Bug#978958: release.debian.org: package Thunderbird stucks on autopkgtest on ppc64el for ever
Package: release.debian.org Severity: normal Hi there, since ppc64el was added to the CI pipeline of autopkgtest the package Thunderbird did never pass a single test on the CI platform as it always staying in status "Test in progress" one a new version get uploaded. There is something looking fishy to me in principal on ppc64el. If the real reason can't be found why thunderbird isn't tested successful on ppc64el I suggest to ignore this testing on this architecture. Regards Carsten -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386, aarch64, arm64 Kernel: Linux 5.9.0-5-amd64 (SMP w/4 CPU threads) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#977172: buster-pu: package qxmpp/1.0.0-4+deb10u1
>> I would like to push a fix for potential SEGFAULT on connection error >> in qxmpp library. Proposed patch is well tested in Debian unstable >> since qxmpp/1.0.0-5. > > Please go ahead. Uploaded. Thanks -- Boris
Bug#976094: buster-pu: package grub2/2.02+dfsg1-20+deb10u3
On Thu, Dec 31, 2020 at 04:46:43PM +, Adam D. Barratt wrote: > I do have a _slight_ concern that someone with a crazily small /boot > will end up being broken by the new backup code, but agree that it is > better than the current situation. It's true that this is a possibility. I'd like to add that the total size of /boot/grub/ at least on the buster system I have handy here is ~12MB, about a third of the size of an initramfs - so any system that close to the wire will probably be in trouble soon anyway. -- Colin Watson (he/him) [cjwat...@debian.org]
Bug#978157: buster-pu: package iproute2/4.20.0-2+deb10u1
On Thu, 31 Dec 2020 at 16:56, Adam D. Barratt wrote: > > Control: tags -1 + confirmed > > On Sat, 2020-12-26 at 19:20 +, Luca Boccassi wrote: > > I would like to do a bugfix upload of iproute2 to buster-proposed- > > updates. This would be the first upload for this source package, so > > waiting for feedback before uploading. > > > > The version would backport 3 bug fixes, which have been fixed in the > > latest upstream release, and which were reported on Debian Buster by > > users. They make some subcommands unusable or downright dangerous. > > > > The first two are about fixing invalid json output - these bugs make > > the affected subcommands output unusable, as consumers need valid > > formatted json: > > > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961278 > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972784 > > The metadata for #961278 implies that it still affects the package in > unstable. I assume that's simply an oversight? If so, please add an > appropriate fixed version, and go ahead with the upload; if not, please > fix unstable first. > > Regards, > > Adam Hi, Yes it was fixed upstream long before it was reported, so I forgot to close it. Done now, and uploaded. Thanks! Kind regards, Luca Boccassi
Processed: Re: Bug#977782: buster-pu: package postsrsd/1.5-2
Processing control commands: > tags -1 + confirmed Bug #977782 [release.debian.org] buster-pu: package postsrsd/1.5-2 Added tag(s) confirmed. -- 977782: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977782 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#977782: buster-pu: package postsrsd/1.5-2
Control: tags -1 + confirmed On Sun, 2020-12-20 at 20:48 +0100, Oxan van Leeuwen wrote: > Upstream recently discovered a potential remote denial-of-service > attack in postsrsd (CVE-2020-35573) [1]. Fortunately, this issue is > currently not exploitable in Debian due to gcc optimizing the > problematic loop away. Thus, the security has decided not to issue a > DSA [2], but instead suggested to fix it > through a stable update. > Please go ahead. Regards, Adam
Bug#978091: buster-pu: package geoclue-2.0/2.5.2-1
Control: tags -1 + confirmed On Fri, 2020-12-25 at 22:29 +0100, Laurent Bigonville wrote: > There are currently several issues with geoclue-2.0 in debian buster: > > 1) The daemon is not respecting the user choice to not query the > location, that could be seen as a privacy/GDPR breach as it contacts > MLS > and sends data (ESSID,..) to them without explicit approval. This is > only happening for "system" (non-flatpak) applications. > > 2) The indicator (in the gnome-shell,...) showing that geoclue is > active > and looking for the location of the computer is never turned on. > > 3) This version of geoclue is using a generic Mozilla Location > service > API key, Mozilla would like us to use a dedicated key for geoclue in > debian: https://gitlab.freedesktop.org/geoclue/geoclue/-/issues/136 > Please go ahead. Regards, Adam
Bug#977895: buster-pu: package slirp/1:1.0.17-8
Control: tags -1 + confirmed On Tue, 2020-12-22 at 13:31 +, Thorsten Alteholz wrote: > The attached debdiff for slirp fixes CVE-2020-8608 and CVE-2020-7039 > in Buster. > > Both are marked as no-dsa by the security team. > Please go ahead. Regards, Adam
Processed: Re: Bug#978091: buster-pu: package geoclue-2.0/2.5.2-1
Processing control commands: > tags -1 + confirmed Bug #978091 [release.debian.org] buster-pu: package geoclue-2.0/2.5.2-1 Added tag(s) confirmed. -- 978091: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978091 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#977172: buster-pu: package qxmpp/1.0.0-4+deb10u1
Processing control commands: > tags -1 + confirmed Bug #977172 [release.debian.org] buster-pu: package qxmpp/1.0.0-4+deb10u1 Added tag(s) confirmed. -- 977172: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977172 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#977895: buster-pu: package slirp/1:1.0.17-8
Processing control commands: > tags -1 + confirmed Bug #977895 [release.debian.org] buster-pu: package slirp/1:1.0.17-8 Added tag(s) confirmed. -- 977895: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977895 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#977172: buster-pu: package qxmpp/1.0.0-4+deb10u1
Control: tags -1 + confirmed On Sat, 2020-12-12 at 05:04 +0300, Boris Pek wrote: > I would like to push a fix for potential SEGFAULT on connection error > in qxmpp library. Proposed patch is well tested in Debian unstable > since qxmpp/1.0.0-5. > Please go ahead. Regards, Adam
Processed: Re: Bug#978157: buster-pu: package iproute2/4.20.0-2+deb10u1
Processing control commands: > tags -1 + confirmed Bug #978157 [release.debian.org] buster-pu: package iproute2/4.20.0-2+deb10u1 Added tag(s) confirmed. -- 978157: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978157 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#978157: buster-pu: package iproute2/4.20.0-2+deb10u1
Control: tags -1 + confirmed On Sat, 2020-12-26 at 19:20 +, Luca Boccassi wrote: > I would like to do a bugfix upload of iproute2 to buster-proposed- > updates. This would be the first upload for this source package, so > waiting for feedback before uploading. > > The version would backport 3 bug fixes, which have been fixed in the > latest upstream release, and which were reported on Debian Buster by > users. They make some subcommands unusable or downright dangerous. > > The first two are about fixing invalid json output - these bugs make > the affected subcommands output unusable, as consumers need valid > formatted json: > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961278 > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972784 The metadata for #961278 implies that it still affects the package in unstable. I assume that's simply an oversight? If so, please add an appropriate fixed version, and go ahead with the upload; if not, please fix unstable first. Regards, Adam
Processed: Re: Bug#976094: buster-pu: package grub2/2.02+dfsg1-20+deb10u3
Processing control commands: > tags -1 + confirmed d-i Bug #976094 [release.debian.org] buster-pu: package grub2/2.02+dfsg1-20+deb10u3 Added tag(s) d-i and confirmed. -- 976094: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976094 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#976094: buster-pu: package grub2/2.02+dfsg1-20+deb10u3
Control: tags -1 + confirmed d-i On Sun, 2020-11-29 at 16:57 +, Colin Watson wrote: > Following the security updates in July for the "BootHole" set of > vulnerabilities, we had a number of reports of failures to boot after > the upgrade. These weren't fundamentally a new problem, in that > we've always had a smattering of such reports after GRUB > kernel/module ABI changes, but it's obviously problematic for > affected users and it creates a considerable distraction from trying > to work out whether the security update itself is in fact OK, so I'd > like to attempt to improve the situation in stable. > > The attached patch is a set of backports from unstable, partly by me > and partly from similar attempts to improve upgrade reliability in > Ubuntu, thanks to Dimitri John Ledkov. Sorry for the delay in picking this back up. I do have a _slight_ concern that someone with a crazily small /boot will end up being broken by the new backup code, but agree that it is better than the current situation. As grub produces udebs, this will need a KiBi-ack, so tagging and CCing accordingly. Regards, Adam
Bug#978750: openjdk-N (non-default) should not trigger autopkg tests
Package: release.debian.org openjdk-N (non-default) should not trigger autopkg tests. All these don't make any sense, as the tests are always run using the default JRE/JDK. E.g. for 13, these were triggered today: autopkgtest for airport-utils: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for android-platform-tools-apksig: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for apgdiff: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for beagle: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for beast2-mcmc: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress (will not be considered a regression), ppc64el: Test in progress autopkgtest for chromhmm: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for chromimpute: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress (will not be considered a regression), i386: Test in progress (will not be considered a regression), ppc64el: Test in progress autopkgtest for clojure: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for davmail: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for drop-seq: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for imagej: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for libreoffice: amd64: Test in progress, arm64: Test in progress (will not be considered a regression), armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress (will not be considered a regression) autopkgtest for libsis-jhdf5-java: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for munin: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for openjdk-13: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for picard-tools: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for pilon: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress (will not be considered a regression), ppc64el: Test in progress autopkgtest for runescape: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress autopkgtest for swi-prolog: amd64: Test in progress, arm64: Test in progress, armhf: Test in progress, i386: Test in progress, ppc64el: Test in progress
Processed: Re: Bug#978747: RM: proftpd-mod-dnsbl/0.1.5-5+b1
Processing control commands: > reassign -1 ftp.debian.org Bug #978747 [release.debian.org] RM: proftpd-mod-dnsbl/0.1.5-5+b1 Bug reassigned from package 'release.debian.org' to 'ftp.debian.org'. Ignoring request to alter found versions of bug #978747 to the same values previously set Ignoring request to alter fixed versions of bug #978747 to the same values previously set > retitle -1 proftpd-mod-dnsbl -- RoM; included in proftpd-dfsg Bug #978747 [ftp.debian.org] RM: proftpd-mod-dnsbl/0.1.5-5+b1 Changed Bug title to 'proftpd-mod-dnsbl -- RoM; included in proftpd-dfsg' from 'RM: proftpd-mod-dnsbl/0.1.5-5+b1'. -- 978747: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978747 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#978747: RM: proftpd-mod-dnsbl/0.1.5-5+b1
Control: reassign -1 ftp.debian.org Control: retitle -1 proftpd-mod-dnsbl -- RoM; included in proftpd-dfsg On 2020-12-31 09:51:15 +0100, Francesco P. Lovergine wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: rm > > Please remove proftpd-mod-dnsbl in testing/unstable, it prevents migration of > new proftpd-dfsg (1.3.7a+dfsg-5) which now includes that module (and fix a > serious bug) and has usual > provides/replaces/conflicts in place. Thanks. Removals from unstable are handled by the FTP masters. Once removed from unstable, it will be removed from testing too. Reassigning accordingly. Cheers -- Sebastian Ramacher signature.asc Description: PGP signature
Bug#978747: RM: proftpd-mod-dnsbl/0.1.5-5+b1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Please remove proftpd-mod-dnsbl in testing/unstable, it prevents migration of new proftpd-dfsg (1.3.7a+dfsg-5) which now includes that module (and fix a serious bug) and has usual provides/replaces/conflicts in place. Thanks. -- System Information: Debian Release: 10.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.9.0-0.bpo.2-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled