Processed: Re: Bug#991629: cloud.debian.org: Bullseye AWS AMI: cloud-init creates duplicate #includedir in /etc/sudoers
Processing control commands: > severity -1 serious Bug #991629 [cloud-init] cloud.debian.org: Bullseye AWS AMI: cloud-init creates duplicate #includedir in /etc/sudoers Severity set to 'serious' from 'important' -- 991629: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991629 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: blocked
Processing commands for cont...@bugs.debian.org: > block 980134 by 986607 Bug #980134 [shaarli] shaarli: Missing minified js and css for frontend 980134 was blocked by: 978697 980134 was not blocking any bugs. Added blocking bug(s) of 980134: 986607 > thanks Stopping processing here. Please contact me if you need assistance. -- 980134: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980134 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#982122: redis: experimental package OOMs s390x buildds
Julien Cristau wrote: > It'd be appreciated if you could make fixing this a priority, and > refrained from uploading further versions until then. Sure. Just to say though, your message was rather unfortunate to receive given this latest upload was, in part, an attempt to resolve this very issue. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org chris-lamb.co.uk `-
Processed: squid3-dbg: uninstallable cruft package from src:squid3 in jessie-elts
Processing control commands: > close -1 Bug #992118 [squid3-dbg] squid3-dbg: uninstallable cruft package from src:squid3 in jessie-elts Marked Bug as done -- 992118: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992118 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#992118: squid3-dbg: uninstallable cruft package from src:squid3 in jessie-elts
Package: squid3-dbg Version: 3.4.8-6+deb8u9 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Control: close -1 jessie-elts has squid3-dbg 3.4.8-6+deb8u9, but src:squid3 (and therefore the squid3 binary package, too) is already at 3.5.23-5+deb8u4 in jessie-elts, rendering the -dbg package uninstallable. The -dbg package is no longer built by the newer source package, leaving around some uninstallable cruft packages. This is probably not an actionable bug. Its primary intention is to mark the corresponding piuparts failures as known bugs. Andreas
Bug#990428: ifenslave: Bonding not working on bullseye (using bond-slaves config)
Tags: patch This regression is currently up for release in the next stable release of Debian this week! We think this is supposed to be fixed in #987842 but it is not. In your case you could simply remove the stanzas for enp4s0f0 and enp4s0f1 which would leave you with just the stanza for bond1: iface bond1 inet static bond-slaves enp4s0f0 enp4s0f1 That should work but it is still a regression as it breaks configuration which worked before. Therefore and also for more complex scenarios where configuration specific for children (or s-word) interfaces is needed see the attached patch which kind of restores the old behaviour. It ensures that only already up interfaces with bonding configuration are skipped. That new / broken behaviour was introduced with the following commit which had multiple issues. Most of them are already fixed. commit 326c2b142943cc98798bab653ee96ade91ae58af Author: Guus Sliepen Date: Tue May 8 21:02:30 2018 +0200 Make a clear distinction between configuring masters and slaves. In particular, don't configure a master interface from a slave stanza. Instead, require that a stanza for the master exists, and call ifup recursively on it if necessary. diff --git a/debian/ifenslave.if-pre-up b/debian/ifenslave.if-pre-up index 7579d68..97a13e5 100755 --- a/debian/ifenslave.if-pre-up +++ b/debian/ifenslave.if-pre-up @@ -83,8 +83,8 @@ enslave_slaves() export IFENSLAVE_ENV_NAME="IFUPDOWN_$slave" IFUPDOWN_IFACE="$(printenv "$IFENSLAVE_ENV_NAME")" unset IFENSLAVE_ENV_NAME - if ifquery --state "$slave" 2>/dev/null || [ -n "$IFUPDOWN_IFACE" ] ; then - # Skipping interface that's already up or being configured + if ($(ifquery --state "$slave" >/dev/null 2>&1) && $(ifquery "$slave" | grep -q bond-master)) || [ -n "$IFUPDOWN_IFACE" ] ; then + # Skipping interface that's already up or being configured and has bonding configuration continue else # Ensure $slave is down.
Bug#968368: ifenslave: Option bond-master fails to add interface to bond
This regression is currently up for release in the next stable release this week! Thanks for your patch Sami. We've found a small issue with it as the order of redirections is significant. „2>&1 >/dev/null“ does only redirect the standard output to /dev/null. Please find attached a modified version of the patch which fixes this order („>/dev/null 2>&1“) and redirects also stderr as desired. Furthermore it passes -v to to subsequent calls of ifup when needed. Best regards Oleander diff --git a/debian/ifenslave.if-pre-up b/debian/ifenslave.if-pre-up index 7579d68..ce8b161 100755 --- a/debian/ifenslave.if-pre-up +++ b/debian/ifenslave.if-pre-up @@ -151,13 +151,14 @@ setup_master() # active_slave must be set after mode and after enslavement. # The slave must be up and the underlying link must be up too. # FIXME: We should have a way to write an empty string to active_slave, to set the active_slave to none. + [ "$VERBOSITY" = 1 ] && v=-v if [ -n "$IF_BOND_ACTIVE_SLAVE" ] ; then if [ "$IF_BOND_ACTIVE_SLAVE" = "none" ] ; then sysfs active_slave "" else # Need to force interface up before. Bonding will refuse to activate a down interface. - if ifquery -l "$IF_BOND_ACTIVE_SLAVE" 2>/dev/null ; then -ifup "$IF_BOND_ACTIVE_SLAVE" + if ifquery -l "$IF_BOND_ACTIVE_SLAVE" >/dev/null 2>&1; then +ifup $v "$IF_BOND_ACTIVE_SLAVE" else ip link set "$IF_BOND_ACTIVE_SLAVE" up fi @@ -194,7 +195,7 @@ setup_master_device() { setup_slave_device() { # Require the bond master to have an iface stanza - if ! ifstate -l "$IF_BOND_MASTER" 2>/dev/null ; then + if ! ifquery -l "$IF_BOND_MASTER" >/dev/null 2>&1; then echo "No iface stanza found for master $IF_BOND_MASTER" >&2 exit 1 fi @@ -203,14 +204,15 @@ setup_slave_device() { export IFENSLAVE_ENV_NAME="IFUPDOWN_$IF_BOND_MASTER" IFUPDOWN_IF_BOND_MASTER="$(printenv "$IFENSLAVE_ENV_NAME")" unset IFENSLAVE_ENV_NAME + [ "$VERBOSITY" = 1 ] && v=-v if [ -z "$IFUPDOWN_IF_BOND_MASTER" ] ; then - ifquery --state "$IF_BOND_MASTER" 2>/dev/null || ifup "$IF_BOND_MASTER" + ifquery --state "$IF_BOND_MASTER" >/dev/null 2>&1 || ifup $v "$IF_BOND_MASTER" fi # Enslave it to the master - ip link set "$slave" down 2>/dev/null - if ! sysfs_add slaves "$slave" 2>/dev/null ; then - echo "Failed to enslave $slave to $BOND_MASTER." >&2 + ip link set "$1" down 2>/dev/null + if ! sysfs_add slaves "$1" 2>/dev/null ; then + echo "Failed to enslave $1 to $BOND_MASTER." >&2 fi setup_primary
Bug#992087: libfonts-java: contains a file with a non-free "disparaging to Sun" license
Hi Tony, Thanks for looking at this! Le 11/08/2021 à 20:40, tony mancill a écrit : On Wed, Aug 11, 2021 at 02:25:45PM +0200, Pierre Gruet wrote: Source: libfonts-java Version: 1.1.6.dfsg-3 Severity: serious Tags: bullseye sid stretch buster Justification: Policy 2.2.1 Dear Maintainer, The file patches/itext-1.5.2.patch incorporates a non-free license, stating Sun Microsystems grants you ("Licensee") a non-exclusive, royalty free, license to use, modify and redistribute this software in source and binary code form, provided that i) this copyright notice and license appear on all copies of the software; and ii) Licensee does not utilize the software in a manner which is disparaging to Sun Microsystems. This breaks at least DFSG-6, due to the "disparaging to Sun Microsystems" clause. Hi Pierre, A couple of comments: 1) In that patch file, I see: Some classes in iText are based on code samples provided by SUN. A copyright notice is always included in the source code of the specific class. The license is either SUN's samples license (1), or the license marked with (2) ... The non-DFSG phrase referring to "disparaging" is from SUN's samples license (1). License (2) (again, merely quoting that sun.txt file) includes the problematic clause: You acknowledge that Software is not designed,licensed or intended for use in the design, construction, operation or maintenance of any nuclear facility. However, when I search the patch, the Java source files included don't refer to either of those licenses explicitly. The only file that does include a copyright and license statement is DFSG-free, but I'm not sure about the other files. I must say I submitted a batch of 6 bugs with this "disparaging to Sun" clause and did not go that much into details for each package. Arguably neither of those licenses is suitable for us... yet I just attempted a build of libfonts-java while repacking to remove the patches/ directory, and it succeeded. Of course this is not enough, but I think it might be worth looking at it more carefully to check this directory can be safely removed. In any case, we will have to rely on a point release of Bullseye to fix this in stable, so I guess we have a bit of time. 2) I'm wondering what such a clause would mean anyway now that "Sun Microsystems" is defunct since 2010. How would a licensee disparage a non-existent entity? My second question is more just wondering what happens... I guess we will have to figure out the files that are (presumably) licensed under the problematic licenses. I also don't know, but who knows who holds the assets now? Presumably the risk is low, but still... I share your concerns. Cheers, tony Best regards, -- Pierre
Bug#992112: marked as done (nodejs FTBFS: ares_nameser.h: No such file or directory)
Your message dated Wed, 11 Aug 2021 20:22:07 + with message-id and subject line Bug#992112: fixed in nodejs 12.22.5~dfsg-2 has caused the Debian Bug report #992112, regarding nodejs FTBFS: ares_nameser.h: No such file or directory to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 992112: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992112 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: nodejs Version: 12.22.5~dfsg-1 Severity: serious Tags: ftbfs https://buildd.debian.org/status/package.php?p=nodejs ... ../src/cares_wrap.cc:42:11: fatal error: ares_nameser.h: No such file or directory 42 | # include | ^~~~ compilation terminated. make[3]: *** [libnode.target.mk:316: /<>/out/Release/obj.target/libnode/src/cares_wrap.o] Error 1 --- End Message --- --- Begin Message --- Source: nodejs Source-Version: 12.22.5~dfsg-2 Done: Jérémy Lal We believe that the bug you reported is fixed in the latest version of nodejs, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 992...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jérémy Lal (supplier of updated nodejs package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 11 Aug 2021 21:06:00 +0200 Source: nodejs Architecture: source Version: 12.22.5~dfsg-2 Distribution: unstable Urgency: medium Maintainer: Debian Javascript Maintainers Changed-By: Jérémy Lal Closes: 992112 Changes: nodejs (12.22.5~dfsg-2) unstable; urgency=medium . * ares_compat.patch let node compile against ares < 1.17.2 Closes: #992112 Checksums-Sha1: 82ce6da1e9223a4ed19f63eded4cb3d1ed5b70de 3455 nodejs_12.22.5~dfsg-2.dsc 682db76985d88a15db40fd5cd56b372be0692dd0 136556 nodejs_12.22.5~dfsg-2.debian.tar.xz 14b820fa97d669c5f2b6b62290b04b69384de7fb 9252 nodejs_12.22.5~dfsg-2_source.buildinfo Checksums-Sha256: 62fe39ea900cc4d20de8653f677b7e8de540139dae4fbd60c9bad6d722c0a96e 3455 nodejs_12.22.5~dfsg-2.dsc 82eb89e4e5ae1637bea7ee8bdb455aa8b4b401ea9092a19747a79becf480b628 136556 nodejs_12.22.5~dfsg-2.debian.tar.xz c94e0c2aa795b51a9ddb0e875ac48d0adfb627576b719a7b4df63cfced966f74 9252 nodejs_12.22.5~dfsg-2_source.buildinfo Files: 8605224fa7a2e06d2cf78604d80f5ffa 3455 javascript optional nodejs_12.22.5~dfsg-2.dsc 3ae559a05b8d9ab5e35929b557792e1e 136556 javascript optional nodejs_12.22.5~dfsg-2.debian.tar.xz 1adf6b55bb4b0529c6b42ea3e5df89d3 9252 javascript optional nodejs_12.22.5~dfsg-2_source.buildinfo -BEGIN PGP SIGNATURE- iQJGBAEBCgAwFiEEA8Tnq7iA9SQwbkgVZhHAXt0583QFAmEUH/gSHGthcG91ZXJA bWVsaXgub3JnAAoJEGYRwF7dOfN09W8QALbUZ8Va4NoRlqebe9Dfku3uzGJNH2ps gFzw9uxW+QVa7UNHPKyL7Aixs/yKYSWaSBRfof2wVYFFYsyt8B/O8hUgiWBc2P2S j0yNCajTOCTk9xdM+Y2UL5S7+65O57aAFa7Vk4NLQKaGtggNESbMt1SkmO7bHPzA JyUgwlYE6PKW/3T7OOsnvffeI+5vw4ZhBLIbFn4JoXpQvhVGXg63B2G90r4jc9PJ 88ZIp+DCrb0h6OaURZJHl/nPDlNEUhp0GTBH49uRX6be8DE7W7LqlJlgG48SutrY XXKHNQUgnJMPdSA139RoS5BufodrOnlE2gBLobGrnDNmyZ1f2HbYYFM5jKoKApZ/ BZ9fiINHe8xNTcbLTS5s3VuRJrHkVlFGGwDKeSVtNHAfwCL6gYHaY5i1XKSZnjI1 LdxIr1j5R0yxTWKq61Xc0bmpyg7tcNJxCFwkrxxd1j0QeDmYJzf/vlquS80XNCmB ozqjqZGNZM2H4Yv9wwS7JL1VLFy/U5vD/HbRtNcG7kCTBAX4C72WdRZqJgmmOafU CpKZzW0DTMaJWItb6+TraZbO916B0nisN4Erwc8VMfge0HdGR7Q9C46S6RnKiatU cr9CrkihpRx/lVxEy/iGUYO4qI1u3EqDdGQ7qhr5AlhqOEfJwe9VLvpP8XmzqHdz lMd9BOZy5tdi =r8nN -END PGP SIGNATURE End Message ---
Bug#987484: marked as pending in dragonfly-reverb
Control: tag -1 pending Hello, Bug #987484 in dragonfly-reverb reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/multimedia-team/dragonfly-reverb/-/commit/5a5c667fa2df5c225b8830bb946548a39e20f3d6 Fix FTBS on armel and baseline violation on armhf (Closes: #987484) (this message was generated automatically) -- Greetings https://bugs.debian.org/987484
Processed: Bug#987484 marked as pending in dragonfly-reverb
Processing control commands: > tag -1 pending Bug #987484 [src:dragonfly-reverb] dragonfly-reverb: FTBFS on armel and baseline violation on armhf Added tag(s) pending. -- 987484: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987484 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#991478: [shim-signed] RFE: do not brick users' systems in the stable distribution
Hi Roman, On 11-08-2021 19:38, Roman Mamedov wrote: > It does not feel great to now have a version selection with such dire > consequences to rely on "the undocumented feature of APT". The suggestion was from one of the maintainers of APT, so I think we can trust the feature to be properly supported. To be more correct, similar support is documented in apt_preferences, just not in the context of Default-Release. > It appears they meant "-updates" there, instead of typoed "-upgrades" in their > suggested config line, unless I'm missing something. Thanks for this. It was indeed a very stupid mistake. I fixed it. Paul OpenPGP_signature Description: OpenPGP digital signature
Processed: limit source to nodejs, tagging 992112
Processing commands for cont...@bugs.debian.org: > limit source nodejs Limiting to bugs with field 'source' containing at least one of 'nodejs' Limit currently set to 'source':'nodejs' > tags 992112 + pending Bug #992112 [src:nodejs] nodejs FTBFS: ares_nameser.h: No such file or directory Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 992112: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992112 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#992112: nodejs FTBFS: ares_nameser.h: No such file or directory
Source: nodejs Version: 12.22.5~dfsg-1 Severity: serious Tags: ftbfs https://buildd.debian.org/status/package.php?p=nodejs ... ../src/cares_wrap.cc:42:11: fatal error: ares_nameser.h: No such file or directory 42 | # include | ^~~~ compilation terminated. make[3]: *** [libnode.target.mk:316: /<>/out/Release/obj.target/libnode/src/cares_wrap.o] Error 1
Bug#992087: libfonts-java: contains a file with a non-free "disparaging to Sun" license
On Wed, Aug 11, 2021 at 02:25:45PM +0200, Pierre Gruet wrote: > Source: libfonts-java > Version: 1.1.6.dfsg-3 > Severity: serious > Tags: bullseye sid stretch buster > Justification: Policy 2.2.1 > > Dear Maintainer, > > The file patches/itext-1.5.2.patch incorporates a non-free license, stating > > Sun Microsystems grants you ("Licensee") a non-exclusive, royalty free, > license > to use, modify and redistribute this software in source and binary code form, > provided that i) this copyright notice and license appear on all copies of the > software; and ii) Licensee does not utilize the software in a manner which is > disparaging to Sun Microsystems. > > This breaks at least DFSG-6, due to the "disparaging to Sun Microsystems" > clause. Hi Pierre, A couple of comments: 1) In that patch file, I see: > Some classes in iText are based on code samples provided by SUN. > A copyright notice is always included in the source code of the specific > class. > The license is either SUN's samples license (1), or the license marked with > (2) > ... The non-DFSG phrase referring to "disparaging" is from SUN's samples license (1). License (2) (again, merely quoting that sun.txt file) includes the problematic clause: > You acknowledge that Software is not designed,licensed or intended for use in > the design, construction, operation or maintenance of any nuclear facility. However, when I search the patch, the Java source files included don't refer to either of those licenses explicitly. The only file that does include a copyright and license statement is DFSG-free, but I'm not sure about the other files. 2) I'm wondering what such a clause would mean anyway now that "Sun Microsystems" is defunct since 2010. How would a licensee disparage a non-existent entity? My second question is more just wondering what happens... I guess we will have to figure out the files that are (presumably) licensed under the problematic licenses. Cheers, tony
Processed: bug 992098 is forwarded to https://lists.gnu.org/archive/html/bug-cpio/2021-08/msg00004.html
Processing commands for cont...@bugs.debian.org: > forwarded 992098 > https://lists.gnu.org/archive/html/bug-cpio/2021-08/msg4.html Bug #992098 [src:cpio] cpio: Regression form CVE-2021-38185 fix: cpio hangs when target path passed with 128 characters Set Bug forwarded-to-address to 'https://lists.gnu.org/archive/html/bug-cpio/2021-08/msg4.html'. > thanks Stopping processing here. Please contact me if you need assistance. -- 992098: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992098 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#991478: [shim-signed] RFE: do not brick users' systems in the stable distribution
On Tue, 10 Aug 2021 20:20:23 +0200 Paul Gevers wrote: > I learned yesterday that people that use APT pinning or > APT::Default-Release may be missing out -updates if they pin to buster > only. See the latest entry to the release notes [1, last paragraph] to > cover the issue for bullseye-security. I'm obviously not sure if that > happened here, but if the issue is the same on ci.d.n infrastructure, it > would explain the failure there (the logs from yesterday there mention > "Setting up shim-signed:arm64 (1.36~1+deb10u1+15.4-5~deb10u1)". I have regained access to some cloud instances with that setup today. Created them from an older backup, and I see that I do have in my apt.conf: APT::Default-Release "buster"; APT::Install-Recommends "false"; And: # apt-cache policy shim-signed shim-signed: Installed: 1.33+15+1533136590.3beb971-7 Candidate: 1.36~1+deb10u1+15.4-5~deb10u1 Version table: 1.36~1+deb10u2+15.4-5~deb10u1 500 500 https://deb.debian.org/debian buster-updates/main arm64 Packages 1.36~1+deb10u1+15.4-5~deb10u1 990 990 https://deb.debian.org/debian buster/main arm64 Packages *** 1.33+15+1533136590.3beb971-7 100 100 /var/lib/dpkg/status Indeed the "Candidate" to be installed is what is supposedly the broken version. After changing the config line to APT::Default-Release "/^buster(|-security|-updates)$/"; the updated version is selected correctly. It does not feel great to now have a version selection with such dire consequences to rely on "the undocumented feature of APT". (So I just chose to "aptitude hold" the old one for now instead). > [1] > https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#security-archive It appears they meant "-updates" there, instead of typoed "-upgrades" in their suggested config line, unless I'm missing something. -- With respect, Roman
Processed: your mail
Processing commands for cont...@bugs.debian.org: > tags 990428 + patch Bug #990428 [ifenslave] ifenslave: Bonding not working on bullseye (using bond-slaves config) Ignoring request to alter tags of bug #990428 to the same tags previously set > End of message, stopping processing here. Please contact me if you need assistance. -- 990428: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990428 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#982122: redis: experimental package OOMs s390x buildds
On Sat, Feb 06, 2021 at 04:58:09PM +, Adam D. Barratt wrote: > Source: redis > Version: 5:6.2~rc3-1 > Severity: serious > Tags: ftbfs > > Hi, > > Both s390x buildds hit OOM conditions while attempting to build redis > 6.2 in experimental. > > The log from zani ends with: > > [33/63 done]: integration/rdb (10 seconds) > Testing integration/corrupt-dump > [ok]: corrupt payload: #7445 - with sanitize > [...] > [ok]: corrupt payload: fuzzer findings - hash convert asserts on RESTORE with > shallow sanitization > [ok]: corrupt payload: OOM in rdbGenericLoadStringObject > [TIMEOUT]: clients state report follows. > sock2aa3bc1aa00 => (SPAWNED SERVER) pid:45952 > Killing still running Redis server 41748 > > Today's redis upload to experimental OOMed on the s390x buildd again. It'd be appreciated if you could make fixing this a priority, and refrained from uploading further versions until then. Thanks, Julien
Processed: your mail
Processing commands for cont...@bugs.debian.org: > tags 968368 + bullseye Bug #968368 [ifenslave] ifenslave: Option bond-master fails to add interface to bond Added tag(s) bullseye. > tags 990428 + bullseye patch Bug #990428 [ifenslave] ifenslave: Bonding not working on bullseye (using bond-slaves config) Added tag(s) patch and bullseye. > tags 992102 + bullseye Bug #992102 [ifenslave] ifenslave: Bond interfaces are not deleted Added tag(s) bullseye. > End of message, stopping processing here. Please contact me if you need assistance. -- 968368: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968368 990428: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990428 992102: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992102 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#992068: marked as done (libhdf5-mpich-dev: please bump libmpich-dev dependency to (>= 3.3-3~))
Your message dated Wed, 11 Aug 2021 16:19:35 + with message-id and subject line Bug#992068: fixed in hdf5 1.10.6+repack-5 has caused the Debian Bug report #992068, regarding libhdf5-mpich-dev: please bump libmpich-dev dependency to (>= 3.3-3~) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 992068: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992068 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libhdf5-mpich-dev Version: 1.10.6+repack-4 Severity: serious Tags: patch User: debian...@lists.debian.org Usertags: piuparts During an piuparts upgrade test of libhdf5-mpich-dev on the upgrade path squeeze -> wheezy -> jessie -> stretch -> buster -> bullseye I observed this failure: Setting up libhdf5-mpich-dev (1.10.6+repack-4) ... update-alternatives: priority must be an integer Use 'update-alternatives --help' for program usage information. dpkg: error processing package libhdf5-mpich-dev (--configure): installed libhdf5-mpich-dev package post-installation script subprocess returned error exit status 2 At the time of the failure the libmpich1.0-dev package which Provides: libmpich-dev was still installed, but that uses an ancient mpi alternative scheme the postinst cannot parse. Making the libmpich-dev versioned (buster shipped with 3.3-3 which uses the new alternatives scheme) ensures that libmpich-dev gets upgraded (or rather installed, kicking out the ancient libmpich1.0-dev from squeeze). This fix needs to get backported to bullseye-pu. This needs an update of mpich as well, since there is an unhandled file conflict between libmpich1.0-dev and mpich, #992065. I've verified that using the two updated packages fixes the problematic upgrade path. Andreas PS: it took me quite some time to understand what was going on here so the fix wasn't ready before the bullseye deadline. diff -Nru hdf5-1.10.6+repack/debian/changelog hdf5-1.10.6+repack/debian/changelog --- hdf5-1.10.6+repack/debian/changelog 2021-06-16 23:57:23.0 +0200 +++ hdf5-1.10.6+repack/debian/changelog 2021-08-10 16:54:23.0 +0200 @@ -1,3 +1,10 @@ +hdf5 (1.10.6+repack-5) UNRELEASED; urgency=medium + + * libhdf5-mpich-dev: Bump libmpich-dev dependency to (>= 3.3-3~) to ensure +the postinst is able to parse the mpi alternative. (Closes: #-1) + + -- Andreas Beckmann Tue, 10 Aug 2021 16:54:23 +0200 + hdf5 (1.10.6+repack-4) unstable; urgency=medium * Revert support for read-only S3 virtual file driver, as it introduced diff -Nru hdf5-1.10.6+repack/debian/control hdf5-1.10.6+repack/debian/control --- hdf5-1.10.6+repack/debian/control 2021-06-16 23:57:23.0 +0200 +++ hdf5-1.10.6+repack/debian/control 2021-08-10 16:54:23.0 +0200 @@ -480,7 +480,7 @@ zlib1g-dev, libaec-dev, libjpeg-dev, - libmpich-dev, + libmpich-dev (>= 3.3-3~), ${misc:Depends} Suggests: libhdf5-doc Breaks: libhdf5-mpi-dev (= 1.10.6+repack-1~exp4) diff -Nru hdf5-1.10.6+repack/debian/control.in hdf5-1.10.6+repack/debian/control.in --- hdf5-1.10.6+repack/debian/control.in2021-06-16 23:57:23.0 +0200 +++ hdf5-1.10.6+repack/debian/control.in2021-08-10 16:54:23.0 +0200 @@ -480,7 +480,7 @@ zlib1g-dev, libaec-dev, libjpeg-dev, - libmpich-dev, + libmpich-dev (>= 3.3-3~), ${misc:Depends} Suggests: libhdf5-doc Breaks: libhdf5-mpi-dev (= 1.10.6+repack-1~exp4) libhdf5-mpich-dev_1.10.6+repack-4.log.gz Description: application/gzip --- End Message --- --- Begin Message --- Source: hdf5 Source-Version: 1.10.6+repack-5 Done: Gilles Filippini We believe that the bug you reported is fixed in the latest version of hdf5, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 992...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Gilles Filippini (supplier of updated hdf5 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 11 Aug 2021 16:33:03 +0200 Source: hdf5 Architecture: source Version: 1.10.6+repack-5 Distribution: unstable Urgency: medium Maintainer:
Processed: your mail
Processing commands for cont...@bugs.debian.org: > found 968368 2.12 Bug #968368 [ifenslave] ifenslave: Option bond-master fails to add interface to bond Marked as found in versions ifenslave/2.12. > severity 968368 grave Bug #968368 [ifenslave] ifenslave: Option bond-master fails to add interface to bond Severity set to 'grave' from 'important' > End of message, stopping processing here. Please contact me if you need assistance. -- 968368: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968368 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#992093: marked as done (cccc: contains a file with a non-free "disparaging to Sun" license)
Your message dated Wed, 11 Aug 2021 15:18:29 + with message-id and subject line Bug#992093: fixed in 1:3.1.4+dfsg1-1 has caused the Debian Bug report #992093, regarding : contains a file with a non-free "disparaging to Sun" license to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 992093: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992093 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: Version: 1:3.1.4-9 Severity: serious Tags: stretch buster bullseye sid Justification: Policy 2.2.1 Dear Maintainer, The file test/prn14.java incorporates a non-free license, stating Sun grants you ("Licensee") a non-exclusive, royalty free, license to use, modify and redistribute this software in source and binary code form, provided that i) this copyright notice and license appear on all copies of the software; and ii) Licensee does not utilize the software in a manner which is disparaging to Sun. This breaks at least DFSG-6, due to the "disparaging to Sun Microsystems" clause. There is also another clause restricting the field of endeavor. Best regards, -- Pierre Gruet --- End Message --- --- Begin Message --- Source: Source-Version: 1:3.1.4+dfsg1-1 Done: Colin Watson We believe that the bug you reported is fixed in the latest version of , which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 992...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Colin Watson (supplier of updated package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 11 Aug 2021 15:59:46 +0100 Source: Architecture: source Version: 1:3.1.4+dfsg1-1 Distribution: unstable Urgency: medium Maintainer: Colin Watson Changed-By: Colin Watson Closes: 992093 Changes: (1:3.1.4+dfsg1-1) unstable; urgency=medium . [ Debian Janitor ] * Bump debhelper from old 9 to 12. * Rely on pre-initialized dpkg-architecture variables. . [ Colin Watson ] * Repack original source tarball without test/prn13.* and test/prn14.* due to non-DFSG-free licences (closes: #992093). Checksums-Sha1: 908741f02b3acc85d4a13bedb9d6d2cf912f1c48 1965 _3.1.4+dfsg1-1.dsc 79893c0655df8379382322b62911ff50af7224f7 432112 _3.1.4+dfsg1.orig.tar.xz 3a88cc9c91c44b4d5b120a6c39ccacb168d5f630 6156 _3.1.4+dfsg1-1.debian.tar.xz Checksums-Sha256: d3f1976d9e17637fa378992d059eef946b549531145a21ed3239fb6cdcb18f05 1965 _3.1.4+dfsg1-1.dsc 29e96eac8551e360d66c6c818c94f9196475a83f27d0f53f82a9d1ba2b75fdef 432112 _3.1.4+dfsg1.orig.tar.xz ead97539a7d37772c9110d57e15bba6b2cfceb831dee1f24df223fb5c24efc2e 6156 _3.1.4+dfsg1-1.debian.tar.xz Files: 39ea349e1bd98b42b4e83d7c5055fe13 1965 devel optional _3.1.4+dfsg1-1.dsc c914abcb0c457db5e61e65828dbbce41 432112 devel optional _3.1.4+dfsg1.orig.tar.xz f4a09756fde5e393cbefb683ceeb287a 6156 devel optional _3.1.4+dfsg1-1.debian.tar.xz -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAmET5iAACgkQOTWH2X2G UAuNjw//Q52DQoxkgcKoR/eW3XhbFs1vdvlrCykSHkgTcbv1f5Pj2RDe8HRLwSSv nNF8IS8c7sXYucZYSmeI0wr16+aiP9RdpLb8WzbtzzoETGF/PD3BygF1gzZ48bGz g/SDPDlk9iRw77jE9+1J0uPQ6LmXXZ3LQ0NvMpts0qDkFFg1H5U50scDAEVXgLLa tZAFFqnHIGyAGQkgFwOnnN5HR/mzXK+uQ96vIYejx7wVze7SRlbfKjTfP5ulQQzD HNcgj6WF7sJFAhTDwD4QMYTuDQUVzgtJHsaCW6bl/5GqpkzVxxJc/fL6nwOqq679 q/jeejGRFXCAaoW+k9bRXGRwrWDgaxW1N9dF8C9Pb+q6TlVuoGGLdMQoBfI+R295 aaucjNQ8oOq+9V1B80PTUme4tJuBkbmGC4bto1fAhUQ5EOMVYwBdSAzXlrm7aRgF iA75qE6W9NyFvYcBjvLZnBwbAIXdAEIJ6A9Xl3eg3Xk9VgxCD+F5gGZb2Ieah93S p5s54NI3Vr3MnnFUqnKDzFaVeD0NTHPWA5sYQC3o0eTA4E7NSYxlhcpqAJJLaKlr TC1vfo+PdRVgaDTtUvfFWIslFtxtCMSN18j4v+YPghkpxHaGHJCjiXDe0ZCEodK6 j9c2rVNTGfOlYMajF2zSpSITBZgL6fNj2QGFpxthjCunIcxuA5k= =aZ6A -END PGP SIGNATURE End Message ---
Bug#992089: xemacs21-packages: contains a file with a non-free "disparaging to Sun" license
On Wed, Aug 11, 2021 at 02:38:48PM +0200, Pierre Gruet wrote: > Source: xemacs21-packages > Version: 2009.02.17.dfsg.2-4 > Severity: serious > Tags: stretch buster bullseye sid ... > The file > xemacs-packages/jde/java/src/jde/debugger/expr/LValue.java > incorporates a non-free license, stating This bug has been present for several decades now, it is *extremely* late for the buster release at this point and fixing this will require an upload of a new source version to pull out the file. I therefore propose that we ignore this bug for the upcoming release to avoid the minor but still present risk of disruption at this point in the cycle. signature.asc Description: PGP signature
Bug#992093: marked as pending in cccc
Control: tag -1 pending Hello, Bug #992093 in reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/debian//-/commit/bebf6e1d4df5a7ae90b2c9134e36028cc44862ec Repack original source tarball without test/prn1[34].* These files contain code under non-free licences. Closes: #992093 (this message was generated automatically) -- Greetings https://bugs.debian.org/992093
Processed: Bug#992093 marked as pending in cccc
Processing control commands: > tag -1 pending Bug #992093 [] : contains a file with a non-free "disparaging to Sun" license Added tag(s) pending. -- 992093: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992093 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: your mail
Processing commands for cont...@bugs.debian.org: > severity 990428 grave Bug #990428 [ifenslave] ifenslave: Bonding not working on bullseye (using bond-slaves config) Ignoring request to change severity of Bug 990428 to the same value. > End of message, stopping processing here. Please contact me if you need assistance. -- 990428: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990428 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: your mail
Processing commands for cont...@bugs.debian.org: > severity 990428 grave Bug #990428 [ifenslave] ifenslave: Bonding not working on bullseye (using bond-slaves config) Severity set to 'grave' from 'important' > End of message, stopping processing here. Please contact me if you need assistance. -- 990428: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990428 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#992098: cpio: Regression form CVE-2021-38185 fix: cpio hangs when target path passed with 128 characters
Source: cpio Version: 2.13+dfsg-5 Severity: serious Tags: upstream Justification: regression, has influences to other programs, partially FTBFS of packages, and other impact X-Debbugs-Cc: car...@debian.org Hi It looks that the fix for CVE-2021-38185 applied in 2.13+dfsg-5 causes a regression. I noticed it initally doing a kernel build, where we have the invocation cut-cut-cut-cut-cut-cut- dh_prep set -o pipefail; \ cd debian/build/source_none; \ ( \ echo Makefile; \ for arch in alpha arm arm64 ia64 m68k mips parisc powerpc riscv s390 sh sparc x86; do \ find arch/$arch -maxdepth 1 -name 'Makefile*' -print; \ find arch/$arch \( -name 'Kbuild.platforms' -o -name 'Platform' \) -print; \ find $(find arch/$arch \( -name include -o -name scripts \) -type d -print) -print; \ done; \ find include -print; \ ) \ | \ cpio -pd --preserve-modification-time '/home/build/linux-5.13.9/debian/linux-headers-5.13.0-trunk-common//usr/src/linux-headers-5.13.0-trunk-common' cpio: h: Cannot stat: No such file or directory cpio: int.h: Cannot stat: No such file or directory cpio: .h: Cannot stat: No such file or directory cpio: ander.h: Cannot stat: No such file or directory cpio: .h: Cannot stat: No such file or directory cpio: -clock.h: Cannot stat: No such file or directory 94174 blocks cut-cut-cut-cut-cut-cut- but this was not a problem with 2.13+dfsg-4. Trying to track this down it looks that with 2.13+dfsg-4 works, while hangs with the new version: root@sid:~# cd $(mktemp -d) ; touch foo ; echo foo | cpio -pd $(python3 -c 'print("A" * 128)') 0 blocks Now updating cpio: root@sid:/tmp/tmp.1Q1sQ1UmJ3# apt-get install cpio Reading package lists... Done Building dependency tree... Done Reading state information... Done Suggested packages: libarchive1 The following packages will be upgraded: cpio 1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 0 B/244 kB of archives. After this operation, 8192 B of additional disk space will be used. (Reading database ... 78465 files and directories currently installed.) Preparing to unpack .../cpio_2.13+dfsg-5_amd64.deb ... Unpacking cpio (2.13+dfsg-5) over (2.13+dfsg-4) ... Setting up cpio (2.13+dfsg-5) ... Processing triggers for man-db (2.9.4-2) ... and doing the same again: root@sid:/tmp/tmp.1Q1sQ1UmJ3# cd $(mktemp -d) ; touch foo ; echo foo | cpio -pd $(python3 -c 'print("A" * 128)') ^C root@sid:/tmp/tmp.1FBtWOr0jO# Regards, Salvatore
Bug#992097: mlton-compiler is not installable
Package: mlton-compiler Version: 20180207-1 Severity: grave mlton-compiler is not installable rak@zeta:~$ sudo apt-get install mlton-compiler Reading package lists... Done Building dependency tree... Done Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: a mlton-compiler : Depends: mlton-basis (= 20180207-1) but 20130715-3 is to be installed E: Unable to correct problems, you have held broken packages. rak@zeta:~$ apt-cache show mlton-compiler Package: mlton-compiler Source: mlton Version: 20180207-1 Installed-Size: 19501 Maintainer: Wesley W. Terpstra Architecture: amd64 Replaces: mlton (<< 20100608-3) Depends: libc6 (>= 2.27), libgmp10, gcc, libc6-dev, libgmp-dev, mlton-basis (= 20180207-1), mlton-runtime-native (= 20180207-1) | mlton-runtime Breaks: mlton (<< 20100608-3) Description-en: Optimizing compiler for Standard ML - compiler MLton is a whole-program optimizing compiler for Standard ML. MLton generates standalone executables with excellent runtime performance, is SML 97 compliant, and has a complete basis library. MLton has source-level profiling, a fast C FFI, an interface to the GNU multiprecision library, and lots of useful libraries. . This package includes the compiler itself. Description-md5: 4d2747f6a7ae5685bdb914296a9ee48a Multi-Arch: foreign Homepage: http://mlton.org/ Section: devel Priority: optional Filename: pool/main/m/mlton/mlton-compiler_20180207-1_amd64.deb Size: 3070708 MD5sum: f3e1ee979627decb83d0ed45a2d71eb0 SHA256: 8c9bc43cb7f8304edee95857c1ec914e0605604b2b1864f8096776b70dfe3b40 Package: mlton-compiler Status: install ok installed Priority: optional Section: devel Installed-Size: 17750 Maintainer: Wesley W. Terpstra Architecture: amd64 Multi-Arch: foreign Source: mlton Version: 20130715-3 Replaces: mlton (<< 20100608-3) Depends: libc6 (>= 2.14), libgmp10, gcc, libc6-dev, libgmp-dev, mlton-basis (= 20130715-3), mlton-runtime-native (= 20130715-3) | mlton-runtime Breaks: mlton (<< 20100608-3) Description-en: Optimizing compiler for Standard ML - compiler MLton is a whole-program optimizing compiler for Standard ML. MLton generates standalone executables with excellent runtime performance, is SML 97 compliant, and has a complete basis library. MLton has source-level profiling, a fast C FFI, an interface to the GNU multiprecision library, and lots of useful libraries. . This package includes the compiler itself. Description-md5: 4d2747f6a7ae5685bdb914296a9ee48a Homepage: http://mlton.org/ -- System Information: Debian Release: 11.0 APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages mlton-compiler depends on: ii gcc 4:10.2.1-1 ii libc6 2.31-13 ii libc6-dev 2.31-13 ii libgmp-dev 2:6.2.1+dfsg-1 ii libgmp102:6.2.1+dfsg-1 ii mlton-basis 20130715-3 ii mlton-runtime-native20130715-3 ii mlton-runtime-x86-64-linux-gnu [mlton-runtime] 20130715-3 mlton-compiler recommends no packages. mlton-compiler suggests no packages. -- no debconf information -- |)|/ Ryan Kavanagh | 4E46 9519 ED67 7734 268F |\|\ https://rak.ac | BD95 8F7B F8FC 4A11 C97A signature.asc Description: PGP signature
Bug#992068: libhdf5-mpich-dev: please bump libmpich-dev dependency to (>= 3.3-3~)
Andreas Beckmann a écrit le 10/08/2021 à 17:54 : Package: libhdf5-mpich-dev Version: 1.10.6+repack-4 Severity: serious Tags: patch User: debian...@lists.debian.org Usertags: piuparts During an piuparts upgrade test of libhdf5-mpich-dev on the upgrade path squeeze -> wheezy -> jessie -> stretch -> buster -> bullseye I observed this failure: Setting up libhdf5-mpich-dev (1.10.6+repack-4) ... update-alternatives: priority must be an integer Use 'update-alternatives --help' for program usage information. dpkg: error processing package libhdf5-mpich-dev (--configure): installed libhdf5-mpich-dev package post-installation script subprocess returned error exit status 2 At the time of the failure the libmpich1.0-dev package which Provides: libmpich-dev was still installed, but that uses an ancient mpi alternative scheme the postinst cannot parse. Making the libmpich-dev versioned (buster shipped with 3.3-3 which uses the new alternatives scheme) ensures that libmpich-dev gets upgraded (or rather installed, kicking out the ancient libmpich1.0-dev from squeeze). This fix needs to get backported to bullseye-pu. This needs an update of mpich as well, since there is an unhandled file conflict between libmpich1.0-dev and mpich, #992065. I've verified that using the two updated packages fixes the problematic upgrade path. Andreas PS: it took me quite some time to understand what was going on here so the fix wasn't ready before the bullseye deadline. Thank you Andreas. I'll prepare an upload asap. Best, _g.
Bug#992093: cccc: contains a file with a non-free "disparaging to Sun" license
Package: Version: 1:3.1.4-9 Severity: serious Tags: stretch buster bullseye sid Justification: Policy 2.2.1 Dear Maintainer, The file test/prn14.java incorporates a non-free license, stating Sun grants you ("Licensee") a non-exclusive, royalty free, license to use, modify and redistribute this software in source and binary code form, provided that i) this copyright notice and license appear on all copies of the software; and ii) Licensee does not utilize the software in a manner which is disparaging to Sun. This breaks at least DFSG-6, due to the "disparaging to Sun Microsystems" clause. There is also another clause restricting the field of endeavor. Best regards, -- Pierre Gruet
Bug#990409: ca-cacert: should this package be removed?
Hi, Timo Röhling wrote: > * Axel Beckert [2021-08-11 13:27]: > > I strongly disagree. CAcert offers way more types of certificates than > > Let's Encrypt. For example does Let's Encrypt not provide any > > certificates suitable for use as personal S/MIME e-mail certificates. > > Have you tried creating a personal S/MIME e-mail certificate lately? Nope. > Because I tried, and neither IE nor Edge nor Firefox nor Chrome nor Opera > support the required HTML tag any more. That's the same for sso.debian.org. So should we close down that one, too? >From my point of view that's a failure of the browser makers and not of CAcert or sso.debian.org. So users now need to call manually openssl themselves. > > But instead it offers longer living certificates for hosts not > > directly reachable from the internet — which is a hell to achieve with > > Let's Encrypt. > > Private hosts are usually managed with a private CA, which gives you > much more control and versatility. Not everyone is capable of running their own CA. Have you every tried "easyrsa"? It's anything but easy. (And I personally rather run an internal CA based on CAcert's scripts — which I actually do — than on easyrsa. Tried easyrsa mostly for OpenVPN and nearly ditched OpenVPN just because they recommend this crap.) > Many companies do this, Yeah, and often with worse outcome than with CAcert... > and CAcert offers no advantage, since you'd still have to distribute > their root certificates to all your clients. If it's available as a Debian package, that's a clear advantage from my point of view. :-) > > Again, I strongly disagree. I rather hope that Dmitry gets it back > > into shape and then also offers it via bullseye-backports. > > Well, if you, Dmitry, or anyone else feels that their time is well > spent on this package, by all means, go ahead. I just happen to > think that your contributions would be more valuable elsewhere. I already have too many packages, so yes, I agree here. This though does not change my opinion on this package (or on a lot of other packages in Debian which I don't maintain, but consider important for myself as well as the community in general). Regards, Axel -- ,''`. | Axel Beckert , https://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 `-| 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
Bug#992092: king: contains a file with a non-free "disparaging to Sun" license
Package: king Version: 2.23.161103+dfsg1-1 Severity: serious Tags: stretch buster bullseye sid Justification: Policy 2.2.1 Dear Maintainer, The file king/doc/LICENSE-SUN features a non-free license, stating Sun grants you ("Licensee") a non-exclusive, royalty free, license to use, and redistribute this software graphics artwork, as individual graphics or as a collection, as part of software code or programs that you develop, provided that i) this copyright notice and license accompany the software graphics artwork; and ii) you do not utilize the software graphics artwork in a manner which is disparaging to Sun. Unless enforcement is prohibited by applicable law, you may not modify the graphics, and must use them true to color and unmodified in every way. This breaks at least DFSG-6, due to the "disparaging to Sun Microsystems" clause, and DFSG-3 as it forbids modification of the artwork. Best regards, -- Pierre Gruet
Bug#992090: libskinlf-java: contains a file with a non-free "disparaging to Sun" license
Package: libskinlf-java Version: 6.7-9 Severity: serious Tags: stretch buster bullseye sid Justification: Policy 2.2.1 Dear Maintainer, The file src/examples/Clock.java incorporates a non-free license, stating Sun grants you ("Licensee") a non-exclusive, royalty free, license to use, modify and redistribute this software in source and binary code form, provided that i) this copyright notice and license appear on all copies of the software; and ii) Licensee does not utilize the software in a manner which is disparaging to Sun. This breaks at least DFSG-6, due to the "disparaging to Sun Microsystems" clause. Best regards, -- Pierre Gruet
Bug#992089: xemacs21-packages: contains a file with a non-free "disparaging to Sun" license
Source: xemacs21-packages Version: 2009.02.17.dfsg.2-4 Severity: serious Tags: stretch buster bullseye sid Justification: Policy 2.2.1 Dear Maintainer, The file xemacs-packages/jde/java/src/jde/debugger/expr/LValue.java incorporates a non-free license, stating Sun grants you ("Licensee") a non-exclusive, royalty free, license to use, modify and redistribute this software in source and binary code form, provided that i) this copyright notice and license appear on all copies of the software; and ii) Licensee does not utilize the software in a manner which is disparaging to Sun. This breaks at least DFSG-6, due to the "disparaging to Sun Microsystems" clause. Best regards, -- Pierre Gruet
Bug#992088: wims: contains two files with a non-free "disparaging to Sun" license
Package: wims Version: 1:4.13c~dfsg1-2 Severity: serious Tags: stretch buster bullseye sid Justification: Policy 2.2.1 Dear Maintainer, The files wims/src/Misc/applets/Lattice/src/LatticeViewer.java and wims/src/Misc/applets/Lattice/src/Matrix3D.java have a non-free license, stating Sun grants you ("Licensee") a non-exclusive, royalty free, license to use, modify and redistribute this software in source and binary code form, provided that i) this copyright notice and license appear on all copies of the software; and ii) Licensee does not utilize the software in a manner which is disparaging to Sun. This breaks at least DFSG-6, due to the "disparaging to Sun Microsystems" clause. Best regards, -- Pierre Gruet
Bug#990409: ca-cacert: should this package be removed?
* Axel Beckert [2021-08-11 13:27]: I strongly disagree. CAcert offers way more types of certificates than Let's Encrypt. For example does Let's Encrypt not provide any certificates suitable for use as personal S/MIME e-mail certificates. Have you tried creating a personal S/MIME e-mail certificate lately? Because I tried, and neither IE nor Edge nor Firefox nor Chrome nor Opera support the required HTML tag any more. It has been this way for at least two years. Apparently nobody noticed. But instead it offers longer living certificates for hosts not directly reachable from the internet — which is a hell to achieve with Let's Encrypt. Private hosts are usually managed with a private CA, which gives you much more control and versatility. Many companies do this, and CAcert offers no advantage, since you'd still have to distribute their root certificates to all your clients. Again, I strongly disagree. I rather hope that Dmitry gets it back into shape and then also offers it via bullseye-backports. Well, if you, Dmitry, or anyone else feels that their time is well spent on this package, by all means, go ahead. I just happen to think that your contributions would be more valuable elsewhere. Cheers Timo -- ⢀⣴⠾⠻⢶⣦⠀ ╭╮ ⣾⠁⢠⠒⠀⣿⡁ │ Timo Röhling │ ⢿⡄⠘⠷⠚⠋⠀ │ 9B03 EBB9 8300 DF97 C2B1 23BF CC8C 6BDD 1403 F4CA │ ⠈⠳⣄ ╰╯ signature.asc Description: PGP signature
Bug#992087: libfonts-java: contains a file with a non-free "disparaging to Sun" license
Source: libfonts-java Version: 1.1.6.dfsg-3 Severity: serious Tags: bullseye sid stretch buster Justification: Policy 2.2.1 Dear Maintainer, The file patches/itext-1.5.2.patch incorporates a non-free license, stating Sun Microsystems grants you ("Licensee") a non-exclusive, royalty free, license to use, modify and redistribute this software in source and binary code form, provided that i) this copyright notice and license appear on all copies of the software; and ii) Licensee does not utilize the software in a manner which is disparaging to Sun Microsystems. This breaks at least DFSG-6, due to the "disparaging to Sun Microsystems" clause. Best regards, -- Pierre Gruet
Processed: Re: Bug#990409: ca-cacert: should this package be removed?
Processing control commands: > tag -1 + fixed-upstream Bug #990409 [ca-cacert] ca-cacert: should this package be removed? Added tag(s) fixed-upstream. -- 990409: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990409 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#990409: ca-cacert: should this package be removed?
Control: tag -1 + fixed-upstream Hi, Timo Röhling wrote: > CAcert is pretty much made obsolete by LetsEncrypt, I strongly disagree. CAcert offers way more types of certificates than Let's Encrypt. For example does Let's Encrypt not provide any certificates suitable for use as personal S/MIME e-mail certificates. > and unlike LetsEncrypt, it has never been part of the Mozilla > truststore. But instead it offers longer living certificates for hosts not directly reachable from the internet — which is a hell to achieve with Let's Encrypt. > Furthermore, the ca-cacert package has become virtually useless with > the expiry of the shipped intermediate certificate [1], Yes, it should be updated. Here I agree. > and not even CAcert seems to bother enough to link the newly > generated certificate from their official website [2]. They did in the meanwhile, citing from http://www.cacert.org/certs/CAcert_Class3Root_x14E228.txt linked on http://www.cacert.org/index.php?id=3: Validity Not Before: Apr 19 12:18:30 2021 GMT Not After : Apr 17 12:18:30 2031 GMT > Therefore, I believe it is time to acknowledge the facts and remove > the package from Debian altogether. Again, I strongly disagree. I rather hope that Dmitry gets it back into shape and then also offers it via bullseye-backports. Regards, Axel -- ,''`. | Axel Beckert , https://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 `-| 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
Processed: found 992040 in 0.1.7-1.1
Processing commands for cont...@bugs.debian.org: > found 992040 0.1.7-1.1 Bug #992040 {Done: Pirate Praveen } [ruby-rqrcode-rails3] gitlab 2FA broken: NoMethodError (undefined method `module_count' for # Marked as found in versions ruby-rqrcode-rails3/0.1.7-1.1. > thanks Stopping processing here. Please contact me if you need assistance. -- 992040: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992040 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#991982: nano does not work with TERM unset
>> For me, 'TERM=dumb nano somefile' does not work, not on a console, not >> on an xterm, not on Xfce Terminal -- it shows something, but is totally >> unusable: the user cannot see what he or she is doing. What terminal >> are you using? > > Yes but it run, it is unusable but it run. The problem is the behvior is not > consistant. You have only two sane choice: > 1 allow to run in every terminal. It is user choice and it could shot it own > foot Nano will "run" in any terminal, but the user (or rather: the system) /must/ specify the terminal. There does not seem to be a way for a program to probe which terminal is being used. > 2 filter the bad terminal and return with an unambigous error code Emacs filters out 'dumb' because a dumb terminal cannot position the cursor and emacs (and nano) need to be able to position the cursor. But how can nano in general determine whether a given terminal is able to position the cursor? Lacking that, I do not see any reason to try and filter out "bad" terminals. If the user wants to be dumb and set TERM to 'dumb', they will get what they asked for. Vim does not filter out 'dumb' either, and becomes unusable too in that case. > You do not implement a consistant behavior. Are you accusing me? Please watch your language. >> May I ask what the scenario is? How can it happen that TERM is unset? >> What disaster can leave TERM unset? You didn't answer the question. > posix said about vi that the behavior for empty term should be consistant > and documented. If nano want to be a vi replacement it should be consistant. Who says that nano wants to be a replacement for vi? Benno OpenPGP_signature Description: OpenPGP digital signature