Bug#933693: rust-cargo: FTBFS due to missing/uninstallable build dependencies
Control: tag -1 + confirmed pending On Fri, Aug 02, 2019 at 01:24:00AM +, Ximin Luo wrote: > We are blocked on FTP masters accepting rust-bstr and the new build > dependencies of the new version of cargo. Hi Ximin, Thanks for the explanation. > Please check the debcargo-conf.git repo first, before filing bug reports for > these types of FTBFS bugs. I did look, but I missed it. Sorry about that... Best, nicoo > > Hi, > > > > rust-cargo fails to rebuild from source (in a clean sbuild environment). > > > > I ran into this while rebuilding all reverse dependencies of > > rust-openssl-sys > > prior to uploading an updated version. > > > > Best, > > > > nicoo > > > > --- > > > > $ sbuild -d sid rust-cargo > > sbuild (Debian sbuild) 0.78.1 (09 February 2019) on localhost > > > > +==+ > > | rust-cargo (amd64) Thu, 01 Aug 2019 23:34:16 > > + | > > +==+ > > > > Package: rust-cargo > > Distribution: sid > > Machine Architecture: amd64 > > Host Architecture: amd64 > > Build Architecture: amd64 > > Build Type: full > > > > [...] > > > > +--+ > > | Update chroot > >| > > +--+ > > > > [...] > > > > +--+ > > | Fetch source files > >| > > +--+ > > > > > > Check APT > > - > > > > Checking available source versions... > > > > Download source files with APT > > -- > > > > Reading package lists... > > NOTICE: 'rust-cargo' packaging is maintained in the 'Git' version control > > system at: > > https://salsa.debian.org/rust-team/debcargo-conf.git [src/cargo] > > Please use: > > git clone https://salsa.debian.org/rust-team/debcargo-conf.git [src/cargo] > > to retrieve the latest (possibly unreleased) updates to the package. > > Need to get 943 kB of source archives. > > Get:1 http://localhost:3142/debian sid/main rust-cargo 0.35.0-1 (dsc) [5100 > > B] > > Get:2 http://localhost:3142/debian sid/main rust-cargo 0.35.0-1 (tar) [934 > > kB] > > Get:3 http://localhost:3142/debian sid/main rust-cargo 0.35.0-1 (diff) > > [4304 B] > > Fetched 943 kB in 0s (11.2 MB/s) > > Download complete and in download only mode > > I: NOTICE: Log filtering will replace > > 'build/rust-cargo-oCDNo8/rust-cargo-0.35.0' with '<>' > > I: NOTICE: Log filtering will replace 'build/rust-cargo-oCDNo8' with > > '<>' > > > > +--+ > > | Install package build dependencies > >| > > +--+ > > > > > > Setup apt archive > > - > > > > Merged Build-Depends: debhelper (>= 11), dh-cargo (>= 15), cargo, rustc, > > libstd-rust-dev, librust-atty-0.2+default-dev, > > librust-byteorder-1+default-dev (>= 1.2-~~), > > librust-bytesize-1+default-dev, librust-clap-2+default-dev (>= 2.31.2-~~), > > librust-core-foundation-0.6+default-dev, > > librust-core-foundation-0.6+mac-os-10-7-support-dev, > > librust-crates-io-0.23+default-dev, > > librust-crossbeam-utils-0.6+default-dev, > > librust-crypto-hash-0.3+default-dev (>= 0.3.1-~~), > > librust-curl-0.4+default-dev (>= 0.4.19-~~), librust-curl-0.4+http2-dev (>= > > 0.4.19-~~), librust-curl-sys-0.4+default-dev (>= 0.4.15-~~), > > librust-env-logger-0.6+default-dev, librust-failure-0.1+default-dev (>= > > 0.1.5-~~), librust-filetime-0.2+default-dev, librust-flate2-1+default-dev > > (>= 1.0.3-~~), librust-flate2-1+zlib-dev (>= 1.0.3-~~), > > librust-fs2-0.4+default-dev, librust-fwdansi-1+default-dev, > > librust-git2-0.8+default-dev, librust-git2-curl-0.9+default-dev, > > librust-glob-0.2+default-dev (>= 0.2.11-~~), librust-hex-0.3+default-dev, > > librust-home-0.3+default-dev, librust-ignore-0.4+default-dev, > > librust-im-rc-12+default-dev (>= 12.1.0-~~), > > librust-jobserver-0.1+default-dev (>= 0.1.11-~~), > > librust-lazy-static-1+default-dev (>= 1.2.0-~~), > > librust-lazycell-1+default-dev (>= 1.2.0-~~), librust-libc-0.2+default-dev, > > librust-libgit2-sys-0.7+default-dev (>= 0.7.9-~~), > > librust-log-0.4+default-dev (>= 0.4.6-~~), librust-miow-0.3+default-dev (>= > > 0.3.1-~~), librust-num-cpus-1+default-dev, librust-opener-0.3+default-dev, > > librust-rustc-workspace-hack-1+default-dev, librust-rustfix-0.4+default-dev > > (>= 0.4.4-~~), librust-same-file-1+default-dev, > > librust-semver-0.9+default-dev,
Bug#933693: rust-cargo: FTBFS due to missing/uninstallable build dependencies
Source: rust-cargo Version: 0.35.0-1 Severity: serious Justification: FTBFS -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, rust-cargo fails to rebuild from source (in a clean sbuild environment). I ran into this while rebuilding all reverse dependencies of rust-openssl-sys prior to uploading an updated version. Best, nicoo - --- $ sbuild -d sid rust-cargo sbuild (Debian sbuild) 0.78.1 (09 February 2019) on localhost +==+ | rust-cargo (amd64) Thu, 01 Aug 2019 23:34:16 + | +==+ Package: rust-cargo Distribution: sid Machine Architecture: amd64 Host Architecture: amd64 Build Architecture: amd64 Build Type: full [...] +--+ | Update chroot| +--+ [...] +--+ | Fetch source files | +--+ Check APT - - Checking available source versions... Download source files with APT - -- Reading package lists... NOTICE: 'rust-cargo' packaging is maintained in the 'Git' version control system at: https://salsa.debian.org/rust-team/debcargo-conf.git [src/cargo] Please use: git clone https://salsa.debian.org/rust-team/debcargo-conf.git [src/cargo] to retrieve the latest (possibly unreleased) updates to the package. Need to get 943 kB of source archives. Get:1 http://localhost:3142/debian sid/main rust-cargo 0.35.0-1 (dsc) [5100 B] Get:2 http://localhost:3142/debian sid/main rust-cargo 0.35.0-1 (tar) [934 kB] Get:3 http://localhost:3142/debian sid/main rust-cargo 0.35.0-1 (diff) [4304 B] Fetched 943 kB in 0s (11.2 MB/s) Download complete and in download only mode I: NOTICE: Log filtering will replace 'build/rust-cargo-oCDNo8/rust-cargo-0.35.0' with '<>' I: NOTICE: Log filtering will replace 'build/rust-cargo-oCDNo8' with '<>' +--+ | Install package build dependencies | +--+ Setup apt archive - - Merged Build-Depends: debhelper (>= 11), dh-cargo (>= 15), cargo, rustc, libstd-rust-dev, librust-atty-0.2+default-dev, librust-byteorder-1+default-dev (>= 1.2-~~), librust-bytesize-1+default-dev, librust-clap-2+default-dev (>= 2.31.2-~~), librust-core-foundation-0.6+default-dev, librust-core-foundation-0.6+mac-os-10-7-support-dev, librust-crates-io-0.23+default-dev, librust-crossbeam-utils-0.6+default-dev, librust-crypto-hash-0.3+default-dev (>= 0.3.1-~~), librust-curl-0.4+default-dev (>= 0.4.19-~~), librust-curl-0.4+http2-dev (>= 0.4.19-~~), librust-curl-sys-0.4+default-dev (>= 0.4.15-~~), librust-env-logger-0.6+default-dev, librust-failure-0.1+default-dev (>= 0.1.5-~~), librust-filetime-0.2+default-dev, librust-flate2-1+default-dev (>= 1.0.3-~~), librust-flate2-1+zlib-dev (>= 1.0.3-~~), librust-fs2-0.4+default-dev, librust-fwdansi-1+default-dev, librust-git2-0.8+default-dev, librust-git2-curl-0.9+default-dev, librust-glob-0.2+default-dev (>= 0.2.11-~~), librust-hex-0.3+default-dev, librust-home-0.3+default-dev, librust-ignore-0.4+default-dev, librust-im-rc-12+default-dev (>= 12.1.0-~~), librust-jobserver-0.1+default-dev (>= 0.1.11-~~), librust-lazy-static-1+default-dev (>= 1.2.0-~~), librust-lazycell-1+default-dev (>= 1.2.0-~~), librust-libc-0.2+default-dev, librust-libgit2-sys-0.7+default-dev (>= 0.7.9-~~), librust-log-0.4+default-dev (>= 0.4.6-~~), librust-miow-0.3+default-dev (>= 0.3.1-~~), librust-num-cpus-1+default-dev, librust-opener-0.3+default-dev, librust-rustc-workspace-hack-1+default-dev, librust-rustfix-0.4+default-dev (>= 0.4.4-~~), librust-same-file-1+default-dev, librust-semver-0.9+default-dev, librust-semver-0.9+serde-dev, librust-serde-1+default-dev (>= 1.0.82-~~), librust-serde-1+derive-dev (>= 1.0.82-~~), librust-serde-ignored-0.0.4+default-dev, librust-serde-json-1+default-dev (>= 1.0.30-~~), librust-serde-json-1+raw-value-dev (>= 1.0.30-~~), librust-shell-escape-0.1+default-dev (>= 0.1.4-~~), librust-tar-0.4-dev (>= 0.4.18-~~), librust-tempfile-3+default-dev, librust-termcolor-1+default-dev, librust-toml-0.4+default-dev (>= 0.4.2-~~), librust-unicode-width-0.1+default-dev (>= 0.1.5-~~), librust-url-1+default-dev (>= 1.1-~~), librust-url-serde-0.2+default-dev, librust-winapi-0.3+basetsd-dev, librust-winapi-0.3+default-dev, librust-winapi-0.3+handleapi-dev, librust-winapi-0.3+jobapi-dev,
Bug#926551: libykpiv1: Security issues in versions prior to 1.7.0
Package: libykpiv1 Version: 1.6.2-1 Severity: serious Tags: security buster sid upstream fixed-upstream pending Justification: Security issue Hi, Yubico released a new version of libykpiv, mentionning “security fixes” in the NEWS file, but without publishing a new security advisory. I believe this refers to the following issues (quoting changelog entries): * Memory unsafety: * lib/internal.h, lib/ykpiv.c: lib: tlv length buffer checks * lib/internal.h, lib/util.c: lib: correct overflow checks in _write_certificate * lib/util.c, lib/ykpiv.c: lib: resolves potential reads of uninitialized data * Correctly erasing secrets from memory after use: * lib/util.c: lib: clear secrets in set_protected_mgm * lib/ykpiv.c: lib: clear secrets in ykpiv_import_private_key * lib/ykpiv.c: lib: clear secrets in auth api * lib/internal.c, lib/ykpiv.c: lib: clear buffers containing key material * lib/internal.h, lib/util.c: lib: use secure zero memory platform functions * lib/ykpiv.c: lib: check internal authentication crypt errors Given the absence of an advisory, I assume those issues are not known to be exploitable. However, I believe it would be worth fixing them before the release of Buster. Please let me know if a fix should be backported to stretch. Best, nicoo -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libykpiv1 depends on: ii libc6 2.28-8 ii libpcsclite1 1.8.24-1 ii libssl1.1 1.1.1b-1 Versions of packages libykpiv1 recommends: ii pcscd 1.8.24-1 libykpiv1 suggests no packages. -- no debconf information
Bug#925212: yubikey-manager: ykman doesn't properly handle static passwords on non-QWERTY keyboards
Package: yubikey-manager Version: 2.0.0-2 Severity: serious Tags: fixed-upstream upstream pending Justification: RoM, severe usability degradation for many users -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 See https://github.com/Yubico/yubikey-manager/pull/220 - -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages yubikey-manager depends on: ii pcscd1.8.24-1 ii python3 3.7.2-1 ii python3-click7.0-1 ii python3-yubikey-manager 2.0.0-2 yubikey-manager recommends no packages. yubikey-manager suggests no packages. - -- no debconf information -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEEU7EqA8ZVHYoLJhPE5vmO4pLV7MsFAlyTcjMRHG5pY29vQGRl Ymlhbi5vcmcACgkQ5vmO4pLV7MuPSQ//Tub1Si5y5+JWfnAMj5tUtC/W7AIXC/Z5 LDW0irOlnXpKiT2FQGv0/wV7KXU1wlAkLuA4YGpHP4SDvBnohB5+ix3oWPvHnkX8 fP75V+SWsLWLPGmCtcYbfTxETs9o2zDmv13GIJMBGP9DVU2ucO+98rGnpG3y2gRB DPOilDR648ZbPkWcYrsm72oQ0SeREXZ1O27EsnRCCM5pPjAOfihpUbyNSdRkLmru /RbHsHlC7ObkeCB2iOuMEuIAwHojERTML/fNB9B/tpTJwO+3RnkQ+/rkgvn9ceIb I93H4pA9lYhFDr8/ipBha8A1rGAx5p/2S5wkMwNhZs3oRAoU6PR4vH3TE8Yll26X UyA9iTaRshHp0LBlMmXxwerKNXBtE84ww+R0hue2mHUp3YMpcdWYpqjfKQvatuof 0Zrlfc7j2wjADoL82Hei9VeC8L0WJn+ddS7Y/XiRfsFv2fK7d9JyhufYmpf18d7p 8e/ASIJvdK1+RIf0XF+Qt6AfdisDGz1XwxuYR/sHGc1N1yAoqOedJNS7FdAq74Kl RQTEHWlzJvNZbo/S1AH0+uUYynBLZmkriBPoPpFaEl0oWNIr3GHXHIuZeLPewLxR 5QnLgFA7rflmw0tz/AG8McKZvRwKmnx7kruJ6pH22XSyW8B59zh+u+WsJHx6fQ+J WLKGOaSku5o= =iCFg -END PGP SIGNATURE-
Bug#917807: libcaca: CVE-2018-20544 CVE-2018-20545 CVE-2018-20546 CVE-2018-20547 CVE-2018-20548 CVE-2018-20549
clone 917807 -1 retitle -1 Orphan libcaca severity -1 normal thanks Hi Sam, I'm planning on fixing those security issues for Buster. Given that you last touched the package in 2014, and didn't address this critical bug within 3 months, may I go ahead and orphan the package while I'm at it? I will do so in the absence of an answer, but I shall make sure that my upload is delayed until at least next Monday (2019-03-18), so you have time to intercept it. Best, nicoo On Sun, Dec 30, 2018 at 04:42:04PM +0100, Salvatore Bonaccorso wrote: > Source: libcaca > Version: 0.99.beta19-2 > Severity: important > Tags: security upstream fixed-upstream > > Hi, > > The following vulnerabilities were published for libcaca. > > CVE-2018-20544[0]: > | There is floating point exception at caca/dither.c (function > | caca_dither_bitmap) in libcaca 0.99.beta19. > > CVE-2018-20545[1]: > | There is an illegal WRITE memory access at common-image.c (function > | load_image) in libcaca 0.99.beta19 for 4bpp data. > > CVE-2018-20546[2]: > | There is an illegal READ memory access at caca/dither.c (function > | get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. > > CVE-2018-20547[3]: > | There is an illegal READ memory access at caca/dither.c (function > | get_rgba_default) in libcaca 0.99.beta19 for 24bpp data. > > CVE-2018-20548[4]: > | There is an illegal WRITE memory access at common-image.c (function > | load_image) in libcaca 0.99.beta19 for 1bpp data. > > CVE-2018-20549[5]: > | There is an illegal WRITE memory access at caca/file.c (function > | caca_file_read) in libcaca 0.99.beta19. > > Note: obviously I realize given you are both upstream am Debian > maintainer you have already fixed this upstream with the reports > submitted and two of those issues are actually unimportant as the > Debian build does not use the fallback. > > Reporting these issues still in the BTS for tracking purpose. > > If you fix the vulnerabilities please also make sure to include the > CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2018-20544 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20544 > [1] https://security-tracker.debian.org/tracker/CVE-2018-20545 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20545 > [2] https://security-tracker.debian.org/tracker/CVE-2018-20546 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20546 > [3] https://security-tracker.debian.org/tracker/CVE-2018-20547 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20547 > [4] https://security-tracker.debian.org/tracker/CVE-2018-20548 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20548 > [5] https://security-tracker.debian.org/tracker/CVE-2018-20549 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20549 > > Regards, > Salvatore > signature.asc Description: PGP signature
Bug#919843: lirc-doc: broken symlinks: /usr/share/doc/lirc/lirc.org/* -> /build/lirc-rOeUaU/lirc-0.10.1/debian/tmp/usr/share/doc/lirc/*
Control: tag -1 + patch pending Dear maintainer, On Sun, Jan 20, 2019 at 04:57:04AM +0100, Andreas Beckmann wrote: > during a test with piuparts I noticed your package ships (or creates) > a broken symlink. Given the lack of answer, I prepared a fixed version, and performed a NMU to DELAYED/3, so you can dcut it should it be undesirable. The changes were also submitted against the packaging repository: https://gitlab.com/leamas/lirc/merge_requests/1 Best, nicoo signature.asc Description: PGP signature
Bug#923053: python3-stem: Version in stretch-backport isn't installable
Package: python3-stem Version: 1.7.0-1~bpo9+1 Severity: serious Justification: Non installable Control: block 905212 by -1 -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, The version of python3-stem in stretch-backports isn't installable due to its dependency on python3-distutils, which only exists starting with buster: > (stretch-backports-amd64-sbuild)# apt install --dry-run python3-stem > Reading package lists... Done > Building dependency tree > Reading state information... Done > Some packages could not be installed. This may mean that you have > requested an impossible situation or if you are using the unstable > distribution that some required packages have not yet been created > or been moved out of Incoming. > The following information may help to resolve the situation: > > The following packages have unmet dependencies: > python3-stem : Depends: python3-distutils but it is not installable > E: Unable to correct problems, you have held broken packages. > > (stretch-backports-amd64-sbuild)# apt-cache policy python3-stem > python3-distutils > python3-stem: > Installed: (none) > Candidate: 1.7.0-1~bpo9+1 > Version table: > 1.7.0-1~bpo9+1 990 > 990 http://localhost:3142/debian stretch-backports/main amd64 Packages > 1.5.3-1 500 > 500 http://localhost:3142/debian stretch/main amd64 Packages > python3-distutils: > Installed: (none) > Candidate: (none) > Version table: > > $ rmadison python3-distutils > python3-distutils | 3.7.2-3 | testing| all > python3-distutils | 3.7.2-3 | unstable | all Best, nicoo -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEEU7EqA8ZVHYoLJhPE5vmO4pLV7MsFAlxxiy0RHG5pY29vQGRl Ymlhbi5vcmcACgkQ5vmO4pLV7Mt7hw//Z5579LzG2Ud5Hd32hGiqO1mc9Xo4eyFm ALuXAofejUmM7lgnSx32EfNYXPuYUg4gRXHTqKbvjSqpVrP9Jsy1z/Uzflw1VP/T cURzp9KdlFQvyarb/TXiYKUyX08YzF6ncAZVggqlbHTW78nzs1+tXfHtD6rIZKVQ 5IG+H+OCVS17x2hZh+rQeQgC9ILC4+Av/Uhzt8BCpoq0e2Pecg7ntIBJLYXF4Qxf VuyF+KQFkFsvCBBgctc8hkhDNLjUehPyeVlh0JA1WjEpVKPv6WxH59pNtnR65tt7 K1jU8+dJ5WHmM73lfP/Xt4ZHmoNiZiBWmGWD/yTE4FIFCwN5ifvdDwxsyd2VKc6Q m1wR2/k+KrrVvvhZ4u5rp3p0CrMN1kH0RgSKXGtAFZxxDe44yZ9qXbaB3g6WYUkP Z3L87fl/nwFr3Ui2PEi1IGR5GkiPxH+HMRmsKBjoU6ZycSafIbacsIOQGeNZylm9 MTkRfa3FcUyMyV7zQDiV6CFYXVJ74a73LhBu2lFn3iU8c2ytYtEbVlSdTLEqzLyv rwTwVKH/uTvLoF8+Y22gI/P7+FwWFqs4+QqxfCqzBQseXD/yD/WYgAG2qvR4rAWn 0UQ0eU2s2QSVf0Zil/x/1/9Dc+xWPAG8C/yrm0Ahjfs/tKEbl8ByDDiYyg27iiRo rE2fPMrUXbQ= =7ewQ -END PGP SIGNATURE-
Bug#921725: libu2f-host: CVE-2018-20340
On Sat, Feb 09, 2019 at 01:54:19PM +0100, Nicolas Braud-Santoni wrote: > On Sat, Feb 09, 2019 at 11:19:47AM +0100, Sébastien Delafond wrote: > > don't forget to use -sa as it will be new there > > OK. My first dput didn't seem to include the orig tarball, even though I > built with --force-orig-source and the .dsc mentionned the orig tarball. > > I will reupload as soon as I figure it out :) Ah, I was bitten in the arse by #884428 again. The upload to security-master should now be fine :) Sorry for accidentally duplicating your work, I didn't realise you had prepared a backported fix for stable before the issue went public :) Best, nicoo signature.asc Description: PGP signature
Bug#921725: libu2f-host: CVE-2018-20340
On Sat, Feb 09, 2019 at 11:19:47AM +0100, Sébastien Delafond wrote: > On Feb/08, Nicolas Braud-Santoni wrote: > > I backported the fix and prepared an upload. > > The debdiff is attached, and the commands used to produced it are > > documented below. > > > > May I proceed with an upload to security-master? > > It looks OK to me, so if it passes testing on your end please upload to > security-master (don't forget to use -sa as it will be new there). OK. My first dput didn't seem to include the orig tarball, even though I built with --force-orig-source and the .dsc mentionned the orig tarball. I will reupload as soon as I figure it out :) Best, nicoo signature.asc Description: PGP signature
Bug#921725: libu2f-host: CVE-2018-20340
Dear security team, On Fri, Feb 08, 2019 at 08:23:10PM +0100, Nicolas Braud-Santoni wrote: > On Fri, Feb 08, 2019 at 02:08:40PM +0100, Salvatore Bonaccorso wrote: > > The following vulnerability was published for libu2f-host. > > > > CVE-2018-20340[0]: > > buffer overflow > > I just uploaded a fixed version to unstable. > I will see about backporting the fix to stretch. I backported the fix and prepared an upload. The debdiff is attached, and the commands used to produced it are documented below. May I proceed with an upload to security-master? Best, nicoo - $ dget http://deb.debian.org/debian/pool/main/libu/libu2f-host/libu2f-host_1.1.2-2.dsc [...] $ debdiff libu2f-host_1.1.2-2.dsc /opt/deb/buildarea/libu2f-host_1.1.2-2+deb9u1.dsc warning: extracting unsigned source package (/opt/deb/buildarea/libu2f-host_1.1.2-2+deb9u1.dsc) diff -Nru libu2f-host-1.1.2/debian/changelog libu2f-host-1.1.2/debian/changelog --- libu2f-host-1.1.2/debian/changelog 2016-09-23 20:42:49.0 +0200 +++ libu2f-host-1.1.2/debian/changelog 2019-02-08 21:42:16.0 +0100 @@ -1,3 +1,9 @@ +libu2f-host (1.1.2-2+deb9u1) stretch-security; urgency=high + + * Backport patch for CVE-2018-20340 (Closes: #921725) + + -- Nicolas Braud-Santoni Fri, 08 Feb 2019 21:42:16 +0100 + libu2f-host (1.1.2-2) unstable; urgency=medium * debian/control: Move the packaging repo to Alioth diff -Nru libu2f-host-1.1.2/debian/patches/Fix-CVE-2018-20340.patch libu2f-host-1.1.2/debian/patches/Fix-CVE-2018-20340.patch --- libu2f-host-1.1.2/debian/patches/Fix-CVE-2018-20340.patch 1970-01-01 01:00:00.0 +0100 +++ libu2f-host-1.1.2/debian/patches/Fix-CVE-2018-20340.patch 2019-02-08 21:42:16.0 +0100 @@ -0,0 +1,46 @@ +Subject: Fix CVE-2018-20340 + +Origin: upstream, https://github.com/Yubico/libu2f-host/commit/4d490bb2c528c351e32837fcdaebd998eb5d3f27 +Bug-Debian: https://bugs.debian.org/921725 +From: Klas Lindfors +Reviewed-by: Nicolas Braud-Santoni +Last-Update: 2019-02-08 +Applied-Upstream: yes + +--- + u2f-host/devs.c| 5 + + u2f-host/u2fmisc.c | 5 + + 2 files changed, 10 insertions(+) + +diff --git a/u2f-host/devs.c b/u2f-host/devs.c +index 6f27c72..0c50882 100644 +--- a/u2f-host/devs.c b/u2f-host/devs.c +@@ -247,6 +247,11 @@ init_device (u2fh_devs * devs, struct u2fdevice *dev) +) == U2FH_OK) + { + U2FHID_INIT_RESP initresp; ++ if (resplen > sizeof (initresp)) ++{ ++ return U2FH_MEMORY_ERROR; ++} ++ + memcpy (, resp, resplen); + dev->cid = initresp.cid; + dev->versionInterface = initresp.versionInterface; +diff --git a/u2f-host/u2fmisc.c b/u2f-host/u2fmisc.c +index 0be1adc..e17a6c3 100644 +--- a/u2f-host/u2fmisc.c b/u2f-host/u2fmisc.c +@@ -306,6 +306,11 @@ u2fh_sendrecv (u2fh_devs * devs, unsigned index, uint8_t cmd, +frame.cont.seq, sequence); + return U2FH_TRANSPORT_ERROR; + } ++ ++ if (recvddata + sizeof (frame.cont.data) > maxlen) ++{ ++ return U2FH_TRANSPORT_ERROR; ++} + memcpy (recv + recvddata, frame.cont.data, sizeof (frame.cont.data)); + recvddata += sizeof (frame.cont.data); + } diff -Nru libu2f-host-1.1.2/debian/patches/series libu2f-host-1.1.2/debian/patches/series --- libu2f-host-1.1.2/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ libu2f-host-1.1.2/debian/patches/series 2019-02-08 21:42:16.0 +0100 @@ -0,0 +1 @@ +Fix-CVE-2018-20340.patch Format: 3.0 (quilt) Source: libu2f-host Binary: libu2f-host0, libu2f-host-dev, u2f-host Architecture: any Version: 1.1.2-2+deb9u1 Maintainer: Debian Authentication Maintainers Uploaders: Simon Josefsson , Klas Lindfors , Dain Nilsson , Nicolas Braud-Santoni Homepage: https://developers.yubico.com/libu2f-host/ Standards-Version: 3.9.8 Vcs-Browser: https://anonscm.debian.org/git/pkg-auth/libu2f-host.git/ Vcs-Git: https://anonscm.debian.org/git/pkg-auth/libu2f-host.git Build-Depends: debhelper (>= 9), pkg-config, libglib2.0-dev, libhidapi-dev, libjson-c-dev, gengetopt, help2man, dh-autoreconf, gtk-doc-tools, dblatex Package-List: libu2f-host-dev deb libdevel extra arch=any libu2f-host0 deb libs extra arch=any u2f-host deb utils extra arch=any Checksums-Sha1: c3e6ebb9c48924c87d9fb4f41436620a36a8f064 456160 libu2f-host_1.1.2.orig.tar.xz 1956c724599d688523f71171df335db2f3114517 61552 libu2f-host_1.1.2-2+deb9u1.debian.tar.xz Checksums-Sha256: 5bcdfbc5e6f972da5395185b71de2272f9a397f0f0d431860e71545f52f1c56a 456160 libu2f-host_1.1.2.orig.tar.xz 4bf2a1135cfd8c4d28c586267c126948d7dca40655a7a713530a3287611a3abd 61552 libu2f-host_1.1.2-2+deb9u1.debian.tar.xz Files: 92fde5650151623635e97287bd389592 456160 libu2f-host_1.1.2.orig.tar.xz 129f13bdae5ef1
Bug#921725: libu2f-host: CVE-2018-20340
On Fri, Feb 08, 2019 at 02:08:40PM +0100, Salvatore Bonaccorso wrote: > Hi, > > The following vulnerability was published for libu2f-host. > > CVE-2018-20340[0]: > buffer overflow Hi Salvatore & Sébastien, Thanks a lot for the swift report(s). :) I just uploaded a fixed version to unstable. I will see about backporting the fix to stretch. Best, nicoo signature.asc Description: PGP signature
Bug#893817: Fwd: [saltstack/salt-jenkins] [Py3][Tornado 5.0] IOLoop tests failing with asyncio (#995)
Hi, Upstream isn't fixing this in the next minor release of Salt, so it looks like we won't be able to ship Salt 2018.3 in Debian any time soon (unless we switch back to making it use Py2 temporarily). I'm sorry to be bringing the bad news, and I would suggest waiting for the Fluorine release: - switching back and forth between py2 and py3 would likely break things, - the ones who absolutely need Salt in buster or sid are likely using the vendor's repository (as Salt has been broken in Debian for ~half a year) Of course, as I'm not in the Salt team, my opinion should likely be taken with... a grain of salt ;) Best, nicoo - Forwarded message from Daniel Wallace - Date: Tue, 28 Aug 2018 05:46:22 -0700 From: Daniel Wallace To: saltstack/salt-jenkins Cc: Nicolas Braud-Santoni , Comment Subject: Re: [saltstack/salt-jenkins] [Py3][Tornado 5.0] IOLoop tests failing with asyncio (#995) This is not going to be fixed in 2018.3.3, you will have to stick with salt with python2 for versions where python-tornado is already upgraded. This is will be fixed in Fluorine for python3 and if it is not too complicated it may be backported to 2018.3 once it has finished, but it is not holding up the 2018.3.3 release. -- You are receiving this because you commented. Reply to this email directly or view it on GitHub: https://github.com/saltstack/salt-jenkins/issues/995#issuecomment-416570266 - End forwarded message - signature.asc Description: PGP signature
Bug#893817: salt-common: fails to install with Python 3.7
tag 904654 + upstream fixed-upstream forward 904654 https://github.com/saltstack/salt/issues/48556 tag 893817 - fixed-upstream forward 893817 https://github.com/saltstack/salt-jenkins/issues/995 thanks Hi, Just updating the bugs metadata ;) #904654 is fixed in upstream's 2018.3.3, to be released soon, but #893817 still isn't fixed under Python 3 :( Best, nicoo On Fri, Aug 24, 2018 at 03:08:24PM +0200, Daniel Dehennin wrote: > Hello. > > I think the best thing to do is to update to the latest version > > https://github.com/saltstack/salt/issues/48556 > > Regards. > -- > Daniel Dehennin > Récupérer ma clef GPG: gpg --recv-keys 0xCC1E9E5B7A6FE2DF > Fingerprint: 3E69 014E 5C23 50E8 9ED6 2AAD CC1E 9E5B 7A6F E2DF signature.asc Description: PGP signature
Bug#907431: cppo's testsuite fails on arm{el,hf} and ppc64el
Package: cppo Version: 1.6.4-1 Severity: serious Tags: upstream Justification: fails to build from source The testsuite of cppo fails on arm{el,hf} and ppc64el in the same location: https://buildd.debian.org/status/fetch.php?pkg=cppo=ppc64el=1.6.4-1=1533482737=0 https://buildd.debian.org/status/fetch.php?pkg=cppo=armhf=1.6.4-1=1533483827=0 https://buildd.debian.org/status/fetch.php?pkg=cppo=armel=1.6.4-1=1533484809=0 > dh_auto_test -a > make -j4 test > make[1]: Entering directory '/<>' > cppo alias test/runtest (exit 1) > (cd _build/default/test && ../../install/default/bin/cppo test.cppo) > > /dev/null > Error: File "test.cppo", line 98, characters 0-20 > Error: math error > make[1]: *** [Makefile:5: test] Error 1 > make[1]: Leaving directory '/<>' > dh_auto_test: make -j4 test returned exit code 2 > make: *** [debian/rules:18: build-arch] Error 2 This seems likely to be an upstream bug, so I am forwarding the bug there. Best, nicoo -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.17.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages cppo depends on: ii libc6 2.27-5 ii ocaml-base-nox [ocaml-base-nox-4.05.0] 4.05.0-10+b1 cppo recommends no packages. cppo suggests no packages.
Bug#907332: ghostscript has a new code execution issue, even when used with -dSAFER
On Sun, Aug 26, 2018 at 06:08:58PM +0100, Nicolas Braud-Santoni wrote: > > I'm attaching the relevant files. Oops, forgot the attachments. exploit.ps Description: PostScript document signature.asc Description: PGP signature
Bug#907332: ghostscript has a new code execution issue, even when used with -dSAFER
Package: ghostscript Version: 9.22~dfsg-2.1 Severity: grave Tags: security buster sid Justification: user security hole Hi, Tavis Ormandy disclosed a new ghoscript security issue, leading directly to code execution: http://openwall.com/lists/oss-security/2018/08/21/2 I don't think this is [CVE-2018-11645], as it's supposedly fixed in buster, and I was able to reproduce the issue on my system: > $ gs -q -sDEVICE=ppmraw -dSAFER -sOutputFile=/dev/null < exploit.ps > GS>GS>GS>GS>GS<1>uid=1000(nicoo) gid=1000(nicoo) > groups=1000(nicoo),4(adm),5(tty),20(dialout),27(sudo),44(video),46(plugdev),104(input),113(sbuild),115(wireshark) > > $ convert exploit.jpg exploit.gif:( > uid=1000(nicoo) gid=1000(nicoo) > groups=1000(nicoo),4(adm),5(tty),20(dialout),27(sudo),44(video),46(plugdev),104(input),113(sbuild),115(wireshark) > convert-im6.q16: FailedToExecuteCommand `'gs' -sstdout=%stderr -dQUIET > -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=5 -dAlignToPixels=0 > -dGridFitTT=2 '-sDEVICE=pngalpha' -dTextAlphaBits=4 -dGraphicsAlphaBits=4 > '-r72x72' -g612x792 '-sOutputFile=/tmp/magick-955WzJ4UvxhLwQT%d' > '-f/tmp/magick-95505j-kbelxXGs' '-f/tmp/magick-955IqsJtzVIPtx1' -c showpage' > (-1) @ error/delegate.c/ExternalDelegateCommand/462. > convert-im6.q16: no images defined `exploit.gif' @ > error/convert.c/ConvertImageCommand/3258. > > $ apt-cache policy ghostscript > ghostscript: > Installed: 9.22~dfsg-2.1 > Candidate: 9.22~dfsg-2.1 > Version table: > *** 9.22~dfsg-2.1 990 > 990 http://localhost:3142/debian buster/main amd64 Packages > 500 http://localhost:3142/debian sid/main amd64 Packages > 100 /var/lib/dpkg/status I'm attaching the relevant files. Best, nicoo [CVE-2018-11645]: https://security-tracker.debian.org/tracker/CVE-2018-11645 -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.17.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages ghostscript depends on: ii debconf [debconf-2.0] 1.5.69 ii libc6 2.27-5 ii libgs9 9.22~dfsg-2.1 Versions of packages ghostscript recommends: ii gsfonts 1:8.11+urwcyr1.0.7~pre44-4.4 Versions of packages ghostscript suggests: pn ghostscript-x -- no debconf information
Bug#907042: opam 1.2.0 is deprecated (jessie)
Dear LTS contributors, I'm a co-maintainer of opam, the OCaml-specific dependencies manager, which is currently broken in olstable: the version in Jessie is 1.2.0 and does not support the current opam repository format[0], meaning that users cannot install new OPAM packages, get updates, ... (see #907042) I would like to propose an update in Jessie to 1.2.2, the same version as in Stretch, and Ben suggested that I ask here to check nobody would be opposed to it, and to get advise on the process to follow. Please note that upstream is planning a change to a new repository format (as part of releasing 2.0.0, which is currently in NEW) [1], but they plan to keep a branch of the repository in 1.2 format, and accept important updates there, so opam 1.2 will keep working for users of stable and LTS. Best, nicoo [0]: https://opam.ocaml.org/blog/deprecating-opam-1-2-0/ [1]: http://opam.ocaml.org/blog/opam-2-0-0-repo-upgrade-roadmap/ signature.asc Description: PGP signature
Bug#907042: opam 1.2.0 is deprecated (jessie)
On Thu, Aug 23, 2018 at 07:39:13PM +0200, Mehdi Dogguy wrote: > On 2018-08-23 16:53, Nicolas Braud-Santoni wrote: > > On Thu, Aug 23, 2018 at 03:00:22PM +0200, Mehdi Dogguy wrote: > > > > It makes opam unusable for jessie users: already initialised ones can't > > > > install new compilers nor update packages, and with a fresh install opam > > > > is almost unusable (e.g. [3]). > > > > > > Unfortunately, we won't be able to upgrade Opam to 1.2.2 in Debian > > > stable. > > fwiw, I meant "oldstable" above. Yes, I didn't even notice the mistake :3 (i.e. I understood we were talking about jessie) > > > I can ask for its removal, or document in this bugreport how to > > > point their > > > installation to a frozen working mirror? > > > > Doesn't the release policy allow shipping a new upstream version to > > *-pu, if > > there is no other way to get the bug resolved (and after consulting the > > release > > team) ? Or is the issue that there won't be new point releases ? > > I am not sure what the Release Team would accept at this point (Jessie is > already EOL'ed). So, a sloppy-backport should be enough for oldstable > users. They can upgrade to stable if necessary. OK, that's fair enough; I had no idea whether there would be a point release in the future where we could have that put, or through LTS. Do you mind if I check with Ben? IIRC he does some LTS work, and I'm seeing him this weekend (at OMGWTFBBQ). > Once, 2.0 will be ready in Buster, Stretch users can use from backports. Yeap, I am very much planning to make a backport. Speaking of which, the version of opam in the packaging repo should be good-to-go, it's just blocked on someone sponsoring the upload; I asked highvoltage to do so, at the end of DebConf, but I guess he isn't very available currently, so fill free to review & dput if you feel like it. Worst case, I might get to upload 2.0 by myself within some weeks, at I'm currently going through the NM process. Best, nicoo signature.asc Description: PGP signature
Bug#907042: opam 1.2.0 is deprecated (jessie)
Hi Mehdi, On Thu, Aug 23, 2018 at 03:00:22PM +0200, Mehdi Dogguy wrote: > > [...] > > It makes opam unusable for jessie users: already initialised ones can't > > install new compilers nor update packages, and with a fresh install opam > > is almost unusable (e.g. [3]). > > Unfortunately, we won't be able to upgrade Opam to 1.2.2 in Debian stable. > I can ask for its removal, or document in this bugreport how to point their > installation to a frozen working mirror? Doesn't the release policy allow shipping a new upstream version to *-pu, if there is no other way to get the bug resolved (and after consulting the release team) ? Or is the issue that there won't be new point releases ? (I'm not up to speed on the policies for oldstable, unfortunately.) > In the meantime, I'll work on a {sloppy-,}backport of 1.2.2. Thanks :) Best, nicoo PS: Thanks again for filing the bug report, Raja. signature.asc Description: PGP signature
Bug#906128: libykpiv1 impacted by CVE-2018-14779 and CVE-2018-14780
Hi Salvatore, On Tue, Aug 14, 2018 at 09:55:39PM +0200, Salvatore Bonaccorso wrote: > On Tue, Aug 14, 2018 at 08:36:10PM +0200, Nicolas Braud-Santoni wrote: > > Hi, > > > > Gunnar Wolf sponsored the upload to sid (thanks!) and I just prepared an > > upload for stretch-security. It is available in the branch debian/stretch > > on: > > > > https://salsa.debian.org/auth-team/yubico-piv-tool.git > > > > If the security team finds it suitable, please upload directly. > > The issue does not warrant a DSA (was marked no-dsa in the tracker > already). Can you though propose a fix to be included in the next > stretch point release? Yes, jcristau pointed out on IRC that there was a race condition between my mail and the update of the security-tracker; I updated the changelog for an upload to stretch-p-u, and jcc@ said he will look at it tomorrow. Thanks for the swift reply :) Best, nicoo signature.asc Description: PGP signature
Bug#906128: libykpiv1 impacted by CVE-2018-14779 and CVE-2018-14780
Hi, Gunnar Wolf sponsored the upload to sid (thanks!) and I just prepared an upload for stretch-security. It is available in the branch debian/stretch on: https://salsa.debian.org/auth-team/yubico-piv-tool.git If the security team finds it suitable, please upload directly. Best, nicoo PS: In case I need to be reached swiftly, IRC might be the most effective medium (nicoo on irc.oftc.net/#debian-security) On Tue, Aug 14, 2018 at 06:39:43PM +0200, Nicolas Braud-Santoni wrote: > Package: libykpiv1 > Severity: serious > Tags: security pending stretch buster sid > Justification: security > > libykpiv1 versions below 1.6.0 are affected by a buffer overflow, exploitable > by > malicious USB devices, that can lead to arbitrary code execution. > > I will upload the fixed upstream version later today, and coordinate with > the security team to get fixed in stretch and jessie-backports > > > Best, > > nicoo > > -- System Information: > Debian Release: buster/sid > APT prefers testing > APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.17.0-1-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: > LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: > LC_ALL set to en_US.UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > Versions of packages libykpiv1 depends on: > ii libc6 2.27-5 > ii libpcsclite1 1.8.23-3 > ii libssl1.1 1.1.0h-4 > > Versions of packages libykpiv1 recommends: > ii pcscd 1.8.23-3 > > libykpiv1 suggests no packages. > signature.asc Description: PGP signature
Bug#906128: libykpiv1 impacted by CVE-2018-14779 and CVE-2018-14780
Package: libykpiv1 Severity: serious Tags: security pending stretch buster sid Justification: security libykpiv1 versions below 1.6.0 are affected by a buffer overflow, exploitable by malicious USB devices, that can lead to arbitrary code execution. I will upload the fixed upstream version later today, and coordinate with the security team to get fixed in stretch and jessie-backports Best, nicoo -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.17.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libykpiv1 depends on: ii libc6 2.27-5 ii libpcsclite1 1.8.23-3 ii libssl1.1 1.1.0h-4 Versions of packages libykpiv1 recommends: ii pcscd 1.8.23-3 libykpiv1 suggests no packages.
Bug#904661: vtk7 FTBFS due to uninstallable build dependencies
Hi Gert, On Sun, Jul 29, 2018 at 01:28:58PM +0200, Gert Wollny wrote: > python-autobahn is currently not installable with python3-all-dev > because the latter depends on python3.7 and python-autobahn depends on > python-ubjson, which in turn FTBFS with python-3.7. Thanks for the explanation. :) > As a side note: I think it is very uncommon to file a bug against a > package that FTBFS because of some dependency being (temporarly) not > installable. You are of course right, sorry for mis-assigning it in the first place. I was in the middle of triaging a bunch of bugs, which is probably why I made the mistake, but this is more an explanation than an excuse. In any case, I'm sorry for all that, it was probably an unpleasant bug report to receive :( Best, nicoo signature.asc Description: PGP signature
Bug#904667: sumo FTBFS due to a C++ error
Source: sumo Version: 0.32.0+dfsg1-1 Severity: serious Justification: FTBFS Hi, While rebuilding packages in preparation of the json-c transition (#904418), I discovered that sumo fails to build from source, independently of the transition. Please find a build log attached. Best, nicoo -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.16.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#904661: vtk7 FTBFS due to uninstallable build dependencies
Source: vtk7 Version: 7.1.1+dfsg1-4 Severity: serious Justification: FTBFS While doing a rebuild of all reverse dependencies of json-c (as preparation for transition #904418), I discovered that vtk7 fails to build due to a broken build-dependency on python3-autobahn, independently of the upcoming json-c transition. Please find the complete sbuild log below. Best, nicoo > $ sbuild vtk7 > sbuild (Debian sbuild) 0.77.0 (06 July 2018) on localhost > > +==+ > | vtk7 (amd64) Thu, 26 Jul 2018 10:30:30 > + | > +==+ > > Package: vtk7 > Distribution: unstable > Machine Architecture: amd64 > Host Architecture: amd64 > Build Architecture: amd64 > Build Type: binary > > I: NOTICE: Log filtering will replace > 'var/run/schroot/mount/sid-amd64-sbuild-12147a10-88bb-42b5-bf88-6963affcbbc3' > with '<>' > I: NOTICE: Log filtering will replace 'build/vtk7-ktKPC8/resolver-4dtglN' > with '<>' > > +--+ > | Update chroot > | > +--+ > > Get:1 file:/opt/deb/buildarea ./ InRelease > Ign:1 file:/opt/deb/buildarea ./ InRelease > Get:2 file:/opt/deb/buildarea ./ Release > Ign:2 file:/opt/deb/buildarea ./ Release > Get:3 file:/opt/deb/buildarea ./ Packages > Ign:3 file:/opt/deb/buildarea ./ Packages > Get:3 file:/opt/deb/buildarea ./ Packages > Ign:3 file:/opt/deb/buildarea ./ Packages > Get:3 file:/opt/deb/buildarea ./ Packages > Ign:3 file:/opt/deb/buildarea ./ Packages > Get:3 file:/opt/deb/buildarea ./ Packages > Ign:3 file:/opt/deb/buildarea ./ Packages > Get:3 file:/opt/deb/buildarea ./ Packages > Ign:3 file:/opt/deb/buildarea ./ Packages > Get:3 file:/opt/deb/buildarea ./ Packages > Ign:3 file:/opt/deb/buildarea ./ Packages > Get:3 file:/opt/deb/buildarea ./ Packages [154 kB] > Get:4 http://localhost:3142/debian sid InRelease [233 kB] > Get:5 http://localhost:3142/debian sid/main Sources [8618 kB] > Get:6 http://localhost:3142/debian sid/main amd64 Packages.diff/Index [27.9 > kB] > Get:7 http://localhost:3142/debian sid/main amd64 Packages > 2018-07-24-0812.36.pdiff [30.1 kB] > Get:8 http://localhost:3142/debian sid/main amd64 Packages > 2018-07-24-1408.05.pdiff [32.9 kB] > Get:9 http://localhost:3142/debian sid/main amd64 Packages > 2018-07-24-2017.15.pdiff [16.2 kB] > Get:10 http://localhost:3142/debian sid/main amd64 Packages > 2018-07-25-0207.37.pdiff [6068 B] > Get:11 http://localhost:3142/debian sid/main amd64 Packages > 2018-07-25-0810.42.pdiff [14.0 kB] > Get:12 http://localhost:3142/debian sid/main amd64 Packages > 2018-07-25-1418.46.pdiff [24.3 kB] > Get:13 http://localhost:3142/debian sid/main amd64 Packages > 2018-07-25-2023.54.pdiff [42.3 kB] > Get:14 http://localhost:3142/debian sid/main amd64 Packages > 2018-07-26-0211.09.pdiff [12.5 kB] > Get:15 http://localhost:3142/debian sid/main amd64 Packages > 2018-07-26-0815.27.pdiff [12.7 kB] > Get:15 http://localhost:3142/debian sid/main amd64 Packages > 2018-07-26-0815.27.pdiff [12.7 kB] > Fetched 9070 kB in 13s (682 kB/s) > Reading package lists... > Reading package lists... > Building dependency tree... > Reading state information... > Calculating upgrade... > The following packages will be upgraded: > debconf libdebconfclient0 libexporter-tiny-perl lintian > 4 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. > Need to get 1357 kB of archives. > After this operation, 25.6 kB disk space will be freed. > Get:1 http://localhost:3142/debian sid/main amd64 debconf all 1.5.69 [145 kB] > Get:2 http://localhost:3142/debian sid/main amd64 libdebconfclient0 amd64 > 0.244 [48.6 kB] > Get:3 http://localhost:3142/debian sid/main amd64 libexporter-tiny-perl all > 1.002001-1 [36.9 kB] > Get:4 http://localhost:3142/debian sid/main amd64 lintian all 2.5.94 [1127 kB] > debconf: delaying package configuration, since apt-utils is not installed > Fetched 1357 kB in 0s (12.6 MB/s) > (Reading database ... 16363 files and directories currently installed.) > Preparing to unpack .../debconf_1.5.69_all.deb ... > Unpacking debconf (1.5.69) over (1.5.68) ... > Setting up debconf (1.5.69) ... > (Reading database ... 16348 files and directories currently installed.) > Preparing to unpack .../libdebconfclient0_0.244_amd64.deb ... > Unpacking libdebconfclient0:amd64 (0.244) over (0.243) ... > Setting up libdebconfclient0:amd64 (0.244) ... > (Reading database ... 16348 files and directories currently installed.) > Preparing to unpack .../libexporter-tiny-perl_1.002001-1_all.deb ... > Unpacking libexporter-tiny-perl (1.002001-1) over (1.00-2) ... > Preparing to unpack .../lintian_2.5.94_all.deb ... > Unpacking lintian (2.5.94) over (2.5.93) ... > Setting up
Bug#898519: Bug #898519: libpam-u2f: upgrade to 1.0.6 breaks authentication with u2fzero device
On Sat, May 26, 2018 at 11:18:40PM +0200, Nicolas Braud-Santoni wrote: > In the meantime, I am forwarding this bug upstream (against pam-u2f), who > might be able to pinpoint the issue faster than I would. (OTOH, several of > the pam-u2f upstream developers are in the relevant packaging team and > should have received the bug report anyhow.) Upstream suggested this might be a regression introduced by the implementation of the cue option [0]; could you try removing the cue option? [0] https://github.com/Yubico/pam-u2f/pull/87 Best, nicoo
Bug#898734: ocaml-rope: FTBFS with dune/1.0~beta20-1
Source: ocaml-rope Version: 0.6-1 Severity: serious Justification: FTBFS Hi, ocaml-rope fails to build using the new version of dune/jbuilder due to dh_missing complaining about uninstalled files. I will prepare a new upload momentarily. Best, nicoo -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.16.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#894621: ocaml-rope FTBFS: Error: Library "bytes" not found
Control: fixed -1 1.0~beta20-1 Hi, I just checked and this was fixed by my upload of v1.0~beta20-1, ... which I did because I ran into the same bug while packaging something else ;) However, ocaml-rope now FTBFS due to dh_missing; I will file a bug and fix that momentarily. Best, nicoo On Mon, Apr 02, 2018 at 11:58:01PM +0300, Adrian Bunk wrote: > Control: reassign -1 jbuilder 1.0~beta19-1 > Control: affects -1 src:ocaml-rope src:ocaml-migrate-parsetree > > On Mon, Apr 02, 2018 at 07:23:01PM +0200, Ralf Treinen wrote: > > On Mon, Apr 02, 2018 at 08:13:56PM +0300, Adrian Bunk wrote: > > > On Mon, Apr 02, 2018 at 07:08:52PM +0200, Ralf Treinen wrote: > > > > Hi, > > > > > > > > On Mon, Apr 02, 2018 at 06:15:11PM +0300, Adrian Bunk wrote: > > > > > Source: ocaml-rope > > > > > Version: 0.6-1 > > > > > Severity: serious > > > > > > > > > > Some recent change in unstable makes ocaml-rope FTBFS: > > > > > > > > > > https://tests.reproducible-builds.org/debian/history/ocaml-rope.html > > > > > https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/ocaml-rope.html > > > > > > > > This rather looks like bug #881770 of jbuilder, which was supposed to be > > > > fixed in jbuilder (1.0~beta18-1), except that recent versions of > > > > jbuilder > > > > fail to compile at all on byte-code architectures. > > > > > > amd64 and arm64 are not byte-code architectures. > > > > You are right. I was looking at the autobuilder status which only > > displays build-failures on bytecode arches at the moment. > > I just tried with jbuilder 1.0~beta14-1, > and that fixed the build. > > Likely related beta14 -> beta19 breakage in ocaml-migrate-parsetree: > https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/ocaml-migrate-parsetree.html > > > -Ralf. > > cu > Adrian > > -- > >"Is there not promise of rain?" Ling Tan asked suddenly out > of the darkness. There had been need of rain for many days. >"Only a promise," Lao Er said. >Pearl S. Buck - Dragon Seed > >
Bug#803713: Elasticsearch should not be part of a Debian release
Control: clone -1 -2 Control: retitle -2 RM: elasticsearch -- ROM; NPOASR; unmaintained since ~2 years; security issues Control: severity -2 normal Control: reassign -2 ftp.debian.org On Thu, Mar 08, 2018 at 11:17:20PM +0100, Emmanuel Bourg wrote: > Le 08/03/2018 à 22:50, Nicolas Braud-Santoni a écrit : > > > Given that this is the last activity and the package, that the last upload > > is almost 2 years old, and that no progress has been made towards fixing the > > RC bugs (esp. the issues wrt. security), should we ask ftp-masters to remove > > this package from sid? > > +1 OK, requesting the removal.
Bug#803713: Elasticsearch should not be part of a Debian release
On Mon, Nov 21, 2016 at 09:33:18PM +0100, Hilko Bengen wrote: > * Emmanuel Bourg: > > Do you think elasticsearch should be removed from unstable? > > Not necessarily. It should just not become part of stretch because there > is no sensible way to support it. Given that this is the last activity and the package, that the last upload is almost 2 years old, and that no progress has been made towards fixing the RC bugs (esp. the issues wrt. security), should we ask ftp-masters to remove this package from sid? Best, nicoo
Bug#887988: mblaze: File conflict at /usr/bin/{msort,mprev}
Control: tag -1 pending On Tue, Jan 23, 2018 at 01:33:39AM +0100, Andreas Beckmann wrote: > > let the new package figure out what it want's to do here ... As I had an upload ready for the new upstream version, I just added a conflict for now. I will figure out what we can do to solve this in a more satisfying way, though I guess it's not the end of the world if a couple of obscure packages conflict. Best, nicoo signature.asc Description: PGP signature
Bug#887786: glances: FTBFS during sphinx-build: The configuration file called sys.exit()
Source: glances Version: 2.11.1-2 Severity: serious Justification: fails to build from source Dear maintainer, glances version 2.11.1-2 fails to build from source here (under sbuild) : > User Environment > > > APT_CONFIG=/var/lib/sbuild/apt.conf > HOME=/sbuild-nonexistent > LANG=en_US.UTF-8 > LC_ALL=POSIX > LC_COLLATE=C > LOGNAME=nbraud > PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games > SCHROOT_ALIAS_NAME=unstable-amd64-sbuild > SCHROOT_CHROOT_NAME=sid-amd64-sbuild > SCHROOT_COMMAND=env > SCHROOT_GID=1000 > SCHROOT_GROUP=nbraud > SCHROOT_SESSION_ID=sid-amd64-sbuild-2e48edd2-bacb-49af-9613-a9a782418837 > SCHROOT_UID=1000 > SCHROOT_USER=nbraud > SHELL=/bin/sh > USER=nbraud > > dpkg-buildpackage > - > > dpkg-buildpackage: info: source package glances > dpkg-buildpackage: info: source version 2.11.1-2 > dpkg-buildpackage: info: source distribution unstable > dpkg-buildpackage: info: source changed by Sebastien Badia> [...] > dh build --with python3,sphinxdoc --buildsystem=pybuild >dh_update_autotools_config -O--buildsystem=pybuild >dh_autoreconf -O--buildsystem=pybuild >dh_auto_configure -O--buildsystem=pybuild > I: pybuild base:184: python3.6 setup.py config > running config >dh_auto_build -O--buildsystem=pybuild > I: pybuild base:184: /usr/bin/python3 setup.py build > running build > running build_py > [...] >create-stamp debian/debhelper-build-stamp > fakeroot debian/rules binary > dh binary --with python3,sphinxdoc --buildsystem=pybuild >dh_testroot -O--buildsystem=pybuild >dh_prep -O--buildsystem=pybuild >debian/rules override_dh_auto_install > make[1]: Entering directory '/<>' > dh_auto_install --destdir /<>/debian/glances > I: pybuild base:184: /usr/bin/python3 setup.py install --root > /<>/debian/glances > [...] > make[1]: Leaving directory '/<>' >dh_install -O--buildsystem=pybuild >debian/rules override_dh_installdocs > make[1]: Entering directory '/<>' > set -e && for docs in COPYING AUTHORS NEWS glances.conf; do \ > rm -f > /<>/debian/glances/usr/share/doc/glances/$docs ; \ > done > dh_installdocs > make[1]: Leaving directory '/<>' >debian/rules override_dh_sphinxdoc > make[1]: Entering directory '/<>' > sphinx-build -b html -d debian/tmp/doctrees docs \ > debian/glances-doc/usr/share/doc/glances/html > Running Sphinx v1.6.6 > making output directory... > > Configuration error: > The configuration file (or one of the modules it imports) called sys.exit() > PSutil library not found. Glances cannot start. > debian/rules:13: recipe for target 'override_dh_sphinxdoc' failed > make[1]: *** [override_dh_sphinxdoc] Error 1 > make[1]: Leaving directory '/<>' > debian/rules:9: recipe for target 'binary' failed > make: *** [binary] Error 2 > dpkg-buildpackage: error: fakeroot debian/rules binary subprocess returned > exit status 2 > > Build finished at 2018-01-19T21:28:59Z > > Finished > The full build log is attached. Best, nicoo -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (900, 'testing'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled gbp buildpackage --git-ignore-branch gbp:info: Exporting 'HEAD' to '/opt/deb/build-area/glances-tmp' gbp:info: Moving '/opt/deb/build-area/glances-tmp' to '/opt/deb/build-area/glances-2.11.1' gbp:info: Performing the build dh clean --with python3,sphinxdoc --buildsystem=pybuild dh_auto_clean -O--buildsystem=pybuild I: pybuild base:184: python3.6 setup.py clean running clean removing '/opt/deb/build-area/glances-2.11.1/.pybuild/pythonX.Y_3.6/build' (and everything under it) 'build/bdist.linux-x86_64' does not exist -- can't clean it 'build/scripts-3.6' does not exist -- can't clean it debian/rules override_dh_clean make[1]: Entering directory '/opt/deb/build-area/glances-2.11.1' rm -rf ./Glances.egg-info dh_clean make[1]: Leaving directory '/opt/deb/build-area/glances-2.11.1' dpkg-source: info: using source format '3.0 (quilt)' dpkg-source: info: applying 001_reproducible-build.patch dpkg-source: info: applying 002_no_put_links_in_doc.patch dpkg-source: info: applying 003_not_install_static_dir.patch dpkg-source: info: applying 001_disable-pypi.patch dpkg-source: info: building glances using existing ./glances_2.11.1.orig.tar.gz dpkg-source: info: building glances in glances_2.11.1-2.debian.tar.xz dpkg-source: info: building glances in glances_2.11.1-2.dsc sbuild (Debian sbuild) 0.73.0 (23 Dec 2016) on
Bug#884038: Bug #884038: [git] 2.15.x fails to fetch remote repository
Control: tag -1 + moreinfo Hi, On Sun, Dec 10, 2017 at 07:44:14PM +0100, mirq-debo...@rere.qmqm.pl wrote: > Package: git > Version: 1:2.15.1-1 > Severity: grave > > --- Please enter the report below this line. --- > > git 2.15.x from testing can't properly fetch from remote repository: I find myself unable to reproduce the problem: > $ git clone https://github.com/torvalds/linux.git > Cloning into 'linux'... > remote: Counting objects: 5772759, done. > remote: Compressing objects: 100% (945/945), done. > remote: Total 5772759 (delta 852), reused 339 (delta 339), pack-reused 5771475 > Receiving objects: 100% (5772759/5772759), 1.94 GiB | 5.39 MiB/s, done. > Resolving deltas: 100% (4785819/4785819), done. > > git clone https://github.com/torvalds/linux.git 430.98s user 60.46s system > 95% cpu 8:34.72 total > > $ git --version > git version 2.15.1 (Subsequent `git fetch`es worked as intended) Is this the only repository on which you encounter this problem? Can you reliably reproduce it? Can you reproduce it in a fresh git-clone? Best, nicoo signature.asc Description: PGP signature
Bug#858576: python3-seaborn: Missing dependency on python3-tk
Package: python3-seaborn Version: 0.7.1-2 Severity: serious Dear Maintainer, In a Python 3 interpreter, with python3-seaborn freshly installed, `import seaborn` simply fails: > >>> import seaborn > Traceback (most recent call last): > File "/usr/lib/python3.5/tkinter/__init__.py", line 36, in > import _tkinter > ImportError: No module named '_tkinter' > > During handling of the above exception, another exception occurred: > > Traceback (most recent call last): > File "", line 1, in > File "/usr/lib/python3/dist-packages/seaborn/__init__.py", line 6, in > > from .rcmod import * > File "/usr/lib/python3/dist-packages/seaborn/rcmod.py", line 8, in > from . import palettes, _orig_rc_params > File "/usr/lib/python3/dist-packages/seaborn/palettes.py", line 12, in > > from .utils import desaturate, set_hls_values, get_color_cycle > File "/usr/lib/python3/dist-packages/seaborn/utils.py", line 12, in > import matplotlib.pyplot as plt > File "/usr/lib/python3/dist-packages/matplotlib/pyplot.py", line 115, in > > _backend_mod, new_figure_manager, draw_if_interactive, _show = > pylab_setup() > File "/usr/lib/python3/dist-packages/matplotlib/backends/__init__.py", line > 32, in pylab_setup > globals(),locals(),[backend_name],0) > File "/usr/lib/python3/dist-packages/matplotlib/backends/backend_tkagg.py", > line 6, in > from six.moves import tkinter as Tk > File "/usr/lib/python3/dist-packages/six.py", line 92, in __get__ > result = self._resolve() > File "/usr/lib/python3/dist-packages/six.py", line 115, in _resolve > return _import_module(self.mod) > File "/usr/lib/python3/dist-packages/six.py", line 82, in _import_module > __import__(name) > File "/usr/lib/python3.5/tkinter/__init__.py", line 38, in > raise ImportError(str(msg) + ', please install the python3-tk package') > ImportError: No module named '_tkinter', please install the python3-tk package Installing python3-tk solves the issue. Filing as serious, as I believe this is a missing dependency (hence, a severe policy violation). Feel free to readjust this. Best, nicoo -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (900, 'testing'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages python3-seaborn depends on: ii python3-matplotlib 2.0.0+dfsg1-2 ii python3-numpy 1:1.12.0-2 ii python3-pandas 0.19.2-5 ii python3-scipy 0.18.1-2 pn python3:any Versions of packages python3-seaborn recommends: pn python3-bs4 pn python3-patsy python3-seaborn suggests no packages. -- no debconf information
Bug#854517: vagrant-sshfs: Makes vagrant crash with “cannot load translations”
Package: vagrant-sshfs Version: 1.3.0-1 Severity: grave Dear Maintainer, After installing vagrant-sshfs, I cannot run vagrant anymore. > % vagrant init debian/jessie64; vagrant up --provider libvirt > /usr/lib/ruby/vendor_ruby/i18n/backend/base.rb:184:in `rescue in load_yml': > can not load translations from /usr/lib/ruby/locales/synced_folder_sshfs.yml: > # /usr/lib/ruby/locales/synced_folder_sshfs.yml> (I18n::InvalidLocaleData) > from /usr/lib/ruby/vendor_ruby/i18n/backend/base.rb:181:in `load_yml' > from /usr/lib/ruby/vendor_ruby/i18n/backend/base.rb:165:in `load_file' > from /usr/lib/ruby/vendor_ruby/i18n/backend/base.rb:15:in `block in > load_translations' > from /usr/lib/ruby/vendor_ruby/i18n/backend/base.rb:15:in `each' > from /usr/lib/ruby/vendor_ruby/i18n/backend/base.rb:15:in > `load_translations' > from /usr/lib/ruby/vendor_ruby/i18n/backend/simple.rb:57:in > `init_translations' > from /usr/lib/ruby/vendor_ruby/i18n/backend/simple.rb:40:in > `available_locales' > from /usr/lib/ruby/vendor_ruby/i18n/config.rb:43:in `available_locales' > from /usr/lib/ruby/vendor_ruby/i18n/config.rb:49:in > `available_locales_set' > from /usr/lib/ruby/vendor_ruby/i18n.rb:278:in `locale_available?' > from /usr/lib/ruby/vendor_ruby/i18n.rb:284:in > `enforce_available_locales!' > from /usr/lib/ruby/vendor_ruby/i18n.rb:151:in `translate' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/errors.rb:103:in > `translate_error' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/errors.rb:72:in > `initialize' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/plugins/commands/init/command.rb:51:in > `exception' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/plugins/commands/init/command.rb:51:in > `raise' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/plugins/commands/init/command.rb:51:in > `execute' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/cli.rb:42:in > `execute' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/environment.rb:274:in > `cli' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/bin/vagrant:122:in > `' > from /usr/bin/vagrant:22:in `load' > from /usr/bin/vagrant:22:in `' > /usr/lib/ruby/vendor_ruby/i18n/backend/base.rb:184:in `rescue in load_yml': > can not load translations from /usr/lib/ruby/locales/synced_folder_sshfs.yml: > # /usr/lib/ruby/locales/synced_folder_sshfs.yml> (I18n::InvalidLocaleData) > from /usr/lib/ruby/vendor_ruby/i18n/backend/base.rb:181:in `load_yml' > from /usr/lib/ruby/vendor_ruby/i18n/backend/base.rb:165:in `load_file' > from /usr/lib/ruby/vendor_ruby/i18n/backend/base.rb:15:in `block in > load_translations' > from /usr/lib/ruby/vendor_ruby/i18n/backend/base.rb:15:in `each' > from /usr/lib/ruby/vendor_ruby/i18n/backend/base.rb:15:in > `load_translations' > from /usr/lib/ruby/vendor_ruby/i18n/backend/simple.rb:57:in > `init_translations' > from /usr/lib/ruby/vendor_ruby/i18n/backend/simple.rb:40:in > `available_locales' > from /usr/lib/ruby/vendor_ruby/i18n/config.rb:43:in `available_locales' > from /usr/lib/ruby/vendor_ruby/i18n/config.rb:49:in > `available_locales_set' > from /usr/lib/ruby/vendor_ruby/i18n.rb:278:in `locale_available?' > from /usr/lib/ruby/vendor_ruby/i18n.rb:284:in > `enforce_available_locales!' > from /usr/lib/ruby/vendor_ruby/i18n.rb:151:in `translate' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/plugins/providers/virtualbox/provider.rb:102:in > `state' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/machine.rb:506:in > `state' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/machine.rb:145:in > `initialize' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/vagrantfile.rb:79:in > `new' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/vagrantfile.rb:79:in > `machine' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/environment.rb:635:in > `machine' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/plugin/v2/command.rb:177:in > `block in with_target_vms' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/plugin/v2/command.rb:201:in > `block in with_target_vms' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/plugin/v2/command.rb:183:in > `each' > from > /usr/share/rubygems-integration/all/gems/vagrant-1.9.1/lib/vagrant/plugin/v2/command.rb:183:in > `with_target_vms' > from >
Bug#851513: Build fails with Linux kernel 4.9.0
Package: zfs-dkms Version: 0.6.5.8-3 Followup-For: Bug #851513 -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Confirmed not working in stretch. See attached make.log - -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (900, 'testing'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages zfs-dkms depends on: ii debconf [debconf-2.0] 1.5.59 ii dkms 2.3-2 ii lsb-release9.20161125 ii spl-dkms 0.6.5.8-3 Versions of packages zfs-dkms recommends: pn zfs-zed ii zfsutils-linux 0.6.5.8-3 zfs-dkms suggests no packages. - -- debconf information: * zfs-dkms/note-incompatible-licenses: zfs-dkms/stop-build-for-32bit-kernel: true zfs-dkms/stop-build-for-unknown-kernel: true -BEGIN PGP SIGNATURE- iQJNBAEBCgA3FiEEiWEbFKE2h/s1SpJPnU+IAQz+GeMFAliQvtYZHG5pY29sYXNA YnJhdWQtc2FudG9uaS5ldQAKCRCdT4gBDP4Z43UID/9nsoTM9YLXQSvfQmnLmOdT 0MF+7JB98jJZ6ZwmdY5Ub+n7jSLUefNGcpSgi5+5Howu0vv1xPX261jjCHzzJne9 AvkUepTWPiwEP+b38mHAQyPJ5AHF38fBtqX37kZwHc+RtyzFiqcV3F/MDezRqCCN fEFornUBASISeaZ8fHmE9pTG2RkCKQAVytLQqStvTUZ7l536jQCWdpccOigJ1OcS 2vNu+PJiKgNXXR6hhxjFc0Nv2dNDZanQVms/dSubLgQ38w6cUjMDS/ON4IesGXYD Sl7H9up3x8vPW4vQFhsSkX9EnskE8MG+owPuxsF3qsbxK6l0TKHtkLHaStoJl2ou amb6ivHjhj/x6kfGE2AI0pbjm6Kmf72thu2KcZXkpAWQqnnxA6TDQur/59zCSlxm WT87qBc8tRbrzrKY/gNeGMQbVjC9+QWm81tglXaBnLv/dQWANXRQ1WDMAP2LnXwG vZ5w9DZUpsZLsDgOP631/KhTIaa9IC79etdyaqTpfZAfo9H3L693iOPrHOAzIZTl uC+4zZE2yBCYOE5bFIDg8xOkO889VhyYMv8mNxwd3RTcLEZDw06CWMLkzQcRBnOk L0HpYz6gYOgHvZTs9SM7C9yCjnY12OtimZwR5wzOs1wyxtmCse1PPWhWGa4Jf5KO aWQrK6pC1I1R4ZsDKiCJUA== =l9wm -END PGP SIGNATURE- DKMS make.log for zfs-0.6.5.8 for kernel 4.9.0-1-amd64 (x86_64) Tue Jan 31 13:44:17 CET 2017 make all-recursive make[1]: Entering directory '/var/lib/dkms/zfs/0.6.5.8/build' Making all in module make[2]: Entering directory '/var/lib/dkms/zfs/0.6.5.8/build/module' make -C /lib/modules/4.9.0-1-amd64/build SUBDIRS=`pwd` O=/lib/modules/4.9.0-1-amd64/build CONFIG_ZFS=m modules make[3]: Entering directory '/usr/src/linux-headers-4.9.0-1-amd64' CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/avl/avl.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/nvpair/nvpair.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/unicode/u8_textprep.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zcommon/zfs_deleg.o /var/lib/dkms/zfs/0.6.5.8/build/module/avl/avl.c: In function ‘avl_add’: /var/lib/dkms/zfs/0.6.5.8/build/module/avl/avl.c:647:2: warning: ‘where’ may be used uninitialized in this function [-Wmaybe-uninitialized] avl_insert(tree, new_node, where); ^ LD [M] /var/lib/dkms/zfs/0.6.5.8/build/module/avl/zavl.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/arc.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zcommon/zfs_prop.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/nvpair/fnvpair.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zcommon/zprop_common.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/unicode/uconv.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/nvpair/nvpair_alloc_spl.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/nvpair/nvpair_alloc_fixed.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zcommon/zfs_namecheck.o LD [M] /var/lib/dkms/zfs/0.6.5.8/build/module/unicode/zunicode.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zcommon/zfs_comutil.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/blkptr.o LD [M] /var/lib/dkms/zfs/0.6.5.8/build/module/nvpair/znvpair.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zpios/pios.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/bplist.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zcommon/zfs_fletcher.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zcommon/zfs_uio.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/bpobj.o LD [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zpios/zpios.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/dbuf.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zcommon/zpool_prop.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/dbuf_stats.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/bptree.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/ddt.o LD [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zcommon/zcommon.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/ddt_zap.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/dmu.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/dmu_diff.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/dmu_object.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/dmu_objset.o CC [M] /var/lib/dkms/zfs/0.6.5.8/build/module/zfs/dmu_send.o CC [M]
Bug#837026: {t,}csh FTBFS
Hi, I was working on this today at the Salzburg BSP and should finish tomorrow. Best, nicoo
Bug#838748: Patch pending for cloud-init bugs 838748, 780637 and 695327
Control: tag -1 pending X-Debbugs-CC: hol...@debian.org Hi, I prepared an upload for a new version of cloud-init which fixes (among other things) this bug. It is currently available in the v0.7.8/master branch on alioth. Should I NMU this? Best, nicoo signature.asc Description: PGP signature
Bug#832877: Bug #832877: mathcomp: FTBFS: build-dependency not installable: libssreflect-coq (>= 1.5)
Hi Lucas, Your report is in essence a duplicate of #832877 (which is assigned to ssreflect). There is an upload pending that solves this issue ;) Best, nicoo PS: I'm not merging those bugs, since they are assigned to different source packages; after the upload, ssreflect will be built by the mathcomp source package. signature.asc Description: PGP signature
Bug#815684: Bug#813596: coq-float and why cannot be built with Coq 8.5 (Bugs #813596 and #815684)
Control: tag -1 upstream On Sat, Jul 23, 2016 at 08:35:15PM +0200, Ralf Treinen wrote: > > Why also does not compile with the current vesion of why3. I talked > to why upstream about this a few days ago. There will be a new upstream > release of why soon which will fix this. I suspect this will also > fix compilation whith coq-8.5. > > I also asked him whether it stills makes sense to maintain a package > for why and was told that yes, since why3 does not yet support > interfaces to frama-c and krakakoa. > > I don't know about coq-float, though. That's great news! Thanks a lot :)
Bug#731400: Future of camlduce (Debian bug #731400)
Hi Stéphane, camlduce is not compilable since 2013, and requires an update upstream to make it work with recent versions of OCaml. Since you are the upstream developer, I would like to ask you if there are any plans to make this happen in the forseeable future. If not, would you be OK with camlduce being removed from Debian unstable? Best regards, nicoo
Bug#742881: Bug #742881: missing license in debian/copyright
Control: tag -1 pending Hi, I prepared an upload for a new upstream version of camlpdf. As part of this, I updated the copyright information. Best, nicoo
Bug#813459: Bug #813459: aac-tactics: FTBFS: Error: The constructor vcons (in type vT) expects 2 arguments
Control: tag -1 pending Hi, I prepared an upload for an up-to-date version of aac-tactics, which (obviously) solves the FTBFS. I should push it to alioth in the evening. Best, nicoo
Bug#813596: coq-float and why cannot be built with Coq 8.5 (Bugs #813596 and #815684)
Hi, coq-float and why cannot build under Coq 8.5, leading to two FTBFS bugs. (Note: This is about why, not why3) I confirmed that (beyond some mild build-system breakage) the issues are due to changes in Coq, and neither are still maintained upstream. As such, I would like to suggest we delete those packages: they are not buildable anymore, are not maintained anymore, and taking up maintainership ourselves sounds like a losing proposal. Best, nicoo
Bug#829237: Bug #829237: systemd-docker: FTBFS
Control: block -1 by 830478 Hi, I attempted to fix this, and it seems to be a simple missing Build-Depends. However, I discovered that the dependency installs its source in the wrong directory. The fix is thus blocked on #830478 Best, nicoo
Bug#830478: golang-github-docker-docker-dev installs source to /usr/share/gocode/github.com/docker/docker
Package: golang-github-docker-docker-dev Severity: serious Dear Maintainer, While working on #829237 (FTBFS on systemd-docker), I discovered that golang-github-docker-docker-dev installs its source under /usr/share/gocode/${DH_GOPKG} rather than /usr/share/gocode/src/${DH_GOPKG}. Best, nicoo -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (900, 'testing'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#752208: [unison-gtk] Doesn't synchronize windows fat subfolders
Control: tags -1 + moreinfo Control: severity -1 important Control: retitle -1 unison fails to synchronize FS modified under Windows Hi, According to the documentation, only file timestamps are used, not directory timestamps, and fastchecks can be disabled: https://www.cis.upenn.edu/~bcpierce/unison/download/releases/stable/unison-manual.html#fastcheck I'm reducing the severity to “important”, given that: - the issue only occurs in a very specific corner-case: a FS modified under Windows is subsequently mounted on Linux and synchronized from there (with the default fastcheck setting); - the issue can be easily worked around by disabling fastcheck. I tested using a Windows 8 VM and a FAT32 volume that I shared with my Linux host, and was able to synchronize properly with fastcheck disabled. Could you confirm that this was the issue you encountered (your initial bug report was a bit unclear) and that disabling fastcheck indeed solves it? Best, nicoo signature.asc Description: PGP signature
Bug#820690: libu2f-server: FTBFS - missing build-dep libglib2.0-dev
Control: tags -1 - patch + pending The patch was merged in the packaging repo a month ago. Please upload the updated package. signature.asc Description: PGP signature
Bug#820690: libu2f-server: FTBFS - missing build-dep libglib2.0-dev
Control: tags -1 patch Hi, A patch was submitted, as a pull request against the packaging repo[0]. [0] https://github.com/Yubico/libu2f-server-dpkg/pull/1 signature.asc Description: PGP signature
Bug#820686: libu2f-host: FTBFS - missing build-dep libglib2.0-dev
Control: tags -1 patch The previous patch contained a typo in the changelog. Please find enclosed a fixed version. Best, nicoo From e8a764087c88dc569f5d264cf9e28845499a0efb Mon Sep 17 00:00:00 2001 From: Nicolas Braud-Santoni <nico...@braud-santoni.eu> Date: Mon, 9 May 2016 00:23:54 +0200 Subject: [PATCH] Fix dependencies and bump Standards-Version --- debian/changelog | 6 ++ debian/control | 5 +++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index 5f2a95b..02f0584 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +libu2f-host (1.0.0-3) unstable; urgency=medium + + * Fix dependencies (libjson & glib2.0) (Closes: 820686). + + -- + libu2f-host (1.0.0-2) UNRELEASED; urgency=low * Add gbp.conf. diff --git a/debian/control b/debian/control index acc2b87..3e8c507 100644 --- a/debian/control +++ b/debian/control @@ -5,14 +5,15 @@ Section: utils Priority: extra Build-Depends: debhelper (>= 9), pkg-config, + libglib2.0-dev, libhidapi-dev, - libjson0-dev, + libjson-c-dev, gengetopt, help2man, dh-autoreconf, gtk-doc-tools, dblatex -Standards-Version: 3.9.6 +Standards-Version: 3.9.8 Homepage: https://developers.yubico.com/libu2f-host/ Vcs-Git: git://github.com/Yubico/libu2f-host-dpkg.git Vcs-Browser: https://github.com/Yubico/libu2f-host-dpkg -- 2.8.1 signature.asc Description: PGP signature
Bug#820686: libu2f-host: FTBFS - missing build-dep libglib2.0-dev
Dear maintainer, Here is a patch fixing the build failure. I also took the opportunity to bump the Standards-Version (after checking that the package was compliant). There remains a Lintian warning about debian/copyright containing multiple licences under the same name, but I'm not sure how to handle the “messy” situation here. Please consider merging and uploading this patch soon, as the package is due for removal on the 25th. In case you do not have the time or inclination to maintain it anymore, please consider putting it in collab-maint. Best, nicoo From cb99d35f7cb0abf91d40403201a66895ee8f6c35 Mon Sep 17 00:00:00 2001 From: Nicolas Braud-Santoni <nico...@braud-santoni.eu> Date: Mon, 9 May 2016 00:23:54 +0200 Subject: [PATCH] Fix dependencies and bump Standards-Version --- debian/changelog | 6 ++ debian/control | 5 +++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index 5f2a95b..5da36c5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +libu2f-host (1.0.0-3) unstable; urgency=medium + + * Fix dependencies (libjson & glib2.0) (closes 820686). + + -- + libu2f-host (1.0.0-2) UNRELEASED; urgency=low * Add gbp.conf. diff --git a/debian/control b/debian/control index acc2b87..3e8c507 100644 --- a/debian/control +++ b/debian/control @@ -5,14 +5,15 @@ Section: utils Priority: extra Build-Depends: debhelper (>= 9), pkg-config, + libglib2.0-dev, libhidapi-dev, - libjson0-dev, + libjson-c-dev, gengetopt, help2man, dh-autoreconf, gtk-doc-tools, dblatex -Standards-Version: 3.9.6 +Standards-Version: 3.9.8 Homepage: https://developers.yubico.com/libu2f-host/ Vcs-Git: git://github.com/Yubico/libu2f-host-dpkg.git Vcs-Browser: https://github.com/Yubico/libu2f-host-dpkg -- 2.8.1 signature.asc Description: PGP signature