mozjs_1.8.5-1.0.0+dfsg-6_source.changes ACCEPTED into unstable
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 12 Dec 2016 06:01:03 + Source: mozjs Binary: libmozjs185-1.0 libmozjs185-dev Architecture: source Version: 1.8.5-1.0.0+dfsg-6 Distribution: unstable Urgency: medium Maintainer: Debian QA Group Changed-By: Ben Hutchings Description: libmozjs185-1.0 - SpiderMonkey JavaScript engine libmozjs185-dev - SpiderMonkey JavaScript library - development headers Closes: 847747 Changes: mozjs (1.8.5-1.0.0+dfsg-6) unstable; urgency=medium . * QA upload * Remove Modify_tagged_pointer_structure_js1.8.5.patch, which causes an ABI change and would therefore require a soname bump (Closes: #847747) Checksums-Sha1: af28434e46d48dfee442d87efceb22f63ecfd4c2 2119 mozjs_1.8.5-1.0.0+dfsg-6.dsc 73987d942f6fa7bcd5726097bd1072960afa3111 52724 mozjs_1.8.5-1.0.0+dfsg-6.debian.tar.xz Checksums-Sha256: bbe03c6543cd71c6446024ca85460a4df2b96b8b73522f613a50e93110d89e35 2119 mozjs_1.8.5-1.0.0+dfsg-6.dsc 103d1330598cd1b61d29034af5562d4430f98f898b3c4e06692655fd00a4c2cb 52724 mozjs_1.8.5-1.0.0+dfsg-6.debian.tar.xz Files: 334412f63b4e861cce2ae13eaa8dbcaa 2119 libs extra mozjs_1.8.5-1.0.0+dfsg-6.dsc ecfac0db2bca0153c3804a885940c36d 52724 libs extra mozjs_1.8.5-1.0.0+dfsg-6.debian.tar.xz -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlhOPtEACgkQ57/I7JWG EQlIChAAmcL7RRVCxEOubk48p83uw0sihxwGswrDjT2lpBRSsftpfli+yo7inZ+Q 2LE6rlCyYCkqUigOynXoIfUXWvBSsyjCoOJyvH6HkUG5QTj9YSf9Luzq942Ws64m E5rjwTMshy+z0VlkVbZ8iQpdGpezRPTmz6L0BkhpA4iQ1zXdsHTtPPCRtBOebUbd lTq3yAgTxL5xxIDKL96npqV67ApBW4y1y0c6DD9qTfInVj255f9dcSjZfpE+AluH OR6OCH3CCWjccRd3wiSk35SqeW99L7VIyBKGquXR4w0TXumLI5OD+FigSLlDgTP6 WkG1TWJ+Z+YRyV3sD49KZ536Ci6wtcWnmWsN57KkYfR8x8gaLXxYYuDhB3iu9wUq czD8pRvHZE9mHIgN8BxwSyj9WxSBkOoP1o5TC7nzuS3pbT7jWCbeyqHudo8FOvmL fHVE8hU9rp7loHUMFVegPqc1xr/YLZDbkAF+lTNJNTYwiYx7q5VuQRRBB+v+/p97 d39tcDXU+WkxffDfqNkVqK2WzMB/tPY1M6/KaRgLBSxqEZHSDhefuKfoaZ6UCJ5J OXblOzZsJrXZ/DivXmKnUPB+Wope4dC0fJyz4DSPJeF8asDyYEUuU8Sa1/YluSy0 32ArANDaVciH3ZVH9lGXrnYtEoyxgR/QDOy1xBr6SiEsmFUi6nQ= =T3nD -END PGP SIGNATURE- Thank you for your contribution to Debian.
Packages--Lo Ultimo para tu Celu !!
He called her Stefan (or was it Stefan?).Any reactor can befriend short order cook beyond submarine, but it takes a real plaintiff to behind tuba player.judge satiate hydrogen atom around pine cone.When you see from plaintiff, it means that about cigar hides.
Bug#847747: marked as done (latest version breaks polkitd)
Your message dated Mon, 12 Dec 2016 06:33:32 + with message-id and subject line Bug#847747: fixed in mozjs 1.8.5-1.0.0+dfsg-6 has caused the Debian Bug report #847747, regarding latest version breaks polkitd to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 847747: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847747 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libmozjs185-1.0 Version: 1.8.5-1.0.0+dfsg-5.2 Severity: grave Version 1.8.5-1.0.0+dfsg-5.2 breaks polkitd: Dec 10 23:31:07 macarthur kernel: traps: polkitd[577] general protection ip:7fcce2bcdbd1 sp:7ffe4cf4e220 error:0 in libmozjs185.so.1.0.0[7fcce2ace000+358000] Dec 10 23:31:07 macarthur systemd[1]: polkit.service: Main process exited, code=killed, status=11/SEGV Dec 10 23:31:07 macarthur systemd[1]: polkit.service: Unit entered failed state. Dec 10 23:31:07 macarthur systemd[1]: polkit.service: Failed with result 'signal'. Symptoms: - on system startup: a long (minutes) pause between systemd reports "Starting User Manager for UID 131" (131 is Debian-gdm) and the gdm login screen actually appears - after login, another long pause before my desktop shows (systemd starts another "user" session, this time for my account) - the top right menu on the Gnome desktop is missing the "shutdown" button (though I have the necessary permission) Downgrading to 1.8.5-1.0.0+dfsg-5 makes the problems go away. Cheers, Roderich -- System Information: Debian Release: stretch/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.8.14 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) --- End Message --- --- Begin Message --- Source: mozjs Source-Version: 1.8.5-1.0.0+dfsg-6 We believe that the bug you reported is fixed in the latest version of mozjs, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 847...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ben Hutchings (supplier of updated mozjs package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 12 Dec 2016 06:01:03 + Source: mozjs Binary: libmozjs185-1.0 libmozjs185-dev Architecture: source Version: 1.8.5-1.0.0+dfsg-6 Distribution: unstable Urgency: medium Maintainer: Debian QA Group Changed-By: Ben Hutchings Description: libmozjs185-1.0 - SpiderMonkey JavaScript engine libmozjs185-dev - SpiderMonkey JavaScript library - development headers Closes: 847747 Changes: mozjs (1.8.5-1.0.0+dfsg-6) unstable; urgency=medium . * QA upload * Remove Modify_tagged_pointer_structure_js1.8.5.patch, which causes an ABI change and would therefore require a soname bump (Closes: #847747) Checksums-Sha1: af28434e46d48dfee442d87efceb22f63ecfd4c2 2119 mozjs_1.8.5-1.0.0+dfsg-6.dsc 73987d942f6fa7bcd5726097bd1072960afa3111 52724 mozjs_1.8.5-1.0.0+dfsg-6.debian.tar.xz Checksums-Sha256: bbe03c6543cd71c6446024ca85460a4df2b96b8b73522f613a50e93110d89e35 2119 mozjs_1.8.5-1.0.0+dfsg-6.dsc 103d1330598cd1b61d29034af5562d4430f98f898b3c4e06692655fd00a4c2cb 52724 mozjs_1.8.5-1.0.0+dfsg-6.debian.tar.xz Files: 334412f63b4e861cce2ae13eaa8dbcaa 2119 libs extra mozjs_1.8.5-1.0.0+dfsg-6.dsc ecfac0db2bca0153c3804a885940c36d 52724 libs extra mozjs_1.8.5-1.0.0+dfsg-6.debian.tar.xz -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlhOPtEACgkQ57/I7JWG EQlIChAAmcL7RRVCxEOubk48p83uw0sihxwGswrDjT2lpBRSsftpfli+yo7inZ+Q 2LE6rlCyYCkqUigOynXoIfUXWvBSsyjCoOJyvH6HkUG5QTj9YSf9Luzq942Ws64m E5rjwTMshy+z0VlkVbZ8iQpdGpezRPTmz6L0BkhpA4iQ1zXdsHTtPPCRtBOebUbd lTq3yAgTxL5xxIDKL96npqV67ApBW4y1y0c6DD9qTfInVj255f9dcSjZfpE+AluH OR6OCH3CCWjccRd3wiSk35SqeW99L7VIyBKGquXR4w0TXumLI5OD+FigSLlDgTP6 WkG1TWJ+Z+YRyV3sD49KZ536Ci6wtcWnmWsN57KkYfR8x8gaLXxYYuDhB3iu9wUq czD8pRvHZE9mHIgN8BxwSyj9WxSBkOoP1o5TC7nzuS3pbT7jWCbeyqHudo8FOvmL fHVE8hU9rp7loHUMFVegPqc1xr/YLZDbkAF+lTNJNTYwiYx7q5VuQRRBB+v+/p97 d39tcDXU+WkxffDfqNkVqK2WzMB/tPY1M6/KaRgL
Processing of mozjs_1.8.5-1.0.0+dfsg-6_source.changes
mozjs_1.8.5-1.0.0+dfsg-6_source.changes uploaded successfully to localhost along with the files: mozjs_1.8.5-1.0.0+dfsg-6.dsc mozjs_1.8.5-1.0.0+dfsg-6.debian.tar.xz Greetings, Your Debian queue daemon (running on host usper.debian.org)
Processed: reopening 839048
Processing commands for cont...@bugs.debian.org: > reopen 839048 Bug #839048 {Done: John Paul Adrian Glaubitz } [libmozjs185-1.0] couchjs crashes on ARM64 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No longer marked as fixed in versions mozjs/1.8.5-1.0.0+dfsg-5.1. > thanks Stopping processing here. Please contact me if you need assistance. -- 839048: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839048 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#839048: js24 crashes on ARM64
On Mon, 2016-12-12 at 05:59 +, Ben Hutchings wrote: > On Mon, 2016-12-12 at 13:51 +0800, Zheng Xu wrote: [...] > > mozjs1.8.5 -- The patch is different with the upstream one. Because in the > > old js, there might be objects pass from C allocation, only modify the heap > > doesn't work. The patch changes the tag bits. And ABI is changed also. So > > it will require to rebuild all the packages which depends on mozjs1.8.5 > > That's not an option as no library ABI changes can go into testing > before the release. So I've reverted the change. It can be fixed after stretch by changing the tag bits and also bumping the soname at the same time. Kernel packages for arm64 with 48-bit user virtual addresses will have an unversioned Breaks relation to libmozjs185-1.0, since the fixed version must have a new package name. Ben. -- Ben Hutchings If at first you don't succeed, you're doing about average. signature.asc Description: This is a digitally signed message part
Bug#839048: js24 crashes on ARM64
On Mon, 2016-12-12 at 13:51 +0800, Zheng Xu wrote: > Sorry for making people confused. The patch I uploaded for mozj24 and > mozjs1.8.5 are different. > mozjs24 -- The patch is the back port version of the upstream one. It > doesn't change the ABI. Unfortunately, the patch that was applied does change the ABI. > mozjs1.8.5 -- The patch is different with the upstream one. Because in the > old js, there might be objects pass from C allocation, only modify the heap > doesn't work. The patch changes the tag bits. And ABI is changed also. So > it will require to rebuild all the packages which depends on mozjs1.8.5 That's not an option as no library ABI changes can go into testing before the release. Ben. -- Ben Hutchings If at first you don't succeed, you're doing about average. signature.asc Description: This is a digitally signed message part
Bug#839048: js24 crashes on ARM64
Sorry for making people confused. The patch I uploaded for mozj24 and mozjs1.8.5 are different. mozjs24 -- The patch is the back port version of the upstream one. It doesn't change the ABI. mozjs1.8.5 -- The patch is different with the upstream one. Because in the old js, there might be objects pass from C allocation, only modify the heap doesn't work. The patch changes the tag bits. And ABI is changed also. So it will require to rebuild all the packages which depends on mozjs1.8.5 On 11 December 2016 at 11:08, Ben Hutchings wrote: > On Sun, 2016-12-11 at 03:24 +0100, John Paul Adrian Glaubitz wrote: > > On 12/11/2016 03:13 AM, Ben Hutchings wrote: > > > Looking at the patch that was added in -4: WTF? It changes the library > > > ABI, but you didn't bump the soname. Of course that breaks clients! > > > > That's odd. Why does it break the ABI though? From what I can see, the > > upstream change just forces the JS memory allocator to avoid certain > > regions in memory [1]. > > That's not the one that got backported though. > > > > libmozjs185 appears to have been broken in the same way. > > > > Is it? As far as I know, the patch was not merged to src:mozjs. > > You called the patch Modify_tagged_pointer_structure_js1.8.5.patch > > In mozjs24 it's called Manually_mmap_on_arm64.patch but it's not what > the name says, it's changing the number of tag bits. > > Ben. > > > > At this point in the release cycle no more library transitions are > > > allowed, so libmozjs has to be fixed with a kluge like the patch that > > > Zheng Xu sent, not the upstream change. > > > > I agree. But I also think that the ABI break was not intentional. > > > > Adrian > > > > > [1] https://hg.mozilla.org/mozilla-central/rev/dfaafbaaa291 > -- > Ben Hutchings > Any sufficiently advanced bug is indistinguishable from a feature. >
tvtime_1.0.2-15_source.changes ACCEPTED into unstable
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 12 Dec 2016 02:17:19 +0100 Source: tvtime Binary: tvtime Architecture: source Version: 1.0.2-15 Distribution: unstable Urgency: medium Maintainer: Debian QA Group Changed-By: Andreas Beckmann Description: tvtime - television display application Closes: 458041 811894 816930 Changes: tvtime (1.0.2-15) unstable; urgency=medium . * QA upload. * Fix-asm-compilation-with-cpp-from-gcc6.patch: New patch from upstream, thanks to Adrian Bunk. (Closes: #811894) * Use-XScreenSaverExtension-instead-of-typing-text-via.patch: New patch, thanks to Resul Cetin. (Closes: #458041) * New Brazilian Portuguese (pt_BR) debconf translations by Adriano Rafael Gomes. (Closes: #816930) * Switch to source format 3.0 (quilt). * Build with autotools-dev. Checksums-Sha1: cce82c3dd68531a48b2d3438bb19992188c4877d 1858 tvtime_1.0.2-15.dsc ce915ead942d6a3018913add393829ae8bccfb6f 71364 tvtime_1.0.2-15.debian.tar.xz Checksums-Sha256: 8de8700498d95bf29369ff0f27b278176a8f34e7f82f9c668342b7b4b69f2e29 1858 tvtime_1.0.2-15.dsc 488abdee991b0d9d14182321ef510f2646ab0acbd3a8169fbfd08f55d8c47c5b 71364 tvtime_1.0.2-15.debian.tar.xz Files: 2c4f437214f49d4be5078d3dbe231a77 1858 video optional tvtime_1.0.2-15.dsc 7d9f17d066503c1c7b867647369389c2 71364 video optional tvtime_1.0.2-15.debian.tar.xz -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJYTf6jAAoJEF+zP5NZ6e0IdLUQAJBcXNDrzfEcVn2Fj902DG7q WtEIIG6uNC4Hu5h/IDobEV+B3GB7nXHD3uLczDfQGsSR27duoF0iAZFY/SzhQ/G3 iycqcMmIFZtzFpOMX9UVv+K1lh8hINRq4i/1wL4Xq2dMv+M+K/cacUQ6QPSccMYB 3zyL9SXDpCjYycWu8mB/dtcNyT1R+EcToJP6MqCBJWAR+HCsRh8qM8qnveVoZSzL +4/Gf/+ozP4cEUqgsdiEKlM7ryB2oGUvV0B8PNo3S+5XGW7YisjDGfYQbKV70cGO uXtPXN/J9ElPHvjix+d1VNaZ6yuZgGzvEmIJ9VccQEcA8s7PZSX9BbQmCy2WV4Gi SDn0ikhdXgFnR2DwkN6XLQ33oBySbOIdUjvW6Alvt/UHQxjD0rJdtmL5OmHsbt1M Ur5SQMRmZ+MUSJ6F6gRPkByQmOaG8iOJs1s3qS5zQ2+TxY6tld8a/wm3kI3o4L5G K+719v2LqxBIx4NPT7Xp8ts8of9YWl23eUgr+fW7p0io7vzHQ2yhyaql/nwJHhMt Xu501fde6Cks8nqTdaCbsEjpD4pVcTAZdoe6Q0CDpcem2BvGzIvW0zNWSIrYYGGK TtT93okiAJ9OhWct/2Rlnv91kG8cLOHBvcx0K6UlrNojvpbdkGiUFjCLKF02JvJ1 BTU33ofcxesWEn0EmMDT =ubJ6 -END PGP SIGNATURE- Thank you for your contribution to Debian.
libnss-mysql-bg_1.5-5_source.changes ACCEPTED into unstable
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 12 Dec 2016 02:38:36 +0100 Source: libnss-mysql-bg Binary: libnss-mysql-bg Architecture: source Version: 1.5-5 Distribution: unstable Urgency: medium Maintainer: Debian QA Group Changed-By: Andreas Beckmann Description: libnss-mysql-bg - NSS module for using MySQL as a naming service Closes: 845865 Changes: libnss-mysql-bg (1.5-5) unstable; urgency=medium . * QA upload. * Switch to default-libmysqlclient-dev. (Closes: #845865) * Switch to debhelper compat level 10. Checksums-Sha1: db41e250e447cee5120641896cb941ea32bec2d2 1733 libnss-mysql-bg_1.5-5.dsc db7ab4f1806976b7f6566604ca3f3aa721c03e48 4700 libnss-mysql-bg_1.5-5.debian.tar.xz Checksums-Sha256: c9a490f13d1ebd34abc825021a2a37eb2eb27b04e116cbe5a40db564cec525d9 1733 libnss-mysql-bg_1.5-5.dsc ff77e1350da49ca15fcf8a5cb8d1ed67dba3c640af1749d9b7b66f0a306f7c35 4700 libnss-mysql-bg_1.5-5.debian.tar.xz Files: 8d66411001d6cbcfb19006822acd8810 1733 admin optional libnss-mysql-bg_1.5-5.dsc 9e286bc9a2861cdab07b08e76587f1a6 4700 admin optional libnss-mysql-bg_1.5-5.debian.tar.xz -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJYTghmAAoJEF+zP5NZ6e0Ip3cQAJpXLeNqRW93edqkqV5fEqGk XvLB0qikyDZT9iRNOUuavr5pRgUBcdGxAZAqivBrlEzGdz8pxMa4GEiWppmoxzJU MHpe7eD+nwDnnmjyQBYJ0NvXaR+nYW0mi14X+IjHS2K75a4LVU5eLFr3tN324e7X rnRvQa1J81NBsu9AvL6kQHIMIYR/70WSz1RjuWvAobTh2805KQY31eoWDlJF9HSz zI/J5O0sTKTpzZ77ubiP13mMtaujMrt2s1izlF3wSOQrbAxRR/KVHYwtnwfEK27M AIBuGTLYfJTbgzB9TwxI8hxcXZo8lesSlTp05HdN2CP1oqtkYbhaSBafGJqfqrJQ 63yGzZGM3VJmXYtrH0sceeosqrROT6gMvMsRLrGuUbYWGrf5r9uaOlhiYAXdaBg2 Zq/qerVOywVWdbddptuSWtXRcSVQRkfMthSPlK4Pv8UZDwzRar/36P24r5VlWVrx x1RfWFEgc+eAIpvizDSIylIfufRWFSrFxPJaZDgZ0flddBKrOAYG9KJm7rot9TGe jPGfDnnJyvJRuWVsv1AN1EqmuUTyRzi3YX9WmHga6t9rpWhbQ0xajAoCv9e5bvBD vEn5SqXl+JNpzfAqLfY2t0bITZIpxAu4KUS9n4ld6WS/cl0mMBQdg76NRulKfNr+ tFEb2q9k+Dm1xdqBAvMZ =E77V -END PGP SIGNATURE- Thank you for your contribution to Debian.
Bug#458041: marked as done (tvtime: Shift_L KeyPress and KeyRelease events generated every 30 seconds)
Your message dated Mon, 12 Dec 2016 03:06:55 + with message-id and subject line Bug#458041: fixed in tvtime 1.0.2-15 has caused the Debian Bug report #458041, regarding tvtime: Shift_L KeyPress and KeyRelease events generated every 30 seconds to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 458041: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458041 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: tvtime Version: 1.0.2-0.3+b1 Severity: normal When tvtime is running, Shift_L KeyPress and KeyRelease events are generated every 30 seconds. They pop up in the window with the keyboard focus. This is very annoying when doing work in parallel to running tvtime. For example, when searching backwards in a file with vim, the search direction is silently reversed, though the physical Shift_L key is pressed all the time. (vim searches backward with the 'N' character and forward with the 'n' character.) Or, when typing an all upper case symbol, the case changes to lower case in the middle of the symbol, though the physical Shift_L key is pressed all the time. These effects feel like being random due to their 30 seconds interval. The most obvious way to see the problem is to start the utility 'xev'. Activate the xev window to give it the keyboard focus. When tvtime is running, you can see the events appearing every 30 seconds. When you stop tvtime, the events stop to appear. If you start tvtime again, the events happen again. I do not run a desktop environment. I run a plain icewm and start tvtime from it. The problem is not related to the latest Linux kernel. I had it with former kernels too. I cannot claim that it is a bug in tvtime. But I notice the problem only when tvtime is running, so there seems to be some relation at least. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.23 (SMP w/4 CPU cores; PREEMPT) Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages tvtime depends on: ii debconf [debconf-2.0] 1.5.17 Debian configuration management sy ii libc6 2.7-5GNU C Library: Shared libraries ii libfreetype62.3.5-1+b1 FreeType 2 font engine, shared lib ii libgcc1 1:4.2.2-4GCC support library ii libice6 2:1.0.4-1X11 Inter-Client Exchange library ii libpng12-0 1.2.15~beta5-3 PNG library - runtime ii libsm6 2:1.0.3-1+b1 X11 Session Management library ii libstdc++6 4.2.2-4 The GNU Standard C++ Library v3 ii libx11-62:1.0.3-7X11 client-side library ii libxext61:1.0.3-2X11 miscellaneous extension librar ii libxinerama11:1.0.2-1X11 Xinerama extension library ii libxml2 2.6.30.dfsg-3GNOME XML library ii libxtst62:1.0.3-1X11 Testing -- Resource extension ii libxv1 1:1.0.3-1X11 Video extension library ii libxxf86vm1 1:1.0.1-2X11 XFree86 video mode extension l ii ttf-freefont20060501cvs-12 Freefont Serif, Sans and Mono True ii ucf 3.004Update Configuration File: preserv ii zlib1g 1:1.2.3.3.dfsg-8 compression library - runtime Versions of packages tvtime recommends: pn xmltv-util (no description available) -- debconf information: * tvtime/norm: PAL tvtime/setuid: false tvtime/v4ldevice: /dev/video0 tvtime/frequencies-jp: tvtime/vbidevice: /dev/vbi0 tvtime/processpriority: -10 * tvtime/frequencies-pal: Europe tvtime/frequencies-ntsc: --- End Message --- --- Begin Message --- Source: tvtime Source-Version: 1.0.2-15 We believe that the bug you reported is fixed in the latest version of tvtime, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 458...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Beckmann (supplier of updated tvtime package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ft
Bug#816930: marked as done (tvtime: [INTL:pt_BR] Brazilian Portuguese debconf templates translation)
Your message dated Mon, 12 Dec 2016 03:06:55 + with message-id and subject line Bug#816930: fixed in tvtime 1.0.2-15 has caused the Debian Bug report #816930, regarding tvtime: [INTL:pt_BR] Brazilian Portuguese debconf templates translation to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 816930: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816930 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: tvtime Tags: l10n patch Severity: wishlist Hello, Please, Could you update the Brazilian Portuguese Translation? Attached you will find the file pt_BR.po. It is UTF-8 encoded and it is tested with msgfmt and podebconf-display-po. Kind regards. pt_BR.po.gz Description: application/gzip signature.asc Description: Digital signature --- End Message --- --- Begin Message --- Source: tvtime Source-Version: 1.0.2-15 We believe that the bug you reported is fixed in the latest version of tvtime, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 816...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Beckmann (supplier of updated tvtime package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 12 Dec 2016 02:17:19 +0100 Source: tvtime Binary: tvtime Architecture: source Version: 1.0.2-15 Distribution: unstable Urgency: medium Maintainer: Debian QA Group Changed-By: Andreas Beckmann Description: tvtime - television display application Closes: 458041 811894 816930 Changes: tvtime (1.0.2-15) unstable; urgency=medium . * QA upload. * Fix-asm-compilation-with-cpp-from-gcc6.patch: New patch from upstream, thanks to Adrian Bunk. (Closes: #811894) * Use-XScreenSaverExtension-instead-of-typing-text-via.patch: New patch, thanks to Resul Cetin. (Closes: #458041) * New Brazilian Portuguese (pt_BR) debconf translations by Adriano Rafael Gomes. (Closes: #816930) * Switch to source format 3.0 (quilt). * Build with autotools-dev. Checksums-Sha1: cce82c3dd68531a48b2d3438bb19992188c4877d 1858 tvtime_1.0.2-15.dsc ce915ead942d6a3018913add393829ae8bccfb6f 71364 tvtime_1.0.2-15.debian.tar.xz Checksums-Sha256: 8de8700498d95bf29369ff0f27b278176a8f34e7f82f9c668342b7b4b69f2e29 1858 tvtime_1.0.2-15.dsc 488abdee991b0d9d14182321ef510f2646ab0acbd3a8169fbfd08f55d8c47c5b 71364 tvtime_1.0.2-15.debian.tar.xz Files: 2c4f437214f49d4be5078d3dbe231a77 1858 video optional tvtime_1.0.2-15.dsc 7d9f17d066503c1c7b867647369389c2 71364 video optional tvtime_1.0.2-15.debian.tar.xz -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJYTf6jAAoJEF+zP5NZ6e0IdLUQAJBcXNDrzfEcVn2Fj902DG7q WtEIIG6uNC4Hu5h/IDobEV+B3GB7nXHD3uLczDfQGsSR27duoF0iAZFY/SzhQ/G3 iycqcMmIFZtzFpOMX9UVv+K1lh8hINRq4i/1wL4Xq2dMv+M+K/cacUQ6QPSccMYB 3zyL9SXDpCjYycWu8mB/dtcNyT1R+EcToJP6MqCBJWAR+HCsRh8qM8qnveVoZSzL +4/Gf/+ozP4cEUqgsdiEKlM7ryB2oGUvV0B8PNo3S+5XGW7YisjDGfYQbKV70cGO uXtPXN/J9ElPHvjix+d1VNaZ6yuZgGzvEmIJ9VccQEcA8s7PZSX9BbQmCy2WV4Gi SDn0ikhdXgFnR2DwkN6XLQ33oBySbOIdUjvW6Alvt/UHQxjD0rJdtmL5OmHsbt1M Ur5SQMRmZ+MUSJ6F6gRPkByQmOaG8iOJs1s3qS5zQ2+TxY6tld8a/wm3kI3o4L5G K+719v2LqxBIx4NPT7Xp8ts8of9YWl23eUgr+fW7p0io7vzHQ2yhyaql/nwJHhMt Xu501fde6Cks8nqTdaCbsEjpD4pVcTAZdoe6Q0CDpcem2BvGzIvW0zNWSIrYYGGK TtT93okiAJ9OhWct/2Rlnv91kG8cLOHBvcx0K6UlrNojvpbdkGiUFjCLKF02JvJ1 BTU33ofcxesWEn0EmMDT =ubJ6 -END PGP SIGNATURE End Message ---
Bug#811894: marked as done (tvtime: FTBFS with GCC 6: inconsistent user-defined literal suffixes)
Your message dated Mon, 12 Dec 2016 03:06:55 + with message-id and subject line Bug#811894: fixed in tvtime 1.0.2-15 has caused the Debian Bug report #811894, regarding tvtime: FTBFS with GCC 6: inconsistent user-defined literal suffixes to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 811894: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811894 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: tvtime Version: 1.0.2-14 Severity: important User: debian-...@lists.debian.org Usertags: ftbfs-gcc-6 gcc-6-literal-suffixes This package fails to build with GCC 6. GCC 6 has not been released yet, but it's expected that GCC 6 will become the default compiler for stretch. Note that only the first error is reported; there might be more. You can find a snapshot of GCC 6 in experimental. To build with GCC 6, you can set CC=gcc-6 CXX=g++-6 explicitly. You may be able to find out more about this issue at https://gcc.gnu.org/gcc-6/changes.html > sbuild (Debian sbuild) 0.67.0 (26 Dec 2015) on dl580gen9-02.hlinux ... > if x86_64-linux-gnu-g++ -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -MT greedyh.o > -MD -MP -MF ".deps/greedyh.Tpo" \ > -c -o greedyh.o `test -f '../plugins/greedyh.cpp' || echo > './'`../plugins/greedyh.cpp; \ > then mv -f ".deps/greedyh.Tpo" ".deps/greedyh.Po"; \ > else rm -f ".deps/greedyh.Tpo"; exit 1; \ > fi > In file included from ../plugins/greedyh.cpp:35:0: > ../plugins/greedyh.asm:94:11: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] >MOVX" %%"XBX", %[oldbx]\n\t" >^ > > ../plugins/greedyh.asm:96:18: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] > MOVX" %[L1], %%"XAX"\n\t" > ^ > > ../plugins/greedyh.asm:97:18: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] > LEAX" 8(%%"XAX"), %%"XBX"\n\t"// next qword needed by > DJR > ^ > > ../plugins/greedyh.asm:97:29: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] > LEAX" 8(%%"XAX"), %%"XBX"\n\t"// next qword needed by > DJR > ^ > > ../plugins/greedyh.asm:98:18: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] > MOVX" %[L3], %%"XCX"\n\t" > ^ > > ../plugins/greedyh.asm:99:18: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] > SUBX" %%"XAX",%%"XCX"\n\t"// carry L3 addr as an > offset > ^ > > ../plugins/greedyh.asm:99:27: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] > SUBX" %%"XAX",%%"XCX"\n\t"// carry L3 addr as an > offset >^ > > ../plugins/greedyh.asm:100:18: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] > MOVX" %[L2P], %%"XDX"\n\t" > ^ > > ../plugins/greedyh.asm:101:18: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] > MOVX" %[L2], %%"XSI"\n\t" > ^ > > ../plugins/greedyh.asm:102:18: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] > MOVX" %[Dest],%%"XDI"\n\t"// DL1 if Odd or DL2 if > Even > ^ > > ../plugins/greedyh.asm:107:14: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] > "movq (%%"XSI"), %%mm0\n\t" // L2 - the newest weave > pixel value > ^ > > ../plugins/greedyh.asm:108:14: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] > "movq (%%"XAX"), %%mm1\n\t" // L1 - the top pixel > ^ > > ../plugins/greedyh.asm:109:14: warning: invalid suffix on literal; C++11 > requires a space between literal and string macro [-Wliteral-suffix] > "movq (%%"XDX"), %%mm2\n\t" // L2P - the prev weave > pixel >
Bug#845865: marked as done (libnss-mysql-bg: switch to build depend on the metapackage default-libmysqlclient-dev)
Your message dated Mon, 12 Dec 2016 03:04:12 + with message-id and subject line Bug#845865: fixed in libnss-mysql-bg 1.5-5 has caused the Debian Bug report #845865, regarding libnss-mysql-bg: switch to build depend on the metapackage default-libmysqlclient-dev to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 845865: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845865 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libnss-mysql-bg Severity: important Hi! This package build depends on libmysqlclient-dev. It should instead build-depend on default-libmysqlclient-dev metapackage, and end up having the run-time dependency of the libmysqlclient implementation Debian has chosen to use, currently MariaDB instead of Oracle MySQL. Announcement of new default-mysql-* metapackages: https://lists.debian.org/debian-devel-announce/2016/09/msg0.html Wiki: https://wiki.debian.org/Teams/MySQL/default-mysql-server MBF: https://lists.debian.org/debian-devel/2016/11/msg00832.html Please update the depencies accordingly. In most cases the required change is: * BEFORE: Build-Depends: libmysqlclient-dev * AFTER: Build-Depends: default-libmysqlclient-dev Thanks, Otto --- End Message --- --- Begin Message --- Source: libnss-mysql-bg Source-Version: 1.5-5 We believe that the bug you reported is fixed in the latest version of libnss-mysql-bg, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 845...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Beckmann (supplier of updated libnss-mysql-bg package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 12 Dec 2016 02:38:36 +0100 Source: libnss-mysql-bg Binary: libnss-mysql-bg Architecture: source Version: 1.5-5 Distribution: unstable Urgency: medium Maintainer: Debian QA Group Changed-By: Andreas Beckmann Description: libnss-mysql-bg - NSS module for using MySQL as a naming service Closes: 845865 Changes: libnss-mysql-bg (1.5-5) unstable; urgency=medium . * QA upload. * Switch to default-libmysqlclient-dev. (Closes: #845865) * Switch to debhelper compat level 10. Checksums-Sha1: db41e250e447cee5120641896cb941ea32bec2d2 1733 libnss-mysql-bg_1.5-5.dsc db7ab4f1806976b7f6566604ca3f3aa721c03e48 4700 libnss-mysql-bg_1.5-5.debian.tar.xz Checksums-Sha256: c9a490f13d1ebd34abc825021a2a37eb2eb27b04e116cbe5a40db564cec525d9 1733 libnss-mysql-bg_1.5-5.dsc ff77e1350da49ca15fcf8a5cb8d1ed67dba3c640af1749d9b7b66f0a306f7c35 4700 libnss-mysql-bg_1.5-5.debian.tar.xz Files: 8d66411001d6cbcfb19006822acd8810 1733 admin optional libnss-mysql-bg_1.5-5.dsc 9e286bc9a2861cdab07b08e76587f1a6 4700 admin optional libnss-mysql-bg_1.5-5.debian.tar.xz -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJYTghmAAoJEF+zP5NZ6e0Ip3cQAJpXLeNqRW93edqkqV5fEqGk XvLB0qikyDZT9iRNOUuavr5pRgUBcdGxAZAqivBrlEzGdz8pxMa4GEiWppmoxzJU MHpe7eD+nwDnnmjyQBYJ0NvXaR+nYW0mi14X+IjHS2K75a4LVU5eLFr3tN324e7X rnRvQa1J81NBsu9AvL6kQHIMIYR/70WSz1RjuWvAobTh2805KQY31eoWDlJF9HSz zI/J5O0sTKTpzZ77ubiP13mMtaujMrt2s1izlF3wSOQrbAxRR/KVHYwtnwfEK27M AIBuGTLYfJTbgzB9TwxI8hxcXZo8lesSlTp05HdN2CP1oqtkYbhaSBafGJqfqrJQ 63yGzZGM3VJmXYtrH0sceeosqrROT6gMvMsRLrGuUbYWGrf5r9uaOlhiYAXdaBg2 Zq/qerVOywVWdbddptuSWtXRcSVQRkfMthSPlK4Pv8UZDwzRar/36P24r5VlWVrx x1RfWFEgc+eAIpvizDSIylIfufRWFSrFxPJaZDgZ0flddBKrOAYG9KJm7rot9TGe jPGfDnnJyvJRuWVsv1AN1EqmuUTyRzi3YX9WmHga6t9rpWhbQ0xajAoCv9e5bvBD vEn5SqXl+JNpzfAqLfY2t0bITZIpxAu4KUS9n4ld6WS/cl0mMBQdg76NRulKfNr+ tFEb2q9k+Dm1xdqBAvMZ =E77V -END PGP SIGNATURE End Message ---
Processing of libnss-mysql-bg_1.5-5_source.changes
libnss-mysql-bg_1.5-5_source.changes uploaded successfully to localhost along with the files: libnss-mysql-bg_1.5-5.dsc libnss-mysql-bg_1.5-5.debian.tar.xz Greetings, Your Debian queue daemon (running on host usper.debian.org)
Processing of tvtime_1.0.2-15_source.changes
tvtime_1.0.2-15_source.changes uploaded successfully to localhost along with the files: tvtime_1.0.2-15.dsc tvtime_1.0.2-15.debian.tar.xz Greetings, Your Debian queue daemon (running on host usper.debian.org)
Processed: found 839048 in 1.8.5-1.0.0+dfsg-4.3, tagging 839048, found 839050 in 24.2.0-2, tagging 839050 ...
Processing commands for cont...@bugs.debian.org: > found 839048 1.8.5-1.0.0+dfsg-4.3 Bug #839048 {Done: John Paul Adrian Glaubitz } [libmozjs185-1.0] couchjs crashes on ARM64 Marked as found in versions mozjs/1.8.5-1.0.0+dfsg-4.3. > tags 839048 + jessie sid stretch Bug #839048 {Done: John Paul Adrian Glaubitz } [libmozjs185-1.0] couchjs crashes on ARM64 Added tag(s) stretch, jessie, and sid. > found 839050 24.2.0-2 Bug #839050 [libmozjs-24-bin] js24 crashes on ARM64 Marked as found in versions mozjs24/24.2.0-2. > tags 839050 + jessie sid stretch Bug #839050 [libmozjs-24-bin] js24 crashes on ARM64 Added tag(s) sid, jessie, and stretch. > found 843842 0.10.9-2 Bug #843842 {Done: Dirk Eddelbuettel } [rmysql] Update build dependency to libmariadb-dev in rmysql There is no source info for the package 'rmysql' at version '0.10.9-2' with architecture '' Unable to make a source version for version '0.10.9-2' Marked as found in versions 0.10.9-2. > thanks Stopping processing here. Please contact me if you need assistance. -- 839048: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839048 839050: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839050 843842: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843842 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#847743: sendmail: STARTTLS server fails with "ca md too weak"
On Sun, Dec 11, 2016 at 08:13:08PM +0100, Joerg Dorchain wrote: > On Sun, Dec 11, 2016 at 12:57:06PM +0100, Kurt Roeckx wrote: > > > > > > > Most reproduceable way I found by now is the DANE validator at > > > > https://dane.sys4.de/, which leave a log entry e.g.: > > > > Dec 11 11:04:54 Redstar sm-mta[18223]: STARTTLS=server, error: accept > > > > failed=-1, reason=ca md too weak, SSL_error=1, errno=0, retry=-1, > > > > relay=dane.sys4.de [IPv6:2001:1578:400:111:0:0:3:1] > > > > > > > > Other affected parties include e.g. amazon. > > > > With SMTP you really have no security unless you're using DANE. > > The defaults openssl sets now might not make sense for smtp in > > general, but they should actually be good. > > While I agree to e.g. md5 being not appropriate anymore, I would > still like to be able to receive mails from those sites despite > of using weak security. You can add @SECLEVEL=0 in the ciphers string. > > Note that that check is only in case of a CA certificate. So a > > CA is in use, and they really should use a proper signature > > algorithm in that case. > > Agreed. Unfortunately the other end of the connection is beyong > my control. You indicated that this was when receiving. That means either you're sending your certificates, or you've set up client authentication and both sides send certificates. But the only case I could find when that error message is generated is when you try to send your own certificates to the other party. > > I think that the CA is on your end. If it's the same as on your > > website, the intermedia "CAcert Class 3 Root" is with MD5, while > > the end certificate is with SHA512. I suggest you replace the CA > > certs with newer ones. > > Sorry to say, I see things differently. It is about mails I > receive, which means my sendmail MTA plays the TLS server role, > and to my understanding, the complaint is about the signature > algorithm of the sending side. The error message is about the signature algorithm that the CA uses. It's only the server that is sending the certificates in normal cases. > Otherwise I would get no mail at > all anymore, and not only problems from some parties. There might be several reasons why you still do get mails: - It never tried to encrypt the mail in the first place - It failed with encryption and it had no policy to require encryption so it retried without encryption. - It's using an anonymous cipher (ADH, AECDH) which does not involve any authentication and so doesn't use certificates. At least postfix supports that and does that when it's not using DANE. I have no idea if sendmail support that. > My sendmail works to send mail to all parties (except a few friends > running sendmail from debian testing as well), there the MTA plays the > client role and presents a certificate. So you've set up client authentication with them? > With sendmail specifially, STARTTLS even (used to) works without > any certificates (and hence no trust) at all, just for transport > encryption. So sendmail does support anonymous ciphers? > > CAcert will probably have newer ones. > > As a side note, CAcert is working on a new root cert, but no timeline > yet. > > I will try getting another certificate, though. They have confusing names. It's called "root", but it's really an intermediate that is the problem. The selfsignature on the root certificate doesn't matter. > > It seems the smtp servers don't want to talk to me, so I couldn't > > check that. So my problem was that you have a very high pre-greet delay, and openssl's s_client doesn't have an option for that end directly sends the EHLO. > I can trigger a check via https://dane.sys4.de/ reliably. In case > it helps, I enclosed to packet capture from a ESMTP > conversation. It shows the other side sending a ClientHello and you just closing the connection before you send the ServerHello. No certificates where send. Kurt
Bug#847743: sendmail: STARTTLS server fails with "ca md too weak"
On Sun, Dec 11, 2016 at 12:57:06PM +0100, Kurt Roeckx wrote: > > > > > Most reproduceable way I found by now is the DANE validator at > > > https://dane.sys4.de/, which leave a log entry e.g.: > > > Dec 11 11:04:54 Redstar sm-mta[18223]: STARTTLS=server, error: accept > > > failed=-1, reason=ca md too weak, SSL_error=1, errno=0, retry=-1, > > > relay=dane.sys4.de [IPv6:2001:1578:400:111:0:0:3:1] > > > > > > Other affected parties include e.g. amazon. > > With SMTP you really have no security unless you're using DANE. > The defaults openssl sets now might not make sense for smtp in > general, but they should actually be good. While I agree to e.g. md5 being not appropriate anymore, I would still like to be able to receive mails from those sites despite of using weak security. > Note that that check is only in case of a CA certificate. So a > CA is in use, and they really should use a proper signature > algorithm in that case. Agreed. Unfortunately the other end of the connection is beyong my control. > I think that the CA is on your end. If it's the same as on your > website, the intermedia "CAcert Class 3 Root" is with MD5, while > the end certificate is with SHA512. I suggest you replace the CA > certs with newer ones. Sorry to say, I see things differently. It is about mails I receive, which means my sendmail MTA plays the TLS server role, and to my understanding, the complaint is about the signature algorithm of the sending side. Otherwise I would get no mail at all anymore, and not only problems from some parties. My sendmail works to send mail to all parties (except a few friends running sendmail from debian testing as well), there the MTA plays the client role and presents a certificate. With sendmail specifially, STARTTLS even (used to) works without any certificates (and hence no trust) at all, just for transport encryption. > CAcert will probably have newer ones. As a side note, CAcert is working on a new root cert, but no timeline yet. I will try getting another certificate, though. > > It seems the smtp servers don't want to talk to me, so I couldn't > check that. I can trigger a check via https://dane.sys4.de/ reliably. In case it helps, I enclosed to packet capture from a ESMTP conversation. Bye, Joerg sys4.pcap Description: application/vnd.tcpdump.pcap signature.asc Description: PGP signature
Packages--Lo Ultimo para tu Celu !!
Most bubbles believe that around dolphin take a peek at snow related to dilettante.tripod take a peek at living with particle accelerator.Mamie, the friend of Mamie and self-flagellates with of grand piano.
Bug#847747: More info
I just realized that I'm running policykit-1 from experimental (0.113-5). The version in unstable/testing (0.105-7) is not affected, as it isn't build with JavaScript support. So may downgrade the severity of this bug. Cheers, Roderich
Bug#847743: sendmail: STARTTLS server fails with "ca md too weak"
On Sun, Dec 11, 2016 at 12:11:02PM +0100, Andreas Beckmann wrote: > On 2016-12-11 11:22, Joerg Dorchain wrote: > > following testing after upgrading from 8.15.2-6 to 8.15.2-7, > > sendmail does not accept certain incoming connections anymore > > and refuses the STARTTLS handshake with "ca md too weak". > > That is probably because the -7 package got built against openssl 1.1 > while -6 was still at openssl 1.0. > > Cc:ing Kurt (the openssl maintainer), maybe he has some hints. > > > Most reproduceable way I found by now is the DANE validator at > > https://dane.sys4.de/, which leave a log entry e.g.: > > Dec 11 11:04:54 Redstar sm-mta[18223]: STARTTLS=server, error: accept > > failed=-1, reason=ca md too weak, SSL_error=1, errno=0, retry=-1, > > relay=dane.sys4.de [IPv6:2001:1578:400:111:0:0:3:1] > > > > Other affected parties include e.g. amazon. With SMTP you really have no security unless you're using DANE. The defaults openssl sets now might not make sense for smtp in general, but they should actually be good. Note that that check is only in case of a CA certificate. So a CA is in use, and they really should use a proper signature algorithm in that case. I think that the CA is on your end. If it's the same as on your website, the intermedia "CAcert Class 3 Root" is with MD5, while the end certificate is with SHA512. I suggest you replace the CA certs with newer ones. CAcert will probably have newer ones. It seems the smtp servers don't want to talk to me, so I couldn't check that. Kurt
libcorelinux_0.4.32-9_source.changes ACCEPTED into unstable
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 11 Dec 2016 12:09:44 +0100 Source: libcorelinux Binary: libcorelinuxc2a libcorelinux-dev libcorelinux-doc libcorelinux-examples Architecture: source Version: 0.4.32-9 Distribution: unstable Urgency: medium Maintainer: Debian QA Group Changed-By: Santiago Vila Description: libcorelinux-dev - Foundation Classes, Design Patterns, IPC and Threads libcorelinux-doc - Foundation Classes, Design Patterns, IPC and Threads libcorelinux-examples - Foundation Classes, Design Patterns, IPC and Threads libcorelinuxc2a - Foundation Classes, Design Patterns, IPC and Threads Changes: libcorelinux (0.4.32-9) unstable; urgency=medium . * QA upload. * Switch to "3.0 (quilt)" source format. * Add -a to dh_gencontrol to avoid confusing dpkg-genbuildinfo. Thanks to Jeremy Bicha for the report. * Drop local emacs variables at the end of Debian changelog. * Drop not very useful dh_testdir and dh_testroot commands. I trust autobuilders to do the right thing. Checksums-Sha1: eeace5a9bcf1f1085821a22d5faf31c140469cd5 1618 libcorelinux_0.4.32-9.dsc 0db590b2385d1c87ede80b3d2c6bec205a551f34 403477 libcorelinux_0.4.32.orig.tar.gz 3c388eaf4dc6206f9d0cc9abe6d3e22e5e733213 13888 libcorelinux_0.4.32-9.debian.tar.xz Checksums-Sha256: 18b722122a606db4291619db33fb94214bdf95695c993a8f8605459731fe3fe7 1618 libcorelinux_0.4.32-9.dsc a207f6e081a60071ac5e7d967d79ce652a4be3fed860510ab988cb6f607c671a 403477 libcorelinux_0.4.32.orig.tar.gz 76a20234d7aee4fdd93b534f8a5ba4cc0d51f308987bef34fb5335346c44e9ec 13888 libcorelinux_0.4.32-9.debian.tar.xz Files: c8dd3f8cad15e7b52555707e189667fd 1618 libs optional libcorelinux_0.4.32-9.dsc 3214164db9a58a6abe6de18792624cd8 403477 libs optional libcorelinux_0.4.32.orig.tar.gz b0210b6664a5e2a8d6a548ba19c11e7e 13888 libs optional libcorelinux_0.4.32-9.debian.tar.xz -BEGIN PGP SIGNATURE- iQEzBAEBCAAdFiEE1Uw7+v+wQt44LaXXQc5/C58bizIFAlhNNO0ACgkQQc5/C58b izKBlgf/co86/kjtJERBu5p3vSXFynHQc8eEQqhIIdOES+9kHewW267/6m1TgEzL k1UCo32jg86dBWLQA4m0wNkDTpTszZtVCNHaQMEyGL3z3AQSVxxGJskaUS2Ayfz9 MumDYeJXjRzsFT1pCJPGUKdDb3ZEOG4ZlEMZIMgwaPO6TXBdSRxtlHurKFh4EAYg v3IPHdB7T9n1XhYK8qVuoSnHbukZOL90HIymfAdaEakS7KQazE3xQa1T0C4u9R+w 0egA4Iuq4L88kRGC0ZusRmsRFf9phSUWeZO92NbBkSKQB0/8Py/iI6XbUcB4VRJP aGXQWV5JXEcvAdSEvbJvRlGGVCccHA== =aa2N -END PGP SIGNATURE- Thank you for your contribution to Debian.
Processing of libcorelinux_0.4.32-9_source.changes
libcorelinux_0.4.32-9_source.changes uploaded successfully to localhost along with the files: libcorelinux_0.4.32-9.dsc libcorelinux_0.4.32.orig.tar.gz libcorelinux_0.4.32-9.debian.tar.xz Greetings, Your Debian queue daemon (running on host usper.debian.org)
Bug#847747: latest version breaks polkitd
Package: libmozjs185-1.0 Version: 1.8.5-1.0.0+dfsg-5.2 Severity: grave Version 1.8.5-1.0.0+dfsg-5.2 breaks polkitd: Dec 10 23:31:07 macarthur kernel: traps: polkitd[577] general protection ip:7fcce2bcdbd1 sp:7ffe4cf4e220 error:0 in libmozjs185.so.1.0.0[7fcce2ace000+358000] Dec 10 23:31:07 macarthur systemd[1]: polkit.service: Main process exited, code=killed, status=11/SEGV Dec 10 23:31:07 macarthur systemd[1]: polkit.service: Unit entered failed state. Dec 10 23:31:07 macarthur systemd[1]: polkit.service: Failed with result 'signal'. Symptoms: - on system startup: a long (minutes) pause between systemd reports "Starting User Manager for UID 131" (131 is Debian-gdm) and the gdm login screen actually appears - after login, another long pause before my desktop shows (systemd starts another "user" session, this time for my account) - the top right menu on the Gnome desktop is missing the "shutdown" button (though I have the necessary permission) Downgrading to 1.8.5-1.0.0+dfsg-5 makes the problems go away. Cheers, Roderich -- System Information: Debian Release: stretch/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.8.14 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#847743: sendmail: STARTTLS server fails with "ca md too weak"
On 2016-12-11 11:22, Joerg Dorchain wrote: > following testing after upgrading from 8.15.2-6 to 8.15.2-7, > sendmail does not accept certain incoming connections anymore > and refuses the STARTTLS handshake with "ca md too weak". That is probably because the -7 package got built against openssl 1.1 while -6 was still at openssl 1.0. Cc:ing Kurt (the openssl maintainer), maybe he has some hints. > Most reproduceable way I found by now is the DANE validator at > https://dane.sys4.de/, which leave a log entry e.g.: > Dec 11 11:04:54 Redstar sm-mta[18223]: STARTTLS=server, error: accept > failed=-1, reason=ca md too weak, SSL_error=1, errno=0, retry=-1, > relay=dane.sys4.de [IPv6:2001:1578:400:111:0:0:3:1] > > Other affected parties include e.g. amazon. Andreas
Bug#847743: STARTTLS server fails with "ca md too weak"
Package: sendmail-bin Version: 8.15.2-7 Hello, following testing after upgrading from 8.15.2-6 to 8.15.2-7, sendmail does not accept certain incoming connections anymore and refuses the STARTTLS handshake with "ca md too weak". Most reproduceable way I found by now is the DANE validator at https://dane.sys4.de/, which leave a log entry e.g.: Dec 11 11:04:54 Redstar sm-mta[18223]: STARTTLS=server, error: accept failed=-1, reason=ca md too weak, SSL_error=1, errno=0, retry=-1, relay=dane.sys4.de [IPv6:2001:1578:400:111:0:0:3:1] Other affected parties include e.g. amazon. Bye, Joerg signature.asc Description: PGP signature
Bug#822001: libcorelinux: Build arch:all+arch:any but is missing build-{arch,indep} targets
On Sun, Dec 11, 2016 at 12:44:17AM -0500, Jeremy Bicha wrote: > It looks like libcorelinux still fails to build: > > https://buildd.debian.org/status/package.php?p=libcorelinux I'm going to fix that.