Processed: fixed 1009035 in 0.4.0+gh-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> fixed 1009035 0.4.0+gh-1
Bug #1009035 [src:ruby-asciidoctor-include-ext] ruby-asciidoctor-include-ext: 
CVE-2022-24803 - Command Injection vulnerability
Marked as fixed in versions ruby-asciidoctor-include-ext/0.4.0+gh-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1009035: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009035
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 1033334, tagging 1033333

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 104 + sid bookworm
Bug #104 [src:rust-boxfnonce] Don't include in Bookworm
Added tag(s) sid and bookworm.
> tags 103 + sid bookworm
Bug #103 [src:rust-encoding] Don't include in Bookworm
Added tag(s) bookworm and sid.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
103: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=103
104: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=104
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 1028371

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 1028371 + pending
Bug #1028371 [src:bernhard] bernhard: needs rebuilds on top of new protobuf
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1028371: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028371
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: stable is affected as well

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 1033297 4.14.5+86-g1c354767d5-1
Bug #1033297 [src:xen] xen: CVE-2022-42331 CVE-2022-42332 CVE-2022-42333 
CVE-2022-42334
Marked as found in versions xen/4.14.5+86-g1c354767d5-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1033297: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033297
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1033340: redis: CVE-2023-28425

[Salvatore Bonaccorso]

Source: redis
Version: 5:7.0.9-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for redis.

Note this is not strictly speaking RC severity for the CVE issue, but
it's only present in unstable, so let's avoid it might go to testing.

Speaking of redis and bookworm, with the fix here applied, can you
have a look at the regessions, and help redis migrate to testing?

CVE-2023-28425[0]:
| Redis is an in-memory database that persists on disk. Starting in
| version 7.0.8 and prior to version 7.0.10, authenticated users can use
| the MSETNX command to trigger a runtime assertion and termination of
| the Redis server process. The problem is fixed in Redis version
| 7.0.10.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-28425
https://www.cve.org/CVERecord?id=CVE-2023-28425
[1] https://github.com/redis/redis/security/advisories/GHSA-mvmm-4vq6-vw8c

Regards,
Salvatore

Processed: cairosvg: diff for NMU version 2.5.2-1.1

[Debian Bug Tracking System]

Processing control commands:

> tags 1033295 + patch
Bug #1033295 [src:cairosvg] cairosvg: CVE-2023-27586: SSRF & DOS vulnerability
Added tag(s) patch.
> tags 1033295 + pending
Bug #1033295 [src:cairosvg] cairosvg: CVE-2023-27586: SSRF & DOS vulnerability
Added tag(s) pending.

-- 
1033295: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033295
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1033295: cairosvg: diff for NMU version 2.5.2-1.1

[Salvatore Bonaccorso]

Control: tags 1033295 + patch
Control: tags 1033295 + pending


Dear maintainer,

I've prepared an NMU for cairosvg (versioned as 2.5.2-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards,
Salvatore
diff -Nru cairosvg-2.5.2/debian/changelog cairosvg-2.5.2/debian/changelog
--- cairosvg-2.5.2/debian/changelog	2021-08-30 22:54:50.0 +0200
+++ cairosvg-2.5.2/debian/changelog	2023-03-21 22:21:22.0 +0100
@@ -1,3 +1,11 @@
+cairosvg (2.5.2-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Don't allow fetching external files unless explicitly asked for
+(CVE-2023-27586) (Closes: #1033295)
+
+ -- Salvatore Bonaccorso   Tue, 21 Mar 2023 22:21:22 +0100
+
 cairosvg (2.5.2-1) unstable; urgency=low
 
   * New upstream release.
diff -Nru cairosvg-2.5.2/debian/patches/Don-t-allow-fetching-external-files-unless-explicitl.patch cairosvg-2.5.2/debian/patches/Don-t-allow-fetching-external-files-unless-explicitl.patch
--- cairosvg-2.5.2/debian/patches/Don-t-allow-fetching-external-files-unless-explicitl.patch	1970-01-01 01:00:00.0 +0100
+++ cairosvg-2.5.2/debian/patches/Don-t-allow-fetching-external-files-unless-explicitl.patch	2023-03-21 22:20:00.0 +0100
@@ -0,0 +1,66 @@
+From: Guillaume Ayoub 
+Date: Fri, 10 Mar 2023 16:11:22 +0100
+Subject: =?UTF-8?q?Don=E2=80=99t=20allow=20fetching=20external=20files=20u?=
+ =?UTF-8?q?nless=20explicitly=20asked=20for?=
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Origin: https://github.com/Kozea/CairoSVG/commit/12d31c653c0254fa9d9853f66b04ea46e7397255
+Bug-Debian: https://bugs.debian.org/1033295
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-27586
+
+---
+ cairosvg/__main__.py | 4 ++--
+ cairosvg/parser.py   | 6 ++
+ cairosvg/surface.py  | 3 ++-
+ 3 files changed, 10 insertions(+), 3 deletions(-)
+
+diff --git a/cairosvg/__main__.py b/cairosvg/__main__.py
+index 3ff6b5d1282f..0aad3d782489 100644
+--- a/cairosvg/__main__.py
 b/cairosvg/__main__.py
+@@ -42,8 +42,8 @@ def main(argv=None, stdout=None, stdin=None):
+ help='replace every raster pixel with its complementary color')
+ parser.add_argument(
+ '-u', '--unsafe', action='store_true',
+-help='resolve XML entities and allow very large files '
+- '(WARNING: vulnerable to XXE attacks and various DoS)')
++help='fetch external files, resolve XML entities and allow very large '
++ 'files (WARNING: vulnerable to XXE attacks and various DoS)')
+ parser.add_argument(
+ '--output-width', default=None, type=float,
+ help='desired output width in pixels')
+diff --git a/cairosvg/parser.py b/cairosvg/parser.py
+index f0f3a82573f3..61275f0a1073 100644
+--- a/cairosvg/parser.py
 b/cairosvg/parser.py
+@@ -390,6 +390,12 @@ class Tree(Node):
+ tree = ElementTree.fromstring(
+ bytestring, forbid_entities=not unsafe,
+ forbid_external=not unsafe)
++
++# Don???t allow fetching external files unless explicitly asked for
++if 'url_fetcher' not in kwargs and not unsafe:
++self.url_fetcher = (
++lambda *args, **kwargs: b'')
++
+ self.xml_tree = tree
+ root = cssselect2.ElementWrapper.from_xml_root(tree)
+ style = parent.style if parent else css.parse_stylesheets(self, url)
+diff --git a/cairosvg/surface.py b/cairosvg/surface.py
+index c5569e768032..a2f7736aabbe 100644
+--- a/cairosvg/surface.py
 b/cairosvg/surface.py
+@@ -113,7 +113,8 @@ class Surface(object):
+ :param parent_width: The width of the parent container in pixels.
+ :param parent_height: The height of the parent container in pixels.
+ :param scale: The ouptut scaling factor.
+-:param unsafe: A boolean allowing XML entities and very large files
++:param unsafe: A boolean allowing external file access, XML entities
++   and very large files
+(WARNING: vulnerable to XXE attacks and various DoS).
+ 
+ Specifiy the output with:
+-- 
+2.39.2
+
diff -Nru cairosvg-2.5.2/debian/patches/series cairosvg-2.5.2/debian/patches/series
--- cairosvg-2.5.2/debian/patches/series	2021-08-30 22:54:50.0 +0200
+++ cairosvg-2.5.2/debian/patches/series	2023-03-21 22:20:08.0 +0100
@@ -1 +1,2 @@
 0001-Remove-pytest-options-for-plugins-not-packaged-for-D.patch
+Don-t-allow-fetching-external-files-unless-explicitl.patch

Bug#1033335: Don't include in Bookworm

[Moritz Muehlenhoff]

Source: rust-const-cstr
Version: 0.3.0-1
Severity: serious

Hi,
there is https://rustsec.org/advisories/RUSTSEC-2023-0020.html which flags
that rust-const-cstr is unmaintained. Since there are no reverse deps in the
archive, let's exclude it from bookworm (or rather remove rightaway)?

Cheers,
Moritz

Bug#1033334: Don't include in Bookworm

[Moritz Muehlenhoff]

Source: rust-boxfnonce
Version: 0.1.1-2
Severity: serious

Per https://rustsec.org/advisories/RUSTSEC-2019-0040.html rust-boxfnonce is 
obsolete,
let's keep it out of bookworm (and remove from the archive).

Cheers,
Moritz

Bug#1033333: Don't include in Bookworm

[Moritz Muehlenhoff]

Source: rust-encoding
Version: 0.2.33-1
Severity: serious

Hi,
there is https://rustsec.org/advisories/RUSTSEC-2021-0153.html which flags
that rust-encoding is unmaintained. Since there are no reverse deps in the
archive, let's exclude it from bookworm (or rather remove rightaway)?

Cheers,
Moritz

Processed: RM: ruby-omniauth-shibboleth -- ROM; rc-buggy, unmaintained upstream, leaf package

[Debian Bug Tracking System]

Processing control commands:

> affects -1 + src:ruby-omniauth-shibboleth
Bug #101 [ftp.debian.org] RM: ruby-omniauth-shibboleth -- ROM; rc-buggy, 
unmaintained upstream, leaf package
Added indication that 101 affects src:ruby-omniauth-shibboleth
> block 999726 by -1
Bug #999726 [src:ruby-omniauth-shibboleth] ruby-omniauth-shibboleth: FTBFS with 
ruby-omniauth 2.0.x: ERROR: Test "ruby2.7" failed:  Failure/Error: 
expect(last_response.status).to eq(302)
999726 was not blocked by any bugs.
999726 was not blocking any bugs.
Added blocking bug(s) of 999726: 101

-- 
101: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=101
999726: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999726
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1022222: valgrind-if-available shouldn't stop providing valgrind on mipsel

[Adam Borowski]

Control: severity -1 normal

(I intended to avoid having to argue by implementing specific objective
tests that valgrind has to meet to be declared available, but I did not
manage to get that done.  Thus, arguing...)

On Sat, Oct 22, 2022 at 12:12:40PM +0300, Adrian Bunk wrote:
> Package: valgrind-if-available
> Severity: serious

> valgrind-if-available (3.18.1-1-1) unstable; urgency=medium
> ...
>   * Drop mipsel as valgrind disagrees about blah blah baseline Loongson.

> This is wrong, and it makes at least qtmir FTBFS.

(as said already elsewhere) Failing to build because valgrind is not
available means you're using the package wrong: it may or may not pull in
valgrind, and the set of architectures can and will change without any
warning.  The whole purpose of this metapackage is to track valgrind's
availability so 100+ individual packages don't need to.

Ie, instead of:
  if arch in (foo bar baz quux)
 build --valgrind=yes
  else
 build --valgrind=no
you do:
  if `which valgrind >/dev/null`
 build --valgrind=yes
  else
 build --valgrind=no

> If there is any problem with valgrind on mipsel
> it should be discussed and resolved in valgrind first,
> if valgrind is available then valgrind-if-available
> has to provide it.

No, this particular problem is that valgrind doesn't work on _some_
mipsel machines.  This doesn't make valgrind itself useless, but makes
it unsuitable for being ran as a part of automated testsuites.

As our buildds appear to be all Loongsons, coding some complex machinery
to detect the subarch at runtime would be a waste of time.  Flat out
saying "disable valgrind tests on mipsel" is easier and works good enough
for now.

> It is also unclear what the baseline problem is this changelog
> entry is referring to, there is no open bug in the valgrind package
> mentioned and the closest I could find was a bug that was fixed (sic)
> 5 years ago.

It fails at least in 3.19 (unstable) and 3.20 (experimental):
https://buildd.debian.org/status/fetch.php?pkg=valgrind-if-available=mipsel=3.19.0-1-1=1667563987=0

==1833049== Memcheck, a memory error detector
==1833049== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==1833049== Using Valgrind-3.19.0 and LibVEX; rerun with -h for copyright info
==1833049== Command: /tmp/___
==1833049== 

VEX: Unsupported baseline
 Found: Loongson-baseline
Cannot continue. Good-bye

vex storage: T total 0 bytes allocated
vex storage: P total 0 bytes allocated

valgrind: the 'impossible' happened:
   LibVEX called failure_exit().

host stacktrace:
==1833049==at 0x5804FB44: ??? (in 
/usr/libexec/valgrind/memcheck-mips32-linux)
==1833049==by 0x5804FA2C: ??? (in 
/usr/libexec/valgrind/memcheck-mips32-linux)

sched status:
  running_tid=1

Thread 1: status = VgTs_Runnable (lwpid 1833049)
==1833049==at 0x401B920: __start (in /lib/mipsel-linux-gnu/ld.so.1)
==1833049==by 0x7EB7B088: ???
client stack range: [0x7EB78000 0x7EB7BFFF] client SP: 0x7EB7B090
valgrind stack range: [0x42878000 0x42977FFF] top usage: 5512 of 1048576


It appears that no one, both upstream and _in Debian_, cares enough about
mipsel to fix bugs or even report them, thus I don't expect it to be solved
anytime soon -- or, probably, ever, as mipsel is not long for this world.

But, as the trivial solution would be removing support for mipsel completely
from valgrind, I think users are better served by being provided something
that works on at least _some_ hardware.
 
> It is also suprising if this is really a mipsel-only issue as the
> changelog claims, I would have expected any issues to also show
> up on mips64el.

This very same test works fine on mips64el.

> Therefore please report any issues with valgrind on mipsel as bugs
> against src:valgrind, but in any case please make valgrind-if-available
> always provide valgrind on all architectures where it is available.

Seems we understand "available" differently:
* for you, it means "shipped at all",
* for me, it means "works for a typical set of tasks".

valgrind on mipsel is functional on old hardware but dies even on "hello
world" on Loongson.  I consider this availability to be lacking.


My plans for this bug are:
* s/available/available and functional/ in the description
* run all tests even on marginal archs, but don't fail the build if it's
  an expected failure


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Only flat-earthers have a problem folding a fitted sheet.
⢿⡄⠘⠷⠚⠋⠀ I instead shape it into a ball.
⠈⠳⣄

Processed: Re: Bug#1022222: valgrind-if-available shouldn't stop providing valgrind on mipsel

[Debian Bug Tracking System]

Processing control commands:

> severity -1 normal
Bug #102 [valgrind-if-available] valgrind-if-available shouldn't stop 
providing valgrind on mipsel
Severity set to 'normal' from 'serious'

-- 
102: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=102
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1032914: phog: ships /etc/pam.d/greetd

[duck]

Quack,

On 2023-03-21 18:49, Arnaud Ferraris wrote:


@duck, any comment on the above?


Thanks for the contribution.

Honestly when I read the title I really wondered how phog could have 
ended-up shipping this file. I forgot it initially, was asked about it 
and added it quickly, so it's not like I would have rejected the idea.


Anyway, back to the patch itself. First I wonder if it's useful to ship 
the second PAM config since in the code (greetd/src/server.rs#211) it 
simply use the base greetd PAM configuration as a fallback; this is not 
a blocker though.
Then I would prefer if the changelog entries were shipped with the 
corresponding changes and not in a lump afterwards. Also the "debian:" 
and "d/*:" prefixes are not the style I use. Maybe I'm missing why some 
people still use it but with the VCS taking care of remembering which 
files have been changed I don't feel the need to add this anymore and 
it's not very non-DD friendly. I like your comments to clearly explain 
the rationale.


Regards.
\_o<

--
Marc Dequènes

Bug#999726: ruby-omniauth-shibboleth: FTBFS with ruby-omniauth 2.0.x: ERROR: Test "ruby2.7" failed: Failure/Error: expect(last_response.status).to eq(302)

[Pirate Praveen]

On Tue, 10 May 2022 01:14:01 +0530 Mohd Bilal  
wrote:

> If you feel there's any other
> workaround for this please suggest. The upstream hasn't been active 
and

> I dont think they'll have new version anytime soon

as discussed in 
https://git.fosscommunity.in/debian-ruby/TaskTracker/-/issues/192#note_9797 
we can remove dependency on omniauth-shibboleth from gitlab and request 
removal from archive.


Removing the dependency here 
https://salsa.debian.org/ruby-team/gitlab/-/commit/a7773b9ac08a3c341982129c201d3a254f4561cb


I will file ROM shortly.

Processed: bug 1019643 is forwarded to https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forwarded 1019643 
> https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37
Bug #1019643 [src:ruby-omniauth-oauth2-generic] ruby-omniauth-oauth2-generic: 
FTBFS with ruby3.1: ERROR: Test "ruby3.0" failed:  Failure/Error: 
expect(last_response.headers["Location"]).to 
match(%r{redirect_uri=https%3A%2F%2Fmy_server.com%2Foauth%2Fcallback&})
Ignoring request to change the forwarded-to-address of bug#1019643 to the same 
value
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1019643: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019643
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: bug 1019643 is forwarded to https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forwarded 1019643 
> https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37
Bug #1019643 [src:ruby-omniauth-oauth2-generic] ruby-omniauth-oauth2-generic: 
FTBFS with ruby3.1: ERROR: Test "ruby3.0" failed:  Failure/Error: 
expect(last_response.headers["Location"]).to 
match(%r{redirect_uri=https%3A%2F%2Fmy_server.com%2Foauth%2Fcallback&})
Set Bug forwarded-to-address to 
'https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1019643: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019643
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: bug 1019643 is forwarded to https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forwarded 1019643 
> https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37
Bug #1019643 [src:ruby-omniauth-oauth2-generic] ruby-omniauth-oauth2-generic: 
FTBFS with ruby3.1: ERROR: Test "ruby3.0" failed:  Failure/Error: 
expect(last_response.headers["Location"]).to 
match(%r{redirect_uri=https%3A%2F%2Fmy_server.com%2Foauth%2Fcallback&})
Ignoring request to change the forwarded-to-address of bug#1019643 to the same 
value
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1019643: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019643
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1029588: bts: Changes in libio-socket-ssl-perl 2.078 make bts fail to send mail to mail-server via SSL/TLS - hostname verification failed

[Lee Garrett]

On Sat, 18 Mar 2023 17:06:08 +0100 Dominique Dumont  wrote:

On Tue, 14 Feb 2023 22:21:26 +0100 Lee Garrett  wrote:
> Bumped severity as this makes bts currently unusable, and probably 
> breaks for quite a few DDs their workflow.


This does not break on my system where bts is connected to local sendmail 
(which is the default setup).

Which hints at a workaround: have bts connect to local sendmail and have 
sendmail forward the mail to the SMTPS server.


While this setup might work for some people, this has IMHO quite a few hefty 
drawbacks and requires me to maintain a MTA on my local machine. I could 
elaborate, but I don't think it's on-topic for this bug report.




The change mentioned by Daniel affects only a setup where the host if 
configured via its IP address, not via a host name:
See the change in SSL.pm in commit 
https://github.com/noxxi/p5-io-socket-ssl/commit/c0a063b70f0a3ad033da0a51923c65bd2ff118a0


While Daniel did mention this commit (which might or might not be related to the 
issue), bts fails on a configured SMTPS hostname which otherwise correctly 
validates with other MUA.




Which is not the case here:

$ perl -S -MDevel::SimpleTrace bts --smtp-host smtps://mail.wgdd.de usertag 
1029588 + dod-test-with-tls
bts: failed to open SMTPS connection to smtps://mail.wgdd.de
(hostname verification failed)
at main::send_mail(mail.wgdd.de)
at main::mailbtsall(/usr/bin/bts:2839)
at main::(/usr/bin/bts:825)

Unfortunately, I can no longer investigate this issue as it looks like that my 
IP address is now blacklisted on Daniel's server:

$ perl -MDevel::SimpleTrace scripts/bts.pl --smtp-host smtps://mail.wgdd.de 
usertag 1029588 + dod-test-with-tls
bts.pl: failed to open SMTPS connection to smtps://mail.wgdd.de
(Connection refused)
at main::send_mail(mail.wgdd.de)
at main::mailbtsall(scripts/bts.pl:2849)
at main::(scripts/bts.pl:834)

On a hunch, I would guess that Daniel's server is configured to handle STARTTLS, which is not supported by bts. But I cannot verify this. 
In any case this does not explain why Daniel sees bts working with libio-socket-ssl-perl 2.077 but not with 2.078.


I'm sure that bts supports STARTTLS. I am using bts with my MTA on 587/tcp, 
which enforces STARTTLS and requires credentials (I just double-checked via 
swaks). With the old libio-socket-ssl-perl 2.069-1 this works, so it's clearly a 
regression.




All the best


Greetings,
Lee

Bug#1019643: ruby-omniauth-oauth2-generic: FTBFS with ruby3.1: ERROR: Test "ruby3.0" failed: Failure/Error: expect(last_response.headers["Location"]).to match(%r{redirect_uri=https%3A%2F%2Fmy_se

[Pirate Praveen]

Control: forwarded -1 
https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37


On Mon, 12 Sep 2022 22:08:30 -0300 Antonio Terceiro 
 wrote:
> We are about to start the ruby3.1 transition in unstable. While 
trying to

> rebuild ruby-omniauth-oauth2-generic with ruby3.1 enabled, the build
> failed. This does not look related to ruby3.1 though, as the failure
> happens yet at the ruby3.0 tests.

This looks like a test only failure as gitlab confirmed everything 
works with ruby 3.0 here 
https://gitlab.com/gitlab-org/gitlab/-/issues/386908


The upstream seems inactive though, still reported as 
https://gitlab.com/satorix/omniauth-oauth2-generic/-/issues/37

Processed: Re: Bug#1005886: debian-cd: bookworm net-install CD hangs on "Detecting Network Hardware"

[Debian Bug Tracking System]

Processing control commands:

> severity -1 important
Bug #1005886 [cdimage.debian.org] cdimage.debian.org: bookworm net-install CD 
hangs on "Detecting Network Hardware"
Severity set to 'important' from 'grave'

-- 
1005886: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005886
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1005886: debian-cd: bookworm net-install CD hangs on "Detecting Network Hardware"

[Cyril Brulebois]

Control: severity -1 important

James Addison  (2023-03-22):
> Followup-For: Bug #1005886
> X-Debbugs-Cc: powe...@gmail.com
> Control: reassign -1 cdimage.debian.org
> Control: retitle -1 cdimage.debian.org: bookworm net-install CD hangs on 
> "Detecting Network Hardware"
> 
> Sorry (both to you Tony, and also the Debian CD team) for confusion and 
> wasting
> time - I mistakenly reassigned this previously.  I've checked the list of
> bug-tracking pseudo-packages[1] and I do think that cdimage.debian.org is the
> correct package for this bug to be assigned to.

Hi Tony,

Please attach /var/log/syslog (compressed).


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Processed: Re: debian-cd: bookworm net-install CD hangs on "Detecting Network Hardware"

[Debian Bug Tracking System]

Processing control commands:

> reassign -1 cdimage.debian.org
Bug #1005886 [debian-cd] debian-cd: bookworm net-install CD hangs on "Detecting 
Network Hardware"
Bug reassigned from package 'debian-cd' to 'cdimage.debian.org'.
Ignoring request to alter found versions of bug #1005886 to the same values 
previously set
Ignoring request to alter fixed versions of bug #1005886 to the same values 
previously set
> retitle -1 cdimage.debian.org: bookworm net-install CD hangs on "Detecting 
> Network Hardware"
Bug #1005886 [cdimage.debian.org] debian-cd: bookworm net-install CD hangs on 
"Detecting Network Hardware"
Changed Bug title to 'cdimage.debian.org: bookworm net-install CD hangs on 
"Detecting Network Hardware"' from 'debian-cd: bookworm net-install CD hangs on 
"Detecting Network Hardware"'.

-- 
1005886: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005886
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1005886: debian-cd: bookworm net-install CD hangs on "Detecting Network Hardware"

[James Addison]

Followup-For: Bug #1005886
X-Debbugs-Cc: powe...@gmail.com
Control: reassign -1 cdimage.debian.org
Control: retitle -1 cdimage.debian.org: bookworm net-install CD hangs on 
"Detecting Network Hardware"

Sorry (both to you Tony, and also the Debian CD team) for confusion and wasting
time - I mistakenly reassigned this previously.  I've checked the list of
bug-tracking pseudo-packages[1] and I do think that cdimage.debian.org is the
correct package for this bug to be assigned to.

[1] - https://www.debian.org/Bugs/pseudo-packages

Bug#1031974: marked as done (python3-pydle: import fails: AttributeError: module 'asyncio' has no attribute 'coroutine')

[Debian Bug Tracking System]

Your message dated Wed, 22 Mar 2023 11:50:51 +
with message-id 
and subject line Bug#1031974: fixed in pydle 0.9.4-4
has caused the Debian Bug report #1031974,
regarding python3-pydle: import fails: AttributeError: module 'asyncio' has no 
attribute 'coroutine'
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1031974: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031974
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: python3-pydle
Version: 0.9.4
Severity: serious

Dear Maintainer,

This import fails in a Sid chroot:

Python 3.11.2 (main, Feb 12 2023, 00:48:52) [GCC 12.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import pydle
Traceback (most recent call last):
  File "", line 1, in 
  File "/build/pydle-0.9.4/pydle/__init__.py", line 1, in 
    from . import connection, protocol, client, features
  File "/build/pydle-0.9.4/pydle/features/__init__.py", line 1, in 
    from . import rfc1459, account, ctcp, tls, isupport, whox, ircv3
  File "/build/pydle-0.9.4/pydle/features/account.py", line 6, in 
    class AccountSupport(rfc1459.RFC1459Support):
  File "/build/pydle-0.9.4/pydle/features/account.py", line 25, in 
AccountSupport
    @asyncio.coroutine
 ^
AttributeError: module 'asyncio' has no attribute 'coroutine'. Did you mean: 
'coroutines'?
>>>

Kind Regards
--- End Message ---
--- Begin Message ---
Source: pydle
Source-Version: 0.9.4-4
Done: Bastian Germann 

We believe that the bug you reported is fixed in the latest version of
pydle, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1031...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastian Germann  (supplier of updated pydle package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 22 Mar 2023 11:57:39 +0100
Source: pydle
Architecture: source
Version: 0.9.4-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team 
Changed-By: Bastian Germann 
Closes: 1031974
Changes:
 pydle (0.9.4-4) unstable; urgency=medium
 .
   * Team upload.
   * Patch: Remove Deprecated Marker from WHOIS. (Closes: #1031974)
   * Patch: Remove not used coroutine import.
   * Patch: Fixup irccat.py example.
Checksums-Sha1:
 e3b2c382748544c6f6f8266674e932a614faec3b 1845 pydle_0.9.4-4.dsc
 3ab8f1c8a8a2f5221bc7c03594f583d1b2abf629 4824 pydle_0.9.4-4.debian.tar.xz
 70c74d95cb38a7bda46a5f8c735cd777ae8bb4ca 6428 pydle_0.9.4-4_source.buildinfo
Checksums-Sha256:
 390ed0e770bfa18b319a3a7355a051685497ee0600ae43b1d27c2dbd2ae178d2 1845 
pydle_0.9.4-4.dsc
 a58d85fba7dfa503804bf50c7e23a45e64e6fc6a68a4c97b9351e0e6bcb27d4f 4824 
pydle_0.9.4-4.debian.tar.xz
 5214ac3bb810aab7ead9214aaca4fdbb3e1448029acf200f9d630efd9b8adbf9 6428 
pydle_0.9.4-4_source.buildinfo
Files:
 027c8421a26174d26cd2e23723e46b72 1845 python optional pydle_0.9.4-4.dsc
 502b52f7ffd5d87c2f3042e731b9925d 4824 python optional 
pydle_0.9.4-4.debian.tar.xz
 b662e01bb3544bfe3e77d581b98ba860 6428 python optional 
pydle_0.9.4-4_source.buildinfo

-BEGIN PGP SIGNATURE-

iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmQa6IYQHGJhZ2VAZGVi
aWFuLm9yZwAKCRAfXHqLRVZDFEWlDAC7CeSMV5LdLcFcExv8KWq7HmFjkDBzkEnE
lLhN6N9+dlk2lQL6M1d7UMx3VR/qEJG24zN70XCQnbDmv+9xFpjzTCWGAutlX1V5
gLsozMP/MXJuRCtNl+aZwA44GSOz5L8wNv8ktS+4NJSsrgXFzvIf68g6N9bYAWg5
XUkHb7XcDC9RxMLLiEhiYkhAkVvsd/VPYnsBJq6SiFNf5sohtWN1MuH90G8i3nRI
Bn8hcccAOmmIS0Yc3nqb0wkdR2qMYxqv2GvPZiVD/tDKza3avfLG1kHpOnmQ4ENU
2vl/X9BpsuDrjjJGKo3MBG9YWTRztMj9eDlQ11jUaG1seS/zjaIqGdXMn+NV6SaC
2j0uEQJekysX7W9ZGGeiqbZstuxjvvMbR7v6oAweqT/95eJjSBjmVO2MXmyKrxdE
oZ0ithzNtOeFdXIxzDLUGQ0/y9cKUMSIQhkI5K2PaFa3dVZ9A44ZUvgIeAJJINtY
hTUDBy2uMXQ3RCugpZQBo55t+x6fRlw=
=tzTq
-END PGP SIGNATURE End Message ---

Bug#1031974: marked as pending in pydle

[Bastian Germann]

Control: tag -1 pending

Hello,

Bug #1031974 in pydle reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/python-team/packages/pydle/-/commit/4cbe1ecac0050e65934aba18ea3c501385481252


Patch: Remove Deprecated Marker from WHOIS (Closes: #1031974)


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1031974

Processed: Bug#1031974 marked as pending in pydle

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #1031974 [python3-pydle] python3-pydle: import fails: AttributeError: 
module 'asyncio' has no attribute 'coroutine'
Added tag(s) pending.

-- 
1031974: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031974
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1033230: webkit2gtk: version 2.39.90-1 lost its libgles2 runtime dependency

[Michel Dänzer]

On 3/21/23 17:27, Alberto Garcia wrote:
> On Mon, Mar 20, 2023 at 01:29:51PM +0100, Gianfranco Costamagna wrote:
> 
>> Hello, for some reasons, now webkit2gtk is not linking anymore
>> libGLESv2.so.2 causing surf to fail autopkgtests on arm64 and armhf
> 
> Hmmm... the reason is that this is now handled via libepoxy, which
> opens libGLESv2.so.2 on runtime using dlopen().
> 
> I think that I'll add the dependencies manually for now, but I wonder
> if libepoxy should depend on those libraries instead?

My understanding is that libepoxy requires its user to set up the EGL/GLX 
context, and the latter should not rely on libepoxy pulling in the 
corresponding libraries.


-- 
Earthling Michel Dänzer|  https://redhat.com
Libre software enthusiast  | Mesa and Xwayland developer

Bug#1028780: python-libzim: FTBFS: libzim/libwrapper.h:161:29: error: ‘class zim::Archive’ has no member named ‘getMediaCount’

[Bastian Germann]

On Sat, 11 Mar 2023 16:50:42 +0100 Emmanuel Engelhart  wrote:
Looking at the package names visible at 
https://packages.debian.org/search?searchon=sourcenames=zimlib 
I really wonder if we have libzim-8.1.0 in the most recent dev/testing 
versions of Debian!?


Could someone please confirm the real version of the libzim that 
python-libzim package tries to build against?


In testing/unstable that is 8.0.0.

8.1.0 is in experimental. I suggest to add
https://github.com/openzim/libzim/commit/d443c8aaefba1678e563f94604f51f5a1f3b7ac0
as a patch to it (applies cleanly) and move it to unstable.

Please also add an autopkgtest so that it can migrate without unblock request.

With that, python-libzim will build and the reason for reverting zimlib back to 
8.0.0
should also be fine.

Bug#1031741: marked as done (goxel: usage of sanitizers might introduce vulnerabilities)

[Debian Bug Tracking System]

Your message dated Wed, 22 Mar 2023 08:49:25 +
with message-id 
and subject line Bug#1031741: fixed in goxel 0.11.0-1.1
has caused the Debian Bug report #1031741,
regarding goxel: usage of sanitizers might introduce vulnerabilities
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1031741: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031741
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: goxel
Version: 0.10.6-1
Severity: serious
Tags: security
X-Debbugs-Cc: Debian Security Team 

Package: goxel
Version: 0.10.6-3
Depends: libasan6 (>= 10), ...,libubsan1 (>= 8)

This is a bad idea not only due to slow execution and a factor 20
in binary size, but might even introduce vulnerabilities:
https://www.openwall.com/lists/oss-security/2016/02/17/9

This was likely unintentional due to debug=0 no longer working,
which resulted in a debug build without compiler optimization
and with sanitizers enabled after
https://github.com/guillaumechereau/goxel/commit/44745ead64b63083ccb48e8c7988d080674d795d

Replacing debug=0 with mode=release in debian/rules makes not
using the debug mode working again.

It needs an additional werror=0 due to gcc finding more issues
during compilation when optimization is enabled.

As a side effect, fixing this bug should make the package build
on all architectures again (several architectures no longer built
due to the sanitizers being unavailable or broken).
--- End Message ---
--- Begin Message ---
Source: goxel
Source-Version: 0.11.0-1.1
Done: Adrian Bunk 

We believe that the bug you reported is fixed in the latest version of
goxel, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1031...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adrian Bunk  (supplier of updated goxel package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 20 Mar 2023 09:46:36 +0200
Source: goxel
Architecture: source
Version: 0.11.0-1.1
Distribution: unstable
Urgency: medium
Maintainer: Federico Ceratto 
Changed-By: Adrian Bunk 
Closes: 1031741
Changes:
 goxel (0.11.0-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Build without sanitizers. (Closes: #1031741)
   * Build on all architectures again.
Checksums-Sha1:
 b328934fdfd220bbd318c5b773e0567b817b68c5 1910 goxel_0.11.0-1.1.dsc
 aa8e108e0bd9fd71e0fae6a268e837771aef7a14 5296 goxel_0.11.0-1.1.debian.tar.xz
Checksums-Sha256:
 30f7ae7a65301bd6f3e517aad3657e1c9db5fdbf99e2947bb36998afe5bc82d5 1910 
goxel_0.11.0-1.1.dsc
 9b3c6a249ea7870cf3eee67231ddd8b7614bded4fda0170a5f26b102751ab1db 5296 
goxel_0.11.0-1.1.debian.tar.xz
Files:
 8c7d5c6b87f7de9c420f8d930c6c8d34 1910 graphics optional goxel_0.11.0-1.1.dsc
 367e77b33cbc1ad131320b28d039525f 5296 graphics optional 
goxel_0.11.0-1.1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmQYEJIACgkQiNJCh6LY
mLFw0BAAq2KYklh2PyIHCygMTtCom4na5JkHYa0dTM8MjSXFOgWovL5xkZ8PptK1
93pKbgC13O+m/SSQ98V/cDGMrBXAV8LmYfeKplQ6bHe3ZC9mBguHx53rCCBBvagZ
gSwqzne8sRYTzuMI0jbzvsF9j7fJOY8t4HgOGGn3rBgjNOeb0ajtGRT8+UyzMChz
Lo3jLGJHxCRw3vwaOHN6BuVMro9I2pW/qINeIpo9PfCCnyWriwvgBJIulIB3gY4D
5ifX1an9vc5BK+iBMEpBsLGHledXA6Uqn6bwpxCj99RocgaEhvDND0hbhV3ENK1r
bBPfZeWVzsAyFoTDQGcYwOJPPcZvLchCswxwkRHe84zLy6+Z0N9iLKVTnbkqMOET
GQKuqKZcxjBBXmKcoZ5ty5RBMxo0DYjBNbZzW4P7E8Pi9EoYM7qG1wCwoyQl7vxj
2v4cx7QRCMKCqstUFQz0j25MVE1iCCJl5n3YxcFSyNKACPVq8MhDB5iAwt2I8MVt
qYdst7mZNDklNoRU5V7Mmp9gROa4oyyYEr5o3DNtFfw+tML8WMNOmPvXEZCzUy8M
DjeOkAGvjcjMtOAHiyl4mcBAYBQrwfeegeCIs72znE5h7aJ48w3X7mjXNPZfec9q
bm4Hi4oCixQn5sLoqfV7PJMZDNlzH9OpVleXQdgKK4C4yWnt+M8=
=BLgU
-END PGP SIGNATURE End Message ---

Bug#1009657: marked as done (mysql-workbench: not installable under sid)

[Debian Bug Tracking System]

Your message dated Wed, 22 Mar 2023 06:21:34 +
with message-id 
and subject line Bug#1009657: fixed in mysql-workbench 8.0.32+dfsg-1
has caused the Debian Bug report #1009657,
regarding mysql-workbench: not installable under sid
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1009657: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009657
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: mysql-workbench
Version: 8.0.26+dfsg-1+b1
Severity: serious

Attempting to install mysql-workbench under sid fails with the following
output:

sicelo@tpt440p:~$  sudo apt install mysql-workbench
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 mysql-workbench : Depends: libgdal29 (>= 3.3.0) but it is not installable
   Depends: python3 (< 3.10) but 3.10.4-1 is to be installed
   Recommends: mysql-utilities but it is not installable
E: Unable to correct problems, you have held broken packages.



Further command output that may be relevant follows:



sicelo@tpt440p:~$  apt-cache policy mysql-workbench libgdal29 mysql-utilities
mysql-workbench:
  Installed: (none)
  Candidate: 8.0.26+dfsg-1+b1
  Version table:
 8.0.26+dfsg-1+b1 500
500 http://ftp.nl.debian.org/debian sid/main amd64 Packages
libgdal29:
  Installed: (none)
  Candidate: (none)
  Version table:
mysql-utilities:
  Installed: (none)
  Candidate: (none)
  Version table:

sicelo@tpt440p:~$  cat /etc/apt/sources.list
deb http://ftp.nl.debian.org/debian/ sid main non-free contrib
deb-src http://ftp.nl.debian.org/debian/ sid main non-free contrib

deb http://security.debian.org/debian-security bullseye-security main contrib 
non-free
deb-src http://security.debian.org/debian-security bullseye-security main 
contrib non-free


Please feel free to request more information as required.

Thank you
--- End Message ---
--- Begin Message ---
Source: mysql-workbench
Source-Version: 8.0.32+dfsg-1
Done: Dmitry Smirnov 

We believe that the bug you reported is fixed in the latest version of
mysql-workbench, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1009...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dmitry Smirnov  (supplier of updated mysql-workbench 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 22 Mar 2023 14:10:41 +1100
Source: mysql-workbench
Architecture: source
Version: 8.0.32+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Dmitry Smirnov 
Changed-By: Dmitry Smirnov 
Closes: 1009657
Changes:
 mysql-workbench (8.0.32+dfsg-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixed "non-installable" bug (Closes: #1009657).
   * Standards-Version: 4.6.1.
   * Updated watch file.
Checksums-Sha1:
 4b4a137baa109ecff04e930bb5cad24a15855f1e 2728 mysql-workbench_8.0.32+dfsg-1.dsc
 ba9159f91c7a8b5ab4ed99c8042a87a5b2b65b32 11141704 
mysql-workbench_8.0.32+dfsg.orig.tar.xz
 0471fa1b3c852f4d6bc919237ade36c0b42fe742 26204 
mysql-workbench_8.0.32+dfsg-1.debian.tar.xz
 6dc030b3ea69e61a6257a11808349681ee044ac7 20803 
mysql-workbench_8.0.32+dfsg-1_amd64.buildinfo
Checksums-Sha256:
 6f59b11fd77a3cf49ffc3f3cf148cfd3a9b24602092ab8345a20ac302c2480b7 2728 
mysql-workbench_8.0.32+dfsg-1.dsc
 244760c084b6c8412a56de985aa57a22fa7c4208e0b37302c3a48e874ade6645 11141704 
mysql-workbench_8.0.32+dfsg.orig.tar.xz
 58e25fe86d0ee09033d0fcf3fe98eecc0879a26f6a4880f0c18b82b242873ae4 26204 
mysql-workbench_8.0.32+dfsg-1.debian.tar.xz
 fb12353b0037bbc4f842064381981525600325fbac29512f6ddbb4609d9aed30 20803 
mysql-workbench_8.0.32+dfsg-1_amd64.buildinfo
Files:
 0b7155e8b8aeef4bc12bb4695323aa98 2728 database optional 
mysql-workbench_8.0.32+dfsg-1.dsc
 45b9a9514e657b39f2f8aa05d6223353 11141704 database optional