Bug#1060772: [Debian-pan-maintainers] Unifying jupyterlab and node-jupyterlab
In my last commit, I added also a fix for #1060772: - jupyter-lab uses yarnpkg by default - in Debian build context, this can be overridden using YARN_COMMAND=pkgjs-install-minimal then I reimported your hook executed after dh_install to launch `jupyter-lab build`. This seems to work but must be verified (and also python install looks bad). Best regards, Xavier On 6/2/24 07:40, Yadd wrote: Hi Roland, I merged Python and Node.js package into branch "merge-python-and-node", but I didnt yet import the "build" part you entered into dh_auto_install in Python package. Build works but has to be cleaned for the Python part. Hope this will help you. Best regards, Xavier On 6/1/24 17:33, Yadd wrote: On 5/31/24 17:10, Roland Mas wrote: Since I haven't managed to get 4.1 to build yet, I'm thinking of starting from a known-working version (4.0.10+ds1+~cs11.25.27-1). I expect that porting to 4.1 or later afterwards won't add extra work compared to doing both jobs at once. Roland. OK, I just pushed 4.0.11 into node-jupyterlab repo (reverting your upgrade to 4.1.6) Le 30/05/2024 à 05:36, Yadd a écrit : On 5/29/24 17:06, Yadd wrote: On 5/29/24 17:04, Roland Mas wrote: Hi Yadd and others, I'd like to go forward with the jupyterlab/node-jupyterlab merger, because I'm facing more and more problems with jupyterlab/ipywidgets not being up-to-date. I'm going to start from node-jupyterlab (whose build is more complex), create a merge-jupyterlab-and-node-jupyterlab branch in it, and add the Python parts in there, starting from the current working state of the package (and not the current state of the master branch, which doesn't build since I tried to import a new upstream release). I'll ask for review before merging into master, but any help or advice in the meantime will be welcome. I'll try to be present on IRC more often than usual during the operation. Hopefully upgrading one source package will be easier after the merger, and I'll work on ipywidgets after that. Roland. hi, OK, let's do that ;-) From which version of jupyterlab do you want to start? 4.0.11 or later?
Processed: Bug#1060772 marked as pending in node-jupyterlab
Processing control commands: > tag -1 pending Bug #1060772 [python3-jupyterlab] python3-jupyterlab: Using node-corepack downloads yarnpkg from Internet Added tag(s) pending. -- 1060772: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060772 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1060772: marked as pending in node-jupyterlab
Control: tag -1 pending Hello, Bug #1060772 in node-jupyterlab reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/js-team/node-jupyterlab/-/commit/021de3828efc9052090c5d3daedb6cd70980684f Add patch to use system yarnpkg or an arbitrary command given by arg Closes: #1060772 (this message was generated automatically) -- Greetings https://bugs.debian.org/1060772
Bug#1072340: sredird: CVE-2004-2386, format string vulnerability
Hi Bastian, On Sat, Jun 01, 2024 at 05:11:25PM +0200, Bastian Germann wrote: > Control: notfound -1 sredird/2.1.0-1 > Control: fixed -1 2.2.1-1.1 > > I see that CVE-2004-2386 and maybe CVE-2004-2387 was addressed with #267098. > The diff (one change in LogMsg and one in HandleCPCCommand) that is in that > bug has survived until now. > But 2.2.2 has many more changes of the HandleCPCCommand kind: changing > sprintf to snprintf. > > main: 2 changes. > HandleIACCommand: 5 changes. > HandleCPCCommand: 17 additional changes: Any of these cound be CVE-2004-2387 > as well. > HDBUnlockFile: 1 change. > HDBLockFile: 7 changes. > > Plus TmpStrLen is extended to 512 bytes. > > Conclusion: Debian referenced both bugs as TEMP-0267098-76A1A1 before. Perfect, thanks for the confirmation. Regards, Salvatore
Bug#1069474: marked as done (spacenavd: FTBFS on armhf: src/dev_usb_linux.c:293:30: error: ‘struct input_event’ has no member named ‘time’)
Your message dated Sun, 02 Jun 2024 05:16:17 + with message-id and subject line Bug#1069474: fixed in spacenavd 1.2-3 has caused the Debian Bug report #1069474, regarding spacenavd: FTBFS on armhf: src/dev_usb_linux.c:293:30: error: ‘struct input_event’ has no member named ‘time’ to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1069474: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069474 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: spacenavd Version: 1.2-1 Severity: serious Justification: FTBFS Tags: trixie sid ftbfs User: lu...@debian.org Usertags: ftbfs-20240420 ftbfs-trixie ftbfs-t64-armhf Hi, During a rebuild of all packages in sid, your package failed to build on armhf. Relevant part (hopefully): > cc -pedantic -Wall -g -O2 -fno-strict-aliasing -fcommon -I./src > -I/usr/local/include -MMD -g -O2 -Werror=implicit-function-declaration > -ffile-prefix-map=/<>=. -fstack-protector-strong > -fstack-clash-protection -Wformat -Werror=format-security `dpkg-buildflags > --get CFLAGS` `dpkg-buildflags --get CPPFLAGS` -c src/hotplug_darwin.c -o > src/hotplug_darwin.o > src/dev_usb_linux.c: In function ‘read_evdev’: > src/dev_usb_linux.c:293:30: error: ‘struct input_event’ has no member named > ‘time’ > 293 | inp->tm = iev.time; > | ^ > make[1]: *** [Makefile:35: src/dev_usb_linux.o] Error 1 The full build log is available from: http://qa-logs.debian.net/2024/04/20/spacenavd_1.2-1_unstable-armhf.log All bugs filed during this archive rebuild are listed at: https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20240420;users=lu...@debian.org or: https://udd.debian.org/bugs/?release=na&merged=ign&fnewerval=7&flastmodval=7&fusertag=only&fusertagtag=ftbfs-20240420&fusertaguser=lu...@debian.org&allbugs=1&cseverity=1&ctags=1&caffected=1#results A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! If you reassign this bug to another package, please mark it as 'affects'-ing this package. See https://www.debian.org/Bugs/server-control#affects If you fail to reproduce this, please provide a build log and diff it with mine so that we can identify if something relevant changed in the meantime. --- End Message --- --- Begin Message --- Source: spacenavd Source-Version: 1.2-3 Done: Boyuan Yang We believe that the bug you reported is fixed in the latest version of spacenavd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1069...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Boyuan Yang (supplier of updated spacenavd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Jun 2024 22:56:00 -0400 Source: spacenavd Architecture: source Version: 1.2-3 Distribution: unstable Urgency: medium Maintainer: Debian Science Maintainers Changed-By: Boyuan Yang Closes: 1069474 Changes: spacenavd (1.2-3) unstable; urgency=medium . * Team upload. * debian/patches/0004-Do-not-use-time-field-of-input_event.patch: Add patch from upstream trunk to fix FTBFS with 32-bit architecture. (Closes: #1069474) Checksums-Sha1: e2d326cfbf4fd83c8bfa0f938f0fc7219b3390a3 2015 spacenavd_1.2-3.dsc 5cbc87745f7fd7e16c7fbf15ede1cec8418aeb15 62837 spacenavd_1.2.orig.tar.gz 73241e5a1cd758a5e3fd98575bd52786cf13b4b3 8212 spacenavd_1.2-3.debian.tar.xz cb9f5198d6ac2f00711dba90ecd7a28fa19b4d58 6581 spacenavd_1.2-3_amd64.buildinfo Checksums-Sha256: fcd4aeeb381ca0dc4f641e3d95f300d0b4feba69dd0c058a9757bfd993132fe4 2015 spacenavd_1.2-3.dsc 94f28b56dcdb9e9439ea51a06fb1aae3ab5c5db3ca532d188c6d77d2148cc575 62837 spacenavd_1.2.orig.tar.gz f6be5874b8f4891d1f21520f4ae8fbe7c3f2444a3e8fcb0e415f18adc7a240eb 8212 spacenavd_1.2-3.debian.tar.xz 375362fcf379df2b37106e94a84bdc0a585866e0dddce82b9d3c4cc74f3bac09 6581 spacenavd_1.2-3_amd64.buildinfo Files: b76a629d0eea7baa319323fbe1dc6674 2015 utils optional spacenavd_1.2-3.dsc 80e2ba8772c1c011d45781842aaef2e3 62837 utils optional spacenavd_1.2.orig.tar.gz 9dfcdc34da1c0f279d45909c749d0bbe 8212 utils optio
Bug#1071983: marked as done (netctl: puts .service files into /)
Your message dated Sun, 02 Jun 2024 05:16:06 + with message-id and subject line Bug#1071983: fixed in netctl 1.29-1 has caused the Debian Bug report #1071983, regarding netctl: puts .service files into / to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1071983: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071983 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: netctl Version: 1.28-1 Severity: serious Justification: FHS violation Rebuilding your package in current unstable leads to .service files being installed into /: -rw-r--r-- root/root 512 2023-08-06 22:20 ./netctl-auto@.service -rw-r--r-- root/root 445 2023-08-06 22:20 ./netctl-ifplugd@.service -rw-r--r-- root/root 284 2023-08-06 22:20 ./netctl-sleep.service -rw-r--r-- root/root 289 2023-08-06 22:20 ./netctl-wait-online.service -rw-r--r-- root/root 260 2023-08-06 22:20 ./netctl.service -rw-r--r-- root/root 316 2023-08-06 22:20 ./netctl@.service Please investigate and fix this for trixie. Chris netctl_1.28-1_arm64-2024-05.build.gz Description: application/gunzip --- End Message --- --- Begin Message --- Source: netctl Source-Version: 1.29-1 Done: Yangfl We believe that the bug you reported is fixed in the latest version of netctl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1071...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Yangfl (supplier of updated netctl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 28 May 2024 02:53:42 +0800 Source: netctl Architecture: source Version: 1.29-1 Distribution: unstable Urgency: medium Maintainer: Yangfl Changed-By: Yangfl Closes: 1060495 1071983 Changes: netctl (1.29-1) unstable; urgency=medium . * New upstream release * Switch Build-Depends to systemd-dev (Closes: #1060495, #1071983) * Bump Standards-Version to 4.7.0 Checksums-Sha1: 631fddbdd3fd86f6d2b126ee430352cf94bef5ce 2122 netctl_1.29-1.dsc 9f89e214bb74827609d2f3c73f8a8aa6d02309be 47724 netctl_1.29.orig.tar.xz e3c3825c1e08e0e1e038e6a07a45881d9fda1c3f 833 netctl_1.29.orig.tar.xz.asc 33ad421be25be1d9039f5842782367c5b3867944 12344 netctl_1.29-1.debian.tar.xz 6b7b3a7abf9d45aa92251d5a084e9f69477d3b97 6557 netctl_1.29-1_amd64.buildinfo Checksums-Sha256: fcc1a024bf9760ce3b334a289229664e76f01f66754e453ff6697941950246b9 2122 netctl_1.29-1.dsc 27f91ad21a8fe8cb1e14b5a816580167da36e8ef056de40c87b3975d86b76932 47724 netctl_1.29.orig.tar.xz b6f1ee18dbc2598ec39bf2dbd1a81422c149735079d30bb920e7bc2845ed92b1 833 netctl_1.29.orig.tar.xz.asc 16a9c7f8f5142fc22c388eaa6f9a99f1d3c76fad3bde9b6aedd35cba57d19363 12344 netctl_1.29-1.debian.tar.xz d0a93fd507a6af036613d7cf1c702108c8d585d06bddba09ebc5e0b939b12e84 6557 netctl_1.29-1_amd64.buildinfo Files: b548cd921c4ee9dd1f2ece71fbc5ba40 2122 net optional netctl_1.29-1.dsc 45b6cf715537d2b8fe603a93434447c3 47724 net optional netctl_1.29.orig.tar.xz 422b69fe098bf92bed0f4e40f8aa9cfd 833 net optional netctl_1.29.orig.tar.xz.asc d05ebc45719e67f3ba348bb7d7855519 12344 net optional netctl_1.29-1.debian.tar.xz abb8be2412cda9ca17e088afe218223f 6557 net optional netctl_1.29-1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEfncpR22H1vEdkazLwpPntGGCWs4FAmZb40gACgkQwpPntGGC Ws7Bzw/8DBsDAhddC66obge35KuHF0svZMxyzo5IaTQkVe0vkCfjgwB6fn5BYmOk CF8GLRh6NfpLypHJrZxv/eWwGgayCarK0+7rUDwpKFM57GKzriViwaAL+ekVEJcS 2sAZviIoe/BenD3+sZJnDHYOFRkwIYBOdxQ5nnIBdqPhKPjOruMJZJzOSR4pGsQx KPxqkRg+mEAYpbNqa85N1Exouvw9GYRU+Z97WB3AE6NO/oBsJ5q4D56APtLlw1lz JTUj5131qkKz64Mx2LAbU6S3Sey4aoKPNb51PvSdWmoMyhB3s5F+Jcw3zMIhaSrQ hsSTCDfnudb2gFJgH3DYtKmZ6RUJT3HpNqJSG2CWpnxdg11f3mhP+ZkjDK7yRLr8 qNkFoj09u3T4uWkZmIo3jTsqhyiGW6dRgnz+sZE/OTUdFLLApukVdVhwpicPRaKE xkbczPL/QcVU90zpcpAxb1RSs8GxNRREbXCtepuqOFy7pw+UE1JHAbboVSp/dijN cdggfn2GGTbbgxpmhbhc6g1R8yZefQKODDiOD6X96AQsh7uPlSy6C0pToNfacRWc j0i3MjAd0EMEJw5inAEdKk77CNldTVZd9A2Jg6XsNAoCLmzUuQmctUhY1YpjtIHK VvZbBnDYcj7vglcg5eNf+ecOk60oS3uHg3ORC/gBdSmmC0izAoI= =GPGd -END PGP SIGNATURE- pgpdaFdaQ4Q6q.pgp Description: PGP signature --- End Message ---
Bug#1037908: marked as done (yaramod: ftbfs with GCC-13)
Your message dated Sun, 02 Jun 2024 05:16:36 +
with message-id
and subject line Bug#1037908: fixed in yaramod 3.21.0-1
has caused the Debian Bug report #1037908,
regarding yaramod: ftbfs with GCC-13
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1037908: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037908
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:yaramod
Version: 3.6.0-1.1
Severity: normal
Tags: sid trixie
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-13
[This bug is targeted to the upcoming trixie release]
Please keep this issue open in the bug tracker for the package it
was filed for. If a fix in another package is required, please
file a bug for the other package (or clone), and add a block in this
package. Please keep the issue open until the package can be built in
a follow-up test rebuild.
The package fails to build in a test rebuild on at least amd64 with
gcc-13/g++-13, but succeeds to build with gcc-12/g++-12. The
severity of this report will be raised before the trixie release.
The full build log can be found at:
http://qa-logs.debian.net/2023/05/22/logs/yaramod_3.6.0-1.1_unstable_gccexp.log
The last lines of the build log are at the end of this report.
To build with GCC 13, either set CC=gcc-13 CXX=g++-13 explicitly,
or install the gcc, g++, gfortran, ... packages from experimental.
apt-get -t=experimental install g++
Common build failures are new warnings resulting in build failures with
-Werror turned on, or new/dropped symbols in Debian symbols files.
For other C/C++ related build failures see the porting guide at
http://gcc.gnu.org/gcc-13/porting_to.html
[...]
/usr/include/pog/rule_builder.h:118:14: recursively required from ‘void
pog::RuleBuilder::_production(std::vector&, const
std::string&, Args&& ...) [with Args = {const char (&)[3],
yaramod::ParserDriver::defineGrammar()::}; ValueT =
yaramod::Value; std::string = std::__cxx11::basic_string]’
/usr/include/pog/rule_builder.h:118:14: required from ‘void
pog::RuleBuilder::_production(std::vector&, const
std::string&, Args&& ...) [with Args = {const char (&)[11], const char (&)[3],
yaramod::ParserDriver::defineGrammar()::}; ValueT =
yaramod::Value; std::string = std::__cxx11::basic_string]’
/usr/include/pog/rule_builder.h:101:14: required from
‘pog::RuleBuilder& pog::RuleBuilder::production(Args&& ...)
[with Args = {const char (&)[3], const char (&)[11], const char (&)[3],
yaramod::ParserDriver::defineGrammar()::}; ValueT =
yaramod::Value]’
/<>/src/parser/parser_driver.cpp:1117:14: required from here
/<>/src/parser/parser_driver.cpp:1118:30: warning: moving a
temporary object prevents copy elision [-Wpessimizing-move]
1118 | auto expr = std::move(args[1].getExpression());
| ^~~~
/<>/src/parser/parser_driver.cpp:1118:30: note: remove ‘std::move’
call
/<>/src/parser/parser_driver.cpp: In instantiation of
‘yaramod::ParserDriver::defineGrammar():: [with auto:170 =
std::vector >]’:
/usr/include/c++/13/bits/invoke.h:61:36: required from ‘constexpr _Res
std::__invoke_impl(__invoke_other, _Fn&&, _Args&& ...) [with _Res =
yaramod::Value; _Fn =
yaramod::ParserDriver::defineGrammar()::&; _Args =
{vector >}]’
/usr/include/c++/13/bits/invoke.h:114:35: required from ‘constexpr
std::enable_if_t, _Res>
std::__invoke_r(_Callable&&, _Args&& ...) [with _Res = yaramod::Value;
_Callable = yaramod::ParserDriver::defineGrammar()::&;
_Args = {vector >};
enable_if_t, _Res> =
yaramod::Value]’
/usr/include/c++/13/bits/std_function.h:290:30: required from ‘static _Res
std::_Function_handler<_Res(_ArgTypes ...), _Functor>::_M_invoke(const
std::_Any_data&, _ArgTypes&& ...) [with _Res = yaramod::Value; _Functor =
yaramod::ParserDriver::defineGrammar()::; _ArgTypes =
{std::vector >&&}]’
/usr/include/pog/rule_builder.h:118:14: recursively required from ‘void
pog::RuleBuilder::_production(std::vector&, const
std::string&, Args&& ...) [with Args = {const char (&)[11], const char (&)[3],
yaramod::ParserDriver::defineGrammar()::}; ValueT =
yaramod::Value; std::string = std::__cxx11::basic_string]’
/usr/include/pog/rule_builder.h:118:14: required from ‘void
pog::RuleBuilder::_production(std::vector&, const
std::string&, Args&& ...) [with Args = {const char (&)[3], const char (&)[11],
const char (&)[3],
yaramod::ParserDriver::defineGrammar()::}; ValueT =
yaramod::Value; std::string = std::__cxx11::basic_string]’
/usr/include/pog/rule_builder.h:118:14: recursively required from ‘void
pog::Rule
Bug#1060495: marked as done (netctl: Please switch Build-Depends to systemd-dev)
Your message dated Sun, 02 Jun 2024 05:16:06 + with message-id and subject line Bug#1060495: fixed in netctl 1.29-1 has caused the Debian Bug report #1060495, regarding netctl: Please switch Build-Depends to systemd-dev to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1060495: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060495 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: netctl Version: 1.28-1 Severity: normal User: pkg-systemd-maintain...@lists.alioth.debian.org Usertags: systemd-dev Hi, your package netctl declares a Build-Depends on systemd and/or udev. In most cases, this build dependency is added to get the paths that are defined in udev.pc or systemd.pc (via pkgconfig). Since systemd_253-2 [1], these two pkgconfig files have been split into a separate package named systemd-dev. This package is arch:all, so even available on non-Linux architectures, which will simplify the installation of upstream provided service files / udev rules. To not make existing source packages FTBFS, the systemd and udev package have a Depends: systemd-dev. This dependency will be removed at some point though before trixie is released. Once this happens, this issue will be bumped to RC. Please update your build dependencies accordingly at your earliest convenience. If all you need is the systemd.pc or udev.pc pkgconfig file, please replace any systemd or udev Build-Depends with systemd-dev. In most cases that should be sufficient. If your package needs further resources from systemd or udev to build successfully, it's fine to keep those Build-Depends in addition to systemd-dev. To ease stable backports, a version of systemd with those changes is provided via bookworm-backports. In case you have further questions, please contact the systemd team at . On behalf of the systemd team, Michael [1] https://salsa.debian.org/systemd-team/systemd/-/merge_requests/196 --- End Message --- --- Begin Message --- Source: netctl Source-Version: 1.29-1 Done: Yangfl We believe that the bug you reported is fixed in the latest version of netctl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1060...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Yangfl (supplier of updated netctl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 28 May 2024 02:53:42 +0800 Source: netctl Architecture: source Version: 1.29-1 Distribution: unstable Urgency: medium Maintainer: Yangfl Changed-By: Yangfl Closes: 1060495 1071983 Changes: netctl (1.29-1) unstable; urgency=medium . * New upstream release * Switch Build-Depends to systemd-dev (Closes: #1060495, #1071983) * Bump Standards-Version to 4.7.0 Checksums-Sha1: 631fddbdd3fd86f6d2b126ee430352cf94bef5ce 2122 netctl_1.29-1.dsc 9f89e214bb74827609d2f3c73f8a8aa6d02309be 47724 netctl_1.29.orig.tar.xz e3c3825c1e08e0e1e038e6a07a45881d9fda1c3f 833 netctl_1.29.orig.tar.xz.asc 33ad421be25be1d9039f5842782367c5b3867944 12344 netctl_1.29-1.debian.tar.xz 6b7b3a7abf9d45aa92251d5a084e9f69477d3b97 6557 netctl_1.29-1_amd64.buildinfo Checksums-Sha256: fcc1a024bf9760ce3b334a289229664e76f01f66754e453ff6697941950246b9 2122 netctl_1.29-1.dsc 27f91ad21a8fe8cb1e14b5a816580167da36e8ef056de40c87b3975d86b76932 47724 netctl_1.29.orig.tar.xz b6f1ee18dbc2598ec39bf2dbd1a81422c149735079d30bb920e7bc2845ed92b1 833 netctl_1.29.orig.tar.xz.asc 16a9c7f8f5142fc22c388eaa6f9a99f1d3c76fad3bde9b6aedd35cba57d19363 12344 netctl_1.29-1.debian.tar.xz d0a93fd507a6af036613d7cf1c702108c8d585d06bddba09ebc5e0b939b12e84 6557 netctl_1.29-1_amd64.buildinfo Files: b548cd921c4ee9dd1f2ece71fbc5ba40 2122 net optional netctl_1.29-1.dsc 45b6cf715537d2b8fe603a93434447c3 47724 net optional netctl_1.29.orig.tar.xz 422b69fe098bf92bed0f4e40f8aa9cfd 833 net optional netctl_1.29.orig.tar.xz.asc d05ebc45719e67f3ba348bb7d7855519 12344 net optional netctl_1.29-1.debian.tar.xz abb8be2412cda9ca17e088afe218223f 6557 net optional netctl_1.29-1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEfncpR22H1vEdkazLwpPntGGCWs4FAmZb40gACgkQwpPntGGC Ws7Bzw/8DBsDAhddC66obge35KuHF0svZMxyzo5IaTQkV
Processed: tagging 1072349, reassign 1072381 to src:freeciv
Processing commands for cont...@bugs.debian.org:
> tags 1072349 + sid trixie
Bug #1072349 {Done: Jan Mojžíš } [src:lua-resty-lrucache]
lua-resty-lrucache: replace luajit2 with luajit
Added tag(s) trixie and sid.
> reassign 1072381 src:freeciv 3.1.1+ds-1
Bug #1072381 [freeiv] Provide gtk4-client package
Warning: Unknown package 'freeiv'
Bug reassigned from package 'freeiv' to 'src:freeciv'.
No longer marked as found in versions 3.1.1+ds-1.
Ignoring request to alter fixed versions of bug #1072381 to the same values
previously set
Bug #1072381 [src:freeciv] Provide gtk4-client package
Marked as found in versions freeciv/3.1.1+ds-1.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
1072349: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072349
1072381: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072381
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Bug#1069484: marked as done (cowdancer: FTBFS on armhf: ccjNp8Id.s:2361: Error: symbol `open64' is already defined)
Your message dated Sat, 01 Jun 2024 22:49:26 + with message-id and subject line Bug#1069484: fixed in cowdancer 0.90 has caused the Debian Bug report #1069484, regarding cowdancer: FTBFS on armhf: ccjNp8Id.s:2361: Error: symbol `open64' is already defined to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1069484: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069484 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: cowdancer Version: 0.89 Severity: serious Justification: FTBFS Tags: trixie sid ftbfs User: lu...@debian.org Usertags: ftbfs-20240420 ftbfs-trixie ftbfs-t64-armhf Hi, During a rebuild of all packages in sid, your package failed to build on armhf. Relevant part (hopefully): > /bin/bash ./libtool --tag=CC --mode=link gcc -fno-strict-aliasing > -DCOWDANCER_SO="\"/usr/lib/cowdancer/libcowdancer.so\"" -g -O2 > -Werror=implicit-function-declaration -ffile-prefix-map=/<>=. > -fstack-protector-strong -fstack-clash-protection -Wformat > -Werror=format-security -Wl,-z,relro -Wl,-z,now -o cowdancer-ilistdump > cowdancer-ilistdump.o log.o > libtool: link: gcc -fno-strict-aliasing > -DCOWDANCER_SO=\"/usr/lib/cowdancer/libcowdancer.so\" -g -O2 > -Werror=implicit-function-declaration -ffile-prefix-map=/<>=. > -fstack-protector-strong -fstack-clash-protection -Wformat > -Werror=format-security -Wl,-z -Wl,relro -Wl,-z -Wl,now -o > cowdancer-ilistcreate cowdancer-ilistcreate.o ilistcreate.o log.o > /tmp/ccjNp8Id.s: Assembler messages: > /tmp/ccjNp8Id.s:2361: Error: symbol `open64' is already defined > /tmp/ccjNp8Id.s:2791: Error: symbol `creat64' is already defined > /tmp/ccjNp8Id.s:3123: Error: symbol `fopen64' is already defined > libtool: link: gcc -fno-strict-aliasing > -DCOWDANCER_SO=\"/usr/lib/cowdancer/libcowdancer.so\" -g -O2 > -Werror=implicit-function-declaration -ffile-prefix-map=/<>=. > -fstack-protector-strong -fstack-clash-protection -Wformat > -Werror=format-security -Wl,-z -Wl,relro -Wl,-z -Wl,now -o > cowdancer-ilistdump cowdancer-ilistdump.o log.o > /bin/bash ./libtool --tag=CC --mode=link gcc -fno-strict-aliasing > -DCOWDANCER_SO="\"/usr/lib/cowdancer/libcowdancer.so\"" -g -O2 > -Werror=implicit-function-declaration -ffile-prefix-map=/<>=. > -fstack-protector-strong -fstack-clash-protection -Wformat > -Werror=format-security -Wl,-z,relro -Wl,-z,now -o cowbuilder cowbuilder.o > parameter.o forkexec.o ilistcreate.o main.o cowbuilder_util.o log.o > make[1]: *** [Makefile:1184: libcowdancer_la-cowdancer.lo] Error 1 The full build log is available from: http://qa-logs.debian.net/2024/04/20/cowdancer_0.89_unstable-armhf.log All bugs filed during this archive rebuild are listed at: https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20240420;users=lu...@debian.org or: https://udd.debian.org/bugs/?release=na&merged=ign&fnewerval=7&flastmodval=7&fusertag=only&fusertagtag=ftbfs-20240420&fusertaguser=lu...@debian.org&allbugs=1&cseverity=1&ctags=1&caffected=1#results A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! If you reassign this bug to another package, please mark it as 'affects'-ing this package. See https://www.debian.org/Bugs/server-control#affects If you fail to reproduce this, please provide a build log and diff it with mine so that we can identify if something relevant changed in the meantime. --- End Message --- --- Begin Message --- Source: cowdancer Source-Version: 0.90 Done: Jessica Clarke We believe that the bug you reported is fixed in the latest version of cowdancer, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1069...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jessica Clarke (supplier of updated cowdancer package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Jun 2024 23:13:30 +0100 Source: cowdancer Architecture: source Version: 0.90 Distribution: unstable Urgency: medium Maintainer: Debian pbuilder maintenance team Changed-By: Jessica Clarke Closes: 914076 1069484 Changes: cowdancer (0.90) unstabl
Bug#1069484: marked as pending in cowdancer
Control: tag -1 pending Hello, Bug #1069484 in cowdancer reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/pbuilder-team/cowdancer/-/commit/ee7fd54fec3145ce95fb735b5ff2f83a9352d599 Fix FTBFS when symbols are redirected We already have various #undef's to try and counteract any LFS redirection in the preprocessor, but with the time64 transition turning on more LFS things we now hit __asm__-based redirection, which we have no way of disabling once applied (and we really don't want to start messing with disabling LFS or time64_t things as those will surely eventually stop working). Instead, let's use __asm__ ourselves to control which symbols we interpose, giving the C functions themselves different names that won't collide with the standard library. Closes: #1069484 (this message was generated automatically) -- Greetings https://bugs.debian.org/1069484
Processed: Bug#1069484 marked as pending in cowdancer
Processing control commands: > tag -1 pending Bug #1069484 [src:cowdancer] cowdancer: FTBFS on armhf: ccjNp8Id.s:2361: Error: symbol `open64' is already defined Added tag(s) pending. -- 1069484: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069484 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072052: marked as done (djangorestframework: regression with pytest 8.2 due to invalid config key)
Your message dated Sat, 01 Jun 2024 19:19:09 + with message-id and subject line Bug#1072052: fixed in djangorestframework 3.15.1-2 has caused the Debian Bug report #1072052, regarding djangorestframework: regression with pytest 8.2 due to invalid config key to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1072052: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072052 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: djangorestframework Version: 3.15.1-1 Severity: serious Tags: patch -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Dear maintainer, djangorestframework has an error in its setup.cfg, using the invalid key testspath instead of testpaths. Starting with pytest 8.2, this is no longer ignored but raises an exception. I suggest removing the invalid key, as it is obviously not needed. Alternatively, you can rename it to testpaths. Cheers Timo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEmwPruYMA35fCsSO/zIxr3RQD9MoFAmZU8hsACgkQzIxr3RQD 9MqXkhAAo7etxr5VDmR6TAWq0r2rofVe9cya8aYV+MXw4Xg7Ipf/dmhqtzxxykgt OcoGnz7J2l4nzage24f+2QyGC4403zhxYT6L1qA07y6aFq5L5Tem3PhbYzH2w/Uq FGlrCLOcmZSWobEyftedsh2t4LM++fjub+d2cBJYd3xh0a8q/PSpIn5DPPJDLCgu PTwjLnDCT9CRzIr4zv2H6JOllp1JOhI+Xiro+dD0GDt1TvFjm+ueVhbSJr52v/wQ rIwujgMaVlrTXbNZfgFMFgdiFuBSD3AzA1Ba61SOKh23yhJsubMkQrNlBkfhaujj 6u9IHHLvlfTrxirr7uzzLp3C7Tkk9xxuZYtnsnJQugM4H99a4ucGJQU9H7WCq4jq b34dV2klxLuA3g+5+5mI76BsMokVs/W+u/1Lvu47Ct3yD08KfCO0XZr0/wW5uodk 2dqJbFQnr7ymU6hW0p74JJL+8QkP3R7ZCu1JheKccEHZy7E+JsAtEENRWCvngiUs j56LRcBtFruGtXSLN1vnQiXbEMEA2JOJGmKyKgqBCXi3Q8QuyKMewwrv1X6TltDB VT02MV3tbCRCKuEN63rPKMgkQHCI0eWcXC/XbTsQcKKForGn4F5ZHW+1VOdOC96b Z31PsmLtJfuYpv33NCnGdzLELpFYBng8rh6vRSgjqXKTAmYowBw= =SJnC -END PGP SIGNATURE- --- End Message --- --- Begin Message --- Source: djangorestframework Source-Version: 3.15.1-2 Done: Carsten Schoenert We believe that the bug you reported is fixed in the latest version of djangorestframework, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1072...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Carsten Schoenert (supplier of updated djangorestframework package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Jun 2024 20:13:31 +0200 Source: djangorestframework Architecture: source Version: 3.15.1-2 Distribution: unstable Urgency: medium Maintainer: Debian Python Team Changed-By: Carsten Schoenert Closes: 1072052 Changes: djangorestframework (3.15.1-2) unstable; urgency=medium . * Team upload . [Carsten Schoenert] * [4ba996d] Rebuild patch queue from patch-queue branch Added patches: Fix-typo-in-setup.cfg-setting.patch tests-Check-urlpatterns-after-cleanups-9400.patch (Closes: #1072052) * [f5886e3] d/control: Bump Standards-Version to 4.7.0 No further changes needed. . [Simon Lyngshede] * [bbf09c6] d/rules: Don't exclude bootstrap-tweaks.css file Checksums-Sha1: 464297b9b5f6f371caa1bbea81a3d34cc73d 2987 djangorestframework_3.15.1-2.dsc c43bbc1fbd1bd6cf8672a3727d4b25a450fbfe44 349836 djangorestframework_3.15.1-2.debian.tar.xz a674a5ba21db2c9151aef7dafa8d91777957c3df 9705 djangorestframework_3.15.1-2_amd64.buildinfo Checksums-Sha256: fd3f164a43cf61f1b1ea5d95d39121d0e3be17663100619cafa8524dc20f83b6 2987 djangorestframework_3.15.1-2.dsc 35734b72c50bf8b5b54fb0a26f6645d3d30231f0e04c7d4e2763470b87768e22 349836 djangorestframework_3.15.1-2.debian.tar.xz ae954eb84f346ea825f65dd961262bf84975997f877e44fbf3ffdd9d6e16c1bc 9705 djangorestframework_3.15.1-2_amd64.buildinfo Files: e75e9f3b3e8956d3c982575e98551131 2987 python optional djangorestframework_3.15.1-2.dsc 7c41a2c53acce9db4fbfbb617adb8a56 349836 python optional djangorestframework_3.15.1-2.debian.tar.xz 998987a8e63c56db1d5f292224bcff61 9705 python optional djangorestframework_3.15.1-2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQJMBAEBCgA2FiEEtw38bxNP7PwBHmKqgwFgFCUdHbAFAmZbbqwYHGMuc2Nob2Vu ZXJ0QHQtb25saW5lLmRlAAoJEIMBYBQlHR2wOz4QAIkEIMEkqOLxQvSaCoLgmsDh ac+P2x3WjwVMkNimErvfcIoTgXphbHLuSJgjY0Z6KLtJJTYKIVQeg+/aQohiLwS7 w7qgtefkHx3GuNhnhUJa5CumjfBLCfltVV0clSaGh3g+3Aj
Bug#1072351: marked as done (love: replace luajit2 with luajit)
Your message dated Sat, 01 Jun 2024 19:05:31 + with message-id and subject line Bug#1072351: fixed in love 11.5-2 has caused the Debian Bug report #1072351, regarding love: replace luajit2 with luajit to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1072351: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072351 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: love Version: 11.5-1 Severity: serious Control: block 1069780 by -1 luajit2 was requested to be removed, see #1069780. Please switch your (Build-Depends) over to luajit, which has become the openresty luajit(2) source. --- End Message --- --- Begin Message --- Source: love Source-Version: 11.5-2 Done: Alexandre Detiste We believe that the bug you reported is fixed in the latest version of love, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1072...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alexandre Detiste (supplier of updated love package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Jun 2024 20:23:59 +0200 Source: love Architecture: source Version: 11.5-2 Distribution: unstable Urgency: medium Maintainer: Debian Games Team Changed-By: Alexandre Detiste Closes: 1059142 1072351 Changes: love (11.5-2) unstable; urgency=medium . * Revert "switch to libluajit2-5.1-dev" (Closes: #1072351) * Enablue build on loong64 (Closes: #1059142) Checksums-Sha1: 0a49d8a42a5ce968c8f71edd3242f0f8606601e2 2361 love_11.5-2.dsc 673c533138ea9c2e5cb043cf811845db523d30c6 27424 love_11.5-2.debian.tar.xz 901b76e1d909de6e32bdd4028c0e7099f741ec01 12224 love_11.5-2_source.buildinfo Checksums-Sha256: 17c9c2d321a2a024f3e6d25ac3553cb01d3cd58e227251d5f27bddc0944dc929 2361 love_11.5-2.dsc 30b9730a3446e4d97477cc4db7e363cb44d456c897d32a3754e7d6c78705e9e5 27424 love_11.5-2.debian.tar.xz c1447273714a9491038f2211d526f9cf563ff8e504a29448e2500900475d3c0d 12224 love_11.5-2_source.buildinfo Files: 8deb494c4f0155e2d73670d78e4158ee 2361 interpreters optional love_11.5-2.dsc 7451e34b5df60ef7a22ed6366e0a9f9d 27424 interpreters optional love_11.5-2.debian.tar.xz 97da69193c51c5d6e8f3c8c10f66f056 12224 interpreters optional love_11.5-2_source.buildinfo -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEEj23hBDd/OxHnQXSHMfMURUShdBoFAmZbbecRHHRjaGV0QGRl Ymlhbi5vcmcACgkQMfMURUShdBpy1w//XyiQDapv+W5L/hr+dZoiiMW4kpTzENIk UVkgR/q3VIbWFU0oYx7dpFCKRbyYMKB4KQArGYs0fp1cygMuoFgYw3g2Lyib34sW Eiu+C0Tytd6KlZMRnDWh3P0t6fbXu4uvev9kDHCUg9zQeZ6PiTRgpX4gpMpl/0xR rpqhPhfz9Kh7YEA8n8aZAu4O0nrRuWBmt3HtR+3CBLr7Nqn1mQIdW7oW/1kNhTR7 x/TxIrMJdlszwRIPGaWWMh6zH1CpTO6BILTHCxYgyy973lQFvaNHeJdBz5onKygQ lHgQC0W+PrJgxrUIS0Gc0FE3wwDxIlZganc/+MsoWgeJ4FH3LIeo5uS9H8O/EXNt 0fWxwTlfY3Hn6aM3x2hxANQgPSfevH4lHwOEpijpMmuCqpZzuVOjzRruFBOZcuQY wHI61FiEVrDX7+PhkFcZbSzvzKRmYCb3X44UcqFGXuJMAV6Q2ce2j0aiR1JaQfSq sZ5c3IxD+X/nPC0UK7eR8I3aCbgD2WnXI79A3KxFms58SiYO+8MxdUn2PM1v4/bG qVyLb509+7VLnnv7dcqwc6xOkZzmY7sT6E32OMD2Jx8gc35REGCOfkjLdsvgpNSV JBPDxirZ45RYm4tuIhGIj5UZvPaMNg/OWYApZ4cPncOEpux+vCWa514ooPF++S7U LbqmXUlSR7Y= =sS9S -END PGP SIGNATURE- pgpgYAnnrFDjB.pgp Description: PGP signature --- End Message ---
Bug#1072369: dropbear: flaky autopkgtest
Source: dropbear
Version: 2024.85-1
Severity: serious
Justification: flaky debci is RC as per RT
X-Debbugs-CC: elb...@debian.org
Hi,
Dropbear's debci sometimes fails and works on reruns, which is RC
according to the release team. E.g.:
44s _ test_read_pty[41234]
_
44s
44s request = >
44s dropbear =
44s size = 41234
44s
44s @pytest.mark.parametrize("size", [0, 1, 2, 100, 20001, 41234])
44s def test_read_pty(request, dropbear, size):
44s# testcase for
44s# https://bugs.openwrt.org/index.php?do=details&task_id=1814
44s# https://github.com/mkj/dropbear/pull/85
44s# From Yousong Zhou
44s# Fixed Oct 2021
44s#
44s#$ ssh -t my.router cat /tmp/bigfile | wc
44s#Connection to my.router closed.
44s# 0 1 14335 <- should be 20001
44s
44s# Write the file. No newlines etc which could confuse ptys
44sdat = random_alnum(size)
44sr = dbclient(request, "tmpf=`mktemp`; echo $tmpf; cat > $tmpf",
input=dat, capture_output=True, text=True)
44stmpf = r.stdout.rstrip()
44sr.check_returncode()
44s# Read with a pty, this is what is being tested.
44s# Timing/buffering is subtle, we seem to need to cat a file
from disk to hit it.
44sm, s = pty.openpty()
44sr = dbclient(request, "-t", f"cat {tmpf}; rm {tmpf}", stdin=s,
capture_output=True)
44sr.check_returncode()
44s > assert r.stdout.decode() == dat
44s EAssertionError: assert '5UJ3MW22xOOI...FaalTbhYJnMCI' ==
'5UJ3MW22xOOI...Y3JVX5tREk1dZ'
44s E
44s E Skipping 35313 identical leading characters in diff, use -v to show
44s E -
alTbhYJnMCIn7LtG6YFfF3Gk3pFejnyM2rEbIILTIFdk1JWuplYKktUPBdJT7np0mbpsUIv4VRwGAVP2JWGnLAm4S4AAQIPMawGHMyoxqV9zFFE8MinMNvpw1aQf9QPfnO8TeBNMyIVtBwW3T3BnV5K9g46lSmnyHzb74TxhKlyUPfxptjwFB1d8v4HyDdl0RyLYulodzxNeIOB1Lm5ALyInEVcVc6cy4O9gmzgUCRHT5i3dJzMCvJJ0yBYRhfSwY4vms9TLH5uloGp5wK8QYMeiM4YGMR8LlGE0p2ol7aiVd0LxNqWb3dzlC17iPYOjxhpUaIuUOkhxu5JXcnEP8QkLOwEgWltymjnnvG3z4ITHf24leozVwGMOO8eR74E9JZdZE6Hs7EWKMuzFmlCHK08L5WtZRPYksOq5HuvUxttVOhtCYJDgPpnJ48Z27q0no73Qeg3gS7Y74nf3ZEGToWh71Wn9whsbp3QoGMENc4UUth8KPoiu2QuEzbl...
44s E
44s E ...Full output truncated (2 lines hidden), use '-vv' to show
https://ci.debian.net/packages/d/dropbear/testing/s390x/47157781/
--
Kind regards,
Luca Boccassi
signature.asc
Description: This is a digitally signed message part
Bug#1072357: marked as done (pkg-kde-tools: FTBFS on armhf/mips64el/riscv64: Broken tests due to 0.17.2 changes)
Your message dated Sat, 01 Jun 2024 17:36:56 +
with message-id
and subject line Bug#1072357: fixed in pkg-kde-tools 0.17.3
has caused the Debian Bug report #1072357,
regarding pkg-kde-tools: FTBFS on armhf/mips64el/riscv64: Broken tests due to
0.17.2 changes
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1072357: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072357
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: pkg-kde-tools
Version: 0.17.2
Severity: grave
X-Debbugs-CC: mity...@debian.org
Dear Debian pkg-kde-tools maintainers,
It became clear that the fix in 0.17.2 broke some of the tests related to
time_t on several architectures, and the FTBFS is caused by mixing {time_t}
and {int64_t}. Please check the build logs for more information.
*
https://buildd.debian.org/status/fetch.php?pkg=pkg-kde-tools&arch=armhf&ver=0.17.2&stamp=1716721655&raw=0
*
https://buildd.debian.org/status/fetch.php?pkg=pkg-kde-tools&arch=mips64el&ver=0.17.2&stamp=1716721905&raw=0
*
https://buildd.debian.org/status/fetch.php?pkg=pkg-kde-tools&arch=riscv64&ver=0.17.2&stamp=1716721753&raw=0
Another similar failure in the ports arch (loong64):
*
https://buildd.debian.org/status/fetch.php?pkg=pkg-kde-tools&arch=loong64&ver=0.17.2&stamp=1716722208&raw=0
Thanks,
Boyuan Yang
signature.asc
Description: This is a digitally signed message part
--- End Message ---
--- Begin Message ---
Source: pkg-kde-tools
Source-Version: 0.17.3
Done: Dmitry Shachnev
We believe that the bug you reported is fixed in the latest version of
pkg-kde-tools, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1072...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Dmitry Shachnev (supplier of updated pkg-kde-tools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 01 Jun 2024 20:03:08 +0300
Source: pkg-kde-tools
Architecture: source
Version: 0.17.3
Distribution: unstable
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers
Changed-By: Dmitry Shachnev
Closes: 1072357
Changes:
pkg-kde-tools (0.17.3) unstable; urgency=medium
.
* Do not automatically consider current subst as verified. This way we
can detect wrong substs in more cases (closes: #1072357).
* Add a few more tests for pkgkde-symbolshelper.
Checksums-Sha1:
5ff70cdc412b1ee8225c9ceabb0b7eebef6ff4fd 1951 pkg-kde-tools_0.17.3.dsc
39c02318aef1b680327961e5aa3cd38231a1b423 106780 pkg-kde-tools_0.17.3.tar.xz
56a41897a50fe802f970eab0aa03783558a0893d 6651
pkg-kde-tools_0.17.3_source.buildinfo
Checksums-Sha256:
c283094f77e62e370917bb08f42469f3c5867d5a3f3c6def70f610e2857d1463 1951
pkg-kde-tools_0.17.3.dsc
231abaa0813e05ad1a8645a16f11d855d0c5402388bfa0d08f2e61d39fd2ea10 106780
pkg-kde-tools_0.17.3.tar.xz
5c953eca592768830b015f0b3f441a214ce2c8645044921423fe620ff9906f51 6651
pkg-kde-tools_0.17.3_source.buildinfo
Files:
b5603049a5ceb46a1b419f464fefeb99 1951 devel optional pkg-kde-tools_0.17.3.dsc
5aab204aaeb05fae4f7823ca2ae508c8 106780 devel optional
pkg-kde-tools_0.17.3.tar.xz
f8f95ff6d0212cba207bb1c71cd9b9d2 6651 devel optional
pkg-kde-tools_0.17.3_source.buildinfo
-BEGIN PGP SIGNATURE-
iQJHBAEBCgAxFiEEq2sdvrA0LydXHe1qsmYUtFL0RrYFAmZbVH0THG1pdHlhNTdA
ZGViaWFuLm9yZwAKCRCyZhS0UvRGtiFgD/0SW6+y7100XcYsqm3iBimOQ0SSKTEO
t/26lK0pyWnVqwVhTQVC/LL3MqokYe2J6YIXP6r9uoFm5HmtRHiM6AeUKn3rOcvA
elOhW2T9G2U8mLijmhkEDrkCIZPwDEn8jpLQJDV2IhmE1YWooPvdlC4uXn+9JDKF
JvR28pLd94/Ityod5f4iziVTtrZADIOJuU3EACCWVIc80BOeYUm+pwEwqZwFpZqU
osR5wOHoZKubzraqVgCupyeqxKMKqa8Rzhwx5Bvpc2dYqdTZN2zv+j1z4Px+oCZW
etlsOyUj6/gZRePVaX888hJzauhPKJifmvHU9Mp6K1AmWe46/ajYk1drIC76RujF
FxAkqKX2d/WaODKG7NvdKAk7MK26K4Y5/8Y7F7bvCmB9FXIU3Qezw75ScXkWB0+5
vhbsCTt3ljxxTMzZtQhIjmHhhx+uOo30piAXre94W8gAAEzpey8sOHlyDe75TqqD
Zw2DxHxXtUdF3RVnYG/DiBTQiNTj4P0E9EyjMXbB77FCx3x0aD4M9cT9vYlR4Sj2
GNg2VBPyvjAuYnUbpg3m4XGuYX2ITEko+EhyvAnEnYtBmY46+4QA9NzYBiIPvMKF
Jad12vQEAOKCJR9Na272WQpQQh7gCsELNmgiFnYXzrchF71zmYVskIBi1BFSm3HR
FOS4k9RaN7AVNQ==
=O7jA
-END PGP SIGNATURE-
pgpLRVk9UguAn.pgp
Description: PGP signature
--- End Message ---
Processed: Update the forwarded status of bug 1069474
Processing commands for cont...@bugs.debian.org: > forwarded 1069474 https://github.com/FreeSpacenav/spacenavd/issues/104 Bug #1069474 [src:spacenavd] spacenavd: FTBFS on armhf: src/dev_usb_linux.c:293:30: error: ‘struct input_event’ has no member named ‘time’ Set Bug forwarded-to-address to 'https://github.com/FreeSpacenav/spacenavd/issues/104'. > tags 1069474 +upstream Bug #1069474 [src:spacenavd] spacenavd: FTBFS on armhf: src/dev_usb_linux.c:293:30: error: ‘struct input_event’ has no member named ‘time’ Added tag(s) upstream. > thanks Stopping processing here. Please contact me if you need assistance. -- 1069474: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069474 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072355: marked as done (nss-pam-ldapd: upload with maintainer-built binaries cannot migrate)
Your message dated Sat, 01 Jun 2024 17:05:43 + with message-id and subject line Bug#1072355: fixed in nss-pam-ldapd 0.9.12-7 has caused the Debian Bug report #1072355, regarding nss-pam-ldapd: upload with maintainer-built binaries cannot migrate to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1072355: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072355 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: nss-pam-ldapd Version: 0.9.12-6 Severity: serious Hi, thanks for uploading to unstable. However the upload included maintainer-built binaries (for Arch: all and amd64). Migration to testing of these is forbidden by release team policy. Please upload a new version (no further changes needed) without any binaries to let the package migrate. Chris --- End Message --- --- Begin Message --- Source: nss-pam-ldapd Source-Version: 0.9.12-7 Done: Arthur de Jong We believe that the bug you reported is fixed in the latest version of nss-pam-ldapd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1072...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Arthur de Jong (supplier of updated nss-pam-ldapd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 01 Jun 2024 18:46:35 +0200 Source: nss-pam-ldapd Architecture: source Version: 0.9.12-7 Distribution: unstable Urgency: medium Maintainer: Arthur de Jong Changed-By: Arthur de Jong Closes: 1072355 Changes: nss-pam-ldapd (0.9.12-7) unstable; urgency=medium . * Source only upload for migration to testing (closes: #1072355) Checksums-Sha1: 2f922de05657c81f48576bec0df7a2981796fb9d 2632 nss-pam-ldapd_0.9.12-7.dsc 914f51a3ff572e286ed23fd718017270c26733f7 113012 nss-pam-ldapd_0.9.12-7.debian.tar.xz 4e26496d554259b117fd873888261b2e5127cbb3 10848 nss-pam-ldapd_0.9.12-7_amd64.buildinfo Checksums-Sha256: bb2dc0e98fa99d24c0513c5dd3faa4666db47a5057d12d89b1e23b6b7225106c 2632 nss-pam-ldapd_0.9.12-7.dsc 4e99d02df34d555ba2e24430b8d806c0d83e8988f96b4bfe792d654e4cced0ca 113012 nss-pam-ldapd_0.9.12-7.debian.tar.xz 84260afba228dceff77002e92f28dc34238175a87d7b88d019b16c725f39 10848 nss-pam-ldapd_0.9.12-7_amd64.buildinfo Files: d26793ba5f59a96f529e97f32ea72d4f 2632 admin optional nss-pam-ldapd_0.9.12-7.dsc fed679fd5ae04f0c9db4ab898c986f17 113012 admin optional nss-pam-ldapd_0.9.12-7.debian.tar.xz 2c49a7409040e144835baa83a54ba585 10848 admin optional nss-pam-ldapd_0.9.12-7_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEERS7Cy2XPaMKhrb9fKot0aBDgr8EFAmZbUOQACgkQKot0aBDg r8FCtg/6A4sr3ZNf3bP5DXbu6UGtuiQh5nkcF8N5rkms0hexnjK5hbDctBHO8n0X Ge7JUmGqUPvM2Mn3bx5XBa3Ueh+D2c6a1/VYAelguTgCsNOCtv621qFENTLUxBRZ 21eTEGO6gdMACHr0S79V0wkDSfXH3WNOeKBwvcqeoNmRw/CZBDUfmlgY7/Axjvjf B/CttRi2nmhBupVgqTCSGCIKAvMKP8wCyWc5qp4t/Xvqo3vMXCv04u0YnXYXfBpT KNG1uBue1WiO9FxUSiAIhbmeQTaZuxdCXPk71v23wBhnPKLXuY0AItvKwrinz4Pc KuJUBkJzPbCaCzO1ScbHf/FjaIOV8xE5AEhQe0fYsrcr2UC+9Q4Uip4az67Yu2Pe EjnNOL5TVdUgQ/YXX+fm3+itj9uynJYaFIjznU3tZ9R49lfsuzUXPMlcQvsYFj7D rlKB5M5MpVu1WtSXU49VpPAn7KQHm0ZQt2LokEupDGcKbiW3X85Kb6z67vUVHjRp Pbbb4K6iJMHHhNOaeT+Sl+7yTuekBayGNQj+jDS1Zeiu2EQK+BRVs5C10oReJ9i+ wrYJDH5fPBt97VOt239DWUSjGeFhGRFuPZ/ry3e+ms8AlFfYVyttXg/ro6r2Prrb nHj+0I1XzPEs1+MpjCNNLnTHc+uCasn6j+Om+D+FPaNzU6hneV4= =aZuu -END PGP SIGNATURE- pgpXyjM4jXzEZ.pgp Description: PGP signature --- End Message ---
Bug#1007941: megadown: Should we remove this package?
X-Debbugs-CC: vivia.nikolai...@puri.sm p...@debian.org On Sat, 19 Mar 2022 08:22:23 +0800 Paul Wise wrote: > On Fri, 18 Mar 2022 20:06:14 -0400 Boyuan Yang wrote: > > > The package you maintain (megadown, https://tracker.debian.org/pkg/megadown > > ) > > has a longstanding release-critical bug (depends on removed python2), which > > made the package unusable. > > In the latest upstream version the package only needs Python 2 for > MegaCrypter password protected links, not in general and in addition > the fix for using Python 3 is trivial: s/python/python3/ Given that 2 years have passed with nothing has improved, and that the package maintainer had zero activity in Debian, I propose to remove the package after all. There's no reason to keep it if both package maintainer and upstream original author are doing nothing. On the other hand, no other Linux distributions are providing package megadown [1]. As a result, I plan to submit the package removal request to Debian FTP Masters 15 days later (after Jun 15, 2024) if no one objects. [1] https://repology.org/project/megadown/packages Thanks, Boyuan Yang signature.asc Description: This is a digitally signed message part
Bug#1072355: nss-pam-ldapd: upload with maintainer-built binaries cannot migrate
On Sat, 2024-06-01 at 14:59 +0200, Chris Hofstaedtler wrote: > thanks for uploading to unstable. However the upload included > maintainer-built binaries (for Arch: all and amd64). Migration to > testing of these is forbidden by release team policy. > Please upload a new version (no further changes needed) without any > binaries to let the package migrate. Thanks. I always seem to be confused about which changes file to upload :/ Anyway, I've just uploaded 0.9.12-7 which should be source-only again. -- -- arthur - adej...@debian.org - https://people.debian.org/~adejong -- signature.asc Description: This is a digitally signed message part
Bug#1072353: marked as done (sysbench: replace luajit2 with luajit)
Your message dated Sat, 01 Jun 2024 16:36:29 + with message-id and subject line Bug#1072353: fixed in sysbench 1.0.20+ds-7 has caused the Debian Bug report #1072353, regarding sysbench: replace luajit2 with luajit to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1072353: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072353 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: sysbench Version: 1.0.20+ds-6 Severity: serious Control: block 1069780 by -1 luajit2 was requested to be removed, see #1069780. Please switch your (Build-Depends) over to luajit, which has become the openresty luajit(2) source. --- End Message --- --- Begin Message --- Source: sysbench Source-Version: 1.0.20+ds-7 Done: Jeroen Ploemen We believe that the bug you reported is fixed in the latest version of sysbench, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1072...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jeroen Ploemen (supplier of updated sysbench package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Jun 2024 16:03:11 + Source: sysbench Built-For-Profiles: noudeb Architecture: source Version: 1.0.20+ds-7 Distribution: unstable Urgency: medium Maintainer: Jeroen Ploemen Changed-By: Jeroen Ploemen Closes: 1072353 Changes: sysbench (1.0.20+ds-7) unstable; urgency=medium . * Replace build-dep on libluajit2-5.1-dev with its equivalent provided by the libluajit without a "2". (Closes: #1072353) * Control: bump Standards-Version to 4.7.0 (from 4.6.2; no further changes). * Control: replace build-dep on pkg-config with pkgconf. Checksums-Sha1: 4032f9f07f5a7b6f45b5f388917c135b1c60be50 2088 sysbench_1.0.20+ds-7.dsc e72697c479d92500f90d6947fd37c94028953cbe 11716 sysbench_1.0.20+ds-7.debian.tar.xz 3819510c8270970976496f805a2ce5708adc71af 14777 sysbench_1.0.20+ds-7_source.buildinfo Checksums-Sha256: fffd4132cdb6700b565a1f5de7e62a272a71f5cb952716bc56e8842d174f0635 2088 sysbench_1.0.20+ds-7.dsc 9add3bdd0edd34c936a479448106683fa9da2f611d995266ad32a33875ec4a06 11716 sysbench_1.0.20+ds-7.debian.tar.xz 0de7230b85df4a74d23b487a2b1cd85f01e3e3cfe66ce0f122416625a4e884ef 14777 sysbench_1.0.20+ds-7_source.buildinfo Files: d35deb29c7050cff12e04b1f11fa618e 2088 misc optional sysbench_1.0.20+ds-7.dsc f70a79474063368ace209849b763a23a 11716 misc optional sysbench_1.0.20+ds-7.debian.tar.xz 675cb67dfce542fc51163feb4aa1011e 14777 misc optional sysbench_1.0.20+ds-7_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEd8lhnEnWos3N8v+qQoMEoXSNzHoFAmZbRlMACgkQQoMEoXSN zHqznRAAvQyXGD/HMUIiYHZ/XTaJqIbmh6VaBmOGgLXBK7R1ezCYNLsoAsfGyo87 8A9yL+IhfoYb0MYuGgzQBoUQQJK2g/F4ieQb5L1QXNPy3BPXCYVOngH1DOpDX9NS UTy4NFdyzeGwuJM1k/4EZ3yhF6OObBbSH5xjP9nafWeNyTD9GuYo4Y1olcqa04EI 3OvqVw7TxH2piTpSCkfbo/Y6gJ2lDh1X6G90mUbZAEuack3ruA4SSbblTcNO6Cf8 s4fdnG8kQ2AO4h5ndyFJFcql1xhy8e3pVDzifjDaDs0tTTLiu6KkjOa367l47hsn 2iRB59mqGfHy3stdPZSNtk7brujmr0YnQ9vWxzfo6ZdvR687bGOGFrLnpBI9WVoK vf63BDyZ8oRu3FELOawnvpyBwESubCzchLqvQ9Ns5bdQ1yU8YumpCMPxc0UsbrNl coENB0LuJqE7Zf1hPHpDxvoQlGlkpMf2eHwXrZiMDMintHfT8zm0PKyyza3rBlj3 PxfX16WKy+Bn0cmuNmDP3DcLQtwbE5hkyH1ST4Bqv5A6fOtsU7FmX3+g1XwNsuTi p/L1CZNXZdHcT1k61rifOBpU676Wm1176rxxnLgHq6Ajm0a+5NxkjVd0f6ow5k4q Bcu5BsN/OsERXDUjgOxLha0z5NPpMDbncdTHKWcLKGg9LKPxZAo= =yMlM -END PGP SIGNATURE- pgpnCb_91MVSA.pgp Description: PGP signature --- End Message ---
Bug#1071336: psensor: FTBFS: FAIL test-cppcheck.sh
Thanks! I commit at: https://salsa.debian.org/atzlinux-guest/psensor/-/commit/46ca316e92b62ef4fdbd54aa690445f3da8d398d 在 2024/6/1 21:07, Gianfranco Costamagna 写道: Hello, I uploaded the package on git, please for the future commit this change: diff -Nru psensor-1.2.1/debian/copyright psensor-1.2.1/debian/copyright --- psensor-1.2.1/debian/copyright 2024-05-31 04:01:47.0 +0200 +++ psensor-1.2.1/debian/copyright 2024-05-31 15:09:53.0 +0200 @@ -4,7 +4,7 @@ Source: http://wpitchoune.net/psensor Files: * -Copyright: 2010-2014 Jean-Philippe Orsini +Copyright: 2010-2020 Jean-Philippe Orsini License: GPL-2.0 Files: www/jqplot.css www/jqplot.dateAxisRenderer.js www/jqplot.js Il venerdì 31 maggio 2024 alle ore 14:10:43 CEST, Santiago Vila ha scritto: El 31/5/24 a las 13:41, xiao sheng wen(肖盛文) escribió: Hi Santiago, Would you report a new bug about this FTBFS on arm64 arch? As Bug#1071336 is closed now. Well, don't worry, it was not my intention to mix two problems in the same report, only to make you aware of the build failure. The package will not enter testing if it does not build in all the buildds, so I leave the bug report to you. Cc to Debian arm ports maillist debian-...@lists.debian.org is also ok. This build failed only take palace under arm64 arch. I has a arm64 box, I'll try build later. As Gianfranco has pointed out, this problem does not seem to be arm64-specific. My bet is that it's a Makefile bug. I'd try using make --shuffle from make 4.4 to reproduce it. Good luck. Thanks. -- 肖盛文 xiao sheng wen https://www.atzlinux.com 《铜豌豆 Linux》基于 Debian 的 Linux 中文 桌面 操作系统 Debian QA page: https://qa.debian.org/developer.php?login=atzlinux%40sina.com Debian salsa: https://salsa.debian.org/atzlinux-guest GnuPG Public Key: 0x00186602339240CB OpenPGP_signature.asc Description: OpenPGP digital signature
Processed: Bug#1072353 marked as pending in sysbench
Processing control commands: > tag -1 pending Bug #1072353 [src:sysbench] sysbench: replace luajit2 with luajit Added tag(s) pending. -- 1072353: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072353 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072353: marked as pending in sysbench
Control: tag -1 pending Hello, Bug #1072353 in sysbench reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/jcfp/sysbench/-/commit/dce75e0f80b8692f9b15864bb2b4a7cc09841e9a Replace build-dep on libluajit2-5.1-dev with its equivalent provided by the libluajit without a "2". (Closes: #1072353) (this message was generated automatically) -- Greetings https://bugs.debian.org/1072353
Bug#1072350: marked as done (libnginx-mod-http-lua: replace luajit2 with luajit)
Your message dated Sat, 01 Jun 2024 15:19:58 + with message-id and subject line Bug#1072350: fixed in libnginx-mod-http-lua 1:0.10.26-3 has caused the Debian Bug report #1072350, regarding libnginx-mod-http-lua: replace luajit2 with luajit to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1072350: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072350 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: libnginx-mod-http-lua Version: 1:0.10.26-2 Severity: serious Control: block 1069780 by -1 luajit2 was requested to be removed, see #1069780. Please switch your (Build-Depends) over to luajit, which has become the openresty luajit(2) source. --- End Message --- --- Begin Message --- Source: libnginx-mod-http-lua Source-Version: 1:0.10.26-3 Done: Jan Mojžíš We believe that the bug you reported is fixed in the latest version of libnginx-mod-http-lua, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1072...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jan Mojžíš (supplier of updated libnginx-mod-http-lua package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Jun 2024 16:23:55 +0200 Source: libnginx-mod-http-lua Architecture: source Version: 1:0.10.26-3 Distribution: unstable Urgency: medium Maintainer: Debian Nginx Maintainers Changed-By: Jan Mojžíš Closes: 1072350 Changes: libnginx-mod-http-lua (1:0.10.26-3) unstable; urgency=medium . * d/control: bump Standards-Version: 4.7.0, no changes * d/control: replace luajit2 B-D with luajit (Closes: 1072350) * d/control: update dependency lua-resty-core (>=0.1.28-3) Checksums-Sha1: ded072c60e2693fc93c9d52f8fe056c1cafb2db7 2359 libnginx-mod-http-lua_0.10.26-3.dsc e1bc13be24be6f6babe46960aaa1faa56d29e586 5664 libnginx-mod-http-lua_0.10.26-3.debian.tar.xz fafc7e6a956220af6964e125b3b74fd0f573afca 9506 libnginx-mod-http-lua_0.10.26-3_source.buildinfo Checksums-Sha256: aaeabed42a4ca9ba36f07f43d61141d7c559003137c9c7e0c6b1cd42bbce3355 2359 libnginx-mod-http-lua_0.10.26-3.dsc 9da8f2cb9ba1b336475ef774a6cdfabdf6715922e2d0df1ef143240ce6ee3d1d 5664 libnginx-mod-http-lua_0.10.26-3.debian.tar.xz 960b96cb52310496fa61213b3e71150ee3b12795a1a6163fcd38300ada15796d 9506 libnginx-mod-http-lua_0.10.26-3_source.buildinfo Files: 48186d2b74fb5a863f402663e9b2aaaf 2359 httpd optional libnginx-mod-http-lua_0.10.26-3.dsc 8436492b53c0d2ecffa1fe3c105c8854 5664 httpd optional libnginx-mod-http-lua_0.10.26-3.debian.tar.xz 0cd6f7329a454cd702c9ae8e6ff1b81a 9506 httpd optional libnginx-mod-http-lua_0.10.26-3_source.buildinfo -BEGIN PGP SIGNATURE- iQJJBAEBCgAzFiEE0Aiwwj2EeeRrn8uQRdpRdJaTn/kFAmZbMb0VHGphbi5tb2p6 aXNAZ21haWwuY29tAAoJEEXaUXSWk5/59kUQAJ8EuNp/f+KSV3Z88PikgDck4fIx 2NrXkqqU1jR0WIRPIh3X/uqwxu/8+i2yeOrCU50BGbmEkamL8H5YDmf0tuNnAmvG 5xcArZkGgRzL99tETtHDxo5KasP7qTWJ2u30H6LrSttbHPf+FKFQVA0hNvK5b52j 8sCVO1fMrRp7+XRR/pwhBmFNTNe+0q36I22NpElWrJfLDX+4gD3S8iZtsc/sHtud NaofGhculWHHpV5FTT+LCujRJmXPOH50zJz5QtNEaV6F8vv3Q3WXVsQ19R+ro3YT ZqbIvlIi3s+mii7/1jmx8WbO2wX1Rk4z7D5zbKZ1w6yk4N3HFb2ZjYuWSS/M1C7K lk6M7uZk8Yvj/v5fOLZIScOX8Wu2Zx0FV5DZLJ/0C3Tjkk25reWEXH1htyjn+l7d mYbvPAqB78xrhuqoAw25uRFxM5bKeEhe4sF7PfWCpck/lX8SR/QHe18iT53WirGx 8FzK2Grndgu7EE8ve3mzLnxiJWEt3UrZakOC3yIOZYXOBLwegyWV49w6f3Ugg3s+ oX2eFs3wis5Vhwviak0W4322Wu7enQutWEesNeI8CXckRYoJuGeCwX2oFGFQgTbM XlHPYiKObPJMCXWQgFPpFddweM+BTFp6uEA0ndwXIofpbfzgKsHSfHeNCxHYtJhg CA7VQ7FeQYqKRuGj =7dD8 -END PGP SIGNATURE- pgp4FFqcrBpZW.pgp Description: PGP signature --- End Message ---
Bug#1072349: marked as done (lua-resty-lrucache: replace luajit2 with luajit)
Your message dated Sat, 01 Jun 2024 15:20:15 + with message-id and subject line Bug#1072349: fixed in lua-resty-lrucache 0.13-11 has caused the Debian Bug report #1072349, regarding lua-resty-lrucache: replace luajit2 with luajit to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1072349: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072349 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: lua-resty-lrucache Version: 0.13-10 Severity: serious Control: block 1069780 by -1 luajit2 was requested to be removed, see #1069780. Please switch your (Build-Depends) over to luajit, which has become the openresty luajit(2) source. --- End Message --- --- Begin Message --- Source: lua-resty-lrucache Source-Version: 0.13-11 Done: Jan Mojžíš We believe that the bug you reported is fixed in the latest version of lua-resty-lrucache, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1072...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jan Mojžíš (supplier of updated lua-resty-lrucache package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Jun 2024 16:30:06 +0200 Source: lua-resty-lrucache Architecture: source Version: 0.13-11 Distribution: unstable Urgency: medium Maintainer: Jan Mojžíš Changed-By: Jan Mojžíš Closes: 1072349 Changes: lua-resty-lrucache (0.13-11) unstable; urgency=medium . * d/control: bump Standards-Version: 4.7.0, no changes * d/watch: use new recommended github template * d/control: replace luajit2 B-D with luajit (Closes: 1072349) * d/gbp.conf: add [pull] track-missing = True Checksums-Sha1: b469bbd5e8ef17e1f66794372e3e22d6b6ea38ee 2385 lua-resty-lrucache_0.13-11.dsc d95fbc16e1a8882b2be729bca2b1e85ba96d6db9 111832 lua-resty-lrucache_0.13-11.debian.tar.xz 10f5d10bb5d7e0342233531844d649ec92734fd7 7131 lua-resty-lrucache_0.13-11_source.buildinfo Checksums-Sha256: 38d066b17ef0a139b2154c55c5273632987209e0753ab2684533b715f266c666 2385 lua-resty-lrucache_0.13-11.dsc 0d35acc2b4eca18e495094b89cc85681a83c4af85fb8967d1cc280421645675c 111832 lua-resty-lrucache_0.13-11.debian.tar.xz 12f8c6d171f729d35d10d4169f36b55b787d033b6006a542d380702cb88dd211 7131 lua-resty-lrucache_0.13-11_source.buildinfo Files: 87ca3472e6e8bdf08e30fa7ca48ca2fa 2385 net optional lua-resty-lrucache_0.13-11.dsc 12e0eb68a970e8fefbca0dfafcf8aa21 111832 net optional lua-resty-lrucache_0.13-11.debian.tar.xz bd97b72ad5d9884d6e3e99cf2b917f39 7131 net optional lua-resty-lrucache_0.13-11_source.buildinfo -BEGIN PGP SIGNATURE- iQJJBAEBCgAzFiEE0Aiwwj2EeeRrn8uQRdpRdJaTn/kFAmZbMe8VHGphbi5tb2p6 aXNAZ21haWwuY29tAAoJEEXaUXSWk5/53joP/352paTAAtmFWP8OJk750fuh0WN2 bJ2pelC/kG+MoOO/fESqw/z2CPSCRNG9xxdYgWkVWTPMtCBOb1Th2BDZmLxGX93H XZQUEPkxOCG64SwwIlyE+cMxgKHPerQx6MmxUYF/xoOKz5a4eT6h7bgbYwEFMpN4 akdiJi2c5axrH4sDq69acpCYlrT0CYwJXHFyh5wsXIZnN3V1kNcw16DDkvceWZuv pKKFZkNT9r1UfeYotNGnGbuXsOKep6dZEkBL6vwcifuI3wuwPwLBGC5PJLK35M0N hq+DJa5hOiXhPQw/AM6eURABA+bl8xCygArk64CsTBvpvecZp/Y+uSMJkY8M5EtZ D0EeAEgdwb/7YulPG1RE7NBGCTk7GfQ5IYp594vKzGfFiFr0ZmdXGUC99R230MnK Ivgchxy7Ms0YjscpkBIqC6JZRLyr7K9Qi1WHei2Si0zWUHeStNTngxgjxdsxvHf0 xcpqvziyagzW9g+HPeKUgt//SpYbyckJHbMc9y1OkbijZTQF0yCwUYMx0T6/g1FR Lv6RbxkINpi63FMNOzyfyy1XRnjQ0539lSa2qVxk+RrJNArBkcyegKaIA1rkaqqT w9qFoxUwgR69NXARLxQVQ1dyHjOP9XT1ZkFVNvgUsyXp+xFj/Cv2nCtEQhsZ5wiW +meXrb/CcaSIh9YO =z5hv -END PGP SIGNATURE- pgp366moG_2wN.pgp Description: PGP signature --- End Message ---
Bug#1072348: marked as done (lua-resty-core: replace luajit2 with luajit)
Your message dated Sat, 01 Jun 2024 15:20:07 + with message-id and subject line Bug#1072348: fixed in lua-resty-core 0.1.28-3 has caused the Debian Bug report #1072348, regarding lua-resty-core: replace luajit2 with luajit to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1072348: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072348 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: lua-resty-core Version: 0.1.28-2 Severity: serious Control: block 1069780 by -1 luajit2 was requested to be removed, see #1069780. Please switch your (Build-Depends) over to luajit, which has become the openresty luajit(2) source. --- End Message --- --- Begin Message --- Source: lua-resty-core Source-Version: 0.1.28-3 Done: Jan Mojžíš We believe that the bug you reported is fixed in the latest version of lua-resty-core, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1072...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jan Mojžíš (supplier of updated lua-resty-core package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Jun 2024 16:23:59 +0200 Source: lua-resty-core Architecture: source Version: 0.1.28-3 Distribution: unstable Urgency: medium Maintainer: Jan Mojžíš Changed-By: Jan Mojžíš Closes: 1072348 Changes: lua-resty-core (0.1.28-3) unstable; urgency=medium . * d/control: bump Standards-Version: 4.7.0, no changes * d/control: replace luajit2 B-D with luajit (Closes: 1072348) * d/control: update dependency lua-resty-lrucache (>= 0.13-11) * d/control: update dependency libnginx-mod-http-lua (>= 1:0.10.26-3) Checksums-Sha1: 6d2eff123149f0d1c4d056502b372e9da5198734 2008 lua-resty-core_0.1.28-3.dsc 1c7d5e5213888cf2ecfe3b6e7cc8623b6977a133 4200 lua-resty-core_0.1.28-3.debian.tar.xz dfcd04f11254643b6a873835a51c91b5e01c3252 7119 lua-resty-core_0.1.28-3_source.buildinfo Checksums-Sha256: d2e94fdbcca3a13c0d91b4ac55df29cf137888a088c4433f8c5343c0a44244ff 2008 lua-resty-core_0.1.28-3.dsc e02645192c8cdb25b9be579863e6a7061a2249b6048bd6e2afd73278f8743f0d 4200 lua-resty-core_0.1.28-3.debian.tar.xz 19917e2ad7ed538d0e2d1899df724ec8cf434cdb68acd8670dd50165abc4f105 7119 lua-resty-core_0.1.28-3_source.buildinfo Files: b6a509d75fae5a7135dd5d814a20d710 2008 net optional lua-resty-core_0.1.28-3.dsc ea4551e0fad3ab3a66f9c1533ca63f03 4200 net optional lua-resty-core_0.1.28-3.debian.tar.xz 565b75316dddf6771745928cd4ff8218 7119 net optional lua-resty-core_0.1.28-3_source.buildinfo -BEGIN PGP SIGNATURE- iQJJBAEBCgAzFiEE0Aiwwj2EeeRrn8uQRdpRdJaTn/kFAmZbMdkVHGphbi5tb2p6 aXNAZ21haWwuY29tAAoJEEXaUXSWk5/5IHYP/0z3eCaCbxA7eJhOsLCnoNhayRwF f4VYCHuzkZyMJXiDqSd7eVR12AXYOlSBdB7LUd8d4gQThJr7+/gYbWmHbeFIn807 8ctMXRnakut1RskGvURCuy+hDnI1elKMuc6K8mbzeBlZj2vJcZV64bWs3jvgcucE vVEEFBmNMsobVuUdwovjvniYmYzW9Gt5WMolchRPzE2l7OVi+/rxLqBLTbQamM3+ MQTnfTO6YJ+HjQad0yjTFLMaPJlEz01CKpz2dZP6lrqSnNAIXfrahKJDy0Lcsotc 3OkTjH59y0rk9gwo9SiEwSkbuN67LQ1+O/XakeCOYtyJynDY2lrWOAbFiZMp2+PW f74LPLb5NahwL76v6HR4hMxUuUnWkWxVJ7gAHr3UUHymBfy60rQ8UQYodLhlJOX0 +/8D7CTfxBdIoF5rBVm4OaGVeIUWl30vEHIHnbP72ASDSQf9FohhofEnc+Ge/2Cx g7b0LLbuc0zIbZHNtk/FgUBt+HbwUc0NAvDZMDwQgE42Q6AiAq10ExxHe7etcORs 20j0j5t2r6JPDUWfnLkWifFhy3hPSs0Wo/2f64G+1auzI4jzXaDeLVHsiZv+5fwi IqixHjCweBkn42PXpz7Jkv6EQtKgpUAOgJPwQXP0DuiM0OOz5fUh2d3V7gVK6saL /xwjoJVvoyz3gpe6 =cmOF -END PGP SIGNATURE- pgpgNHYNQpOzf.pgp Description: PGP signature --- End Message ---
Processed: Re: Bug#1072340: sredird: CVE-2004-2386, format string vulnerability
Processing control commands: > notfound -1 sredird/2.1.0-1 Bug #1072340 [src:sredird] sredird: CVE-2004-2386, format string vulnerability The source sredird and version 2.1.0-1 do not appear to match any binary packages No longer marked as found in versions sredird/2.1.0-1. > fixed -1 2.2.1-1.1 Bug #1072340 [src:sredird] sredird: CVE-2004-2386, format string vulnerability Marked as fixed in versions sredird/2.2.1-1.1. -- 1072340: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072340 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072340: sredird: CVE-2004-2386, format string vulnerability
Control: notfound -1 sredird/2.1.0-1 Control: fixed -1 2.2.1-1.1 I see that CVE-2004-2386 and maybe CVE-2004-2387 was addressed with #267098. The diff (one change in LogMsg and one in HandleCPCCommand) that is in that bug has survived until now. But 2.2.2 has many more changes of the HandleCPCCommand kind: changing sprintf to snprintf. main: 2 changes. HandleIACCommand: 5 changes. HandleCPCCommand: 17 additional changes: Any of these cound be CVE-2004-2387 as well. HDBUnlockFile: 1 change. HDBLockFile: 7 changes. Plus TmpStrLen is extended to 512 bytes. Conclusion: Debian referenced both bugs as TEMP-0267098-76A1A1 before.
Bug#1072110: glslang breaks shaderc autopkgtest: undefined reference: ABI breakage?? -- not the case
Le 30/05/2024 à 22:25, Paul Gevers a écrit : Currently, shaderc 2023.2-1 is in testing. This version suffers from an "undefined symbol" bug (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070983). This bug is fixed in version 2023.8-1 which is now in unstable. Can you please elaborate how the fix works. libshaderc1 was in fact underlinked (see also this bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029939), triggering this kind of undefined symbol errors. The fix comprises to correctly link the library at build time (see https://salsa.debian.org/debian/shaderc/-/commit/5e2d70f32363ab86d94a170087303e6fb62a86af). I don't think a transition for glslang is required here, since the missing symbol reported by Debian CI exists in library shipped by glslang in both testing and unstable (I just checked that). The problem was really a linking issue. Looking at the changelog of glslang, the update from version 13 to 14 included some changes of how libraries are built and I think this is the origin of the problem. As I understand it (but I can be wrong), the current state of glslang and shaderc in unstable is correct; mixing versions from testing and unstable triggers bugs that are now fixed in unstable. Philippe.
Bug#1072366: libndp: CVE-2024-5564
Source: libndp Version: 1.8-1 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team Control: found -1 1.6-1 Hi, The following vulnerability was published for libndp. CVE-2024-5564[0]: | A vulnerability was found in libndp. This flaw allows a local | malicious user to cause a buffer overflow in NetworkManager, | triggered by sending a malformed IPv6 router advertisement packet. | This issue occurred as libndp was not correctly validating the route | length information. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-5564 https://www.cve.org/CVERecord?id=CVE-2024-5564 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
Processed: libndp: CVE-2024-5564
Processing control commands: > found -1 1.6-1 Bug #1072366 [src:libndp] libndp: CVE-2024-5564 Marked as found in versions libndp/1.6-1. -- 1072366: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072366 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: libarchive: diff for NMU version 3.7.2-2.1
Processing control commands: > tags 1072107 + patch Bug #1072107 [src:libarchive] libarchive: CVE-2024-26256 Added tag(s) patch. > tags 1072107 + pending Bug #1072107 [src:libarchive] libarchive: CVE-2024-26256 Added tag(s) pending. -- 1072107: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072107 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072107: libarchive: diff for NMU version 3.7.2-2.1
Control: tags 1072107 + patch
Control: tags 1072107 + pending
Dear maintainer,
I've prepared an NMU for libarchive (versioned as 3.7.2-2.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
Regards,
Salvatore
diff -Nru libarchive-3.7.2/debian/changelog libarchive-3.7.2/debian/changelog
--- libarchive-3.7.2/debian/changelog 2024-03-30 19:11:06.0 +0100
+++ libarchive-3.7.2/debian/changelog 2024-06-01 15:50:51.0 +0200
@@ -1,3 +1,12 @@
+libarchive (3.7.2-2.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * fix: OOB in rar e8 filter (CVE-2024-26256) (Closes: #1072107)
+ * fix: OOB in rar delta filter
+ * fix: OOB in rar audio filter
+
+ -- Salvatore Bonaccorso Sat, 01 Jun 2024 15:50:51 +0200
+
libarchive (3.7.2-2) unstable; urgency=medium
[ Luca Boccassi ]
diff -Nru libarchive-3.7.2/debian/patches/fix-OOB-in-rar-audio-filter-2149.patch libarchive-3.7.2/debian/patches/fix-OOB-in-rar-audio-filter-2149.patch
--- libarchive-3.7.2/debian/patches/fix-OOB-in-rar-audio-filter-2149.patch 1970-01-01 01:00:00.0 +0100
+++ libarchive-3.7.2/debian/patches/fix-OOB-in-rar-audio-filter-2149.patch 2024-06-01 15:50:09.0 +0200
@@ -0,0 +1,32 @@
+From: Wei-Cheng Pan
+Date: Mon, 29 Apr 2024 06:53:19 +0900
+Subject: fix: OOB in rar audio filter (#2149)
+Origin: https://github.com/libarchive/libarchive/commit/3006bc5d02ad3ae3c4f9274f60c1f9d2d834734b
+
+This patch ensures that `src` won't move ahead of `dst`, so `src` will
+not OOB. Similar situation like in a1cb648.
+---
+ libarchive/archive_read_support_format_rar.c | 7 +++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
+index 619ee81e2b59..4fc6626cacfd 100644
+--- a/libarchive/archive_read_support_format_rar.c
b/libarchive/archive_read_support_format_rar.c
+@@ -3722,6 +3722,13 @@ execute_filter_audio(struct rar_filter *filter, struct rar_virtual_machine *vm)
+ memset(&state, 0, sizeof(state));
+ for (j = i; j < length; j += numchannels)
+ {
++ /*
++ * The src block should not overlap with the dst block.
++ * If so it would be better to consider this archive is broken.
++ */
++ if (src >= dst)
++return 0;
++
+ int8_t delta = (int8_t)*src++;
+ uint8_t predbyte, byte;
+ int prederror;
+--
+2.45.1
+
diff -Nru libarchive-3.7.2/debian/patches/fix-OOB-in-rar-delta-filter-2148.patch libarchive-3.7.2/debian/patches/fix-OOB-in-rar-delta-filter-2148.patch
--- libarchive-3.7.2/debian/patches/fix-OOB-in-rar-delta-filter-2148.patch 1970-01-01 01:00:00.0 +0100
+++ libarchive-3.7.2/debian/patches/fix-OOB-in-rar-delta-filter-2148.patch 2024-06-01 15:49:18.0 +0200
@@ -0,0 +1,36 @@
+From: Wei-Cheng Pan
+Date: Mon, 29 Apr 2024 06:50:22 +0900
+Subject: fix: OOB in rar delta filter (#2148)
+Origin: https://github.com/libarchive/libarchive/commit/a1cb648d52f5b6d3f31184d9b6a7cbca628459b7
+
+Ensure that `src` won't move ahead of `dst`, so `src` will not OOB.
+Since `dst` won't move in this function, and we are only increasing `src`
+position, this check should be enough. It should be safe to early return
+because this function does not allocate resources.
+---
+ libarchive/archive_read_support_format_rar.c | 8
+ 1 file changed, 8 insertions(+)
+
+diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
+index 79669a8f40f9..619ee81e2b59 100644
+--- a/libarchive/archive_read_support_format_rar.c
b/libarchive/archive_read_support_format_rar.c
+@@ -3612,7 +3612,15 @@ execute_filter_delta(struct rar_filter *filter, struct rar_virtual_machine *vm)
+ {
+ uint8_t lastbyte = 0;
+ for (idx = i; idx < length; idx += numchannels)
++{
++ /*
++ * The src block should not overlap with the dst block.
++ * If so it would be better to consider this archive is broken.
++ */
++ if (src >= dst)
++return 0;
+ lastbyte = dst[idx] = lastbyte - *src++;
++}
+ }
+
+ filter->filteredblockaddress = length;
+--
+2.45.1
+
diff -Nru libarchive-3.7.2/debian/patches/fix-OOB-in-rar-e8-filter-2135.patch libarchive-3.7.2/debian/patches/fix-OOB-in-rar-e8-filter-2135.patch
--- libarchive-3.7.2/debian/patches/fix-OOB-in-rar-e8-filter-2135.patch 1970-01-01 01:00:00.0 +0100
+++ libarchive-3.7.2/debian/patches/fix-OOB-in-rar-e8-filter-2135.patch 2024-06-01 09:42:15.0 +0200
@@ -0,0 +1,29 @@
+From: Wei-Cheng Pan
+Date: Mon, 22 Apr 2024 01:55:41 +0900
+Subject: fix: OOB in rar e8 filter (#2135)
+Origin: https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237
+Bug-Debian: https://bugs.debian.org/1072107
+Bug: https://github.com/libarchive/libarchive/pull/2135
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2024-26256
+
+This patch fixes an out-of-bound error in rar e8 filter.
+--
Processed: Re: Bug#1072107: libarchive: diff for NMU version 3.7.2-2.1
Processing control commands: > tags -1 - pending patch Bug #1072107 [src:libarchive] libarchive: CVE-2024-26256 Removed tag(s) patch and pending. -- 1072107: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072107 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072107: libarchive: diff for NMU version 3.7.2-2.1
Control: tags -1 - pending patch Hi Peter, On Sat, Jun 01, 2024 at 09:57:09AM +0200, Salvatore Bonaccorso wrote: > Control: tags 1072107 + patch > Control: tags 1072107 + pending > > Hi Peter, > > I've prepared an NMU for libarchive (versioned as 3.7.2-2.1) and > uploaded it to DELAYED/2. Please feel free to tell me if I > should delay it longer. > > Made as well a MR in > https://salsa.debian.org/debian/libarchive/-/merge_requests/6 . > > libarchive requires a DSA, but see the mail from Moritz some days ago. > This MR aims to get the ball rolling from top-down first unstable, to > bookworm later/same time. I'm cancelling this, as Moritz suggested to include two more changes in rar parsing code. Will resubmit an improved debdiff. Regards, Salvatore
Bug#949942: marked as done (backup2swift build depends on the removed pep8 transitional package)
Your message dated Sat, 01 Jun 2024 13:37:38 + with message-id and subject line Bug#1069938: Removed package(s) from unstable has caused the Debian Bug report #949942, regarding backup2swift build depends on the removed pep8 transitional package to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 949942: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949942 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: backup2swift Version: 0.8-1.1 Severity: serious Tags: ftbfs pep8 is no longer built by src:pep8. --- End Message --- --- Begin Message --- Version: 0.8-1.1+rm Dear submitter, as the package backup2swift has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1069938 The version of this package that was in Debian prior to this removal can still be found using https://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---
Bug#1072340: sredird: CVE-2004-2386, format string vulnerability
Hi Bastian, On Sat, Jun 01, 2024 at 12:41:43PM +0200, Bastian Germann wrote: > Source: sredird > Version: 2.1.0-1 > Severity: serious > Tags: security > X-Debbugs-Cc: secur...@debian.org > > Hi, > > This is affected by CVE-2004-2386, which was marked by the Security Team as > "NOT-FOR-US: sercd" but applies to sredird. There is a fixed version 2.2.2 > available, which I did not find in the Kermit project's download area but > at: > > http://ibiblio.org/pub/linux/system/serial/sredird-2.2.2.tar.gz > https://sources.buildroot.net/sredird/sredird-2.2.2.tar.gz Note, there is as well CVE-2004-2387. There are not very specific information for both, so it's unclear if CVE-2004-2387 and CVE-2004-2386 are addressed. Where do you have additional information on the issues from? Can you pass us those? Regards, Salvatore
Bug#1072357: pkg-kde-tools: FTBFS on armhf/mips64el/riscv64: Broken tests due to 0.17.2 changes
Source: pkg-kde-tools
Version: 0.17.2
Severity: grave
X-Debbugs-CC: mity...@debian.org
Dear Debian pkg-kde-tools maintainers,
It became clear that the fix in 0.17.2 broke some of the tests related to
time_t on several architectures, and the FTBFS is caused by mixing {time_t}
and {int64_t}. Please check the build logs for more information.
*
https://buildd.debian.org/status/fetch.php?pkg=pkg-kde-tools&arch=armhf&ver=0.17.2&stamp=1716721655&raw=0
*
https://buildd.debian.org/status/fetch.php?pkg=pkg-kde-tools&arch=mips64el&ver=0.17.2&stamp=1716721905&raw=0
*
https://buildd.debian.org/status/fetch.php?pkg=pkg-kde-tools&arch=riscv64&ver=0.17.2&stamp=1716721753&raw=0
Another similar failure in the ports arch (loong64):
*
https://buildd.debian.org/status/fetch.php?pkg=pkg-kde-tools&arch=loong64&ver=0.17.2&stamp=1716722208&raw=0
Thanks,
Boyuan Yang
signature.asc
Description: This is a digitally signed message part
Bug#1071372: [solved] emacs: it hangs saving .gpg files (without using cpu)
gnupg2 (2.2.43-7) has arrived in unstable and gpg has started working again, as far as I'm concerned this report can be closed, thanks. Avoid breakage with epg.el (Closes: #1071552)
Bug#1071336: psensor: FTBFS: FAIL test-cppcheck.sh
Hello, I uploaded the package on git, please for the future commit this change: diff -Nru psensor-1.2.1/debian/copyright psensor-1.2.1/debian/copyright --- psensor-1.2.1/debian/copyright 2024-05-31 04:01:47.0 +0200 +++ psensor-1.2.1/debian/copyright 2024-05-31 15:09:53.0 +0200 @@ -4,7 +4,7 @@ Source: http://wpitchoune.net/psensor Files: * -Copyright: 2010-2014 Jean-Philippe Orsini +Copyright: 2010-2020 Jean-Philippe Orsini License: GPL-2.0 Files: www/jqplot.css www/jqplot.dateAxisRenderer.js www/jqplot.js Il venerdì 31 maggio 2024 alle ore 14:10:43 CEST, Santiago Vila ha scritto: El 31/5/24 a las 13:41, xiao sheng wen(肖盛文) escribió: > Hi Santiago, > > Would you report a new bug about this FTBFS on arm64 arch? > > As Bug#1071336 is closed now. Well, don't worry, it was not my intention to mix two problems in the same report, only to make you aware of the build failure. The package will not enter testing if it does not build in all the buildds, so I leave the bug report to you. > Cc to Debian arm ports maillist debian-...@lists.debian.org is also ok. > This build failed only take palace under arm64 arch. > > I has a arm64 box, I'll try build later. As Gianfranco has pointed out, this problem does not seem to be arm64-specific. My bet is that it's a Makefile bug. I'd try using make --shuffle from make 4.4 to reproduce it. Good luck. Thanks.
Bug#1072183: marked as done (fenics-dolfinx: FTBFS with nanobind 2.0)
Your message dated Sat, 01 Jun 2024 13:08:10 + with message-id and subject line Bug#1072183: fixed in fenics-dolfinx 1:0.8.0-7exp1 has caused the Debian Bug report #1072183, regarding fenics-dolfinx: FTBFS with nanobind 2.0 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1072183: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072183 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: fenics-dolfinx Version: 1:0.8.0-6 Severity: serious Tags: patch -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Dear maintainer, upgrading to nanobind 2.0 made your package FTBFS. I am sorry that I did not check this before uploading to unstable, that is on me. I have seen that Francesco has already fixed the issue upstream [1]. Depending on how far away the next upstream release is, maybe you can backport that fix? Cheers Timo [1] https://github.com/FEniCS/dolfinx/commit/42c43485e81ada306f0b3f1dc735d95539174cbc -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEmwPruYMA35fCsSO/zIxr3RQD9MoFAmZXnqYACgkQzIxr3RQD 9MoXDQ/8DwVCja0oy6uOKmPj6O4OO87042AQMVEzcFKWvn88I+ORD1eSdUFvesgE 88ocsjLmR2YiUNN7vgEzobe/BGuFYizuKvHITpTVAG3Iwmnoh5UBzh2AMhGXEubO TpuX84DG2k6nQjp5qTJrxCIOCgmzjy8iHjyN70csoX6Mjj5lAN+HSmMmBVym8Tmn EIbAFCRB1qJwmMyGXlAN9pCqQg5SmV6ikpyIfcB+T4XBdGS5F8LSF4T6qsWpHtyq HrEgZoubY9DQxEHMUsS+UPzZBj509box1ldl7DuaPJ7JG0/PvEOuzpmuNhOmivPy 69SNnbWjVI/Y7xDH9vYaBNW2H78kybjB6oOKdEw9t/S+yN1gaLK+Jjj1Ifec1iI/ 5XZ5vBo8yqF5ORpJ/dDd9LQrEukqiE+89xCa0/i6jcDSmMWwsymk11HsqDs9SxBv +y1fINhM9C0LtvUXCJbkhFwnYoRF6q5g/GmZ7XNAJHJZTaSJfF3skLYY+5tWLv0o h+XlcS/zyApl9dMR/uE6Az7DqpcQi0rJNseyd17j69svjChyJSSw9wAjaYYtrwrA 0aRzR58oIEfW1NVJObAlWwgmukOlGQJeZ2yRJgO8Utx1hKKbl5D3cCx4LyBEFGuH k1ShEvxa0LPDPsrVtotY6UeGIrVKBMzfXSjXkxLbVWsPPHth8wY= =+PF7 -END PGP SIGNATURE- --- End Message --- --- Begin Message --- Source: fenics-dolfinx Source-Version: 1:0.8.0-7exp1 Done: Francesco Ballarin We believe that the bug you reported is fixed in the latest version of fenics-dolfinx, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1072...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Francesco Ballarin (supplier of updated fenics-dolfinx package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Jun 2024 09:00:09 + Source: fenics-dolfinx Architecture: source Version: 1:0.8.0-7exp1 Distribution: experimental Urgency: medium Maintainer: Debian Science Maintainers Changed-By: Francesco Ballarin Closes: 1072183 Changes: fenics-dolfinx (1:0.8.0-7exp1) experimental; urgency=medium . [ Gianfranco Costamagna ] * debian/patches/42c43485e81ada306f0b3f1dc735d95539174cbc.patch: - upstream fix for newer nanobind 2.0 (Closes: #1072183) . [ Francesco Ballarin ] * Fix Maintainer name of Debian Science team (routine-update) * Reorder sequence of d/control fields by cme (routine-update) * Secure URI in copyright format (routine-update) * Drop useless get-orig-source target (routine-update) * Remove trailing whitespace in debian/changelog (routine-update) * Rules-Requires-Root: no (routine-update) * No tab in license text (routine-update) * Trim trailing whitespace. * Use secure URI in Homepage field. * Fix field name typo in debian/copyright (Comments vs Comment). Checksums-Sha1: 5f1e7590d8c7793d23a0798c30acd789969ef71c 4188 fenics-dolfinx_0.8.0-7exp1.dsc 4d9123314d054b430d5dad7cb8b923c680a0f274 46560 fenics-dolfinx_0.8.0-7exp1.debian.tar.xz e1ed6c562e0a4f379054c660924a3fac089690bd 18702 fenics-dolfinx_0.8.0-7exp1_source.buildinfo Checksums-Sha256: 4dd1d41fa0b9dbd327a6324cfb79dbffd8f9829006f49d9b5fc38987e462d9c9 4188 fenics-dolfinx_0.8.0-7exp1.dsc a85f22828bcbb7f4d5edb25911fe10d739eef29a3bce021b30665ea457f7a09f 46560 fenics-dolfinx_0.8.0-7exp1.debian.tar.xz 797ddf182ec11803dae670e6abed0787cac32c79f177d0f28d4c377278ec86be 18702 fenics-dolfinx_0.8.0-7exp1_source.buildinfo Files: e9f9f2373384007c8e024dbb57633ef9 4188 math optional fenics-dolfinx_0.8.0-7exp1.dsc f7ce5efa27a57e4c3bf7d467c379dce9 46560 math optional fenics-dolfinx_0.8.0-7exp1.debian.tar.xz a4a4820188e4faeea62d67fa25b28a35 187
Bug#1072355: nss-pam-ldapd: upload with maintainer-built binaries cannot migrate
Source: nss-pam-ldapd Version: 0.9.12-6 Severity: serious Hi, thanks for uploading to unstable. However the upload included maintainer-built binaries (for Arch: all and amd64). Migration to testing of these is forbidden by release team policy. Please upload a new version (no further changes needed) without any binaries to let the package migrate. Chris
Bug#1072353: sysbench: replace luajit2 with luajit
Source: sysbench Version: 1.0.20+ds-6 Severity: serious Control: block 1069780 by -1 luajit2 was requested to be removed, see #1069780. Please switch your (Build-Depends) over to luajit, which has become the openresty luajit(2) source.
Processed: sysbench: replace luajit2 with luajit
Processing control commands: > block 1069780 by -1 Bug #1069780 [ftp.debian.org] RM: luajit2 -- ROM; ROM; duplicate source 1069780 was blocked by: 1072350 1072349 1072348 1072352 1072351 1069780 was not blocking any bugs. Added blocking bug(s) of 1069780: 1072353 -- 1069780: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069780 1072353: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072353 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: lua-vips: replace luajit2 with luajit
Processing control commands: > block 1069780 by -1 Bug #1069780 [ftp.debian.org] RM: luajit2 -- ROM; ROM; duplicate source 1069780 was blocked by: 1072350 1072348 1072351 1072349 1069780 was not blocking any bugs. Added blocking bug(s) of 1069780: 1072352 -- 1069780: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069780 1072352: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072352 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072352: lua-vips: replace luajit2 with luajit
Source: lua-vips Version: 1.1.11-1 Severity: serious Control: block 1069780 by -1 luajit2 was requested to be removed, see #1069780. Please switch your (Build-Depends) over to luajit, which has become the openresty luajit(2) source.
Processed: love: replace luajit2 with luajit
Processing control commands: > block 1069780 by -1 Bug #1069780 [ftp.debian.org] RM: luajit2 -- ROM; ROM; duplicate source 1069780 was blocked by: 1072348 1072350 1072349 1069780 was not blocking any bugs. Added blocking bug(s) of 1069780: 1072351 -- 1069780: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069780 1072351: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072351 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072351: love: replace luajit2 with luajit
Source: love Version: 11.5-1 Severity: serious Control: block 1069780 by -1 luajit2 was requested to be removed, see #1069780. Please switch your (Build-Depends) over to luajit, which has become the openresty luajit(2) source.
Processed: libnginx-mod-http-lua: replace luajit2 with luajit
Processing control commands: > block 1069780 by -1 Bug #1069780 [ftp.debian.org] RM: luajit2 -- ROM; ROM; duplicate source 1069780 was blocked by: 1072349 1072348 1069780 was not blocking any bugs. Added blocking bug(s) of 1069780: 1072350 -- 1069780: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069780 1072350: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072350 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072350: libnginx-mod-http-lua: replace luajit2 with luajit
Source: libnginx-mod-http-lua Version: 1:0.10.26-2 Severity: serious Control: block 1069780 by -1 luajit2 was requested to be removed, see #1069780. Please switch your (Build-Depends) over to luajit, which has become the openresty luajit(2) source.
Processed: lua-resty-lrucache: replace luajit2 with luajit
Processing control commands: > block 1069780 by -1 Bug #1069780 [ftp.debian.org] RM: luajit2 -- ROM; ROM; duplicate source 1069780 was blocked by: 1072348 1069780 was not blocking any bugs. Added blocking bug(s) of 1069780: 1072349 -- 1069780: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069780 1072349: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072349 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072349: lua-resty-lrucache: replace luajit2 with luajit
Source: lua-resty-lrucache Version: 0.13-10 Severity: serious Control: block 1069780 by -1 luajit2 was requested to be removed, see #1069780. Please switch your (Build-Depends) over to luajit, which has become the openresty luajit(2) source.
Processed: lua-resty-core: replace luajit2 with luajit
Processing control commands: > block 1069780 by -1 Bug #1069780 [ftp.debian.org] RM: luajit2 -- ROM; ROM; duplicate source 1069780 was not blocked by any bugs. 1069780 was not blocking any bugs. Added blocking bug(s) of 1069780: 1072348 -- 1069780: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069780 1072348: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072348 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072348: lua-resty-core: replace luajit2 with luajit
Source: lua-resty-core Version: 0.1.28-2 Severity: serious Control: block 1069780 by -1 luajit2 was requested to be removed, see #1069780. Please switch your (Build-Depends) over to luajit, which has become the openresty luajit(2) source.
Bug#1072347: luajit2: should not be shipped with trixie
Source: luajit2 Version: 2.1-20230410-1 Severity: serious src:luajit2 now duplicates src:luajit, see #1069780. As such it should not be part of trixie.
Processed: severity of 1055607 is serious
Processing commands for cont...@bugs.debian.org: > # crashing immediately on start seems to buggy to be shipped > severity 1055607 serious Bug #1055607 [gmemusage] gmemusage crashes immediately Severity set to 'serious' from 'important' > thanks Stopping processing here. Please contact me if you need assistance. -- 1055607: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055607 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072057: marked as done (python3-pytest-asyncio: AttributeError: 'FixtureDef' object has no attribute 'unittest')
Your message dated Sat, 01 Jun 2024 11:40:48 + with message-id and subject line Bug#1072057: fixed in python-pytest-asyncio 0.20.3-1.3 has caused the Debian Bug report #1072057, regarding python3-pytest-asyncio: AttributeError: 'FixtureDef' object has no attribute 'unittest' to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1072057: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072057 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: python3-pytest-ayncio Version: 0.20.3-1.2 Severity: serious Tags: patch -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Dear maintainer, pytest-asyncio has a regression with pytest 8.2. For your convenience, find attached a backported patch that will resolve the issue. Alternatively, you may want to upgrade to upstream version 0.21.2. Cheers Timo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEmwPruYMA35fCsSO/zIxr3RQD9MoFAmZU+SAACgkQzIxr3RQD 9Mp8pBAAq+PAf003L28cueSvIx2gqn4NN6gCTT4KVWalorjf1x5pMreMjQnbaX/I sj/4QaVyLzpUzkL6tVdRqqA0Sb4Ck+ylBdgxYxXgcSEA47bkEWPvNNjBQJuD0CQI W/zLnVDeVPyXg/x8SfZ4MzbHgbuzfG6+bUzd5uLHo1s0Sp9sfOks/HC4jLnTuT+N K2N4R3hUeTE2YpCHvWxMedaCSBvIS8xVvR/6MydX1pY10jWCl/h+G+jP/fT7FeZT 1220Oy9TbaWfJ+RNB81fJnRORjza8PkJ+bEuy6ZnOuR3V3vNdinLgY7h9D2v8+HP fQc/hOlOGZQoCfXIaEnQJd/P02xhpl7Hl/hAO3ycwB2ExsbkP2wpIQ0Wuc4lIppc AevPCWaJR9tlswS2wL0Sw3ysyI9ieEWhIiZ0lT48ySI/dOyADVcP5MNkzrwC+yeN 3K4Oefh6EUM9MMLq3S33dQoR7uu1MZ+KqVxdXdATjnQ5mvVtAytKCSdgxcUB2fwN rhhOPzG+NgtAuUF0HIq9qG9TxCC5QAs61iOssFCXyyjXtrmyntqOLTO0MuE3CCmH 9H8qu7xa+OxKeSPMnZZ5xlFLmONOezLH6S6MoicqRQafjaqD/4ZrV6F99vbtr57L 1Hn8Pi6upWrfHq9xTyld7HY+3W3Hwn4vvDngbY96jCokauwp0n4= =SLRf -END PGP SIGNATURE- diff --git a/pytest_asyncio/plugin.py b/pytest_asyncio/plugin.py index 403d814..b29b755 100644 --- a/pytest_asyncio/plugin.py +++ b/pytest_asyncio/plugin.py @@ -272,9 +272,8 @@ def _wrap_asyncgen_fixture(fixturedef: FixtureDef) -> None: def _asyncgen_fixture_wrapper( event_loop: asyncio.AbstractEventLoop, request: SubRequest, **kwargs: Any ): -func = _perhaps_rebind_fixture_func( -fixture, request.instance, fixturedef.unittest -) +unittest = False if pytest.version_tuple >= (8, 2) else fixturedef.unittest +func = _perhaps_rebind_fixture_func(fixture, request.instance, unittest) gen_obj = func(**_add_kwargs(func, kwargs, event_loop, request)) async def setup(): @@ -310,9 +309,8 @@ def _wrap_async_fixture(fixturedef: FixtureDef) -> None: def _async_fixture_wrapper( event_loop: asyncio.AbstractEventLoop, request: SubRequest, **kwargs: Any ): -func = _perhaps_rebind_fixture_func( -fixture, request.instance, fixturedef.unittest -) +unittest = False if pytest.version_tuple >= (8, 2) else fixturedef.unittest +func = _perhaps_rebind_fixture_func(fixture, request.instance, unittest) async def setup(): res = await func(**_add_kwargs(func, kwargs, event_loop, request)) --- End Message --- --- Begin Message --- Source: python-pytest-asyncio Source-Version: 0.20.3-1.3 Done: Alexandre Detiste We believe that the bug you reported is fixed in the latest version of python-pytest-asyncio, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1072...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alexandre Detiste (supplier of updated python-pytest-asyncio package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Jun 2024 13:19:21 +0200 Source: python-pytest-asyncio Architecture: source Version: 0.20.3-1.3 Distribution: unstable Urgency: medium Maintainer: Jonas Smedegaard Changed-By: Alexandre Detiste Closes: 1072057 Changes: python-pytest-asyncio (0.20.3-1.3) unstable; urgency=medium . * Non-maintainer upload. * pytest-trio is now available, enable it * Add patch to make this compatible with Pytest 8.2 (Closes: #1072057) Checksums-Sha1: 74e5494b7fea812a1138d92f52d233fbdd8fa7a1 2467 python-pytest-asyncio_0.20.3-1.3.dsc 037170563bd7270085e95fc7d7783f01a8434a5b 5184 python-pytest-asyncio_0.20.3-1.3.debian.tar.xz
Processed: OpenSSL 3.2 breaks cpp-httplib
Processing control commands: > forwarded -1 https://github.com/yhirose/cpp-httplib/issues/1798 Bug #1069357 [src:cpp-httplib] cpp-httplib: FTBFS: Test SSLClientServerTest.ClientCertPresent fails with timeout Set Bug forwarded-to-address to 'https://github.com/yhirose/cpp-httplib/issues/1798'. -- 1069357: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069357 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1069357: OpenSSL 3.2 breaks cpp-httplib
Control: forwarded -1 https://github.com/yhirose/cpp-httplib/issues/1798 Hi all, a Gentoo developer has confirmed that this issue has been caused by the OpenSSL 3.2 update, as I suspected. In almost two months, nobody has been able to provide a fix. What should I do?
Bug#1072130: marked as done (geary: FTBFS: MESA: error: ZINK: vkCreateInstance failed (VK_ERROR_INCOMPATIBLE_DRIVER))
Your message dated Sat, 01 Jun 2024 11:04:35 + with message-id and subject line Bug#1072130: fixed in geary 46.0-2 has caused the Debian Bug report #1072130, regarding geary: FTBFS: MESA: error: ZINK: vkCreateInstance failed (VK_ERROR_INCOMPATIBLE_DRIVER) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1072130: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072130 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:geary Version: 46.0-1 Severity: serious Tags: ftbfs Dear maintainer: During a rebuild of all packages in unstable, your package failed to build: [...] debian/rules binary dh binary dh_update_autotools_config dh_autoreconf debian/rules override_dh_auto_configure make[1]: Entering directory '/<>' dh_auto_configure -- -Drevno=Debian/46.0-1 -Dprofile=release cd obj-x86_64-linux-gnu && DEB_PYTHON_INSTALL_LAYOUT=deb LC_ALL=C.UTF-8 meson setup .. --wrap-mode=nodownload --buildtype=plain --prefix=/usr --sysconfdir=/etc --localstatedir=/var --libdir=lib/x86_64-linux-gnu -Dpython.bytecompile=-1 -Drevno=Debian/46.0-1 -Dprofile=release The Meson build system Version: 1.4.0 Source dir: /<> Build dir: /<>/obj-x86_64-linux-gnu Build type: native build Project name: geary [... snipped ...] # GLib-GIO-DEBUG: GSocketClient: Starting application layer connection # GLib-GIO-DEBUG: GSocketClient: Connection successful! ok 149 /engine/Geary.Imap.ClientSessionTest/connect_disconnect # GLib-GIO-DEBUG: g_socket_client_connect_async: starting new g_socket_client_connect_async() with GTask 0x55d4c2e06bf0 and GSocketClientAsyncConnectData 0x55d4c2e07d60 # GLib-GIO-DEBUG: GSocketClient: Starting new address enumeration # pxbackend-DEBUG: px_manager_get_proxies_sync: url=none://localhost:39239 online=1 # pxbackend-DEBUG: px_manager_get_proxies_sync: Proxy[0] = direct:// # GLib-GIO-DEBUG: GSocketClient: Address enumeration succeeded # GLib-GIO-DEBUG: g_socket_client_enumerator_callback: starting connection attempt 0x55d4c2e08840 for GSocketClientAsyncConnectData 0x55d4c2e07d60 # GLib-GIO-DEBUG: GSocketClient: Starting TCP connection attempt # GLib-GIO-DEBUG: GSocketClient: TCP connection successful # GLib-GIO-DEBUG: GSocketClient: Starting application layer connection # GLib-GIO-DEBUG: GSocketClient: Connection successful! ok 150 /engine/Geary.Imap.ClientSessionTest/connect_with_capabilities # GLib-GIO-DEBUG: g_socket_client_connect_async: starting new g_socket_client_connect_async() with GTask 0x55d4c2e07340 and GSocketClientAsyncConnectData 0x7f07d4004720 # GLib-GIO-DEBUG: GSocketClient: Starting new address enumeration # pxbackend-DEBUG: px_manager_get_proxies_sync: url=none://localhost:41053 online=1 # pxbackend-DEBUG: px_manager_get_proxies_sync: Proxy[0] = direct:// # GLib-GIO-DEBUG: GSocketClient: Address enumeration succeeded # GLib-GIO-DEBUG: g_socket_client_enumerator_callback: starting connection attempt 0x55d4c2e072e0 for GSocketClientAsyncConnectData 0x7f07d4004720 # GLib-GIO-DEBUG: GSocketClient: Starting TCP connection attempt # GLib-GIO-DEBUG: GSocketClient: TCP connection successful # GLib-GIO-DEBUG: GSocketClient: Starting application layer connection # GLib-GIO-DEBUG: GSocketClient: Connection successful! ok 151 /engine/Geary.Imap.ClientSessionTest/login # GLib-GIO-DEBUG: g_socket_client_connect_async: starting new g_socket_client_connect_async() with GTask 0x55d4c2e102c0 and GSocketClientAsyncConnectData 0x55d4c2e0e020 # GLib-GIO-DEBUG: GSocketClient: Starting new address enumeration # pxbackend-DEBUG: px_manager_get_proxies_sync: url=none://localhost:35663 online=1 # pxbackend-DEBUG: px_manager_get_proxies_sync: Proxy[0] = direct:// # GLib-GIO-DEBUG: GSocketClient: Address enumeration succeeded # GLib-GIO-DEBUG: g_socket_client_enumerator_callback: starting connection attempt 0x55d4c2e10260 for GSocketClientAsyncConnectData 0x55d4c2e0e020 # GLib-GIO-DEBUG: GSocketClient: Starting TCP connection attempt # GLib-GIO-DEBUG: GSocketClient: TCP connection successful # GLib-GIO-DEBUG: GSocketClient: Starting application layer connection # GLib-GIO-DEBUG: GSocketClient: Connection successful! ok 152 /engine/Geary.Imap.ClientSessionTest/login_with_capabilities # GLib-GIO-DEBUG: g_socket_client_connect_async: starting new g_socket_client_connect_async() with GTask 0x55d4c2e102c0 and GSocketClientAsyncConnectData 0x55d4c2e0e250 # GLib-GIO-DEBUG: GSocketClient: Starting new address enumeration # pxbackend-DEBUG: px_manager_get_proxies_sync: url=none://loca
Processed: Bug#1072130 marked as pending in geary
Processing control commands: > tag -1 pending Bug #1072130 [src:geary] geary: FTBFS: MESA: error: ZINK: vkCreateInstance failed (VK_ERROR_INCOMPATIBLE_DRIVER) Added tag(s) pending. -- 1072130: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072130 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072130: geary: FTBFS: MESA: error: ZINK: vkCreateInstance failed (VK_ERROR_INCOMPATIBLE_DRIVER)
On Tue, May 28, 2024 at 6:39 PM Santiago Vila wrote: > --- stderr --- > MESA: error: ZINK: vkCreateInstance failed (VK_ERROR_INCOMPATIBLE_DRIVER) > glx: failed to create drisw screen > > (test-client:335985): GLib-Net-WARNING **: 16:07:18.084: Failed to load TLS > database: System trust contains zero trusted certificates; please investigate > your GnuTLS configuration The actual error is "Failed to load TLS database" which makes the build failure a duplicate of https://bugs.debian.org/1064744 (which was already marked as affecting geary). For instance, the ZINK error is also seen with Test 8 but Test 8 passes. However, I'll go ahead and do an upload to get rid of the ZINK stderr in the build tests to make this more obvious. Thank you, Jeremy Bícha
Bug#1072130: marked as pending in geary
Control: tag -1 pending Hello, Bug #1072130 in geary reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/gnome-team/geary/-/commit/f8a5b299dd07d1a59c39d4fa867f8682578c2058 Run dh_auto_test with LIBGL_ALWAYS_SOFTWARE=true to avoid zink stderr Closes: #1072130 (this message was generated automatically) -- Greetings https://bugs.debian.org/1072130
Bug#1072340: sredird: CVE-2004-2386, format string vulnerability
Source: sredird Version: 2.1.0-1 Severity: serious Tags: security X-Debbugs-Cc: secur...@debian.org Hi, This is affected by CVE-2004-2386, which was marked by the Security Team as "NOT-FOR-US: sercd" but applies to sredird. There is a fixed version 2.2.2 available, which I did not find in the Kermit project's download area but at: http://ibiblio.org/pub/linux/system/serial/sredird-2.2.2.tar.gz https://sources.buildroot.net/sredird/sredird-2.2.2.tar.gz Cheers, Bastian
Bug#1071007:
Hi Paul! Just clarifying! My goal with this patch was to just solve a conflict problem by trying, not changing your code through a patch. But unfortunately, both attempts were not accepted by Samuel, as they did not solve the problem itself. This led to the bug being reopened twice as RC, leading to its removal from "testing" even after pycrc had resolved its conflict issue. I wouldn't want the removal to happen. Another thing: This PR => https://github.com/sherlock-project/sherlock/pull/2127 It involves significant changes, both in terms of packaging (poetry) and the implementation of unit tests and even with tox. I would need to see how these changes would affect packaging in the Debian environment. If Samuel agrees, I will upload this patch. And this transition from setuptools to poetry would be for later, until we see how Sherlock would behave in Debian. Nilson F. Silva
Bug#1060602: marked as done (efl: Please switch Build-Depends to systemd-dev)
Your message dated Sat, 01 Jun 2024 10:04:59 + with message-id and subject line Bug#1060602: fixed in efl 1.27.0-2 has caused the Debian Bug report #1060602, regarding efl: Please switch Build-Depends to systemd-dev to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1060602: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060602 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: efl Version: 1.27.0-1 Severity: normal User: pkg-systemd-maintain...@lists.alioth.debian.org Usertags: systemd-dev Hi, your package efl declares a Build-Depends on systemd and/or udev. In most cases, this build dependency is added to get the paths that are defined in udev.pc or systemd.pc (via pkgconfig). Since systemd_253-2 [1], these two pkgconfig files have been split into a separate package named systemd-dev. This package is arch:all, so even available on non-Linux architectures, which will simplify the installation of upstream provided service files / udev rules. To not make existing source packages FTBFS, the systemd and udev package have a Depends: systemd-dev. This dependency will be removed at some point though before trixie is released. Once this happens, this issue will be bumped to RC. Please update your build dependencies accordingly at your earliest convenience. If all you need is the systemd.pc or udev.pc pkgconfig file, please replace any systemd or udev Build-Depends with systemd-dev. In most cases that should be sufficient. If your package needs further resources from systemd or udev to build successfully, it's fine to keep those Build-Depends in addition to systemd-dev. To ease stable backports, a version of systemd with those changes is provided via bookworm-backports. In case you have further questions, please contact the systemd team at . On behalf of the systemd team, Michael [1] https://salsa.debian.org/systemd-team/systemd/-/merge_requests/196 --- End Message --- --- Begin Message --- Source: efl Source-Version: 1.27.0-2 Done: Andreas Metzler We believe that the bug you reported is fixed in the latest version of efl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1060...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Metzler (supplier of updated efl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 01 Jun 2024 11:49:08 +0200 Source: efl Architecture: source Version: 1.27.0-2 Distribution: unstable Urgency: medium Maintainer: Debian Pkg-e Team Changed-By: Andreas Metzler Closes: 1060602 Changes: efl (1.27.0-2) unstable; urgency=medium . * B-d on systemd-dev instead of systemd. Closes: #1060602 Checksums-Sha1: 74922ef2ba3c3febf9c9c46468580a08dda514aa 6075 efl_1.27.0-2.dsc 8863df569127b40939b2f82a40a174edcf1706d1 97932 efl_1.27.0-2.debian.tar.xz b1061d2af4e47327c846e1886a2f62b68386e5a2 18897 efl_1.27.0-2_source.buildinfo Checksums-Sha256: dcd41f55b8daba318f17d85be4b70cd689a513e8375dd65a87bf6683c9108646 6075 efl_1.27.0-2.dsc 3a7010ef71e64a787e29283df0bfc89d22515256f99e0fe100f700515f389c17 97932 efl_1.27.0-2.debian.tar.xz 4be26bdf16b6103532c0d0f27ce7276fe4339e7733c105d409f31ab3c0fa7acc 18897 efl_1.27.0-2_source.buildinfo Files: 4c776bcfe8596c1725bc927164ec9a92 6075 libs optional efl_1.27.0-2.dsc 545ef2aa6f05e3fc7da95f14dfdaf151 97932 libs optional efl_1.27.0-2.debian.tar.xz 06398a59a02f3c6eb669a66538ee9117 18897 libs optional efl_1.27.0-2_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmZa7s0ACgkQpU8BhUOC FIQCSRAAm2RFzJdX3f2ekmAaXBb0gGaoUkKr+t4yLj7bzQ+ZkdmpJuewzmxOQ78E iBvBKTXlHMqunfi8qMphktX7bbcLcg2qVRNoU4ur/F3J9VL+LXhXn0yy5PyOtQuQ h8uI8Y4ZdPc0kVopsjysAw6ZHHbbw4fOfmHtnp+MOj8ejmEzwojwSAYingOo8H4F qRE/r/nhBJbh3dTYEz38WE75UvrjKHFrJ6v0cm75gOCggsoMMUBU6X1eVrCjS9Yk EJ1fPypkDctS7+T/XcUxe+s9jy9CoWJuA8MgKDNLsfJAv0Hu1r0eOSKI9Gej+qXr UdQbpUVlUIek0sXMmkcc6S5iodzyuG7YtTqBEaDyDWSkVrU9e2mzeLuxP7CdvxB3 tzSWD7PL5sCH0tz2/KsLPD+FqKtAy9C7bUFcY0KsQp5VsfBVHdVPyKhLjbyDMSVp cJtJnV6u5K6TxUi1I4WQv8pJyEygXdkqQXKhEYUc2YqoSCiry1CJsPABf8W2LUdC xcWezT/YcxiNI7/5FC3TmZCnksZZS0UF8Z13TPR6T+ADWGPWKsW8PxRWKvfSiQf7 oQvglyqVDHc3ozb9x
Processed: found 1071552 in 2.4.3-2, fixed 1071552 in 2.4.4-1
Processing commands for cont...@bugs.debian.org:
> found 1071552 2.4.3-2
Bug #1071552 {Done: Daniel Kahn Gillmor } [gnupg] GnuPG
2.2.42+ breaks emacs' EasyPG
Marked as found in versions gnupg2/2.4.3-2 and reopened.
> # applies to 2.4.0 to 2.4.3
> fixed 1071552 2.4.4-1
Bug #1071552 [gnupg] GnuPG 2.2.42+ breaks emacs' EasyPG
There is no source info for the package 'gnupg' at version '2.4.4-1' with
architecture ''
Unable to make a source version for version '2.4.4-1'
Marked as fixed in versions 2.4.4-1.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
1071552: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071552
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Bug#1069859: marked as done (atop: Fix atop for 64-bit time_t on arm)
Your message dated Sat, 01 Jun 2024 08:34:05 + with message-id and subject line Bug#1069859: fixed in atop 2.10.0-3 has caused the Debian Bug report #1069859, regarding atop: Fix atop for 64-bit time_t on arm to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1069859: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069859 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: atop Version: 2.10.0-2 Severity: grave Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu noble ubuntu-patch Hi Marc, Although atop currently builds successfully on armhf and armel, it is broken at runtime because it tries to use a time_t in a format string which now no longer uses the correct size for the data. This was found in Ubuntu via autopkgtests (unfortunately, Debian does not run autopkgtests for binNMUs): 358s /tmp/autopkgtest.Nzaczp/build.Xps/src/debian/tests/01-numcpus: line 15: 1136 Segmentation fault (core dumped) atop -P cpu 5 1 1>&2 Please see attached a patch that fixes this issue. It has been uploaded to Ubuntu. Thanks, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer https://www.debian.org/ slanga...@ubuntu.com vor...@debian.org diff -Nru atop-2.10.0/debian/patches/64-bit-time-t-compat.patch atop-2.10.0/debian/patches/64-bit-time-t-compat.patch --- atop-2.10.0/debian/patches/64-bit-time-t-compat.patch 1969-12-31 16:00:00.0 -0800 +++ atop-2.10.0/debian/patches/64-bit-time-t-compat.patch 2024-03-22 11:11:06.0 -0700 @@ -0,0 +1,22 @@ +Description: compatibility with 64-bit time_t +Author: Steve Langasek +Forwarded: no +Last-Update: 2024-03-22 + +Index: atop-2.10.0/parseable.c +=== +--- atop-2.10.0.orig/parseable.c atop-2.10.0/parseable.c +@@ -214,10 +214,10 @@ + convdate(curtime, datestr); + convtime(curtime, timestr); + +- snprintf(header, sizeof header, "%s %s %ld %s %s %d", ++ snprintf(header, sizeof header, "%s %s %lld %s %s %d", + labeldef[i].label, + utsname.nodename, +- curtime, ++ (long long)curtime, + datestr, timestr, numsecs); + + /* diff -Nru atop-2.10.0/debian/patches/series atop-2.10.0/debian/patches/series --- atop-2.10.0/debian/patches/series 2024-01-14 12:18:53.0 -0800 +++ atop-2.10.0/debian/patches/series 2024-03-22 11:10:13.0 -0700 @@ -15,3 +15,4 @@ no-atopgpud handle-default-file default +64-bit-time-t-compat.patch --- End Message --- --- Begin Message --- Source: atop Source-Version: 2.10.0-3 Done: Marc Haber We believe that the bug you reported is fixed in the latest version of atop, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1069...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Marc Haber (supplier of updated atop package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 31 May 2024 13:42:28 +0200 Source: atop Architecture: source Version: 2.10.0-3 Distribution: unstable Urgency: medium Maintainer: Marc Haber Changed-By: Marc Haber Closes: 1063698 1069859 Changes: atop (2.10.0-3) unstable; urgency=medium . * the #gpn22 upload * fix crash on 64bit time_t. Thanks to Steve Langasek (Closes: #1069859) * proper use of pkg-config to allow cross build. Thanks to Helmut Grohne (Closes: #1063698) Checksums-Sha1: fc044d489bf3a03c7f967e2b9721db6b6e7751d5 1935 atop_2.10.0-3.dsc 0d3a3c46e590cbc41319a13cf9be37c1f3530289 16876 atop_2.10.0-3.debian.tar.xz bd808dc9e0aa6556ea754e684abf72288fd60f9b 6928 atop_2.10.0-3_source.buildinfo Checksums-Sha256: eac1cb6f89863d21e5b77dfba19b98f1f25e03c232c935bf76b082eb6c42cdf0 1935 atop_2.10.0-3.dsc db154f52cb370b562e4e47618f
Processed: Re: python-maturin - upcoming rust-indexmap update.
Processing control commands: > severity -1 serious Bug #1063735 [python-maturin] python-maturin - upcoming rust-indexmap update. Severity set to 'serious' from 'normal' -- 1063735: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063735 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072107: libarchive: diff for NMU version 3.7.2-2.1
Control: tags 1072107 + patch Control: tags 1072107 + pending Hi Peter, I've prepared an NMU for libarchive (versioned as 3.7.2-2.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Made as well a MR in https://salsa.debian.org/debian/libarchive/-/merge_requests/6 . libarchive requires a DSA, but see the mail from Moritz some days ago. This MR aims to get the ball rolling from top-down first unstable, to bookworm later/same time. Regards, Salvatore diff -Nru libarchive-3.7.2/debian/changelog libarchive-3.7.2/debian/changelog --- libarchive-3.7.2/debian/changelog 2024-03-30 19:11:06.0 +0100 +++ libarchive-3.7.2/debian/changelog 2024-06-01 09:43:45.0 +0200 @@ -1,3 +1,10 @@ +libarchive (3.7.2-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * fix: OOB in rar e8 filter (CVE-2024-26256) (Closes: #1072107) + + -- Salvatore Bonaccorso Sat, 01 Jun 2024 09:43:45 +0200 + libarchive (3.7.2-2) unstable; urgency=medium [ Luca Boccassi ] diff -Nru libarchive-3.7.2/debian/patches/fix-OOB-in-rar-e8-filter-2135.patch libarchive-3.7.2/debian/patches/fix-OOB-in-rar-e8-filter-2135.patch --- libarchive-3.7.2/debian/patches/fix-OOB-in-rar-e8-filter-2135.patch 1970-01-01 01:00:00.0 +0100 +++ libarchive-3.7.2/debian/patches/fix-OOB-in-rar-e8-filter-2135.patch 2024-06-01 09:42:15.0 +0200 @@ -0,0 +1,29 @@ +From: Wei-Cheng Pan +Date: Mon, 22 Apr 2024 01:55:41 +0900 +Subject: fix: OOB in rar e8 filter (#2135) +Origin: https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237 +Bug-Debian: https://bugs.debian.org/1072107 +Bug: https://github.com/libarchive/libarchive/pull/2135 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2024-26256 + +This patch fixes an out-of-bound error in rar e8 filter. +--- + libarchive/archive_read_support_format_rar.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c +index 99a11d170074..266d0ee9959a 100644 +--- a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c +@@ -3615,7 +3615,7 @@ execute_filter_e8(struct rar_filter *filter, struct rar_virtual_machine *vm, siz + uint32_t filesize = 0x100; + uint32_t i; + +- if (length > PROGRAM_WORK_SIZE || length < 4) ++ if (length > PROGRAM_WORK_SIZE || length <= 4) + return 0; + + for (i = 0; i <= length - 5; i++) +-- +2.45.1 + diff -Nru libarchive-3.7.2/debian/patches/series libarchive-3.7.2/debian/patches/series --- libarchive-3.7.2/debian/patches/series 2024-03-30 19:11:06.0 +0100 +++ libarchive-3.7.2/debian/patches/series 2024-06-01 09:42:36.0 +0200 @@ -2,3 +2,4 @@ iso9660-hash.patch test-zstd-32bit.patch robust-error-reporting.patch +fix-OOB-in-rar-e8-filter-2135.patch
Processed: libarchive: diff for NMU version 3.7.2-2.1
Processing control commands: > tags 1072107 + patch Bug #1072107 [src:libarchive] libarchive: CVE-2024-26256 Added tag(s) patch. > tags 1072107 + pending Bug #1072107 [src:libarchive] libarchive: CVE-2024-26256 Added tag(s) pending. -- 1072107: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072107 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1072183: fenics-dolfinx: needs rebuild of fenics-basix too
Source: fenics-dolfinx Version: 1:0.8.0-6 Followup-For: Bug #1072183 X-Debbugs-Cc: francesco.balla...@unicatt.it, locutusofb...@debian.org Thanks Gianfranco for the patch. I confirm I will apply it in fenics-dolfinx 0.8.0 to experimental (and later to unstable). For your ubuntu build, please keep in mind that fenics-basix will need to be rebuilt too with nanobind 2.0. I am doing so now in fenics-basix 0.8.0, for the time being to experimental and hopefully soon to unstable. Cheers, Francesco
