date:20190306

Your message dated Thu, 07 Mar 2019 06:32:00 +
with message-id <84c46410-a561-d7d3-3422-22c7dbefd...@thykier.net>
and subject line Re: Bug#923909: unblock: lua-nvim/0.1.0-1-2
has caused the Debian Bug report #923909,
regarding unblock: lua-nvim/0.1.0-1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
923909: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923909
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package lua-nvim

This version fixes a FTBFS (#920042) in a test during autopkgtest.

Defdiff attached. thanks.

unblock lua-nvim/0.1.0-1-2
diff -Nru lua-nvim-0.1.0-1/debian/changelog lua-nvim-0.1.0-1/debian/changelog
--- lua-nvim-0.1.0-1/debian/changelog   2018-06-11 20:44:29.0 -0400
+++ lua-nvim-0.1.0-1/debian/changelog   2019-03-04 21:12:53.0 -0500
@@ -1,3 +1,10 @@
+lua-nvim (0.1.0-1-2) unstable; urgency=medium
+
+  * New changelog entry
+  * Include a patch to fix a FTBFS due to test timeout (Closes: #920042)
+
+ -- Jason Pleau   Mon, 04 Mar 2019 21:12:53 -0500
+
 lua-nvim (0.1.0-1-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru 
lua-nvim-0.1.0-1/debian/patches/0001-Use-embed-headless-for-Socket-TcpStream-session-test.patch
 
lua-nvim-0.1.0-1/debian/patches/0001-Use-embed-headless-for-Socket-TcpStream-session-test.patch
--- 
lua-nvim-0.1.0-1/debian/patches/0001-Use-embed-headless-for-Socket-TcpStream-session-test.patch
 1969-12-31 19:00:00.0 -0500
+++ 
lua-nvim-0.1.0-1/debian/patches/0001-Use-embed-headless-for-Socket-TcpStream-session-test.patch
 2019-03-04 21:12:53.0 -0500
@@ -0,0 +1,36 @@
+From 24fe448aa406b0aa2267044a9858e3d2e5963b61 Mon Sep 17 00:00:00 2001
+From: James McCoy 
+Date: Sun, 3 Mar 2019 11:49:54 -0500
+Subject: [PATCH] Use --embed --headless for Socket/TcpStream session tests
+
+After neovim/neovim#9024, "nvim --embed" waits for a UI to attach.
+"nvim --embed --headless" is required if there is not going to be a UI.
+---
+ test/session_spec.lua | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/test/session_spec.lua b/test/session_spec.lua
+index d5d705c..1fc289d 100644
+--- a/test/session_spec.lua
 b/test/session_spec.lua
+@@ -155,7 +155,7 @@ end)
+ -- Session using SocketStream
+ test_session(string.format("Session using SocketStream [%s]", socket_file), 
function ()
+   child_session = Session.new(ChildProcessStream.spawn({
+-nvim_prog, '-u', 'NONE', '--embed',
++nvim_prog, '-u', 'NONE', '--embed', '--headless',
+ '--cmd', string.format('call serverstart("%s")', socket_file)
+   }))
+   child_session:request('vim_eval', '1') -- wait for nvim to start
+@@ -193,7 +193,7 @@ end)
+ -- Session using TcpStream
+ test_session("Session using TcpStream", function ()
+   child_session = Session.new(ChildProcessStream.spawn({
+-nvim_prog, '-u', 'NONE', '--embed',
++nvim_prog, '-u', 'NONE', '--embed', '--headless',
+ '--cmd', 'call serverstart("127.0.0.1:")'
+   }))
+ 
+-- 
+2.20.1
+
diff -Nru lua-nvim-0.1.0-1/debian/patches/series 
lua-nvim-0.1.0-1/debian/patches/series
--- lua-nvim-0.1.0-1/debian/patches/series  2018-06-11 20:44:29.0 
-0400
+++ lua-nvim-0.1.0-1/debian/patches/series  2019-03-04 21:12:53.0 
-0500
@@ -0,0 +1 @@
+0001-Use-embed-headless-for-Socket-TcpStream-session-test.patch
--- End Message ---
--- Begin Message ---
Jason Pleau:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package lua-nvim
> 
> This version fixes a FTBFS (#920042) in a test during autopkgtest.
> 
> Defdiff attached. thanks.
> 
> unblock lua-nvim/0.1.0-1-2
> 

Unblocked, thanks.

~Niels--- End Message ---

Bug#923902: marked as done (unblock: therion/5.4.3ds1-5)

Your message dated Thu, 07 Mar 2019 06:29:00 +
with message-id <77ffba79-5d99-3e1a-d06a-404194389...@thykier.net>
and subject line Re: Bug#923902: unblock: therion/5.4.3ds1-5
has caused the Debian Bug report #923902,
regarding unblock: therion/5.4.3ds1-5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
923902: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923902
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package therion.

This fixes a severity: important bug in a package of priority: extra:

https://bugs.debian.org/923737

The diff is small and clean so I've already uploaded to unstable as
suggested by the freeze policy.  The package has successfully built for
all release architectures, and the autopkgtest is passing.

Debdiff against 5.4.3ds-4 (currently in testing) attached.

unblock therion/5.4.3ds1-5

Cheers,
Olly
diff -Nru therion-5.4.3ds1/debian/changelog therion-5.4.3ds1/debian/changelog
--- therion-5.4.3ds1/debian/changelog   2019-02-08 09:23:36.0 +1300
+++ therion-5.4.3ds1/debian/changelog   2019-03-06 10:41:20.0 +1300
@@ -1,3 +1,10 @@
+therion (5.4.3ds1-5) unstable; urgency=medium
+
+  * debian/patches/fix-svg-export-segfault.patch: Fix segmentation fault when
+producing SVG output.  (Closes: #923737)
+
+ -- Olly Betts   Wed, 06 Mar 2019 10:41:20 +1300
+
 therion (5.4.3ds1-4) unstable; urgency=medium
 
   * debian/tests/therion: Give up trying to compare output images for now -
diff -Nru therion-5.4.3ds1/debian/patches/fix-svg-export-segfault.patch 
therion-5.4.3ds1/debian/patches/fix-svg-export-segfault.patch
--- therion-5.4.3ds1/debian/patches/fix-svg-export-segfault.patch   
1970-01-01 12:00:00.0 +1200
+++ therion-5.4.3ds1/debian/patches/fix-svg-export-segfault.patch   
2019-03-06 10:41:20.0 +1300
@@ -0,0 +1,31 @@
+Subject: [PATCH] fix segfault while generating SVG
+ std::map::erase(ITOR) invalidates ITOR, but returns an iterator pointing after
+ the removed element (either to the next element or an end iterator if that was
+ the last element).
+Origin: upstream
+Author: mbudaj 
+Last-Update: 2019-03-06
+
+---
+ thepsparse.cxx | 8 +---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/thepsparse.cxx b/thepsparse.cxx
+index cf574cf..087886b 100644
+--- a/thepsparse.cxx
 b/thepsparse.cxx
+@@ -386,9 +386,11 @@ void MP_data::print_svg (ofstream & F, string 
unique_prefix) {
+ }
+ // nemoze ist do predch. cyklu, lebo zmazanie smernika
+ // urobi chaos
+-for (map::iterator I = gstate.clippathdepth.begin();
+-I!= gstate.clippathdepth.end(); I++) {
+-  if (I->second < 0) gstate.clippathdepth.erase(I);
++{auto I = gstate.clippathdepth.begin();
++  while (I!= gstate.clippathdepth.end()) {
++if (I->second < 0) I = gstate.clippathdepth.erase(I);
++else I++;
++  }
+ }
+ tmpclip = gstate.clippathdepth;
+ gstate = GSTATE_stack.back();
diff -Nru therion-5.4.3ds1/debian/patches/series 
therion-5.4.3ds1/debian/patches/series
--- therion-5.4.3ds1/debian/patches/series  2019-01-09 09:14:45.0 
+1300
+++ therion-5.4.3ds1/debian/patches/series  2019-03-06 10:41:20.0 
+1300
@@ -1,3 +1,4 @@
 10doc-fixes.patch
 80debianise-makefiles.patch
 90debianise-loch-makefile.patch
+fix-svg-export-segfault.patch


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Olly Betts:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package therion.
> 
> This fixes a severity: important bug in a package of priority: extra:
> 
> https://bugs.debian.org/923737
> 
> The diff is small and clean so I've already uploaded to unstable as
> suggested by the freeze policy.  The package has successfully built for
> all release architectures, and the autopkgtest is passing.
> 
> Debdiff against 5.4.3ds-4 (currently in testing) attached.
> 
> unblock therion/5.4.3ds1-5
> 
> Cheers,
> Olly
> 

Unblocked, thanks.

~Niels--- End Message ---

Re: Problems with shim and shim-signed in unstable, and proposed solutions to unblock us

2019-03-06 Thread Wade A

I've certainly bbqed lettuce before. I don't know anything about cooking
tho. And sorry to allow for more off topic banter on this thread.

Thank you.

On Wed, Mar 6, 2019, 2:47 PM Steve McIntyre  wrote:

> On Mon, Mar 04, 2019 at 04:30:46PM +, Steve McIntyre wrote:
> >>
> >>3. Upload new version of the shim-signed source package and a
> >>   (lightly) bodged binary package
> >>3a. Use versions:
> >> - source: 1.28+nmu2
> >> - binary: 1.28+nmu2+0.9+1474479173.6c180c6-1
> >>3b. Needs as build-deps an old version of sbsigntool (0.6-3.2) and
> >>specifically version 0.9+1474479173.6c180c6-1 of shim in the
> >>build chroot
> >>3c. Then upload source+amd64
> >>3d. New shim-signed binary package changes in a few ways:
> >>* new version of the binary now include fbx64.efi.signed and
> >>  mmx64.efi.signed (copied across from the shim binary package)
> >>* add Replaces: shim (= 0.9+1474479173.6c180c6-1) so we don't
> >>  conflict on those binaries
> >>* remove Depends: shim (the whole point!)
> >>* change Build-Depends to list the specific versions used for
> >>  shim and sbsigntool
> >>3e. Already tested and working. I built this (source and binary
> >>debdiffs attached) and tested OK on SB system
> >>3f. This package is instantly RC-buggy due to the unavailable
> >>build-deps. We know...
>
> I've just uploaded #3 to unstable this evening.
>
> --
> Steve McIntyre, Cambridge, UK.
> st...@einval.com
> "You can't barbecue lettuce!" -- Ellie Crane
>

Fixing stretch debian-installer on armhf

2019-03-06 Thread Vagrant Cascadian

Due to #922478, the debian-installer images for stretch are currently
not bootable on the armhf architecture.

While the linux kernel packages have been fixed in stretch-updates and
stretch-proposed-updates, the debian-installer images still were built
with the broken kernel.

Even rebuilding the debian-installer images, while pulling in a working
kernel that would boot, debian-installer would load .udeb modules from
stretch, not stretch-updates. This might be ok for hd-media targets or
targets that do not load module .udeb files from the network, but
netboot targets are not likely to work at all.

So some of the options at the moment appear to be:

* Wait for another point release, rebuild debian-installer, leaving
  debian-installer on armhf broken until then. How long till the next
  point release?

* Rebuild the debian-installer images, pulling in updates from
  stretch-updates, leaving only armhf netboot targets broken. 

* Another point release with the kernel update sooner than planned, and
  rebuild debian-installer images.

* Other options?


In the future, I plan on setting up at least one or two of armhf
machines running stable-proposed-updates to try to catch this sort of
thing before release...


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#923909: unblock: lua-nvim/0.1.0-1-2

2019-03-06 Thread Jason Pleau

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package lua-nvim

This version fixes a FTBFS (#920042) in a test during autopkgtest.

Defdiff attached. thanks.

unblock lua-nvim/0.1.0-1-2
diff -Nru lua-nvim-0.1.0-1/debian/changelog lua-nvim-0.1.0-1/debian/changelog
--- lua-nvim-0.1.0-1/debian/changelog   2018-06-11 20:44:29.0 -0400
+++ lua-nvim-0.1.0-1/debian/changelog   2019-03-04 21:12:53.0 -0500
@@ -1,3 +1,10 @@
+lua-nvim (0.1.0-1-2) unstable; urgency=medium
+
+  * New changelog entry
+  * Include a patch to fix a FTBFS due to test timeout (Closes: #920042)
+
+ -- Jason Pleau   Mon, 04 Mar 2019 21:12:53 -0500
+
 lua-nvim (0.1.0-1-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru 
lua-nvim-0.1.0-1/debian/patches/0001-Use-embed-headless-for-Socket-TcpStream-session-test.patch
 
lua-nvim-0.1.0-1/debian/patches/0001-Use-embed-headless-for-Socket-TcpStream-session-test.patch
--- 
lua-nvim-0.1.0-1/debian/patches/0001-Use-embed-headless-for-Socket-TcpStream-session-test.patch
 1969-12-31 19:00:00.0 -0500
+++ 
lua-nvim-0.1.0-1/debian/patches/0001-Use-embed-headless-for-Socket-TcpStream-session-test.patch
 2019-03-04 21:12:53.0 -0500
@@ -0,0 +1,36 @@
+From 24fe448aa406b0aa2267044a9858e3d2e5963b61 Mon Sep 17 00:00:00 2001
+From: James McCoy 
+Date: Sun, 3 Mar 2019 11:49:54 -0500
+Subject: [PATCH] Use --embed --headless for Socket/TcpStream session tests
+
+After neovim/neovim#9024, "nvim --embed" waits for a UI to attach.
+"nvim --embed --headless" is required if there is not going to be a UI.
+---
+ test/session_spec.lua | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/test/session_spec.lua b/test/session_spec.lua
+index d5d705c..1fc289d 100644
+--- a/test/session_spec.lua
 b/test/session_spec.lua
+@@ -155,7 +155,7 @@ end)
+ -- Session using SocketStream
+ test_session(string.format("Session using SocketStream [%s]", socket_file), 
function ()
+   child_session = Session.new(ChildProcessStream.spawn({
+-nvim_prog, '-u', 'NONE', '--embed',
++nvim_prog, '-u', 'NONE', '--embed', '--headless',
+ '--cmd', string.format('call serverstart("%s")', socket_file)
+   }))
+   child_session:request('vim_eval', '1') -- wait for nvim to start
+@@ -193,7 +193,7 @@ end)
+ -- Session using TcpStream
+ test_session("Session using TcpStream", function ()
+   child_session = Session.new(ChildProcessStream.spawn({
+-nvim_prog, '-u', 'NONE', '--embed',
++nvim_prog, '-u', 'NONE', '--embed', '--headless',
+ '--cmd', 'call serverstart("127.0.0.1:")'
+   }))
+ 
+-- 
+2.20.1
+
diff -Nru lua-nvim-0.1.0-1/debian/patches/series 
lua-nvim-0.1.0-1/debian/patches/series
--- lua-nvim-0.1.0-1/debian/patches/series  2018-06-11 20:44:29.0 
-0400
+++ lua-nvim-0.1.0-1/debian/patches/series  2019-03-04 21:12:53.0 
-0500
@@ -0,0 +1 @@
+0001-Use-embed-headless-for-Socket-TcpStream-session-test.patch

Bug#922340: unblock: open-build-service/2.9.4-1

2019-03-06 Thread Hector Oron

Hello again,

  Besides what was mentioned in the previous email, I would like to clarify
that we commit to open-build-service active maintenance since it is used in
production by us.

  Regarding security we have already discussed with security team adding a
note in the package clarifying security implications and doing
recommendations to the potential users on whether running a public instance
is discouraged.

Regards

Bug#923902: unblock: therion/5.4.3ds1-5

2019-03-06 Thread Olly Betts

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package therion.

This fixes a severity: important bug in a package of priority: extra:

https://bugs.debian.org/923737

The diff is small and clean so I've already uploaded to unstable as
suggested by the freeze policy.  The package has successfully built for
all release architectures, and the autopkgtest is passing.

Debdiff against 5.4.3ds-4 (currently in testing) attached.

unblock therion/5.4.3ds1-5

Cheers,
Olly
diff -Nru therion-5.4.3ds1/debian/changelog therion-5.4.3ds1/debian/changelog
--- therion-5.4.3ds1/debian/changelog   2019-02-08 09:23:36.0 +1300
+++ therion-5.4.3ds1/debian/changelog   2019-03-06 10:41:20.0 +1300
@@ -1,3 +1,10 @@
+therion (5.4.3ds1-5) unstable; urgency=medium
+
+  * debian/patches/fix-svg-export-segfault.patch: Fix segmentation fault when
+producing SVG output.  (Closes: #923737)
+
+ -- Olly Betts   Wed, 06 Mar 2019 10:41:20 +1300
+
 therion (5.4.3ds1-4) unstable; urgency=medium
 
   * debian/tests/therion: Give up trying to compare output images for now -
diff -Nru therion-5.4.3ds1/debian/patches/fix-svg-export-segfault.patch 
therion-5.4.3ds1/debian/patches/fix-svg-export-segfault.patch
--- therion-5.4.3ds1/debian/patches/fix-svg-export-segfault.patch   
1970-01-01 12:00:00.0 +1200
+++ therion-5.4.3ds1/debian/patches/fix-svg-export-segfault.patch   
2019-03-06 10:41:20.0 +1300
@@ -0,0 +1,31 @@
+Subject: [PATCH] fix segfault while generating SVG
+ std::map::erase(ITOR) invalidates ITOR, but returns an iterator pointing after
+ the removed element (either to the next element or an end iterator if that was
+ the last element).
+Origin: upstream
+Author: mbudaj 
+Last-Update: 2019-03-06
+
+---
+ thepsparse.cxx | 8 +---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/thepsparse.cxx b/thepsparse.cxx
+index cf574cf..087886b 100644
+--- a/thepsparse.cxx
 b/thepsparse.cxx
+@@ -386,9 +386,11 @@ void MP_data::print_svg (ofstream & F, string 
unique_prefix) {
+ }
+ // nemoze ist do predch. cyklu, lebo zmazanie smernika
+ // urobi chaos
+-for (map::iterator I = gstate.clippathdepth.begin();
+-I!= gstate.clippathdepth.end(); I++) {
+-  if (I->second < 0) gstate.clippathdepth.erase(I);
++{auto I = gstate.clippathdepth.begin();
++  while (I!= gstate.clippathdepth.end()) {
++if (I->second < 0) I = gstate.clippathdepth.erase(I);
++else I++;
++  }
+ }
+ tmpclip = gstate.clippathdepth;
+ gstate = GSTATE_stack.back();
diff -Nru therion-5.4.3ds1/debian/patches/series 
therion-5.4.3ds1/debian/patches/series
--- therion-5.4.3ds1/debian/patches/series  2019-01-09 09:14:45.0 
+1300
+++ therion-5.4.3ds1/debian/patches/series  2019-03-06 10:41:20.0 
+1300
@@ -1,3 +1,4 @@
 10doc-fixes.patch
 80debianise-makefiles.patch
 90debianise-loch-makefile.patch
+fix-svg-export-segfault.patch


signature.asc
Description: PGP signature

Bug#922340: unblock: open-build-service/2.9.4-1

2019-03-06 Thread Hector Oron

Hello,

Missatge de Jonathan Wiltshire  del dia dc., 6 de març
2019 a les 22:59:
> On Thu, Feb 14, 2019 at 08:19:10PM +0100, Héctor Orón Martínez wrote:
> > A lot of effort has been put into `open-build-service`, since ruby rails
> > 5 transition needed to happen and it did. Even uploading the package
> > on-time it was delayed due to a couple dependencies: `ruby-clockwork` and
> > `ruby-jquery-ui-rails`.
>
> I don't wish to detract from that effort, but it's not a valid reason on
> its own for the unblock of a package not even in testing.
>
> With open-build-service being out of testing for nearly a year,

Newer `open-build-service` had a dependency on ruby rails 5, which we
have been coordinating with gitlab maintainers, because gitlab did not
support rails 5 until very recently, so we started rails 5 transition
in experimental, and barely made it to transition freeze.

> dependencies also not in testing (and my feelings on them are similar), and

While `open-build-service` was ready, some of the dependencies prevent
it from migrating to testing, which was very unfortunated.

> a popcon of just 10 or so, I think a better pathway would be via

Right, not many popcon users, however it has it's users and ease the
Debian derivative distro maintenance, for instance, it is used by
Apertis, SteamOS, Endless Debian derivatives. Sylvestre has been using
it for LLVM work as well. And it is being used by Linaro as well for
distro work for the ARM architecture.

> buster-backports when that is open.

While we have thought about maintaining `open-build-service` newer
versions in `stretch-backports`, it has not been possible due to webUI
ruby dependencies and the way ruby is packaged in Debian, it makes it
very hard to align all dependencies to have a working set. While
buster-backports would be awesome to have, I do not think is going to
work, since ruby versions do not remain compatible with older ones. We
have also thought on changing the paradigm and package the backend
services (perl) separated from webui (ruby) and provide webui in a
container and install gems with ruby package manager instead as a work
around, since doing the Debian way with rubygems is quite painful, but
if you have any other good ideas we'd love to hear them.

> I'm open to be pursuaded.

OK, I tried, and to be honest, stable isn't perfect either, since
distro lifecycle is longer than application support, so not allowing
newer upstream versions in stable is problematic security wise in the
long term. open-build-service is not the only one in this category,
there are many packages in the same situation and it'd be nice to find
a common solution for all those.

Thanks for considering, I know it is not an easy call to do, so I'll
understand either way you decide.

Regards,
-- 
 Héctor Orón  -.. . -... .. .- -.   -.. . ...- . .-.. --- .--. . .-.

Re: Problems with shim and shim-signed in unstable, and proposed solutions to unblock us

2019-03-06 Thread Steve McIntyre

On Mon, Mar 04, 2019 at 04:30:46PM +, Steve McIntyre wrote:
>>
>>3. Upload new version of the shim-signed source package and a
>>   (lightly) bodged binary package
>>3a. Use versions:
>> - source: 1.28+nmu2
>> - binary: 1.28+nmu2+0.9+1474479173.6c180c6-1
>>3b. Needs as build-deps an old version of sbsigntool (0.6-3.2) and
>>specifically version 0.9+1474479173.6c180c6-1 of shim in the
>>build chroot
>>3c. Then upload source+amd64
>>3d. New shim-signed binary package changes in a few ways:
>>* new version of the binary now include fbx64.efi.signed and
>>  mmx64.efi.signed (copied across from the shim binary package)
>>* add Replaces: shim (= 0.9+1474479173.6c180c6-1) so we don't
>>  conflict on those binaries
>>* remove Depends: shim (the whole point!)
>>* change Build-Depends to list the specific versions used for
>>  shim and sbsigntool
>>3e. Already tested and working. I built this (source and binary
>>debdiffs attached) and tested OK on SB system
>>3f. This package is instantly RC-buggy due to the unavailable
>>build-deps. We know...

I've just uploaded #3 to unstable this evening.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"You can't barbecue lettuce!" -- Ellie Crane


signature.asc
Description: PGP signature

Bug#923901: debdiffs and logs

diff --git a/debian/.gitlab-ci.yml b/debian/.gitlab-ci.yml
new file mode 100644
index 000..2a7f496
--- /dev/null
+++ b/debian/.gitlab-ci.yml
@@ -0,0 +1,10 @@
+build:
+  image: 
registry.salsa.debian.org/salsa-ci-team/ci-image-git-buildpackage:latest
+  artifacts:
+paths:
+- "*.deb"
+expire_in: 1 day
+  except:
+- tags
+  script:
+- gitlab-ci-git-buildpackage-all
diff --git a/debian/build.gradle b/debian/build.gradle
index 6e7d1a2..3c6c652 100644
--- a/debian/build.gradle
+++ b/debian/build.gradle
@@ -5,10 +5,7 @@ subprojects {
* src:android-platform-build.
*/
   group = 'com.android'
-  sourceCompatibility = 1.7
-  targetCompatibility = 1.7
   version = '23'
-  compileJava.options.encoding = 'UTF-8'
 
   configurations {
 doclava /* Classpaths for executing Doclava */
@@ -44,7 +41,8 @@ subprojects {
  "-stubs $stubsDir " +
  '-XDignore.symbol.file ' +
  "-api ${temporaryDir}/current.txt " +
- "-removedApi ${temporaryDir}/removed.txt "
+ "-removedApi ${temporaryDir}/removed.txt " +
+ '--release 8 '
   if (classpath.size() > 0) doclavaFlags += "-classpath $classpath "
   copy {
 from apiListLocation
@@ -224,3 +222,14 @@ project(':uiautomator') {
 }
   }
 }
+
+allprojects {
+gradle.projectsEvaluated {
+tasks.withType(JavaCompile) {
+sourceCompatibility = JavaVersion.VERSION_1_8
+targetCompatibility = JavaVersion.VERSION_1_8
+options.encoding = 'UTF-8'
+options.compilerArgs.addAll(['--release', '8'])
+}
+}
+}
diff --git a/debian/changelog b/debian/changelog
index 57765dd..96c7711 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+android-framework-23 (6.0.1+r72-5) unstable; urgency=medium
+
+  * Fix FTBFS with Java 9+ (Closes: #894285)
+  * add basic autopkgtest to check that class files are in the JAR
+
+ -- Hans-Christoph Steiner   Wed, 06 Mar 2019 12:10:58 +
+
 android-framework-23 (6.0.1+r72-4) unstable; urgency=medium
 
   * Team upload.
diff --git a/debian/control b/debian/control
index 8a59ae4..bbc2cd4 100644
--- a/debian/control
+++ b/debian/control
@@ -15,11 +15,11 @@ Build-Depends: aapt,
gradle-debian-helper (>= 1.4~),
maven-repo-helper,
p7zip-full,
-   proguard
+   proguard-cli,
 Standards-Version: 4.1.3
 Homepage: https://android.googlesource.com
-Vcs-Git: https://anonscm.debian.org/git/android-tools/android-framework-23.git
-Vcs-Browser: 
https://anonscm.debian.org/cgit/android-tools/android-framework-23.git
+Vcs-Git: https://salsa.debian.org/android-tools-team/android-framework-23.git
+Vcs-Browser: https://salsa.debian.org/android-tools-team/android-framework-23
 
 Package: libandroid-23-java
 Architecture: all
diff --git a/debian/patches/remove-use-of-_-variable-name.patch 
b/debian/patches/remove-use-of-_-variable-name.patch
new file mode 100644
index 000..84d24f2
--- /dev/null
+++ b/debian/patches/remove-use-of-_-variable-name.patch
@@ -0,0 +1,28 @@
+Subject: Remove use of '_' variable name
+
+To build with Java 9 and newer.
+
+Forwarded: 
https://android.googlesource.com/platform/frameworks/base/+/00d6b601e6257d86b173f743d76396ec3183a5e8%5E%21/#F0
+
+diff --git a/frameworks/base/media/java/android/media/SRTRenderer.java 
b/frameworks/base/media/java/android/media/SRTRenderer.java
+index ee4edee..a3e2abd 100644
+--- a/frameworks/base/media/java/android/media/SRTRenderer.java
 b/frameworks/base/media/java/android/media/SRTRenderer.java
+@@ -165,7 +165,6 @@
+ return;
+ }
+ 
+-final int _ = 0;
+ for (Cue cue : activeCues) {
+ TextTrackCue ttc = (TextTrackCue) cue;
+ 
+@@ -184,7 +183,8 @@
+ parcel.writeInt(buf.length);
+ parcel.writeByteArray(buf);
+ 
+-Message msg = mEventHandler.obtainMessage(MEDIA_TIMED_TEXT, _, _, 
parcel);
++Message msg = mEventHandler.obtainMessage(MEDIA_TIMED_TEXT, 0 /* 
arg1 */, 0 /* arg2 */,
++parcel);
+ mEventHandler.sendMessage(msg);
+ }
+ activeCues.clear();
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 000..ac1d795
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+remove-use-of-_-variable-name.patch
diff --git a/debian/tests/build-against-android-jar.sh 
b/debian/tests/build-against-android-jar.sh
new file mode 100644
index 000..914f417
--- /dev/null
+++ b/debian/tests/build-against-android-jar.sh
@@ -0,0 +1,14 @@
+#!/bin/bash -e
+
+echo > Test.java

Processed: Re: Bug#922340: unblock: open-build-service/2.9.4-1

Processing control commands:

> tag -1 moreinfo
Bug #922340 [release.debian.org] unblock: open-build-service/2.9.4-1
Added tag(s) moreinfo.

-- 
922340: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922340
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#923901: unblock: android-framework-23/debian/25.0.0+9, android-platform-dalvik/8.1.0+r23-2, android-sdk-meta/25.0.0+9

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock source packages:
* android-framework-23/debian/25.0.0+9
* android-platform-dalvik/8.1.0+r23-2
* android-sdk-meta/25.0.0+9

With the collective brain power of the android-tools and java teams and
lots of other advice, we finally got android-frameworks-23 to build in
buster, and managed to do it without needing openjdk-8. These packages
are key packages to tie together the whole suite of Android SDK packages
that are already in buster. android-platform-dalvik and
android-sdk-meta were blocked by android-framework-23.

After weeks of work spread out over months since last summer, we finally
got a version of this package that works in buster. We first tried to
do a whole new approach that was closer to upstream, and that failed
after a lot of work. That's why we didn't respond to #894285 until the
buster freeze was looming, and fixing the existing FTBFS looked to be
the only way forward. So on Jan 29th, 2019, I discussed this in
#debian-devel with wRAR, mapreri, kibi, XTF, and pabs. Then, the plan
was to Build-Depends: openjdk-8. I'm happy to say that this package
works with default-jdk, so openjdk-8 could be entirely removed, as far
as Android Tools is concerned.

Today, this issue was discussed in #debian-devel with elbrus, wRAR, and
adsb. And upon their recommendation, I'm writing up a big report here.
I uploaded android-sdk-meta/25.0.0+9 today to set all the proper
versions and add autopkgtest to ease this process. We left the version
setting til last since we were not sure which version of
android-framework-23 would make it into buster.

Why should these be in buster?
--

• android-frameworks-23 only needs small changes from stretch

• android-platform-dalvik/8.1.0+r23-2 was already in buster, but was
removed because of the lack of android-frameworks-23

• `apt-get install android-sdk` was in stretch, and is widely documented

• Replicant depends on these packages as its free software SDK

• diffoscope, apktool, and related tools will be crippled by their
absence, users will have to compile their own android.jar to replace
the one that android-framework-23 provides.

• android-sdk includes udev rules for android devices, Google itself
recommends this package as the official way to install udev rules for
Android devices:
https://developer.android.com/studio/run/device.html

• This suite of packages ranks relatively high in Popularity Contest:

https://qa.debian.org/developer.php?email=android-tools-devel%40lists.alioth.debian.org

I recognize this is not a good situation. It has been a very difficult
path here over many months. The Android upstream seems to fight anyone
who dare mess with their code outside of their whack system of "prebuilts".

Some background
---

Failed attempt replacing android-framework-23 with something based on
the upstream build system:
https://salsa.debian.org/cdesai-guest/debian-android-manifest

Android-Tools and Java team discussion on this topic:
https://alioth-lists.debian.net/pipermail/android-tools-devel/2019q1/003824.html

key recommendation from Guardian Project list:
https://lists.mayfirst.org/pipermail/guardian-dev/2019-February/005480.html

Build Android apps with Debian: apt install android-sdk:
https://guardianproject.info/2017/03/13/build-android-apps-with-debian-apt-install-android-sdk/

Lots of IRC discussions in #debian-mobile, #debian-java, and #debian-devel.

Why is packaging Android Tools so hard?
---

The entire Android OS and SDK is built from a single giant source repo
with one single interwoven build system made of many parts. The
standard Android SDK binaries from Google have a non-free license and
are built with ~13GB of mystery binaries they call "prebuilts". These
prebuilts often come from thin air with no documentation of how they
were built. Upstream puts out no source release, and often changes
build systems (make, ninja, blueprint, gradle, cmake, etc).

signature.asc
Description: OpenPGP digital signature

Bug#923762: unblock: mblaze/0.5.1-1

On Tue, Mar 05, 2019 at 06:55:10PM +0100, Nicolas Braud-Santoni wrote:
> Yes, I simply didn't want to delay a security-related change, and didn't 
> realise
> that urgency=high wouldn't be enough to catch the freeze window (don't they
> usually land in testing in 2 days?).

During soft freeze all urgencies have a 10 day migration period unless
overridden by the release team.

Thanks,

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

Bug#922340: unblock: open-build-service/2.9.4-1

Control: tag -1 moreinfo

On Thu, Feb 14, 2019 at 08:19:10PM +0100, Héctor Orón Martínez wrote:
> A lot of effort has been put into `open-build-service`, since ruby rails
> 5 transition needed to happen and it did. Even uploading the package
> on-time it was delayed due to a couple dependencies: `ruby-clockwork` and
> `ruby-jquery-ui-rails`.

I don't wish to detract from that effort, but it's not a valid reason on
its own for the unblock of a package not even in testing.

With open-build-service being out of testing for nearly a year,
dependencies also not in testing (and my feelings on them are similar), and
a popcon of just 10 or so, I think a better pathway would be via
buster-backports when that is open. 

I'm open to be pursuaded.

> I am not attaching a debdiff since it is a major upstream version update.

A debdiff something not in testing doesn't make sense anyway.

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

Processed: user release.debian....@packages.debian.org, usertagging 923805 ...

Processing commands for cont...@bugs.debian.org:

> user release.debian@packages.debian.org
Setting user to release.debian@packages.debian.org (was j...@debian.org).
> usertags 923805 unblock
There were no usertags set.
Usertags are now: unblock.
> retitle 923805 unblock: gnome-shell-extension-desktop-icons/19.01.1-1
Bug #923805 [release.debian.org] age: 
gnome-shell-extension-desktop-icons/19.01.1-1
Changed Bug title to 'unblock: gnome-shell-extension-desktop-icons/19.01.1-1' 
from 'age: gnome-shell-extension-desktop-icons/19.01.1-1'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
923805: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923805
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: user release.debian....@packages.debian.org, usertagging 923803 ...

Processing commands for cont...@bugs.debian.org:

> user release.debian@packages.debian.org
Setting user to release.debian@packages.debian.org (was j...@debian.org).
> usertags 923803 unblock
There were no usertags set.
Usertags are now: unblock.
> retitle 923803 unblock: gdk-pixbuf/2.38.1+dfsg-1
Bug #923803 [release.debian.org] age: gdk-pixbuf/2.38.1+dfsg-1
Changed Bug title to 'unblock: gdk-pixbuf/2.38.1+dfsg-1' from 'age: 
gdk-pixbuf/2.38.1+dfsg-1'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
923803: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923803
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#923769: unblock: spl-linux/0.7.13-1

Processing control commands:

> tag -1 moreinfo
Bug #923769 [release.debian.org] unblock: spl-linux/0.7.13-1
Added tag(s) moreinfo.

-- 
923769: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923769
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#923770: unblock: zfs-linux/0.7.13-1

Processing control commands:

> tag -1 moreinfo
Bug #923770 [release.debian.org] unblock: zfs-linux/0.7.13-1
Added tag(s) moreinfo.

-- 
923770: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923770
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#923769: unblock: spl-linux/0.7.13-1

Control: tag -1 moreinfo

On Tue, Mar 05, 2019 at 07:50:47AM +, Mo Zhou wrote:
> Please unblock package spl-linux
> which will land on unstable shortly.
> 
> (explain the reason for the unblock here)
> 
>   New upstream release (released several hours ago).

This is not on its own a good reason for a freeze exception.

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

Bug#923770: unblock: zfs-linux/0.7.13-1

Control: tag -1 moreinfo

On Tue, Mar 05, 2019 at 07:59:19AM +, Mo Zhou wrote:
> (explain the reason for the unblock here)
> 
>   [from 0.7.12-2 to 0.7.13-1]
>   * New upstream release (released several hours ago)

This is not a good reason for a freeze exception.

>   * Cherry-picked/backported many bug fixes from upstream.

This might be.

>   * linux 4.20 and 5.0 compatibility

This is not.

> (include/attach the debdiff against the package in testing)
> 
>   More than 7000 lines of changes makes the all-in-one debdiff insane.
>   Please review this instead:
>   
> https://salsa.debian.org/zfsonlinux-team/zfs/compare/debian%2F0.7.12-2...debian%2F0.7.13-1

I am not reviewing that.

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

Processed: tagging 923864

Processing commands for cont...@bugs.debian.org:

> # fixed bug is only normal, autopkgtest regression
> tags 923864 + moreinfo
Bug #923864 [release.debian.org] unblock: rails/2:5.2.2+dfsg-6
Added tag(s) moreinfo.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
923864: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923864
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#923813: marked as done (unblock: icingaweb2/2.6.2-3)

Your message dated Wed, 6 Mar 2019 21:19:45 +
with message-id <20190306211945.ga2...@powdarrmonkey.net>
and subject line Re: Bug#923813: unblock: icingaweb2/2.6.2-3
has caused the Debian Bug report #923813,
regarding unblock: icingaweb2/2.6.2-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
923813: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923813
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package icingaweb2.

It contains additional patches for PHP 7.3 support. The initial patch
for #914457 only fixed the issues in the icingaweb2 code, the additional
(upstream) patches also fix the issues in the vendor libraries.

The package in unstable also fixes the Icon list in the documentation
module.

The other changes make the package lintian clean.

unblock icingaweb2/2.6.2-3

Kind Regards,

Bas
diff -Nru icingaweb2-2.6.2/debian/changelog icingaweb2-2.6.2/debian/changelog
--- icingaweb2-2.6.2/debian/changelog   2018-11-23 18:36:14.0 +0100
+++ icingaweb2-2.6.2/debian/changelog   2019-03-05 10:35:01.0 +0100
@@ -1,3 +1,14 @@
+icingaweb2 (2.6.2-3) unstable; urgency=medium
+
+  * Team upload.
+  * Bump Standards-Version to 4.3.0, no changes.
+  * Fix Icons list in 'Developer Style' documentation.
+  * Add upstream patches to fix PHP 7.3 support.
+  * Use .maintscript files instead of dpkg-maintscript-helper directly.
+  * Update lintian override for normalize.css.
+
+ -- Bas Couwenberg   Tue, 05 Mar 2019 10:35:01 +0100
+
 icingaweb2 (2.6.2-2) unstable; urgency=medium
 
   * Team upload.
diff -Nru icingaweb2-2.6.2/debian/control icingaweb2-2.6.2/debian/control
--- icingaweb2-2.6.2/debian/control 2018-11-23 18:35:14.0 +0100
+++ icingaweb2-2.6.2/debian/control 2018-12-25 23:27:47.0 +0100
@@ -8,7 +8,7 @@
php-cli,
node-uglify (>= 2) | yui-compressor,
node-source-map | yui-compressor
-Standards-Version: 4.2.1
+Standards-Version: 4.3.0
 Vcs-Browser: https://salsa.debian.org/nagios-team/pkg-icingaweb2
 Vcs-Git: https://salsa.debian.org/nagios-team/pkg-icingaweb2.git
 Homepage: https://icinga.com
diff -Nru icingaweb2-2.6.2/debian/icingacli.maintscript 
icingaweb2-2.6.2/debian/icingacli.maintscript
--- icingaweb2-2.6.2/debian/icingacli.maintscript   1970-01-01 
01:00:00.0 +0100
+++ icingaweb2-2.6.2/debian/icingacli.maintscript   2019-03-05 
10:35:01.0 +0100
@@ -0,0 +1 @@
+rm_conffile /etc/bash_completion.d/icingacli 2.4.0-1~
diff -Nru icingaweb2-2.6.2/debian/icingacli.postinst 
icingaweb2-2.6.2/debian/icingacli.postinst
--- icingaweb2-2.6.2/debian/icingacli.postinst  2018-11-23 18:35:14.0 
+0100
+++ icingaweb2-2.6.2/debian/icingacli.postinst  1970-01-01 01:00:00.0 
+0100
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-set -e
-
-dpkg-maintscript-helper rm_conffile \
-   "/etc/bash_completion.d/icingacli" "2.4.0-1~" -- "$@"
-
-#DEBHELPER#
-
-exit 0
diff -Nru icingaweb2-2.6.2/debian/icingacli.postrm 
icingaweb2-2.6.2/debian/icingacli.postrm
--- icingaweb2-2.6.2/debian/icingacli.postrm2018-11-23 18:35:14.0 
+0100
+++ icingaweb2-2.6.2/debian/icingacli.postrm1970-01-01 01:00:00.0 
+0100
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-set -e
-
-dpkg-maintscript-helper rm_conffile \
-   "/etc/bash_completion.d/icingacli" "2.4.0-1~" -- "$@"
-
-#DEBHELPER#
-
-exit 0
diff -Nru icingaweb2-2.6.2/debian/icingacli.preinst 
icingaweb2-2.6.2/debian/icingacli.preinst
--- icingaweb2-2.6.2/debian/icingacli.preinst   2018-11-23 18:35:14.0 
+0100
+++ icingaweb2-2.6.2/debian/icingacli.preinst   1970-01-01 01:00:00.0 
+0100
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-set -e
-
-dpkg-maintscript-helper rm_conffile \
-   "/etc/bash_completion.d/icingacli" "2.4.0-1~" -- "$@"
-
-#DEBHELPER#
-
-exit 0
diff -Nru icingaweb2-2.6.2/debian/icingaweb2.install 
icingaweb2-2.6.2/debian/icingaweb2.install
--- icingaweb2-2.6.2/debian/icingaweb2.install  2018-11-23 18:35:15.0 
+0100
+++ icingaweb2-2.6.2/debian/icingaweb2.install  2019-03-05 10:19:26.0 
+0100
@@ -1,20 +1,21 @@
-public doc   usr/share/icingaweb2
+public doc   usr/share/icingaweb2
 
-application/controllers  usr/share/icingaweb2/application
-application/fonts/fontello-ifont/css 
usr/share/icingaweb2/application/fonts/fontello-ifont
-application/formsusr/share/icingaweb2/application
-application/layouts  usr/share/icingaweb2/a

Bug#923771: unblock pre-approval: pandas/0.23.3+dfsg-3

On Wed, Mar 06, 2019 at 07:52:00PM +, Niels Thykier wrote:
> Once uploaded, please ping us on this bug when pandas have been
> successfully build so we can apply the unblock hints and schedule the
> builds for statsmodels.

Remove moreinfo when ready please.

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

Processed: tagging 922793

Processing commands for cont...@bugs.debian.org:

> tags 922793 + stretch
Bug #922793 [release.debian.org] RM: google-tasks-sync/0.5.3-1
Added tag(s) stretch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
922793: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922793
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 922792

Processing commands for cont...@bugs.debian.org:

> tags 922792 + stretch
Bug #922792 [release.debian.org] RM: gcontactsync/2.0.5-1
Added tag(s) stretch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
922792: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922792
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 922791

Processing commands for cont...@bugs.debian.org:

> tags 922791 + stretch
Bug #922791 [release.debian.org] RM: mozilla-gnome-keyring/0.12-1
Added tag(s) stretch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
922791: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922791
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 923771

Processing commands for cont...@bugs.debian.org:

> tags 923771 + moreinfo
Bug #923771 [release.debian.org] unblock pre-approval: pandas/0.23.3+dfsg-3
Added tag(s) moreinfo.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
923771: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923771
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#923897: stretch-pu: package chrony/3.0-4+deb9u2

2019-03-06 Thread Vincent Blut

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi,

I would like to update chrony in Stretch to fix #923137 (severity 
important). This issue is caused by the absence of the _llseek() system 
call in the seccomp filter provided by chrony, which prevents some 
information to be logged on various 32-bit architectures when the system 
call filter is active.

While working on the bug report mentionned above, I discovered that 
chronyd could also be incorrectly stopped when the system call filter is 
enabled. This is due to the waitpid() system call being absent from the 
seccomp filter. This is addressed by the 
allow-waitpid-in-seccomp-filter.patch patch.

I’m testing the proposed changes since a few days without any 
regression. Debdiff attached!

Cheers,
Vincent

-BEGIN PGP SIGNATURE-

iQJLBAEBCgA1FiEE/VQBlxWoTJPh4vI5ipzudlpxp4AFAlyANnwXHHZpbmNlbnQu
ZGViaWFuQGZyZWUuZnIACgkQipzudlpxp4BwUg//cxLwFRApU06w57sr7smRmwS7
00dR4NHcHHf2os82AmP1ugaHYT5KeQeCoU1s8pIIq3dXbwemf/TgjzOSBsOVK018
Qb15o3B5mN3ydeQl5sqKUwlBpnmj4IBD9ktmTMHbR6BQBvuBNI3OkZnjHTAFlZCB
htH3g0u8VUZ7p2hqr+PrBICUhooIFSEvrnEUcZfEFPjD+aTq6joMbrslNTgLkhvE
SEx/QZCzAgbEcbczeu2+s3PvvtLdPBRE+szWBNcXZoRJCfXuDqvBJzlQngwhCYNY
CTiQVmB2fjROjVpTzDYj97TdEJVV4EtOJefywYmquugdtphg5d4lVJ4vhYy8sp6t
ukOm43Q240Ae/bzvahXNU5xqFdZ3muOhG9uSPsg9KzOncyu65mHPxRpZ6Cq8vUlC
1uOCkzfvRS7vnUTM4K8QHIatqPcjQNu1/qyLoHUleQqClC+iZruvCwYyr7yijj+M
e9C5f34lKYm39CrPdMxy6gCtwJZEIkCPFwFYh1XtTMt+daLjpS3+mtlI5wl6l2Q3
qRXS1PVgA+nETU30e+ofPPGPGHwtx32yhtnIY3durfPkChR7qQVIFJ4jHoYpL4G9
u5cgeGg37wyCxcnmi8qFHrzpEaf2vFc0zqIPYYN4s6jBBjfqzmbZ9rx1xuLlZc9M
GKtwRTA840u1nN2zaLE=
=JdHo
-END PGP SIGNATURE-
diffstat for chrony-3.0 chrony-3.0

 changelog |   12 ++
 patches/allow-_llseek-in-seccomp-filter.patch |   30 ++
 patches/allow-waitpid-in-seccomp-filter.patch |   20 +
 patches/series|2 +
 4 files changed, 64 insertions(+)

diff -Nru chrony-3.0/debian/changelog chrony-3.0/debian/changelog
--- chrony-3.0/debian/changelog 2017-07-22 17:24:44.0 +0200
+++ chrony-3.0/debian/changelog 2019-03-06 11:13:29.0 +0100
@@ -1,3 +1,15 @@
+chrony (3.0-4+deb9u2) stretch; urgency=medium
+
+  * debian/patches/*:
+- Add allow-_llseek-in-seccomp-filter.patch. Needed on various 32-bit
+plateforms to log the {raw}measurements and statistics information when
+the seccomp filter is enabled. Thanks a lot to Francesco Poli (wintermute)
+ for the report. (Closes: #923137)
+- Add allow-waitpid-in-seccomp-filter.patch. Needed to correctly stop
+chronyd on some plateforms when the seccomp filter is enabled.
+
+ -- Vincent Blut   Wed, 06 Mar 2019 11:13:29 +0100
+
 chrony (3.0-4+deb9u1) stretch; urgency=medium
 
   * debian/chrony.if-up:
diff -Nru chrony-3.0/debian/patches/allow-_llseek-in-seccomp-filter.patch 
chrony-3.0/debian/patches/allow-_llseek-in-seccomp-filter.patch
--- chrony-3.0/debian/patches/allow-_llseek-in-seccomp-filter.patch 
1970-01-01 01:00:00.0 +0100
+++ chrony-3.0/debian/patches/allow-_llseek-in-seccomp-filter.patch 
2019-03-05 23:36:44.0 +0100
@@ -0,0 +1,30 @@
+From: Vincent Blut 
+Date: Thu, 28 Feb 2019 14:39:13 +0100
+Subject: sys_linux: allow _llseek in seccomp filter
+
+This is needed on various 32-bit platforms to reposition read/write file
+offset on {raw}measurements and statistics log files.
+
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923137
+Forwarded: 
https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-dev/2019/02/msg3.html
+Applied-Upstream: 
https://git.tuxfamily.org/chrony/chrony.git/commit/?id=e392d1fde94db26b88a0a017850415f1d34266d7
+---
+ sys_linux.c | 8 
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+--- a/sys_linux.c
 b/sys_linux.c
+@@ -473,10 +473,10 @@ SYS_Linux_EnableSystemCallFilter(int lev
+ SCMP_SYS(brk), SCMP_SYS(madvise), SCMP_SYS(mmap), SCMP_SYS(mmap2),
+ SCMP_SYS(mprotect), SCMP_SYS(mremap), SCMP_SYS(munmap), SCMP_SYS(shmdt),
+ /* Filesystem */
+-SCMP_SYS(access), SCMP_SYS(chmod), SCMP_SYS(chown), SCMP_SYS(chown32),
+-SCMP_SYS(fstat), SCMP_SYS(fstat64), SCMP_SYS(getdents), 
SCMP_SYS(getdents64),
+-SCMP_SYS(lseek), SCMP_SYS(rename), SCMP_SYS(stat), SCMP_SYS(stat64),
+-SCMP_SYS(statfs), SCMP_SYS(statfs64), SCMP_SYS(unlink),
++SCMP_SYS(_llseek), SCMP_SYS(access), SCMP_SYS(chmod), SCMP_SYS(chown),
++SCMP_SYS(chown32), SCMP_SYS(fstat), SCMP_SYS(fstat64), SCMP_SYS(getdents),
++SCMP_SYS(getdents64), SCMP_SYS(lseek), SCMP_SYS(rename), SCMP_SYS(stat),
++SCMP_SYS(stat64), SCMP_SYS(statfs), SCMP_SYS(statfs64), SCMP_SYS(unlink),
+ /* Socket */
+ SCMP_SYS(bind), SCMP_SYS(connect), SCMP_SYS(getsockname),
+ SCMP_SYS(recvfrom), SCMP_SYS(recvmmsg), SCMP_SYS(recvmsg),
diff -Nru chrony-3.0/debian/

Bug#923778: marked as done (unblock: meta-gnome3/1:3.30+1)

Your message dated Wed, 06 Mar 2019 21:01:00 +
with message-id 
and subject line Re: Bug#923778: unblock: meta-gnome3/1:3.30+1
has caused the Debian Bug report #923778,
regarding unblock: meta-gnome3/1:3.30+1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
923778: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923778
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Control: block 906016 by -1

Please unblock package meta-gnome3. I *think* I uploaded it in time to
migrate naturally before the hard freeze, but it might be a good idea to
fast-track it a bit so that the next d-i alpha or beta will be installing
the version of GNOME we intend to ship.

In particular migrating this package should make task-gnome-desktop
installable on s390x again, allowing GNOME Shell and gjs to migrate,
which among other fixes will resolve RC bug #922218 in gnome-shell.

unblock meta-gnome3/1:3.30+1

Thanks,
smcv
--- End Message ---
--- Begin Message ---
Simon McVittie:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> Control: block 906016 by -1
> 
> Please unblock package meta-gnome3. I *think* I uploaded it in time to
> migrate naturally before the hard freeze, but it might be a good idea to
> fast-track it a bit so that the next d-i alpha or beta will be installing
> the version of GNOME we intend to ship.
> 
> In particular migrating this package should make task-gnome-desktop
> installable on s390x again, allowing GNOME Shell and gjs to migrate,
> which among other fixes will resolve RC bug #922218 in gnome-shell.
> 
> unblock meta-gnome3/1:3.30+1
> 
> Thanks,
> smcv
> 

Aged, thanks.

~Niels--- End Message ---

Bug#923886: marked as done (unblock: google-compute-image-packages/20190124-2)

Your message dated Wed, 06 Mar 2019 20:57:00 +
with message-id <39701c98-ab85-10f9-a8c8-7c473f92d...@thykier.net>
and subject line Re: Bug#923886: unblock: 
google-compute-image-packages/20190124-2
has caused the Debian Bug report #923886,
regarding unblock: google-compute-image-packages/20190124-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
923886: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923886
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package google-compute-image-packages

Some patches applied to the version available in Buster are leading to a
breakage when running some tests against Debian instances in GCE. Two patches
were disabled (a minor modification) and I hope it could be included in the
next release in order to properly support Debian cloud images for GCE.

You can check the changes made in this link:
https://salsa.debian.org/cloud-team/google-compute-image-packages/compare/debian%2F20190124-1...debian%2F20190124-2

unblock google-compute-image-packages/20190124-2

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---
Lucas Kanashiro:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package google-compute-image-packages
> 
> Some patches applied to the version available in Buster are leading to a
> breakage when running some tests against Debian instances in GCE. Two patches
> were disabled (a minor modification) and I hope it could be included in the
> next release in order to properly support Debian cloud images for GCE.
> 
> You can check the changes made in this link:
> https://salsa.debian.org/cloud-team/google-compute-image-packages/compare/debian%2F20190124-1...debian%2F20190124-2
> 
> unblock google-compute-image-packages/20190124-2
> 
> [...]

Unblocked, thanks.

~Niels--- End Message ---

Bug#923779: marked as done (unblock: ikiwiki/3.20190228-1)

Your message dated Wed, 06 Mar 2019 20:58:00 +
with message-id <7ced6d38-6778-bb75-04d1-7c3f91ebd...@thykier.net>
and subject line Re: Bug#923779: unblock: ikiwiki/3.20190228-1
has caused the Debian Bug report #923779,
regarding unblock: ikiwiki/3.20190228-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
923779: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923779
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package ikiwiki to fix CVE-2019-9187. It should migrate
naturally before the hard freeze in any case, but it might be worthwhile
to fast-track it.

Now that ikiwiki is a non-native package, I intend to use Debian patches
rather than new upstream releases for any subsequent updates that target
buster.

unblock ikiwiki/3.20190228-1

Thanks,
smcv
diffstat for ikiwiki-3.20190207 ikiwiki-3.20190228

 CHANGELOG  
|   43 +
 IkiWiki.pm 
|  127 +++-
 IkiWiki/Plugin/aggregate.pm
|5 
 IkiWiki/Plugin/blogspam.pm 
|   16 
 IkiWiki/Plugin/openid.pm   
|   12 
 IkiWiki/Plugin/pinger.pm   
|   21 
 IkiWiki/Plugin/po.pm   
|   50 -
 debian/changelog   
|   44 +
 
doc/bugs/po:_second_or_subsequent_inline_of_translated_page_inlines_.po_file__44___not_translated_content.mdwn
 |3 
 doc/news/version_3.20170622.mdwn   
|   31 
 doc/news/version_3.20190207.mdwn   
|   34 +
 doc/plugins/aggregate.mdwn 
|4 
 doc/plugins/blogspam.mdwn  
|2 
 doc/plugins/openid.mdwn
|7 
 doc/plugins/pinger.mdwn
|8 
 doc/rcs/cvs.mdwn   
|3 
 doc/security.mdwn  
|   49 +
 doc/tips/using_a_proxy.mdwn
|   22 
 ikiwiki.spec   
|2 
 po/ikiwiki.pot 
|   60 -
 t/aggregate-file.t 
|  173 +
 t/noparanoia/LWPx/ParanoidAgent.pm 
|2 
 t/po.t 
|   38 -
 t/secret.rss   
|   11 
 t/useragent.t  
|  317 ++
 25 files changed, 893 insertions(+), 191 deletions(-)

diff -Nru ikiwiki-3.20190207/CHANGELOG ikiwiki-3.20190228/CHANGELOG
--- ikiwiki-3.20190207/CHANGELOG2019-02-07 11:08:41.0 +
+++ ikiwiki-3.20190228/CHANGELOG2019-02-26 23:01:54.0 +
@@ -1,3 +1,46 @@
+ikiwiki (3.20190228) upstream; urgency=medium
+
+  * aggregate: Use LWPx::ParanoidAgent if available.
+Previously blogspam, openid and pinger used this module if available,
+but aggregate did not. This prevents server-side request forgery or
+local file disclosu

Bug#923894: marked as done (unblock: mailscripts/0.7-1)

Your message dated Wed, 06 Mar 2019 20:55:00 +
with message-id 
and subject line Re: Bug#923894: unblock: mailscripts/0.7-1
has caused the Debian Bug report #923894,
regarding unblock: mailscripts/0.7-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
923894: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923894
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello,

Please unblock package mailscripts.

Paul Wise was kind enough to review the code in notmuch-slurp-debbug(1)
and discovered that my use of Perl's system() and backticks was invoking
superfluous shells.  In mailscripts 0.7, the calls are replaced with
functions which will never invoke shells.

Paul pointed out that there are a potential security risks due to shell
metacharacter expansion, so it would be good to see the fixed version in
buster.

unblock mailscripts/0.7-1

-- 
Sean Whitton

mailscripts_0.7-1.debdiff
Description: Binary data


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Sean Whitton:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Hello,
> 
> Please unblock package mailscripts.
> 
> Paul Wise was kind enough to review the code in notmuch-slurp-debbug(1)
> and discovered that my use of Perl's system() and backticks was invoking
> superfluous shells.  In mailscripts 0.7, the calls are replaced with
> functions which will never invoke shells.
> 
> Paul pointed out that there are a potential security risks due to shell
> metacharacter expansion, so it would be good to see the fixed version in
> buster.
> 
> unblock mailscripts/0.7-1
> 

Unblocked, thanks.

~Niels--- End Message ---

Bug#923894: unblock: mailscripts/0.7-1

2019-03-06 Thread Sean Whitton

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello,

Please unblock package mailscripts.

Paul Wise was kind enough to review the code in notmuch-slurp-debbug(1)
and discovered that my use of Perl's system() and backticks was invoking
superfluous shells.  In mailscripts 0.7, the calls are replaced with
functions which will never invoke shells.

Paul pointed out that there are a potential security risks due to shell
metacharacter expansion, so it would be good to see the fixed version in
buster.

unblock mailscripts/0.7-1

-- 
Sean Whitton

mailscripts_0.7-1.debdiff
Description: Binary data


signature.asc
Description: PGP signature

Bug#923875: marked as done (unblock: bubblewrap/0.3.1-4)

Your message dated Wed, 6 Mar 2019 19:36:18 +
with message-id <20190306193618.ga25...@powdarrmonkey.net>
and subject line Re: Bug#923875: unblock: bubblewrap/0.3.1-4
has caused the Debian Bug report #923875,
regarding unblock: bubblewrap/0.3.1-4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
923875: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923875
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package bubblewrap and/or speed up its migration. This
version fixes a potential security vulnerability reported by Jakub Wilk
(no CVE ID available yet) when not run in a systemd-logind session. I
believe the impact is usually only DoS, but it could be worse in some
cases.

Revision -4, uploaded today, should be basically equivalent to revision
-3, which has been in unstable for 3 days. It has more test coverage, and
uses the fix that was merged upstream instead of the similar fix that I
initially proposed.

unblock bubblewrap/0.3.1-4

Thanks,
smcv
diffstat for bubblewrap-0.3.1 bubblewrap-0.3.1

 changelog   |   19 
++
 control |2 
 patches/Don-t-create-our-own-temporary-mount-point-for-pivot_root.patch |   68 

 patches/debian/Use-Python-3-for-test-demo-code.patch|2 
 patches/series  |2 
 patches/tests-Ensure-that-tmpfs-with-oldroot-newroot-doesn-t-appe.patch |   81 
++
 upstream/metadata   |8 
 7 files changed, 180 insertions(+), 2 deletions(-)

diff -Nru bubblewrap-0.3.1/debian/changelog bubblewrap-0.3.1/debian/changelog
--- bubblewrap-0.3.1/debian/changelog   2018-10-03 15:23:27.0 +0100
+++ bubblewrap-0.3.1/debian/changelog   2019-03-06 14:43:44.0 +
@@ -1,3 +1,22 @@
+bubblewrap (0.3.1-4) unstable; urgency=medium
+
+  * d/p/Don-t-create-our-own-temporary-mount-point-for-pivot_root.patch:
+Replace with the version that was applied upstream
+  * d/p/tests-Ensure-that-tmpfs-with-oldroot-newroot-doesn-t-appe.patch:
+Add a test to check that the above patch works as intended
+
+ -- Simon McVittie   Wed, 06 Mar 2019 14:43:44 +
+
+bubblewrap (0.3.1-3) unstable; urgency=medium
+
+  * d/p/Don-t-create-our-own-temporary-mount-point-for-pivot_root.patch:
+Avoid denial of service and potential symlink attacks on systems not
+using systemd-logind (Closes: #923557)
+  * Standards-Version: 4.3.0 (no changes required)
+  * d/upstream/metadata: Add DEP-12 metadata
+
+ -- Simon McVittie   Sat, 02 Mar 2019 13:03:29 +
+
 bubblewrap (0.3.1-2) unstable; urgency=medium
 
   [ Iain Lane ]
diff -Nru bubblewrap-0.3.1/debian/control bubblewrap-0.3.1/debian/control
--- bubblewrap-0.3.1/debian/control 2018-10-03 15:23:27.0 +0100
+++ bubblewrap-0.3.1/debian/control 2019-03-06 14:43:44.0 +
@@ -16,7 +16,7 @@
  pkg-config,
  python3 ,
  xsltproc,
-Standards-Version: 4.2.1
+Standards-Version: 4.3.0
 Homepage: https://github.com/projectatomic/bubblewrap
 Vcs-Git: https://salsa.debian.org/debian/bubblewrap.git
 Vcs-Browser: https://salsa.debian.org/debian/bubblewrap
diff -Nru 
bubblewrap-0.3.1/debian/patches/debian/Use-Python-3-for-test-demo-code.patch 
bubblewrap-0.3.1/debian/patches/debian/Use-Python-3-for-test-demo-code.patch
--- 
bubblewrap-0.3.1/debian/patches/debian/Use-Python-3-for-test-demo-code.patch
2018-10-03 15:23:27.0 +0100
+++ 
bubblewrap-0.3.1/debian/patches/debian/Use-Python-3-for-test-demo-code.patch
2019-03-06 14:43:44.0 +
@@ -19,7 +19,7 @@
  import os, select, subprocess, sys, json
  
 diff --git a/tests/test-run.sh b/tests/test-run.sh
-index b883b82..5efaed0 100755
+index 9a20de6..cfadf91 100755
 --- a/tests/test-run.sh
 +++ b/tests/test-run.sh
 @@ -193,7 +193,7 @@ fi
diff -Nru 
bubblewrap-0.3.1/debian/patches/Don-t-create-our-own-temporary-mount-point-for-pivot_root.patch
 
bubblewrap-0.3.1/debian/patches/Don-t-create-our-own-temporary-mount-point-for-pivot_root.patch
--- 
bubblewrap-0.3.1/debian/patches/Don-t-create-our-own-temporary-mount-point-for-pivot_root.patch
 1970-01-01 01:00:00.0 +0100
+++ 
bubblewrap-0.3.1/debian/patches/Don-t-create-our-own-temporary-mount-point-for-pivot_root.patch
 2019-03-06 14:43:44.0 +
@@ -0,0 +1,68 @@
+From: Simon McVittie

Bug#923868: marked as done (unblock: notmuch/0.28.3-1)

Your message dated Wed, 6 Mar 2019 19:32:16 +
with message-id <20190306193216.ga25...@powdarrmonkey.net>
and subject line Re: Bug#923868: unblock: notmuch/0.28.3-1
has caused the Debian Bug report #923868,
regarding unblock: notmuch/0.28.3-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
923868: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923868
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Please unblock package notmuch

It contains two bugfixes for bugs that were not reported to Debian,
but probably qualify as at least severity important.

1) The API function notmuch_message_property_get was unusable when
   messages had more than two properties, return "not found" for most
   queries.

2) The documentation build had a race condition between parallel
   invocations of sphinx-build. Sphinx-build caches state using
   python's "pickle" facility, and does not lock the on-disk database.

   This led to FTBFS about one in 25 times. Since it's a race
   condition, that's sensitive to the environment. A minor change I
   made in attempting to fix it increased the failure frequence to 1
   in 10 times.

I'll attach a debdiff and a git log --patch. The bulk of the diff is
added unit tests for the message_property fix (really a one line fix
to the underlying data structure). 

unblock notmuch/0.28.3-1

- -- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-2-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-BEGIN PGP SIGNATURE-

iQGzBAEBCAAdFiEE3VS2dnyDRXKVCQCp8gKXHaSnniwFAlx/1D4ACgkQ8gKXHaSn
niyOywv+Nj5M2Esilhd2ax+E4qbpQdUg7s+kEYwzR1/P9HL1KowOwiTHo8QSKTlZ
DpEchcNxCrOIuXbRgRVEENBRBoYjqkNyspdLAcka+YSryHUHRHJOTk/Obf4WCqZQ
gAj50zfviA6u/bCQKh7YzbR7eDDwYIt5pES3mbLp56smi+f37uo42JYI+vSjOIyS
IBQYM7kiaPWHnFiUj9Go4udCtS+AM94lruIv8a/V+PrqoGukoS26daIaot5Berxw
7GJm+idU03ROSUG0FpsW8cctRXYPenw4qAoiC1e/vk6pMfBBKXrDwyvE+qyccUHM
d+jn3QAAtmFVpDfj0aSfKgS+PVZfThuEsziZBY4ozU3X0n5MEUaGnJ94UK3zCDDT
LqLNrUH1QEXwCAHdR+XwiGCEJdgDcQJtX0Nb7HzRfelJRfjqk70REevNWSqDO9Di
L25sMvAWK68MW1fopu7JWiKBoBqWQq5gS16ulD2CQYmfkcukwl6XvbeZBnBGmNm2
R8+crQL+
=viAD
-END PGP SIGNATURE-
diff -Nru notmuch-0.28.2/bindings/python/notmuch/version.py 
notmuch-0.28.3/bindings/python/notmuch/version.py
--- notmuch-0.28.2/bindings/python/notmuch/version.py   2019-02-17 
07:32:59.0 -0400
+++ notmuch-0.28.3/bindings/python/notmuch/version.py   2019-03-05 
21:46:41.0 -0400
@@ -1,3 +1,3 @@
 # this file should be kept in sync with ../../../version
-__VERSION__ = '0.28.2'
+__VERSION__ = '0.28.3'
 SOVERSION = '5'
diff -Nru notmuch-0.28.2/debian/changelog notmuch-0.28.3/debian/changelog
--- notmuch-0.28.2/debian/changelog 2019-02-17 07:30:33.0 -0400
+++ notmuch-0.28.3/debian/changelog 2019-03-05 15:39:09.0 -0400
@@ -1,3 +1,12 @@
+notmuch (0.28.3-1) unstable; urgency=medium
+
+  * New upstream bugfix release.
+  * Fix for bug in message property search
+  * Fix for race condition leading to (very) occasional build failures
+when building the documentation.
+
+ -- David Bremner   Tue, 05 Mar 2019 15:39:09 -0400
+
 notmuch (0.28.2-1) unstable; urgency=medium
 
   * [notmuch-emacs] Invoke gpg from with --batch and --no-tty
diff -Nru notmuch-0.28.2/doc/Makefile.local notmuch-0.28.3/doc/Makefile.local
--- notmuch-0.28.2/doc/Makefile.local   2019-02-17 07:32:59.0 -0400
+++ notmuch-0.28.3/doc/Makefile.local   2019-03-05 21:46:41.0 -0400
@@ -37,6 +37,14 @@
 %.gz: %
rm -f $@ && gzip --stdout $^ > $@
 
+# Sequentialize the calls to sphinx-build to avoid races with
+# reading/writing cached state. This uses GNU make specific
+# "order-only" prerequisites.
+
+sphinx-html: | $(DOCBUILDDIR)/.roff.stamp
+sphinx-texinfo: | sphinx-html
+sphinx-info: | sphinx-texinfo
+
 sphinx-html:
$(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(DOCBUILDDIR)/html
 
diff -Nru notmuch-0.28.2/lib/string-map.c notmuch-0.28.3/lib/string-map.c
--- notmuch-0.28.2/lib/string-map.c 2019-02-17 07:32:59.0 -0400
+++ notmuch-0.28.

Bug#923831: marked as done (unblock: pyfr/1.5.0-3)

Your message dated Wed, 6 Mar 2019 19:41:43 +
with message-id <20190306194143.ga26...@powdarrmonkey.net>
and subject line Re: Bug#923831: unblock: pyfr/1.5.0-3
has caused the Debian Bug report #923831,
regarding unblock: pyfr/1.5.0-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
923831: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923831
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package pyfr



diff -Nru pyfr-1.5.0/debian/changelog pyfr-1.5.0/debian/changelog
--- pyfr-1.5.0/debian/changelog 2018-05-20 06:47:05.0 +0200
+++ pyfr-1.5.0/debian/changelog 2019-03-05 20:34:01.0 +0100
@@ -1,3 +1,11 @@
+pyfr (1.5.0-3) unstable; urgency=medium
+
+  * Team upload.
+  * Fix installation of manpage
+Closes: #922257
+
+ -- Andreas Tille   Tue, 05 Mar 2019 20:34:01 +0100
+
 pyfr (1.5.0-2) unstable; urgency=medium
 
   * Team upload.
diff -Nru pyfr-1.5.0/debian/pyfr.manpages pyfr-1.5.0/debian/pyfr.manpages
--- pyfr-1.5.0/debian/pyfr.manpages 2018-05-20 06:47:05.0 +0200
+++ pyfr-1.5.0/debian/pyfr.manpages 2019-03-05 20:34:01.0 +0100
@@ -1 +1 @@
-build/man/*
+build/man/*.1



unblock pyfr/1.5.0-3

-- System Information:
Debian Release: 9.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-6-amd64 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
On Tue, Mar 05, 2019 at 08:42:29PM +0100, Andreas Tille wrote:
> Please unblock package pyfr

Unblocked. Watch out for the auto-removal timer.

Thanks,
-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51--- End Message ---

Processed: Re: Bug#923548: unblock: postfix/3.4.0-2

Processing control commands:

> tag -1 moreinfo
Bug #923548 [release.debian.org] unblock: postfix/3.4.0-2
Added tag(s) moreinfo.

-- 
923548: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923548
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#923548: unblock: postfix/3.4.0-2

Control: tag -1 moreinfo

On Fri, Mar 01, 2019 at 02:46:41PM -0500, Scott Kitterman wrote:
> Given the outstanding track record this upstream has for delivering mature,
> well tested code I believe this change is appropriate for this stage of the
> release cycle given the benefits it will provide, but it is definitely not
> minor, so I'd like release team feedback before uploading to unstable.

I agree. Please go ahead and remove moreinfo when it is ready to be
unblocked.

Thanks.

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

Bug#923771: unblock pre-approval: pandas/0.23.3+dfsg-3

2019-03-06 Thread Niels Thykier

Hi Rebecca,

Thanks for opening this bug.

Rebecca N. Palmer:
>>   * Fix documentation build (Sphinx now defaults to Python 3).
>>     (Closes: #804552, LP: #1803018)
>> Important bug (the documentation wasn't being shipped at all).  This
>> is not a complete fix: would you like me to go further or is now not
>> the time?
>>  - The 'Styling' documentation page
>> (http://pandas.pydata.org/pandas-docs/version/0.23/style.html) is
>> missing as it is in a different source format, that requires Pandoc
>>  - Several examples (run at build time) contain exception messages
>> because their dependencies aren't installed
> 
> These two variants would be "add pandoc to Build-Depends-Indep" and "add
> python3-sqlalchemy+python3-statsmodels+python3-xarray to
> Build-Depends-Indep".
> 

Given it is just a question of adding a few Build-Depends-Indep with
 I am fine with it - though be prepared to undo it at (almost
literally) the first sign of trouble/issues.

> Someone asked for the debdiff *from sid*, so here it is.
> 
> diff --git a/debian/changelog b/debian/changelog
> index 5c5bbed07..bb24569f0 100644
> --- a/debian/changelog
> +++ b/debian/changelog
> @@ -1,3 +1,14 @@
> +pandas (0.23.3+dfsg-3) UNRELEASED; urgency=medium
> +
> +  * Team upload.
> +  * Make np.array @ Series act the right way round.  (Closes: #923708)
> +  * Replace #918206 fix with a fix that doesn't change the return type
> +    and inplace-ness of np.array += DataFrame.  (Closes: #923707)
> +  * Revert "Add documentation examples dependencies" to comply with
> +    freeze policy.
> +
> + -- Rebecca N. Palmer   Mon, 04 Mar 2019
> 21:59:43 +
> +
>  pandas (0.23.3+dfsg-2) unstable; urgency=medium
> 
>    * Team upload.
> [...]
> 

Please go ahead with these changes - at your choice, with or without the
extra example documentation dependency changes.

Once uploaded, please ping us on this bug when pandas have been
successfully build so we can apply the unblock hints and schedule the
builds for statsmodels.

Thanks,
~Niels

Bug#923886: unblock: google-compute-image-packages/20190124-2

2019-03-06 Thread Lucas Kanashiro

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package google-compute-image-packages

Some patches applied to the version available in Buster are leading to a
breakage when running some tests against Debian instances in GCE. Two patches
were disabled (a minor modification) and I hope it could be included in the
next release in order to properly support Debian cloud images for GCE.

You can check the changes made in this link:
https://salsa.debian.org/cloud-team/google-compute-image-packages/compare/debian%2F20190124-1...debian%2F20190124-2

unblock google-compute-image-packages/20190124-2

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#923876: marked as done (RM: libsmali-1-java -- ROM; has no deps, libsmali-java is newer)

Your message dated Wed, 6 Mar 2019 17:10:12 +
with message-id <20190306171012.ga9...@powdarrmonkey.net>
and subject line Re: Bug#923876: RM: libsmali-1-java -- ROM; has no deps,
libsmali-java is newer
has caused the Debian Bug report #923876,
regarding RM: libsmali-1-java -- ROM; has no deps, libsmali-java is newer
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)

--
923876: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923876
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm

Please remove the libsmali-1-java source package and all related binary
packages. libsmali-1-java has been replaced by libsmali-java, and
nothing depends on libsmali-1-java.

I've already requested removal from sid.

signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
On Wed, Mar 06, 2019 at 05:59:19PM +0100, Hans-Christoph Steiner wrote:
>
> I've already requested removal from sid.

No need to do both.

--
Jonathan Wiltshire j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51--- End Message ---

Bug#923877: RM: libsmali-1-java -- ROM; has no deps, libsmali-java is newer


Package: release.debian@packages.debian.org

Please remove the libsmali-1-java source package and all related binary
packages. libsmali-1-java has been replaced by libsmali-java, and
nothing depends on libsmali-1-java.

I've already requested removal from sid.



signature.asc
Description: OpenPGP digital signature

Bug#923876: RM: libsmali-1-java -- ROM; has no deps, libsmali-java is newer