
archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 988...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Shengjing Zhu  (supplier of updated golang-github-ulikunitz-xz 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 16 May 2021 17:10:45 +0800
Source: golang-github-ulikunitz-xz
Architecture: source
Version: 0.5.6-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team 
Changed-By: Shengjing Zhu 
Closes: 988243
Changes:
 golang-github-ulikunitz-xz (0.5.6-2) unstable; urgency=medium
 .
   * Team upload.
 .
   [ Debian Janitor ]
   * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
 Repository-Browse.
   * Update standards version to 4.5.0, no changes needed.
   * Apply multi-arch hints.
 + golang-github-ulikunitz-xz-dev: Add Multi-Arch: foreign.
 .
   [ Shengjing Zhu ]
   * Backport patch for CVE-2021-29482.
 Fixes readUvarint denial of service (Closes: #988243)
Checksums-Sha1:
 43d993c17bad3dc45da832940d64bddfca46f7b7 1662 
golang-github-ulikunitz-xz_0.5.6-2.dsc
 76969e0e8e81f9241b8eda72bf4b10fd1a6f78c7 3368 
golang-github-ulikunitz-xz_0.5.6-2.debian.tar.xz
 fc69099ab356b7eff168a33b05a652153ce7c809 5369 
golang-github-ulikunitz-xz_0.5.6-2_amd64.buildinfo
Checksums-Sha256:
 e42990cef92b472a42f7d7f907fbdd05552e0c5889d793f7839bf08cae46ef9e 1662 
golang-github-ulikunitz-xz_0.5.6-2.dsc
 86f7205ef6393a30109425c1aea296b921f3420d7635aad47f7e9ebdcf845a4a 3368 
golang-github-ulikunitz-xz_0.5.6-2.debian.tar.xz
 b4d8962b86b27f4038fad21a7ce3a563be9f9b0a7da8dcba16b9cb45442c28a6 5369 
golang-github-ulikunitz-xz_0.5.6-2_amd64.buildinfo
Files:
 92a3b855e8d4953a82a7fe6a813f16b5 1662 devel optional 
golang-github-ulikunitz-xz_0.5.6-2.dsc
 c907b92e09ee3edc9935003a1b740ea1 3368 devel optional 
golang-github-ulikunitz-xz_0.5.6-2.debian.tar.xz
 2eaf25c2120d0b852e85fbb38f92073e 5369 devel optional 
golang-github-ulikunitz-xz_0.5.6-2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iIYEARYIAC4WIQSRhdT1d2eu7mxV1B5/RPol6lUUywUCYKDh7xAcemhzakBkZWJp
YW4ub3JnAAoJEH9E+iXqVRTLOx0A/2n2Sq1QfvsSBsqZsm2uV2i9DyOvYZ15Ryfx
iSxZ7OTYAP9rEe4D28cIKwJg1SW5EuiHQfnRRTK53wVWkeocHsxYAg==
=Uy8P
-END PGP SIGNATURE End Message ---

Processed: Bug#988243 marked as pending in golang-github-ulikunitz-xz

2021-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 pending
Bug #988243 [src:golang-github-ulikunitz-xz] golang-github-ulikunitz-xz: 
CVE-2021-29482
Added tag(s) pending.

-- 
988243: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988243
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#988243: marked as pending in golang-github-ulikunitz-xz

2021-05-16 Thread Shengjing Zhu 
Control: tag -1 pending

Hello,

Bug #988243 in golang-github-ulikunitz-xz reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/go-team/packages/golang-github-ulikunitz-xz/-/commit/820a627e39bb40050bb94427f332c7f31adef52a


Backport patch for CVE-2021-29482

Fixes readUvarint denial of service (Closes: #988243)


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/988243

Bug#984956: Pmix issues with openmpi-4.1.0

2021-05-16 Thread Alastair McKinstry 

Hi Lucas

Yikes.

No, I wanted to wait and check if there were any issues before issuing 
an unblock request.


Alastair

On 16/05/2021 06:35, Lucas Nussbaum wrote:

Hi Alaitair,

Thanks a lot for fixing this.

Unfortunately, I noticed that the upload to unstable was built against
ucx 1.10.1~rc1-1, so both need to migrate to testing.

Did you already engage discussions with the release team? I did not find
an unblock request.

Lucas


--
Alastair McKinstry, , , 
https://diaspora.sceal.ie/u/amckinstry
Misentropy: doubting that the Universe is becoming more disordered.