Bug#1050185: marked as done (rust-derive-builder-core - depends on old version of darling.)
Your message dated Sun, 22 Oct 2023 01:43:37 +0200 with message-id <7cea79ee-334b-48b6-91fc-cb3743207...@riseup.net> and subject line has caused the Debian Bug report #1050185, regarding rust-derive-builder-core - depends on old version of darling. to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1050185: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050185 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: rust-derive-builder-core Version: 0.12.0-1 Severity: serious Recently a new version of the darling crates was uploaded, (Alexander Kajil prepared the uploads, Sylvestre uploaded darling-core and I uploaded the rest of the darling crates). Most of the reverse dependencies either already had uploads prepared, or I was able to prepare uploads. Unfortunately things were not so fortunate with derive-builder-core. Bumping darling generally also implies bumping syn, otherwise one runs into issues. We currently have both versions 1.x and 2.x of syn in Debian, so this is not an issue in itself but it means more API changes. I tried to patch derive-builder-core for the new syn, but I failed. Looking upstream it seems they are also currently stuck. https://github.com/colin-kiegel/rust-derive-builder/issues/292 --- End Message --- --- Begin Message --- Version: 0.12.0-1 Closing since this got fixed by the darling 0.14 semver packages. -- Matthias Geiger Debian Maintainer "Freiheit ist immer Freiheit des anders Denkenden" -- Rosa Luxemburg OpenPGP_0x18BD106B3B6C5475.asc Description: OpenPGP public key OpenPGP_signature.asc Description: OpenPGP digital signature --- End Message ---
Bug#1050185: (no subject)
Version: 0.12.0-1 Closing since this got fixed by the darling 0.14 semver packages. -- Matthias Geiger Debian Maintainer "Freiheit ist immer Freiheit des anders Denkenden" -- Rosa Luxemburg OpenPGP_0x18BD106B3B6C5475.asc Description: OpenPGP public key OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1052078: marked as done (smifb2-dkms: module does not build for kernels w/o DRM or I2C)
Your message dated Sat, 21 Oct 2023 22:36:31 + with message-id and subject line Bug#1052078: fixed in smifb2 2.2.3.4.g1828e79-2 has caused the Debian Bug report #1052078, regarding smifb2-dkms: module does not build for kernels w/o DRM or I2C to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1052078: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052078 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: smifb2-dkms Version: 2.2.3.4.g1828e79-1 Severity: serious Hi, the smifb2 module does not build for the -cloud kernel due to missing I2C symbols and does not build for the armel and s390x kernels due to missign DRM symbols. https://ci.debian.net/packages/s/smifb2/ Probably all that is needed is to add BUILD_EXCLUSIVE_CONFIG="CONFIG_DRM CONFIG_I2C" to debian/smifb2-dkms.dkms in order to skip building the module for kernels that don't have these config options enabled. On arm64 the issue is a bit more involved, since there is an incompatible redefinition of the macro FIELD_GET: https://ci.debian.net/data/autopkgtest/testing/arm64/s/smifb2/36811223/log.gz 84s CC [M] /var/lib/dkms/smifb2/2.2.3.4.g1828e79/build/ddk750/ddk750_chip.o 84s In file included from /usr/src/linux-headers-6.4.0-2-common/arch/arm64/include/asm/mte.h:13, 84s from /usr/src/linux-headers-6.4.0-2-common/arch/arm64/include/asm/pgtable.h:12, 84s from /usr/src/linux-headers-6.4.0-2-common/include/linux/pgtable.h:6, 84s from /usr/src/linux-headers-6.4.0-2-common/arch/arm64/include/asm/io.h:12, 84s from /usr/src/linux-headers-6.4.0-2-common/include/linux/io.h:13, 84s from /var/lib/dkms/smifb2/2.2.3.4.g1828e79/build/ddk750/ddk750_help.h:7, 84s from /var/lib/dkms/smifb2/2.2.3.4.g1828e79/build/ddk750/ddk750_chip.c:7: 84s /usr/src/linux-headers-6.4.0-2-common/include/linux/bitfield.h:152: warning: "FIELD_GET" redefined 84s 152 | #define FIELD_GET(_mask, _reg) \ 84s | 84s In file included from /var/lib/dkms/smifb2/2.2.3.4.g1828e79/build/ddk750/ddk750_chip.c:1: 84s /var/lib/dkms/smifb2/2.2.3.4.g1828e79/build/ddk750/ddk750_defs.h:19: note: this is the location of the previous definition 84s19 | #define FIELD_GET(x, reg, field) \ 84s | 84s /var/lib/dkms/smifb2/2.2.3.4.g1828e79/build/ddk750/ddk750_chip.c: In function ‘ddk750_getFrameBufSize’: 84s /var/lib/dkms/smifb2/2.2.3.4.g1828e79/build/ddk750/ddk750_chip.c:45:86: error: macro "FIELD_GET" passed 3 arguments, but takes just 2 84s45 | sizeSymbol = FIELD_GET(peekRegisterDWord(MISC_CTRL), MISC_CTRL, LOCALMEM_SIZE); 84s | ^ 84s /usr/src/linux-headers-6.4.0-2-common/include/linux/bitfield.h:152: note: macro "FIELD_GET" defined here 84s 152 | #define FIELD_GET(_mask, _reg) \ 84s | 84s /var/lib/dkms/smifb2/2.2.3.4.g1828e79/build/ddk750/ddk750_chip.c:45:22: error: ‘FIELD_GET’ undeclared (first use in this function); did you mean ‘FOLL_GET’? 84s45 | sizeSymbol = FIELD_GET(peekRegisterDWord(MISC_CTRL), MISC_CTRL, LOCALMEM_SIZE); 84s | ^ 84s | FOLL_GET 84s /var/lib/dkms/smifb2/2.2.3.4.g1828e79/build/ddk750/ddk750_chip.c:45:22: note: each undeclared identifier is reported only once for each function it appears in Andreas PS: the git repository is not yet populated --- End Message --- --- Begin Message --- Source: smifb2 Source-Version: 2.2.3.4.g1828e79-2 Done: Sudip Mukherjee We believe that the bug you reported is fixed in the latest version of smifb2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1052...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sudip Mukherjee (supplier of updated smifb2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 21 Oct 2023 23:02:58 +0100 Source: smifb2 Architecture: source Version:
Bug#1054322: src:pg-track-settings: fails to migrate to testing for too long: uploader built arch:all
Source: pg-track-settings Version: 2.1.1-3 Severity: serious Control: close -1 2.1.2-2 X-Debbugs-CC: m...@debian.org Tags: sid trixie pending User: release.debian@packages.debian.org Usertags: out-of-sync Dear maintainer(s), The Release Team considers packages that are out-of-sync between testing and unstable for more than 30 days as having a Release Critical bug in testing [1]. Your package src:pg-track-settings has been trying to migrate for 31 days [2]. Hence, I am filing this bug. If a package is out of sync between unstable and testing for a longer period, this usually means that bugs in the package in testing cannot be fixed via unstable. Additionally, blocked packages can have impact on other packages, which makes preparing for the release more difficult. Finally, it often exposes issues with the package and/or its (reverse-)dependencies. We expect maintainers to fix issues that hamper the migration of their package in a timely manner. This bug will trigger auto-removal when appropriate. As with all new bugs, there will be at least 30 days before the package is auto-removed. I have immediately closed this bug with the version in unstable, so if that version or a later version migrates, this bug will no longer affect testing. I have also tagged this bug to only affect sid and trixie, so it doesn't affect (old-)stable. Your package is only blocked because the arch:all binary package(s) aren't built on a buildd. Unfortunately the Debian infrastructure doesn't allow arch:all packages to be properly binNMU'ed. Hence, I will shortly do a no-changes source-only upload to DELAYED/15, closing this bug. Please let me know if I should delay or cancel that upload. Paul [1] https://lists.debian.org/debian-devel-announce/2023/06/msg1.html [2] https://qa.debian.org/excuses.php?package=pg-track-settings OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1054323: r-cran-tmb: autopkgtest needs update for new version of rmatrix: Package version inconsistency detected
Source: r-cran-tmb Version: 1.9.6-1 Severity: serious X-Debbugs-CC: rmat...@packages.debian.org Tags: sid trixie User: debian...@lists.debian.org Usertags: needs-update Control: affects -1 src:rmatrix Dear maintainer(s), With a recent upload of rmatrix the autopkgtest of r-cran-tmb fails in testing when that autopkgtest is run with the binary packages of rmatrix from unstable. It passes when run with only packages from testing. In tabular form: passfail rmatrixfrom testing1.6-1.1-1 r-cran-tmb from testing1.9.6-1 all others from testingfrom testing I copied some of the output at the bottom of this report. Currently this regression is blocking the migration of rmatrix to testing [1]. Of course, rmatrix shouldn't just break your autopkgtest (or even worse, your package), but it seems to me that the change in rmatrix was intended and your package needs to update to the new situation. If this is a real problem in your package (and not only in your autopkgtest), the right binary package(s) from rmatrix should really add a versioned Breaks on the unfixed version of (one of your) package(s). Note: the Breaks is nice even if the issue is only in the autopkgtest as it helps the migration software to figure out the right versions to combine in the tests. More information about this bug and the reason for filing it can be found on https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation Paul [1] https://qa.debian.org/excuses.php?package=rmatrix https://ci.debian.net/data/autopkgtest/testing/amd64/r/r-cran-tmb/39161710/log.gz OpenPGP_signature.asc Description: OpenPGP digital signature
Processed: r-cran-tmb: autopkgtest needs update for new version of rmatrix: Package version inconsistency detected
Processing control commands: > affects -1 src:rmatrix Bug #1054323 [src:r-cran-tmb] r-cran-tmb: autopkgtest needs update for new version of rmatrix: Package version inconsistency detected Added indication that 1054323 affects src:rmatrix -- 1054323: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054323 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: src:pg-track-settings: fails to migrate to testing for too long: uploader built arch:all
Processing control commands: > close -1 2.1.2-2 Bug #1054322 [src:pg-track-settings] src:pg-track-settings: fails to migrate to testing for too long: uploader built arch:all Marked as fixed in versions pg-track-settings/2.1.2-2. Bug #1054322 [src:pg-track-settings] src:pg-track-settings: fails to migrate to testing for too long: uploader built arch:all Marked Bug as done -- 1054322: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054322 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: tagging 1054319, tagging 1054318, tagging 1054317, tagging 1054316, tagging 895517, tagging 1054267 ...
Processing commands for cont...@bugs.debian.org: > tags 1054319 + sid trixie Bug #1054319 [src:haskell-ixset] Removal notice: obsolete Added tag(s) sid and trixie. > tags 1054318 + sid trixie Bug #1054318 [src:haskell-syb-with-class] Removal notice: obsolete Added tag(s) trixie and sid. > tags 1054317 + sid trixie Bug #1054317 [src:haskell-numtype] Removal notice: obsolete Added tag(s) trixie and sid. > tags 1054316 + sid trixie Bug #1054316 [src:haskell-czipwith] Removal notice: obsolete Added tag(s) trixie and sid. > tags 895517 + sid trixie Bug #895517 [libglade2-0] libglade2-0: deprecated and unmaintained upstream Added tag(s) sid and trixie. > tags 1054267 + sid trixie Bug #1054267 [src:fltk1.1] RM: fltk1.1 -- RoQA; leaf library Added tag(s) sid and trixie. > found 1054267 1.1.10-30 Bug #1054267 [src:fltk1.1] RM: fltk1.1 -- RoQA; leaf library Marked as found in versions fltk1.1/1.1.10-30. > tags 1054239 + experimental Bug #1054239 [src:libixion] libixion FTBFS with gcc 13 on i386 Added tag(s) experimental. > tags 1054303 + sid trixie Bug #1054303 [src:gscanbus] RM: gscanbus -- RoQA; orphaned; dead upstream; depends on gtk2 Added tag(s) trixie and sid. > found 1054303 0.8-3 Bug #1054303 [src:gscanbus] RM: gscanbus -- RoQA; orphaned; dead upstream; depends on gtk2 Marked as found in versions gscanbus/0.8-3. > tags 1054301 + sid trixie Bug #1054301 [src:glfer] RM: glfer -- RoQA; orphaned; dead upstream; depends on gtk2 Added tag(s) trixie and sid. > found 1054301 0.4.2-4 Bug #1054301 [src:glfer] RM: glfer -- RoQA; orphaned; dead upstream; depends on gtk2 Marked as found in versions glfer/0.4.2-4. > tags 1054284 + sid trixie Bug #1054284 [src:xscorch] xscorch: Segmentation fault Added tag(s) sid and trixie. > thanks Stopping processing here. Please contact me if you need assistance. -- 1054239: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054239 1054267: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054267 1054284: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054284 1054301: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054301 1054303: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054303 1054316: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054316 1054317: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054317 1054318: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054318 1054319: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054319 895517: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895517 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: fixing metadata
Processing commands for cont...@bugs.debian.org: > # fixed in buster > fixed 1051300 1:4.0.4+dfsg-1+deb10u3 Bug #1051300 [zabbix-proxy-sqlite3] zabbix-proxy-sqlite3: does not start due to the database schema version change There is no source info for the package 'zabbix-proxy-sqlite3' at version '1:4.0.4+dfsg-1+deb10u3' with architecture '' Unable to make a source version for version '1:4.0.4+dfsg-1+deb10u3' Marked as fixed in versions 1:4.0.4+dfsg-1+deb10u3. > # also fixed in stretch > found 1051300 1:3.0.32+dfsg-0+deb9u4 Bug #1051300 [zabbix-proxy-sqlite3] zabbix-proxy-sqlite3: does not start due to the database schema version change There is no source info for the package 'zabbix-proxy-sqlite3' at version '1:3.0.32+dfsg-0+deb9u4' with architecture '' Unable to make a source version for version '1:3.0.32+dfsg-0+deb9u4' Marked as found in versions 1:3.0.32+dfsg-0+deb9u4. > fixed 1051300 1:3.0.32+dfsg-0+deb9u5 Bug #1051300 [zabbix-proxy-sqlite3] zabbix-proxy-sqlite3: does not start due to the database schema version change There is no source info for the package 'zabbix-proxy-sqlite3' at version '1:3.0.32+dfsg-0+deb9u5' with architecture '' Unable to make a source version for version '1:3.0.32+dfsg-0+deb9u5' Marked as fixed in versions 1:3.0.32+dfsg-0+deb9u5. > # also fixed in jessie > found 1051300 1:2.2.23+dfsg-0+deb8u5 Bug #1051300 [zabbix-proxy-sqlite3] zabbix-proxy-sqlite3: does not start due to the database schema version change There is no source info for the package 'zabbix-proxy-sqlite3' at version '1:2.2.23+dfsg-0+deb8u5' with architecture '' Unable to make a source version for version '1:2.2.23+dfsg-0+deb8u5' Marked as found in versions 1:2.2.23+dfsg-0+deb8u5. > fixed 1051300 1:2.2.23+dfsg-0+deb8u6 Bug #1051300 [zabbix-proxy-sqlite3] zabbix-proxy-sqlite3: does not start due to the database schema version change There is no source info for the package 'zabbix-proxy-sqlite3' at version '1:2.2.23+dfsg-0+deb8u6' with architecture '' Unable to make a source version for version '1:2.2.23+dfsg-0+deb8u6' Marked as fixed in versions 1:2.2.23+dfsg-0+deb8u6. > # close it. > close 1051300 Bug #1051300 [zabbix-proxy-sqlite3] zabbix-proxy-sqlite3: does not start due to the database schema version change Marked Bug as done > End of message, stopping processing here. Please contact me if you need assistance. -- 1051300: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051300 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1053870: CVE-2023-42118: integer underflow in libspf2 resulting in RCE
Hi Magnus, On Sat, Oct 21, 2023 at 08:09:35PM +0200, Magnus Holmgren wrote: > Wednesday, 18 October 2023 11:56:01 CEST, Salvatore Bonaccorso wrote: > > On Fri, Oct 13, 2023 at 12:05:19PM +0200, Bert Van de Poel wrote: > > > As already outlined on > > > https://security-tracker.debian.org/tracker/CVE-2023-42118 there's a > > > known security issue in libspf2 found through a security review of > > > Exim by the Zero Day Initiative. An integer underflow in libspf2 was > > > found which can be used to perform RCEs. A patch on > > > https://github.com/shevek/libspf2/pull/44 is available and has been > > > merged into the main repository. All relevant links are already > > > available on the Debian Security Tracker. > > > > Please note that as already outlined in the security-tracker and on > > the upstream issue there is still no confirmation from ZDI that the > > two issues are the same. So no, we cannot consider the pull/44 from > > upstream the fix for CVE-2023-42118. > > It looks like it fixes *some* important bug, so should I make uploads with it > for the time being? > > BTW, the same exact place in the code was the subject of CVE-2021-20314, but > nobody realised that the patch applied then wasn't complete. To expose the fix for pull/44 from upstream I would suggest to upload to unstable, but do not reference the CVE (again we have no understanding if that's the same issue). And if we want to keep this bug associated for the CVE, then neither should it be closed. FWIW, it is also mentioned in by the commiter, that "I can find one integer underflow which I've fixed with #44 but I haven't been able to get it to do anything after that because another buffer fills up." We can next then discuss if/what to do about stable and oldstable. It is as well plausible that CVE-2021-20314 was "rediscovered" or its incomplete fix. But again, without further information from the anonymous reporter to ZDI we cannot know. Regards, Salvatore
Bug#1053870: CVE-2023-42118: integer underflow in libspf2 resulting in RCE
Wednesday, 18 October 2023 11:56:01 CEST, Salvatore Bonaccorso wrote: > On Fri, Oct 13, 2023 at 12:05:19PM +0200, Bert Van de Poel wrote: > > As already outlined on > > https://security-tracker.debian.org/tracker/CVE-2023-42118 there's a > > known security issue in libspf2 found through a security review of > > Exim by the Zero Day Initiative. An integer underflow in libspf2 was > > found which can be used to perform RCEs. A patch on > > https://github.com/shevek/libspf2/pull/44 is available and has been > > merged into the main repository. All relevant links are already > > available on the Debian Security Tracker. > > Please note that as already outlined in the security-tracker and on > the upstream issue there is still no confirmation from ZDI that the > two issues are the same. So no, we cannot consider the pull/44 from > upstream the fix for CVE-2023-42118. It looks like it fixes *some* important bug, so should I make uploads with it for the time being? BTW, the same exact place in the code was the subject of CVE-2021-20314, but nobody realised that the patch applied then wasn't complete. -- Magnus Holmgrenholmg...@debian.org Debian Developer signature.asc Description: This is a digitally signed message part.
Bug#1052835: utf8proc: FTBFS: unsatisfiable build-dependency: unicode-data (< 15.1) but 15.1.0-1 is to be installed
utf8proc 2.9.0 was released with unicode 15.1 support. https://github.com/JuliaStrings/utf8proc/releases/tag/v2.9.0 Thank you, Jeremy Bícha
Bug#1054319: Removal notice: obsolete
Source: haskell-ixset Version: 1.1.1.2-1 Severity: serious I intend to remove this package: * It has no rev dependencies * The current version FTBFS (depends on broken haskell-syb-with-class) * It's not part of the latest Stackage LTS If you believe we should keep this package in Debian, please close this bug report. -- Ilias
Bug#1054318: Removal notice: obsolete
Source: haskell-syb-with-class Version: 0.6.1.14-1 Severity: serious I intend to remove this package: * The current version FTBFS with GHC 9.4 * It's not part of the latest Stackage LTS If you believe we should keep this package in Debian, please close this bug report. -- Ilias
Bug#1054317: Removal notice: obsolete
Source: haskell-numtype Version: 1.2-7 Severity: serious I intend to remove this package: * It has no rev dependencies * The current version FTBFS with GHC 9.4 * Seems unmaintained; Last upload more than 5 years ago * It's not part of the latest Stackage LTS If you believe we should keep this package in Debian, please close this bug report. -- Ilias
Bug#1054316: Removal notice: obsolete
Source: haskell-czipwith Version: 1.0.1.4-1 Severity: serious I intend to remove this package: * It has no rev dependencies * The current version FTBFS with GHC 9.4 * It's not part of the latest Stackage LTS If you believe we should keep this package in Debian, please close this bug report. -- Ilias
Bug#1053870: CVE-2023-42118 and perceived impact
On 2023-10-21 16:34:11 +0200 (+0200), Andreas Metzler wrote: > You seem to be looking at old packages, perhaps oldstable? > exim4-daemon-heavy in Debian 12 (bookworm) is linked against libspf2 > and the default configuration has hooks to enable SPF lookups via > libsp2, not spf-tools-perl. Thanks, I missed that exim4-daemon-heavy has a dep on libspf2-2 as of bookworm (though exim4-base still suggests spf-tools-perl even in sid). It looks like the current Ubuntu LTS (2022.04) pre-dates this change in Debian, so Ubuntu LTS users are mostly shielded from the presumed risk for now, but you're right the concern is greater in Debian due to the recent transition. -- Jeremy Stanley
Bug#1054195: marked as done (cppgir FTBFS: ERROR could not find GIR for GObject-2.0)
Your message dated Sat, 21 Oct 2023 16:04:27 + with message-id and subject line Bug#1054195: fixed in cppgir 0~git20231019.ff975ba-1 has caused the Debian Bug report #1054195, regarding cppgir FTBFS: ERROR could not find GIR for GObject-2.0 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1054195: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054195 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: cppgir Version: 0~git20231003.e856d76-1 Severity: serious Tags: ftbfs https://buildd.debian.org/status/logs.php?pkg=cppgir=0~git20231003.e856d76-1 ... [ 39%] Generating wrapper code for: GObject-2.0;Gio-2.0;Gst-1.0;Gtk-3.0 cd "/<>" && "/<>/obj-aarch64-linux-gnu/cppgir" --class --class-full --optional --ignore data/cppgir.ignore:data/cppgir_unix.ignore --output /tmp/gi GObject-2.0 Gio-2.0 Gst-1.0 Gtk-3.0 ERROR could not find GIR for GObject-2.0 make[3]: *** [CMakeFiles/wrappers.dir/build.make:78: /tmp/gi] Error 1 --- End Message --- --- Begin Message --- Source: cppgir Source-Version: 0~git20231019.ff975ba-1 Done: Nicholas Guriev We believe that the bug you reported is fixed in the latest version of cppgir, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1054...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Nicholas Guriev (supplier of updated cppgir package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 21 Oct 2023 18:42:38 +0300 Source: cppgir Architecture: source Version: 0~git20231019.ff975ba-1 Distribution: unstable Urgency: medium Maintainer: Nicholas Guriev Changed-By: Nicholas Guriev Closes: 1054195 Changes: cppgir (0~git20231019.ff975ba-1) unstable; urgency=medium . * Update to the latest upstream commit. * Remove no longer needed Optional-value.patch * Add missing build dependency, libgirepository1.0-dev (Closes: #1054195) Checksums-Sha1: fb31ad3ee2fdd978c00a7c859f913e4b1abc6c2e 1598 cppgir_0~git20231019.ff975ba-1.dsc 459f1453a93e17918732609b89a672746cf48759 106572 cppgir_0~git20231019.ff975ba.orig.tar.xz 39fdee804bc33e57b3cb8076fcb012bd3199726a 2884 cppgir_0~git20231019.ff975ba-1.debian.tar.xz Checksums-Sha256: 4fcafaface6d9174d32b72de71ce910f318778e591ae6b38d4c794194719bfbe 1598 cppgir_0~git20231019.ff975ba-1.dsc 28be66e16bde84ce22dbcbe30410b5cd213c8b331394f9e4783c4d92d65746bf 106572 cppgir_0~git20231019.ff975ba.orig.tar.xz de9be40eb2dcb29fe51df4e096d85a5ad7003af617036c89296f3af2f43c39f0 2884 cppgir_0~git20231019.ff975ba-1.debian.tar.xz Files: dd91f29f4c33db5366e455507e239bbb 1598 devel optional cppgir_0~git20231019.ff975ba-1.dsc 39daa3c644fb420d26b581d12d99e9f3 106572 devel optional cppgir_0~git20231019.ff975ba.orig.tar.xz 3d865d3fb0e013f30970110cbf7ba6b2 2884 devel optional cppgir_0~git20231019.ff975ba-1.debian.tar.xz -BEGIN PGP SIGNATURE- iIYEARYIAC4WIQQRm7llN8yxifaG60cF2qh9JI3wlQUCZTPyLBAcZ3VyaWV2LW5z QHlhLnJ1AAoJEAXaqH0kjfCVVIoA/RVgARYoYpixWn3VSGTQNXFMrYlKGDxrNkgn Ko3DL8U6AQCIb5dWNPT/5HfID5iRZEii+T6K1RrwVlGrsq1o9jXKCQ== =CMAp -END PGP SIGNATURE End Message ---
Bug#1037371: marked as done (exult: build-depends on transitional package libgdk-pixbuf2.0-dev)
Your message dated Sat, 21 Oct 2023 15:34:33 + with message-id and subject line Bug#1037371: fixed in exult 1.8-2 has caused the Debian Bug report #1037371, regarding exult: build-depends on transitional package libgdk-pixbuf2.0-dev to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1037371: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037371 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: exult Version: 1.8-1 Severity: important Tags: trixie sid User: pkg-gnome-maintain...@lists.alioth.debian.org Usertags: split-gdk-pixbuf This package Build-Depends on libgdk-pixbuf2.0-dev. In Debian 11, libgdk-pixbuf2.0-dev was split into two packages: - libgdk-pixbuf-2.0-dev contains the supported gdk-pixbuf-2.0 library - libgdk-pixbuf-xlib-2.0-dev contains the deprecated, unmaintained Xlib integration layer, gdk-pixbuf-xlib-2.0 If this package only requires functionality from gdk-pixbuf-2.0.pc and , please update the build-dependency to libgdk-pixbuf-2.0-dev. If it also requires the Xlib integration gdk-pixbuf-xlib-2.0.pc and (unlikely), then you can also build-depend on libgdk-pixbuf-xlib-2.0-dev until the package can be updated to remove that requirement. libgdk-pixbuf-2.0-dev was present in both Debian 11 and Debian 12, so it is not necessary to have a "| libgdk-pixbuf2.0-dev" alternative dependency, even for packages that are expected to be backported. We should remove the libgdk-pixbuf2.0-dev transitional package during the Debian 13 'trixie' cycle, so this bug is likely to become RC later. Thanks, smcv --- End Message --- --- Begin Message --- Source: exult Source-Version: 1.8-2 Done: Michael Banck We believe that the bug you reported is fixed in the latest version of exult, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1037...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Banck (supplier of updated exult package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 21 Oct 2023 17:06:06 +0200 Source: exult Architecture: source Version: 1.8-2 Distribution: unstable Urgency: medium Maintainer: Michael Banck Changed-By: Michael Banck Closes: 1037371 Changes: exult (1.8-2) unstable; urgency=medium . * debian/control (Build-Depends): Replaced libgdk-pixbuf2.0-dev ... * debian/control (Build-Depends): ... with libgdk-pixbuf-2.0-dev (Closes: #1037371). * debian/control (Build-Depends): Removed libgtk2.0-dev, not directly needed (see #967333). Checksums-Sha1: d14f2caf6a510a673718d5b7c9d31bc42600f78d 2132 exult_1.8-2.dsc edb89b55b3f0bd040d395059403ed9af94537cea 25676 exult_1.8-2.debian.tar.xz 49f10298edfd6733da710ad72c8a17a82760148e 5677 exult_1.8-2_source.buildinfo Checksums-Sha256: 8f260822f289ad20f99dbb850af6cdfece9337002ccf02efcb4076c9402a3b34 2132 exult_1.8-2.dsc e93b3d28a735d5dcecc7aaf0ddfb849ed3ec5b6f0e545e11261af1709216cf3d 25676 exult_1.8-2.debian.tar.xz f8ebfaffe8fc00ff6e60329806616e63644d093bc0c8a46f0acdc3199f19bfed 5677 exult_1.8-2_source.buildinfo Files: ddc85fc8c483b9646fbbbe794cfac196 2132 contrib/games optional exult_1.8-2.dsc 4ee964df54b6caad797f6e8f6a90db51 25676 contrib/games optional exult_1.8-2.debian.tar.xz 3b25c3ae72a819e1d3c4fe98ba24fe8a 5677 contrib/games optional exult_1.8-2_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEnKh3dJ+rLk+paGLs3GhqJ7Q0gbAFAmUz6OgACgkQ3GhqJ7Q0 gbDTmBAApQrkoaZOn3Umh+dF+nmEYSoLZFktp0ZPz56EXUjyzD6fjHzttLuxejdH a0Ipv/PQqabzQ6qSGp/Wfoa86nVaKKLTv8uKG52UPJV4kobNL+29hUxp0JU2M/pd jvvYOQIoeQp3AYAEAsgeCEO8s6dUa/8bBhQk2b80BLaGqTcjzLOgXc20H6c54LoD ArhY3Vt9zfG6lSuUd9k2HNkLi5316fAAeou1K8+ZOuoqHWf3DZaiAbAwpeFgJAa3 +WlE2UOTEIEt36Z3zZzsbBgLUHrYgz2uXb8oLMoEKsksl+1sA2lsSSS0t3Mv7MFW wK2XK+a5d/T/9PKtuokocCjSZ8pDJv1RdZsVPBn3RKkrX7uLLwTBdKL2lRFzwEwV FIpADmwdFr48aX5J/JSXArf5d39ff3Wom3jFwsM9DN1ymdlnoXwPn+SKdattV5IU wpunYGVNVdbYs32bnL0/OV5ODbg52WICUK4JzEN35bSPp5Ex2AbdhTS9QK6Ed93I QkOfQRC8vi7dwXB59CbtaVhMkwbMPQwUcqKyOf+oEpUI6lSbALhmGlmefpZ5MRih eI2rB8HlNfEm6g4Sp+BxPLfA4VCGESDhbal3MDUtI4oHSSg8ba8McsYWrGPYfXgE awHi26XhaTwGl6+4/+zsYNrZ1OFUEUt/RQ6cfpJoaUj/0K+1QzU= =SsNl -END PGP
Bug#1053870: CVE-2023-42118 and perceived impact
On 2023-10-20 Jeremy Stanley wrote: > It looks to me like the default Exim config in Debian explicitly > calls /usr/bin/spfquery.mail-spf-perl from the spf-tools-perl > package, not the libspf2 implementation supplied by the spfquery > package. Also spf-tools-perl is suggested by exim4-base, while > neither spfquery nor any other packages built from libspf2 seem to > be referenced by any of the exim4 packages. [...] Hello, You seem to be looking at old packages, perhaps oldstable? exim4-daemon-heavy in Debian 12 (bookworm) is linked against libspf2 and the default configuration has hooks to enable SPF lookups via libsp2, not spf-tools-perl. cu Andreas
Bug#1053530: marked as done (haskell-aeson FTBFS on 32bit)
Your message dated Sat, 21 Oct 2023 14:34:54 + with message-id and subject line Bug#1053530: fixed in haskell-aeson 2.1.2.1-5 has caused the Debian Bug report #1053530, regarding haskell-aeson FTBFS on 32bit to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1053530: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053530 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: haskell-aeson Version: 2.1.2.1-4 Severity: serious Tags: ftbfs Forwarded: https://github.com/haskell/aeson/issues/1060 https://buildd.debian.org/status/logs.php?pkg=haskell-aeson=2.1.2.1-4 ... JSONTestSuite i_number_double_huge_neg_exp.json decode: OK (0.02s) decode via tokens: OK (0.01s) tokens bs: OK tokens lbs: OK (0.02s) i_number_huge_exp.json decode: FAIL (0.02s) Test output was different from 'tests/JSONTestSuite/results/i_number_huge_exp.txt'. Output of ["diff","-u","tests/JSONTestSuite/results/i_number_huge_exp.txt","/tmp/i_number_huge_exp19725-4.actual"]: --- tests/JSONTestSuite/results/i_number_huge_exp.txt 2001-09-09 01:46:40.0 + +++ /tmp/i_number_huge_exp19725-4.actual2023-10-05 18:40:15.167808595 + @@ -1 +1 @@ -Right (Array [Number 4.0e-3000995]) +Right (Array [Number 4.0e64770077]) Use -p '$0=="tests.JSONTestSuite.i_number_huge_exp.json.decode"' to rerun this test only. decode via tokens: FAIL (0.02s) Test output was different from 'tests/JSONTestSuite/results/i_number_huge_exp.txt'. Output of ["diff","-u","tests/JSONTestSuite/results/i_number_huge_exp.txt","/tmp/i_number_huge_exp19725-5.actual"]: --- tests/JSONTestSuite/results/i_number_huge_exp.txt 2001-09-09 01:46:40.0 + +++ /tmp/i_number_huge_exp19725-5.actual2023-10-05 18:40:15.199808343 + @@ -1 +1 @@ -Right (Array [Number 4.0e-3000995]) +Right (Array [Number 4.0e64770077]) Use -p '/i_number_huge_exp.json.decode via tokens/' to rerun this test only. tokens bs: FAIL (0.04s) Test output was different from 'tests/JSONTestSuite/results/i_number_huge_exp.tok'. Output of ["diff","-u","tests/JSONTestSuite/results/i_number_huge_exp.tok","/tmp/i_number_huge_exp19725-6.actual"]: --- tests/JSONTestSuite/results/i_number_huge_exp.tok 2001-09-09 01:46:40.0 + +++ /tmp/i_number_huge_exp19725-6.actual2023-10-05 18:40:15.219808186 + @@ -1,4 +1,4 @@ TkArrayOpen TkItem -TkNumber NumScientific 4.0e-3000995 +TkNumber NumScientific 4.0e64770077 TkArrayEnd Use -p '/i_number_huge_exp.json.tokens bs/' to rerun this test only. tokens lbs: FAIL (0.01s) Test output was different from 'tests/JSONTestSuite/results/i_number_huge_exp.tok'. Output of ["diff","-u","tests/JSONTestSuite/results/i_number_huge_exp.tok","/tmp/i_number_huge_exp19725-7.actual"]: --- tests/JSONTestSuite/results/i_number_huge_exp.tok 2001-09-09 01:46:40.0 + +++ /tmp/i_number_huge_exp19725-7.actual2023-10-05 18:40:15.251807934 + @@ -1,4 +1,4 @@ TkArrayOpen TkItem -TkNumber NumScientific 4.0e-3000995 +TkNumber NumScientific 4.0e64770077 TkArrayEnd Use -p '/i_number_huge_exp.json.tokens lbs/' to rerun this test only. ... 4 out of 1611 tests failed (29.36s) Test suite aeson-tests: FAIL --- End Message --- --- Begin Message --- Source: haskell-aeson Source-Version: 2.1.2.1-5 Done: Ilias Tsitsimpis We believe that the bug you reported is fixed in the latest version of haskell-aeson, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1053...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ilias Tsitsimpis (supplier of updated haskell-aeson package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the
Bug#1051089: Fwd: Moreinformation
control: tags -1 + moreinfo Hi, >ruby-rails-assets-punycode depends on libjs-punycode but nothing >builds that package. It used to be provided by the same source >package. I do not understand what break libjs-punycode is provided by node-punycode See https://tracker.debian.org/media/packages/n/node-punycode/control-2.2.3-2 piupart is ok so it is normally ok Could you restest ? Bastien - signature.asc Description: This is a digitally signed message part.
Processed: Fwd: Moreinformation
Processing control commands: > tags -1 + moreinfo Bug #1051089 [src:ruby-rails-assets-punycode] ruby-rails-assets-punycode: Depends on NBS libjs-punycode Added tag(s) moreinfo. -- 1051089: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051089 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1052732: notus-scanner: FTBFS: ModuleNotFoundError: No module named 'tomli'
Control: tags -1 + patch See https://salsa.debian.org/pkg-security-team/notus-scanner/-/merge_requests/1
Processed: Re: Bug#1052732: notus-scanner: FTBFS: ModuleNotFoundError: No module named 'tomli'
Processing control commands: > tags -1 + patch Bug #1052732 [src:notus-scanner] notus-scanner: FTBFS: ModuleNotFoundError: No module named 'tomli' Added tag(s) patch. -- 1052732: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052732 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1053836: marked as done (libwaffle-dev: missing dependency on libdrm-dev, required by waffle-1.pc)
Your message dated Sat, 21 Oct 2023 10:54:12 + with message-id and subject line Bug#1053836: fixed in waffle 1.8.0-2 has caused the Debian Bug report #1053836, regarding libwaffle-dev: missing dependency on libdrm-dev, required by waffle-1.pc to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1053836: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053836 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libwaffle-dev Version: 1.8.0-1 Severity: serious Tags: patch Justification: can easily cause FTBFS in related packages waffle-1.pc now has a dependency on libdrm.pc, but the -dev package that contains waffle-1.pc does not depend on libdrm-dev, leading to a build failure similar to #987940, #987879, #986517 in locally-developed software (in my case the steam-runtime-tools package in Valve's Steam Runtime, I haven't verified whether piglit has the same problem). Steps to reproduce -- In a minimal chroot/container (I used podman), install libwaffle-dev and try to link a trivial binary to it: $ podman pull debian:sid-slim $ podman run --rm -it debian:sid-slim # apt install build-essential libwaffle-dev pkgconf # cat > trivial.c <<'EOF' #undef NDEBUG #include #include int main (void) { assert (waffle_enum_to_string (WAFFLE_DONT_CARE) != NULL); return 0; } EOF # gcc -otrivial trivial.c $(pkgconf --cflags --libs waffle-1) # ./trivial Expected result --- The test binary compiles, links and runs successfully. Actual result - > Package libdrm was not found in the pkg-config search path. > Perhaps you should add the directory containing `libdrm.pc' > to the PKG_CONFIG_PATH environment variable > Package 'libdrm', required by 'waffle-1', not found > trivial.c:3:10: fatal error: waffle.h: No such file or directory Workaround -- Install libdrm-dev, or explicitly build-depend on it in packages that use waffle. Solution libwaffle-dev should depend on libdrm-dev: see attached patch 0001-* (it should be amended to fill in the bug number, which I can't know in advance). However, it no longer needs to depend on libudev-dev: 0002-*. I would suggest adding some superficial autopkgtests, which are a surprisingly effective way to detect this sort of packaging issue: if run before upload, they would also have detected #987940, #987879 and #986517. The attached patch 0003-* adds some tests that I originally developed for the Steam Runtime - sorry I didn't get round to upstreaming these until now. Thanks, smcv -- System Information: Debian Release: trixie/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'stable-security'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386, arm64 Kernel: Linux 6.5.0-2-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libwaffle-dev depends on: ii libegl-dev 1.6.0-1 ii libgbm-dev 23.2.1-1 ii libgl-dev 1.6.0-1 ii libudev-dev 254.5-1 ii libwaffle-1-0 1.8.0-1 ii libwayland-dev 1.22.0-2.1 ii libx11-xcb-dev 2:1.8.7-1 libwaffle-dev recommends no packages. Versions of packages libwaffle-dev suggests: pn libwaffle-doc -- no debconf information >From 11a871f2a49939b00f0e36173c6adeaeec6b551a Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Thu, 12 Oct 2023 12:47:39 +0100 Subject: [PATCH 1/3] d/control: Add missing dependency libwaffle-dev -> libdrm-dev libwaffle-dev contains waffle-1.pc, which has a Requires on libdrm; therefore libwaffle-dev should depend on the package that contains libdrm.pc, which is libdrm-dev. I've verified that this is sufficient to allow a simple test program to be linked to libwaffle in an otherwise minimal container. Fixes: 5ab2d5a2 "d/control: Upstream replaced libudev dep with libdrm" Closes: #-1 Signed-off-by: Simon McVittie --- debian/control | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/debian/control b/debian/control index 5e9470a..6d7279f 100644 --- a/debian/control +++ b/debian/control @@ -40,7 +40,8 @@ Package: libwaffle-dev Architecture: any Multi-Arch: same Section: libdevel -Depends: libegl-dev, +Depends: libdrm-dev, + libegl-dev, libgbm-dev, libgl-dev, libudev-dev, -- 2.42.0 >From c07071db1f68bdc17738115c4b106dfcc5c03896 Mon Sep 17
Bug#1051300: zabbix_4.0.4+dfsg-1+deb10u3_source.changes ACCEPTED into oldoldstable
# fixed in buster Control: fixed -1 1:4.0.4+dfsg-1+deb10u3 # also fixed in stretch Control: found -1 1:3.0.32+dfsg-0+deb9u4 Control: fixed -1 1:3.0.32+dfsg-0+deb9u5 # also fixed in jessie Control: found -1 1:2.2.23+dfsg-0+deb85 Control: fixed -1 1:2.2.23+dfsg-0+deb8u6 # close it. Control: done -1 - Forwarded message from Debian FTP Masters - Date: Sat, 21 Oct 2023 10:20:20 + From: Debian FTP Masters To: d...@security.debian.org, t...@debian.org Subject: zabbix_4.0.4+dfsg-1+deb10u3_source.changes ACCEPTED into oldoldstable Thank you for your contribution to Debian. Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 21 Oct 2023 09:43:49 +0200 Source: zabbix Architecture: source Version: 1:4.0.4+dfsg-1+deb10u3 Distribution: buster-security Urgency: medium Maintainer: Dmitry Smirnov Changed-By: Tobias Frost Closes: 1051300 Changes: zabbix (1:4.0.4+dfsg-1+deb10u3) buster-security; urgency=medium . * Fix NEWS files for individual packages. * Fix sqlite3 database scheme and warn in NEWS that a new database is required as zabbix does not update sqlite3 database, and users are supposed to start with new ones on updates. Closes: #1051300 Checksums-Sha1: ad450c1e86ceaee519eede80fda6ddf7b2d2a9c8 2876 zabbix_4.0.4+dfsg-1+deb10u3.dsc fe0c339c8e10f350db1257942775a151c3479557 218692 zabbix_4.0.4+dfsg-1+deb10u3.debian.tar.xz 0262f30bb082dc84590d2aa916364abd92697160 18568 zabbix_4.0.4+dfsg-1+deb10u3_amd64.buildinfo Checksums-Sha256: 409b4e8ae0c88f68fb31888a3e4980fb31a503d997173695afeb164cdcd55856 2876 zabbix_4.0.4+dfsg-1+deb10u3.dsc 55fcc673aa786a95846ca0954ad2c6e65ea246b74ea1d3923f4f9d24e70a6b7b 218692 zabbix_4.0.4+dfsg-1+deb10u3.debian.tar.xz 74666a8000101536fca541626226ff3ba8c874db62470fb6e24a8c7da0ed3b4f 18568 zabbix_4.0.4+dfsg-1+deb10u3_amd64.buildinfo Files: db90f1b4e4071267fd6b897d5706bdd3 2876 net optional zabbix_4.0.4+dfsg-1+deb10u3.dsc da8fd27072af5c132df2f0a398765481 218692 net optional zabbix_4.0.4+dfsg-1+deb10u3.debian.tar.xz c5073b382f87c57b5472a5beff81ba0b 18568 net optional zabbix_4.0.4+dfsg-1+deb10u3_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmUzoSEACgkQkWT6HRe9 XTamRRAAjSVtnTvgoa+nO28fzCRZuOZ5jr8IWI5dbgLtvPwIh5/zBhNdZYwS45yb lboGDE0LQYz++gn9zbPyYlhPojTAmopAj3ybA7VOy1soWtTsuVL72tEyCKLC6HJm ZAFMflkujEjHHizp0dzzeSmTaFN7UAnVsaRHIA36qf4itzjzLXrSTgDgWAVQmi7a bF1rm39DnCdmW1qpre7QABibhO8dgwDrLaX+VildJwAjtwAeeH8NF35CclYTZw93 gtbwT79Mj5bWa41aNA7V3IWEzbcokwbacH7T4u9vfXLnQpZXp0hYBOnH3JGHeR5n Gl6pPL/ZdS/14muW3Jx2orK7Kj7MDqzi0E6I2GcM8RgiEPT78oL6y8T7mBEWSeWA VasZFCtpDsCeQy/jsXaD8p4llAwJsGmmALKd4droK/QRrwWu/Z+veWaOmdjhA4gk zkjFbuVMfLMpq8LLF63oXryUWYFgcBR3i2YX9mvHhJpg2/krO/1/ddnVNgpFQhT4 NTbvnA3AjlO0C2LeF1WYHbFrzIzHjUKMSq9fShaeuQ6Az/SVAgZvyKJgPCrTxYHs REItPU0fMXIBoe35WC3SupPNx6I1sdvE+0hVfjazaOyRFN7C9xPp7zkeJ3rayndJ t+CY8XyfU3olgYMBpo1LcYUtQmhIU082jigmh0cVJGZL5jilxgE= =7r0p -END PGP SIGNATURE- - End forwarded message - signature.asc Description: PGP signature
Processed: Re: libglade2-0: deprecated and unmaintained upstream
Processing control commands: > severity -1 serious Bug #895517 [libglade2-0] libglade2-0: deprecated and unmaintained upstream Severity set to 'serious' from 'important' -- 895517: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895517 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1037366: marked as done (libplank-dev: depends on deprecated libgdk-pixbuf2.0-dev)
Your message dated Sat, 21 Oct 2023 10:25:53 + with message-id and subject line Bug#1037366: fixed in plank 0.11.89-4.1 has caused the Debian Bug report #1037366, regarding libplank-dev: depends on deprecated libgdk-pixbuf2.0-dev to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1037366: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037366 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libplank-dev Version: 0.11.89-4 Severity: important User: pkg-gnome-maintain...@lists.alioth.debian.org Usertags: split-gdk-pixbuf libgdk-pixbuf2.0-dev was split into libgdk-pixbuf-2.0-dev and the deprecated libgdk-pixbuf-xlib-2.0-dev in Debian 11. plank's build-dependency was switched to libgdk-pixbuf-2.0-dev in 2020, but libplank-dev still Depends on libgdk-pixbuf2.0-dev. Assuming it doesn't need the legacy libgdk-pixbuf-xlib-2.0-dev, please switch that dependency to libgdk-pixbuf-2.0-dev. I'm hoping to remove libgdk-pixbuf2.0-dev during the Debian 13 'trixie' cycle, so this bug is likely to become RC at some point in the future. Thanks, smcv --- End Message --- --- Begin Message --- Source: plank Source-Version: 0.11.89-4.1 Done: Bastian Germann We believe that the bug you reported is fixed in the latest version of plank, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1037...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastian Germann (supplier of updated plank package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 21 Oct 2023 12:07:51 +0200 Source: plank Architecture: source Version: 0.11.89-4.1 Distribution: unstable Urgency: medium Maintainer: Rico Tzschichholz Changed-By: Bastian Germann Closes: 1037366 Changes: plank (0.11.89-4.1) unstable; urgency=medium . * Non-maintainer upload. * Replace transitional libgdk-pixbuf2.0-dev dependency. (Closes: #1037366) Checksums-Sha1: f939abe6502e4d134a705e0adee98173714f337e 2367 plank_0.11.89-4.1.dsc 4fc9360f7eaca55c2d17d22931bf5a9e8db35734 6656 plank_0.11.89-4.1.debian.tar.xz 7451ee2c0afd96b71dcd7a7ac842158adde2602d 15114 plank_0.11.89-4.1_source.buildinfo Checksums-Sha256: 48798ca14f95db3315079f7fe1f6c3a2d9da7c87c67b1f987be9a5cc1a969d59 2367 plank_0.11.89-4.1.dsc 60e5256e5488a025c593c67cac49e39db156197668bd04d6dc6d1e7123ae8900 6656 plank_0.11.89-4.1.debian.tar.xz 27131a0515075f97ad0eb7d91bfb41bf8b1d282805af38e7137a701e6c951bfe 15114 plank_0.11.89-4.1_source.buildinfo Files: 33aec1d4d9001c286124f3e85262db5a 2367 utils optional plank_0.11.89-4.1.dsc 615411b86a9389b12888dd8d518bbbe5 6656 utils optional plank_0.11.89-4.1.debian.tar.xz 27c877c919b30dcc650d240423ad979d 15114 utils optional plank_0.11.89-4.1_source.buildinfo -BEGIN PGP SIGNATURE- iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmUzo1sQHGJhZ2VAZGVi aWFuLm9yZwAKCRAfXHqLRVZDFFy0DACrZ59Vo6gkL7ZP3ToL4lDdi4ha/ZhvoRVf fgimi7dlsO+Q/NMNTlEHOsGGr2kwnXFy869a4YRxmQNECHdSbpj2wDYbVYFcwcJu aciLI5IAYaXDjnhUUmtM5gUeGItFTNy1WRqHMaK0mk/tx1NfYCaFg94SrPs2Yf4V yJGSLxG2CJvmYnTpK/CXq3+IXMWhtURIKqJ32MmZlF2o0ubmA5zkllcC2GAso1Js 7wfcOzB/Z/OHsZiUJFTY/YsHJDGk6IswLH6cgGGAyq8+R4lnT7dnpqOA7HceKbLv ZWP2xK8Hg4zLSI5ltDc2eqBVP25P/8sXYQhzbANebjNoO+FKQqHyawM1o1frpbjq FOdfCwTy22FgYzsYLhUiWc/xwqRVjR8vgFjhPfy7r3oeCdd0Oljy7VjKtt+sPziV yJZx088zxIkOyeSmREysTVLsnBTm5Ti39MihRnty+pocroqvmrL0Bnjix7iaI5V/ Ptol14KJMGU9Xb5SxdtteB+CjKW8yns= =Hq0m -END PGP SIGNATURE End Message ---
Bug#1054293: marked as done (network-manager-vpnc FTBFS: dh_install: warning: network-manager-vpnc missing files: usr/libecec/nm-vpnc-service-vpnc-helper)
Your message dated Sat, 21 Oct 2023 10:13:18 + with message-id and subject line Bug#1054293: fixed in network-manager-vpnc 1.2.8-7 has caused the Debian Bug report #1054293, regarding network-manager-vpnc FTBFS: dh_install: warning: network-manager-vpnc missing files: usr/libecec/nm-vpnc-service-vpnc-helper to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1054293: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054293 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: network-manager-vpnc Version: 1.2.8-6 Severity: serious Tags: ftbfs https://buildd.debian.org/status/logs.php?pkg=network-manager-vpnc=1.2.8-6 ... dh_install -a dh_install: warning: Cannot find (any matches for) "usr/libecec/nm-vpnc-service-vpnc-helper" (tried in ., debian/tmp) dh_install: warning: network-manager-vpnc missing files: usr/libecec/nm-vpnc-service-vpnc-helper dh_install: error: missing files, aborting make: *** [debian/rules:7: binary-arch] Error 25 --- End Message --- --- Begin Message --- Source: network-manager-vpnc Source-Version: 1.2.8-7 Done: Michael Biebl We believe that the bug you reported is fixed in the latest version of network-manager-vpnc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1054...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Biebl (supplier of updated network-manager-vpnc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 21 Oct 2023 11:37:13 +0200 Source: network-manager-vpnc Architecture: source Version: 1.2.8-7 Distribution: unstable Urgency: medium Maintainer: Utopia Maintenance Team Changed-By: Michael Biebl Closes: 1054293 Changes: network-manager-vpnc (1.2.8-7) unstable; urgency=medium . * Fix typo in .install file (Closes: #1054293) Checksums-Sha1: 6076e917a82fb1b4452ba4b6766b422c12c213fe 2375 network-manager-vpnc_1.2.8-7.dsc 4bb4cf1531eca1acc30157fcfc78a695b01523be 7508 network-manager-vpnc_1.2.8-7.debian.tar.xz 1197360da89d941cae9194d968611341796ee368 16439 network-manager-vpnc_1.2.8-7_source.buildinfo Checksums-Sha256: 3d597bec14a430b7d6fb05b6abb1974482aeb8a4cabeb897d2179e449c06edcd 2375 network-manager-vpnc_1.2.8-7.dsc 9084cfcc890c5b69c2a38727de6e5c892434685093d2ab1f6fbab841200048f8 7508 network-manager-vpnc_1.2.8-7.debian.tar.xz 3cf78d6246aab26780a63b6a16f1ee42ae7ecd366cc2a66ac794670cf722 16439 network-manager-vpnc_1.2.8-7_source.buildinfo Files: 506249fe4df07eb89b2f911cb14a0923 2375 net optional network-manager-vpnc_1.2.8-7.dsc 666a0b2538eaa88db7635564cf13886d 7508 net optional network-manager-vpnc_1.2.8-7.debian.tar.xz 09369bb6a48a193a5183c805ff886f98 16439 net optional network-manager-vpnc_1.2.8-7_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEECbOsLssWnJBDRcxUauHfDWCPItwFAmUznKgACgkQauHfDWCP Itx+Qg//RPnjU9lYbL9JF7tM7ksSfENCFL0+7Hy6yCSRh/oIzgSVJZU2YW7ZNkzc B2y2l5gakXpNbpJsmwBTbbIpBb2zuhlj261jvCu+mE3j4ul/osiVpzgYrezgRryi +Cal3zTwbViULHDlPJeT220iukS7xPAyvlpR2ne/HeLq6py7bnnQTx52v7wqX2lB QfbC08oTZS5LpQGTPCi/+SiN9LLB6wNJ4daqiAJaDbLW7/RaObEVi1Wqb1Gim15v S4SHbw6Tx8SkKu93rzPI3ua0+zatVYl4IlUH0nWiHH7dXfE6u4PpWjtzrFvF0VQc yg/q2j1ljBv9L2+7OcY0bd5ecxxwbu0F4oUpNOZ7AC3F6QkPSefBMy5PBLOh6iZa por++2DGBWioc3Zg++iT/CcPGYZt8kqcauGX3o5hWTDbNecSQySsnTqTyHd7NE/s U8+/u7dt/uA+HXX8Obmc2/DaFSTTUN0mNZk1z1cXkSTDwiHK+jOi+6IofK+XuaZH ICZkWgF9u5/tY/+RfpWRwYOs41Uxi3NlWQ70NR1B6Q+WICxJoE4a0x/zerXbj+Wp rPsUnc4wC0zob8Tlg4B/TXWiHLf98YMIJy63jXN8CccMArrSrvBL7dS28WqYYb9I J46K84lhZ8jG7dMZhU7EYZjz5CdBQhTC2qgHr/GZxRhpqOgDHEg= =iGSV -END PGP SIGNATURE End Message ---
Bug#1037389: marked as done (libgom: build-depends on transitional package libgdk-pixbuf2.0-dev)
Your message dated Sat, 21 Oct 2023 10:10:43 + with message-id and subject line Bug#1037389: fixed in libgom 0.4-1.1 has caused the Debian Bug report #1037389, regarding libgom: build-depends on transitional package libgdk-pixbuf2.0-dev to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1037389: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037389 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: libgom Version: 0.4-1 Severity: important Tags: trixie sid User: pkg-gnome-maintain...@lists.alioth.debian.org Usertags: split-gdk-pixbuf This package Build-Depends on libgdk-pixbuf2.0-dev. In Debian 11, libgdk-pixbuf2.0-dev was split into two packages: - libgdk-pixbuf-2.0-dev contains the supported gdk-pixbuf-2.0 library - libgdk-pixbuf-xlib-2.0-dev contains the deprecated, unmaintained Xlib integration layer, gdk-pixbuf-xlib-2.0 If this package only requires functionality from gdk-pixbuf-2.0.pc and , please update the build-dependency to libgdk-pixbuf-2.0-dev. If it also requires the Xlib integration gdk-pixbuf-xlib-2.0.pc and (unlikely), then you can also build-depend on libgdk-pixbuf-xlib-2.0-dev until the package can be updated to remove that requirement. libgdk-pixbuf-2.0-dev was present in both Debian 11 and Debian 12, so it is not necessary to have a "| libgdk-pixbuf2.0-dev" alternative dependency, even for packages that are expected to be backported. We should remove the libgdk-pixbuf2.0-dev transitional package during the Debian 13 'trixie' cycle, so this bug is likely to become RC later. Thanks, smcv --- End Message --- --- Begin Message --- Source: libgom Source-Version: 0.4-1.1 Done: Bastian Germann We believe that the bug you reported is fixed in the latest version of libgom, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1037...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastian Germann (supplier of updated libgom package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 21 Oct 2023 11:53:02 +0200 Source: libgom Architecture: source Version: 0.4-1.1 Distribution: unstable Urgency: medium Maintainer: Debian GNOME Maintainers Changed-By: Bastian Germann Closes: 1037389 Changes: libgom (0.4-1.1) unstable; urgency=medium . * Non-maintainer upload * Move from libgdk-pixbuf2.0-dev to libgdk-pixbuf-2.0-dev (Closes: #1037389) Checksums-Sha1: 4c8670800c2f6fbc591b7ac2293719878cf1ff6a 2260 libgom_0.4-1.1.dsc 7ef9401183e6e880ef324519418c6398d6b79587 5052 libgom_0.4-1.1.debian.tar.xz 471ab14a38e15c3b5d78e8d183e304e39c40d075 9176 libgom_0.4-1.1_source.buildinfo Checksums-Sha256: 75b654c446511104d734cf3d457c2cab71caf78c8b82535910fc89ca3b18dc8e 2260 libgom_0.4-1.1.dsc 0ddeaa38e3684fa3c5db74007265fa030128766e9186e3abe8aed7f5533f819b 5052 libgom_0.4-1.1.debian.tar.xz bd2a043d88b0f8951021d576e7bc20ae149820caddf2593f34d7c09371405b10 9176 libgom_0.4-1.1_source.buildinfo Files: cb9c194f2545197f43716661a2e48deb 2260 libs optional libgom_0.4-1.1.dsc daea28c99205facf434f0d3f1fc75014 5052 libs optional libgom_0.4-1.1.debian.tar.xz 0ba9280af191e22e88a9ed0682148fbb 9176 libs optional libgom_0.4-1.1_source.buildinfo -BEGIN PGP SIGNATURE- iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmUzoEYQHGJhZ2VAZGVi aWFuLm9yZwAKCRAfXHqLRVZDFN2KDADw6jneDqR57KbwcJOs1NmziXzHtWMYZSNQ unM5kDcmgn9TALyPhO3fQpAxBvqqzVPR08I3BMo9PYghXJjFGQyzMX5raP6iXwRQ DynA6rbyf8FEgA8Z5CM33/kh6GYNEItcU6j6r5mUZw+ACkc+VmrHRSXkrZbAenf7 JmkMHIUVnDRowpyEUmL8iKKui5wBOEnqJq+y0PAokHydLHKrd29lBZSjS2chiyVW P3crY2LY5f4SyL+prKexGScQj0y285WATc5EIZvtpbIOzOiADmOROsx3b3E5zshx TDHuPOxtcYPdx8jWibBxVA4MnsPdJYAENnYUJ1/w+J6h4Gn3cL/wUvXBevGm3+yE TOmYS0FAlKmiN6UDqx4sorivnW2ycpz6saEy371cR9wo3S2rUyeYRORqDQI0HReH xC1a3Hd7zTdT3A67n8EeHlnq/a0fkETEvROo35iQMp3xTI8aoaRFX3nRgk4+PffC poM9TvK4lu35caA359mgX7bc8Wi+2ko= =pKr8 -END PGP SIGNATURE End Message ---
Bug#1037366: libplank-dev: depends on deprecated libgdk-pixbuf2.0-dev
I am uploading a NMU in order to fix this. The debdiff is attached.diff -Nru plank-0.11.89/debian/changelog plank-0.11.89/debian/changelog --- plank-0.11.89/debian/changelog 2021-11-16 16:11:07.0 +0100 +++ plank-0.11.89/debian/changelog 2023-10-21 12:07:51.0 +0200 @@ -1,3 +1,10 @@ +plank (0.11.89-4.1) unstable; urgency=medium + + * Non-maintainer upload. + * Replace transitional libgdk-pixbuf2.0-dev dependency. (Closes: #1037366) + + -- Bastian Germann Sat, 21 Oct 2023 12:07:51 +0200 + plank (0.11.89-4) unstable; urgency=medium [ Mike Gabriel ] diff -Nru plank-0.11.89/debian/control plank-0.11.89/debian/control --- plank-0.11.89/debian/control2021-08-21 12:29:38.0 +0200 +++ plank-0.11.89/debian/control2023-10-21 12:07:51.0 +0200 @@ -69,7 +69,7 @@ Depends: libplank1 (= ${binary:Version}), libbamf3-dev (>= 0.2.92), libcairo2-dev (>= 1.10.0), - libgdk-pixbuf2.0-dev (>= 2.26.0), + libgdk-pixbuf-2.0-dev (>= 2.26.0), libgee-0.8-dev, libglib2.0-dev (>= 2.40.0), libgtk-3-dev (>= 3.10.0),
Processed: raise severity like the other bugs of this MBF
Processing commands for cont...@bugs.debian.org: > severity 1037366 serious Bug #1037366 [libplank-dev] libplank-dev: depends on deprecated libgdk-pixbuf2.0-dev Severity set to 'serious' from 'important' > End of message, stopping processing here. Please contact me if you need assistance. -- 1037366: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037366 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1037389: libgom: build-depends on transitional package libgdk-pixbuf2.0-dev
I am uploading a NMU in order to fix this. The debdiff is attached.diff -Nru libgom-0.4/debian/changelog libgom-0.4/debian/changelog --- libgom-0.4/debian/changelog 2020-03-02 13:57:22.0 +0100 +++ libgom-0.4/debian/changelog 2023-10-21 11:53:02.0 +0200 @@ -1,3 +1,10 @@ +libgom (0.4-1.1) unstable; urgency=medium + + * Non-maintainer upload + * Move from libgdk-pixbuf2.0-dev to libgdk-pixbuf-2.0-dev (Closes: #1037389) + + -- Bastian Germann Sat, 21 Oct 2023 11:53:02 +0200 + libgom (0.4-1) unstable; urgency=medium * New upstream release diff -Nru libgom-0.4/debian/control libgom-0.4/debian/control --- libgom-0.4/debian/control 2020-03-02 13:57:22.0 +0100 +++ libgom-0.4/debian/control 2023-10-21 11:53:02.0 +0200 @@ -6,12 +6,12 @@ Section: libs Priority: optional Maintainer: Debian GNOME Maintainers -Uploaders: Jeremy Bicha , Laurent Bigonville , Michael Biebl +Uploaders: Laurent Bigonville , Michael Biebl Build-Depends: debhelper-compat (= 12), gnome-pkg-tools, gobject-introspection, gtk-doc-tools, - libgdk-pixbuf2.0-dev, + libgdk-pixbuf-2.0-dev, libgettextpo-dev, libgirepository1.0-dev, libglib2.0-dev (>= 2.36), diff -Nru libgom-0.4/debian/control.in libgom-0.4/debian/control.in --- libgom-0.4/debian/control.in2020-03-02 13:57:22.0 +0100 +++ libgom-0.4/debian/control.in2023-10-21 11:52:49.0 +0200 @@ -7,7 +7,7 @@ gnome-pkg-tools, gobject-introspection, gtk-doc-tools, - libgdk-pixbuf2.0-dev, + libgdk-pixbuf-2.0-dev, libgettextpo-dev, libgirepository1.0-dev, libglib2.0-dev (>= 2.36),
Bug#1054303: RM: gscanbus -- RoQA; orphaned; dead upstream; depends on gtk2
Source: gscanbus Severity: serious gscanbus is orphaned for 7 years and dead upstream. It also depends on the obsolete GTK 2. I am going to file a RM bug when this is autoremoved from testing and nobody objects.
Bug#1054301: RM: glfer -- RoQA; orphaned; dead upstream; depends on gtk2
Source: glfer Severity: serious glfer is orphaned for 14 years and dead upstream. It also depends on the obsolete GTK 2. I am going to file a RM bug when this is autoremoved from testing and nobody objects.
Bug#1053825: Screensaver with only blank does not work after suspend
Hi, Am Do den 19. Okt 2023 um 20:46 schrieb Salvatore Bonaccorso: > On Thu, Oct 12, 2023 at 06:57:20AM +0100, Klaus Ethgen wrote: > > Package: src:linux > > Version: 6.5.6-1 > > Severity: critical > > Tags: security > > X-Debbugs-Cc: Debian Security Team > > > > It is not fully clear for me, where exactly this bug happens. First I > > was thinking about xscreensaver but that package got not updated for > > ages. The bug happens with updates from kernel 6.4.0 to 6.5.0. > > So you are saying this happens solely after switching from 6.4.y > series to 6.5.y series. Thus I assume 6.5.3-1 in testing as well > exposes the issue. Might be but I cannot test that due to the other AMD display related bug. > > I use xscreensaver with fvwm3 on my amd laptop. xscreensaver is set up > > to only blank the screen. I first thought, that it does not happen with fvwm2 but I also see it with fvwm2 but not that often. > > When I lock the screen and press a key or moving the mouse, everything > > is fine. But when I go to suspend too ram after locking and waking up > > the laptop, the password dialog gets showed as usual but I can see the > > full desktop content with probably sensitive material on in. Although, I > > cannot interact with the desktop, it is a security break to reveal the > > content without authenticating. > > > > It might be related, when I have a PSI chat window on the screen but on > > different desktop, it gets moved to the current one. That definitively > > also came with the new kernel. > > Can you please attach as well the kernel log once you triggered the > behaviour? Anything suspicious logged? I could. But there is no hint and no unusual log entry. > Next, can you bisect the kernel between a good known upstream version > and 6.5.6? Can you as well test 6.5.7 upstream to see if it fixes the > issue? That would take many time to recompile kernel, test it for several hours and try again. Even worse, there is another AMD related bug that makes testing impossible. > Currently there is nothing which sound similar in the kernel > regression tracking status, TTBOMK. There was many changes in AMD display code. Some of them already was broken for systems (laptops) with internal display (eDP). The mentioned bug was fixed between linux-image-6.5.0-1-amd64 and linux-image-6.5.0-2-amd64. (It broke between linux-image-6.4.0-4-amd64 and linux-image-6.5.0-1-amd64.) So, this is the history in upstream versions: 6.4.13: Works well 6.5.3: Two bugs, this bug and another related to scaling. 6.5.6: Bug related to scaling fixed and this bug fully visible. I believe that it is related to eDP. So, maybe that limit's the possible problem. I have a work laptop that shows only this bug on AMD system but not the scaling one (As it has no 4K resolution). But I cannot use that one for testing. Maybe another data point: Both laptops are from Lenovo. My private one is a T14GEN3 and the one for work is a Z16. Regards Klaus -- Klaus Ethgen http://www.ethgen.ch/ pub 4096R/4E20AF1C 2011-05-16Klaus Ethgen Fingerprint: 85D4 CA42 952C 949B 1753 62B3 79D0 B06F 4E20 AF1C signature.asc Description: PGP signature