Bug#1055509: diversions of /sbin/halt and friends

2023-12-22 Thread Daniel Baumann 

On 12/22/23 12:30, Helmut Grohne wrote:

I am happy with all of these changes moving to
unstable and trixie.


applied and uploaded both p-l-metapackages and bfh-metapackages to unstable.


Thanks for your patience.


thank you for all your work and help!

Regards,
Daniel

Bug#1059352: src:apt: fails to migrate to testing for too long: autopkgtest regression on armhf

2023-12-22 Thread Paul Gevers 

Source: apt
Version: 2.7.6
Severity: serious
Control: close -1 2.7.7
Tags: sid trixie
User: release.debian@packages.debian.org
Usertags: out-of-sync

Dear maintainer(s),

The Release Team considers packages that are out-of-sync between testing 
and unstable for more than 30 days as having a Release Critical bug in 
testing [1]. Your package src:apt has been trying to migrate for 31 days 
[2]. Hence, I am filing this bug. The version in unstable fails its own 
autopkgtest on armhf.


If a package is out of sync between unstable and testing for a longer 
period, this usually means that bugs in the package in testing cannot be 
fixed via unstable. Additionally, blocked packages can have impact on 
other packages, which makes preparing for the release more difficult. 
Finally, it often exposes issues with the package and/or
its (reverse-)dependencies. We expect maintainers to fix issues that 
hamper the migration of their package in a timely manner.


This bug will trigger auto-removal when appropriate. As with all new 
bugs, there will be at least 30 days before the package is auto-removed.


I have immediately closed this bug with the version in unstable, so if 
that version or a later version migrates, this bug will no longer affect 
testing. I have also tagged this bug to only affect sid and trixie, so 
it doesn't affect (old-)stable.


If you believe your package is unable to migrate to testing due to 
issues beyond your control, don't hesitate to contact the Release Team.


Paul

[1] https://lists.debian.org/debian-devel-announce/2023/06/msg1.html
[2] https://qa.debian.org/excuses.php?package=apt



OpenPGP_signature.asc
Description: OpenPGP digital signature

Processed: src:apt: fails to migrate to testing for too long: autopkgtest regression on armhf

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> close -1 2.7.7
Bug #1059352 [src:apt] src:apt: fails to migrate to testing for too long: 
autopkgtest regression on armhf
Marked as fixed in versions apt/2.7.7.
Bug #1059352 [src:apt] src:apt: fails to migrate to testing for too long: 
autopkgtest regression on armhf
Marked Bug as done

-- 
1059352: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059352
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1057942: marked as done (ydpdict: FTBFS: invalid use of incomplete typedef ‘WINDOW’ {aka ‘struct _win_st’})

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Sat, 23 Dec 2023 06:49:22 +
with message-id 
and subject line Bug#1057942: fixed in ydpdict 1.0.5-1
has caused the Debian Bug report #1057942,
regarding ydpdict: FTBFS: invalid use of incomplete typedef ‘WINDOW’ {aka 
‘struct _win_st’}
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1057942: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057942
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: src:ydpdict
Version: 1.0.4-1
Severity: serious
Tags: ftbfs

Dear maintainer:

During a rebuild of all packages in unstable, your package failed to build:


[...]
 debian/rules build
dh build
   dh_update_autotools_config
   dh_autoreconf
find ! -ipath "./debian/*" -a ! \( -path '*/.git/*' -o -path '*/.hg/*' -o 
-path '*/.bzr/*' -o -path '*/.svn/*' -o -path '*/CVS/*' \) -a  -type f -exec md5sum {} + -o 
-type l -printf "symlink  %p
" > debian/autoreconf.before
grep -q ^XDT_ configure.ac
autoreconf -f -i
Copying file ABOUT-NLS
Copying file config.rpath
libtoolize: putting auxiliary files in '.'.
libtoolize: copying file './ltmain.sh'
libtoolize: putting macros in AC_CONFIG_MACRO_DIRS, 'm4'.
libtoolize: copying file 'm4/libtool.m4'
libtoolize: copying file 'm4/ltoptions.m4'
libtoolize: copying file 'm4/ltsugar.m4'
libtoolize: copying file 'm4/ltversion.m4'
libtoolize: copying file 'm4/lt~obsolete.m4'
configure.ac:9: installing './compile'
configure.ac:12: installing './config.guess'
configure.ac:12: installing './config.sub'
configure.ac:5: installing './install-sh'
configure.ac:5: installing './missing'
src/Makefile.am: installing './depcomp'
find ! -ipath "./debian/*" -a ! \( -path '*/.git/*' -o -path '*/.hg/*' -o 
-path '*/.bzr/*' -o -path '*/.svn/*' -o -path '*/CVS/*' \) -a  -type f -exec md5sum {} + -o 
-type l -printf "symlink  %p
" > debian/autoreconf.after
   debian/rules override_dh_auto_configure
make[1]: Entering directory '/<>'
dh_auto_configure -- --with-dictdir=/usr/local/share/ydpdict
./configure --build=x86_64-linux-gnu --prefix=/usr 
--includedir=\${prefix}/include --mandir=\${prefix}/share/man 
--infodir=\${prefix}/share/info --sysconfdir=/etc --localstatedir=/var 
--disable-option-checking --disable-silent-rules 
--libdir=\${prefix}/lib/x86_64-linux-gnu --runstatedir=/run 
--disable-maintainer-mode --disable-dependency-tracking 
--with-dictdir=/usr/local/share/ydpdict
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a race-free mkdir -p... /usr/bin/mkdir -p
checking for gawk... no
checking for mawk... mawk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether the compiler supports GNU C... yes
checking whether gcc accepts -g... yes
checking for gcc option to enable C11 features... none needed
checking whether gcc understands -c and -o together... yes
checking whether make supports the include directive... yes (GNU style)
checking dependency style of gcc... none
checking whether make sets $(MAKE)... (cached) yes
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking how to print strings... printf
checking for a sed that does not truncate output... /usr/bin/sed
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for fgrep... /usr/bin/grep -F
checking for ld used by gcc... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
checking the name lister (/usr/bin/nm -B) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 1572864
checking how to convert x86_64-pc-linux-gnu file names to x86_64-pc-linux-gnu 
format... func_convert_file_noop
checking how to convert x86_64-pc-linux-gnu file names to toolchain format... 
func_convert_file_noop
checking for /usr/bin/ld option to reload object files... -r
checking for file... file
checking for objdump... objdump
checking how to recognize dependent libraries... pass_all
checking for dlltool... no
checking how to associate runtime and link libraries... printf %

Bug#1059349: deal.ii ftbfs on ppc64el (with boost1.83)

2023-12-22 Thread Matthias Klose 

Package: src:deal.ii
Version: 9.5.1-1
Severity: serious
Tags: sid trixie
X-Debbugs-CC: debian-powe...@lists.debian.org, Debian Boost Team 




[...]
[ 41%] Building CXX object 
source/dofs/CMakeFiles/object_dofs_debug.dir/number_cache.cc.o
cd /<>/obj-powerpc64le-linux-gnu/source/dofs && 
/usr/bin/c++ -DDEBUG 
-I/<>/obj-powerpc64le-linux-gnu/source/dofs 
-I/<>/source/dofs 
-I/<>/obj-powerpc64le-linux-gnu/include 
-I/<>/include -isystem 
/usr/lib/powerpc64le-linux-gnu/openmpi/include -isystem 
/usr/lib/powerpc64le-linux-gnu/openmpi/include/openmpi -isystem 
/usr/include/petsc -isystem /usr/include/trilinos -isystem 
/usr/include/hdf5/openmpi -isystem /usr/include/scotch -isystem 
/usr/include/suitesparse -isystem /usr/include/opencascade -isystem 
/usr/include/slepc -std=c++17 -fPIC -pedantic -Wall -Wextra 
-Wmissing-braces -Woverloaded-virtual -Wpointer-arith -Wsign-compare 
-Wsuggest-override -Wswitch -Wsynth -Wwrite-strings -Wno-placement-new 
-Wno-deprecated-declarations -Wno-literal-suffix -Wno-psabi 
-Wno-class-memaccess -Wno-unused-local-typedefs -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat 
-Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -std=c++17 
-Wno-nonnull-compare -Wno-address -O0 -ggdb 
-Wa,--compress-debug-sections -MD -MT 
source/dofs/CMakeFiles/object_dofs_debug.dir/number_cache.cc.o -MF 
CMakeFiles/object_dofs_debug.dir/number_cache.cc.o.d -o 
CMakeFiles/object_dofs_debug.dir/number_cache.cc.o -c 
/<>/source/dofs/number_cache.cc
In file included from 
/usr/include/boost/math/special_functions/detail/round_fwd.hpp:12,
 from 
/usr/include/boost/math/special_functions/math_fwd.hpp:29,
 from 
/usr/include/boost/math/special_functions/legendre.hpp:16,
 from 
/<>/include/deal.II/base/std_cxx17/cmath.h:32,

 from /<>/source/base/function_lib.cc:20:
/usr/include/boost/math/tools/promotion.hpp: In instantiation of ‘struct 
boost::math::tools::promote_argsfloat, float>’:
/usr/include/boost/math/tools/promotion.hpp:272:13:   required by 
substitution of ‘templateT5, class T6> using boost::math::tools::promote_args_t = typename 
boost::math::tools::promote_args::type [with T1 = long double; T2 = 
float; T3 = float; T4 = float; T5 = float; T6 = float]’
/usr/include/boost/math/special_functions/legendre.hpp:247:4:   required 
by substitution of ‘template 
boost::math::tools::promote_args_t boost::math::legendre_p(int, T) 
[with T = long double]’
/<>/include/deal.II/base/std_cxx17/cmath.h:99:35: 
required from here
/usr/include/boost/math/tools/promotion.hpp:267:27: error: static 
assertion failed: Sorry, but this platform does not have sufficient long 
double support for the special functions to be reliably implemented.
  267 |  static_assert((0 == std::is_samedouble>::value), "Sorry, but this platform does not have sufficient long 
double support for the special functions to be reliably implemented.");
  | 
~~~^~
/usr/include/boost/math/tools/promotion.hpp:267:27: note: the comparison 
reduces to ‘(0 == 1)’
/usr/include/boost/math/tools/promotion.hpp: In instantiation of ‘struct 
boost::math::tools::promote_argsfloat, float, float>’:
/usr/include/boost/math/tools/promotion.hpp:272:13:   required by 
substitution of ‘templateT5, class T6> using boost::math::tools::promote_args_t = typename 
boost::math::tools::promote_args::type [with T1 = long double; T2 = long 
double; T3 = long double; T4 = float; T5 = float; T6 = float]’
/usr/include/boost/math/special_functions/legendre.hpp:28:4:   required 
by substitution of ‘template 
boost::math::tools::promote_args_t 
boost::math::legendre_next(unsigned int, T1, T2, T3) [with T1 = long 
double; T2 = long double; T3 = long double]’
/usr/include/boost/math/special_functions/legendre.hpp:69:53:   required 
from ‘T boost::math::detail::legendre_imp(unsigned int, T, const 
Policy&, bool) [with T = long double; Policy = 
boost::math::policies::policyboost::math::policies::default_policy, 
boost::math::policies::default_policy, 
boost::math::policies::default_policy, 
boost::math::policies::default_policy, 
boost::math::policies::default_policy, 
boost::math::policies::default_policy, 
boost::math::policies::default_policy, 
boost::math::policies::default_policy, 
boost::math::policies::default_policy, 
boost::math::policies::default_policy>]’
/usr/include/boost/math/special_functions/legendre.hpp:228:88: 
required from ‘typename 
std::enable_if::value, typename 
boost::math::tools::promote_args::type>::type 
boost::math::legendre_p(int, T, const Policy&) [with T = long double; 
Policy = policies::policypolicies::default_policy, policies::default_policy, 
policies::default_policy, policies::default_policy, 
policies::default_policy, policies::default_policy, 
policies::default_policy, policies::default_policy, 
policies::default_policy, policies::default_policy>; typename 
std::enable_if::value, typename 
tools::promote_arg

Bug#1057863: marked as done (slepc4py ftbfs with Python 3.12)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Sat, 23 Dec 2023 04:34:11 +
with message-id 
and subject line Bug#1057863: fixed in slepc4py 3.19.2-1
has caused the Debian Bug report #1057863,
regarding slepc4py ftbfs with Python 3.12
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1057863: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057863
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: src:slepc4py
Version: 3.18.3-1
Severity: serious
Tags: sid trixie
User: debian-pyt...@lists.debian.org
Usertags: python3.12

slepc4py ftbfs with Python 3.12, first errors:

[...]
src/slepc4py.SLEPc.c: In function ‘__Pyx_Raise’:
src/slepc4py.SLEPc.c:123040:34: error: ‘PyThreadState’ {aka ‘struct 
_ts’} has no member named ‘curexc_traceback’

123040 | PyObject* tmp_tb = tstate->curexc_traceback;
   |  ^~
src/slepc4py.SLEPc.c:123043:19: error: ‘PyThreadState’ {aka ‘struct 
_ts’} has no member named ‘curexc_traceback’

123043 | tstate->curexc_traceback = tb;
   |   ^~
--- End Message ---
--- Begin Message ---
Source: slepc4py
Source-Version: 3.19.2-1
Done: Drew Parsons 

We believe that the bug you reported is fixed in the latest version of
slepc4py, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1057...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Drew Parsons  (supplier of updated slepc4py package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 23 Dec 2023 04:42:35 +0100
Source: slepc4py
Architecture: source
Version: 3.19.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Drew Parsons 
Closes: 1057863
Changes:
 slepc4py (3.19.2-1) unstable; urgency=medium
 .
   [ Francesco Ballarin ]
   * New upstream version 3.19.2
 .
   [ Drew Parsons ]
   * slepc4py 3.19 supports Python 3.12. Closes: #1057863.
   * run debian/tests on all supported Python versions
Checksums-Sha1:
 29313d6320e2c0c691c7cb4d3c628602cafcc845 3477 slepc4py_3.19.2-1.dsc
 3141a59325de43712545619fbba6a7afd67370ab 683061 slepc4py_3.19.2.orig.tar.gz
 e16f356faedd0f7df1fc8337a82e89607cd64896 9260 slepc4py_3.19.2-1.debian.tar.xz
Checksums-Sha256:
 27996caf459f4b65fbaa6b9d59593c93db13ef0bae6220dadb2219c686633991 3477 
slepc4py_3.19.2-1.dsc
 e58a1bd532c141d78243b13a6791bf78f328850f325197f52b8279edce7d3bf9 683061 
slepc4py_3.19.2.orig.tar.gz
 5633bbc654ac5526983418cc84d6b1df60ab0feaba1613e55778cfd6f9882266 9260 
slepc4py_3.19.2-1.debian.tar.xz
Files:
 a2b2b4b9ab2b66d001e2a37118101a36 3477 python optional slepc4py_3.19.2-1.dsc
 aaaef63e784d308d326445a6e55e0e24 683061 python optional 
slepc4py_3.19.2.orig.tar.gz
 fca21cb191fe29427f3bfac67642f5b7 9260 python optional 
slepc4py_3.19.2-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEI8mpPlhYGekSbQo2Vz7x5L1aAfoFAmWGXkQACgkQVz7x5L1a
AfqzBA//QMj2/zxmRFHPU4gnV+vqOXhoYz+WVp+wYvl5I5l/ODSA9uTSZAAEm6rE
yITInrptmwORMbp9GTCneitirxShCXXk41WRdHsL2FMiSwrixrr2OpKM/7AQP7bK
S50SaAB5zJSljQC+CS9JZgh8MDuaH6Zx1NoFAPLo5S0Jz+zUf7oKo6VLFqTaU1eH
BN8PRbhMLxmLjc8WE+XIJ1EBh/q0d/E2RigybrgBOUYpZu2MRp3NlQ80BuiHKi6V
10WWJb6gdUe9nIBpDPEGbTF7V1zRdRalW1k28zHVSW0u4ws7ioIZUrx8PP3+frPP
tn5GaoKMioppDX/Ck26cZBU0TTneWC16TO8FGTrb2uvhYNPgkcwnaWtxjrEDRqkd
vbMXiUZ6VCLkshQ7SmS8HXQJCnFyf61dB8/pcvOScXWvX5YU+glUYrF2fuMYtdLt
6eBAm39QuYHeIsinRoH1R21EHdMZOZ2WPv/72pixK3vo4E9An2nZ7iFyyzuinpPH
S8p9h08kCyQ4Cukm/sGVwSEYuH2XWhGnUcCEUPuvIaT5+Wlnp62FaKIAC3jdi6fA
nVwNT7bG5wXfK3/ziMkodZSHhjsta/7CqmePAbJMYcXlL9qB2iIzPEUp+lW1zr8m
zy8ZuK1xNLQQFI5N81qChgWk87Em7JTrfG+H3xPQp8+RbctyUUs=
=hu6k
-END PGP SIGNATURE End Message ---

Bug#1036869: O: ghostscript -- interpreter for the PostScript language and for PDF

2023-12-22 Thread Steven Robbins 
retitle 1022718 'ITA: ghostscript -- interpreter for the PostScript language 
and for PDF'
owner  1022718 s...@debian.org
done 1036869


signature.asc
Description: This is a digitally signed message part.

Bug#1025558: marked as done (fprintd: dependency on transitional policykit-1 package)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Sat, 23 Dec 2023 03:49:38 +
with message-id 
and subject line Bug#1025558: fixed in fprintd 1.94.2-3
has caused the Debian Bug report #1025558,
regarding fprintd: dependency on transitional policykit-1 package
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1025558: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025558
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: fprintd
Version: 1.94.2-2
Severity: normal
User: pkg-utopia-maintain...@lists.alioth.debian.org
Usertags: policykit-1
Control: block 1025540 by -1

This package has a Depends and/or Build-Depends on the transitional
package policykit-1, which has been separated into polkitd, pkexec and
(deprecated) polkitd-pkla packages.

If this package communicates with polkitd via D-Bus, please represent that
as a Depends, Recommends or Suggests on polkitd, whichever is appropriate
for the strength of the requirement.

If this package runs /usr/bin/pkexec, please represent that as a Depends,
Recommends or Suggests on pkexec, whichever is appropriate for the strength
of the requirement.

If this package requires polkit at build-time (usually for the gettext
extensions polkit.its and polkit.loc), please build-depend on both
libpolkit-gobject-1-dev and polkitd, even if the package does not
actually depend on libpolkit-gobject-1 at runtime. This is because
the gettext extensions are currently in polkitd, but might be moved to
libpolkit-gobject-1-dev in future (see #955204). pkexec is usually not
required at build-time.

For packages that are expected to be backported to bullseye, it's OK to
use an alternative dependency: polkitd | policykit-1 and/or
pkexec | policykit-1.

This is part of a mass bug filing, see
.

Thanks,
smcv
--- End Message ---
--- Begin Message ---
Source: fprintd
Source-Version: 1.94.2-3
Done: Marco Trevisan (Treviño) 

We believe that the bug you reported is fixed in the latest version of
fprintd, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1025...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Marco Trevisan (Treviño)  (supplier of updated fprintd 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 23 Dec 2023 04:28:38 +0100
Source: fprintd
Built-For-Profiles: noudeb
Architecture: source
Version: 1.94.2-3
Distribution: unstable
Urgency: medium
Maintainer: FingerForce Team 
Changed-By: Marco Trevisan (Treviño) 
Closes: 1025558
Changes:
 fprintd (1.94.2-3) unstable; urgency=medium
 .
   * debian/control: depend on polkitd instead of policykit-1
 fprintd requires polkitd but it uses it via dbus. (Closes: #1025558)
   * debian/rules: Skip pam tests as they are timeouting in debian.
 This is a build failure that we've in debian but not upstream, so while
 we figure out what it is, it's better to just skip the tests to unblock
 fprintd to land.
   * debian/patches: Cherry pick upstream fixes
Checksums-Sha1:
 9d12afae9b2ac9746a23da4a6c4a2ed21f31442c 2412 fprintd_1.94.2-3.dsc
 e5473b3b694087c5d7c4f7edb812f97d2d3f6a85 14460 fprintd_1.94.2-3.debian.tar.xz
 de5153608aea03a4bb43117bb9cf9e625badc53f 11799 
fprintd_1.94.2-3_source.buildinfo
Checksums-Sha256:
 99f0af286b6e5821d7157f94cbe36251665d6d73aab89f286d609e56f498c476 2412 
fprintd_1.94.2-3.dsc
 3c661de92003f25c26d952b7108aa9b3fce13aec7c22f775e048696a431e1eae 14460 
fprintd_1.94.2-3.debian.tar.xz
 a6423bc076a2f9dcb1e1f544bf8cb0b8bc1e88a8a99c0d0e7e7679bd7decf721 11799 
fprintd_1.94.2-3_source.buildinfo
Files:
 99ba70aeff63c18095302787dc8d6492 2412 misc optional fprintd_1.94.2-3.dsc
 9f5d073ec8e57b1a659eb27a1e4afdce 14460 misc optional 
fprintd_1.94.2-3.debian.tar.xz
 3930d618e8b58fa4f2eef61f9ce8bc59 11799 misc optional 
fprintd_1.94.2-3_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEE1MUB2kjreXoIF1CTlEnC9QmWY18FAmWGU/AACgkQlEnC9QmW
Y18FNw/+NIlNtUE5wCJ7vbY4Lx2ptdQw3kU0ifP3NBERjNSwMTOwrSATzryZdLW9
631yTbgCCZ4Z/lTQbyPvDYdmvkahn5qUuokCQc7Ha4mAnHVxmBGbHxwgOC46RLI6
8waDIA895yYp9jW7rsNJHcYveNnxROWqKLICHFsmXJctmJyC39L4KSbjwVXqW/zP
Yys5KE31ExrHTmCaNBAA1qUO4Y

Bug#1053334: galera-4: FTBFS because of expired certificates

2023-12-22 Thread Otto Kekäläinen 
Sure, this will be fixed (automatically) with uploading latest upstream
minor release as stable update, and I intend to do it in coming 1-2 weeks.

Bug#1052740: graphite2: FTBFS: graph_legend.dot:1: error: Problems running dot: exit code=1, command='dot', arguments='"/<>/build/doc/doxygen/html/graph_legend.dot" -Tpng -o "/<

2023-12-22 Thread Bastian Germann 

graph_legend.dot should have quotes around the font name references.
This is probably a doxygen bug. A workaround would be removing doxygen from 
Build-Depends
and the two doxgen output files from debian/libgraphite2-doc.docs

Bug#1037972: marked as done (Bug on Debian 12 Bookworm - Installation reports - /etc/apt/source.list)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Sat, 23 Dec 2023 02:12:33 +0100 (CET)
with message-id <2033541051.240.1703293953...@bluewin.ch>
and subject line Bug on Debian 12 Bookworm - Installation reports - 
/etc/apt/source.list
has caused the Debian Bug report #1037972,
regarding Bug on Debian 12 Bookworm - Installation reports - 
/etc/apt/source.list
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1037972: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037972
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: debian-12.0.0-amd64-DVD-1.iso
File: /etc/apt/source.list
Severity: high (security)

Bug Description :

After installation of Debian 12 with the 'debian-12.0.0-amd64-DVD-1.iso' image, 
the '/etc/apt/source.list' file contains only one entry for installing or 
upgrading the system:
deb cdrom:[Debian GNU/Linux 12.0.0 _Bookworm_ - Official amd64 DVD Binary-1 
with firmware 20230610-10:23]/ bookworm main non-free-firmware
After editing the 'source.list' file with the 'software and updates' software 
and activating all remote repositories of the first tab of this program, only 
one line is added to the 'source.list' file ':
deb https://deb.debian.org/debian/ bookworm main contrib non-free 
non-free-firmware
It therefore lacks parameters to perform updates / security repertories on this 
DVD version of 'source.list' file, while in the Live ISO version of Debian 12 
Cinnamon does not have this type of problem.
Someone who doesn't know Debian and has installed the DVD edition of Debian on 
a machine can find themselves really embarrassed some time later since the 
security updates for their machine are not done without manually updating 
update the 'source.list' file.
Thank you to correct this as soon as possible.
Best regards.
Philippe 
--- End Message ---
--- Begin Message ---
closing bug
--- End Message ---

Processed: Bug#1059266 in package dupload marked as pending

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> tag 1059266 pending
Bug #1059266 {Done: Guillem Jover } [dupload] error: cannot 
verify inline signature
Added tag(s) pending.

-- 
1059266: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059266
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1059266: in package dupload marked as pending

2023-12-22 Thread Guillem Jover 
Control: tag 1059266 pending

Hi!

Bug #1059266 in package dupload reported by you has been fixed in
the dpkg/dupload.git Git repository. You can see the changelog below, and
you can check the diff of the fix at:

https://git.dpkg.org/cgit/dpkg/dupload.git/diff/?id=62a1cb0

---
Revert "hooks: Rewrite openpgp-check in perl for Dpkg::OpenPGP multi-backend 
support"

This reverts commit 2f2e0e528d4435fd529971250786b08475a105c0.

This broke current usage, as users might not have the vendor keyring
package installed, the vendor might not have keyring support in dpkg,
or the host might not even be using one of the vendor keyrings or
the certificates might not be located in the gpgv trustedkeys.gpg.

We should make the keyrings to use per host configurable, and both
the backend, its commands and whether to use its certificate store
configurable by the user too. Until this is done, let's revert for
now to avoid the regressions.

Closes: #1059266

Bug#1059266: marked as done (error: cannot verify inline signature)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Sat, 23 Dec 2023 00:20:05 +
with message-id 
and subject line Bug#1059266: fixed in dupload 2.10.5
has caused the Debian Bug report #1059266,
regarding error: cannot verify inline signature
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1059266: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059266
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: dupload
Version: 2.10.4
Severity: grave

Dear Maintainer,

This version fail to check a signature. Work fine with 2.10.3

,
| $ debrelease 
| dupload note: no announcement will be sent.
| Checking OpenPGP signatures before upload...gpgv: Signature made Fri Dec 22 
10:50:05 2023 CET
| gpgv:using RSA key A401FF99368FA1F98152DE755C808C2B65558117
| gpgv:issuer "maril...@deb-multimedia.org"
| gpgv: Can't check signature: No public key
| openpgp-check: error: cannot verify inline signature for 
../gerbera-dmo_1.12.1-dmo5_amd64.changes: no acceptable signature found
| 
| dupload: error: Pre-upload '/usr/share/dupload/openpgp-check %1' failed for 
../gerbera-dmo_1.12.1-dmo5_amd64.changes
`

Christian


-- System Information:
Debian Release: trixie/sid
  APT prefers buildd-unstable
  APT policy: (500, 'buildd-unstable'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.6.8-1-custom (SMP w/24 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages dupload depends on:
ii  libdpkg-perl  1.22.2
ii  perl  5.36.0-10

Versions of packages dupload recommends:
ii  libio-socket-ssl-perl  2.084-1
ii  liburi-perl5.21-1
ii  openssh-client 1:9.6p1-2

Versions of packages dupload suggests:
ii  exim4-daemon-heavy [mail-transport-agent]  4.97-2
pn  libsecret-tools
ii  lintian2.116.3

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: dupload
Source-Version: 2.10.5
Done: Guillem Jover 

We believe that the bug you reported is fixed in the latest version of
dupload, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1059...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guillem Jover  (supplier of updated dupload package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 23 Dec 2023 01:06:23 +0100
Source: dupload
Architecture: source
Version: 2.10.5
Distribution: unstable
Urgency: medium
Maintainer: Dpkg Developers 
Changed-By: Guillem Jover 
Closes: 1059266
Changes:
 dupload (2.10.5) unstable; urgency=medium
 .
   * Revert "hooks: Rewrite openpgp-check in perl for Dpkg::OpenPGP
 multi-backend support". We need to make the keyrings to use,
 the OpenPGP backend, its commands and whether to use its certificate
 store configurable before we can do this switch. Closes: #1059266
Checksums-Sha1:
 b019950ef91f96f83044fc067664f563b9a4a5d5 2168 dupload_2.10.5.dsc
 59ba5628f84c2ce669957eadb12fbd9bf2d69e6e 43420 dupload_2.10.5.tar.xz
 bf3a970a521129d73d9cc62366d3dbc108b070c7 5761 dupload_2.10.5_amd64.buildinfo
Checksums-Sha256:
 62eb466dc6418bd50bf6edb7aba15d56410d7a4b126b850e2541c493dc01fe0b 2168 
dupload_2.10.5.dsc
 761ae0855e115fa629c2873bfe122b0155d61bce33689ff2c79de0aa55aac9d3 43420 
dupload_2.10.5.tar.xz
 b6d6b2e08b0f2d22c33fc6316886aa77507b311739fb6375e9ed7616bb79fb27 5761 
dupload_2.10.5_amd64.buildinfo
Files:
 edde2bc528fe0fa98d9e5065801d9f9c 2168 devel optional dupload_2.10.5.dsc
 b878f9d670b57f01a9ed1a2aece0493f 43420 devel optional dupload_2.10.5.tar.xz
 4a3e91fc78b1d1253fa6a79d20e73ef8 5761 devel optional 
dupload_2.10.5_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEETz509DYFDBD1aWV0uXK/PqSuV6MFAmWGJVEACgkQuXK/PqSu
V6MfIQ/9HHSwGn73I30+PM0uOM/OM9IE31gIOyT0EpAv2GvRwTPdiPsTZTfzrMbg
4IgeY4l6zI4Ta8Qa9IzT0f+YPcYmo+pb8SMQk3IzFpdsQDIkIirbgA2zpjE7UCui
mWOdO0jD/XtDprQNNEH0VIiE9ZWWpCzPDnA/FkUk+mwX7Z3KacauTKvXP47PMmi9
5sBd60b1zG

Processed: Re: Bug#1042299: libfirefox-marionette-perl: FTBFS: tests fail

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> block -1 with 1059343
Bug #1042299 {Done: gregor herrmann } 
[src:libfirefox-marionette-perl] libfirefox-marionette-perl: FTBFS: tests fail
1042299 was not blocked by any bugs.
1042299 was not blocking any bugs.
Added blocking bug(s) of 1042299: 1059343

-- 
1042299: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042299
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1042299: libfirefox-marionette-perl: FTBFS: tests fail

2023-12-22 Thread gregor herrmann 
Control: block -1 with 1059343 

On Fri, 22 Dec 2023 20:35:57 +0100, Santiago Vila wrote:

> Hi. I found this bug while rebuilding all packages in bookworm:
> https://tests.reproducible-builds.org/debian/rb-pkg/bookworm/amd64/libfirefox-marionette-perl.html
> I'm fixing the metadata since it's a FTBFS bug.
> Would be possible to fix it in bookworm, please?

Thanks for the heads-up.

I've uploaded a fixed package to bookworm and raised a pu bug against
release.debian.org.


Cheers,
gregor

-- 
 .''`.  https://info.comodo.priv.at -- Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
   `-   


signature.asc
Description: Digital Signature

Bug#1059266: error: cannot verify inline signature

2023-12-22 Thread Guillem Jover 
Hi!

On Fri, 2023-12-22 at 19:37:16 +0100, Aurelien Jarno wrote:
> On 2023-12-22 19:23, Aurelien Jarno wrote:
> > This also causes issues on the riscv64 build daemons running sid:
> > 
> > | dupload exit status 9/0
> > | Removed  to reupload later.
> > | 
> > | Complete output from dupload:
> > | 
> > | dupload note: no announcement will be sent.
> > | Checking OpenPGP signatures before upload...gpgv: Signature made Fri Dec 
> > 22 18:06:16 2023 UTC
> > | gpgv:using RSA key 
> > 670D3AC041E218107D0DE6F9339F749981589F2F
> > | gpgv: Can't check signature: No public key
> > | openpgp-check: error: cannot verify inline signature for 
> > emmax_0~beta.20100307-4_riscv64-buildd.changes: no acceptable signature 
> > found
> > | 
> > | dupload: error: Pre-upload '/usr/share/dupload/openpgp-check %1' failed 
> > for emmax_0~beta.20100307-4_riscv64-buildd.changes

Ouch, ok.

> > On 2023-12-22 12:16, Guillem Jover wrote:
> > > Just to understand what is going wrong, I assume you don't have the
> > > debian-keyring package installed (where the signing certificate could
> > > be found in the debian-keyring.gpg keyring), nor the certificate for
> > > A401FF99368FA1F98152DE755C808C2B65558117 in ~/.gnupg/trustedkeys.gpg?
> > 
> > For debian build daemons, it is not expected to have the keys in the
> > debian-keyring.gpg file. The file ~/.gnupg/trustedkeys.gpg does not
> > exist.
> > 
> > > But gpg has it in its certificate store?
> > 
> > Yes:
> > 
> > buildd@rv-manda-01:~/.gnupg$ gpg -K
> > /home/buildd/.gnupg/pubring.kbx
> > ---
> > sec   rsa4096 2023-12-08 [SC] [expire : 2024-12-07]
> >   670D3AC041E218107D0DE6F9339F749981589F2F
> > uid  [  ultime ] buildd autosigning key rv-manda-01 
> > 
> 
> It seems the decision to trust the key comes from ~/.gnupg/trustdb.gpg,
> not from ~/.gnupg/trustedkeys.gpg.

The trustedkeys.gpg is a keyring used mainly by gpgv (gpg does not use
it by default, except that the dpkg code will feed it as an additional
keyring if it is found.

I'll prepare an upload right away and force the code to use gpg for
now (as it was used before the recent upload, instead of trying gpgv,
sqop, pgpainless-cli, or sq), until I've devised a better migration
plan, or implemented enough configuration options for people to switch
or use other OpenPGP backends when desired.

Thanks,
Guillem

Bug#1057391: cinnamon and private GIR XML

2023-12-22 Thread Simon McVittie 
Here is an attempt at a more comprehensive answer to your questions about
correct handling of Cinnamon's private typelibs and private GIR XML.

The first thing I should say is that the GObject-Introspection mini-policy
(file:///usr/share/doc/gobject-introspection/policy.txt.gz) was written for
the common case of public libraries, typelibs and GIR XML, for example GTK
or libsoup:

- libraries in /usr/lib/MULTIARCH/
- typelibs in /usr/lib/MULTIARCH/girepository-1.0
- GIR XML in /usr/share/gir-1.0 or /usr/lib/MULTIARCH/gir-1.0

Tools like dh_girepository and Lintian are also set up for that common
case, and it's entirely possible that they are not always doing the right
thing for private libraries, typelibs and GIR XML. Not many packages use
private typelibs or GIR XML, and it's probably mostly only GNOME and
Cinnamon that do this, so it's up to the GNOME and Cinnamon maintainers to
figure out how private libraries with typelibs and GIR XML ought to work.

I am not a Cinnamon user or developer, but if I understand the Cinnamon
packages directly, src:cinnamon contains private libraries, typelibs and
GIR XML, similar to src:gnome-shell.

When installing private libraries that are only intended to be used
within a group of closely cooperating packages, you don't necessarily
have to follow all of the same policies that you would need to follow
for a public library like GTK or libsoup, as long as the setup that
ends up in the packages you have built still works correctly within your
closed ecosystem.

For instance, in GNOME we have some private libraries built by src:mutter
and src:gnome-shell, which are used by GNOME Shell, Budgie and GNOME
Shell extensions, but should not be accessed by anything outside that
ecosystem. If I understand correctly, Cinnamon has muffin (a fork of
mutter) and cinnamon itself (a fork of gnome-shell) which have a similar
relationship; but perhaps the Cinnamon ecosystem is even simpler than
GNOME's, because GNOME has extensions and I don't think Cinnamon does?

I think libmuffin-dev also probably should not be installing its GIR
XML into /usr/share/gir-1.0, because most (all?) of muffin's GIR XML
consists of forks of other projects (Clutter, Cogl, Metacity) and it
seems confusing to have GIR XML in the public search path that is named
something like "Clutter" but is actually a private fork of a better-known
library. src:mutter puts its GIR XML in /usr/lib/MULTIARCH/mutter-12,
which is the same directory as the private typelibs and the private
shared libraries. I think it would make sense for muffin to do the
equivalent, by putting its GIR XML into /usr/lib/MULTIARCH/muffin.

On Sat, 09 Dec 2023 at 21:12:03 +0100, Fabio Fantoni wrote:
> Thanks for all informations, I did some changes in git, moved gir files in
> /usr/share/cinnamon

I see that you are also now running dh_girepository as:

dh_girepository ... /usr/share/cinnamon

Was that so that when dh_girepository looks at
/usr/lib/MULTIARCH/cinnamon/{St-1.0,Cinnamon-0.1}.typelib, it will be able
to find their corresponding GIR XML in
/usr/share/cinnamon/{St-1.0,Cinnamon-0.1}.gir?

Or is there some other reason that you needed to tell dh_girepository about
this private directory?

src:gnome-shell doesn't actually run dh_girepository at all (although
src:mutter does). I'm not sure whether src:gnome-shell or src:cinnamon
is the one that is being more correct here. Ideally dh_girepository would
"do the right thing" for both public and private libraries, but it isn't
100% clear to me what the right thing *is* in this case.

> the package for the split should be cinnamon-dev, with only gir I thinked
> gir1.2-cinnamon-0.1-dev, what is correct and/or best?

Let me go back a few steps from there:

- Is there anything else in Debian that is going to use this GIR XML
  programmatically?

- If something else in Debian wanted to load libcinnamon.so or libst.so,
  are there C/C++ headers that it would be able to use to access those
  libraries? GIR XML is analogous to C/C++ headers, so if these libraries
  are "private enough" that you wouldn't want third-party code to be able
  to #include their headers, you probably also don't want third-party code
  to be loading their interface descriptions from GIR XML either?

- Do you *want* a separate -dev package? Or are you just suggesting this
  because dh_girepository suggests a dependency cinnamon -> libmuffin-dev,
  which you actively don't want?

- Is there anything else installed by src:cinnamon that conceptually
  "belongs" in a -dev package, and is not needed by end users? Like for
  example C/C++ header files that I've missed, or perhaps developer-only
  tools?

It isn't completely obvious to me why either GNOME Shell or Cinnamon
installs its GIR XML at all - I can't immediately think of any situation
where it would be useful, except perhaps to a GNOME Shell or Cinnamon
developer who is already building the relevant project from source and
could equally well just look at the .gir file in thei

Bug#1055972: marked as done (yade: FTBFS: boost1.83 transition)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 21:24:20 +
with message-id 
and subject line Bug#1055972: fixed in yade 2023.02a-8
has caused the Debian Bug report #1055972,
regarding yade: FTBFS: boost1.83 transition
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1055972: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055972
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: yade
Version: 2023.02a-7
Severity: normal
User: gl...@debian.org
Usertags: boost183 ftbfs-boost183-transition

Displaying all 1 bug reports..
Run again with --send switch to send the bug reports.
---
To: mainto...@bugs.debian.org
Subject: yade: FTBFS: boost1.83 transition

Source: yade
Version: 2023.02a-7
Severity: normal
User: gl...@debian.org
Usertags: boost183 ftbfs-boost183-transition

Hi,

we are preparing the transition of all libs on the new boost 1.83. During the
rebuild of packages against this library it was identified that probably your
package fails to build.

Relevant part (hopefully):

-

testMissingFunction (yade.TestPyRunner.testMissingFunction) ... Traceback (most 
recent call last):
  File "", line 1, in 
NameError: name 'missingFunction' is not defined

-

To reproduce this behavior, you can install  -dev Boost packages from the
experimental repository, as shown in the following command:

  apt install libboost-dev -t experimental.


The full build log is available from:
http://qa-logs.debian.net/2023/10/27/yade_2023.02a-7_unstable.log

All bugs filed during this archive rebuild are listed at:
https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-boost183-transition;users=gl...@debian.org
or:
https://udd.debian.org/bugs/?release=na&merged=ign&fnewerval=7&flastmodval=7&fusertag=only&fusertagtag=ftbfs-boost183-transition&fusertaguser=gl...@debian.org

If you reassign this bug to another package, please mark it as 'affects'-ing
this package. See https://www.debian.org/Bugs/server-control#affects

If you fail to reproduce this, please provide a build log and diff it with mine
so that we can identify if something relevant changed in the meantime.

---
--- End Message ---
--- Begin Message ---
Source: yade
Source-Version: 2023.02a-8
Done: Anton Gladky 

We believe that the bug you reported is fixed in the latest version of
yade, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1055...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anton Gladky  (supplier of updated yade package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 22 Dec 2023 21:57:18 +0100
Source: yade
Architecture: source
Version: 2023.02a-8
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Anton Gladky 
Closes: 1054681 1055972
Changes:
 yade (2023.02a-8) unstable; urgency=medium
 .
   * [f1a6f56] Fix multiprecision compilation. (Closes: #1055972, #1054681)
Checksums-Sha1:
 a488e56cd1e409aeaa4a7b173bfaba04f1b55393 3272 yade_2023.02a-8.dsc
 b69819dde52464021ea72291b1c86770da2035dc 30676 yade_2023.02a-8.debian.tar.xz
 148b56c459b73fecd9c5675daabf6ab9cd0f7208 31699 yade_2023.02a-8_source.buildinfo
Checksums-Sha256:
 599cf4f5134380f20feb7bd7f30144b1821cd25397753a9eb5b7740cf92cd72e 3272 
yade_2023.02a-8.dsc
 c53362033033209d63b262063187bf026430117460644df394e848d9fa8c62bb 30676 
yade_2023.02a-8.debian.tar.xz
 07f8f77ae49d63534608b04b2992b18dcff20d485d0f812a1a2c6f7171ff50c5 31699 
yade_2023.02a-8_source.buildinfo
Files:
 f434b50a5654c165e6fd12ab1726b169 3272 science optional yade_2023.02a-8.dsc
 9efd9216cd388b9c09cd58237fcf0fa8 30676 science optional 
yade_2023.02a-8.debian.tar.xz
 f91b1266bc7a95ae603943c9f87e390f 31699 science optional 
yade_2023.02a-8_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAmWF+NEACgkQ0+Fzg8+n
/wa11A//QbMMWAeeyEqnqBVzygkMvmuaexQ0wHGf3bcnhh+RA0j92Aj/bd8zOWRm
Uks0vYhSXKrVr63/kxIX13J5gLJ9sfMxkYU6cqDCP4XLha/+89KLcIDtxVVvGjk2
hJ18opvJ8x9XeR902jQkg//oqQP/GyY73dbDNchryMbnQS1SKLMeOq3KBs+i

Bug#1054681: marked as done (yade: FTBFS: TypeError: No to_python (by-value) converter found for C++ type: boost::multiprecision::number

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 21:24:20 +
with message-id 
and subject line Bug#1054681: fixed in yade 2023.02a-8
has caused the Debian Bug report #1054681,
regarding yade: FTBFS: TypeError: No to_python (by-value) converter found for 
C++ type: 
boost::multiprecision::number, 
(boost::multiprecision::expression_template_option)0>
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1054681: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054681
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: yade
Version: 2023.02a-7
Severity: serious
Justification: FTBFS
Tags: trixie sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20231027 ftbfs-trixie

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
> (/usr/share/texlive/texmf-dist/tex/latex/base/ts1cmr.fd)
> (/usr/share/texmf/tex/latex/tipa/t3cmr.fd)
> *geometry* driver: auto-detecting
> *geometry* detected driver: xetex
> 
> Package hyperref Warning: Rerun to get /PageLabels entry.
> 
> [1] [1] [2]
> No file Yade.toc.
> [3] [4]
> Chapter 1.
> 
> LaTeX Warning: Hyper reference `yade.wrapper:inheritancegraphpartialengine' 
> on 
> page 1 undefined on input line 247.
> 
> (/usr/share/texlive/texmf-dist/tex/latex/amsfonts/ueur.fd)
> (/usr/share/texlive/texmf-dist/tex/latex/amsfonts/umsa.fd)
> (/usr/share/texlive/texmf-dist/tex/latex/amsfonts/umsb.fd)
> (/usr/share/texlive/texmf-dist/tex/latex/amsfonts/ueuf.fd)
> (/usr/share/texlive/texmf-dist/tex/latex/amsfonts/ueus.fd)
> (/usr/share/texlive/texmf-dist/tex/latex/amsfonts/ueuex.fd) [1]
> 
> LaTeX Warning: Hyper reference `user:remoteaccess' on page 2 undefined on 
> input
>  line 287.
> 
> 
> Underfull \hbox (badness 1) in paragraph at lines 337--337
> 
> [2]
> 
> LaTeX Warning: Hyper reference `prog:logging' on page 3 undefined on input 
> line
>  368.
> 
> 
> LaTeX Warning: Hyper reference `prog:regression-tests' on page 3 undefined on 
> i
> nput line 382.
> 
> 
> LaTeX Warning: Hyper reference `prog:debugging' on page 3 undefined on input 
> li
> ne 404.
> 
> ! Text line contains an invalid character.
> l.420 \PYG{g+go}{^^[
> [0;31mDocstring:^^[[0m}
> ? 
> ! Emergency stop.
> l.420 
>   
> Output written on Yade.pdf (7 pages).
> Transcript written on Yade.log.
> make[1]: *** [debian/rules:99: override_dh_auto_install] Error 1


The full build log is available from:
http://qa-logs.debian.net/2023/10/27/yade_2023.02a-7_unstable.log

All bugs filed during this archive rebuild are listed at:
https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20231027;users=lu...@debian.org
or:
https://udd.debian.org/bugs/?release=na&merged=ign&fnewerval=7&flastmodval=7&fusertag=only&fusertagtag=ftbfs-20231027&fusertaguser=lu...@debian.org&allbugs=1&cseverity=1&ctags=1&caffected=1#results

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

If you reassign this bug to another package, please mark it as 'affects'-ing
this package. See https://www.debian.org/Bugs/server-control#affects

If you fail to reproduce this, please provide a build log and diff it with mine
so that we can identify if something relevant changed in the meantime.
--- End Message ---
--- Begin Message ---
Source: yade
Source-Version: 2023.02a-8
Done: Anton Gladky 

We believe that the bug you reported is fixed in the latest version of
yade, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1054...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anton Gladky  (supplier of updated yade package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 22 Dec 2023 21:57:18 +0100
Source: yade
Architecture: source
Version: 2023.02a-8
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Anton Gladky 
Closes: 1054681 1055972
Changes:
 yade (2023.02a-8) unstable; urgency=medium
 .
   * [f1a6f56] Fix multiprecision compilation. (Closes: #1055972, #1054681)
Checksums-Sha1:
 a488e56cd1e409aeaa4a7b173bfaba04f1b55393 3272 yade_2023.02a-8.dsc

Bug#1057914: marked as done (bluez: CVE-2023-45866)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 21:18:23 +
with message-id 
and subject line Bug#1057914: fixed in bluez 5.55-3.1+deb11u1
has caused the Debian Bug report #1057914,
regarding bluez: CVE-2023-45866
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1057914: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057914
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: bluez
Version: 5.70-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for bluez.

CVE-2023-45866[0]:
| Bluetooth HID Hosts in BlueZ may permit an unauthenticated
| Peripheral role HID Device to initiate and establish an encrypted
| connection, and accept HID keyboard reports, potentially permitting
| injection of HID messages when no user interaction has occurred in
| the Central role to authorize such access. An example affected
| package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some
| cases, a CVE-2020-0556 mitigation would have already addressed this
| Bluetooth HID Hosts issue.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-45866
https://www.cve.org/CVERecord?id=CVE-2023-45866
[1] 
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=25a471a83e02e1effb15d5a488b3f0085eaeb675

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: bluez
Source-Version: 5.55-3.1+deb11u1
Done: Salvatore Bonaccorso 

We believe that the bug you reported is fixed in the latest version of
bluez, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1057...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated bluez package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 10 Dec 2023 20:21:22 +0100
Source: bluez
Architecture: source
Version: 5.55-3.1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Bluetooth Maintainers 
Changed-By: Salvatore Bonaccorso 
Closes: 1057914
Changes:
 bluez (5.55-3.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * input.conf: Change default of ClassicBondedOnly (CVE-2023-45866)
 (Closes: #1057914)
Checksums-Sha1: 
 949e921ecfbe8e216e03a6ffa7e82e19bd6e4fef 2916 bluez_5.55-3.1+deb11u1.dsc
 2ca9225aa8e5af87713ca18e16200d26537c6820 1700208 bluez_5.55.orig.tar.xz
 d25dc4889728ad398af125759b37ecf0272e20d7 35848 
bluez_5.55-3.1+deb11u1.debian.tar.xz
Checksums-Sha256: 
 2841cf129f23755027a70b68bea7553531405f8bf84a35261c8088fb34190258 2916 
bluez_5.55-3.1+deb11u1.dsc
 f06520e1e48bddc88db1a5c5a60ee97b36b47409c352352374bf07a594400ac4 1700208 
bluez_5.55.orig.tar.xz
 cb75ba629cf0480fbd59bf18b8379f4d8bb2883edd1ce3be8a6d6e5d8294f4ed 35848 
bluez_5.55-3.1+deb11u1.debian.tar.xz
Files: 
 1750eb7855bd3f6e0c6c468e74856d74 2916 admin optional bluez_5.55-3.1+deb11u1.dsc
 e7c87deadb74346f77a61ebee70bf375 1700208 admin optional bluez_5.55.orig.tar.xz
 d3f443f55cc290af07285729e91ffad4 35848 admin optional 
bluez_5.55-3.1+deb11u1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmV2EbhfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E3d4P/AsM55Ib4z2iGOWk5mlz0IU0VbDpVbGz
ImQCngNjcxAWISV4k2cS6wzLUZ/zZtFuMWpxUe6AMAhXhBFIlfxMgh034jC9Bzln
YjULvEYmnM3Kwx+aPjIFQVsCgGvC/YT/ugf5LbpGr/ZEE+ezIQaa50cXDWC4zzni
024SQgAXrif1Mdn0Qal90U5jxitQAixMYDxqZ8kkJH+bHiRyGyqem13+8A8taccq
fYKGf+lHpzRjn7KUYL+zPoxTY1xR/a3KoS2rzss9A+U2PNKHmyBY9ERMxYhWamgn
wFvLBmUAH6mVvHbdADMipAbucXqZ1aTJU9C3795MwwAPx/FZN8T/+aJvxwJqAg5l
hcthwau0PoHNpt8n/baDYaG1weCjgQtjJpoRkndEKXSgB4Pbo8xgM/7LGZIzlgn2
eBkfUiYvZcfZU3Ru+1T9WPCHBognDYa/WX5cb31CkLhi0o5bmiI3PskGkyBl0hU6
E/GIqIoTO7GSBolO5xHc2GQN5JqZFZqLMyBS+KDEnLuaAr2uhMsCJg9e53gFhIHh
GePzIhvUxbkKDOBR+M+wHAgA0sXd6G1CvNP

Bug#1057914: marked as done (bluez: CVE-2023-45866)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 21:17:08 +
with message-id 
and subject line Bug#1057914: fixed in bluez 5.66-1+deb12u1
has caused the Debian Bug report #1057914,
regarding bluez: CVE-2023-45866
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1057914: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057914
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: bluez
Version: 5.70-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for bluez.

CVE-2023-45866[0]:
| Bluetooth HID Hosts in BlueZ may permit an unauthenticated
| Peripheral role HID Device to initiate and establish an encrypted
| connection, and accept HID keyboard reports, potentially permitting
| injection of HID messages when no user interaction has occurred in
| the Central role to authorize such access. An example affected
| package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some
| cases, a CVE-2020-0556 mitigation would have already addressed this
| Bluetooth HID Hosts issue.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-45866
https://www.cve.org/CVERecord?id=CVE-2023-45866
[1] 
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=25a471a83e02e1effb15d5a488b3f0085eaeb675

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: bluez
Source-Version: 5.66-1+deb12u1
Done: Salvatore Bonaccorso 

We believe that the bug you reported is fixed in the latest version of
bluez, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1057...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated bluez package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 10 Dec 2023 17:57:24 +0100
Source: bluez
Architecture: source
Version: 5.66-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Bluetooth Maintainers 
Changed-By: Salvatore Bonaccorso 
Closes: 1057914
Changes:
 bluez (5.66-1+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * input.conf: Change default of ClassicBondedOnly (CVE-2023-45866)
 (Closes: #1057914)
Checksums-Sha1: 
 1f9d8f638c8ea4ae7d27751e0ad17e463908ae5c 2922 bluez_5.66-1+deb12u1.dsc
 2ca5b7d1633695d39a69bbfefd5c0fe97d47c79a 1837964 bluez_5.66.orig.tar.xz
 b4b3ff29848223a5cd83b33b0af9255d6d276e1b 40776 
bluez_5.66-1+deb12u1.debian.tar.xz
Checksums-Sha256: 
 311c8eb4dfccc524e5cce5474efedc8b6e369d94cf56a732080e6cb13e33c53d 2922 
bluez_5.66-1+deb12u1.dsc
 a231fb9d151780edf6d2536c81914e2dbd3daa36b68f486badaf98a7f34021e4 1837964 
bluez_5.66.orig.tar.xz
 962a3865bf15fdfa9d4210c7cc0e822d1d37b4bacc7672e9db52d71c6f9c5ec5 40776 
bluez_5.66-1+deb12u1.debian.tar.xz
Files: 
 6ccfa15c0287fa0bda7749503451bdb4 2922 admin optional bluez_5.66-1+deb12u1.dsc
 bbb7f207b9c5a5e64e0e71aab9730b54 1837964 admin optional bluez_5.66.orig.tar.xz
 bcf4b31d0fa7a8347a3b78f1ff92bf67 40776 admin optional 
bluez_5.66-1+deb12u1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmV175pfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EUAMQAJAKcvMGfLcwQa2l0qfU6XC7krKzradR
LcMm/VO7/fyZzBWVaFrJ4leGKrP/eQRFWAdcwfAy073WVQP6dLxwBcLDaFwivaLB
px1Js5dtr8wUUUIb0e6+NxTNNvPB1glSOUziKV/DlPPoWum48BfoCWSghEeDr73N
oDMjbZnWzPyZdHboLt+IRT9vhoqFqC8Oxp4iik++2KS4Y36s36jQyDFxDY12MasV
7R4yxjcPGSUmXSCyM/VeqsYUT0u/RPkdBTw9DltQd+WPJjAnYtzoMepRcqVO6Iap
ckWitVS3JpkSBrNVqFwO8xu9GoVgu7mMrFGm0Oi5KfmPBED7i6/sTJVjfkAHoQan
zh0e9hy8ZLqUlg4XzfOaL4/Eh6be2RTHO3ewfO6G529OMNIvHAZb0//1W4Tz7+42
TJOtUgZ4tmoweP1krOM6YuQL4RKp2PAT3sIO4+hkgV9us0GF/PizFDDpNak1bmeq
bSbXIbRnT4AnAKl8wSOEWE0w4I5Lh+nDo3L/K1CToZvZTbfBccgnlfpEOm9V0Yjy
dIYZR6Wy9lrJcCL+O2ODgyzTEH1SPfdEdtCXGLk5Y92B0DyadEHRWGK

Bug#1055698: marked as done (py-ubjson ftbfs with Python 3.12 (test failures))

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 20:40:10 +
with message-id 
and subject line Bug#1055698: fixed in py-ubjson 0.16.1-3
has caused the Debian Bug report #1055698,
regarding py-ubjson ftbfs with Python 3.12 (test failures)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1055698: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055698
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: src:py-ubjson
Version: 0.16.1-2
Severity: serious
Tags: sid trixie
User: debian-pyt...@lists.debian.org
Usertags: python3.12

py-ubjson ftbfs with Python 3.12 (test failures):

==
FAIL: test_recursion (test.TestEncodeDecodeFpExt.test_recursion)
--
Traceback (most recent call last):
  File 
"/<>/.pybuild/cpython3_3.12_ubjson/build/test/test.py", 
line 476, in test_recursion

with self.assert_raises_regex(RuntimeError, 'recursion'):
AssertionError: RuntimeError not raised

==
FAIL: test_recursion (test.TestEncodeDecodePlainExt.test_recursion)
--
Traceback (most recent call last):
  File 
"/<>/.pybuild/cpython3_3.12_ubjson/build/test/test.py", 
line 476, in test_recursion

with self.assert_raises_regex(RuntimeError, 'recursion'):
AssertionError: RuntimeError not raised

--
Ran 116 tests in 3.186s

FAILED (failures=2)
E: pybuild pybuild:395: test: plugin distutils failed with: exit code=1: 
cd /<>/.pybuild/cpython3_3.12_ubjson/build; python3.12 -m 
unittest discover -v test/
--- End Message ---
--- Begin Message ---
Source: py-ubjson
Source-Version: 0.16.1-3
Done: Drew Parsons 

We believe that the bug you reported is fixed in the latest version of
py-ubjson, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1055...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Drew Parsons  (supplier of updated py-ubjson package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 22 Dec 2023 21:15:34 +0100
Source: py-ubjson
Architecture: source
Version: 0.16.1-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team 
Changed-By: Drew Parsons 
Closes: 1055698
Changes:
 py-ubjson (0.16.1-3) unstable; urgency=medium
 .
   * Team upload.
   * debian patch py12_recursion_PR19.diff adapts upstream PR12 to fix
 recursion handling with Python 3.12. Closes: #1055698.
Checksums-Sha1:
 367321c3e1d5e1e03f7c98add1058f7ff240c92e 2407 py-ubjson_0.16.1-3.dsc
 b16802e21e14e9b570617c3fbe034aad1f122d05 6700 py-ubjson_0.16.1-3.debian.tar.xz
Checksums-Sha256:
 3ebd4fe04356367cc3a82ffa4be812ff56fe19e93fbc6fde67c9f16bcbb2d1d7 2407 
py-ubjson_0.16.1-3.dsc
 5fd12bf56b7ae2e6c0451dc65a0d359e9d202aefb0fc8eed010746e53473a8f7 6700 
py-ubjson_0.16.1-3.debian.tar.xz
Files:
 ef3e0d4326649d5162da29fdfea1bf28 2407 python optional py-ubjson_0.16.1-3.dsc
 117d19c82cc1cd3c4ad329fa032e7c8f 6700 python optional 
py-ubjson_0.16.1-3.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEI8mpPlhYGekSbQo2Vz7x5L1aAfoFAmWF7ygACgkQVz7x5L1a
AfoOlg/8D8n3V6LpyMJRtPV5rCkKyf1j+M7m6dM6F/QQxN4EXbmPfCWGKGZPClWT
FN5BgYsDWv7lwb5RgQCdZIoBrHLlAJQZ7bxY8rK+gXQ+UZE4v9n3Po4ibfdsh9OM
2iYCXVIimYrcPVx2e4EZRMDLa+QvpbdPnWeEjwa3iBPv2OgCq7pO04SqL+9ociEp
XPojrIkXuq4EOk82C9kdpjMhMib6sEvLBzQYwFxGg6TdWHL5tqSafvyScEP5NKAD
pFtD7LFVWQz3lm40LKZuwW8NQw07c76hrdSWlroMbsv4I2w8VocdVEeutwC/cA4c
N0FLxHrsBblgJ/GKf/xZFpcG4hYRGiOS+0zGJnMMuHtDBI3KSsTHTWxJ/9MdElVe
vdBJPr9pPJH0aRjaDp91gg055gbb/n4HtAdbo2BwHsT30O6UsOW55au1mdzAdRxg
pf1LI7a8675XeqiqX60SvCrDHbrb/KW1wmrHSgbaBL9HzwiNMJGbdvL8mAlVHwCM
5WES3HscF5V6VLm/yvSXSsoK3DtO1YKwFeiNQ8YlT0rAuIslsU5YZ+pqGh4v1S/j
TsF5rswld27tRcMlzioTsiD1ywdS5hScAww6PsUSTIu1kSj1at8DyKEkA1IpanAp
7BfEkpxmJwWIugi70NhtjTm80favguU6hDv0asSov8xzyJefkao=
=H637
-END PGP SIGNATURE End Message ---

Processed: Bug#1055698 marked as pending in py-ubjson

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 pending
Bug #1055698 [src:py-ubjson] py-ubjson ftbfs with Python 3.12 (test failures)
Added tag(s) pending.

-- 
1055698: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055698
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1055698: marked as pending in py-ubjson

2023-12-22 Thread Drew Parsons 
Control: tag -1 pending

Hello,

Bug #1055698 in py-ubjson reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/python-team/packages/py-ubjson/-/commit/a0be18e429338345b1d9f98161c5e59634058d4e


add debian patch py12_recursion_PR19.diff

adapts upstream PR12 to fix recursion handling with Python 3.12.

Closes: #1055698


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1055698

Processed: tagging 1059254, found 1059254 in 1.2.25+ds1-2, tagging 1059256, found 1059256 in 0.11.3+repack-6 ...

2023-12-22 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 1059254 + upstream
Bug #1059254 [src:cacti] cacti: CVE-2023-49084 CVE-2023-49086
Added tag(s) upstream.
> found 1059254 1.2.25+ds1-2
Bug #1059254 [src:cacti] cacti: CVE-2023-49084 CVE-2023-49086
Marked as found in versions cacti/1.2.25+ds1-2.
> tags 1059256 + upstream
Bug #1059256 [src:falcosecurity-libs] falcosecurity-libs: CVE-2023-49287
Added tag(s) upstream.
> found 1059256 0.11.3+repack-6
Bug #1059256 [src:falcosecurity-libs] falcosecurity-libs: CVE-2023-49287
Marked as found in versions falcosecurity-libs/0.11.3+repack-6.
> tags 1059257 + upstream
Bug #1059257 [src:gemmi] gemmi: CVE-2023-49287
Added tag(s) upstream.
> found 1059257 0.6.4+ds-1
Bug #1059257 [src:gemmi] gemmi: CVE-2023-49287
Marked as found in versions gemmi/0.6.4+ds-1.
> tags 1059261 + upstream
Bug #1059261 [src:clickhouse] clickhouse: CVE-2023-48298 CVE-2023-47118 
CVE-2022-44011 CVE-2022-44010
Added tag(s) upstream.
> tags 1059265 + upstream
Bug #1059265 [src:w3m] w3m: CVE-2023-4255
Added tag(s) upstream.
> found 1059265 0.5.3+git20230121-2
Bug #1059265 [src:w3m] w3m: CVE-2023-4255
Marked as found in versions w3m/0.5.3+git20230121-2.
> forwarded 1059265 https://github.com/tats/w3m/issues/268
Bug #1059265 [src:w3m] w3m: CVE-2023-4255
Set Bug forwarded-to-address to 'https://github.com/tats/w3m/issues/268'.
> tags 1059275 + upstream
Bug #1059275 [src:libde265] libde265: CVE-2023-49465 CVE-2023-49467 
CVE-2023-49468
Added tag(s) upstream.
> found 1059275 1.0.13-1
Bug #1059275 [src:libde265] libde265: CVE-2023-49465 CVE-2023-49467 
CVE-2023-49468
Marked as found in versions libde265/1.0.13-1.
> tags 1059277 + upstream
Bug #1059277 [src:openbabel] openbabel: CVE-2022-37331 CVE-2022-41793 
CVE-2022-42885 CVE-2022-43467 CVE-2022-43607 CVE-2022-44451 CVE-2022-46280 
CVE-2022-46289 CVE-2022-46290 CVE-2022-46291 CVE-2022-46292 CVE-2022-46293 
CVE-2022-46294 CVE-2022-46295
Added tag(s) upstream.
> found 1059277 3.1.1+dfsg-9
Bug #1059277 [src:openbabel] openbabel: CVE-2022-37331 CVE-2022-41793 
CVE-2022-42885 CVE-2022-43467 CVE-2022-43607 CVE-2022-44451 CVE-2022-46280 
CVE-2022-46289 CVE-2022-46290 CVE-2022-46291 CVE-2022-46292 CVE-2022-46293 
CVE-2022-46294 CVE-2022-46295
Marked as found in versions openbabel/3.1.1+dfsg-9.
> forwarded 1059277 https://github.com/openbabel/openbabel/issues/2650
Bug #1059277 [src:openbabel] openbabel: CVE-2022-37331 CVE-2022-41793 
CVE-2022-42885 CVE-2022-43467 CVE-2022-43607 CVE-2022-44451 CVE-2022-46280 
CVE-2022-46289 CVE-2022-46290 CVE-2022-46291 CVE-2022-46292 CVE-2022-46293 
CVE-2022-46294 CVE-2022-46295
Ignoring request to change the forwarded-to-address of bug#1059277 to the same 
value
> tags 1059278 + upstream
Bug #1059278 [src:systemd] systemd: CVE-2023-7008
Added tag(s) upstream.
> found 1059278 255-1
Bug #1059278 [src:systemd] systemd: CVE-2023-7008
Marked as found in versions systemd/255-1.
> forwarded 1059278 https://github.com/systemd/systemd/issues/25676
Bug #1059278 [src:systemd] systemd: CVE-2023-7008
Set Bug forwarded-to-address to 
'https://github.com/systemd/systemd/issues/25676'.
> tags 1059279 + upstream
Bug #1059279 [src:grpc] grpc: CVE-2023-33953
Added tag(s) upstream.
> tags 1059280 + upstream
Bug #1059280 [src:grpc] grpc: CVE-2023-32732
Added tag(s) upstream.
> tags 1059281 + upstream
Bug #1059281 [src:grpc] grpc: CVE-2023-4785
Added tag(s) upstream.
> tags 1059282 + upstream
Bug #1059282 [src:jbig2enc] jbig2enc: CVE-2018-11230
Added tag(s) upstream.
> forwarded 1059282 https://github.com/agl/jbig2enc/issues/61
Bug #1059282 [src:jbig2enc] jbig2enc: CVE-2018-11230
Set Bug forwarded-to-address to 'https://github.com/agl/jbig2enc/issues/61'.
> tags 1059284 + upstream
Bug #1059284 [src:jbig2enc] jbig2enc: CVE-2023-46362
Added tag(s) upstream.
> forwarded 1059284 https://github.com/agl/jbig2enc/issues/84
Bug #1059284 [src:jbig2enc] jbig2enc: CVE-2023-46362
Set Bug forwarded-to-address to 'https://github.com/agl/jbig2enc/issues/84'.
> tags 1059285 + upstream
Bug #1059285 [src:jbig2enc] jbig2enc: CVE-2023-46363
Added tag(s) upstream.
> forwarded 1059285 https://github.com/agl/jbig2enc/issues/85
Bug #1059285 [src:jbig2enc] jbig2enc: CVE-2023-46363
Set Bug forwarded-to-address to 'https://github.com/agl/jbig2enc/issues/85'.
> tags 1059286 + upstream
Bug #1059286 [src:cacti] cacti: CVE-2023-46490
Added tag(s) upstream.
> tags 1059287 + upstream
Bug #1059287 [src:cjson] cjson: CVE-2023-50471 CVE-2023-50472
Added tag(s) upstream.
> found 1059287 1.7.16-2
Bug #1059287 [src:cjson] cjson: CVE-2023-50471 CVE-2023-50472
Marked as found in versions cjson/1.7.16-2.
> forwarded 1059287 https://github.com/DaveGamble/cJSON/issues/802 
> https://github.com/DaveGamble/cJSON/issues/803
Bug #1059287 [src:cjson] cjson: CVE-2023-50471 CVE-2023-50472
Set Bug forwarded-to-address to 'https://github.com/DaveGamble/cJSON/issues/802 
https://github.com/DaveGamble/cJSON/issues/803'.
> tags 1059288 + upstream
Bug #1059288 [src:shiro] shiro: CVE-2023-46750
Added tag

Processed: tagging 1059254, found 1059254 in 1.2.25+ds1-2, tagging 1059256, found 1059256 in 0.11.3+repack-6 ...

2023-12-22 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 1059254 + upstream
Bug #1059254 [src:cacti] cacti: CVE-2023-49084 CVE-2023-49086
Ignoring request to alter tags of bug #1059254 to the same tags previously set
> found 1059254 1.2.25+ds1-2
Bug #1059254 [src:cacti] cacti: CVE-2023-49084 CVE-2023-49086
Ignoring request to alter found versions of bug #1059254 to the same values 
previously set
> tags 1059256 + upstream
Bug #1059256 [src:falcosecurity-libs] falcosecurity-libs: CVE-2023-49287
Ignoring request to alter tags of bug #1059256 to the same tags previously set
> found 1059256 0.11.3+repack-6
Bug #1059256 [src:falcosecurity-libs] falcosecurity-libs: CVE-2023-49287
Ignoring request to alter found versions of bug #1059256 to the same values 
previously set
> tags 1059257 + upstream
Bug #1059257 [src:gemmi] gemmi: CVE-2023-49287
Ignoring request to alter tags of bug #1059257 to the same tags previously set
> found 1059257 0.6.4+ds-1
Bug #1059257 [src:gemmi] gemmi: CVE-2023-49287
Ignoring request to alter found versions of bug #1059257 to the same values 
previously set
> tags 1059261 + upstream
Bug #1059261 [src:clickhouse] clickhouse: CVE-2023-48298 CVE-2023-47118 
CVE-2022-44011 CVE-2022-44010
Ignoring request to alter tags of bug #1059261 to the same tags previously set
> tags 1059265 + upstream
Bug #1059265 [src:w3m] w3m: CVE-2023-4255
Ignoring request to alter tags of bug #1059265 to the same tags previously set
> found 1059265 0.5.3+git20230121-2
Bug #1059265 [src:w3m] w3m: CVE-2023-4255
Ignoring request to alter found versions of bug #1059265 to the same values 
previously set
> forwarded 1059265 https://github.com/tats/w3m/issues/268
Bug #1059265 [src:w3m] w3m: CVE-2023-4255
Ignoring request to change the forwarded-to-address of bug#1059265 to the same 
value
> tags 1059275 + upstream
Bug #1059275 [src:libde265] libde265: CVE-2023-49465 CVE-2023-49467 
CVE-2023-49468
Ignoring request to alter tags of bug #1059275 to the same tags previously set
> found 1059275 1.0.13-1
Bug #1059275 [src:libde265] libde265: CVE-2023-49465 CVE-2023-49467 
CVE-2023-49468
Ignoring request to alter found versions of bug #1059275 to the same values 
previously set
> tags 1059277 + upstream
Bug #1059277 [src:openbabel] openbabel: CVE-2022-37331 CVE-2022-41793 
CVE-2022-42885 CVE-2022-43467 CVE-2022-43607 CVE-2022-44451 CVE-2022-46280 
CVE-2022-46289 CVE-2022-46290 CVE-2022-46291 CVE-2022-46292 CVE-2022-46293 
CVE-2022-46294 CVE-2022-46295
Ignoring request to alter tags of bug #1059277 to the same tags previously set
> found 1059277 3.1.1+dfsg-9
Bug #1059277 [src:openbabel] openbabel: CVE-2022-37331 CVE-2022-41793 
CVE-2022-42885 CVE-2022-43467 CVE-2022-43607 CVE-2022-44451 CVE-2022-46280 
CVE-2022-46289 CVE-2022-46290 CVE-2022-46291 CVE-2022-46292 CVE-2022-46293 
CVE-2022-46294 CVE-2022-46295
Ignoring request to alter found versions of bug #1059277 to the same values 
previously set
> forwarded 1059277 https://github.com/openbabel/openbabel/issues/2650
Bug #1059277 [src:openbabel] openbabel: CVE-2022-37331 CVE-2022-41793 
CVE-2022-42885 CVE-2022-43467 CVE-2022-43607 CVE-2022-44451 CVE-2022-46280 
CVE-2022-46289 CVE-2022-46290 CVE-2022-46291 CVE-2022-46292 CVE-2022-46293 
CVE-2022-46294 CVE-2022-46295
Ignoring request to change the forwarded-to-address of bug#1059277 to the same 
value
> tags 1059278 + upstream
Bug #1059278 [src:systemd] systemd: CVE-2023-7008
Ignoring request to alter tags of bug #1059278 to the same tags previously set
> found 1059278 255-1
Bug #1059278 [src:systemd] systemd: CVE-2023-7008
Ignoring request to alter found versions of bug #1059278 to the same values 
previously set
> forwarded 1059278 https://github.com/systemd/systemd/issues/25676
Bug #1059278 [src:systemd] systemd: CVE-2023-7008
Ignoring request to change the forwarded-to-address of bug#1059278 to the same 
value
> tags 1059279 + upstream
Bug #1059279 [src:grpc] grpc: CVE-2023-33953
Ignoring request to alter tags of bug #1059279 to the same tags previously set
> tags 1059280 + upstream
Bug #1059280 [src:grpc] grpc: CVE-2023-32732
Ignoring request to alter tags of bug #1059280 to the same tags previously set
> tags 1059281 + upstream
Bug #1059281 [src:grpc] grpc: CVE-2023-4785
Ignoring request to alter tags of bug #1059281 to the same tags previously set
> tags 1059282 + upstream
Bug #1059282 [src:jbig2enc] jbig2enc: CVE-2018-11230
Ignoring request to alter tags of bug #1059282 to the same tags previously set
> forwarded 1059282 https://github.com/agl/jbig2enc/issues/61
Bug #1059282 [src:jbig2enc] jbig2enc: CVE-2018-11230
Ignoring request to change the forwarded-to-address of bug#1059282 to the same 
value
> tags 1059284 + upstream
Bug #1059284 [src:jbig2enc] jbig2enc: CVE-2023-46362
Ignoring request to alter tags of bug #1059284 to the same tags previously set
> forwarded 1059284 https://github.com/agl/jbig2enc/issues/84
Bug #1059284 [src:jbig2enc] jbig2enc: CVE-2023-46362
Ignoring request to change the forwarded-to-address of bug

Processed: Re: Bug#999975: rdup: depends on obsolete pcre3 library

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + patch
Bug #75 [src:rdup] rdup: depends on obsolete pcre3 library
Added tag(s) patch.

-- 
75: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=75
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#999975: rdup: depends on obsolete pcre3 library

2023-12-22 Thread Yavor Doganov 
Control: tags -1 + patch

Please find attached a patch -- build-tested after adding -Wno-error
to CFLAGS due to #941101.
Description: Port to PCRE2.
Bug-Debian: https://bugs.debian.org/75
Author: Yavor Doganov 
Forwarded: no
Last-Update: 2023-12-22
---

--- rdup-1.1.15.orig/configure.ac
+++ rdup-1.1.15/configure.ac
@@ -62,26 +62,28 @@
 if test "$with_libpcre_includes" != "no"; then
CFLAGS="${CFLAGS} -I${with_libpcre_includes}"
 else
-   CFLAGS="${CFLAGS} `pcre-config --cflags`"
+   CFLAGS="${CFLAGS} `pcre2-config --cflags`"
 fi
 
 if test "$with_libpcre_libraries" != "no"; then
LIBS="${LIBS} -L${with_libpcre_libraries}"
 else
-   LIBS="${LIBS} `pcre-config --libs`"
+   LIBS="${LIBS} `pcre2-config --libs8`"
 fi
 
 # PCRE configuration (required)
 # Verify that we have the headers
 PCRE_H=""
-AC_CHECK_HEADERS(pcre.h,, PCRE_H="no")
+AC_CHECK_HEADERS([pcre2.h], [], [PCRE_H="no"], [[
+#define PCRE2_CODE_UNIT_WIDTH 8
+]])
 if test "$PCRE_H" = "no"; then
AC_MSG_ERROR([** No pcre library found.])
 fi
 
 # Verify that we have the library
 PCRE_L=""
-AC_CHECK_LIB(pcre, pcre_compile, ,PCRE_L="no")
+AC_CHECK_LIB([pcre2-8], [pcre2_compile_8], [], [PCRE_L="no"])
 if test "$PCRE_L" = "no"; then
AC_MSG_ERROR([** No pcre library found.])
 fi
--- rdup-1.1.15.orig/gfunc.c
+++ rdup-1.1.15/gfunc.c
@@ -7,7 +7,8 @@
 
 #include "rdup.h"
 #include "protocol.h"
-#include 
+#define PCRE2_CODE_UNIT_WIDTH 8
+#include 
 #ifdef HAVE_LIBNETTLE
 #include 
 #else
@@ -622,20 +623,26 @@
 gboolean gfunc_regexp(GSList * l, char *n, size_t len)
 {
GSList *k;
-   pcre *P;
-   int ovector[REG_VECTOR];
+   pcre2_code *P;
+   pcre2_match_data *md;
 
+   md = pcre2_match_data_create(REG_VECTOR, NULL);
for (k = g_slist_nth(l, 0); k; k = k->next) {
-   if (sig != 0)
+   if (sig != 0) {
+   pcre2_match_data_free(md);
signal_abort(sig);
+   }
 
-   P = (pcre *) k->data;
+   P = (pcre2_code *) k->data;
/* pcre_exec errors are all < 0, so >= 0 is some kind
 * of success
 */
-   if (pcre_exec(P, NULL, n, len, 0, 0, ovector, REG_VECTOR) >= 0)
+   if (pcre2_match(P, (PCRE2_SPTR)n, len, 0, 0, md, NULL) >= 0) {
+   pcre2_match_data_free(md);
return TRUE;
+   }
}
+   pcre2_match_data_free(md);
return FALSE;
 }
 
--- rdup-1.1.15.orig/regexp.c
+++ rdup-1.1.15/regexp.c
@@ -6,7 +6,8 @@
  */
 
 #include "rdup.h"
-#include 
+#define PCRE2_CODE_UNIT_WIDTH 8
+#include 
 
 GSList *pregex_list = NULL;
 
@@ -18,15 +19,16 @@
 {
FILE *fp;
char *buf;
-   const char *errbuf;
-   int erroff;
+   PCRE2_UCHAR errbuf[120];
+   PCRE2_SIZE erroff;
+   int err;
char delim;
gpointer d;
size_t l;
size_t s;
size_t re_length;
ssize_t j;
-   pcre *P;
+   pcre2_code *P;
 
if ((fp = fopen(file, "r")) == NULL) {
msg(_("Could not open '%s\': %s"), file, strerror(errno));
@@ -45,18 +47,20 @@
/* buf[j - 1] holds the delimeter */
buf[j - 1] = '\0';
 
-   if ((P = pcre_compile(buf, 0, &errbuf, &erroff, NULL)) == NULL) 
{
+   if ((P = pcre2_compile((PCRE2_SPTR)buf, strlen(buf), 0, &err, 
&erroff, NULL)) == NULL) {
/* error */
fclose(fp);
+   pcre2_get_error_message(err, errbuf, sizeof(errbuf));
msg(_
-   ("Corrupt regular expression line: %zd, column %d: 
%s"),
+   ("Corrupt regular expression line: %zd, column %zu: 
%s"),
l, erroff, errbuf);
g_free(buf);
return FALSE;
} else {
-   pcre_fullinfo(P, NULL, PCRE_INFO_SIZE, &re_length);
+   pcre2_pattern_info(P, PCRE2_INFO_SIZE, &re_length);
d = g_malloc(re_length);
d = memcpy(d, P, re_length);
+   pcre2_code_free(P);
pregex_list = g_slist_append(pregex_list, d);
}
l++;

Bug#958682: node-jsonld: Remove dependency to node-request

2023-12-22 Thread Pirate Praveen 

On Sun, 29 Oct 2023 21:37:08 +0100 Jonas Smedegaard  wrote:

Yes, I still want to work on node-jsonld - I will make time to look at
this soon...


yarnpkg 4.0.2 was recently uploaded to unstable, so this and 
node-matrix-js-sdk are the only remaining reverse dependencies for 
node-request. We have an ack from its maintainer to remove it 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958692#42 so this is 
the only real blocker remaining to remove node-request.

Processed: libfirefox-marionette-perl: FTBFS: tests fail

2023-12-22 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 1042299 - trixie sid
Bug #1042299 {Done: gregor herrmann } 
[src:libfirefox-marionette-perl] libfirefox-marionette-perl: FTBFS: tests fail
Removed tag(s) sid and trixie.
> tags 1042299 + bookworm
Bug #1042299 {Done: gregor herrmann } 
[src:libfirefox-marionette-perl] libfirefox-marionette-perl: FTBFS: tests fail
Added tag(s) bookworm.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1042299: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042299
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1042299: libfirefox-marionette-perl: FTBFS: tests fail

2023-12-22 Thread Santiago Vila 

tags 1042299 - trixie sid
tags 1042299 + bookworm
thanks

Hi. I found this bug while rebuilding all packages in bookworm:

https://tests.reproducible-builds.org/debian/rb-pkg/bookworm/amd64/libfirefox-marionette-perl.html

I'm fixing the metadata since it's a FTBFS bug.
Would be possible to fix it in bookworm, please?

Thanks.

Processed: unarchive for bookworm

2023-12-22 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> unarchive 1042299
Bug #1042299 {Done: gregor herrmann } 
[src:libfirefox-marionette-perl] libfirefox-marionette-perl: FTBFS: tests fail
Unarchived Bug 1042299
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1042299: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042299
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1056062: marked as done (coq: FTBFS in sid (dune update?))

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 14:15:51 -0500
with message-id 

and subject line Re: Bug#1056062: coq: FTBFS in sid (dune update?)
has caused the Debian Bug report #1056062,
regarding coq: FTBFS in sid (dune update?)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1056062: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056062
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Source: coq
Version: 8.17.0+dfsg-1
Severity: serious

Hello,

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/coq.html

As said here, there is a build failure due to probably new dune or something 
similar.

I can reproduce locally, but not always, looks some concurrency issue but also 
running dune with -j1 doesn't fix the issue.

$ (cd _build/default && /usr/bin/bash -e -u -o pipefail -c 
'doc/stdlib/make-library-index doc/stdlib/index-list.html doc/stdlib/hidden-files')
Building file index-list.prehtml... Error: none of doc/stdlib/index-list.html 
and doc/stdlib/hidden-files mention theories/Arith/Between.v
grep: tmp: No such file or directory
grep: tmp: No such file or directory

This is probably the culprit of the issue, but I don't really understand why 
this is not found

and also why running it manually works
bash -e -u -o pipefail -c 'doc/stdlib/make-library-index 
doc/stdlib/index-list.html doc/stdlib/hidden-files'
Building file index-list.prehtml...
Done


Sorry for not providing a patch, but I really don't have much knowledge about 
this build system, and despite my efforts I'm still failing

G.


OpenPGP_signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Version: 8.18.0+dfsg-1--- End Message ---

Processed: galera-4: FTBFS because of expired certificates

2023-12-22 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> retitle 1053334 galera-4: FTBFS in bookworm because of expired SSL 
> certificates
Bug #1053334 {Done: Otto Kekäläinen } [galera-4] Galera 4 not 
reproducible: post-build tests fail on build 2
Changed Bug title to 'galera-4: FTBFS in bookworm because of expired SSL 
certificates' from 'Galera 4 not reproducible: post-build tests fail on build 
2'.
> found 1053334 26.4.13-1
Bug #1053334 {Done: Otto Kekäläinen } [galera-4] galera-4: 
FTBFS in bookworm because of expired SSL certificates
Marked as found in versions galera-4/26.4.13-1.
> severity 1053334 serious
Bug #1053334 {Done: Otto Kekäläinen } [galera-4] galera-4: 
FTBFS in bookworm because of expired SSL certificates
Severity set to 'serious' from 'normal'
> tags 1053334 bookworm
Bug #1053334 {Done: Otto Kekäläinen } [galera-4] galera-4: 
FTBFS in bookworm because of expired SSL certificates
Added tag(s) bookworm.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1053334: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053334
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: crocus: Immediate glitches and GPU hangs in GNOME Shell since 23.3

2023-12-22 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> affects 1059015 src:gnome-shell
Bug #1059015 [libgl1-mesa-dri] crocus: Immediate glitches and GPU hangs in 
GNOME Shell since 23.3
Added indication that 1059015 affects src:gnome-shell
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
1059015: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059015
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: RM: node-request-capture-har -- ROM; wrapper around deprecated node-request

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> affects -1 + src:node-request-capture-har
Bug #1059337 [ftp.debian.org] RM: node-request-capture-har -- ROM; wrapper 
around deprecated node-request
Added indication that 1059337 affects src:node-request-capture-har
> block 1002901 by -1
Bug #1002901 [node-request-capture-har] node-request-capture-har is a wrapper 
around deprecated node-request
1002901 was blocked by: 1002902
1002901 was blocking: 956423
Added blocking bug(s) of 1002901: 1059337

-- 
1002901: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002901
1059337: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059337
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1059293: marked as done (lrzip: CVE-2023-39741)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 19:04:54 +
with message-id 
and subject line Bug#1059293: fixed in lrzip 0.651-3
has caused the Debian Bug report #1059293,
regarding lrzip: CVE-2023-39741
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1059293: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059293
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: lrzip
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for lrzip.

CVE-2023-39741[0]:
| lrzip v0.651 was discovered to contain a heap overflow via the
| libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp.
| This vulnerability allows attackers to cause a Denial of Service
| (DoS) via a crafted file.

https://github.com/ckolivas/lrzip/issues/246


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-39741
https://www.cve.org/CVERecord?id=CVE-2023-39741

Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---
Source: lrzip
Source-Version: 0.651-3
Done: Laszlo Boszormenyi (GCS) 

We believe that the bug you reported is fixed in the latest version of
lrzip, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1059...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS)  (supplier of updated lrzip package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 22 Dec 2023 19:05:20 +0100
Source: lrzip
Architecture: source
Version: 0.651-3
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) 
Changed-By: Laszlo Boszormenyi (GCS) 
Closes: 1059293
Changes:
 lrzip (0.651-3) unstable; urgency=high
 .
   * Backport hsize validation for empty PCOMP to prevent Denial of Service,
 fixes CVE-2023-39741 (closes: #1059293).
   * Use no for Rules-Requires-Root.
   * Update debhelper level to 13 .
   * Update Standards-Version to 4.6.2 .
Checksums-Sha1:
 1624014a2a00cfb802d4e73c445d6ef2e1cc72e1 1781 lrzip_0.651-3.dsc
 91575c069fc851c0e691beab687afc6f8e06039a 8652 lrzip_0.651-3.debian.tar.xz
Checksums-Sha256:
 83a722dfa1a6a02efdc82dd9e5fdc4ec0de00e249f2a1a59e6540552f8af6304 1781 
lrzip_0.651-3.dsc
 96eb9f75bed31b51a12804bb485a65b3852dc4c4281229dcf18aa81b2fb9bfed 8652 
lrzip_0.651-3.debian.tar.xz
Files:
 14fac7955a5b37047536a025b5a2f53b 1781 utils optional lrzip_0.651-3.dsc
 0d59f1d5fd4b9199ecc0c48bce411464 8652 utils optional 
lrzip_0.651-3.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAmWF2ZkACgkQ3OMQ54ZM
yL/tTQ//axb6maBt1ebRJ69zYL832i/JPN3en+sm5A1QE7c3m8GiY6PXUkn857MN
Toc3PDbnKH7r6kYOmKjZLw6fffgUeuJB95wuGNI1lJHn1YVeIRhRjp5Au6rz8CbI
70w9nNTKRFqoGuAV/oS3jGEvBTNwhcieticl+1Oe2ahoevnB37IbzgURlgoIl6yw
38eh045YnnuAwn8Rqj9vW6Qo2dnM1C7oDqJOdkC3GI1UZcy4awcj8m7TKJrGKEWS
OX3AbJRcSTMwimJ+o/Sertx7Hks50tT3ClKUOloWWulra0oo9Ds+3moCfdRst4+o
a491a47KIWzUwywrpDigupv9dx9Jg5Ru6oM/gkpHUQpELsX9HG5PqtrDe1yp1pbj
1Ey9dcfanjMNsmxUixJsV2hETXYhq/GTuYL/iXP0MqEZ0E8KSYWVjZvG5Gz7k793
HkjYGXh+GgzWakVd/Wro6tAxEIFjems9IYv9OIaiK1VpA1xJLTDDopA6cpAvD+Z0
mQTow1qaGs3SVMKtNAHx8/c8BBD4xI51I+Vb1mA2IcjtyrLZKNN+zCISIizYbcTT
pKNmv+xvhedNMX8O6ygi4cE4R94N9wci4L6OSG+QvBUzNtoiVK3LRoify2VBCwqu
5yyjwfaGnyXNNt3rFxwtogTfPI7o6fJZdjBePmQS+r5F3tejlWU=
=4M/Z
-END PGP SIGNATURE End Message ---

Bug#1059266: error: cannot verify inline signature

2023-12-22 Thread Aurelien Jarno 
On 2023-12-22 19:23, Aurelien Jarno wrote:
> control: reopen -1
> 
> Hi,
> 
> On 2023-12-22 12:16, Guillem Jover wrote:
> > Hi!
> > 
> > On Fri, 2023-12-22 at 10:53:18 +0100, Christian Marillat wrote:
> > > Package: dupload
> > > Version: 2.10.4
> > > Severity: grave
> > 
> > > This version fail to check a signature. Work fine with 2.10.3
> > > 
> > > ,
> > > | $ debrelease 
> > > | dupload note: no announcement will be sent.
> > > | Checking OpenPGP signatures before upload...gpgv: Signature made Fri 
> > > Dec 22 10:50:05 2023 CET
> > > | gpgv:using RSA key 
> > > A401FF99368FA1F98152DE755C808C2B65558117
> > > | gpgv:issuer "maril...@deb-multimedia.org"
> > > | gpgv: Can't check signature: No public key
> > > | openpgp-check: error: cannot verify inline signature for 
> > > ../gerbera-dmo_1.12.1-dmo5_amd64.changes: no acceptable signature found
> > > | 
> > > | dupload: error: Pre-upload '/usr/share/dupload/openpgp-check %1' failed 
> > > for ../gerbera-dmo_1.12.1-dmo5_amd64.changes
> > > `
> 
> This also causes issues on the riscv64 build daemons running sid:
> 
> | dupload exit status 9/0
> | Removed  to reupload later.
> | 
> | Complete output from dupload:
> | 
> | dupload note: no announcement will be sent.
> | Checking OpenPGP signatures before upload...gpgv: Signature made Fri Dec 22 
> 18:06:16 2023 UTC
> | gpgv:using RSA key 670D3AC041E218107D0DE6F9339F749981589F2F
> | gpgv: Can't check signature: No public key
> | openpgp-check: error: cannot verify inline signature for 
> emmax_0~beta.20100307-4_riscv64-buildd.changes: no acceptable signature found
> | 
> | dupload: error: Pre-upload '/usr/share/dupload/openpgp-check %1' failed for 
> emmax_0~beta.20100307-4_riscv64-buildd.changes
> 
> > Just to understand what is going wrong, I assume you don't have the
> > debian-keyring package installed (where the signing certificate could
> > be found in the debian-keyring.gpg keyring), nor the certificate for
> > A401FF99368FA1F98152DE755C808C2B65558117 in ~/.gnupg/trustedkeys.gpg?
> 
> For debian build daemons, it is not expected to have the keys in the
> debian-keyring.gpg file. The file ~/.gnupg/trustedkeys.gpg does not
> exist.
> 
> > But gpg has it in its certificate store?
> 
> Yes:
> 
> buildd@rv-manda-01:~/.gnupg$ gpg -K
> /home/buildd/.gnupg/pubring.kbx
> ---
> sec   rsa4096 2023-12-08 [SC] [expire : 2024-12-07]
>   670D3AC041E218107D0DE6F9339F749981589F2F
> uid  [  ultime ] buildd autosigning key rv-manda-01 
> 

It seems the decision to trust the key comes from ~/.gnupg/trustdb.gpg,
not from ~/.gnupg/trustedkeys.gpg.

Cheers
Aurelien

-- 
Aurelien Jarno  GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://aurel32.net

Bug#1059266: error: cannot verify inline signature

2023-12-22 Thread Aurelien Jarno 
control: reopen -1

Hi,

On 2023-12-22 12:16, Guillem Jover wrote:
> Hi!
> 
> On Fri, 2023-12-22 at 10:53:18 +0100, Christian Marillat wrote:
> > Package: dupload
> > Version: 2.10.4
> > Severity: grave
> 
> > This version fail to check a signature. Work fine with 2.10.3
> > 
> > ,
> > | $ debrelease 
> > | dupload note: no announcement will be sent.
> > | Checking OpenPGP signatures before upload...gpgv: Signature made Fri Dec 
> > 22 10:50:05 2023 CET
> > | gpgv:using RSA key 
> > A401FF99368FA1F98152DE755C808C2B65558117
> > | gpgv:issuer "maril...@deb-multimedia.org"
> > | gpgv: Can't check signature: No public key
> > | openpgp-check: error: cannot verify inline signature for 
> > ../gerbera-dmo_1.12.1-dmo5_amd64.changes: no acceptable signature found
> > | 
> > | dupload: error: Pre-upload '/usr/share/dupload/openpgp-check %1' failed 
> > for ../gerbera-dmo_1.12.1-dmo5_amd64.changes
> > `

This also causes issues on the riscv64 build daemons running sid:

| dupload exit status 9/0
| Removed  to reupload later.
| 
| Complete output from dupload:
| 
| dupload note: no announcement will be sent.
| Checking OpenPGP signatures before upload...gpgv: Signature made Fri Dec 22 
18:06:16 2023 UTC
| gpgv:using RSA key 670D3AC041E218107D0DE6F9339F749981589F2F
| gpgv: Can't check signature: No public key
| openpgp-check: error: cannot verify inline signature for 
emmax_0~beta.20100307-4_riscv64-buildd.changes: no acceptable signature found
| 
| dupload: error: Pre-upload '/usr/share/dupload/openpgp-check %1' failed for 
emmax_0~beta.20100307-4_riscv64-buildd.changes

> Just to understand what is going wrong, I assume you don't have the
> debian-keyring package installed (where the signing certificate could
> be found in the debian-keyring.gpg keyring), nor the certificate for
> A401FF99368FA1F98152DE755C808C2B65558117 in ~/.gnupg/trustedkeys.gpg?

For debian build daemons, it is not expected to have the keys in the
debian-keyring.gpg file. The file ~/.gnupg/trustedkeys.gpg does not
exist.

> But gpg has it in its certificate store?

Yes:

buildd@rv-manda-01:~/.gnupg$ gpg -K
/home/buildd/.gnupg/pubring.kbx
---
sec   rsa4096 2023-12-08 [SC] [expire : 2024-12-07]
  670D3AC041E218107D0DE6F9339F749981589F2F
uid  [  ultime ] buildd autosigning key rv-manda-01 


Thanks
Aurelien

-- 
Aurelien Jarno  GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://aurel32.net

Processed: Re: Bug#1059266: error: cannot verify inline signature

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> reopen -1
Bug #1059266 {Done: Christian Marillat } [dupload] error: 
cannot verify inline signature
Bug reopened
Ignoring request to alter fixed versions of bug #1059266 to the same values 
previously set

-- 
1059266: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059266
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: librandombytes-dev has an undeclared file conflict on /usr/lib/x86_64-linux-gnu/librandombytes.a

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> affects -1 + libnacl-dev
Bug #1059335 [librandombytes-dev] librandombytes-dev has an undeclared file 
conflict on /usr/lib/x86_64-linux-gnu/librandombytes.a
Added indication that 1059335 affects libnacl-dev

-- 
1059335: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059335
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1059335: librandombytes-dev has an undeclared file conflict on /usr/lib/x86_64-linux-gnu/librandombytes.a

2023-12-22 Thread Helmut Grohne 
Package: librandombytes-dev
Version: 0~20230919-3
Severity: serious
User: debian...@lists.debian.org
Usertags: fileconflict
Control: affects -1 + libnacl-dev

librandombytes-dev has an undeclared file conflict. This may result in
an unpack error from dpkg.

The file /usr/lib/x86_64-linux-gnu/librandombytes.a is contained in the
packages
 * libnacl-dev/20110221-12 as present in bookworm
 * librandombytes-dev/0~20230919-3 as present in unstable

These packages can be unpacked concurrently, because there is no
relevant Replaces or Conflicts relation. Attempting to unpack these
packages concurrently results in an unpack error from dpkg, because none
of the packages installs a diversion for the affected file.

Kind regards

The Debian Usr Merge Analysis Tool

This bug report has been automatically filed with no human intervention.
The source code is available at https://salsa.debian.org/helmutg/dumat.
If the filing is unclear or in error, don't hesitate to contact
hel...@subdivi.de for assistance.

Bug#1058937: /usr-move: Do we support upgrades without apt?

2023-12-22 Thread Helmut Grohne 
Hi Matthew,

On Thu, Dec 21, 2023 at 02:42:56PM +, Matthew Vernon wrote:
> On 21/12/2023 09:41, Helmut Grohne wrote:
> 
> > Is it ok to call upgrade scenarios failures that cannot be reproduced
> > using apt unsupported until we no longer deal with aliasing?

Let me thank David for clarifying what "using apt" means in exactly the
way I intended it.

As a result, I think the only "no" reply, I've seen thus far is from
Matthew here.

> I incline towards "no"; if an upgrade has failed part-way (as does happen),
> people may then reasonably use dpkg directly to try and un-wedge the upgrade
> (e.g. to try and configure some part-installed packages, or try installing
> some already-downloaded packages).

I incline to agreeing with the scenario you depict. This can reasonably
happen. I also think that David made a good case for it being unlikely
to manage oneself into the buggy situation that way. And then the
consequence is that you lost some possibly important files. If you ended
up fiddling with dpkg in a failed upgrade, would it be too much to ask
for running dpkg --verify? In the event you see missing files, you may
reinstall affected packages and thus have cured the symptoms for your
installation.

Say we extended release-notes saying that you should dpkg --verify after
the upgrade and more so if you happened to use dpkg directly in the
process and review the output. Would that address your concern?

> It may be that the mitigations necessary are worse than the risk, but I
> think the behaviour as described in #1058937 is definitely buggy.

I hope we all agree this is buggy. That's not the question. The question
at hand is whether this is a bug worth fixing or mitigating. We face a
lot of bugs in Debian and assign different severities. Here, the
preliminary analysis assigned a rc-severity which generally means it is
worth fixing. That's the thing I'm questioning here.

Also keep in mind that probably the majority of bullseye -> bookworm
upgrades have been performed already. In all those upgrades, nobody ran
into the issue and reported it. As David pointed out, it was encountered
by actively trying to make it break. It's the silent kind of failure, so
it may just have happened without people noticing.

Maybe we can all run dpkg --verify on our installations (in particular
those upgraded to bookworm or later) and report if they show anything
suspicious. Then we can better quantify how likely these issues happen
in practice.

I note that dpkg --verify does not currently work with --path-exclude.
I'm not sure whether that's a bug. Being a user of --path-exclude, I
note that I ran dpkg --verify on 5 very different systems and didn't
spot unusual things. This is anecdotal evidence and cannot prove the
absence of problems though. I'd be very keen to see at least one user
reporting such problems in a real upgrade rather than me trying to find
problems.

Helmut

Bug#1059334: python-bytecode fails it's autopkg tests

2023-12-22 Thread Matthias Klose 

Package: src:python-bytecode
Version: 0.15.1-2
Severity: serious
Tags: sid trixie

python-bytecode fails it's autopkg tests:

[...]
57s autopkgtest [00:42:21]: test pybuild-autopkgtest: pybuild-autopkgtest
 57s autopkgtest [00:42:21]: test pybuild-autopkgtest: 
[---

 57s dh before-pybuild-autopkgtest --buildsystem=pybuild
 58s dh: error: Unknown sequence before-pybuild-autopkgtest (choose 
from: binary binary-arch binary-indep build build-arch build-indep clean 
install install-arch install-indep)

 58s make: *** [debian/rules:13: before-pybuild-autopkgtest] Error 25
 58s pybuild-autopkgtest: error: /tmp/B_QXjozyWg/run 
before-pybuild-autopkgtest returned exit code 2
 58s autopkgtest [00:42:22]: test pybuild-autopkgtest: 
---]

 58s pybuild-autopkgtest  FAIL non-zero exit status 25

Bug#1000014: mydumper: depends on obsolete pcre3 library

2023-12-22 Thread Yavor Doganov 
Control: tags -1 + patch

Please find attached a patch; build-tested only.
Description: Port to PCRE2.
Bug-Debian: https://bugs.debian.org/114
Author: Yavor Doganov 
Forwarded: no
Last-Update: 2023-12-22
---

--- mydumper-0.10.1.orig/cmake/modules/FindPCRE.cmake
+++ mydumper-0.10.1/cmake/modules/FindPCRE.cmake
@@ -11,10 +11,10 @@
 # For details see the accompanying COPYING-CMAKE-SCRIPTS file.
 
 
-if (PCRE_INCLUDE_DIR AND PCRE_PCREPOSIX_LIBRARY AND PCRE_PCRE_LIBRARY)
+if (PCRE_INCLUDE_DIR AND PCRE_PCRE_LIBRARY)
   # Already in cache, be silent
   set(PCRE_FIND_QUIETLY TRUE)
-endif (PCRE_INCLUDE_DIR AND PCRE_PCREPOSIX_LIBRARY AND PCRE_PCRE_LIBRARY)
+endif (PCRE_INCLUDE_DIR AND PCRE_PCRE_LIBRARY)
 
 
 if (NOT WIN32)
@@ -22,24 +22,22 @@
   # in the FIND_PATH() and FIND_LIBRARY() calls
   find_package(PkgConfig)
 
-  pkg_check_modules(PC_PCRE REQUIRED libpcre)
+  pkg_check_modules(PC_PCRE REQUIRED libpcre2-8)
 
   set(PCRE_DEFINITIONS ${PC_PCRE_CFLAGS_OTHER})
 
 endif (NOT WIN32)
 
-find_path(PCRE_INCLUDE_DIR pcre.h 
+find_path(PCRE_INCLUDE_DIR pcre2.h
   HINTS ${PC_PCRE_INCLUDEDIR} ${PC_PCRE_INCLUDE_DIRS} 
-  PATH_SUFFIXES pcre)
+  )
 
-find_library(PCRE_PCRE_LIBRARY NAMES pcre HINTS ${PC_PCRE_LIBDIR} 
${PC_PCRE_LIBRARY_DIRS})
-
-find_library(PCRE_PCREPOSIX_LIBRARY NAMES pcreposix HINTS ${PC_PCRE_LIBDIR} 
${PC_PCRE_LIBRARY_DIRS})
+find_library(PCRE_PCRE_LIBRARY NAMES pcre2-8 HINTS ${PC_PCRE_LIBDIR} 
${PC_PCRE_LIBRARY_DIRS})
 
 include(FindPackageHandleStandardArgs)
-find_package_handle_standard_args(PCRE DEFAULT_MSG PCRE_INCLUDE_DIR 
PCRE_PCRE_LIBRARY PCRE_PCREPOSIX_LIBRARY )
+find_package_handle_standard_args(PCRE DEFAULT_MSG PCRE_INCLUDE_DIR 
PCRE_PCRE_LIBRARY )
 
-set(PCRE_LIBRARIES ${PCRE_PCRE_LIBRARY} ${PCRE_PCREPOSIX_LIBRARY})
+set(PCRE_LIBRARIES ${PCRE_PCRE_LIBRARY})
 
-mark_as_advanced(PCRE_INCLUDE_DIR PCRE_LIBRARIES PCRE_PCREPOSIX_LIBRARY 
PCRE_PCRE_LIBRARY)
+mark_as_advanced(PCRE_INCLUDE_DIR PCRE_LIBRARIES PCRE_PCRE_LIBRARY)
 
--- mydumper-0.10.1.orig/mydumper.c
+++ mydumper-0.10.1/mydumper.c
@@ -36,7 +36,8 @@
 #include 
 #include 
 #include 
-#include 
+#define PCRE2_CODE_UNIT_WIDTH 8
+#include 
 #include 
 #include 
 #include "config.h"
@@ -387,26 +388,31 @@
 
 gboolean check_regex(char *database, char *table) {
   /* This is not going to be used in threads */
-  static pcre *re = NULL;
+  static pcre2_code *re = NULL;
+  pcre2_match_data *md;
   int rc;
-  int ovector[9] = {0};
-  const char *error;
-  int erroroffset;
+  PCRE2_UCHAR error[120];
+  int err;
+  PCRE2_SIZE erroroffset;
 
   char *p;
 
   /* Let's compile the RE before we do anything */
   if (!re) {
-re = pcre_compile(regexstring, PCRE_CASELESS | PCRE_MULTILINE, &error,
-  &erroroffset, NULL);
+re = pcre2_compile((PCRE2_SPTR)regexstring, strlen(regexstring),
+   PCRE2_CASELESS | PCRE2_MULTILINE,
+   &err, &erroroffset, NULL);
 if (!re) {
+  pcre2_get_error_message(err, error, sizeof(error));
   g_critical("Regular expression fail: %s", error);
   exit(EXIT_FAILURE);
 }
   }
 
   p = g_strdup_printf("%s.%s", database, table);
-  rc = pcre_exec(re, NULL, p, strlen(p), 0, 0, ovector, 9);
+  md = pcre2_match_data_create(9, NULL);
+  rc = pcre2_match(re, (PCRE2_SPTR)p, strlen(p), 0, 0, md, NULL);
+  pcre2_match_data_free(md);
   g_free(p);
 
   return (rc > 0) ? TRUE : FALSE;
--- mydumper-0.10.1.orig/server_detect.c
+++ mydumper-0.10.1/server_detect.c
@@ -15,73 +15,96 @@
 Authors:Andrew Hutchings, SkySQL (andrew at skysql dot com)
 */
 
-#include 
+#define PCRE2_CODE_UNIT_WIDTH 8
+#include 
 #include 
 #include 
 #include "server_detect.h"
 
 int detect_server(MYSQL *conn) {
-  pcre *re = NULL;
-  const char *error;
-  int erroroffset;
-  int ovector[9] = {0};
+  pcre2_code *re = NULL;
+  pcre2_match_data *md;
+  PCRE2_UCHAR error[120];
+  PCRE2_SIZE erroroffset;
+  int err;
   int rc;
   const char *db_version = mysql_get_server_info(conn);
 
   // debug the version
   g_message("Server version reported as: %s", db_version);
 
-  re = pcre_compile(DETECT_TIDB_REGEX, 0, &error, &erroroffset, NULL);
+  re = pcre2_compile((PCRE2_SPTR)DETECT_TIDB_REGEX, PCRE2_ZERO_TERMINATED,
+ 0, &err, &erroroffset, NULL);
   if (!re) {
+pcre2_get_error_message(err, error, sizeof(error));
 g_critical("Regular expression fail: %s", error);
 exit(EXIT_FAILURE);
   }
 
-  rc = pcre_exec(re, NULL, db_version, strlen(db_version), 0, 0, ovector, 9);
-  pcre_free(re);
+  md = pcre2_match_data_create(9, NULL);
+  rc = pcre2_match(re, (PCRE2_SPTR)db_version, strlen(db_version),
+   0, 0, md, NULL);
+  pcre2_code_free(re);
 
   if (rc > 0) {
+pcre2_match_data_free(md);
 return SERVER_TYPE_TIDB;
   }
 
-  re = pcre_compile(DETECT_MYSQL_REGEX, 0, &error, &erroroffset, NULL);
+  re = pcre2_compile((PCRE2_SPTR)DETECT_MYSQL_REGEX, PCRE2_ZERO_TERMINATED,
+ 0, &err, &erro

Processed: Re: Bug#1000014: mydumper: depends on obsolete pcre3 library

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + patch
Bug #114 [src:mydumper] mydumper: depends on obsolete pcre3 library
Added tag(s) patch.

-- 
114: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=114
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1054716: marked as done (bitshuffle: FTBFS: ImportError: cannot import name h5d)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 16:34:29 +
with message-id 
and subject line Bug#1054716: fixed in bitshuffle 0.5.1-1.1
has caused the Debian Bug report #1054716,
regarding bitshuffle: FTBFS: ImportError: cannot import name h5d
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1054716: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054716
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: bitshuffle
Version: 0.3.5-4
Severity: serious
Justification: FTBFS
Tags: trixie sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20231027 ftbfs-trixie

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
> make[1]: Entering directory '/<>'
> set -e; \
> for py in `py3versions -s -v`; do \
>   mpirun --allow-run-as-root -n 1 pybuild --test -i python{version} -p $py; \
> done
> I: pybuild base:310: cd 
> /<>/.pybuild/cpython3_3.11_bitshuffle/build; python3.11 -m 
> unittest discover -v 
> test_circle (bitshuffle.tests.test_ext.TestBitShuffleCircle.test_circle) ... 
> ok
> test_circle_with_compression 
> (bitshuffle.tests.test_ext.TestBitShuffleCircle.test_circle_with_compression) 
> ... ok
> test_trans_bit_elem_AVX 
> (bitshuffle.tests.test_ext.TestOddLengths.test_trans_bit_elem_AVX) ... ok
> test_trans_bit_elem_SSE 
> (bitshuffle.tests.test_ext.TestOddLengths.test_trans_bit_elem_SSE) ... ok
> test_trans_bit_elem_scal 
> (bitshuffle.tests.test_ext.TestOddLengths.test_trans_bit_elem_scal) ... ok
> test_trans_byte_elem_SSE 
> (bitshuffle.tests.test_ext.TestOddLengths.test_trans_byte_elem_SSE) ... ok
> test_untrans_bit_elem_AVX 
> (bitshuffle.tests.test_ext.TestOddLengths.test_untrans_bit_elem_AVX) ... ok
> test_untrans_bit_elem_SSE 
> (bitshuffle.tests.test_ext.TestOddLengths.test_untrans_bit_elem_SSE) ... ok
> test_untrans_bit_elem_scal 
> (bitshuffle.tests.test_ext.TestOddLengths.test_untrans_bit_elem_scal) ... ok
> test_00_copy (bitshuffle.tests.test_ext.TestProfile.test_00_copy) ... ok
> test_01a_trans_byte_elem_scal_16 
> (bitshuffle.tests.test_ext.TestProfile.test_01a_trans_byte_elem_scal_16) ... 
> ok
> test_01b_trans_byte_elem_scal_32 
> (bitshuffle.tests.test_ext.TestProfile.test_01b_trans_byte_elem_scal_32) ... 
> ok
> test_01c_trans_byte_elem_scal_64 
> (bitshuffle.tests.test_ext.TestProfile.test_01c_trans_byte_elem_scal_64) ... 
> ok
> test_01d_trans_byte_elem_16 
> (bitshuffle.tests.test_ext.TestProfile.test_01d_trans_byte_elem_16) ... ok
> test_01e_trans_byte_elem_32 
> (bitshuffle.tests.test_ext.TestProfile.test_01e_trans_byte_elem_32) ... ok
> test_01f_trans_byte_elem_64 
> (bitshuffle.tests.test_ext.TestProfile.test_01f_trans_byte_elem_64) ... ok
> test_01g_trans_byte_elem_128 
> (bitshuffle.tests.test_ext.TestProfile.test_01g_trans_byte_elem_128) ... ok
> test_01h_trans_byte_elem_96 
> (bitshuffle.tests.test_ext.TestProfile.test_01h_trans_byte_elem_96) ... ok
> test_01i_trans_byte_elem_80 
> (bitshuffle.tests.test_ext.TestProfile.test_01i_trans_byte_elem_80) ... ok
> test_03a_trans_bit_byte 
> (bitshuffle.tests.test_ext.TestProfile.test_03a_trans_bit_byte) ... ok
> test_03d_trans_bit_byte_SSE 
> (bitshuffle.tests.test_ext.TestProfile.test_03d_trans_bit_byte_SSE) ... ok
> test_03f_trans_bit_byte_AVX 
> (bitshuffle.tests.test_ext.TestProfile.test_03f_trans_bit_byte_AVX) ... ok
> test_03g_trans_bit_byte_AVX_32 
> (bitshuffle.tests.test_ext.TestProfile.test_03g_trans_bit_byte_AVX_32) ... ok
> test_04a_trans_bit_elem_AVX 
> (bitshuffle.tests.test_ext.TestProfile.test_04a_trans_bit_elem_AVX) ... ok
> test_04b_trans_bit_elem_AVX_128 
> (bitshuffle.tests.test_ext.TestProfile.test_04b_trans_bit_elem_AVX_128) ... ok
> test_04c_trans_bit_elem_AVX_32 
> (bitshuffle.tests.test_ext.TestProfile.test_04c_trans_bit_elem_AVX_32) ... ok
> test_04d_trans_bit_elem_AVX_16 
> (bitshuffle.tests.test_ext.TestProfile.test_04d_trans_bit_elem_AVX_16) ... ok
> test_04e_trans_bit_elem_64 
> (bitshuffle.tests.test_ext.TestProfile.test_04e_trans_bit_elem_64) ... ok
> test_04f_trans_bit_elem_SSE_32 
> (bitshuffle.tests.test_ext.TestProfile.test_04f_trans_bit_elem_SSE_32) ... ok
> test_04g_trans_bit_elem_SSE_64 
> (bitshuffle.tests.test_ext.TestProfile.test_04g_trans_bit_elem_SSE_64) ... ok
> test_06a_untrans_bit_elem_16 
> (bitshuffle.tests.test_ext.TestProfile.test_06a_untrans_bit_elem_16) ... ok
> test_06b_untrans_bit_elem_128 
> (bitshuffle.tests.test_ext.TestProfile.test_06b_untrans_bit_elem_128) ... ok
> test_06c_untrans_bit_elem_32 
> (bitshuffle.tests.test_ext.TestProfile.test_06c_untrans_bit_elem_32) ... ok
> test_06d_untrans_bit_elem_3

Bug#1059266: marked as done (error: cannot verify inline signature)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 17:28:12 +0100
with message-id <87ttoadwwz@christian.marillat.net>
and subject line Re: Bug#1059266: error: cannot verify inline signature
has caused the Debian Bug report #1059266,
regarding error: cannot verify inline signature
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1059266: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059266
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: dupload
Version: 2.10.4
Severity: grave

Dear Maintainer,

This version fail to check a signature. Work fine with 2.10.3

,
| $ debrelease 
| dupload note: no announcement will be sent.
| Checking OpenPGP signatures before upload...gpgv: Signature made Fri Dec 22 
10:50:05 2023 CET
| gpgv:using RSA key A401FF99368FA1F98152DE755C808C2B65558117
| gpgv:issuer "maril...@deb-multimedia.org"
| gpgv: Can't check signature: No public key
| openpgp-check: error: cannot verify inline signature for 
../gerbera-dmo_1.12.1-dmo5_amd64.changes: no acceptable signature found
| 
| dupload: error: Pre-upload '/usr/share/dupload/openpgp-check %1' failed for 
../gerbera-dmo_1.12.1-dmo5_amd64.changes
`

Christian


-- System Information:
Debian Release: trixie/sid
  APT prefers buildd-unstable
  APT policy: (500, 'buildd-unstable'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.6.8-1-custom (SMP w/24 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages dupload depends on:
ii  libdpkg-perl  1.22.2
ii  perl  5.36.0-10

Versions of packages dupload recommends:
ii  libio-socket-ssl-perl  2.084-1
ii  liburi-perl5.21-1
ii  openssh-client 1:9.6p1-2

Versions of packages dupload suggests:
ii  exim4-daemon-heavy [mail-transport-agent]  4.97-2
pn  libsecret-tools
ii  lintian2.116.3

-- no debconf information
--- End Message ---
--- Begin Message ---
On 22 déc. 2023 12:16, Guillem Jover  wrote:

> Hi!
>
> On Fri, 2023-12-22 at 10:53:18 +0100, Christian Marillat wrote:
>> Package: dupload
>> Version: 2.10.4
>> Severity: grave
>
>> This version fail to check a signature. Work fine with 2.10.3

Well, I don't know why but this bug is gone.

Christian--- End Message ---

Bug#1055511: diversions of /sbin/halt and friends

2023-12-22 Thread Helmut Grohne 
On Fri, Dec 22, 2023 at 12:30:04PM +0100, Helmut Grohne wrote:
> My patch for progress-linux-container and bfh-container fails to remove
> /usr/lib/container on package removal. This probably breaks piuparts. I
> am attaching a followup patch. This defect is unrelated to the /usr-move
> as far as I can tell.

Chris kindly made me aware that I forgot to attach patches.

Helmut
diff --minimal -Nru bfh-metapackages-20211009/debian/bfh-container.postrm 
bfh-metapackages-20211009/debian/bfh-container.postrm
--- bfh-metapackages-20211009/debian/bfh-container.postrm   2023-12-20 
11:10:47.0 +0100
+++ bfh-metapackages-20211009/debian/bfh-container.postrm   2023-12-22 
11:29:03.0 +0100
@@ -13,6 +13,13 @@
do
dpkg-divert --package bfh-container --quiet --remove 
--rename --divert "/usr/lib/container/divert/${FILE}.orig" "/usr/sbin/${FILE}"
done
+
+   if test -d /usr/lib/container; then
+   if test -d /usr/lib/container/divert; then
+   rmdir --ignore-fail-on-non-empty 
/usr/lib/container/divert
+   fi
+   rmdir --ignore-fail-on-non-empty /usr/lib/container
+   fi
;;
 
purge|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
diff --minimal -Nru bfh-metapackages-20211009/debian/bfh-container.preinst 
bfh-metapackages-20211009/debian/bfh-container.preinst
--- bfh-metapackages-20211009/debian/bfh-container.preinst  2023-12-20 
11:10:47.0 +0100
+++ bfh-metapackages-20211009/debian/bfh-container.preinst  2023-12-22 
11:26:27.0 +0100
@@ -4,7 +4,7 @@
 
 case "${1}" in
install|upgrade)
-   mkdir -p /lib/container/divert
+   mkdir -p /usr/lib/container/divert
 
for FILE in halt poweroff reboot shutdown coldreboot
do
diff --minimal -Nru bfh-metapackages-20211009/debian/changelog 
bfh-metapackages-20211009/debian/changelog
--- bfh-metapackages-20211009/debian/changelog  2023-12-20 11:12:25.0 
+0100
+++ bfh-metapackages-20211009/debian/changelog  2023-12-22 11:29:03.0 
+0100
@@ -1,3 +1,10 @@
+bfh-metapackages (20211009-22.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Delete /usr/lib/container/divert on package removal.
+
+ -- Helmut Grohne   Fri, 22 Dec 2023 11:29:03 +0100
+
 bfh-metapackages (20211009-22) experimental; urgency=medium
 
   * Uploading to experimental.
diff --minimal -Nru progress-linux-metapackages-20221002/debian/changelog 
progress-linux-metapackages-20221002/debian/changelog
--- progress-linux-metapackages-20221002/debian/changelog   2023-12-20 
11:26:39.0 +0100
+++ progress-linux-metapackages-20221002/debian/changelog   2023-12-22 
11:44:44.0 +0100
@@ -1,3 +1,10 @@
+progress-linux-metapackages (20221002-11.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Delete /usr/lib/container/divert on package removal.
+
+ -- Helmut Grohne   Fri, 22 Dec 2023 11:44:44 +0100
+
 progress-linux-metapackages (20221002-11) experimental; urgency=medium
 
   * Uploading to experimental.
diff --minimal -Nru 
progress-linux-metapackages-20221002/debian/progress-linux-container.postrm 
progress-linux-metapackages-20221002/debian/progress-linux-container.postrm
--- progress-linux-metapackages-20221002/debian/progress-linux-container.postrm 
2023-12-20 11:25:47.0 +0100
+++ progress-linux-metapackages-20221002/debian/progress-linux-container.postrm 
2023-12-22 11:44:43.0 +0100
@@ -13,6 +13,13 @@
do
dpkg-divert --package progress-linux-container --quiet 
--remove --rename --divert "/usr/lib/container/divert/${FILE}.orig" 
"/usr/sbin/${FILE}"
done
+
+   if test -d /usr/lib/container; then
+   if test -d /usr/lib/container/divert; then
+   rmdir --ignore-fail-on-non-empty 
/usr/lib/container/divert
+   fi
+   rmdir --ignore-fail-on-non-empty /usr/lib/container
+   fi
;;
 
purge|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
diff --minimal -Nru 
progress-linux-metapackages-20221002/debian/progress-linux-container.preinst 
progress-linux-metapackages-20221002/debian/progress-linux-container.preinst
--- 
progress-linux-metapackages-20221002/debian/progress-linux-container.preinst
2023-12-20 11:26:29.0 +0100
+++ 
progress-linux-metapackages-20221002/debian/progress-linux-container.preinst
2023-12-22 11:44:08.0 +0100
@@ -4,7 +4,7 @@
 
 case "${1}" in
install|upgrade)
-   mkdir -p /lib/container/divert
+   mkdir -p /usr/lib/container/divert
 
for FILE in halt poweroff reboot shutdown coldreboot
do

Bug#978257: marked as done (pynwb: FTBFS: dh_auto_test: error: pybuild --test -i python{version} -p 3.9 returned exit code 13)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 16:06:17 +
with message-id 
and subject line Bug#978257: fixed in pynwb 2.5.0-1
has caused the Debian Bug report #978257,
regarding pynwb: FTBFS: dh_auto_test: error: pybuild --test -i python{version} 
-p 3.9 returned exit code 13
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
978257: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978257
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: pynwb
Version: 1.2.1-2
Severity: serious
Justification: FTBFS on amd64
Tags: bullseye sid ftbfs
Usertags: ftbfs-20201226 ftbfs-bullseye

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.

Relevant part (hopefully):
>  debian/rules build
> dh build --with python3 --buildsystem=pybuild
>dh_update_autotools_config -O--buildsystem=pybuild
>dh_autoreconf -O--buildsystem=pybuild
>dh_auto_configure -O--buildsystem=pybuild
>   pybuild --configure -i python{version} -p 3.9
> I: pybuild base:232: python3.9 setup.py config 
> found these packages: ['pynwb', 'pynwb.legacy', 'pynwb.testing', 'pynwb.io', 
> 'pynwb.legacy.io']
> ['h5py>=2.9', 'hdmf>=1.5.4,<2', 'numpy>=1.16', 'pandas>=0.23', 
> 'python-dateutil>=2.7']
> running config
>dh_auto_build -O--buildsystem=pybuild
>   pybuild --build -i python{version} -p 3.9
> I: pybuild base:232: /usr/bin/python3 setup.py build 
> found these packages: ['pynwb', 'pynwb.legacy', 'pynwb.testing', 'pynwb.io', 
> 'pynwb.legacy.io']
> ['h5py>=2.9', 'hdmf>=1.5.4,<2', 'numpy>=1.16', 'pandas>=0.23', 
> 'python-dateutil>=2.7']
> running build
> running build_py
> creating /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/validate.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/ecephys.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/core.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/__init__.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/retinotopy.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/spec.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/image.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/misc.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/file.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/_version.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/device.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/icephys.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/ogen.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/ophys.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/behavior.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/base.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> copying src/pynwb/epoch.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb
> creating /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/legacy
> copying src/pynwb/legacy/__init__.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/legacy
> copying src/pynwb/legacy/map.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/legacy
> creating /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/testing
> copying src/pynwb/testing/__init__.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/testing
> copying src/pynwb/testing/make_test_files.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/testing
> copying src/pynwb/testing/utils.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/testing
> copying src/pynwb/testing/testh5io.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/testing
> creating /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/io
> copying src/pynwb/io/ecephys.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/io
> copying src/pynwb/io/core.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/io
> copying src/pynwb/io/__init__.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/io
> copying src/pynwb/io/retinotopy.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/io
> copying src/pynwb/io/image.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/io
> copying src/pynwb/io/misc.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/io
> copying src/pynwb/io/file.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/io
> copying src/pynwb/io/icephys.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/io
> copying src/pynwb/io/ogen.py -> 
> /<>/.pybuild/cpython3_3.9_pynwb/build/pynwb/io
> copying src/pynwb/

Bug#1058425: marked as done (pytest-mpl: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.12 3.11" returned exit code 13)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 15:53:06 +
with message-id 
and subject line Bug#1058425: fixed in pytest-mpl 0.16.1-2
has caused the Debian Bug report #1058425,
regarding pytest-mpl: FTBFS: dh_auto_test: error: pybuild --test --test-pytest 
-i python{version} -p "3.12 3.11" returned exit code 13
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1058425: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058425
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: pytest-mpl
Version: 0.16.1-1
Severity: serious
Justification: FTBFS
Tags: trixie sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20231212 ftbfs-trixie

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
>  debian/rules binary
> dh binary --with python3 --buildsystem=pybuild
>dh_update_autotools_config -O--buildsystem=pybuild
>dh_autoreconf -O--buildsystem=pybuild
>dh_auto_configure -O--buildsystem=pybuild
> I: pybuild base:310: python3.12 setup.py config 
> /usr/lib/python3/dist-packages/setuptools/config/setupcfg.py:293: 
> _DeprecatedConfig: Deprecated config in `setup.cfg`
> !!
> 
> 
> 
> The license_file parameter is deprecated, use license_files instead.
> 
> This deprecation is overdue, please update your project and remove 
> deprecated
> calls to avoid build errors in the future.
> 
> See 
> https://setuptools.pypa.io/en/latest/userguide/declarative_config.html for 
> details.
> 
> 
> 
> !!
>   parsed = self.parsers.get(option_name, lambda x: x)(value)
> /usr/lib/python3/dist-packages/setuptools/_distutils/dist.py:265: 
> UserWarning: Unknown distribution option: 'use_scm_version'
>   warnings.warn(msg)
> running config
> I: pybuild base:310: python3.11 setup.py config 
> /usr/lib/python3/dist-packages/setuptools/config/setupcfg.py:293: 
> _DeprecatedConfig: Deprecated config in `setup.cfg`
> !!
> 
> 
> 
> The license_file parameter is deprecated, use license_files instead.
> 
> This deprecation is overdue, please update your project and remove 
> deprecated
> calls to avoid build errors in the future.
> 
> See 
> https://setuptools.pypa.io/en/latest/userguide/declarative_config.html for 
> details.
> 
> 
> 
> !!
>   parsed = self.parsers.get(option_name, lambda x: x)(value)
> /usr/lib/python3/dist-packages/setuptools/_distutils/dist.py:265: 
> UserWarning: Unknown distribution option: 'use_scm_version'
>   warnings.warn(msg)
> running config
>dh_auto_build -O--buildsystem=pybuild
> I: pybuild base:310: /usr/bin/python3.12 setup.py build 
> /usr/lib/python3/dist-packages/setuptools/config/setupcfg.py:293: 
> _DeprecatedConfig: Deprecated config in `setup.cfg`
> !!
> 
> 
> 
> The license_file parameter is deprecated, use license_files instead.
> 
> This deprecation is overdue, please update your project and remove 
> deprecated
> calls to avoid build errors in the future.
> 
> See 
> https://setuptools.pypa.io/en/latest/userguide/declarative_config.html for 
> details.
> 
> 
> 
> !!
>   parsed = self.parsers.get(option_name, lambda x: x)(value)
> /usr/lib/python3/dist-packages/setuptools/_distutils/dist.py:265: 
> UserWarning: Unknown distribution option: 'use_scm_version'
>   warnings.warn(msg)
> running build
> running build_py
> creating /<>/.pybuild/cpython3_3.12_pytest-mpl/build/pytest_mpl
> copying pytest_mpl/__init__.py -> 
> /<>/.pybuild/cpython3_3.12_pytest-mpl/build/pytest_mpl
> copying pytest_mpl/plugin.py -> 
> /<>/.pybuild/cpython3_3.12_pytest-mpl/build/pytest_mpl
> creating 
> /<>/.pybuild/cpython3_3.12_pytest-mpl/build/pytest_mpl/summary
> copying pytest_mpl/summary/__init__.py -> 
> /<>/.pybuild/cpython3_3.12_pytest-mpl/build/pytest_mpl/summary
> copying pytest_mpl/summary/html.py -> 
> /<>/.pybuild/cpython3_3.12_pytest-mpl/build/pytest_mpl/summary
> running egg_info
> creating pytest_mpl.egg-info
> writing pytest_mpl.egg-info/PKG-INFO
> writing dependency_links to pytest_mpl.egg-info/dependency_links.txt

Bug#1058307: marked as done (python-airr: FTBFS: AttributeError: module 'configparser' has no attribute 'SafeConfigParser'. Did you mean: 'RawConfigParser'?)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 15:17:38 +
with message-id 
and subject line Bug#1058307: fixed in python-airr 1.5.0-1
has caused the Debian Bug report #1058307,
regarding python-airr: FTBFS: AttributeError: module 'configparser' has no 
attribute 'SafeConfigParser'. Did you mean: 'RawConfigParser'?
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1058307: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058307
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: python-airr
Version: 1.3.1-1
Severity: serious
Justification: FTBFS
Tags: trixie sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20231212 ftbfs-trixie

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
> make[1]: Entering directory '/<>'
> dh_auto_clean
> I: pybuild base:310: python3.12 setup.py clean 
> /<>/versioneer.py:421: SyntaxWarning: invalid escape sequence 
> '\s'
>   LONG_VERSION_PY['git'] = '''
> Traceback (most recent call last):
>   File "/<>/setup.py", line 26, in 
> version=versioneer.get_version(),
> 
>   File "/<>/versioneer.py", line 1480, in get_version
> return get_versions()["version"]
>^^
>   File "/<>/versioneer.py", line 1412, in get_versions
> cfg = get_config_from_root(root)
>   ^^
>   File "/<>/versioneer.py", line 342, in get_config_from_root
> parser = configparser.SafeConfigParser()
>  ^
> AttributeError: module 'configparser' has no attribute 'SafeConfigParser'. 
> Did you mean: 'RawConfigParser'?
> E: pybuild pybuild:395: clean: plugin distutils failed with: exit code=1: 
> python3.12 setup.py clean 
> dh_auto_clean: error: pybuild --clean -i python{version} -p "3.12 3.11" 
> returned exit code 13
> make[1]: *** [debian/rules:15: override_dh_auto_clean] Error 25


The full build log is available from:
http://qa-logs.debian.net/2023/12/12/python-airr_1.3.1-1_unstable.log

All bugs filed during this archive rebuild are listed at:
https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20231212;users=lu...@debian.org
or:
https://udd.debian.org/bugs/?release=na&merged=ign&fnewerval=7&flastmodval=7&fusertag=only&fusertagtag=ftbfs-20231212&fusertaguser=lu...@debian.org&allbugs=1&cseverity=1&ctags=1&caffected=1#results

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

If you reassign this bug to another package, please mark it as 'affects'-ing
this package. See https://www.debian.org/Bugs/server-control#affects

If you fail to reproduce this, please provide a build log and diff it with mine
so that we can identify if something relevant changed in the meantime.
--- End Message ---
--- Begin Message ---
Source: python-airr
Source-Version: 1.5.0-1
Done: Andreas Tille 

We believe that the bug you reported is fixed in the latest version of
python-airr, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1058...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Tille  (supplier of updated python-airr package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 22 Dec 2023 14:42:56 +0100
Source: python-airr
Architecture: source
Version: 1.5.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team 
Changed-By: Andreas Tille 
Closes: 1058307
Changes:
 python-airr (1.5.0-1) unstable; urgency=medium
 .
   * Team upload.
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster (oldstable):
 + Build-Depends: Drop versioned constraint on python3-pandas and
   python3-yaml.
 .
   [ Andreas Tille ]
   * Set DPT as maintainer
   * Standards-Version: 4.6.2 (routine-update)
   * Build-Depends: s/dh-python/dh-sequence-python3/ (routine-update)
   * Replace SafeConfigParser deprecated in Python3.12
 Closes: #1058307
Checksums-Sha1:
 928df53d015fc385071733ae84da7b77b13ddabb 2151 python-airr_1.5.0-1.dsc
 98fd3a8431d25d01fb2911b5aa69c65420989bb2 63397 python-airr_1.5.0.orig

Bug#1059245: gdm3: GDM3 fails to start on Wayland, maybe due to org.freedesktop.systemd1 failing to activate

2023-12-22 Thread Simon McVittie 
On Fri, 22 Dec 2023 at 03:23:21 +0100, Olivier Mehani wrote:
> GDM3 doesn't seem to be able to start a Wayland session (nor a fallback Xorg 
> session, but I'm less concerned about this, and this seems to be a 
> separate permission issue).

That's a valid bug, let's leave your report open for that.

If neither Wayland nor Xorg works, that would suggest (to me, at least)
that this is a lower-level issue, indeed perhaps involving permissions
as you say.

> This seems to be related to 
> org.freedesktop.systemd1 failing to activate (and triggering the 
> fallback to Xorg).

I don't think this is necessarily the root cause, though.

> The smoking gun implicating org.freedesktop.systemd1 is
> 
>   déc. 22 03:17:17 desktop gdm-launch-environment][28769]: 
> pam_unix(gdm-launch-environment:session): session opened for user 
> Debian-gdm(uid=113) by (uid=0)
>   déc. 22 03:17:17 desktop /usr/libexec/gdm-wayland-session[28792]: 
> dbus-daemon[28792]: [session uid=113 pid=28792] Activating service 
> name='org.freedesktop.systemd1' requested by ':1.0' (uid=113 pid=28785 
> comm="/usr/libexec/gdm-wayland-session dbus-run-session ")
>   déc. 22 03:17:17 desktop /usr/libexec/gdm-wayland-session[28792]: 
> dbus-daemon[28792]: [session uid=113 pid=28792] Activated service 
> 'org.freedesktop.systemd1' failed: Process org.freedesktop.systemd1 exited 
> with status 1

Even though it looks bad at first glance, this could actually be fine. gdm
can run more than one "greeter" (login prompt) under the same uid, so it
intentionally avoids the mechanism that would normally result in having
one `dbus-daemon --session` per uid. Instead, it uses dbus-run-session(1)
to launch one `dbus-daemon --session` per greeter.

The result is that gdm-wayland-session tries to contact `systemd --user`,
which fails with exit status 1, because
/usr/share/dbus-1/system-services/org.freedesktop.systemd1.service
contains:

Exec=/bin/false

(it is not possible to start a `systemd --user` when already inside a
session that does not already have one).

I get similar messages on a fully-working system, in this case a virtual
machine running bookworm and GNOME, without anything being obviously broken:

Dec 22 14:38:53 d12gnome /usr/libexec/gdm-wayland-session[691]: 
dbus-daemon[691]: [session uid=113 pid=691] Activating
 service name='org.freedesktop.systemd1' requested by ':1.10' (uid=113 pid=851 
comm="/usr/libexec/gsd-sharing")
Dec 22 14:38:53 d12gnome /usr/libexec/gdm-wayland-session[691]: 
dbus-daemon[691]: [session uid=113 pid=691] Activated service 
'org.freedesktop.systemd1' failed: Process org.freedesktop.systemd1 exited with 
status 1
Dec 22 14:38:53 d12gnome gsd-sharing[851]: Failed to StopUnit service: 
GDBus.Error:org.freedesktop.DBus.Error.Spawn.ChildExited: Process 
org.freedesktop.systemd1 exited with status 1
Dec 22 14:38:53 d12gnome gsd-sharing[851]: Failed to StopUnit service: 
GDBus.Error:org.freedesktop.DBus.Error.Spawn.ChildExited: Process 
org.freedesktop.systemd1 exited with status 1
Dec 22 14:38:53 d12gnome gnome-shell[727]: Error looking up permission: 
GDBus.Error:org.freedesktop.portal.Error.NotFound: No entry for geolocation
Dec 22 14:38:53 d12gnome org.gnome.Shell.desktop[783]: Failed to initialize 
glamor, falling back to sw
Dec 22 14:38:53 d12gnome /usr/libexec/gdm-wayland-session[691]: 
dbus-daemon[691]: [session uid=113 pid=691] Activating service 
name='org.gtk.vfs.Daemon' requested by ':1.25' (uid=113 pid=885 
comm="ibus-daemon --panel disable")

So I think you might need to look elsewhere for the root cause of the gdm
session not starting successfully.

smcv

Processed: Re: crocus: Immediate glitches and GPU hangs in GNOME Shell since 23.3

2023-12-22 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 1059015 serious
Bug #1059015 [libgl1-mesa-dri] crocus: Immediate glitches and GPU hangs in 
GNOME Shell since 23.3
Severity set to 'serious' from 'normal'
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
1059015: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059015
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1059314: imagemagick-6.q16: please update "Suggests: imagemagick-doc" to imagemagick-6-doc

2023-12-22 Thread Vincent Lefevre 
Package: imagemagick-6.q16
Version: 8:6.9.12.98+dfsg1-4
Severity: serious

The imagemagick-doc package is not longer built and has been replaced
by imagemagick-6-doc. So the "Suggests" should be updated.

Note that the current Suggests can prevent installations/upgrades if
suggested packages are installed by default, e.g. with --install-suggests
or APT::Install-Suggests set to true.

-- Package-specific info:
ImageMagick program version
---
animate:  ImageMagick 6.9.12-98 Q16 x86_64 18038 https://legacy.imagemagick.org
compare:  ImageMagick 6.9.12-98 Q16 x86_64 18038 https://legacy.imagemagick.org
convert:  ImageMagick 6.9.12-98 Q16 x86_64 18038 https://legacy.imagemagick.org
composite:  ImageMagick 6.9.12-98 Q16 x86_64 18038 
https://legacy.imagemagick.org
conjure:  ImageMagick 6.9.12-98 Q16 x86_64 18038 https://legacy.imagemagick.org
display:  ImageMagick 6.9.12-98 Q16 x86_64 18038 https://legacy.imagemagick.org
identify:  ImageMagick 6.9.12-98 Q16 x86_64 18038 https://legacy.imagemagick.org
import:  ImageMagick 6.9.12-98 Q16 x86_64 18038 https://legacy.imagemagick.org
mogrify:  ImageMagick 6.9.12-98 Q16 x86_64 18038 https://legacy.imagemagick.org
montage:  ImageMagick 6.9.12-98 Q16 x86_64 18038 https://legacy.imagemagick.org
stream:  ImageMagick 6.9.12-98 Q16 x86_64 18038 https://legacy.imagemagick.org

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), 
(500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-5-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages imagemagick-6.q16 depends on:
ii  hicolor-icon-theme 0.17-2
ii  libc6  2.37-13
ii  libmagickcore-6.q16-7  8:6.9.12.98+dfsg1-4
ii  libmagickwand-6.q16-7  8:6.9.12.98+dfsg1-4

Versions of packages imagemagick-6.q16 recommends:
ii  ghostscript  10.02.1~dfsg-1
ii  libmagickcore-6.q16-7-extra  8:6.9.12.98+dfsg1-4
ii  netpbm   2:11.04.05-2

Versions of packages imagemagick-6.q16 suggests:
pn  autotrace
ii  cups-bsd [lpr]   2.4.7-1
ii  curl 8.5.0-1
pn  enscript 
pn  ffmpeg   
ii  fig2dev [transfig]   1:3.2.9-3
ii  gimp 2.10.36-2
ii  gnuplot-qt [gnuplot] 5.4.4+dfsg1-2+b2
pn  grads
ii  graphviz 2.42.2-7+b3
ii  groff-base   1.23.0-3
pn  hp2xx
pn  html2ps  
pn  imagemagick-doc  
pn  libraw-bin   
ii  libwmf-bin   0.2.13-1.1
pn  mplayer  
pn  povray   
pn  radiance 
ii  sane-utils   1.2.1-7
ii  texlive-binaries [texlive-base-bin]  2023.20230311.66589-8
ii  xdg-utils1.1.3-4.1

-- no debconf information

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1059307: ring: CVE-2023-38703

2023-12-22 Thread Moritz Mühlenhoff 
Source: ring
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for pjsig, which is
bundled in ring:

CVE-2023-38703[0]:
| PJSIP is a free and open source multimedia communication library
| written in C with high level API in C, C++, Java, C#, and Python
| languages. SRTP is a higher level media transport which is stacked
| upon a lower level media transport such as UDP and ICE. Currently a
| higher level transport is not synchronized with its lower level
| transport that may introduce use-after-free issue. This
| vulnerability affects applications that have SRTP capability
| (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other
| than UDP. This vulnerability’s impact may range from unexpected
| application termination to control flow hijack/memory corruption.
| The patch is available as a commit in the master branch.

https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66
https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d
 (2.14)

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-38703
https://www.cve.org/CVERecord?id=CVE-2023-38703

Please adjust the affected versions in the BTS as needed.

Processed: Re: Bug#1058090: oscrypto: FTBFS: ModuleNotFoundError: No module named 'imp'

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + fixed-upstream
Bug #1058090 [src:oscrypto] oscrypto: FTBFS: ModuleNotFoundError: No module 
named 'imp'
Added tag(s) fixed-upstream.

-- 
1058090: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058090
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1058090: oscrypto: FTBFS: ModuleNotFoundError: No module named 'imp'

2023-12-22 Thread Faidon Liambotis 
Control: tags -1 + fixed-upstream

Dear maintainer,

On Tue, Dec 12, 2023 at 08:58:48AM +0100, Lucas Nussbaum wrote:
> During a rebuild of all packages in sid, your package failed to build
> on amd64.
>
> 
>
> >   File "/<>/tests/__init__.py", line 4, in 
> > import imp
> > ModuleNotFoundError: No module named 'imp'
> > 

This seems to have been fixed upstream by
https://github.com/wbond/oscrypto/commit/3865f5d528740aa1205d16ddbee84c5b48aeb078

("imp" was replaced by "importlib" in upstream Python.)

So hopefully it's just a matter of a simple backport. Do you have the
time to handle it, or would you like someone else from the Python team
(such as myself) to handle it instead?

Thanks,
Faidon

Bug#1059303: asterisk: CVE-2023-37457 CVE-2023-38703

2023-12-22 Thread Moritz Mühlenhoff 
Source: asterisk
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerabilities were published for asterisk.

CVE-2023-37457[0]:
| Asterisk is an open source private branch exchange and telephony
| toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior,
| and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the
| 'update' functionality of the PJSIP_HEADER dialplan function can
| exceed the available buffer space for storing the new value of a
| header. By doing so this can overwrite memory or cause a crash. This
| is not externally exploitable, unless dialplan is explicitly written
| to update a header based on data from an outside source. If the
| 'update' functionality is not used the vulnerability does not occur.
| A patch is available at commit
| a1ca0268254374b515fa5992f01340f7717113fa.

https://github.com/asterisk/asterisk/security/advisories/GHSA-98rc-4j27-74hh
https://github.com/asterisk/asterisk/commit/a1ca0268254374b515fa5992f01340f7717113fa

CVE-2023-38703[1]:
| PJSIP is a free and open source multimedia communication library
| written in C with high level API in C, C++, Java, C#, and Python
| languages. SRTP is a higher level media transport which is stacked
| upon a lower level media transport such as UDP and ICE. Currently a
| higher level transport is not synchronized with its lower level
| transport that may introduce use-after-free issue. This
| vulnerability affects applications that have SRTP capability
| (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other
| than UDP. This vulnerability’s impact may range from unexpected
| application termination to control flow hijack/memory corruption.
| The patch is available as a commit in the master branch.

https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66
https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d
 (2.14)

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-37457
https://www.cve.org/CVERecord?id=CVE-2023-37457
[1] https://security-tracker.debian.org/tracker/CVE-2023-38703
https://www.cve.org/CVERecord?id=CVE-2023-38703

Please adjust the affected versions in the BTS as needed.

Bug#1059232: marked as done (imvirt: version 0.9.6-12 failed to build in unstable - uninstallable)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 13:23:06 +
with message-id 
and subject line Bug#1059232: fixed in imvirt 0.9.6-13
has caused the Debian Bug report #1059232,
regarding imvirt: version 0.9.6-12 failed to build in unstable - uninstallable
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1059232: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059232
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: imvirt
Version: 0.9.6-12
Severity: important

Hi,

imvirt is uninstallable in Debian/unstable since 2023-12-12 due to the upload
of a broken v0.9.6-12 which wasn't built on Debian's build infrastructure:

| root@7b9ce5803a7d:/# apt update
| Get:1 http://deb.debian.org/debian unstable InRelease [198 kB]
| Get:2 http://deb.debian.org/debian unstable/main amd64 Packages [9605 kB]
| Fetched 9803 kB in 3s (3616 kB/s)   
| Reading package lists... Done
| Building dependency tree... Done
| Reading state information... Done
| 2 packages can be upgraded. Run 'apt list --upgradable' to see them.
| root@7b9ce5803a7d:/# apt install imvirt
| Reading package lists... Done
| Building dependency tree... Done
| Reading state information... Done
| Package imvirt is not available, but is referred to by another package.
| This may mean that the package is missing, has been obsoleted, or
| is only available from another source
| However the following packages replace it:
|   imvirt-helper
| 
| E: Package 'imvirt' has no installation candidate

FTR:

| % rmadison imvirt imvirt-helper -s unstable 
| imvirt| 0.9.6-11  | unstable   | source, all
| imvirt| 0.9.6-12  | unstable   | source
| imvirt-helper | 0.9.6-12  | unstable   | amd64, arm64, armel, armhf, 
i386, mips64el, ppc64el, riscv64, s390x

Quoting from 
https://buildd.debian.org/status/fetch.php?pkg=imvirt&arch=all&ver=0.9.6-12&stamp=1702397779&raw=0
 ->

| dh_missing: warning: usr/libexec/imvirt/xen exists in debian/tmp but is not 
installed to anywhere (related file: "debian/tmp/usr/lib/imvirt/xen")
| dh_missing: error: missing files, aborting
| 
|   While detecting missing files, dh_missing noted some files with a 
similar name to those
|   that were missing.  This error /might/ be resolved by replacing 
references to the
|   missing files with the similarly named ones that dh_missing found - 
assuming the content
|   is identical.
| 
|   As an example, you might want to replace:
|* debian/tmp/usr/lib/imvirt/hvm
|   with:
|* usr/libexec/imvirt/hvm
|   in a file in debian/ or as argument to one of the dh_* tools called 
from debian/rules.
|   (Note it is possible the paths are not used verbatim but instead 
directories 
|   containing or globs matching them are used instead)
| 
|   Alternatively, add the missing file to debian/not-installed if it 
cannot and should not
|   be used.
| 
|   The following debhelper tools have reported what they installed (with 
files per package)
|* dh_install: imvirt (1), imvirt-helper (1), libimvirt-perl (2)
|* dh_installdocs: imvirt (2), imvirt-helper (0), libimvirt-perl (0)
|* dh_installman: imvirt (1), imvirt-helper (1), libimvirt-perl (1)
|   If the missing files are installed by another tool, please file a bug 
against it.
|   When filing the report, if the tool is not part of debhelper itself, 
please reference the
|   "Logging helpers and dh_missing" section from the "PROGRAMMING" guide 
for debhelper (10.6.3+).
| (in the debhelper package: /usr/share/doc/debhelper/PROGRAMMING.md.gz)
|   Be sure to test with dpkg-buildpackage -A/-B as the results may vary 
when only a subset is built
|   If the omission is intentional or no other helper can take care of this 
consider adding the
|   paths to debian/not-installed.
| make: *** [debian/rules:6: binary-indep] Error 25
| dpkg-buildpackage: error: debian/rules binary-indep subprocess returned exit 
status 2

regards
-mika-
--- End Message ---
--- Begin Message ---
Source: imvirt
Source-Version: 0.9.6-13
Done: Patrick Matthäi 

We believe that the bug you reported is fixed in the latest version of
imvirt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1059...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Patrick Matthäi  (supplier of upd

Bug#1059300: ruby-sidekiq: CVE-2023-26141

2023-12-22 Thread Moritz Mühlenhoff 
Source: ruby-sidekiq
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for ruby-sidekiq.

CVE-2023-26141[0]:
| Versions of the package sidekiq before 7.1.3 are vulnerable to
| Denial of Service (DoS) due to insufficient checks in the dashboard-
| charts.js file. An attacker can exploit this vulnerability by
| manipulating the localStorage value which will cause excessive
| polling requests.

https://security.snyk.io/vuln/SNYK-RUBY-SIDEKIQ-5885107
https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89
 (v7.1.3)


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-26141
https://www.cve.org/CVERecord?id=CVE-2023-26141

Please adjust the affected versions in the BTS as needed.

Bug#1059293: lrzip: CVE-2023-39741

2023-12-22 Thread Moritz Mühlenhoff 
Source: lrzip
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for lrzip.

CVE-2023-39741[0]:
| lrzip v0.651 was discovered to contain a heap overflow via the
| libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp.
| This vulnerability allows attackers to cause a Denial of Service
| (DoS) via a crafted file.

https://github.com/ckolivas/lrzip/issues/246


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-39741
https://www.cve.org/CVERecord?id=CVE-2023-39741

Please adjust the affected versions in the BTS as needed.

Bug#1051521: marked as done (rust-palette: autopkgtest failures)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 12:14:11 +
with message-id 
and subject line Bug#1051521: fixed in rust-palette 0.7.3+dfsg-3
has caused the Debian Bug report #1051521,
regarding rust-palette: autopkgtest failures
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1051521: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051521
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: rust-palette
Version: 0.7.3+dfsg-1
Severity: serious

rust-palette is unable to migrate to Testing because its
autopkgtests are failing.

https://qa.debian.org/excuses.php?package=rust-palette

Thank you,
Jeremy Bícha
--- End Message ---
--- Begin Message ---
Source: rust-palette
Source-Version: 0.7.3+dfsg-3
Done: Jonas Smedegaard 

We believe that the bug you reported is fixed in the latest version of
rust-palette, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1051...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonas Smedegaard  (supplier of updated rust-palette package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 22 Dec 2023 12:38:01 +0100
Source: rust-palette
Architecture: source
Version: 0.7.3+dfsg-3
Distribution: unstable
Urgency: medium
Maintainer: Jonas Smedegaard 
Changed-By: Jonas Smedegaard 
Closes: 1051521
Changes:
 rust-palette (0.7.3+dfsg-3) unstable; urgency=medium
 .
   * add patch cherry-picked upstream
 to prevent dev dependencies from breaking tests and examples,
 superseding patch 1002
   * add patch 1001_clap
 to accept newer branch of crate clap;
 bump build- and autopkgtest-dependencies for crate clap;
 thanks to Peter Green (see bug#1051521)
   * fix autopkgtest-dependency;
 thanks to Peter Green (see bug#1051521)
   * add patch 2001_rand_chacha
 to use crate rand_chacha (not not-in-Debian rand_mt),
 superseding patch 2001_rand_mt;
 build- and autopkgtest-depend on package for crate rand_chacha;
 thanks to Peter Michael Green (see bug#1051521)
   * unfuzz patches; update DEP-3 headers
   * add patch 1004 to add feature guards to tests;
 relax autopkgtests to enable features std approx as needed;
 closes: bug#1051521, thanks to Peter Michael Green
Checksums-Sha1:
 be5466b8e3db2e05fae469d5c6ba7445f30483f7 3555 rust-palette_0.7.3+dfsg-3.dsc
 137af42da885b2914eee16d28ad0f4b0bcc6d96c 21412 
rust-palette_0.7.3+dfsg-3.debian.tar.xz
 827b369eba530e386375b959eefdab247c32ba08 20386 
rust-palette_0.7.3+dfsg-3_amd64.buildinfo
Checksums-Sha256:
 cbebdd2ac771a7b46d49c56053b268368cadc91740af4809e05134db172f3eea 3555 
rust-palette_0.7.3+dfsg-3.dsc
 cdf6e1d81c81eed8b1f73c1c0162e15ae97811ce040f793a23280d8a467573cb 21412 
rust-palette_0.7.3+dfsg-3.debian.tar.xz
 06231da1118887ee88f02bcaba5246a6ffc3aba286fd5bb152f5d1de9e5ea53c 20386 
rust-palette_0.7.3+dfsg-3_amd64.buildinfo
Files:
 b96a16d77639baa13fe55869056904d7 3555 rust optional 
rust-palette_0.7.3+dfsg-3.dsc
 c264e6fe1ab8f6187bc0db7dcf1e5538 21412 rust optional 
rust-palette_0.7.3+dfsg-3.debian.tar.xz
 638ca24734dc6783007155cea85ff077 20386 rust optional 
rust-palette_0.7.3+dfsg-3_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmWFdegACgkQLHwxRsGg
ASE5hhAAmVWsvfrCb2bXoebvaAOyUDUOMqFRditu63S1NKsAil7f6RXvLUCNcWEb
vR9U5YsNX+vjBSZU45WSyaouE248+lWU4GAcT4JJIZHqOm5Zc5Oxw2NycoTjrIao
sUfSbGQo3y0EDneprTInGGBaQh95JsOIlPbU5P8CGUU0xRYsbeVj3uZoKXAgyaZd
Fm4Ahd3mniSDXrn8shKgxRaLaiB8Hh4VgUjywzRkpnLnL4LHIMveCk/Xo3SNh3C0
9CVW2PpWWLccnGO4tCAyHxhnYDtItp8R4lJydV6liv5vIuAJO8fzfv1ziCqXtyka
xaCLYJ4ZxNLzeR7EhZPbYjLkd35R1dO2JZb5dxJxYVnzyYpJKD9ysuGc+SylKTZI
nswJQ4WFu2RAUAjuuTmoND9KCOSXQSd99h8nk2Wi3gv6Pyenn/Yy4tIWgoqZIpZ1
PZNCCUMaYMUWVPk/23K0ywRwkscd9sBtF55B8JNY+rIM1ayqAzbCu49C93DD7U0V
UFZka2ZUimUjNCZnpAdGZp0bc85BsXfhnOEyUjA5V1L8DlWWpoEMaBAS3CoyyxJL
ddj8FQI+bS7J9hebvVs7WyAj+8wVwo0+uim2r7Dmz6PrVziI48+B7kqljh5KmBc6
2lloOEb1CsifM+f3/2WCn4skiUU5gMDFhNiDAs3Yz4lrtEOgSYE=
=Of1W
-END PGP SIGNATURE End Message ---

Processed: tagging 1000061

2023-12-22 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 161 + fixed-upstream
Bug #161 [src:cfengine3] cfengine3: depends on obsolete pcre3 library
Added tag(s) fixed-upstream.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
161: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=161
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#999919: zoneminder: depends on obsolete pcre3 library

2023-12-22 Thread Yavor Doganov 
Control: tags -1 + patch

Please find attached a patch; build-tested only.
Description: Port to PCRE2.
Bug-Debian: https://bugs.debian.org/19
Bug: https://github.com/ZoneMinder/zoneminder/issues/3384
Author: Yavor Doganov 
Forwarded: no
Last-Update: 2023-12-22
---

--- zoneminder-1.36.33+dfsg1.orig/CMakeLists.txt
+++ zoneminder-1.36.33+dfsg1/CMakeLists.txt
@@ -396,17 +396,17 @@
 endif()
 
 # pcre (using find_library and find_path)
-find_library(PCRE_LIBRARIES pcre)
+find_library(PCRE_LIBRARIES pcre2-8)
 if(PCRE_LIBRARIES)
   set(HAVE_LIBPCRE 1)
   list(APPEND ZM_BIN_LIBS "${PCRE_LIBRARIES}")
-  find_path(PCRE_INCLUDE_DIR pcre.h)
+  find_path(PCRE_INCLUDE_DIR pcre2.h)
   if(PCRE_INCLUDE_DIR)
 include_directories("${PCRE_INCLUDE_DIR}")
 set(CMAKE_REQUIRED_INCLUDES "${PCRE_INCLUDE_DIR}")
   endif()
   mark_as_advanced(FORCE PCRE_LIBRARIES PCRE_INCLUDE_DIR)
-  check_include_file("pcre.h" HAVE_PCRE_H)
+  check_include_file("pcre2.h" HAVE_PCRE2_H -DPCRE2_CODE_UNIT_WIDTH=8)
   set(optlibsfound "${optlibsfound} PCRE")
 else()
   set(optlibsnotfound "${optlibsnotfound} PCRE")
--- zoneminder-1.36.33+dfsg1.orig/src/zm_regexp.cpp
+++ zoneminder-1.36.33+dfsg1/src/zm_regexp.cpp
@@ -24,25 +24,20 @@
 
 #if HAVE_LIBPCRE
 
-RegExpr::RegExpr( const char *pattern, int flags, int p_max_matches ) : 
max_matches( p_max_matches ), match_buffers( nullptr ), match_lengths( nullptr 
), match_valid( nullptr )
+RegExpr::RegExpr( const char *pattern, uint32_t flags, int p_max_matches ) : 
max_matches( p_max_matches ), match_buffers( nullptr ), match_lengths( nullptr 
), match_valid( nullptr )
 {
-  const char *errstr;
-  int erroffset = 0;
-  if ( !(regex = pcre_compile( pattern, flags, &errstr, &erroffset, 0 )) )
+  char errstr[120];
+  int err;
+  PCRE2_SIZE erroffset;
+  if ( !(regex = pcre2_compile( (PCRE2_SPTR)pattern, strlen( pattern ), flags, 
&err, &erroffset, NULL )) )
   {
-Panic( "pcre_compile(%s): %s at %d", pattern, errstr, erroffset );
-  }
-
-  regextra = pcre_study( regex, 0, &errstr );
-  if ( errstr )
-  {
-Panic( "pcre_study(%s): %s", pattern, errstr );
+pcre2_get_error_message( err, (PCRE2_UCHAR *)errstr, sizeof(errstr) );
+Panic( "pcre2_compile(%s): %s at %zu", pattern, errstr, erroffset );
   }
 
   if ( (ok = (bool)regex) )
   {
-match_vectors = new int[3*max_matches];
-memset( match_vectors, 0, sizeof(*match_vectors)*3*max_matches );
+match_data = pcre2_match_data_create( 3*max_matches, NULL );
 match_buffers = new char *[max_matches];
 memset( match_buffers, 0, sizeof(*match_buffers)*max_matches );
 match_lengths = new int[max_matches];
@@ -68,18 +63,20 @@
   delete[] match_valid;
   delete[] match_lengths;
   delete[] match_buffers;
-  delete[] match_vectors;
+  pcre2_match_data_free( match_data );
+  pcre2_code_free( regex );
 }
 
-int RegExpr::Match( const char *subject_string, int subject_length, int flags )
+int RegExpr::Match( const char *subject_string, PCRE2_SIZE subject_length, 
uint32_t flags )
 {
   match_string = subject_string;
 
-  n_matches = pcre_exec( regex, regextra, subject_string, subject_length, 0, 
flags, match_vectors, 2*max_matches );
+  n_matches = pcre2_match( regex, (PCRE2_SPTR)subject_string, subject_length, 
0, flags, match_data, NULL );
+  match_vectors = pcre2_get_ovector_pointer( match_data );
 
   if ( n_matches <= 0 )
   {
-if ( n_matches < PCRE_ERROR_NOMATCH )
+if ( n_matches != PCRE2_ERROR_NOMATCH )
 {
   Error( "Error %d executing regular expression", n_matches );
 }
@@ -101,7 +98,7 @@
   }
   if ( !match_valid[match_index] )
   {
-int match_len = 
match_vectors[(2*match_index)+1]-match_vectors[2*match_index];
+int match_len = 
(int)(match_vectors[(2*match_index)+1]-match_vectors[2*match_index]);
 if ( match_lengths[match_index] < (match_len+1) )
 {
   delete[] match_buffers[match_index];
@@ -121,7 +118,7 @@
   {
 return( 0 );
   }
-  return( match_vectors[(2*match_index)+1]-match_vectors[2*match_index] );
+  return( (int)(match_vectors[(2*match_index)+1]-match_vectors[2*match_index]) 
);
 }
 
 #endif // HAVE_LIBPCRE
--- zoneminder-1.36.33+dfsg1.orig/src/zm_regexp.h
+++ zoneminder-1.36.33+dfsg1/src/zm_regexp.h
@@ -24,21 +24,20 @@
 
 #if HAVE_LIBPCRE
 
-#if HAVE_PCRE_H
-#include 
-#elif HAVE_PCRE_PCRE_H
-#include 
+#if HAVE_PCRE2_H
+#define PCRE2_CODE_UNIT_WIDTH 8
+#include 
 #else
-#error Unable to locate pcre.h, please do 'locate pcre.h' and report location 
to zoneminder.com
+#error Unable to locate pcre2.h, please do 'locate pcre2.h' and report 
location to zoneminder.com
 #endif
 
 class RegExpr
 {
 protected:
-  pcre *regex;
-  pcre_extra *regextra;
+  pcre2_code *regex;
+  pcre2_match_data *match_data;
   int max_matches;
-  int *match_vectors;
+  PCRE2_SIZE *match_vectors;
   mutable char **match_buffers;
   int *match_lengths;
   bool *match_valid;
@@ -51,11 +50,11 @@
   bool ok;
 
 public:
-  explicit RegExpr( const char *pattern, int cflags=0, int p_max_matches=32 );
+

Processed: Re: Bug#999919: zoneminder: depends on obsolete pcre3 library

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + patch
Bug #19 [src:zoneminder] zoneminder: depends on obsolete pcre3 library
Added tag(s) patch.

-- 
19: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=19
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1059036: mdevctl FTBFS with nocheck profile: Cargo.toml needs adjustment

2023-12-22 Thread Athos Ribeiro 

Thanks, Helmut.

This actually needs adjustment in the upstream Cargo.toml file.

The package is listed as a dependency when it should actually be listed
as a dev-dependency.

I proposed a patch upstream in https://github.com/mdevctl/mdevctl/pull/107 and 
filed a salsa MR to fix this package in 
https://salsa.debian.org/debian/mdevctl/-/merge_requests/9.

--
Athos Ribeiro

Bug#1059266: error: cannot verify inline signature

2023-12-22 Thread Christian Marillat 
On 22 déc. 2023 12:16, Guillem Jover  wrote:


[...]

> (Also wondering whether dpkg-source can verify the source for that,
> as it is using the same logic as the rewritten hook is using now?)

Update. Doesn't work.

,
| $ dpkg-source -x 
/srv/dak/ftp/pool/main/g/gerbera-dmo/gerbera-dmo_1.12.1-dmo5.dsc
| gpgv: Signature made Fri Dec 22 10:50:05 2023 CET
| gpgv:using RSA key A401FF99368FA1F98152DE755C808C2B65558117
| gpgv:issuer "maril...@deb-multimedia.org"
| gpgv: Can't check signature: No public key
| dpkg-source: warning: cannot verify inline signature for 
/srv/dak/ftp/pool/main/g/gerbera-dmo/gerbera-dmo_1.12.1-dmo5.dsc: no acceptable 
signature found
| dpkg-source: info: extracting gerbera-dmo in gerbera-dmo-1.12.1
| dpkg-source: info: unpacking gerbera-dmo_1.12.1.orig.tar.gz
| dpkg-source: info: unpacking gerbera-dmo_1.12.1-dmo5.debian.tar.xz
| dpkg-source: info: using patch list from debian/patches/series
| dpkg-source: info: applying 01_debian-cutomization.patch
`

Christian

Bug#1059266: error: cannot verify inline signature

2023-12-22 Thread Christian Marillat 
On 22 déc. 2023 12:16, Guillem Jover  wrote:


[...]

>> ,
>> | $ debrelease 
>> | dupload note: no announcement will be sent.
>> | Checking OpenPGP signatures before upload...gpgv: Signature made
>> | Fri Dec 22 10:50:05 2023 CET
>> | gpgv:using RSA key A401FF99368FA1F98152DE755C808C2B65558117
>> | gpgv:issuer "maril...@deb-multimedia.org"
>> | gpgv: Can't check signature: No public key
>> | openpgp-check: error: cannot verify inline signature for
>> | ../gerbera-dmo_1.12.1-dmo5_amd64.changes: no acceptable signature
>> | found
>> | 
>> | dupload: error: Pre-upload '/usr/share/dupload/openpgp-check %1'
>> | failed for ../gerbera-dmo_1.12.1-dmo5_amd64.changes
>> `
>
> Just to understand what is going wrong, I assume you don't have the
> debian-keyring package installed (where the signing certificate could
> be found in the debian-keyring.gpg keyring), nor the certificate for
> A401FF99368FA1F98152DE755C808C2B65558117 in ~/.gnupg/trustedkeys.gpg?
>
> But gpg has it in its certificate store?

This key is also my debian key.

> (Also wondering whether dpkg-source can verify the source for that,
> as it is using the same logic as the rewritten hook is using now?)

I don't see a problem with dpkg-source :

,
| $ dpkg-source -x 
/srv/dak/ftp/pool/main/g/gerbera-dmo/gerbera-dmo_1.12.1-dmo5.dsc
| gpgv: Signature made Fri Dec 22 10:50:05 2023 CET
| gpgv:using RSA key A401FF99368FA1F98152DE755C808C2B65558117
| gpgv:issuer "maril...@deb-multimedia.org"
| gpgv: Can't check signature: No public key
| dpkg-source: warning: cannot verify inline signature for 
/srv/dak/ftp/pool/main/g/gerbera-dmo/gerbera-dmo_1.12.1-dmo5.dsc: no acceptable 
signature found
| dpkg-source: info: extracting gerbera-dmo in gerbera-dmo-1.12.1
| dpkg-source: info: unpacking gerbera-dmo_1.12.1.orig.tar.gz
| dpkg-source: info: unpacking gerbera-dmo_1.12.1-dmo5.debian.tar.xz
| dpkg-source: info: using patch list from debian/patches/series
| dpkg-source: info: applying 01_debian-cutomization.patch
`

Christian

Bug#1055509: diversions of /sbin/halt and friends

2023-12-22 Thread Helmut Grohne 
Hello,

thanks to all of you Francois, Daniel and Michael for uploading my
changes to experimental.

Whilst I already tested the patches individually earlier, this gave me
the opportunity to test them in cooperation. In particular, the
versioned Conflicts issued by systemd-sysv now work as expected. In
performed a number of manual tests upgrading from bookworm to
experimental and replacing diverters for one another
(molly-guard/bfh-container/progress-linux-container) as well as
replacing divertees (systemd-sysv/sysvinit-core) and removing packages.
When doing this with apt, this all looks good despite systemd-sysv not
having added my patch for #1057220. This is expected as that patch
mitigates problems resulting from direct usage of dpkg. I also checked
the dumat report for these uploads and am generally happy. Given that
the current mitigation does make diverters not issue Breaks, molly-guard
continues to work with the current sysvinit-core that has not moved its
files yet.

My patch for progress-linux-container and bfh-container fails to remove
/usr/lib/container on package removal. This probably breaks piuparts. I
am attaching a followup patch. This defect is unrelated to the /usr-move
as far as I can tell.

I would prefer systemd-sysv to also address #1057220, but Michael
confirmed that he was not intentionally excluding it. Also the
systemd-ukify split leaves an unusual file loss scenario while upgrading
from bookworm-backports and simultaneously installing systemd-ukify (P1),
which Michael will likely mitigate by upgrading Breaks to Conflicts
(M7).

I also thank Marc for his works-for-me feedback regarding molly-guard.

Given all of this, I am happy with all of these changes moving to
unstable and trixie. Thanks for your patience.

Helmut

Bug#1058505: marked as done (prometheus-blackbox-exporter: FTBFS: make[1]: *** [debian/rules:30: override_dh_auto_build] Error 25)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 11:20:22 +
with message-id 
and subject line Bug#1058505: fixed in prometheus-blackbox-exporter 0.24.0-2
has caused the Debian Bug report #1058505,
regarding prometheus-blackbox-exporter: FTBFS: make[1]: *** [debian/rules:30: 
override_dh_auto_build] Error 25
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1058505: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058505
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: prometheus-blackbox-exporter
Version: 0.24.0-1
Severity: serious
Justification: FTBFS
Tags: trixie sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20231212 ftbfs-trixie

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
>  debian/rules binary
> dh binary --buildsystem=golang --builddirectory=/<>/build
>dh_update_autotools_config -O--buildsystem=golang 
> -O--builddirectory=/<>/build
>dh_autoreconf -O--buildsystem=golang 
> -O--builddirectory=/<>/build
>dh_auto_configure -O--buildsystem=golang 
> -O--builddirectory=/<>/build
>debian/rules override_dh_auto_build
> make[1]: Entering directory '/<>'
> dh_auto_build -- -ldflags " -X 
> github.com/prometheus/common/version.Version=0.24.0 -X 
> github.com/prometheus/common/version.Revision=0.24.0-1 -X 
> github.com/prometheus/common/version.Branch=debian/sid -X 
> github.com/prometheus/common/version.BuildUser=team+pkg...@tracker.debian.org 
> -X github.com/prometheus/common/version.BuildDate=20230614-12:34:02 -X 
> github.com/prometheus/common/version.GoVersion=go1.21.5"
>   cd build && go install -trimpath -v -p 8 -ldflags " -X 
> github.com/prometheus/common/version.Version=0.24.0 -X 
> github.com/prometheus/common/version.Revision=0.24.0-1 -X 
> github.com/prometheus/common/version.Branch=debian/sid -X 
> github.com/prometheus/common/version.BuildUser=team+pkg...@tracker.debian.org 
> -X github.com/prometheus/common/version.BuildDate=20230614-12:34:02 -X 
> github.com/prometheus/common/version.GoVersion=go1.21.5" 
> github.com/prometheus/blackbox_exporter 
> github.com/prometheus/blackbox_exporter/config 
> github.com/prometheus/blackbox_exporter/prober
> src/github.com/prometheus/blackbox_exporter/main.go:31:2: cannot find package 
> "github.com/pkg/errors" in any of:
>   /usr/lib/go-1.21/src/github.com/pkg/errors (from $GOROOT)
>   /<>/build/src/github.com/pkg/errors (from $GOPATH)
> dh_auto_build: error: cd build && go install -trimpath -v -p 8 -ldflags " -X 
> github.com/prometheus/common/version.Version=0.24.0 -X 
> github.com/prometheus/common/version.Revision=0.24.0-1 -X 
> github.com/prometheus/common/version.Branch=debian/sid -X 
> github.com/prometheus/common/version.BuildUser=team+pkg...@tracker.debian.org 
> -X github.com/prometheus/common/version.BuildDate=20230614-12:34:02 -X 
> github.com/prometheus/common/version.GoVersion=go1.21.5" 
> github.com/prometheus/blackbox_exporter 
> github.com/prometheus/blackbox_exporter/config 
> github.com/prometheus/blackbox_exporter/prober returned exit code 1
> make[1]: *** [debian/rules:30: override_dh_auto_build] Error 25


The full build log is available from:
http://qa-logs.debian.net/2023/12/12/prometheus-blackbox-exporter_0.24.0-1_unstable.log

All bugs filed during this archive rebuild are listed at:
https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20231212;users=lu...@debian.org
or:
https://udd.debian.org/bugs/?release=na&merged=ign&fnewerval=7&flastmodval=7&fusertag=only&fusertagtag=ftbfs-20231212&fusertaguser=lu...@debian.org&allbugs=1&cseverity=1&ctags=1&caffected=1#results

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

If you reassign this bug to another package, please mark it as 'affects'-ing
this package. See https://www.debian.org/Bugs/server-control#affects

If you fail to reproduce this, please provide a build log and diff it with mine
so that we can identify if something relevant changed in the meantime.
--- End Message ---
--- Begin Message ---
Source: prometheus-blackbox-exporter
Source-Version: 0.24.0-2
Done: Daniel Swarbrick 

We believe that the bug you reported is fixed in the latest version of
prometheus-blackbox-exporter, which is due to be installed in the Debian FTP 
archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1058...@bugs.debian.org,
and the

Bug#1059266: error: cannot verify inline signature

2023-12-22 Thread Guillem Jover 
Hi!

On Fri, 2023-12-22 at 10:53:18 +0100, Christian Marillat wrote:
> Package: dupload
> Version: 2.10.4
> Severity: grave

> This version fail to check a signature. Work fine with 2.10.3
> 
> ,
> | $ debrelease 
> | dupload note: no announcement will be sent.
> | Checking OpenPGP signatures before upload...gpgv: Signature made Fri Dec 22 
> 10:50:05 2023 CET
> | gpgv:using RSA key A401FF99368FA1F98152DE755C808C2B65558117
> | gpgv:issuer "maril...@deb-multimedia.org"
> | gpgv: Can't check signature: No public key
> | openpgp-check: error: cannot verify inline signature for 
> ../gerbera-dmo_1.12.1-dmo5_amd64.changes: no acceptable signature found
> | 
> | dupload: error: Pre-upload '/usr/share/dupload/openpgp-check %1' failed for 
> ../gerbera-dmo_1.12.1-dmo5_amd64.changes
> `

Just to understand what is going wrong, I assume you don't have the
debian-keyring package installed (where the signing certificate could
be found in the debian-keyring.gpg keyring), nor the certificate for
A401FF99368FA1F98152DE755C808C2B65558117 in ~/.gnupg/trustedkeys.gpg?

But gpg has it in its certificate store?

(Also wondering whether dpkg-source can verify the source for that,
as it is using the same logic as the rewritten hook is using now?)

Thanks,
Guillem

Bug#1058443: marked as done (mplcursors: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.12 3.11" returned exit code 13)

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 11:10:08 +
with message-id 
and subject line Bug#1058443: fixed in mplcursors 0.5.2-3
has caused the Debian Bug report #1058443,
regarding mplcursors: FTBFS: dh_auto_test: error: pybuild --test --test-pytest 
-i python{version} -p "3.12 3.11" returned exit code 13
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1058443: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058443
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mplcursors
Version: 0.5.2-2
Severity: serious
Justification: FTBFS
Tags: trixie sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20231212 ftbfs-trixie

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
>  debian/rules binary
> dh binary --with python3 --buildsystem=pybuild
>dh_update_autotools_config -O--buildsystem=pybuild
>dh_autoreconf -O--buildsystem=pybuild
>dh_auto_configure -O--buildsystem=pybuild
> I: pybuild base:310: python3.12 setup.py config 
> /usr/lib/python3/dist-packages/setuptools/__init__.py:84: 
> _DeprecatedInstaller: setuptools.installer and fetch_build_eggs are 
> deprecated.
> !!
> 
> 
> 
> Requirements should be satisfied by a PEP 517 installer.
> If you are using pip, you can try `pip install --use-pep517`.
> 
> 
> 
> !!
>   dist.fetch_build_eggs(dist.setup_requires)
> WARNING: The wheel package is not available.
> running config
> I: pybuild base:310: python3.11 setup.py config 
> /usr/lib/python3/dist-packages/setuptools/__init__.py:84: 
> _DeprecatedInstaller: setuptools.installer and fetch_build_eggs are 
> deprecated.
> !!
> 
> 
> 
> Requirements should be satisfied by a PEP 517 installer.
> If you are using pip, you can try `pip install --use-pep517`.
> 
> 
> 
> !!
>   dist.fetch_build_eggs(dist.setup_requires)
> WARNING: The wheel package is not available.
> running config
>dh_auto_build -O--buildsystem=pybuild
> I: pybuild base:310: /usr/bin/python3.12 setup.py build 
> /usr/lib/python3/dist-packages/setuptools/__init__.py:84: 
> _DeprecatedInstaller: setuptools.installer and fetch_build_eggs are 
> deprecated.
> !!
> 
> 
> 
> Requirements should be satisfied by a PEP 517 installer.
> If you are using pip, you can try `pip install --use-pep517`.
> 
> 
> 
> !!
>   dist.fetch_build_eggs(dist.setup_requires)
> WARNING: The wheel package is not available.
> running build
> running build_py
> creating /<>/.pybuild/cpython3_3.12_mplcursors/build/mplcursors
> copying lib/mplcursors/__init__.py -> 
> /<>/.pybuild/cpython3_3.12_mplcursors/build/mplcursors
> copying lib/mplcursors/_version.py -> 
> /<>/.pybuild/cpython3_3.12_mplcursors/build/mplcursors
> copying lib/mplcursors/_pick_info.py -> 
> /<>/.pybuild/cpython3_3.12_mplcursors/build/mplcursors
> copying lib/mplcursors/_mplcursors.py -> 
> /<>/.pybuild/cpython3_3.12_mplcursors/build/mplcursors
> I: pybuild base:310: /usr/bin/python3 setup.py build 
> /usr/lib/python3/dist-packages/setuptools/__init__.py:84: 
> _DeprecatedInstaller: setuptools.installer and fetch_build_eggs are 
> deprecated.
> !!
> 
> 
> 
> Requirements should be satisfied by a PEP 517 installer.
> If you are using pip, you can try `pip install --use-pep517`.
> 
> 
> 
> !!
>   dist.fetch_build_eggs(dist.setup_requires)
> WARNING: The wheel package is not available.
> running build
> running build_py
> creating /<>/.pybuild/cpython3_3.11_mplcursors/build/mplcursors
> copying lib/mplcursors/__init__.py -> 
> /<>/.pybuild/cpython3_3.11_mplcursors/build/mplcursors
> copying lib/mplcursors/_version.py -> 
> /<>/.pybuild/cpython3_3.11_mplcursors/build/mplcursors
> copying lib/mplcursors/_pick_info.py -> 
> /<>/.pybuild/cpython3_3.11_mplcursors/build/mplcursors
> copying lib/mplcursors/_mplcursors.py -> 
> /<>/.pybuild/cpython3_3.11_mplcursors/build

Bug#1057880: burp: FTBFS with zlib 1.3 due to 'make check' failure

2023-12-22 Thread James Addison 
Source: burp
Followup-For: Bug #1057880
X-Debbugs-Cc: kapo...@melix.org

Thank you, Jérémy.

Bug#1051521: rust-palette: autopkgtest failures

2023-12-22 Thread Jonas Smedegaard 
Quoting Peter Michael Green (2023-12-22 07:42:03)
> On 19/12/2023 20:01, Jonas Smedegaard wrote:
> > Quoting Peter Green (2023-12-19 20:46:56)
> >> I prepared a fix for the autopkgtest issues. While I was at
> >> it I also bumped the clap dev-dependency and the associated
> >> build and test dependencies to version 4 as we would like
> >> to phase out clap version 3.
> >>
> >> I discussed the clap upgrade with upstream, they said it was
> >> only used for examples but they did not want to bump it
> >> upstream at this time due to msrv.
> >>
> >> https://github.com/Ogeon/palette/issues/364
> >>
> >> If I get no response I will likely NMU this in a week or so.
> > Thanks for looking into this.
> >
> > Wound you mind sharing the patch you mention having prepared?
> Doh
> 
> Attatched it this time.

Great. Thanks a lot - I had scratched my head over this one for a
while.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1059266: error: cannot verify inline signature

2023-12-22 Thread Christian Marillat 
Package: dupload
Version: 2.10.4
Severity: grave

Dear Maintainer,

This version fail to check a signature. Work fine with 2.10.3

,
| $ debrelease 
| dupload note: no announcement will be sent.
| Checking OpenPGP signatures before upload...gpgv: Signature made Fri Dec 22 
10:50:05 2023 CET
| gpgv:using RSA key A401FF99368FA1F98152DE755C808C2B65558117
| gpgv:issuer "maril...@deb-multimedia.org"
| gpgv: Can't check signature: No public key
| openpgp-check: error: cannot verify inline signature for 
../gerbera-dmo_1.12.1-dmo5_amd64.changes: no acceptable signature found
| 
| dupload: error: Pre-upload '/usr/share/dupload/openpgp-check %1' failed for 
../gerbera-dmo_1.12.1-dmo5_amd64.changes
`

Christian


-- System Information:
Debian Release: trixie/sid
  APT prefers buildd-unstable
  APT policy: (500, 'buildd-unstable'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.6.8-1-custom (SMP w/24 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages dupload depends on:
ii  libdpkg-perl  1.22.2
ii  perl  5.36.0-10

Versions of packages dupload recommends:
ii  libio-socket-ssl-perl  2.084-1
ii  liburi-perl5.21-1
ii  openssh-client 1:9.6p1-2

Versions of packages dupload suggests:
ii  exim4-daemon-heavy [mail-transport-agent]  4.97-2
pn  libsecret-tools
ii  lintian2.116.3

-- no debconf information

Bug#1059265: w3m: CVE-2023-4255

2023-12-22 Thread Moritz Mühlenhoff 
Source: w3m
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for w3m.

CVE-2023-4255[0]:
| An out-of-bounds write issue has been discovered in the backspace
| handling of the checkType() function in etc.c within the W3M
| application. This vulnerability is triggered by supplying a
| specially crafted HTML file to the w3m binary. Exploitation of this
| flaw could lead to application crashes, resulting in a denial of
| service condition.

https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
https://github.com/tats/w3m/issues/268
https://github.com/tats/w3m/pull/273

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-4255
https://www.cve.org/CVERecord?id=CVE-2023-4255

Please adjust the affected versions in the BTS as needed.

Processed: 1059257 is forwarded

2023-12-22 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> forwarded 1059257 https://github.com/project-gemmi/gemmi/issues/292
Bug #1059257 [src:gemmi] gemmi: CVE-2023-49287
Set Bug forwarded-to-address to 
'https://github.com/project-gemmi/gemmi/issues/292'.
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
1059257: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059257
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1059259: lwip: CVE-2023-49287

2023-12-22 Thread Samuel Thibault 
Control: severity -1 wishlist

Hello,

Moritz Mühlenhoff, le ven. 22 déc. 2023 10:03:28 +0100, a ecrit:
> CVE-2023-49287[0]:
> | TinyDir is a lightweight C directory and file reader. Buffer
> | overflows in the `tinydir_file_open()` function. This vulnerability
> | has been patched in version 1.2.6.
> 
> https://github.com/cxong/tinydir/security/advisories/GHSA-jf5r-wgf4-qhxf
> https://github.com/cxong/tinydir/commit/8124807260735a837226fa151493536591f6715d
> https://github.com/hnsecurity/vulns/blob/main/HNS-2023-04-tinydir.txt
> 
> falcosecurity-libs embeds a copy of tinydir, if it's not used to
> open files from potentially untrusted paths, feel free to downgrade.

The tinydir_file_open function is not used at all indeed.
(and we don't ship the only lwip app that includes tinydir.h anyway)

Samuel

Processed: Re: Bug#1059259: lwip: CVE-2023-49287

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> severity -1 wishlist
Bug #1059259 [src:lwip] lwip: CVE-2023-49287
Severity set to 'wishlist' from 'grave'

-- 
1059259: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059259
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1059261: clickhouse: CVE-2023-48298 CVE-2023-47118 CVE-2022-44011 CVE-2022-44010

2023-12-22 Thread Moritz Mühlenhoff 
Source: clickhouse
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerabilities were published for clickhouse.

CVE-2023-48298[0]:
| ClickHouse® is an open-source column-oriented database management
| system that allows generating analytical data reports in real-time.
| This vulnerability is an integer underflow resulting in crash due to
| stack buffer overflow in decompression of FPC codec. It can be
| triggered and exploited by an unauthenticated attacker. The
| vulnerability is very similar to CVE-2023-47118 with how the
| vulnerable function can be exploited.

https://github.com/ClickHouse/ClickHouse/security/advisories/GHSA-qw9f-qv29-8938
https://github.com/ClickHouse/ClickHouse/pull/56795

CVE-2023-47118[1]:
| ClickHouse® is an open-source column-oriented database management
| system that allows generating analytical data reports in real-time.
| A heap buffer overflow issue was discovered in ClickHouse server. An
| attacker could send a specially crafted payload to the native
| interface exposed by default on port 9000/tcp, triggering a bug in
| the decompression logic of T64 codec that crashes the ClickHouse
| server process. This attack does not require authentication. Note
| that this exploit can also be triggered via HTTP protocol, however,
| the attacker will need a valid credential as the HTTP authentication
| take places first. This issue has been fixed in version
| 23.10.2.13-stable, 23.9.4.11-stable, 23.8.6.16-lts and
| 23.3.16.7-lts.

https://github.com/ClickHouse/ClickHouse/security/advisories/GHSA-g22g-p6q2-x39v

CVE-2022-44011[2]:
| An issue was discovered in ClickHouse before 22.9.1.2603. An
| authenticated user (with the ability to load data) could cause a
| heap buffer overflow and crash the server by inserting a malformed
| CapnProto object. The fixed versions are 22.9.1.2603, 22.8.2.11,
| 22.7.4.16, 22.6.6.16, and 22.3.12.19.

https://github.com/ClickHouse/ClickHouse/pull/40241

CVE-2022-44010[3]:
| An issue was discovered in ClickHouse before 22.9.1.2603. An
| attacker could send a crafted HTTP request to the HTTP Endpoint
| (usually listening on port 8123 by default), causing a heap-based
| buffer overflow that crashes the process. This does not require
| authentication. The fixed versions are 22.9.1.2603, 22.8.2.11,
| 22.7.4.16, 22.6.6.16, and 22.3.12.19.

https://github.com/ClickHouse/ClickHouse/pull/40292

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-48298
https://www.cve.org/CVERecord?id=CVE-2023-48298
[1] https://security-tracker.debian.org/tracker/CVE-2023-47118
https://www.cve.org/CVERecord?id=CVE-2023-47118
[2] https://security-tracker.debian.org/tracker/CVE-2022-44011
https://www.cve.org/CVERecord?id=CVE-2022-44011
[3] https://security-tracker.debian.org/tracker/CVE-2022-44010
https://www.cve.org/CVERecord?id=CVE-2022-44010

Please adjust the affected versions in the BTS as needed.

Bug#1059259: lwip: CVE-2023-49287

2023-12-22 Thread Moritz Mühlenhoff 
Source: lwip
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for lwip.

CVE-2023-49287[0]:
| TinyDir is a lightweight C directory and file reader. Buffer
| overflows in the `tinydir_file_open()` function. This vulnerability
| has been patched in version 1.2.6.

https://github.com/cxong/tinydir/security/advisories/GHSA-jf5r-wgf4-qhxf
https://github.com/cxong/tinydir/commit/8124807260735a837226fa151493536591f6715d
https://github.com/hnsecurity/vulns/blob/main/HNS-2023-04-tinydir.txt

falcosecurity-libs embeds a copy of tinydir, if it's not used to
open files from potentially untrusted paths, feel free to downgrade.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-49287
https://www.cve.org/CVERecord?id=CVE-2023-49287

Please adjust the affected versions in the BTS as needed.

Bug#1059257: gemmi: CVE-2023-49287

2023-12-22 Thread Moritz Mühlenhoff 
Source: gemmi
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for gemmi.

CVE-2023-49287[0]:
| TinyDir is a lightweight C directory and file reader. Buffer
| overflows in the `tinydir_file_open()` function. This vulnerability
| has been patched in version 1.2.6.

https://github.com/cxong/tinydir/security/advisories/GHSA-jf5r-wgf4-qhxf
https://github.com/cxong/tinydir/commit/8124807260735a837226fa151493536591f6715d
https://github.com/hnsecurity/vulns/blob/main/HNS-2023-04-tinydir.txt

gemmi embeds a copy of tinydir, if it's not used to
open files from potentially untrusted paths, feel free to downgrade.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-49287
https://www.cve.org/CVERecord?id=CVE-2023-49287

Please adjust the affected versions in the BTS as needed.

Bug#1059256: falcosecurity-libs: CVE-2023-49287

2023-12-22 Thread Moritz Mühlenhoff 
Source: falcosecurity-libs
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for falcosecurity-libs.

CVE-2023-49287[0]:
| TinyDir is a lightweight C directory and file reader. Buffer
| overflows in the `tinydir_file_open()` function. This vulnerability
| has been patched in version 1.2.6.

https://github.com/cxong/tinydir/security/advisories/GHSA-jf5r-wgf4-qhxf
https://github.com/cxong/tinydir/commit/8124807260735a837226fa151493536591f6715d
https://github.com/hnsecurity/vulns/blob/main/HNS-2023-04-tinydir.txt

falcosecurity-libs embeds a copy of tinydir, if it's not used to
open files from potentially untrusted paths, feel free to downgrade.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-49287
https://www.cve.org/CVERecord?id=CVE-2023-49287

Please adjust the affected versions in the BTS as needed.

Bug#1059254: cacti: CVE-2023-49084 CVE-2023-49086

2023-12-22 Thread Moritz Mühlenhoff 
Source: cacti
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerabilities were published for cacti.

CVE-2023-49084[0]:
| Cacti is a robust performance and fault management framework and a
| frontend to RRDTool - a Time Series Database (TSDB). While using the
| detected SQL Injection and insufficient processing of the include
| file path, it is possible to execute arbitrary code on the server.
| Exploitation of the vulnerability is possible for an authorized
| user. The vulnerable component is the `link.php`. Impact of the
| vulnerability execution of arbitrary code on the server.

https://github.com/Cacti/cacti/commit/58a980f335980ab57659420053d89d4e721ae3fc

CVE-2023-49086[1]:
| Cacti is a robust performance and fault management framework and a
| frontend to RRDTool - a Time Series Database (TSDB). Bypassing an
| earlier fix (CVE-2023-39360) that leads to a DOM XSS attack.
| Exploitation of the vulnerability is possible for an authorized
| user. The vulnerable component is the `graphs_new.php`. Impact of
| the vulnerability - execution of arbitrary javascript code in the
| attacked user's browser. This issue has been patched in version
| 1.2.26.

https://github.com/Cacti/cacti/security/advisories/GHSA-wc73-r2vw-59pr

I think 
https://github.com/Cacti/cacti/commit/58a980f335980ab57659420053d89d4e721ae3fc
should address both, but please doublecheck.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-49084
https://www.cve.org/CVERecord?id=CVE-2023-49084
[1] https://security-tracker.debian.org/tracker/CVE-2023-49086
https://www.cve.org/CVERecord?id=CVE-2023-49086

Please adjust the affected versions in the BTS as needed.

Bug#1059140: marked as done (sight: FTBFS: error: ‘void* __builtin_memcpy(void*, const void*, long unsigned int)’ forming offset [32, 34] is out of the bounds [0, 32] of object ‘’ with type

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 08:37:51 +
with message-id 
and subject line Bug#1059140: fixed in sight 23.1.0-2
has caused the Debian Bug report #1059140,
regarding sight: FTBFS: error: ‘void* __builtin_memcpy(void*, const void*, long 
unsigned int)’ forming offset [32, 34] is out of the bounds [0, 32] of object 
‘’ with type ‘std::__cxx11::basic_string’ 
[-Werror=array-bounds=]
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1059140: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059140
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: sight
Version: 23.1.0-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=sight&arch=amd64&ver=23.1.0-1%2Bb1&stamp=1702935225&raw=0

[ 50%] Building CXX object 
libs/filter/dicom/CMakeFiles/filter_dicom.dir/IFilter.cpp.o
cd /<>/obj-x86_64-linux-gnu/libs/filter/dicom && /usr/bin/c++ 
-DBOOST_ALL_DYN_LINK -DBOOST_ATOMIC_DYN_LINK -DBOOST_ATOMIC_NO_LIB 
-DBOOST_BIND_GLOBAL_PLACEHOLDERS -DBOOST_CHRONO_DYN_LINK -DBOOST_CHRONO_NO_LIB 
-DBOOST_DATE_TIME_DYN_LINK -DBOOST_DATE_TIME_NO_LIB -DBOOST_FILESYSTEM_DYN_LINK 
-DBOOST_FILESYSTEM_NO_LIB -DBOOST_IOSTREAMS_DYN_LINK -DBOOST_IOSTREAMS_NO_LIB 
-DBOOST_LOG_DYN_LINK -DBOOST_LOG_NO_LIB -DBOOST_LOG_SETUP_DYN_LINK 
-DBOOST_LOG_SETUP_NO_LIB -DBOOST_REGEX_DYN_LINK -DBOOST_REGEX_NO_LIB 
-DBOOST_SPIRIT_USE_PHOENIX_V3 
-DBOOST_THREAD_DONT_PROVIDE_DEPRECATED_FEATURES_SINCE_V3_0_0 
-DBOOST_THREAD_DYN_LINK -DBOOST_THREAD_NO_LIB -DBOOST_THREAD_PROVIDES_FUTURE 
-DBOOST_THREAD_VERSION=2 -DFILTER_DICOM_EXPORTS -DNDEBUG 
-DSIGHT_SOURCE_DIR=\"/<>\" -Dfilter_dicom_EXPORTS 
-I/<>/obj-x86_64-linux-gnu/libs/filter/dicom/include 
-I/<>/libs -I/<>/libs/core 
-I/<>/obj-x86_64-linux-gnu/libs/core/core/include 
-I/<>/obj-x86_64-linux-gnu/libs/core/data/include 
-I/<>/obj-x86_64-linux-gnu/libs/geometry/data/include -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
-Wdate-time -D_FORTIFY_SOURCE=2 -O3 -DNDEBUG -std=gnu++20 -fPIC 
-fvisibility=hidden -fvisibility-inlines-hidden -Wall -Wextra -Wconversion 
-march=x86-64 -mtune=generic -mfpmath=sse -fopenmp -Werror 
-Wno-error=deprecated-declarations -fopenmp -Winvalid-pch -include 
/<>/obj-x86_64-linux-gnu/libs/core/pch/pchCore/CMakeFiles/pchCore.dir/cmake_pch.hxx
 -MD -MT libs/filter/dicom/CMakeFiles/filter_dicom.dir/IFilter.cpp.o -MF 
CMakeFiles/filter_dicom.dir/IFilter.cpp.o.d -o 
CMakeFiles/filter_dicom.dir/IFilter.cpp.o -c 
/<>/libs/filter/dicom/IFilter.cpp
In file included from /usr/include/c++/13/string:42,
 from 
/usr/include/boost/algorithm/string/std/string_traits.hpp:15,
 from 
/usr/include/boost/algorithm/string/std_containers_traits.hpp:19,
 from /usr/include/boost/algorithm/string.hpp:18,
 from 
/<>/obj-x86_64-linux-gnu/libs/core/pch/pchCore/CMakeFiles/pchCore.dir/cmake_pch.hxx:5,
 from :
In static member function ‘static constexpr std::char_traits::char_type* 
std::char_traits::copy(char_type*, const char_type*, std::size_t)’,
inlined from ‘constexpr std::__cxx11::basic_string<_CharT, _Traits, 
_Alloc>::basic_string(std::__cxx11::basic_string<_CharT, _Traits, _Alloc>&&) 
[with _CharT = char; _Traits = std::char_traits; _Alloc = 
std::allocator]’ at /usr/include/c++/13/bits/basic_string.h:683:23,
inlined from ‘constexpr std::__cxx11::basic_string<_CharT, _Traits, 
_Allocator> std::operator+(__cxx11::basic_string<_CharT, _Traits, 
_Allocator>&&, __cxx11::basic_string<_CharT, _Traits, _Allocator>&&) [with 
_CharT = char; _Traits = char_traits; _Alloc = allocator]’ at 
/usr/include/c++/13/bits/basic_string.h:3668:43,
inlined from ‘std::string sight::core::com::SlotBase::getTypeName() const 
[with F = void(double)]’ at 
/<>/libs/core/core/com/SlotBase.hpp:227:99,
inlined from ‘sight::core::com::Slot::Slot() [with R = void; A = 
{double}]’ at /<>/libs/core/core/com/Slot.hxx:48:33:
/usr/include/c++/13/bits/char_traits.h:445:56: error: ‘void* 
__builtin_memcpy(void*, const void*, long unsigned int)’ forming offset [32, 
34] is out of the bounds [0, 32] of object ‘’ with type 
‘std::__cxx11::basic_string’ [-Werror=array-bounds=]
  445 | return static_cast(__builtin_memcpy(__s1, __s2, 
__n));
  |^
In file included from /<>/libs/core/core/com/SlotRun.hpp:27,

Bug#1058261: marked as done (geophar: FTBFS: ModuleNotFoundError: No module named 'imp')

2023-12-22 Thread Debian Bug Tracking System 
Your message dated Fri, 22 Dec 2023 09:26:43 +0100
with message-id 
and subject line closing #1058261
has caused the Debian Bug report #1058261,
regarding geophar: FTBFS: ModuleNotFoundError: No module named 'imp'
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1058261: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058261
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: geophar
Version: 18.09+dfsg1-3
Severity: serious
Justification: FTBFS
Tags: trixie sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20231212 ftbfs-trixie

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
>  debian/rules build
> dh build --buildsystem=pybuild --with python3
>dh_update_autotools_config -O--buildsystem=pybuild
>dh_autoreconf -O--buildsystem=pybuild
>dh_auto_configure -O--buildsystem=pybuild
> I: pybuild base:310: python3.12 setup.py config 
> Traceback (most recent call last):
>   File "/<>/setup.py", line 4, in 
> from wxgeometrie.param import version
>   File "/<>/wxgeometrie/__init__.py", line 30, in 
> from .dependances import tester_dependances, configurer_dependances
>   File "/<>/wxgeometrie/dependances.py", line 25, in 
> import sys, imp, platform, os, shutil, subprocess
> ModuleNotFoundError: No module named 'imp'
> E: pybuild pybuild:395: configure: plugin distutils failed with: exit code=1: 
> python3.12 setup.py config 
> dh_auto_configure: error: pybuild --configure -i python{version} -p "3.12 
> 3.11" returned exit code 13
> make: *** [debian/rules:12: build] Error 25


The full build log is available from:
http://qa-logs.debian.net/2023/12/12/geophar_18.09+dfsg1-3_unstable.log

All bugs filed during this archive rebuild are listed at:
https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20231212;users=lu...@debian.org
or:
https://udd.debian.org/bugs/?release=na&merged=ign&fnewerval=7&flastmodval=7&fusertag=only&fusertagtag=ftbfs-20231212&fusertaguser=lu...@debian.org&allbugs=1&cseverity=1&ctags=1&caffected=1#results

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

If you reassign this bug to another package, please mark it as 'affects'-ing
this package. See https://www.debian.org/Bugs/server-control#affects

If you fail to reproduce this, please provide a build log and diff it with mine
so that we can identify if something relevant changed in the meantime.
--- End Message ---
--- Begin Message ---
This bug is fixed since release 18.10+dfsg1-1

-- 
Georges KHAZNADAR et Jocelyne FOURNIER
22 rue des mouettes, 59240 Dunkerque France.
Téléphone +33 (0)3 28 29 17 70



signature.asc
Description: PGP signature
--- End Message ---

Processed: Re: loguru's autopkg tests fail with Python 3.12

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> retitle -1 loguru's autopkg tests fail with Python 3.12
Bug #1056421 {Done: Andreas Tille } [src:loguru] loguro's 
autopkg tests fail with Python 3.12
Changed Bug title to 'loguru's autopkg tests fail with Python 3.12' from 
'loguro's autopkg tests fail with Python 3.12'.

-- 
1056421: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056421
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: severity of 1059232 is serious, tagging 1059232

2023-12-22 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> # ftbfs bug is serious
> severity 1059232 serious
Bug #1059232 [imvirt] imvirt: version 0.9.6-12 failed to build in unstable - 
uninstallable
Severity set to 'serious' from 'important'
> tags 1059232 + ftbfs
Bug #1059232 [imvirt] imvirt: version 0.9.6-12 failed to build in unstable - 
uninstallable
Added tag(s) ftbfs.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1059232: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059232
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1056421: loguru's autopkg tests fail with Python 3.12

2023-12-22 Thread s3v 
Control: retitle -1 loguru's autopkg tests fail with Python 3.12

Dear Maintainer,

autopkg tests still fail due a missing dependency on python3-freezegun in
debian/tests/control [1]

 24s autopkgtest [05:10:53]: test run-unit-test: [---
 25s Testing with python3.11 in 
/tmp/autopkgtest-lxc.xz0y_xxw/downtmp/autopkgtest_tmp:
 25s ImportError while loading conftest 
'/tmp/autopkgtest-lxc.xz0y_xxw/downtmp/autopkgtest_tmp/tests/conftest.py'.
 25s tests/conftest.py:16: in 
 25s import freezegun
 25s E   ModuleNotFoundError: No module named 'freezegun'
 25s autopkgtest [05:10:54]: test run-unit-test: ---]

Kind regards

[1] https://tracker.debian.org/pkg/loguru