Bug#1036041: upgrade-reports: Dell XPS 9550 fails to boot after bullseye to bookworm upgrade - grub/bios interaction bug?
Hi, This seems to have happened to me too. But I just upgraded my Debian unstable around the 5th of May and got a grub update. After the upgrade I could not boot into Debian again. When I tried it just failed into memory check and reboot. I have an Dell XPS 15 9560. Setting GRUB_TERMINAL=console and running grub-install and update-grub got the system up and running again. Jens
Processed: mcpl: diff for NMU version 1.3.2-3.1
Processing control commands: > tags 1035450 + patch Bug #1035450 [libmcpl-dev] libmcpl-dev: missing Depends: libmcpl1 (= ${binary:Version}), libphitsmcpl1 (= ${binary:Version}), libsswmcpl1 (= ${binary:Version}) Added tag(s) patch. > tags 1035450 + pending Bug #1035450 [libmcpl-dev] libmcpl-dev: missing Depends: libmcpl1 (= ${binary:Version}), libphitsmcpl1 (= ${binary:Version}), libsswmcpl1 (= ${binary:Version}) Added tag(s) pending. -- 1035450: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035450 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1035450: mcpl: diff for NMU version 1.3.2-3.1
Control: tags 1035450 + patch Control: tags 1035450 + pending Dear maintainer, I've prepared an NMU for mcpl (versioned as 1.3.2-3.1) and uploaded it to DELAYED/1. kind regards Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' diff -Nru mcpl-1.3.2/debian/changelog mcpl-1.3.2/debian/changelog --- mcpl-1.3.2/debian/changelog 2022-02-16 20:32:02.0 +0100 +++ mcpl-1.3.2/debian/changelog 2023-05-20 06:57:53.0 +0200 @@ -1,3 +1,11 @@ +mcpl (1.3.2-3.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add libmcpl-dev: missing Depends on runtime library packages. +Closes: #1035450 + + -- Andreas Metzler Sat, 20 May 2023 06:57:53 +0200 + mcpl (1.3.2-3) unstable; urgency=medium * Source-only upload for migration to testing. diff -Nru mcpl-1.3.2/debian/control mcpl-1.3.2/debian/control --- mcpl-1.3.2/debian/control 2022-02-01 17:32:55.0 +0100 +++ mcpl-1.3.2/debian/control 2023-05-20 06:57:26.0 +0200 @@ -21,7 +21,10 @@ Package: libmcpl-dev Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, ${python3:Depends} +Depends: libmcpl1 (= ${binary:Version}), + libphitsmcpl1 (= ${binary:Version}), + libsswmcpl1 (= ${binary:Version}), + ${shlibs:Depends}, ${misc:Depends}, ${python3:Depends} Description: Monte Carlo Particle Lists - development files This package includes the shared library for reading and writing *.mcpl files, a binary format with lists of particle state signature.asc Description: PGP signature
Processed: Re: libtorch-dev: broken symlinks: /usr/lib/x86_64-linux-gnu/libcaffe2_*.so -> libcaffe2_*.so.1.13
Processing control commands: > severity -1 important Bug #1035458 [libtorch-dev] libtorch-dev: broken symlinks: /usr/lib/x86_64-linux-gnu/libcaffe2_*.so -> libcaffe2_*.so.1.13 Severity set to 'important' from 'serious' > fixed -1 1.13.1+dfsg-5 Bug #1035458 [libtorch-dev] libtorch-dev: broken symlinks: /usr/lib/x86_64-linux-gnu/libcaffe2_*.so -> libcaffe2_*.so.1.13 Marked as fixed in versions pytorch/1.13.1+dfsg-5. -- 1035458: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035458 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1035458: libtorch-dev: broken symlinks: /usr/lib/x86_64-linux-gnu/libcaffe2_*.so -> libcaffe2_*.so.1.13
Control: severity -1 important Control: fixed -1 1.13.1+dfsg-5 I believe these symlinks were deprecated already. These symlinks are removed in 1.13.1+dfsg-5 (experimental). I'm not able to prepare a 1.13.1+dfsg-4.1 release to only remove these symlinks within a short time... too busy lately. So just downgrading the severity as it is not expected to harm any functionality.
Bug#1035435: marked as done (webdis: fails to purge - command (deluser|adduser) in postrm not found)
Your message dated Fri, 19 May 2023 22:33:44 + with message-id and subject line Bug#1035435: fixed in webdis 0.1.9+dfsg-1.1 has caused the Debian Bug report #1035435, regarding webdis: fails to purge - command (deluser|adduser) in postrm not found to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1035435: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035435 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: webdis Version: 0.1.9+dfsg-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to purge due to a command not found. According to policy 7.2 you cannot rely on the depends being available during purge, only the essential packages are available for sure. The fix should be easy: your package is using adduser or deluser from the adduser package, which is only priority important. Using useradd or userdel from the passwd package (priority required) should fix this problem. There is ongoing discussion how to handle system users on package removal, see https://bugs.debian.org/621833 Consensus seems to be not to remove system users (to avoid reusing UIDs which could grant access to the wrong files) but to "lock" them (where "locking"/"unlocking" is not yet precisely defined). Until that has been decided it should be sufficient to have the postrm script ignore any errors from deluser: deluser ... || true >From the attached log (scroll to the bottom...): 0m21.8s DEBUG: Starting command: ['chroot', '/srv/piuparts.debian.org/tmp/tmp5y5zl6x8', 'dpkg', '--purge', 'webdis'] 0m21.9s DUMP: (Reading database ... 8071 files and directories currently installed.) Purging configuration files for webdis (0.1.9+dfsg-1+b1) ... /var/lib/dpkg/info/webdis.postrm: 18: deluser: not found dpkg: error processing package webdis (--purge): installed webdis package post-removal script subprocess returned error exit status 127 Errors were encountered while processing: webdis 0m21.9s ERROR: Command failed (status=1): ['chroot', '/srv/piuparts.debian.org/tmp/tmp5y5zl6x8', 'dpkg', '--purge', 'webdis'] cheers, Andreas webdis_0.1.9+dfsg-1+b1.log.gz Description: application/gzip --- End Message --- --- Begin Message --- Source: webdis Source-Version: 0.1.9+dfsg-1.1 Done: Johannes Schauer Marin Rodrigues We believe that the bug you reported is fixed in the latest version of webdis, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1035...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Johannes Schauer Marin Rodrigues (supplier of updated webdis package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 18 May 2023 00:10:16 +0200 Source: webdis Architecture: source Version: 0.1.9+dfsg-1.1 Distribution: unstable Urgency: medium Maintainer: Andrii Senkovych Changed-By: Johannes Schauer Marin Rodrigues Closes: 1035435 Changes: webdis (0.1.9+dfsg-1.1) unstable; urgency=medium . * Non-maintainer upload. * ignore deluser not being available in postrm purge (closes: #1035435) Checksums-Sha1: 205ce87a1988462d029ab2435066b9dd0e960007 2103 webdis_0.1.9+dfsg-1.1.dsc 4b416e5b0ecd77c7d49c62cb8a8a752a13dccf0e 13808 webdis_0.1.9+dfsg-1.1.debian.tar.xz b9b3b77036df239bbc704e50d46617a8ad1aa3f4 6250 webdis_0.1.9+dfsg-1.1_source.buildinfo Checksums-Sha256: 12b4d546bbde29faa10175afea4267f4df709c12707bdc409fd578ead999ff92 2103 webdis_0.1.9+dfsg-1.1.dsc 57c639a95fcbafcb9d4e80e2818c0e4a88dae844663da2cf8984e931689754bf 13808 webdis_0.1.9+dfsg-1.1.debian.tar.xz 81bea09eb653cced19cfc5532a32f52c5e6af566c07ca2e2a5e45c81792a04b0 6250 webdis_0.1.9+dfsg-1.1_source.buildinfo Files: 0fa54508f243e4edb1a2ee83c9e67344 2103 web optional webdis_0.1.9+dfsg-1.1.dsc 3c3f1bafb14d2c71583fc78bd56bd9bf 13808 web optional webdis_0.1.9+dfsg-1.1.debian.tar.xz b66342c268f26547c3e8ffd0cb8b2a30 6250 web optional webdis_0.1.9+dfsg-1.1_source.buildinfo -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEElFhU6KL81LF4wVq58sulx4+9g+EFAmRlUN4RHGpvc2NoQGRl Ymlhbi5vcmcACgkQ8sulx4+9g+FHsA//eWGXESSf87mcVbzQwR5jHbom4T4WQSI8 dWGmwElltl2z7T9UPEdRz6jR9
Processed: Re: Bug#1036359: crashes with (wrong-type-argument consp nil)
Processing control commands: > tag -1 -pending Bug #1036359 [elpa-markdown-toc] crashes with (wrong-type-argument consp nil) Removed tag(s) pending. -- 1036359: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036359 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036359: crashes with (wrong-type-argument consp nil)
Control: tag -1 -pending Nicholas D Steeves writes: > David Bremner writes: >> >> I agree that markdown file looks innocuous, but do you know if it is >> just this file or any markdown file? > > This bug appears to be native-comp related. After cherry picking three > commits from upstream, I was able to generate a toc for the md snippet > in the initial but report. In the time it took to reply to this bug, > native-comp occurred, and generate-toc began to fail again. I purged > the eln cache and tried again, and it succeeded... I also confirmed that both the patched version (in the staging branch) and unpatched version (in bookworm) work correctly with https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-36-gitolite-gitweb-retirement.md when one loads markdown-toc and generates the toc before native comp kicks in. signature.asc Description: PGP signature
Bug#1034855: trapperkeeper-webserver-jetty9-clojure: autopkgtest regression: Cannot invoke "Object.toString()" because "s" is null
This problem is caused by a recent patch shipped by the liblogback-java package, specifically this line, which causes log events to be silently ignored: https://salsa.debian.org/java-team/logback/-/blob/master/debian/patches/tomcat10-migration.patch#L91 See the discussion in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036250 In my view this is a bug in src:logback. -- Jérôme
Bug#1036250: trapperkeeper-webserver-jetty9-clojure: FTBFS in testing: MDCAccessLogConverter.java:54: error: cannot access HttpServletRequest
Hi Markus, Thank you, your patch does indeed fix the build problem for this package, however, the test failure is not insignificant. I did further tests with puppetserver, which is a downstream dependency of trapperkeeper-webserver-jetty9-clojure and unfortunately, the web requests (access) logging remains broken. There are no warnings or error messages anywhere: as you can imagine, the logging events are simply lost in the ether. I think these logs are a critical feature for debugging and security and it would be very unfortunate for bookworm to ship with logging crippled in this way for puppetserver. Although I did not test this specifically, I strongly suspect puppetdb is also affected in a similar way because they share many of the same components. Do you think it might be possible to backport the accessEvent variable fix from a later version of Logback? -- Jérôme Le 2023-05-19 à 09 h 53, Markus Koschany a écrit : Control: tags -1 patch Hi, I am attaching a patch for this issue. Somehow your package fell through the cracks because it has no dependency on logback. Logback is pulled in by Jetty though. While Logback and Jetty use the Jakarta servlet API now, your package still depends on libservlet-api-java. The fix for that was trivial. However the test failure is caused by my tomcat10-migration.patch https://salsa.debian.org/java-team/logback/-/blob/master/debian/patches/tomcat10-migration.patch#L91 Back then I thought it was acceptable to work around a build failure by setting the accessEvent variable to null since it seemed no package existed in Debian which would be affected by it. The Logback developers fixed that problem in newer versions, but a new upstream release of logback would have been too intrusive. Long story short: please double-check my patch and if we can ignore the logging problem Regards, Markus
Bug#1036359: crashes with (wrong-type-argument consp nil)
Antoine Beaupré writes: > On 2023-05-19 14:39:14, Nicholas D Steeves wrote: >> Control: tag -1 confirmed upstream fixed-upstream pending >> Antoine Beaupre writes: >> >>> Package: elpa-markdown-toc >>> Version: 0.1.5-2 >>> Severity: grave >> >>> markdown-toc-generate-toc crashes with: >>> >>> Debugger entered--Lisp error: (wrong-type-argument consp nil) >> >> Thanks for reporting; fix pending! > > Oh interesting! Where can I see it? is there a patch? > git clone g...@salsa.debian.org:emacsen-team/markdown-toc-el.git git checkout for-testing-before-upload > -- > Je n'ai fait celle-ci plus longue que parce que je n'ai pas eu le > loisir de la faire plus courte. > - Blaise Pascal
Bug#1036359: crashes with (wrong-type-argument consp nil)
David Bremner writes: > Antoine Beaupre writes: > >> Package: elpa-markdown-toc >> Version: 0.1.5-2 >> Severity: grave >> >> In Debian bookworm, markdown-toc is currently unusable. >> >> Given the following markdown buffer: >> > > Hi Antoine; > > I agree that markdown file looks innocuous, but do you know if it is > just this file or any markdown file? This bug appears to be native-comp related. After cherry picking three commits from upstream, I was able to generate a toc for the md snippet in the initial but report. In the time it took to reply to this bug, native-comp occurred, and generate-toc began to fail again. I purged the eln cache and tried again, and it succeeded... signature.asc Description: PGP signature
Bug#1036359: crashes with (wrong-type-argument consp nil)
On 2023-05-19 14:39:14, Nicholas D Steeves wrote: > Control: tag -1 confirmed upstream fixed-upstream pending > Antoine Beaupre writes: > >> Package: elpa-markdown-toc >> Version: 0.1.5-2 >> Severity: grave > >> markdown-toc-generate-toc crashes with: >> >> Debugger entered--Lisp error: (wrong-type-argument consp nil) > > Thanks for reporting; fix pending! Oh interesting! Where can I see it? is there a patch? -- Je n'ai fait celle-ci plus longue que parce que je n'ai pas eu le loisir de la faire plus courte. - Blaise Pascal
Bug#1036359: crashes with (wrong-type-argument consp nil)
Control: tag -1 confirmed upstream fixed-upstream pending Antoine Beaupre writes: > Package: elpa-markdown-toc > Version: 0.1.5-2 > Severity: grave > markdown-toc-generate-toc crashes with: > > Debugger entered--Lisp error: (wrong-type-argument consp nil) Thanks for reporting; fix pending! signature.asc Description: PGP signature
Processed: Re: Bug#1036359: crashes with (wrong-type-argument consp nil)
Processing control commands: > tag -1 confirmed upstream fixed-upstream pending Bug #1036359 [elpa-markdown-toc] crashes with (wrong-type-argument consp nil) Added tag(s) pending, upstream, confirmed, and fixed-upstream. -- 1036359: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036359 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036359: crashes with (wrong-type-argument consp nil)
On 2023-05-19 15:02:34, David Bremner wrote: > Hi Antoine; > > I agree that markdown file looks innocuous, but do you know if it is > just this file or any markdown file? I managed to have it generate a TOC with a simple: # a # b ## c But it also crashed (ultimately) on: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-36-gitolite-gitweb-retirement.md a. -- La perfection est atteinte, non pas lorsqu'il n'y a plus rien à ajouter, mais lorsqu'il n'y a plus rien à retirer. - Antoine de Saint-Exupéry
Bug#1036359: crashes with (wrong-type-argument consp nil)
Antoine Beaupre writes: > Package: elpa-markdown-toc > Version: 0.1.5-2 > Severity: grave > > In Debian bookworm, markdown-toc is currently unusable. > > Given the following markdown buffer: > Hi Antoine; I agree that markdown file looks innocuous, but do you know if it is just this file or any markdown file? d
Bug#1036224: marked as done (cups-filters: CVE-2023-24805)
Your message dated Fri, 19 May 2023 17:18:55 + with message-id and subject line Bug#1036224: fixed in cups-filters 1.28.17-3 has caused the Debian Bug report #1036224, regarding cups-filters: CVE-2023-24805 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1036224: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036224 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: cups-filters Version: 1.28.17-2 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for cups-filters. CVE-2023-24805[0]: | RCE in cups-filters, beh CUPS backend If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-24805 https://www.cve.org/CVERecord?id=CVE-2023-24805 [1] https://www.openwall.com/lists/oss-security/2023/05/17/5 [2] https://github.com/OpenPrinting/cups-filters/commit/93e60d3df35 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: cups-filters Source-Version: 1.28.17-3 Done: Thorsten Alteholz We believe that the bug you reported is fixed in the latest version of cups-filters, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1036...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thorsten Alteholz (supplier of updated cups-filters package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 May 2023 18:25:20 +0200 Source: cups-filters Architecture: source Version: 1.28.17-3 Distribution: unstable Urgency: medium Maintainer: Debian Printing Team Changed-By: Thorsten Alteholz Closes: 1036224 Changes: cups-filters (1.28.17-3) unstable; urgency=medium . * CVE-2023-24805 prevent arbitrary command execution by escaping the quoting of the arguments in a job with a forged job title more information are available in the commit message at: https://github.com/OpenPrinting/cups-filters/commit/93e60d3df35 (Closes: #1036224) Checksums-Sha1: bee6876cdd43bc9dad8b1d25063fc0cb3b27a04b 2981 cups-filters_1.28.17-3.dsc a043e527c1292e2534630934c43bcec38c602f0b 86072 cups-filters_1.28.17-3.debian.tar.xz ac9f171e478a1eaf29eb34a2dd3df8e5216251e1 14151 cups-filters_1.28.17-3_amd64.buildinfo Checksums-Sha256: e48af28143b7404e28c029ee9441c9ecbba289c8ca8986217fcd24331aae327c 2981 cups-filters_1.28.17-3.dsc 01020ea146741dbc3d854a58013603d78772616283c297cf2c4a11033424409a 86072 cups-filters_1.28.17-3.debian.tar.xz 1dc3b134ab9166d352c4f89e5025fb3cfc2b67c77d3645aecfaf794789546888 14151 cups-filters_1.28.17-3_amd64.buildinfo Files: fb36d5825e895953c9ec1489727b6256 2981 net optional cups-filters_1.28.17-3.dsc ed03bc28b93f74955cd5607905ec5bda 86072 net optional cups-filters_1.28.17-3.debian.tar.xz 70c788e15565b8903918d5bccf6a1ae6 14151 net optional cups-filters_1.28.17-3_amd64.buildinfo -BEGIN PGP SIGNATURE- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmRnqaBfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR31YD/9hxdQ1hgSU1iTGAXku6r4tPp36IA9+ InogwbgQfW4mA5aRVmRA5rv+itnPDDqiEBQcWoTom0Bd1Od4K53+Zsi3q+EmuR1g 2Sk55VGzU+yR3S+ol+VAYVwJp10rVe8lQITGVOhGsaRTXtnFSkdX9lHgCtgC0SNs m1D7hlMBJf1omwfAAzjYIUA0i6QCs3obOXZ1VgsB7IICf3JKkonQFGgAExnTSTRH xy9QO3EdkDxNaxV1HVwfoS8e2fgJkaTAGSIJOkCD8XRaoAGbOb4qwIZUrNf/9+iz YQxR71eGtxVunbbRkBF3NBHo1g+NznWBViOq5LL+TqA47hs6A4F+3J85DPUimhnV xZfVRK3on9cEy9DoHC/yWYuHtIlRt/D119jJbfC1csjsQOWX3Kmilhz3yZsw9aez SJGqi4EdWoJrQtbY53EcoCajUEgBnmmkAI/Q6ocEYF9W3IyuZRxDOsDFCO7IDxZx 4YGVo9OBzPb3EV/lY39tegWXHcpWKZnxiL1AAlVsjBIi2GLNy3RoQK6q8/u98hJS cXLYZ7x9OUA7TZ6ieLu6mYxWgIjQ2xPZYxkgWidSdUIYzh48NMbe6FDJdgqQpbdL 2pe+tlKenZoj5/lNEm8VvwQMylAK46Hv5GQP5wC89egnv/P9bPuKTgOCMGi2YK6T 7vkZrXgXmU2n7g== =NG91 -END PGP SIGNATURE End Message ---
Bug#983206: marked as done ([libupnp13] Please update for CVE-2020-12695 & fixes)
Your message dated Fri, 19 May 2023 17:00:11 + with message-id and subject line Bug#983206: fixed in pupnp 1:1.14.16-1 has caused the Debian Bug report #983206, regarding [libupnp13] Please update for CVE-2020-12695 & fixes to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 983206: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983206 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libupnp13 Version: 1:1.8.4-2 Severity: critical According to the changelog upstream version 1.14.0 includes a security fix for CVE-2020-12695 (currently not tracked for pupnp in the debian security tracker). Please update to 1.14.x. Thanks. I'm also having trouble getting DLNA working with minidlna on one system and vlc on another, with little idea so far why it's not working. Getting an updated libupnp13 with all the fixes they've made may help eliminate some possible causes. --- End Message --- --- Begin Message --- Source: pupnp Source-Version: 1:1.14.16-1 Done: Sebastian Ramacher We believe that the bug you reported is fixed in the latest version of pupnp, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 983...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sebastian Ramacher (supplier of updated pupnp package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 03 Apr 2023 00:16:37 +0200 Binary: libixml11 libixml11-dbgsym libupnp17 libupnp17-dbgsym libupnp-dev libupnp-doc Source: pupnp Architecture: all amd64 source Version: 1:1.14.16-1 Distribution: experimental Urgency: medium Maintainer: Debian Multimedia Maintainers Changed-By: Sebastian Ramacher Closes: 962282 983206 986833 987326 1033858 Description: libixml11 - Portable SDK for UPnP Devices (ixml shared library) libupnp17 - Portable SDK for UPnP Devices (shared library) libupnp-dev - Portable SDK for UPnP Devices, version 1.14 (development files) libupnp-doc - Documentation for the Portable SDK for UPnP Devices Changes: pupnp (1:1.14.16-1) experimental; urgency=medium . [ James Cowgill ] * d/control: Drop Multi-Arch: same from libupnp-dev * d/tests: Replace ADTTMP with AUTOPKGTEST_TMP . [ Bryan Quigley ] * New upstream release 1.14.0 . [ Sebastian Ramacher ] * New upstream version 1.14.16 - Fix CVE-2020-12695 (Closes: #983206) - Fix CVE-2021-29462 (Closes: #987326) - Fix CVE-2020-13848 (Closes: #962282) - Fix CVE-2021-28302 (Closes: #986833) * SONAME bump: - libixml10 -> libixml11 - libupnp13 -> libupnp17 * debian/: Remove explicit version from source package name and Description * debian/control: - Adopt is part of the Multimedia team (Closes: #1033858) - Update homepage - Bump Standards-Version * debian/: Bump to debhelper compat 13 Checksums-Sha1: 315ad927d080d726ec45689413dec714861b924c 1638 pupnp_1.14.16-1.dsc d471bb719e7a6207547596ae165a21a1ea448b86 810632 pupnp_1.14.16.orig.tar.gz 567f7e5d726b7bb648e65dfca6bfe136393fe58e 13236 pupnp_1.14.16-1.debian.tar.xz 8070b10048dd87b6e090431d202d01287c98b5cb 57564 libixml11-dbgsym_1.14.16-1_amd64.deb 11f1f45728f6151188b69284dcfcfd421686f98b 80064 libixml11_1.14.16-1_amd64.deb ca74c0181f92f6cd062025b6f9eeb126df66dd32 99260 libupnp-dev_1.14.16-1_amd64.deb d86b573d6c573d37183494eda0b607c6f29f1802 28641244 libupnp-doc_1.14.16-1_all.deb 4a3a1e9c439beb24d2ccb7153ecfd8a61c29f269 291680 libupnp17-dbgsym_1.14.16-1_amd64.deb c3c4a9a4f72ad12a2e9de762f3b18a2e6852d753 152276 libupnp17_1.14.16-1_amd64.deb Checksums-Sha256: 3092411e4aebf809ea843d720a47cc56450ee85a9eed8aa8c2a4bcb80794 1638 pupnp_1.14.16-1.dsc 4e75275d8d0a06d7ce7affd196ddc016124e96f163b8ef4b53bfab331c7dd40e 810632 pupnp_1.14.16.orig.tar.gz 61cc499df772766f88c13d62e2ab0307ff2ac3abda4402d1fdb95063592ac47a 13236 pupnp_1.14.16-1.debian.tar.xz 2f5afff98f7c65fa435764c2061bc5aec031ac222e31e894b4522078a6687dc0 57564 libixml11-dbgsym_1.14.16-1_amd64.deb a232b39b5c4d9cb37f76309ce9142275c3134fd57da96d8779d9bf72daa44f25 80064 libixml11_1.14.16-1_amd64.deb 946e33a8c0085954e26ea9137723caaabf8aef67e01f3bafcccd9f543704870f 99260 libupnp-dev_1.
Bug#1034915: Going to reschedule NMU
Hello, having read up on the current NMU timing guidance in developers reference I will reschedule these to 1-day. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' signature.asc Description: PGP signature
Bug#1036359: crashes with (wrong-type-argument consp nil)
Package: elpa-markdown-toc Version: 0.1.5-2 Severity: grave In Debian bookworm, markdown-toc is currently unusable. Given the following markdown buffer: ``` # Background ## Why migrate? ## Gitolite and GitWeb inventory # Proposal ``` markdown-toc-generate-toc crashes with: Debugger entered--Lisp error: (wrong-type-argument consp nil) markdown-imenu-create-nested-index() funcall(markdown-imenu-create-nested-index) (markdown-toc--compute-toc-structure (funcall imenu-create-index-function)) (funcall markdown-toc-user-toc-structure-manipulation-fn (markdown-toc--compute-toc-structure (funcall imenu-create-index-function))) (markdown-toc--generate-toc (funcall markdown-toc-user-toc-structure-manipulation-fn (markdown-toc--compute-toc-structure (funcall imenu-create-index-function (insert (markdown-toc--generate-toc (funcall markdown-toc-user-toc-structure-manipulation-fn (markdown-toc--compute-toc-structure (funcall imenu-create-index-function) (save-excursion (if (markdown-toc--toc-already-present-p) (progn (markdown-toc--delete-toc t))) (insert (markdown-toc--generate-toc (funcall markdown-toc-user-toc-structure-manipulation-fn (markdown-toc--compute-toc-structure (funcall imenu-create-index-function)) markdown-toc-generate-toc(nil) funcall-interactively(markdown-toc-generate-toc nil) command-execute(markdown-toc-generate-toc record) execute-extended-command(nil "markdown-toc-generate-toc" nil) funcall-interactively(execute-extended-command nil "markdown-toc-generate-toc" nil) command-execute(execute-extended-command) -- System Information: Debian Release: 12.0 APT prefers testing-security APT policy: (500, 'testing-security'), (500, 'testing-debug'), (500, 'testing'), (1, 'experimental'), (1, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-9-amd64 (SMP w/16 CPU threads; PREEMPT) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages elpa-markdown-toc depends on: ii dh-elpa-helper 2.0.16 ii elpa-dash 2.19.1+git20220608.1.0ac1ecf+dfsg-1 ii elpa-markdown-mode 2.5-1 ii elpa-s 1.12.0-5 ii emacsen-common 3.0.5 Versions of packages elpa-markdown-toc recommends: ii emacs 1:28.2+1-14 ii emacs-gtk [emacs] 1:28.2+1-14 elpa-markdown-toc suggests no packages. -- no debconf information
Bug#1036356: stress-ng: autopkgtest failures on 32 bit architectures
Package: stress-ng Version: 0.15.07-1 Severity: serious Tags: patch Justification: autopkgtest failures User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu mantic ubuntu-patch X-Debbugs-Cc: bdr...@debian.org Dear Maintainer, The autopkg tests on 32 bit architectures fail. In Ubuntu, the attached patch was applied to fix the autopkgtest: * Cherry-pick upstream commit "stress-pthread: use 64 bit tid_addr to fix stack clobbering on 32 bit platforms" and "stress-pthread: fix big endian tid addr for 32 bit systems" to fix test failures on 32 bit architectures (LP: #2019079) Thanks for considering the patch. -- Benjamin Drung Debian & Ubuntu Developer diff -Nru stress-ng-0.15.07/debian/patches/series stress-ng-0.15.07/debian/patches/series --- stress-ng-0.15.07/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ stress-ng-0.15.07/debian/patches/series 2023-05-17 18:45:53.0 +0200 @@ -0,0 +1,2 @@ +stress-pthread_use_64_bit_tid_addr.patch +stress-pthread_fix_big_endian_tid_addr_for_32_bit_systems.patch diff -Nru stress-ng-0.15.07/debian/patches/stress-pthread_fix_big_endian_tid_addr_for_32_bit_systems.patch stress-ng-0.15.07/debian/patches/stress-pthread_fix_big_endian_tid_addr_for_32_bit_systems.patch --- stress-ng-0.15.07/debian/patches/stress-pthread_fix_big_endian_tid_addr_for_32_bit_systems.patch 1970-01-01 01:00:00.0 +0100 +++ stress-ng-0.15.07/debian/patches/stress-pthread_fix_big_endian_tid_addr_for_32_bit_systems.patch 2023-05-17 18:45:53.0 +0200 @@ -0,0 +1,46 @@ +From 63c0b414f6ec70dbd0498d59ca34fffbf2642b61 Mon Sep 17 00:00:00 2001 +From: Colin Ian King +Date: Wed, 10 May 2023 20:39:13 +0100 +Subject: [PATCH] stress-pthread: fix big endian tid addr for 32 bit systems + +The PR_GET_TID_ADDR does not have 32 bit compat, so it always returns +a 64 bit tid addr. For 32 bit systems this needs to be either truncated +for 32 little endian or shifted down to the bottom 32 bits for big endian +systems such as big endian HPPA or MIPS32. + +Signed-off-by: Colin Ian King +Origin: upstream, https://github.com/ColinIanKing/stress-ng/commit/63c0b414f6ec70dbd0498d59ca34fffbf2642b61 +--- + stress-pthread.c | 13 +++-- + 1 file changed, 11 insertions(+), 2 deletions(-) + +diff --git a/stress-pthread.c b/stress-pthread.c +index 5c0ee9e4..2190c333 100644 +--- a/stress-pthread.c b/stress-pthread.c +@@ -177,14 +177,23 @@ static void OPTIMIZE3 stress_pthread_tid_address(const stress_args_t *args) + uint64_t tid_addr = 0; + + if (LIKELY(prctl(PR_GET_TID_ADDRESS, &tid_addr, 0, 0, 0) == 0)) { +- if (tid_addr) { ++ unsigned long set_tid_addr; ++ ++ if (sizeof(void *) == 4) { ++ set_tid_addr = stress_little_endian() ? ++ (tid_addr & 0x) : (tid_addr >> 32); ++ } else { ++ set_tid_addr = (unsigned long)tid_addr; ++ } ++ ++ if (set_tid_addr) { + pid_t tid1, tid2; + + /* Nullify */ + VOID_RET(pid_t, (pid_t)syscall(__NR_set_tid_address, NULL)); + + /* This always succeeds */ +- tid1 = (pid_t)syscall(__NR_set_tid_address, tid_addr); ++ tid1 = (pid_t)syscall(__NR_set_tid_address, set_tid_addr); + + errno = 0; + tid2 = shim_gettid(); diff -Nru stress-ng-0.15.07/debian/patches/stress-pthread_use_64_bit_tid_addr.patch stress-ng-0.15.07/debian/patches/stress-pthread_use_64_bit_tid_addr.patch --- stress-ng-0.15.07/debian/patches/stress-pthread_use_64_bit_tid_addr.patch 1970-01-01 01:00:00.0 +0100 +++ stress-ng-0.15.07/debian/patches/stress-pthread_use_64_bit_tid_addr.patch 2023-05-17 16:07:26.0 +0200 @@ -0,0 +1,37 @@ +From 637662d92865fbf5f3469d7754584f6d810fb902 Mon Sep 17 00:00:00 2001 +From: Colin Ian King +Date: Wed, 19 Apr 2023 08:46:17 +0100 +Subject: [PATCH] stress-pthread: use 64 bit tid_addr to fix stack clobbering + on 32 bit platforms + +Closes: https://github.com/ColinIanKing/stress-ng/issues/283 + +Signed-off-by: Colin Ian King +Origin: upstream, https://github.com/ColinIanKing/stress-ng/commit/637662d92865fbf5f3469d7754584f6d810fb902 +--- + stress-pthread.c | 12 +++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/stress-pthread.c b/stress-pthread.c +index 24431869b..a568f8167 100644 +--- a/stress-pthread.c b/stress-pthread.c +@@ -163,7 +163,17 @@ static void OPTIMIZE3 stress_pthread_tid_address(const stress_args_t *args) + defined(__NR_set_tid_address) && \ + defined(HAVE_KERNEL_ULONG_T) && \ + defined(HAVE_SYSCALL) +- __kernel_ulong_t tid_addr = 0; ++ /* ++ * prctl(2) states: ++ *"Note that since the prctl() system call does not have a compat ++ * implementation for the AMD
Bug#1035005: marked as done (uwsgi-plugin-jvm-openjdk-17: missing Breaks+Replaces for uwsgi-plugin-jvm-openjdk-11 when upgrading from bullseye)
Your message dated Fri, 19 May 2023 15:07:55 + with message-id and subject line Bug#1035005: fixed in uwsgi 2.0.21-5.1 has caused the Debian Bug report #1035005, regarding uwsgi-plugin-jvm-openjdk-17: missing Breaks+Replaces for uwsgi-plugin-jvm-openjdk-11 when upgrading from bullseye to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1035005: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035005 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: uwsgi-plugin-jvm-openjdk-17 Version: 2.0.21-5 Severity: serious Justification: dpkg unpack error Attempting to unpack uwsgi-plugin-jvm-openjdk-17/2.0.21-5 from Debian bookworm on a minimal Debian bullseye with uwsgi-plugin-jvm-openjdk-11/2.0.19.1-7.1 installed, causes an unpack error from dpkg due to /usr/share/java/uwsgi.jar being contained in both packages. | Selecting previously unselected package uwsgi-plugin-jvm-openjdk-17. | (Reading database ... 6132 files and directories currently installed.) | Preparing to unpack .../uwsgi-plugin-jvm-openjdk-17_2.0.21-5_amd64.deb ... | Unpacking uwsgi-plugin-jvm-openjdk-17 (2.0.21-5) ... | dpkg: error processing archive ./uwsgi-plugin-jvm-openjdk-17_2.0.21-5_amd64.deb (--unpack): | trying to overwrite '/usr/share/java/uwsgi.jar', which is also in package uwsgi-plugin-jvm-openjdk-11 2.0.19.1-7.1 | Errors were encountered while processing: | ./uwsgi-plugin-jvm-openjdk-17_2.0.21-5_amd64.deb Please ensure that uwsgi-plugin-jvm-openjdk-17 has sufficient Breaks and Replaces declarations. Helmut --- End Message --- --- Begin Message --- Source: uwsgi Source-Version: 2.0.21-5.1 Done: James Valleroy We believe that the bug you reported is fixed in the latest version of uwsgi, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1035...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. James Valleroy (supplier of updated uwsgi package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 May 2023 09:59:29 -0400 Source: uwsgi Architecture: source Version: 2.0.21-5.1 Distribution: unstable Urgency: medium Maintainer: uWSGI packaging team Changed-By: James Valleroy Closes: 1035005 Changes: uwsgi (2.0.21-5.1) unstable; urgency=medium . * Non-maintainer upload. * Add Replaces on uwsgi-plugin-jvm-openjdk-11 (Closes: #1035005) Checksums-Sha1: 8906ee51d3b6496172d4645f041e3913b69f9db4 7117 uwsgi_2.0.21-5.1.dsc 5acc5903c947e84837c9d93fa4e0539297c45282 66348 uwsgi_2.0.21-5.1.debian.tar.xz c8859357da1770ed22a0c26250dfc8d2ba63ca20 39160 uwsgi_2.0.21-5.1_amd64.buildinfo Checksums-Sha256: d8f16bac712c6f5dd086f80705c6af95a1bc6ffda0c5a6285588e3a3bd7d5dad 7117 uwsgi_2.0.21-5.1.dsc 3455acb852d5738c033cb16db5ce6bfc2b3df3da2d694ca03c00d38e46919631 66348 uwsgi_2.0.21-5.1.debian.tar.xz 43206a045495e21d875d83e8dfb964be470192d9500c50e1966efec94cb368b5 39160 uwsgi_2.0.21-5.1_amd64.buildinfo Files: 59d91ea3d81653d8b4b4189eecfab34d 7117 httpd optional uwsgi_2.0.21-5.1.dsc 771889f5462ee43919f3660b81564a14 66348 httpd optional uwsgi_2.0.21-5.1.debian.tar.xz 9cd1c938b1186e7131aa5026c8f45449 39160 httpd optional uwsgi_2.0.21-5.1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQJKBAEBCgA0FiEEfWrbdQ+RCFWJSEvmd8DHXntlCAgFAmRniasWHGp2YWxsZXJv eUBtYWlsYm94Lm9yZwAKCRB3wMdee2UICKAtD/9pkv04plnhAXU0bTTY3XFX/hKG n/biImxrXd6/2P3Fjj5IdzksbUeerkdg6bLE4okSSqhp5Lhv2604aBA3e9sBmvEA f0j8CIycHl21Lk144kBPR5XBuqjUlmYKVDbcMLxtzWUKe1aP3dGMhXK6QUGzQt2E ErBPMb4Ub8aZgDZqLs7PSw8rDY3HJO2q6ajkoAEGDPWDPHJXF6k/Ln+uxOoksFJJ jwl0cLPS/R9snP1Pd21S57kC4ai615ntIX985KuIMDcOQW/qgvGNA8f7rLMMIUIf qhNmScChYweCiEUTZOhhb/+bX6WBKXwG3Cx7XxPX7Tyiuv0pwunQyAEKN7Xaz4QM Wu2Cb9gL0Fz7V7b7mtdYRx65seVR9XiXeWSBgExp35YM07Ox4csFOtsskXxQ3MRH 7HhPZd4QrR4AvUXA8P/qxoWFSijGmqfdUBLGhMrB8gASzw8oIF0HZNR7sw2cZrz9 3BAo+9HFXKCMfSXef4q1v3ZPQarfcrSoGrGCCa+8TPKDRLXk8/kf5+Nj+MDHxu43 V7GrE7Qev7p6S4+9aeUw65vwOe0Z3hM1Fl0ddH0gUoLJYkDrA5xU/oJYJi9bQ2iz XGKexA/NsAMFbrIa0sAkn37eR3S2kzLKD6D+SKnrmc1rRzfF0YgSFoh1fQrWJyE3 X+g01CgE4y882i+DFA== =mkcL -END PGP SIGNATURE End Message ---
Bug#1035371: marked as done (libwebp: CVE-2023-1999)
Your message dated Fri, 19 May 2023 14:23:29 + with message-id and subject line Bug#1035371: fixed in libwebp 1.2.4-0.2 has caused the Debian Bug report #1035371, regarding libwebp: CVE-2023-1999 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1035371: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035371 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: libwebp Version: 1.2.4-0.1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for libwebp. There is unfortunately no public reference accessible, [1] has no details, [2] is restricted. it might be related to [3] and [4]. CVE-2023-1999[0]: | Double-free in libwebp If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-1999 https://www.cve.org/CVERecord?id=CVE-2023-1999 [1] https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-1999 [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1819244 [3] https://bugs.chromium.org/p/webp/issues/detail?id=603 [4] https://chromium.googlesource.com/webm/libwebp/+/a486d800b60d0af4cc0836bf7ed8f21e12974129 Can you find more on the issue? Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: libwebp Source-Version: 1.2.4-0.2 Done: Salvatore Bonaccorso We believe that the bug you reported is fixed in the latest version of libwebp, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1035...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso (supplier of updated libwebp package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 May 2023 14:50:58 +0200 Source: libwebp Architecture: source Version: 1.2.4-0.2 Distribution: unstable Urgency: high Maintainer: Jeff Breidenbach Changed-By: Salvatore Bonaccorso Closes: 1035371 Changes: libwebp (1.2.4-0.2) unstable; urgency=high . * Non-maintainer upload. * EncodeAlphaInternal: clear result->bw on error (CVE-2023-1999) (Closes: #1035371) Checksums-Sha1: 1a01da46413cc8d0972a49eebf78c7240bb8ac68 2531 libwebp_1.2.4-0.2.dsc 05f6e63641f7ad438b910e70a07d46bffb41ff17 8064 libwebp_1.2.4-0.2.debian.tar.xz Checksums-Sha256: a5138070f42170f20c6b6daabc56716c5f7c3973a904ac37978cfe19f3d7e1df 2531 libwebp_1.2.4-0.2.dsc e8bd944079de9d9e00fe210e28c987f60d96f8210f089fe4d56ef43f4570c933 8064 libwebp_1.2.4-0.2.debian.tar.xz Files: cd7d8c28e0e59e52d5709c06bbb0e7f6 2531 libs optional libwebp_1.2.4-0.2.dsc 5a33ccbdcd690d137c07f110efb0a236 8064 libs optional libwebp_1.2.4-0.2.debian.tar.xz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmRncgVfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EaDkP/1huNiCtVvzwTdi8qbZOFRBhf4mWMqhE OoRS6YMEVr4LfFX6HR08ym3WwSFhp2urWMZQKokgblKBgivH9JU5Ic8CmBlP9i9b dERKk8T2TYIisDgWXeA03LfAOlaKmgyBmfjQSWJLaA1xLOjZztGBq+tA2R8H7Cjt WtktOEeG/+VKbST7oAicxE5UzpSR6afutbn+dH/37/QX0xonBv0e3OQ1OZoCYBn6 6MiIRTOGq3zaCOe1J887MXvpY06ru1hcPGjqvlFQ6deeCN4XxdgVlKsff0JYKGj2 WCHlVR7IKZJR6JGEol7pcvhO+LMPoKSRDjWHZUjadOjKYUXpqbxE4Uj2easVhFb7 9mna2iQa9CPfKqDunvzlV6m7V9n4iuLkElsTg7VPVe7phDAOpBEhf4ycKpWbdTt1 JbaY9w0L7xukwPcyKNxl01rLRtyr2ssg0XvTEBeFb2G+6P0c36VYagBJ691Vs4X4 ASqc7GAJb2loiGClah/6AOMitoenuru6TpltS+OYhnPFwxfMz71YHXI2nzTF4LiD yhiWuCIw64MHFQk1v56dXt59HgcQ3X2h3qcwNQX+rQeLyaw1TE6WZ2TcBpdlzcQ6 0k6+xp1xgBcIWHlwYJd9S34sqTz1xtAY/GTHIUzfGxm02WUHkkxjA2CHuR/KOckA D7Zc3h3ilRWV =faJU -END PGP SIGNATURE End Message ---
Bug#1035371: libwebp: diff for NMU version 1.2.4-0.2
Control: tags 1035371 + patch Dear maintainer, I've prepared an NMU for libwebp (versioned as 1.2.4-0.2). The diff is attached to this message. Due to the bookworm release plan and the fact Moritz is going to release a DSA for libwebp for bullseye, I did straight upload the diff without further delay. Hope this is okay for you. Regards, Salvatore diff -Nru libwebp-1.2.4/debian/changelog libwebp-1.2.4/debian/changelog --- libwebp-1.2.4/debian/changelog 2023-01-23 14:28:25.0 +0100 +++ libwebp-1.2.4/debian/changelog 2023-05-19 14:50:58.0 +0200 @@ -1,3 +1,11 @@ +libwebp (1.2.4-0.2) unstable; urgency=high + + * Non-maintainer upload. + * EncodeAlphaInternal: clear result->bw on error (CVE-2023-1999) +(Closes: #1035371) + + -- Salvatore Bonaccorso Fri, 19 May 2023 14:50:58 +0200 + libwebp (1.2.4-0.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru libwebp-1.2.4/debian/patches/EncodeAlphaInternal-clear-result-bw-on-error.patch libwebp-1.2.4/debian/patches/EncodeAlphaInternal-clear-result-bw-on-error.patch --- libwebp-1.2.4/debian/patches/EncodeAlphaInternal-clear-result-bw-on-error.patch 1970-01-01 01:00:00.0 +0100 +++ libwebp-1.2.4/debian/patches/EncodeAlphaInternal-clear-result-bw-on-error.patch 2023-05-19 14:50:58.0 +0200 @@ -0,0 +1,57 @@ +From: James Zern +Date: Wed, 22 Feb 2023 22:15:47 -0800 +Subject: EncodeAlphaInternal: clear result->bw on error +Origin: https://github.com/webmproject/libwebp/commit/a486d800b60d0af4cc0836bf7ed8f21e12974129 +Bug-Debian: https://bugs.debian.org/1035371 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-1999 + +This avoids a double free should the function fail prior to +VP8BitWriterInit() and a previous trial result's buffer carried over. +Previously in ApplyFiltersAndEncode() trial.bw (with a previous +iteration's buffer) would be freed, followed by best.bw pointing to the +same buffer. + +Since: +187d379d add a fallback to ALPHA_NO_COMPRESSION + +In addition, check the return value of VP8BitWriterInit() in this +function. + +Bug: webp:603 +Change-Id: Ic258381ee26c8c16bc211d157c8153831c8c6910 +--- + src/enc/alpha_enc.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/enc/alpha_enc.c b/src/enc/alpha_enc.c +index f7c02690e3cf..7d205586fe77 100644 +--- a/src/enc/alpha_enc.c b/src/enc/alpha_enc.c +@@ -13,6 +13,7 @@ + + #include + #include ++#include + + #include "src/enc/vp8i_enc.h" + #include "src/dsp/dsp.h" +@@ -148,6 +149,7 @@ static int EncodeAlphaInternal(const uint8_t* const data, int width, int height, + } + } else { + VP8LBitWriterWipeOut(&tmp_bw); ++ memset(&result->bw, 0, sizeof(result->bw)); + return 0; + } + } +@@ -162,7 +164,7 @@ static int EncodeAlphaInternal(const uint8_t* const data, int width, int height, + header = method | (filter << 2); + if (reduce_levels) header |= ALPHA_PREPROCESSED_LEVELS << 4; + +- VP8BitWriterInit(&result->bw, ALPHA_HEADER_LEN + output_size); ++ if (!VP8BitWriterInit(&result->bw, ALPHA_HEADER_LEN + output_size)) ok = 0; + ok = ok && VP8BitWriterAppend(&result->bw, &header, ALPHA_HEADER_LEN); + ok = ok && VP8BitWriterAppend(&result->bw, output, output_size); + +-- +2.40.1 + diff -Nru libwebp-1.2.4/debian/patches/series libwebp-1.2.4/debian/patches/series --- libwebp-1.2.4/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ libwebp-1.2.4/debian/patches/series 2023-05-19 14:50:58.0 +0200 @@ -0,0 +1 @@ +EncodeAlphaInternal-clear-result-bw-on-error.patch
Processed: libwebp: diff for NMU version 1.2.4-0.2
Processing control commands: > tags 1035371 + patch Bug #1035371 [src:libwebp] libwebp: CVE-2023-1999 Added tag(s) patch. -- 1035371: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035371 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036250: trapperkeeper-webserver-jetty9-clojure: FTBFS in testing: MDCAccessLogConverter.java:54: error: cannot access HttpServletRequest
Control: tags -1 patch Hi, I am attaching a patch for this issue. Somehow your package fell through the cracks because it has no dependency on logback. Logback is pulled in by Jetty though. While Logback and Jetty use the Jakarta servlet API now, your package still depends on libservlet-api-java. The fix for that was trivial. However the test failure is caused by my tomcat10-migration.patch https://salsa.debian.org/java-team/logback/-/blob/master/debian/patches/tomcat10-migration.patch#L91 Back then I thought it was acceptable to work around a build failure by setting the accessEvent variable to null since it seemed no package existed in Debian which would be affected by it. The Logback developers fixed that problem in newer versions, but a new upstream release of logback would have been too intrusive. Long story short: please double-check my patch and if we can ignore the logging problem Regards, Markus diff -Nru trapperkeeper-webserver-jetty9-clojure-4.4.1/debian/changelog trapperkeeper-webserver-jetty9-clojure-4.4.1/debian/changelog --- trapperkeeper-webserver-jetty9-clojure-4.4.1/debian/changelog 2023-02-10 23:15:30.0 +0100 +++ trapperkeeper-webserver-jetty9-clojure-4.4.1/debian/changelog 2023-05-19 15:19:10.0 +0200 @@ -1,3 +1,14 @@ +trapperkeeper-webserver-jetty9-clojure (4.4.1-5.1) UNRELEASED; urgency=medium + + * Non-maintainer upload. + * Replace libservlet-api-java with libjakarta-servlet-api-java. + * Add jakarta.servlet.patch to fix FTBFS with latest Jetty and Logback +versions in Debian. (Closes: #1036250) + * Work around a test failure by disabling request-logging-test. +(Closes: #1034855) + + -- Markus Koschany Fri, 19 May 2023 15:19:10 +0200 + trapperkeeper-webserver-jetty9-clojure (4.4.1-5) unstable; urgency=medium * d/control: bump Breaks: on puppetserver diff -Nru trapperkeeper-webserver-jetty9-clojure-4.4.1/debian/control trapperkeeper-webserver-jetty9-clojure-4.4.1/debian/control --- trapperkeeper-webserver-jetty9-clojure-4.4.1/debian/control 2023-02-10 23:15:30.0 +0100 +++ trapperkeeper-webserver-jetty9-clojure-4.4.1/debian/control 2023-05-19 15:19:10.0 +0200 @@ -15,7 +15,7 @@ libtools-logging-clojure, libjanino-java, libordered-clojure, - libservlet-api-java, + libjakarta-servlet-api-java, libjetty9-java, libjetty9-extra-java, libprismatic-schema-clojure (>= 1.1.12), diff -Nru trapperkeeper-webserver-jetty9-clojure-4.4.1/debian/libtrapperkeeper-webserver-jetty9-clojure.classpath trapperkeeper-webserver-jetty9-clojure-4.4.1/debian/libtrapperkeeper-webserver-jetty9-clojure.classpath --- trapperkeeper-webserver-jetty9-clojure-4.4.1/debian/libtrapperkeeper-webserver-jetty9-clojure.classpath 2023-02-10 23:15:30.0 +0100 +++ trapperkeeper-webserver-jetty9-clojure-4.4.1/debian/libtrapperkeeper-webserver-jetty9-clojure.classpath 2023-05-19 15:19:10.0 +0200 @@ -1 +1 @@ -usr/share/java/trapperkeeper-webserver-jetty9.jar /usr/share/java/clojure.jar /usr/share/java/java.jmx.jar /usr/share/java/tools.logging.jar /usr/share/java/janino.jar /usr/share/java/servlet-api.jar /usr/share/java/jetty9-server.jar /usr/share/java/jetty9-io.jar /usr/share/java/jetty9-security.jar /usr/share/java/jetty9-client.jar /usr/share/java/jetty9-servlet.jar /usr/share/java/jetty9-http.jar /usr/share/java/jetty9-util.jar /usr/share/java/jetty9-servlets.jar /usr/share/java/jetty9-webapp.jar /usr/share/java/jetty9-proxy.jar /usr/share/java/jetty9-jmx.jar /usr/share/java/jetty9-websocket-server.jar /usr/share/java/jetty9-websocket-api.jar /usr/share/java/jetty9-websocket-servlet.jar /usr/share/java/schema.jar /usr/share/java/ring-servlet.jar /usr/share/java/ring-codec.jar /usr/share/java/ssl-utils.jar /usr/share/java/kitchensink.jar /usr/share/java/trapperkeeper.jar /usr/share/java/puppetlabs-i18n.jar /usr/share/java/trapperkeeper-filesystem-watcher.jar /usr/share/java/jul-to-slf4j.jar +usr/share/java/trapperkeeper-webserver-jetty9.jar /usr/share/java/clojure.jar /usr/share/java/java.jmx.jar /usr/share/java/tools.logging.jar /usr/share/java/janino.jar /usr/share/java/jakarta-servlet-api.jar /usr/share/java/jetty9-server.jar /usr/share/java/jetty9-io.jar /usr/share/java/jetty9-security.jar /usr/share/java/jetty9-client.jar /usr/share/java/jetty9-servlet.jar /usr/share/java/jetty9-http.jar /usr/share/java/jetty9-util.jar /usr/share/java/jetty9-servlets.jar /usr/share/java/jetty9-webapp.jar /usr/share/java/jetty9-proxy.jar /usr/share/java/jetty9-jmx.jar /usr/share/java/jetty9-websocket-server.jar /usr/share/java/jetty9-websocket-api.jar /usr/share/java/jetty9-websocket-servlet.jar /usr/share/java/schema.jar /usr/share/java/ring-servlet.jar /usr/share/java/ring-codec.jar /usr/share/java/ssl-utils.jar /usr/share/java/kitchensink.jar /usr/share/java/trapperkeeper.jar /usr/share/java/puppetlabs-i18n.jar /usr/share/java/trapperkeeper-filesystem-watcher.jar /usr/share/java/jul-to-slf4j.jar diff -Nru trapperkeeper-webserver-jetty9-clojure-4.4.1/d
Processed: Re: trapperkeeper-webserver-jetty9-clojure: FTBFS in testing: MDCAccessLogConverter.java:54: error: cannot access HttpServletRequest
Processing control commands: > tags -1 patch Bug #1036250 [src:trapperkeeper-webserver-jetty9-clojure] trapperkeeper-webserver-jetty9-clojure: FTBFS in testing: MDCAccessLogConverter.java:54: error: cannot access HttpServletRequest Added tag(s) patch. -- 1036250: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036250 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#998996: marked as done (binutils-msp430: missing required debian/rules targets build-arch and/or build-indep)
Your message dated Fri, 19 May 2023 13:48:47 + with message-id and subject line Bug#998996: fixed in binutils-msp430 2.24~ti1 has caused the Debian Bug report #998996, regarding binutils-msp430: missing required debian/rules targets build-arch and/or build-indep to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 998996: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998996 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: binutils-msp430 Version: 2.22~msp20120406-5.1 Severity: important Justification: Debian Policy section 4.9 Tags: bookworm sid User: debian...@lists.debian.org Usertags: missing-build-arch-indep Dear maintainer, Your package does not include build-arch and/or build-indep targets in debian/rules. This is required by Debian Policy section 4.9, since 2012. https://www.debian.org/doc/debian-policy/ch-source.html#main-building-script-debian-rules Please note that this is also a sign that the packaging of this software could benefit from a refresh. For example, packages using 'dh' cannot be affected by this issue. This mass bug filing was discussed on debian-devel@ in https://lists.debian.org/debian-devel/2021/11/msg00052.html . The severity of this bug will be changed to 'serious' after a month. Best, Lucas --- End Message --- --- Begin Message --- Source: binutils-msp430 Source-Version: 2.24~ti1 Done: Bastian Germann We believe that the bug you reported is fixed in the latest version of binutils-msp430, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 998...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastian Germann (supplier of updated binutils-msp430 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 May 2023 15:28:01 +0200 Source: binutils-msp430 Architecture: source Version: 2.24~ti1 Distribution: unstable Urgency: medium Maintainer: Debian QA Group Changed-By: Bastian Germann Closes: 965439 998996 Changes: binutils-msp430 (2.24~ti1) unstable; urgency=medium . * QA upload * Update debhelper to compat 7 (Closes: #965439) * Add missing rules targets (Closes: #998996) * Convert to source format 3.0 (native) Checksums-Sha1: 22f03d8e9776da3033d240d65addc82bcd90dea2 1468 binutils-msp430_2.24~ti1.dsc f78ffe80bc12c81abce03d403e833659d9f54102 3580 binutils-msp430_2.24~ti1.tar.xz adc4922a3e19b33e58486843ca43cae41c26e367 6418 binutils-msp430_2.24~ti1_source.buildinfo Checksums-Sha256: bd50c4ca32a04f2b88bffc041ef1a14a00e8d349b14c1ebf5a1a1d44482ea5a7 1468 binutils-msp430_2.24~ti1.dsc 102e3efa54aa3b91dd864453c96a7bbcfca58ad99c53ad1e32558f684c16b4aa 3580 binutils-msp430_2.24~ti1.tar.xz b0b1828b9522a2099d40218fef9cfea6f8033b02dd22e052664d482a6820bc85 6418 binutils-msp430_2.24~ti1_source.buildinfo Files: cc3fc43cd47c75ebeddf7a4f9dbbe304 1468 devel extra binutils-msp430_2.24~ti1.dsc f6230060046b0ecf56d57a60269f6c9c 3580 devel extra binutils-msp430_2.24~ti1.tar.xz 18bb5446f43845d1fa536937d9aeed7b 6418 devel extra binutils-msp430_2.24~ti1_source.buildinfo -BEGIN PGP SIGNATURE- iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmRne14QHGJhZ2VAZGVi aWFuLm9yZwAKCRAfXHqLRVZDFMAXC/9WKoJOI88CuqQoKKG1GMgX5JerB9M2FtQ7 FulmI/D9sF3ZCy+49CNvFtkVPAaNjQ8psGg74dLQGMiycvuE/3x4ubdbS+c4QUK3 yAI/4Vpe+oB08rBfIyBqic8xhjDfkMOLLb/eyfG5fw7bjyhQaiYtjgQnN6NrlQeZ GLzwrTCsIjQw7KnYyZjSSY8CjBKndl6EvaK1LwGFMfFvihJmGJ/zZ4SDqHAe7Bu5 GoQsgVO2vJxoALVc5gm8bYyAEqM+iDGBa7WhaGoh/AiCmnNBB05pfF8RbZ4uSzCv ZUERfuXECPdGMlUyXFBd9blACLWGtPDq+51islPHNAdnBMyfQ8ty+rUPzVN1xBbM Q7Mc4sno0GPDI1Ts85ZF5znQqQYhdAxv2fScfvhcnKeFtXSvDtDlfB7N5dS0Yejk 9FSgWyrgD6b0hqDqZuLzIuuQPvZI3K14SQnFAzlAZ2vZ/E4t0YKuUltXLd0pgCAw 7ciqzR+1WfYHKEvtgx2/Ix4so3AQX3Y= =+Eyg -END PGP SIGNATURE End Message ---
Bug#965439: marked as done (binutils-msp430: Removal of obsolete debhelper compat 5 and 6 in bookworm)
Your message dated Fri, 19 May 2023 13:48:47 + with message-id and subject line Bug#965439: fixed in binutils-msp430 2.24~ti1 has caused the Debian Bug report #965439, regarding binutils-msp430: Removal of obsolete debhelper compat 5 and 6 in bookworm to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 965439: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965439 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: binutils-msp430 Version: 2.22~msp20120406-5.1 Severity: normal Usertags: compat-5-6-removal Hi, The package binutils-msp430 uses debhelper with a compat level of 5 or 6, which is deprecated and scheduled for removal[1]. Please bump the debhelper compat at your earliest convenience /outside the freeze/! * Compat 13 is recommended (supported in stable-backports) * Compat 7 is the bare minimum PLEASE KEEP IN MIND THAT the release team *DOES NOT* accept uploads with compat bumps during the freeze. If there is any risk that the fix for this bug might not migrate to testing before 2021-01-01[3] then please postpone the fix until after the freeze. At the time of filing this bug, compat 5 and 6 are expected to be removed "some time during the development cycle of bookworm". Thanks, ~Niels [1] https://lists.debian.org/debian-devel/2020/07/msg00065.html [2] https://release.debian.org/bullseye/FAQ.html [3] The choice of 2021-01-01 as a "deadline" is set before the actual freeze deadline to provide a safe cut off point for most people. Mind you, it is still your responsibility to ensure that the upload makes it into testing even if you upload before that date. --- End Message --- --- Begin Message --- Source: binutils-msp430 Source-Version: 2.24~ti1 Done: Bastian Germann We believe that the bug you reported is fixed in the latest version of binutils-msp430, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 965...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastian Germann (supplier of updated binutils-msp430 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 May 2023 15:28:01 +0200 Source: binutils-msp430 Architecture: source Version: 2.24~ti1 Distribution: unstable Urgency: medium Maintainer: Debian QA Group Changed-By: Bastian Germann Closes: 965439 998996 Changes: binutils-msp430 (2.24~ti1) unstable; urgency=medium . * QA upload * Update debhelper to compat 7 (Closes: #965439) * Add missing rules targets (Closes: #998996) * Convert to source format 3.0 (native) Checksums-Sha1: 22f03d8e9776da3033d240d65addc82bcd90dea2 1468 binutils-msp430_2.24~ti1.dsc f78ffe80bc12c81abce03d403e833659d9f54102 3580 binutils-msp430_2.24~ti1.tar.xz adc4922a3e19b33e58486843ca43cae41c26e367 6418 binutils-msp430_2.24~ti1_source.buildinfo Checksums-Sha256: bd50c4ca32a04f2b88bffc041ef1a14a00e8d349b14c1ebf5a1a1d44482ea5a7 1468 binutils-msp430_2.24~ti1.dsc 102e3efa54aa3b91dd864453c96a7bbcfca58ad99c53ad1e32558f684c16b4aa 3580 binutils-msp430_2.24~ti1.tar.xz b0b1828b9522a2099d40218fef9cfea6f8033b02dd22e052664d482a6820bc85 6418 binutils-msp430_2.24~ti1_source.buildinfo Files: cc3fc43cd47c75ebeddf7a4f9dbbe304 1468 devel extra binutils-msp430_2.24~ti1.dsc f6230060046b0ecf56d57a60269f6c9c 3580 devel extra binutils-msp430_2.24~ti1.tar.xz 18bb5446f43845d1fa536937d9aeed7b 6418 devel extra binutils-msp430_2.24~ti1_source.buildinfo -BEGIN PGP SIGNATURE- iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmRne14QHGJhZ2VAZGVi aWFuLm9yZwAKCRAfXHqLRVZDFMAXC/9WKoJOI88CuqQoKKG1GMgX5JerB9M2FtQ7 FulmI/D9sF3ZCy+49CNvFtkVPAaNjQ8psGg74dLQGMiycvuE/3x4ubdbS+c4QUK3 yAI/4Vpe+oB08rBfIyBqic8xhjDfkMOLLb/eyfG5fw7bjyhQaiYtjgQnN6NrlQeZ GLzwrTCsIjQw7KnYyZjSSY8CjBKndl6EvaK1LwGFMfFvihJmGJ/zZ4SDqHAe7Bu5 GoQsgVO2vJxoALVc5gm8bYyAEqM+iDGBa7WhaGoh/AiCmnNBB05pfF8RbZ4uSzCv ZUERfuXECPdGMlUyXFBd9blACLWGtPDq+51islPHNAdnBMyfQ8ty+rUPzVN1xBbM Q7Mc4sno0GPDI1Ts85ZF5znQqQYhdAxv2fScfvhcnKeFtXSvDtDlfB7N5dS0Yejk 9FSgWyrgD6b0hqDqZuLzIuuQPvZI3K14SQnFAzlAZ2vZ/E4t0YKuUltXLd0pgCAw 7ciqzR+1WfYHKEvtgx2/Ix4so3AQX3Y= =+Eyg -END PGP SIGNATURE End Message ---
Bug#1035005: [pkg-uWSGI-devel] Bug#1035005: [PATCH] Add Replaces on uwsgi-plugin-jvm-openjdk-11 (Closes: #1035005)
Hi James, Quoting James Valleroy (2023-05-19 12:33:50) > tags 1035005 patch > thanks > > The attached patch fixes this issue. I tested by unpacking the package into a > Debian bullseye VM where uwsgi-plugin-jvm-openjdk-11 was already installed. Thanks a lot. You are quite welcome to release this as a 0-day NMU. Otherwise I will try to find time for it (I am currently studying and in exam season, so pretty busy...) Kind regards, - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ * Sponsorship: https://ko-fi.com/drjones [x] quote me freely [ ] ask before reusing [ ] keep private
Bug#965570: marked as done (grub2-splashimages: Removal of obsolete debhelper compat 5 and 6 in bookworm)
Your message dated Fri, 19 May 2023 12:48:50 + with message-id and subject line Bug#965570: fixed in grub2-splashimages 1.0.2 has caused the Debian Bug report #965570, regarding grub2-splashimages: Removal of obsolete debhelper compat 5 and 6 in bookworm to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 965570: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965570 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: grub2-splashimages Version: 1.0.1+nmu1 Severity: normal Usertags: compat-5-6-removal Hi, The package grub2-splashimages uses debhelper with a compat level of 5 or 6, which is deprecated and scheduled for removal[1]. Please bump the debhelper compat at your earliest convenience /outside the freeze/! * Compat 13 is recommended (supported in stable-backports) * Compat 7 is the bare minimum PLEASE KEEP IN MIND THAT the release team *DOES NOT* accept uploads with compat bumps during the freeze. If there is any risk that the fix for this bug might not migrate to testing before 2021-01-01[3] then please postpone the fix until after the freeze. At the time of filing this bug, compat 5 and 6 are expected to be removed "some time during the development cycle of bookworm". Thanks, ~Niels [1] https://lists.debian.org/debian-devel/2020/07/msg00065.html [2] https://release.debian.org/bullseye/FAQ.html [3] The choice of 2021-01-01 as a "deadline" is set before the actual freeze deadline to provide a safe cut off point for most people. Mind you, it is still your responsibility to ensure that the upload makes it into testing even if you upload before that date. --- End Message --- --- Begin Message --- Source: grub2-splashimages Source-Version: 1.0.2 Done: Bastian Germann We believe that the bug you reported is fixed in the latest version of grub2-splashimages, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 965...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastian Germann (supplier of updated grub2-splashimages package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 May 2023 14:29:26 +0200 Source: grub2-splashimages Architecture: source Version: 1.0.2 Distribution: unstable Urgency: medium Maintainer: Debian QA Group Changed-By: Bastian Germann Closes: 965570 Changes: grub2-splashimages (1.0.2) unstable; urgency=medium . * QA upload. * Remove left-over licenses. * Update debhelper to compat 7. (Closes: #965570) * Convert to source format 3.0. Checksums-Sha1: 2b3e130543ef3643858b7036aa70205f3623e749 1322 grub2-splashimages_1.0.2.dsc f9f6654c37b0e5924c065b0588461667291c77be 5574988 grub2-splashimages_1.0.2.tar.xz 26c2a4dabd5c889333ea9532a9b56dd4b72a5ba7 6006 grub2-splashimages_1.0.2_source.buildinfo Checksums-Sha256: 5f6944d597bb9d2f827aa046e173ea0f48bb3aee158dd5293abdef8c824ed8e2 1322 grub2-splashimages_1.0.2.dsc 109d03ae6086ed6caad44080adfc60440b417b390adbc5173610ebeefa386fab 5574988 grub2-splashimages_1.0.2.tar.xz 5d61d891a3f2d1084fb47e61b2a0dc996ee0043e26e9db62d2c9ba6c5bfa2ae4 6006 grub2-splashimages_1.0.2_source.buildinfo Files: 93791d0982c509756183d4234b116aa0 1322 admin optional grub2-splashimages_1.0.2.dsc 75aa8ccf0c20008991be9255f05b79bf 5574988 admin optional grub2-splashimages_1.0.2.tar.xz e8e5ba7b425874f49f6b36899807bc1f 6006 admin optional grub2-splashimages_1.0.2_source.buildinfo -BEGIN PGP SIGNATURE- iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmRnbdIQHGJhZ2VAZGVi aWFuLm9yZwAKCRAfXHqLRVZDFKy+DACCcbrrkIAOgaKAtmu0D3G7uPMi5vo4zK+a bM+2Swo6iYrcewT+htzGPDtPEfU3yxsB0559PlxRHMq+K2gPJXEq3DfGdRU/zjef Rt+2UuTsH9FkagLt5q9ZTMUefUlv6sgTekunMkYJxIHASBj+xVp/3JEcQuUAcO7x euZfPRS+IvlZ1YmEl9Oq/xpw7MNIx8p8PYpslrXvMwsHSfI347bEa4UgYu8yJnde plAJfnwkl9zRuZ78LLcD5s1YmhgLIKPAbcgrKrm75WHS0304X9VQ4oq0RTrQsal5 7mph3glJqsopLU2aCljn2+49o/yRgqT5vMYjz2BbHCBxxWC+V7gDjjSS7FrXld6h 7dIU7lPfZv6JWnRZve3s+vhkz6TdVBkE4cFdRz6Ld6W3HanT/opAwbiXbonyar/a /Lz4QWuPTl7kJwFr2dHC2wZcL//Fccb5jz1WHWT0lvdnHKqxzVtpcXChPRpvH8lD i6AQhlBlh3ewjSEcW1CkYFPQC9oLZI8= =cTf1 -END PGP SIGNATURE End Message ---
Bug#965569: marked as done (grub-splashimages: Removal of obsolete debhelper compat 5 and 6 in bookworm)
Your message dated Fri, 19 May 2023 12:48:42 + with message-id and subject line Bug#965569: fixed in grub-splashimages 1.2.4 has caused the Debian Bug report #965569, regarding grub-splashimages: Removal of obsolete debhelper compat 5 and 6 in bookworm to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 965569: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965569 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: grub-splashimages Version: 1.2.3 Severity: normal Usertags: compat-5-6-removal Hi, The package grub-splashimages uses debhelper with a compat level of 5 or 6, which is deprecated and scheduled for removal[1]. Please bump the debhelper compat at your earliest convenience /outside the freeze/! * Compat 13 is recommended (supported in stable-backports) * Compat 7 is the bare minimum PLEASE KEEP IN MIND THAT the release team *DOES NOT* accept uploads with compat bumps during the freeze. If there is any risk that the fix for this bug might not migrate to testing before 2021-01-01[3] then please postpone the fix until after the freeze. At the time of filing this bug, compat 5 and 6 are expected to be removed "some time during the development cycle of bookworm". Thanks, ~Niels [1] https://lists.debian.org/debian-devel/2020/07/msg00065.html [2] https://release.debian.org/bullseye/FAQ.html [3] The choice of 2021-01-01 as a "deadline" is set before the actual freeze deadline to provide a safe cut off point for most people. Mind you, it is still your responsibility to ensure that the upload makes it into testing even if you upload before that date. --- End Message --- --- Begin Message --- Source: grub-splashimages Source-Version: 1.2.4 Done: Bastian Germann We believe that the bug you reported is fixed in the latest version of grub-splashimages, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 965...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastian Germann (supplier of updated grub-splashimages package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 May 2023 14:42:07 +0200 Source: grub-splashimages Architecture: source Version: 1.2.4 Distribution: unstable Urgency: medium Maintainer: Debian QA Group Changed-By: Bastian Germann Closes: 678882 965569 Changes: grub-splashimages (1.2.4) unstable; urgency=medium . * QA upload. (Closes: #678882) * Remove non-existing Homepage. * Update debhelper compat to 7. (Closes: #965569) * Convert to source format 3.0. Checksums-Sha1: 84b43c017d13535a4dc8a369305f0b963c8b6fa2 1313 grub-splashimages_1.2.4.dsc dfa168d0664c417b45a08891d8cca2e7ba1d5305 663608 grub-splashimages_1.2.4.tar.xz 6dbe4597d730c789d34944c5c6ac963584893a6e 6002 grub-splashimages_1.2.4_source.buildinfo Checksums-Sha256: b5dda4a2f44d693bc77f5a0ca44eb5dd656439bfea9c2cc97fcd95869227a116 1313 grub-splashimages_1.2.4.dsc 06e5df432fc42aab60b185157d943fcd5edf4bf047b194d1d5a77c43c2ae88c1 663608 grub-splashimages_1.2.4.tar.xz 0ab21a083e00a29cb657bbf875ed1522af291ba51ba8b17544bf042c378b1bf7 6002 grub-splashimages_1.2.4_source.buildinfo Files: 0101f86bba6b75d86df7f4048795aae4 1313 admin optional grub-splashimages_1.2.4.dsc 9b64d0e5909f201dcacc8d16161b3931 663608 admin optional grub-splashimages_1.2.4.tar.xz 4884f5a99722ae8391b850bd4a797cfd 6002 admin optional grub-splashimages_1.2.4_source.buildinfo -BEGIN PGP SIGNATURE- iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmRnb0kQHGJhZ2VAZGVi aWFuLm9yZwAKCRAfXHqLRVZDFNoYDADxhf+pR9z2InrbHg95gzWYr4UxDmPyrCqJ 7vnH8DNeBuvCoDU8v7SdJSP9AH4ltKOGhKM7AqX1x21Rvj4rzOgsiSIMQOjC0MIv H9/VL2kvNuH4Pmdin1N+xQ4FSLGmiodnTAnK9q6YP08Cl9973T0n438yEBlnY0ot Q/BtpgfjXAHVHmPR4ApCPkS3ddfipN7K09EVI6ClRkxtCi5MWhKKhKUoYKQKVzkl MaTp6LQOpgFSilMNR0wnerDnKIT3RmCWcrUKtWLLDR45FkH5jjcXZXJrevz7P8Im FShF4SuVCDW9qRUXDh3s41t7Z9UTXUaSIATnk5R5jb/0vQaS2K5WFbwrOi0KV8km 3Zd3pOhpx08H5ytPJgJHAo9Bv2a+zfbMLMtFEM7IFM27iF/Rj+2KQGzLHLzsIf7W kPVLCqbJERUjlStvqdKUuYuYYS20DoyJuwrhVpDOWIz45y67XiU4A7q77V1BLH+2 uYYzWNm/ndQViKAlFW4ZWssww7/JcOY= =TCXt -END PGP SIGNATURE End Message ---
Processed: found 1035371 in 0.6.1-2.1
Processing commands for cont...@bugs.debian.org: > found 1035371 0.6.1-2.1 Bug #1035371 [src:libwebp] libwebp: CVE-2023-1999 Marked as found in versions libwebp/0.6.1-2.1. > thanks Stopping processing here. Please contact me if you need assistance. -- 1035371: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035371 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#999271: marked as done (socket: missing required debian/rules targets build-arch and/or build-indep)
Your message dated Fri, 19 May 2023 12:21:48 + with message-id and subject line Bug#999271: fixed in socket 1.1-10.1 has caused the Debian Bug report #999271, regarding socket: missing required debian/rules targets build-arch and/or build-indep to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 999271: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999271 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: socket Version: 1.1-10 Severity: important Justification: Debian Policy section 4.9 Tags: bookworm sid User: debian...@lists.debian.org Usertags: missing-build-arch-indep Dear maintainer, Your package does not include build-arch and/or build-indep targets in debian/rules. This is required by Debian Policy section 4.9, since 2012. https://www.debian.org/doc/debian-policy/ch-source.html#main-building-script-debian-rules Please note that this is also a sign that the packaging of this software could benefit from a refresh. For example, packages using 'dh' cannot be affected by this issue. This mass bug filing was discussed on debian-devel@ in https://lists.debian.org/debian-devel/2021/11/msg00052.html . The severity of this bug will be changed to 'serious' after a month. Best, Lucas --- End Message --- --- Begin Message --- Source: socket Source-Version: 1.1-10.1 Done: Bastian Germann We believe that the bug you reported is fixed in the latest version of socket, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 999...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastian Germann (supplier of updated socket package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 May 2023 13:56:24 +0200 Source: socket Architecture: source Version: 1.1-10.1 Distribution: unstable Urgency: medium Maintainer: LENART Janos Changed-By: Bastian Germann Closes: 922373 965823 999271 Changes: socket (1.1-10.1) unstable; urgency=medium . * Non-maintainer upload. * Update debhelper compat to 7. (closes: #965823) * Add missing rules targets. (closes: #999271) * Enable cross build. (closes: #922373) * Convert to source format 3.0 (quilt). Checksums-Sha1: fe2b13cfa0ae2db452777c5b337d6d22a20dc3e4 1487 socket_1.1-10.1.dsc fe7f1d7a02dfc3a8b4d9518266efad9531249b66 10476 socket_1.1-10.1.debian.tar.xz ddf9a5c409c2746c6d379abc858d2c946544dab2 5436 socket_1.1-10.1_source.buildinfo Checksums-Sha256: 5313899cdc189aa6f9e9e0aa721ea8be1dbe275cd44a7def641dafaee0cb5f6f 1487 socket_1.1-10.1.dsc a09ab000f0cef2f3fc84eea9660a9d30e0a65e9e8d3614335dbbbc318fff32d6 10476 socket_1.1-10.1.debian.tar.xz b1b83e2101b5578dd216058f7b4358a2cbe200ebf9fe67d16b7c0066376d976a 5436 socket_1.1-10.1_source.buildinfo Files: 2daa0c6c8c710c96f13b2a20ea0b 1487 net optional socket_1.1-10.1.dsc 171ce54278ac732b85cb11bc39b9da6e 10476 net optional socket_1.1-10.1.debian.tar.xz 45cd5ae3bf206eeb8cf52331a8cbc3a2 5436 net optional socket_1.1-10.1_source.buildinfo -BEGIN PGP SIGNATURE- iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmRnZRMQHGJhZ2VAZGVi aWFuLm9yZwAKCRAfXHqLRVZDFPrOC/kBU/jQSFxFbRQP9yk+XSQ47EP+ZTwaTuMp 2ZN8L4RFg6DSEOn6XIo2tfJGy9IHN1mWg9SHVfRrjaLCkmTUaBFABo1+9ACjhaqx mpHe408RFDKRw34gZ6ly+b3QXY+e5FOYho1A6XycccCf7jy0pkD5R9Y+prhyuWJv KLjT/UW3Ij6TKGdvwtW353i/FB2o+e4LO6gTSgp1GQDq40E3I7RtFGmTBAqGlwkp vSUQOlIAnoaDkiCUxAxpHESRFbItpDQiU+kWOJ38F0Z0+BkxzcRbx2DP4jsAWr0E kXVvZjdXu1ir1P+9SZ1yMzKty0v+xlSGnX+x4hWR11L56f1lY+/V6M38Mjzqgg7C gQhWc5Q69RLj6R8VnLeeukdnrYqzVpHkTWsd3H1hqPgCdw96gCTttvztifJ3D1Ze kHoA588ChgHYX99ZUkYWHJEKPucvEGXeMF17Jd221X98halfqdsK8BLae6goGm/k 77ObmLUFt/+iVnOU/RII+F30w8hu1Ds= =Z0O8 -END PGP SIGNATURE End Message ---
Bug#965823: marked as done (socket: Removal of obsolete debhelper compat 5 and 6 in bookworm)
Your message dated Fri, 19 May 2023 12:21:48 + with message-id and subject line Bug#965823: fixed in socket 1.1-10.1 has caused the Debian Bug report #965823, regarding socket: Removal of obsolete debhelper compat 5 and 6 in bookworm to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 965823: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965823 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: socket Version: 1.1-10 Severity: normal Usertags: compat-5-6-removal Hi, The package socket uses debhelper with a compat level of 5 or 6, which is deprecated and scheduled for removal[1]. Please bump the debhelper compat at your earliest convenience /outside the freeze/! * Compat 13 is recommended (supported in stable-backports) * Compat 7 is the bare minimum PLEASE KEEP IN MIND THAT the release team *DOES NOT* accept uploads with compat bumps during the freeze. If there is any risk that the fix for this bug might not migrate to testing before 2021-01-01[3] then please postpone the fix until after the freeze. At the time of filing this bug, compat 5 and 6 are expected to be removed "some time during the development cycle of bookworm". Thanks, ~Niels [1] https://lists.debian.org/debian-devel/2020/07/msg00065.html [2] https://release.debian.org/bullseye/FAQ.html [3] The choice of 2021-01-01 as a "deadline" is set before the actual freeze deadline to provide a safe cut off point for most people. Mind you, it is still your responsibility to ensure that the upload makes it into testing even if you upload before that date. --- End Message --- --- Begin Message --- Source: socket Source-Version: 1.1-10.1 Done: Bastian Germann We believe that the bug you reported is fixed in the latest version of socket, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 965...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastian Germann (supplier of updated socket package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 May 2023 13:56:24 +0200 Source: socket Architecture: source Version: 1.1-10.1 Distribution: unstable Urgency: medium Maintainer: LENART Janos Changed-By: Bastian Germann Closes: 922373 965823 999271 Changes: socket (1.1-10.1) unstable; urgency=medium . * Non-maintainer upload. * Update debhelper compat to 7. (closes: #965823) * Add missing rules targets. (closes: #999271) * Enable cross build. (closes: #922373) * Convert to source format 3.0 (quilt). Checksums-Sha1: fe2b13cfa0ae2db452777c5b337d6d22a20dc3e4 1487 socket_1.1-10.1.dsc fe7f1d7a02dfc3a8b4d9518266efad9531249b66 10476 socket_1.1-10.1.debian.tar.xz ddf9a5c409c2746c6d379abc858d2c946544dab2 5436 socket_1.1-10.1_source.buildinfo Checksums-Sha256: 5313899cdc189aa6f9e9e0aa721ea8be1dbe275cd44a7def641dafaee0cb5f6f 1487 socket_1.1-10.1.dsc a09ab000f0cef2f3fc84eea9660a9d30e0a65e9e8d3614335dbbbc318fff32d6 10476 socket_1.1-10.1.debian.tar.xz b1b83e2101b5578dd216058f7b4358a2cbe200ebf9fe67d16b7c0066376d976a 5436 socket_1.1-10.1_source.buildinfo Files: 2daa0c6c8c710c96f13b2a20ea0b 1487 net optional socket_1.1-10.1.dsc 171ce54278ac732b85cb11bc39b9da6e 10476 net optional socket_1.1-10.1.debian.tar.xz 45cd5ae3bf206eeb8cf52331a8cbc3a2 5436 net optional socket_1.1-10.1_source.buildinfo -BEGIN PGP SIGNATURE- iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmRnZRMQHGJhZ2VAZGVi aWFuLm9yZwAKCRAfXHqLRVZDFPrOC/kBU/jQSFxFbRQP9yk+XSQ47EP+ZTwaTuMp 2ZN8L4RFg6DSEOn6XIo2tfJGy9IHN1mWg9SHVfRrjaLCkmTUaBFABo1+9ACjhaqx mpHe408RFDKRw34gZ6ly+b3QXY+e5FOYho1A6XycccCf7jy0pkD5R9Y+prhyuWJv KLjT/UW3Ij6TKGdvwtW353i/FB2o+e4LO6gTSgp1GQDq40E3I7RtFGmTBAqGlwkp vSUQOlIAnoaDkiCUxAxpHESRFbItpDQiU+kWOJ38F0Z0+BkxzcRbx2DP4jsAWr0E kXVvZjdXu1ir1P+9SZ1yMzKty0v+xlSGnX+x4hWR11L56f1lY+/V6M38Mjzqgg7C gQhWc5Q69RLj6R8VnLeeukdnrYqzVpHkTWsd3H1hqPgCdw96gCTttvztifJ3D1Ze kHoA588ChgHYX99ZUkYWHJEKPucvEGXeMF17Jd221X98halfqdsK8BLae6goGm/k 77ObmLUFt/+iVnOU/RII+F30w8hu1Ds= =Z0O8 -END PGP SIGNATURE End Message ---
Bug#965823: socket: Removal of obsolete debhelper compat 5 and 6 in bookworm
I am uploading a NMU to fix this. The debdiff is attached.diff -Nru socket-1.1/BLURB socket-1.1/BLURB --- socket-1.1/BLURB2023-05-19 14:02:02.0 +0200 +++ socket-1.1/BLURB1996-02-08 23:53:39.0 +0100 @@ -1,6 +1,6 @@ This is release 1.1 of the Socket(1) program. -Socket(1) implements an interface to TCP and UNIX sockets at shell level. +Socket(1) implements an interface to TCP sockets at shell level. Client and server sockets can be used from shell scripts or interactively. Socket can also run a program with stdin, stdout, and stderr connected to the socket connection. Sample shell scripts diff -Nru socket-1.1/CHANGES socket-1.1/CHANGES --- socket-1.1/CHANGES 2023-05-19 14:02:02.0 +0200 +++ socket-1.1/CHANGES 1996-02-08 23:53:39.0 +0100 @@ -17,5 +17,3 @@ message - slightly more adequate signal handling and messages - - - support of UNIX domain sockets diff -Nru socket-1.1/debian/changelog socket-1.1/debian/changelog --- socket-1.1/debian/changelog 2023-05-19 14:02:02.0 +0200 +++ socket-1.1/debian/changelog 2023-05-19 13:56:24.0 +0200 @@ -1,3 +1,13 @@ +socket (1.1-10.1) unstable; urgency=medium + + * Non-maintainer upload. + * Update debhelper compat to 7. (closes: #965823) + * Add missing rules targets. (closes: #999271) + * Enable cross build. (closes: #922373) + * Convert to source format 3.0 (quilt). + + -- Bastian Germann Fri, 19 May 2023 13:56:24 +0200 + socket (1.1-10) unstable; urgency=low * (Re-) Adopting the package. (closes: #487341) diff -Nru socket-1.1/debian/compat socket-1.1/debian/compat --- socket-1.1/debian/compat2023-05-19 14:02:02.0 +0200 +++ socket-1.1/debian/compat2023-05-19 13:54:14.0 +0200 @@ -1 +1 @@ -5 +7 diff -Nru socket-1.1/debian/control socket-1.1/debian/control --- socket-1.1/debian/control 2023-05-19 14:02:02.0 +0200 +++ socket-1.1/debian/control 2023-05-19 13:54:09.0 +0200 @@ -2,7 +2,7 @@ Section: net Priority: optional Maintainer: LENART Janos -Build-Depends: debhelper (>> 5.0.0) +Build-Depends: debhelper (>= 7) Standards-Version: 3.8.1 Package: socket diff -Nru socket-1.1/debian/patches/debian.patch socket-1.1/debian/patches/debian.patch --- socket-1.1/debian/patches/debian.patch 1970-01-01 01:00:00.0 +0100 +++ socket-1.1/debian/patches/debian.patch 2023-05-19 13:56:24.0 +0200 @@ -0,0 +1,1061 @@ +--- socket-1.1.orig/BLURB socket-1.1/BLURB +@@ -1,6 +1,6 @@ + This is release 1.1 of the Socket(1) program. + +-Socket(1) implements an interface to TCP sockets at shell level. ++Socket(1) implements an interface to TCP and UNIX sockets at shell level. + Client and server sockets can be used from shell scripts or + interactively. Socket can also run a program with stdin, stdout, and + stderr connected to the socket connection. Sample shell scripts +--- socket-1.1.orig/CHANGES socket-1.1/CHANGES +@@ -17,3 +17,5 @@ User-visible changes in Socket version 1 + message + + - slightly more adequate signal handling and messages ++ ++ - support of UNIX domain sockets +--- socket-1.1.orig/Makefile socket-1.1/Makefile +@@ -8,13 +8,13 @@ + ### socket.1 in /usr/local/man/man1/socket.1 + ### Make sure the target directories exist before doing a "make install". + +-INSTALLBASE = /usr/local ++INSTALLBASE = $(DESTDIR)/usr + INSTALLBINPATH = $(INSTALLBASE)/bin + INSTALLBINMODE = 755 + INSTALLMANPATH = $(INSTALLBASE)/man +-INSTALLMANMODE = 444 ++INSTALLMANMODE = 644 + CC = cc +-CFLAGS = $(SWITCHES) -O ++CFLAGS = $(SWITCHES) -O2 + LDFLAGS = $(SWITCHES) -s + + ### You may need to uncomment some lines below for your operating +@@ -78,7 +78,7 @@ tags: TAGS + TAGS: $(PROGSOURCES) $(HEADERS) + etags $(PROGSOURCES) $(HEADERS) + +-installtargets: $(INSTALLBINPATH)/$(TARGET) installmanuals ++installtargets: $(INSTALLBINPATH)/$(TARGET) + + $(INSTALLBINPATH)/$(TARGET): $(TARGET) + @-echo "installing $(TARGET) in $(INSTALLBINPATH)"; \ +--- socket-1.1.orig/README socket-1.1/README +@@ -9,7 +9,7 @@ this program is licensed to you. + + What is it? + +-The program Socket implements access to TCP sockets from shell level. ++The program Socket implements access to TCP or UNIX sockets from shell level. + First written for the need to open a server socket and read and write + to the socket interactively for testing purposes, it quickly evolved + into a generic tool providing the socket interface for shell script +@@ -19,7 +19,8 @@ and interactive use. + Client mode + + In client mode (which is the default) it connects to a given port at a +-given host. Data read from the socket is written to stdout, data read ++given host or to a given UNIX domain socket specified by a pathname on the ++local filesystem(s). Data read from the socket is written to stdout, data read + from stdin is written to the socket. When the peer closes the + connection or a signal is received, the program terminates. An + exampl
Bug#1035855: marked as done (r-cran-pander: broken symlink: /usr/lib/R/site-library/pander/includes/javascripts/jquery-1.7.2.min.js -> ../../../../../../share/nodejs/jquery-ui/ui/jquery-1-7.min.js)
Your message dated Fri, 19 May 2023 11:09:23 + with message-id and subject line Bug#1035855: fixed in r-cran-pander 0.6.5+dfsg-3 has caused the Debian Bug report #1035855, regarding r-cran-pander: broken symlink: /usr/lib/R/site-library/pander/includes/javascripts/jquery-1.7.2.min.js -> ../../../../../../share/nodejs/jquery-ui/ui/jquery-1-7.min.js to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1035855: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035855 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: r-cran-pander Version: 0.6.5+dfsg-2 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package ships (or creates) a broken symlink. 1m40.9s ERROR: FAIL: Broken symlinks: /usr/lib/R/site-library/pander/includes/javascripts/jquery-1.7.2.min.js -> ../../../../../../share/nodejs/jquery-ui/ui/jquery-1-7.min.js (r-cran-pander) The targeted file is no longer shipped by node-jquery-ui. cheers, Andreas --- End Message --- --- Begin Message --- Source: r-cran-pander Source-Version: 0.6.5+dfsg-3 Done: Andreas Tille We believe that the bug you reported is fixed in the latest version of r-cran-pander, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1035...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Tille (supplier of updated r-cran-pander package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 May 2023 12:38:06 +0200 Source: r-cran-pander Architecture: source Version: 0.6.5+dfsg-3 Distribution: unstable Urgency: medium Maintainer: Debian R Packages Maintainers Changed-By: Andreas Tille Closes: 1035855 Changes: r-cran-pander (0.6.5+dfsg-3) unstable; urgency=medium . * Provide source and compressed JS of jquery 1.7.2 since it is not provided by any other package any more Closes: #1035855 Checksums-Sha1: 59229df25144fd7d7d42768c4756621bbd37acae 2128 r-cran-pander_0.6.5+dfsg-3.dsc 167badc7339c9637a80d98954b95b461dea87ff6 113936 r-cran-pander_0.6.5+dfsg-3.debian.tar.xz 3825d376a5ef33f11f5540f1fbfddb7bf361d3d9 12044 r-cran-pander_0.6.5+dfsg-3_amd64.buildinfo Checksums-Sha256: 92fc6fe6c998cd3dcbfe6a7d2069cdc48d3b23bd0f90d071d1cee08d7a767a31 2128 r-cran-pander_0.6.5+dfsg-3.dsc 70450a1b9805a7b72cead6354f22d6a1cf5e9e18d4d54a9a0d8e64a7d6173f93 113936 r-cran-pander_0.6.5+dfsg-3.debian.tar.xz fd3ec3a97047d6c94df6889dc7cf585aae7ce27cb3d9cd73e8a9d9ae87a9a6ec 12044 r-cran-pander_0.6.5+dfsg-3_amd64.buildinfo Files: 1251e7f06a968745b46465da00923354 2128 gnu-r optional r-cran-pander_0.6.5+dfsg-3.dsc 01850cc5609841e5cc7031e8d7bafa50 113936 gnu-r optional r-cran-pander_0.6.5+dfsg-3.debian.tar.xz 56746f252c7ff527fa9e49f2f2fc7807 12044 gnu-r optional r-cran-pander_0.6.5+dfsg-3_amd64.buildinfo -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEE8fAHMgoDVUHwpmPKV4oElNHGRtEFAmRnU8kRHHRpbGxlQGRl Ymlhbi5vcmcACgkQV4oElNHGRtFrqw/+IzWeJL7SfLy3YPYFCWUDVi3wLUmlXIOO RdNQRSJTz53QAivqYNgWYdiRlTE5u3xoywiiT0rIqin2/5qTkCqKpu6BrmSryrTT /CxXnqjqrlmsRFod8PMPm/l9iB4Tr2JeGusBSib3CKZehgnxc8d1CV02+Ujc3OEn /2MQt5M6szf2wo2bHdKWBL1xtWI+Lhu3pOUr65Js69yStt3HidPJOM2cSrxvsgl/ J+06LrFIjmeuYpHN5/98JAzUI9j+CZ50wliM7Gck2aJVCqHMkHm7zqAV66pfIXFQ pPgDx+bZjTVzxBPjx5blv2JDdVKlip38tRACOboA8BRB8biuqG3Al2Vlz1Wc2Yzn Ned3o4H+sZOuf/IDOohg4ToEyjgCFWNqeiDfeD7ggd9+40kjhCv9XtdSk+XKzaAf IFnYFTqEMSxNBqcqQ9Zf20KqtNsWVPOKPzB7aApQnmX5FW1u/jaQMn76rxynLR+l cX8l3V3iw/SRXLGMZd6O0y5LOUF2oODrzAs9MshPB82boE7bKqo32sxcnZYgNBuS tJdKMTuTBTlMnkDyr+zjx7SQvz8B1HaD7SvV6jSvmgg862Nk4pg2Ao+hkErqMBxz zFRezSHWrAKVh1chlFEBHAJFiK+UcrzBxU6P3FObsMih0aBklx8Etty+cShdiXP6 q5MgeEs7Y8c= =zU9d -END PGP SIGNATURE End Message ---
Bug#999274: marked as done (datapacker: missing required debian/rules targets build-arch and/or build-indep)
Your message dated Fri, 19 May 2023 11:03:53 + with message-id and subject line Bug#999274: fixed in datapacker 1.0.3+nmu1 has caused the Debian Bug report #999274, regarding datapacker: missing required debian/rules targets build-arch and/or build-indep to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 999274: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999274 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: datapacker Version: 1.0.3 Severity: important Justification: Debian Policy section 4.9 Tags: bookworm sid User: debian...@lists.debian.org Usertags: missing-build-arch-indep Dear maintainer, Your package does not include build-arch and/or build-indep targets in debian/rules. This is required by Debian Policy section 4.9, since 2012. https://www.debian.org/doc/debian-policy/ch-source.html#main-building-script-debian-rules Please note that this is also a sign that the packaging of this software could benefit from a refresh. For example, packages using 'dh' cannot be affected by this issue. This mass bug filing was discussed on debian-devel@ in https://lists.debian.org/debian-devel/2021/11/msg00052.html . The severity of this bug will be changed to 'serious' after a month. Best, Lucas --- End Message --- --- Begin Message --- Source: datapacker Source-Version: 1.0.3+nmu1 Done: Bastian Germann We believe that the bug you reported is fixed in the latest version of datapacker, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 999...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastian Germann (supplier of updated datapacker package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 May 2023 12:43:26 +0200 Source: datapacker Architecture: source Version: 1.0.3+nmu1 Distribution: unstable Urgency: medium Maintainer: John Goerzen Changed-By: Bastian Germann Closes: 999274 Changes: datapacker (1.0.3+nmu1) unstable; urgency=medium . * Non-maintainer upload. * Add missing debian/rules targets build-indep, build-arch. Closes: #999274 * Remove unused Build-Depends: gtk-doc-tools, sgml2x. Checksums-Sha1: 250c9382cf640371f1c145f745eae6c21fa2aa7b 1668 datapacker_1.0.3+nmu1.dsc 892f78d22dfdf519f6399e778fa719257c4558cb 22932 datapacker_1.0.3+nmu1.tar.xz 97a65d55efc5859a70685098cd76afb81526a1da 6 datapacker_1.0.3+nmu1_source.buildinfo Checksums-Sha256: 6d3d380c5678db51653853aa31d674195de779346cd5186ce58957adf47bca1d 1668 datapacker_1.0.3+nmu1.dsc 95b266fb6c439188f943b1b8ef52b87812056b250af68e8f03c37d83db0fa3db 22932 datapacker_1.0.3+nmu1.tar.xz c08d78b60cfb3838439a008ab0018af569715c142d93f0b84524a6838b07a0d0 6 datapacker_1.0.3+nmu1_source.buildinfo Files: 73daa50f5631729a47381a187ae06cff 1668 utils optional datapacker_1.0.3+nmu1.dsc 65a7fba6276b3744398ce55f46b7f111 22932 utils optional datapacker_1.0.3+nmu1.tar.xz 704464c04bc1b4a15965d8af08e99b6f 6 utils optional datapacker_1.0.3+nmu1_source.buildinfo -BEGIN PGP SIGNATURE- iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmRnU2AQHGJhZ2VAZGVi aWFuLm9yZwAKCRAfXHqLRVZDFEYWDADsMmEgfhvJTq2PWnN566xwZUNljcOINTjP s+R8p9o85J08D/8A9pOLTaF8DKKxtFhzmpUHjbrILmcQNIkSWOSuHsUgVVD3NB6f h4jEgJuCcE9zgVqZl4RsJo1ayBSnsF2F2/bJKRSXBKSLGCofbZOln/rNvyG1W+6u pgocxZGV2EQ0nVST/JH7faNWgGhmJY1E4XXhASJ3UN1nywZ0+tFKCWlX4W5TZGi5 3pAEahK99enAuTqNBf/IZ116EkRCthtdPBU4+tGh462XyIJc1pczwXN8HeLplmLi qclbtsI55nB3wknAEQoAJKEmfrsdcjvrIj4gAO0aW9GjXN1PecMO7olSqWRZ6mRb iAm0IxKR/jD/Ni5QCdnP1S7hPySUzLj8eSdQiVHY6Y2atLFtUeJONDadJkUGyuQj 1BiMxwNdvtdzAt+kDaisJQlrV9PG9lHGipdD1ipEY7Kip4UBPRgRXtH+0hm+ZO7D CC6s7L1sVqeSjELKwhHP4zYVxIAwX1I= =kEeA -END PGP SIGNATURE End Message ---
Bug#999274: datapacker: missing required debian/rules targets build-arch and/or build-indep
I am uploading a NMU to fix this. The debdiff is attached.diff -Nru datapacker-1.0.3/debian/changelog datapacker-1.0.3+nmu1/debian/changelog --- datapacker-1.0.3/debian/changelog 2021-01-13 07:08:09.0 +0100 +++ datapacker-1.0.3+nmu1/debian/changelog 2023-05-19 12:43:26.0 +0200 @@ -1,3 +1,11 @@ +datapacker (1.0.3+nmu1) unstable; urgency=medium + + * Non-maintainer upload. + * Add missing debian/rules targets build-indep, build-arch. Closes: #999274 + * Remove unused Build-Depends: gtk-doc-tools, sgml2x. + + -- Bastian Germann Fri, 19 May 2023 12:43:26 +0200 + datapacker (1.0.3) unstable; urgency=medium [ Debian Janitor ] diff -Nru datapacker-1.0.3/debian/control datapacker-1.0.3+nmu1/debian/control --- datapacker-1.0.3/debian/control 2021-01-13 07:08:09.0 +0100 +++ datapacker-1.0.3+nmu1/debian/control2023-05-19 12:43:26.0 +0200 @@ -3,7 +3,6 @@ Priority: optional Maintainer: John Goerzen Build-Depends: debhelper-compat (= 12), groff, docbook-utils, man-db, ghostscript, - gtk-doc-tools, sgml2x, ghc (>= 6.8), haskell-devscripts (>= 0.6.6), libghc-missingh-dev (>= 1.0.1), libghc-unix-dev, libghc-mtl-dev, libghc-filepath-dev, libghc-hslogger-dev Build-Conflicts: docbook-ebnf diff -Nru datapacker-1.0.3/debian/rules datapacker-1.0.3+nmu1/debian/rules --- datapacker-1.0.3/debian/rules 2021-01-13 07:08:09.0 +0100 +++ datapacker-1.0.3+nmu1/debian/rules 2023-05-19 12:41:41.0 +0200 @@ -89,4 +89,8 @@ dh_builddeb binary: binary-indep binary-arch -.PHONY: build clean binary-indep binary-arch binary install configure +.PHONY: build clean binary-indep binary-arch binary install configure build-indep build-arch + +build-indep: + +build-arch: build
Bug#1036021: cadabra2,python3-notebook: undeclared file conflict on /usr/lib/python3/dist-packages/notebook/static/components/codemirror
On Fri, May 19, 2023 at 11:09:41AM +0200, Helmut Grohne wrote: > On Fri, May 19, 2023 at 10:27:46AM +0200, Martin Hostettler wrote: > > Do I understand correctly that all we have to do here is ship the file > in its "canonical" path after resolving the symbolic link from > python3-notebook? In other words, a simple file move in the data.tar? If dpkg can handle that even with the symlink, then i think, yes. > > > I have no clue how the correct way to make this switch in the debian > > packaging is, but i hope this messages helps to confirm what is happening > > in this situation and someone with more solid clue about these kind of > > problems in packaging can resolve this. > > It is as simple as adding a mv invocation to an > appropriate override_dh_something to debian/rules. That's something that > easily passes an unblock request with the release team. > > Probably, appending to override_dh_auto_install is sufficient: > > mv > debian/cadabra2/usr/lib/python3/dist-packages/notebook/static/components > debian/cadabra2/usr/lib/share/javascript > rmdir debian/cadabra2/usr/lib/python3/dist-packages/notebook/static > rmdir debian/cadabra2/usr/lib/python3/dist-packages/notebook > It seems what is needed is this: mv debian/cadabra2/usr/lib/python3.*/site-packages/notebook/static/components debian/cadabra2/usr/share/javascript rmdir debian/cadabra2/usr/lib/python3.*/site-packages/notebook/static rmdir debian/cadabra2/usr/lib/python3.*/site-packages/notebook (The wildcards are used to avoid hard coding the current debian default python version) That results in a debdiff like this: Files in second .deb but not in first - -rw-r--r-- root/root /usr/share/javascript/codemirror/mode/cadabra/cadabra.js Files in first .deb but not in second - -rw-r--r-- root/root /usr/lib/python3/dist-packages/notebook/static/components/codemirror/mode/cadabra/cadabra.js Which looks ok. both before the patch and after the following file exists when python3-notebook was installed before installing cadabra: /usr/share/javascript/codemirror/mode/cadabra/cadabra.js I just noticed that the override_dh_auto_install also contains a line not yet updated to python 3.11 > sed -i s,python3.10,python3,g debian/cadabra2/usr/bin/cadabra2 Updateing that might be a good idea too. Switching that to 3.11 results in the further debdiff: Control files: lines which differ (wdiff format) Depends: fonts-cmu, python3 (<< 3.12), python3 (>= 3.11~), [-python3.11:any,-] python3:any (>= 3.6~) Which seems ok too. @G�rkan Myczko Could you see if that seems sane and if it is do an upload with the moved file? (I'm not a DD, so i can't help out with that) - Martin
Bug#965483: marked as done (datapacker: Removal of obsolete debhelper compat 5 and 6 in bookworm)
Your message dated Fri, 19 May 2023 12:38:49 +0200 with message-id <04e2888e-782c-6d97-78af-a19278bcc...@debian.org> and subject line Re: datapacker: Removal of obsolete debhelper compat 5 and 6 in bookworm has caused the Debian Bug report #965483, regarding datapacker: Removal of obsolete debhelper compat 5 and 6 in bookworm to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 965483: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965483 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: datapacker Version: 1.0.2 Severity: normal Usertags: compat-5-6-removal Hi, The package datapacker uses debhelper with a compat level of 5 or 6, which is deprecated and scheduled for removal[1]. Please bump the debhelper compat at your earliest convenience /outside the freeze/! * Compat 13 is recommended (supported in stable-backports) * Compat 7 is the bare minimum PLEASE KEEP IN MIND THAT the release team *DOES NOT* accept uploads with compat bumps during the freeze. If there is any risk that the fix for this bug might not migrate to testing before 2021-01-01[3] then please postpone the fix until after the freeze. At the time of filing this bug, compat 5 and 6 are expected to be removed "some time during the development cycle of bookworm". Thanks, ~Niels [1] https://lists.debian.org/debian-devel/2020/07/msg00065.html [2] https://release.debian.org/bullseye/FAQ.html [3] The choice of 2021-01-01 as a "deadline" is set before the actual freeze deadline to provide a safe cut off point for most people. Mind you, it is still your responsibility to ensure that the upload makes it into testing even if you upload before that date. --- End Message --- --- Begin Message --- Version: 1.0.3--- End Message ---
Processed: [PATCH] Add Replaces on uwsgi-plugin-jvm-openjdk-11 (Closes: #1035005)
Processing commands for cont...@bugs.debian.org: > tags 1035005 patch Bug #1035005 [uwsgi-plugin-jvm-openjdk-17] uwsgi-plugin-jvm-openjdk-17: missing Breaks+Replaces for uwsgi-plugin-jvm-openjdk-11 when upgrading from bullseye Added tag(s) patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 1035005: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035005 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1035005: [PATCH] Add Replaces on uwsgi-plugin-jvm-openjdk-11 (Closes: #1035005)
tags 1035005 patch thanks The attached patch fixes this issue. I tested by unpacking the package into a Debian bullseye VM where uwsgi-plugin-jvm-openjdk-11 was already installed. -- James From 84fe0c6bbf87399eb651b3768f6599bc08a83a78 Mon Sep 17 00:00:00 2001 From: James Valleroy Date: Thu, 18 May 2023 08:28:17 -0400 Subject: [PATCH] Add Replaces on uwsgi-plugin-jvm-openjdk-11 (Closes: #1035005) --- debian/control | 2 ++ 1 file changed, 2 insertions(+) diff --git a/debian/control b/debian/control index 2abd38b3..fad8a587 100644 --- a/debian/control +++ b/debian/control @@ -616,6 +616,8 @@ Depends: uwsgi-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}, +Replaces: uwsgi-plugin-jvm-openjdk-11 (<< 2.0.21-1) +Breaks: uwsgi-plugin-jvm-openjdk-11 (<< 2.0.21-1) Description: Java plugin for uWSGI (OpenJDK 17) uWSGI presents a complete stack for networked/clustered web applications, implementing message/object passing, caching, RPC and process management. -- 2.39.2 OpenPGP_signature Description: OpenPGP digital signature
Bug#1036021: cadabra2,python3-notebook: undeclared file conflict on /usr/lib/python3/dist-packages/notebook/static/components/codemirror
On Fri, May 19, 2023 at 10:27:46AM +0200, Martin Hostettler wrote: > From what i see the intended result is not a file replacement but adding a > file into codemirror. Thank you for stating the goal. > Currently it does that by using the path > /usr/lib/python3/dist-packages/notebook/static/components/codemirror/mode/cadabra/cadabra.js > in data.tar which "works" when python3-notebook was installed previously, > but is the subject of this bug because when installation order if different > this does the wrong thing. Do I understand correctly that all we have to do here is ship the file in its "canonical" path after resolving the symbolic link from python3-notebook? In other words, a simple file move in the data.tar? > So all the ideas of diverts and alternatives seems to be unneeded. What > seems to be needed is finding the correct way for cadabra2 to always place > the integration file directly into /usr/lib/share/javascript/codemirror > without depending on the symlink from python3-notebook that might or might > not be there. Sounds super simple and riskfree to me. An ideal solution for this level of the freeze. > I have no clue how the correct way to make this switch in the debian > packaging is, but i hope this messages helps to confirm what is happening > in this situation and someone with more solid clue about these kind of > problems in packaging can resolve this. It is as simple as adding a mv invocation to an appropriate override_dh_something to debian/rules. That's something that easily passes an unblock request with the release team. Probably, appending to override_dh_auto_install is sufficient: mv debian/cadabra2/usr/lib/python3/dist-packages/notebook/static/components debian/cadabra2/usr/lib/share/javascript rmdir debian/cadabra2/usr/lib/python3/dist-packages/notebook/static rmdir debian/cadabra2/usr/lib/python3/dist-packages/notebook This is entirely untested though. Helmut
Bug#1034261: marked as done (autofs attempts communication with portmapper (port 111) even for NFS4 mounts)
Your message dated Fri, 19 May 2023 09:04:44 + with message-id and subject line Bug#1034261: fixed in autofs 5.1.8-2 has caused the Debian Bug report #1034261, regarding autofs attempts communication with portmapper (port 111) even for NFS4 mounts to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1034261: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034261 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: autofs Version: 5.1.8-1+b2 Severity: normal Tags: upstream Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? upgrdae from bullseye to testing * What exactly did you do (or not do) that was effective (or ineffective)? I use autoount to mount a nfs4 share. Normal mount with mount command does work automount did work in bullseye but not in testing * What was the outcome of this action? relevant error meessage from automount: get_portmap_client: error 0x3 getting portmap client A workaround is to add the option "port=2049" to the automount map as suggested here: https://www.suse.com/support/kb/doc/?id=20650 With this option automount is working again, but it shouldn't be required for NFS v4 mounts when no portmapper is required and running * What outcome did you expect instead? successful mount when moving into mount directory without the extra port option If you don't want to fix the automount program itself maybe the otion can be added to the script /etc/auto.net for nfs4 mounts *** End of the template - remove these template lines *** -- System Information: Debian Release: 12.0 APT prefers testing APT policy: (990, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.0-7-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages autofs depends on: ii init-system-helpers 1.65.2 ii libc62.36-8 ii libnsl2 1.3.0-2 ii libtirpc31.3.3+ds-1 ii libxml2 2.9.14+dfsg-1.1+b3 ii ucf 3.0043+nmu1 Versions of packages autofs recommends: ii e2fsprogs 1.47.0-2 ii kmod30+20221128-1 ii nfs-common 1:2.6.2-4 autofs suggests no packages. -- no debconf information --- End Message --- --- Begin Message --- Source: autofs Source-Version: 5.1.8-2 Done: Mike Gabriel We believe that the bug you reported is fixed in the latest version of autofs, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1034...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel (supplier of updated autofs package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 19 May 2023 10:25:31 +0200 Source: autofs Architecture: source Version: 5.1.8-2 Distribution: unstable Urgency: medium Maintainer: Mike Gabriel Changed-By: Mike Gabriel Closes: 1034261 Changes: autofs (5.1.8-2) unstable; urgency=medium . [ Mike Gabriel ] * debian/patches: + Add fix-nfs4-only-mounts-should-not-use-rpcbind.patch. Don't let NFSv4- only mounts use rpcbind portmapper service. (Closes: #1034261). * debian/control: + Bump Standards-Version: to 4.6.2. No changes needed. * lintian: + Adjust syntax of various overrides. Checksums-Sha1: 2251da539c59f63d2f49391c91ad1240b7dd61cf 2337 autofs_5.1.8-2.dsc a8f11b0a6be7ef228a094f9973b28d780e1e1750 24016 autofs_5.1.8-2.debian.tar.xz f4d80b585780296795748eb8a05f57e07f85851d 7044 autofs_5.1.8-2_source.buildinfo Checksums-Sha256: 1c8f9d716d9dc3c924f87ce9f1a97a2374ea7b5e875d07ae3991db3a517902b2 2337 autofs_5.1.8-2.dsc 5c9fb97233f0ac1fa6e4c4183281d20b55f4c417563293d69717f3216b8972ac 24016 autofs_5.1.8-2.debian.tar.xz 70f7f9f9e15a780d2beba56889d145b91eacd46fcb6dc58338230e1de2fd6680 7044 autofs_5.1.8-2_source.buildinfo Files: 6f540c671025e76df8ab56049e4e5b26 2337 utils optional autofs_5.1.8-2.dsc da9d0ac26c9631b5e1072950ac44a6fd 24016 utils optional autofs_5.1.8-2.debian.tar.xz 642b9
Processed: amend #1035847
Processing commands for cont...@bugs.debian.org: > notfixed #1035847 x2gothinclient/1.5.0.1-9 Bug #1035847 {Done: Mike Gabriel } [x2gobroker] x2gobroker-* packages fail to purge without adduser No longer marked as fixed in versions x2gothinclient/1.5.0.1-9. > fixed #1035847 x2gobroker/0.0.4.3-3 Bug #1035847 {Done: Mike Gabriel } [x2gobroker] x2gobroker-* packages fail to purge without adduser Marked as fixed in versions x2gobroker/0.0.4.3-3. > kthxbye Stopping processing here. Please contact me if you need assistance. -- 1035847: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035847 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036021: cadabra2,python3-notebook: undeclared file conflict on /usr/lib/python3/dist-packages/notebook/static/components/codemirror
On 19.05.2023 10:27, Martin Hostettler wrote: On Fri, 19 May 2023 08:48:46 +0200 Helmut Grohne wrote: Hi, ...[snip] I have no clue how the correct way to make this switch in the debian packaging is, but i hope this messages helps to confirm what is happening in this situation and someone with more solid clue about these kind of problems in packaging can resolve this. - Martin I've wanted to use Pre-Depends: which would work, however was discouraged to do so. Instead a much more complicated solution was proposed (that was on IRC, and I don't remember the details), so I've not done anything yet on this (except to make sure to install it in the right order) Best,
Bug#1034755: x2gothinclient-common: about .postinst and .postrm scripts
Hi Josch, On Mi 17 Mai 2023 23:55:23 CEST, Johannes Schauer Marin Rodrigues wrote: Version: 1.5.0.1-9 Hi, Quoting Johannes Schauer Marin Rodrigues (2023-05-16 23:39:08) On Sun, 14 May 2023 18:29:56 +0200 Patrice Duroux wrote: > Here is a patch for the .postrm script useing deluser/delgroup on purge. Since time is running short, I am going to NMU x2gothinclient on Thursday with a delay of 2 days unless you disagree and/or want to do this yourself. version 1.5.0.1-9 of x2gothinclient fixes this bug but the changelog entry wrongly closed #1035847 in x2gobroker. Thanks! Ah, blimey. I fixed the wrong bug closure in d/changelog of x2gothinclient 1.5.0.1-9 now. So it will appear correctly after the next upload (which I will do now to have all beautiful for the bookworm release). Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpJ5sMGHXGPx.pgp Description: Digitale PGP-Signatur
Bug#1036021: cadabra2,python3-notebook: undeclared file conflict on /usr/lib/python3/dist-packages/notebook/static/components/codemirror
On Fri, 19 May 2023 08:48:46 +0200 Helmut Grohne wrote: > Hi, > > On Thu, May 18, 2023 at 10:30:48PM +0400, Andrey Rakhmatullin wrote: > > Looks like the file in cadabra2, let's say, provides integration between > > it and python3-notebook. > > I'm not sure what you want to achieve here. If this is about two > competing implementations where one is strictly superior to the other, > then maybe dpkg-diverting the lesser one would be reasonable? The > diversion mechanism works entirely without adding a relationship between > the packages. > > Another option is use of update-alternatives, which also allows > specifying a preference on the packaging level while also providing a > user choice. > > I lack the context of the package at hand, so I'll leave that up to you, > but I think there is sufficient options on the table for dealing with it > in a good way. Please choose wisely. > >From what i see the intended result is not a file replacement but adding a file into codemirror. If everything works well the sequence is that python3-notebook pulls in libjs-codemirror which contains various files in /usr/share/javascript/codemirror/ python3-notebook then ships /usr/lib/python3/dist-packages/notebook/static/components/codemirror as symlink (../../../../../../share/javascript/codemirror aka /usr/lib/share/javascript/codemirror ) pointing to the codemirror library. Now cadabra2 wants to place an additional file (mode/cadabra/cadabra.js) for integration into the codemirror library used by python3-notebook. Currently it does that by using the path /usr/lib/python3/dist-packages/notebook/static/components/codemirror/mode/cadabra/cadabra.js in data.tar which "works" when python3-notebook was installed previously, but is the subject of this bug because when installation order if different this does the wrong thing. So all the ideas of diverts and alternatives seems to be unneeded. What seems to be needed is finding the correct way for cadabra2 to always place the integration file directly into /usr/lib/share/javascript/codemirror without depending on the symlink from python3-notebook that might or might not be there. I have no clue how the correct way to make this switch in the debian packaging is, but i hope this messages helps to confirm what is happening in this situation and someone with more solid clue about these kind of problems in packaging can resolve this. - Martin
Bug#1035654: non-essential adduser poses problems to purging packages
Hi Josch, On Do 18 Mai 2023 00:24:39 CEST, Johannes Schauer Marin Rodrigues wrote: Mike, you said on IRC that you want to file the unblock bugs for debian-edu-fai, desktop-autoloader, x2gobroker and x2gothinclient (which didn't happen yet). If you like, I can file these for you. Just say the word. :) because I am running short of time, I'd like to accept your offer of filing the unblock bugs. Please go ahead. Thanks, Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4351) 486 14 27 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgpHZ9ZqtdQfj.pgp Description: Digitale PGP-Signatur
Bug#1036070: marked as done (libboost-thread1.74.0: please add Breaks against libboost-regex1.74.0-icu67)
Your message dated Fri, 19 May 2023 07:51:21 + with message-id and subject line Bug#1036070: fixed in boost1.74 1.74.0+ds1-21 has caused the Debian Bug report #1036070, regarding libboost-thread1.74.0: please add Breaks against libboost-regex1.74.0-icu67 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1036070: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036070 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libboost-thread1.74.0 Version: 1.74.0+ds1-20 Severity: serious Tags: patch User: debian...@lists.debian.org Usertags: piuparts Hi, while analyzing piuparts bullseye->bookworm upgrade logs, I noticed several cases where apt has problems upgrading libboost-regex1.74.0 because obsolete packages depending on the virtual package libboost-regex1.74.0-icu67 make apt keep the old version installed. The new version provides libboost-regex1.74.0-icu72, but the score between the two virtual ones is usually a tie, favoring the installed one. While there is no direct dependency relationship between libboost-regex1.74.0 and libboost-thread1.74.0, in all cases I looked into libboost-thread1.74.0 was installed, too, and had a higher score, thus making it an ideal candidate for adding some Breaks. One prominent example is wesnoth which fails to upgrade: ... Starting 2 pkgProblemResolver with broken count: 2 Investigating (0) wesnoth-1.14-core:amd64 < 1:1.14.15-1 @ii mK Ib > Broken wesnoth-1.14-core:amd64 Depends on libboost-regex1.74.0-icu67:amd64 < none @un H > Considering libboost-regex1.74.0:amd64 1 as a solution to wesnoth-1.14-core:amd64 34 Added libboost-regex1.74.0:amd64 to the remove list Fixing wesnoth-1.14-core:amd64 via keep of libboost-regex1.74.0:amd64 Investigating (0) wesnoth-1.16-core:amd64 < none -> 1:1.16.9-1 @un uN Ib > Broken wesnoth-1.16-core:amd64 Depends on libboost-regex1.74.0-icu72:amd64 < none @un H > Considering libboost-regex1.74.0:amd64 1 as a solution to wesnoth-1.16-core:amd64 33 Holding Back wesnoth-1.16-core:amd64 rather than change libboost-regex1.74.0-icu72:amd64 Try to Re-Instate (0) libboost-regex1.74.0:amd64 Investigating (0) wesnoth-1.16-utbs:amd64 < none -> 1:1.16.9-1 @un uN Ib > Broken wesnoth-1.16-utbs:amd64 Depends on wesnoth-1.16-core:amd64 < none | 1:1.16.9-1 @un uH > (>= 1:1.16) Considering wesnoth-1.16-core:amd64 33 as a solution to wesnoth-1.16-utbs:amd64 0 Holding Back wesnoth-1.16-utbs:amd64 rather than change wesnoth-1.16-core:amd64 Investigating (0) wesnoth-1.16-trow:amd64 < none -> 1:1.16.9-1 @un uN Ib > Broken wesnoth-1.16-trow:amd64 Depends on wesnoth-1.16-core:amd64 < none | 1:1.16.9-1 @un uH > (>= 1:1.16) Considering wesnoth-1.16-core:amd64 33 as a solution to wesnoth-1.16-trow:amd64 0 Holding Back wesnoth-1.16-trow:amd64 rather than change wesnoth-1.16-core:amd64 Investigating (0) wesnoth-1.16-dw:amd64 < none -> 1:1.16.9-1 @un uN Ib > Broken wesnoth-1.16-dw:amd64 Depends on wesnoth-1.16-core:amd64 < none | 1:1.16.9-1 @un uH > (>= 1:1.16) Considering wesnoth-1.16-core:amd64 33 as a solution to wesnoth-1.16-dw:amd64 0 Holding Back wesnoth-1.16-dw:amd64 rather than change wesnoth-1.16-core:amd64 Investigating (0) wesnoth-1.16-dm:amd64 < none -> 1:1.16.9-1 @un uN Ib > Broken wesnoth-1.16-dm:amd64 Depends on wesnoth-1.16-core:amd64 < none | 1:1.16.9-1 @un uH > (>= 1:1.16) Considering wesnoth-1.16-core:amd64 33 as a solution to wesnoth-1.16-dm:amd64 0 Holding Back wesnoth-1.16-dm:amd64 rather than change wesnoth-1.16-core:amd64 Investigating (0) wesnoth-1.16-sof:amd64 < none -> 1:1.16.9-1 @un uN Ib > Broken wesnoth-1.16-sof:amd64 Depends on wesnoth-1.16-core:amd64 < none | 1:1.16.9-1 @un uH > (>= 1:1.16) Considering wesnoth-1.16-core:amd64 33 as a solution to wesnoth-1.16-sof:amd64 0 Holding Back wesnoth-1.16-sof:amd64 rather than change wesnoth-1.16-core:amd64 Investigating (0) wesnoth-1.16-ei:amd64 < none -> 1:1.16.9-1 @un uN Ib > Broken wesnoth-1.16-ei:amd64 Depends on wesnoth-1.16-core:amd64 < none | 1:1.16.9-1 @un uH > (>= 1:1.16) Considering wesnoth-1.16-core:amd64 33 as a solution to wesnoth-1.16-ei:amd64 0 Holding Back wesnoth-1.16-ei:amd64 rather than change wesnoth-1.16-core:amd64 Investigating (0) wesnoth-1.16-nr:amd64 < none -> 1:1.16.9-1 @un uN Ib > Broken wesnoth-1.16-nr:amd64 Depends on wesnoth-1.16-core:amd64 < none | 1:1.16.9-1 @un uH > (>= 1:1.16) Considering wesnoth-1.16-core:amd64 33 as a solution to wesnoth-1.16-nr:amd64 0 Holding Back wesnoth-1.16-nr:amd64 rath