Processed: Re: Bug#991103: unblock: collectd/5.12.0-7 (pre-approval)

[Debian Bug Tracking System]

Processing control commands:

> tags -1 - moreinfo
Bug #991103 [release.debian.org] unblock: collectd/5.12.0-7 (pre-approval)
Removed tag(s) moreinfo.

-- 
991103: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991103
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#991103: unblock: collectd/5.12.0-7 (pre-approval)

[Kentaro Hayashi]

Control: tags -1 - moreinfo

On Sat, 17 Jul 2021 20:28:05 +0200 Sebastian Ramacher  
wrote:
> Control: tags -1 moreinfo confirmed
> 
snip
> ACK, please go ahead and remove the moreinfo tag once the new version is
> available in unstable.

Done.

Bug#991336: unblock: freedombox/21.4.4

[James Valleroy]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: jvalle...@mailbox.org

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Please unblock package freedombox

[ Reason ]

freedombox 21.4.4 is a fix for #991292.

The freedombox dist-upgrade feature normally sets an apt-mark hold on
the freedombox package, to prevent the system from becoming
unreachable. The hold is set and removed within a try/finally block.

However, it is possible that the upgrade process is killed before it
is completed, and that the hold is left on the freedombox package.

To recover from this state, we can check for a hold that is
incorrectly left on the package. We just need to distinguish when the
package is temporarily held during upgrade, or purposely held by
administrator. We use a flag written to disk to indicate that a hold
was placed by freedombox upgrade script.

Here are the specific changes:

* action_utils: Separate function to hold freedombox package
* action_utils: Use flag to indicate freedombox package has been held
* upgrades: Check for held freedombox package in manual update
* upgrades: Check for held freedombox package daily
* action_utils: Don't print when unholding freedombox package

[ Impact ]

The impact is that if FreedomBox users rely on the automatic
dist-upgrade feature, there is a chance that after it completes, they
will need to manually remove the hold on the freedombox package.

[ Tests ]

I tested the following:

1. A hold placed on the freedombox package by the freedombox upgrade
script (indicated by flag on disk) will eventually be removed.

2. A hold on the freedombox package by system administrator (no flag
on disk) will not be removed.

3. All applications available through FreedomBox can be installed, and
no hold is left on freedombox package.

4. Package upgrades using unattended-upgrades are not impacted.

[ Risks ]

The code is fairly understandable and has been thoroughly tested in a
FreedomBox system. No other packages are affected.

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing


unblock freedombox/21.4.4


-BEGIN PGP SIGNATURE-

iQJKBAEBCgA0FiEEfWrbdQ+RCFWJSEvmd8DHXntlCAgFAmD3TsUWHGp2YWxsZXJv
eUBtYWlsYm94Lm9yZwAKCRB3wMdee2UICI3iD/9dSmDucHyok7iBIK/V9Z0aKsd3
0TwhR8el9UCpjqMprn9UkXDjwG5IPXWdRYe8KkShApeWTsxMY/3KrPirUa/1D4Hn
9bJiG//MTee8myeN3rYOC2WUupnm9Q0B4jvBBTo9rBGbRddu3nVfSTf6MLgRBKyB
K+B4sJZE732JWbfGIw9e7sufKGHiXq1P3I+r/9LhVhvaOKMyQFHZgxT5I7KYJs0y
usKRuwWValA9PSd2WVBPji3iJh5/w7HQKFmSsRR3H+xZ0jfR+x+e3bCj/jziR2ju
86U7yDVFfv8n/7JtwHm410GAd1ZgNYh45boPDTRONNGMU+NoukkWN/tbLI5hv5qs
D9ftf0bYaYfJIBDWrKDea+1EGJUR9ZZKXTnwPoQxrQl5PhLSrDlgmH5/69Kqrli6
DQHBOtlxeortq92OwPHA4uUL2STL9p6G7+qGD61qI7OLZr1le8EQ/yooXg6cO7yq
t4Tg7+kKWgRyTzn5uuLhO+mqBUK0+PFEeWyfXaZVOtGjmydZJDgBSMszq5pckwYG
9HEYPp6GH+W2LvWdZvuHZ5sAV8XG7xR7oHCAa8DP1YJko8yAK3IBHHz3mEznEttC
TytO0YRlYG85P4mOiQaYpJXWLFR18opBkvoDFPhh2WWGParETHx5pyb34MDMU/Dt
MfKQ3AT/LOFLvwyBOA==
=xLE8
-END PGP SIGNATURE-
diff -Nru freedombox-21.4.3/actions/packages freedombox-21.4.4/actions/packages
--- freedombox-21.4.3/actions/packages  2021-07-07 10:32:34.0 -0400
+++ freedombox-21.4.4/actions/packages  2021-07-16 09:07:51.0 -0400
@@ -18,9 +18,8 @@
 import apt_inst
 import apt_pkg
 from plinth import cfg
-from plinth.action_utils import apt_hold, run_apt_command
-
-LOCK_FILE = '/var/lib/dpkg/lock'
+from plinth.action_utils import (apt_hold_freedombox, is_package_manager_busy,
+ run_apt_command)
 
 logger = logging.getLogger(__name__)
 
@@ -93,7 +92,7 @@
 extra_arguments += ['-o', 'Dpkg::Options::=--force-confmiss']
 
 subprocess.run(['dpkg', '--configure', '-a'])
-with apt_hold():
+with apt_hold_freedombox():
 run_apt_command(['--fix-broken', 'install'])
 returncode = run_apt_command(['install'] + extra_arguments +
  arguments.packages)
@@ -115,12 +114,10 @@
 
 
 def subcommand_is_package_manager_busy(_):
-"""Return whether package manager is busy.
-This command uses the `lsof` command to check whether the dpkg lock file
-is open which indicates that the package manager is busy"""
-try:
-subprocess.check_output(['lsof', LOCK_FILE])
-except subprocess.CalledProcessError:
+"""Check whether package manager is busy.
+
+An exit code of zero indicates that package manager is busy."""
+if not is_package_manager_busy():
 sys.exit(-1)
 
 
diff -Nru freedombox-21.4.3/actions/upgrades freedombox-21.4.4/actions/upgrades
--- freedombox-21.4.3/actions/upgrades  2021-07-07 10:32:34.0 -0400
+++ freedombox-21.4.4/actions/upgrades  2021-07-16 09:07:51.0 -0400
@@ -14,9 +14,10 @@
 import sys
 import time
 
-from plinth.action_utils import (apt_hold, debconf_set_selections,
-

Bug#991325: unblock: systemd/247.3-6

[Cyril Brulebois]

Salvatore Bonaccorso  (2021-07-20):
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: car...@debian.org,k...@debian.org,bi...@debian.org
> Control: tags -1 d-i
> 
> Hi,
> 
> Please unblock package systemd
> 
> [ Reason ]
> The upload fixes CVE-2021-33910, which for buster was fixed via
> DSA-4942-1, 
> https://lists.debian.org/debian-security-announce/2021/msg00125.html 
> which can result in denial of service, crashing systemd and so the
> entire system.
> 
> [ Impact ]
> CVE-2021-33910 needs to be fixed in all suites.
> 
> [ Tests ]
> The testsuite on one hand, and specifically the fixes needed for
> CVE-2021-33910.
> 
> [ Risks ]
> The changes has been tested by various vendors in preparation of the
> security advisories. No regression spotted in the automated testsuite
> nor while manually testing.
> 
> [ Checklist ]
>   [x] all changes are documented in the d/changelog
>   [x] I reviewed all changes and I approve them
>   [x] attach debdiff against the package in testing
> 
> [ Other info ]
> Needs a d-i ack as well, kibi is aded in X-Debbugs-CC.
> 
> unblock systemd/247.3-6

Falls under the same “whatever is needed” mentioned earlier on IRC: feel
free to let it migrate as soon as required.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#991318: marked as done (unblock: munin/2.0.67-2)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 22:43:21 +
with message-id 
and subject line unblock munin
has caused the Debian Bug report #991318,
regarding unblock: munin/2.0.67-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991318: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991318
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package munin 2.0.67-2 as it fixes a serious bug with a oneline 
fix:

$ debdiff munin_2.0.67-1.dsc munin_2.0.67-2.dsc
diff -Nru munin-2.0.67/debian/changelog munin-2.0.67/debian/changelog
--- munin-2.0.67/debian/changelog   2021-02-26 13:24:19.0 +0100
+++ munin-2.0.67/debian/changelog   2021-07-20 14:40:08.0 +0200
@@ -1,3 +1,11 @@
+munin (2.0.67-2) unstable; urgency=medium
+
+  [ Kentaro Hayashi ]
+  * debian/munin-node.service: ensure /run/munin directory exists.
+Closes: #990371.
+
+ -- Holger Levsen   Tue, 20 Jul 2021 14:40:08 +0200
+
 munin (2.0.67-1) unstable; urgency=medium
 
   [ Holger Levsen ]
diff -Nru munin-2.0.67/debian/munin-node.service 
munin-2.0.67/debian/munin-node.service
--- munin-2.0.67/debian/munin-node.service  2021-01-17 23:34:32.0 
+0100
+++ munin-2.0.67/debian/munin-node.service  2021-07-20 14:39:29.0 
+0200
@@ -7,6 +7,7 @@
 EnvironmentFile=-/etc/default/munin-node
 Type=notify
 Restart=always
+RuntimeDirectory=munin
 ExecStart=/usr/sbin/munin-node --foreground $DAEMON_ARGS
 PIDFile=/run/munin/munin-node.pid
 # Plugins like "smart_" require access to devices


I've uploaded it and just saw the source package appear in unstable, though it
hasn't been built yet.

unblock munin/2.0.67-2

Thanks for your work on bullseye!


-- 
cheers,
Holger

 ⢀⣴⠾⠻⢶⣦⠀
 ⣾⠁⢠⠒⠀⣿⡁  holger@(debian|reproducible-builds|layer-acht).org
 ⢿⡄⠘⠷⠚⠋⠀  OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
 ⠈⠳⣄

No future.


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---

Bug#991317: marked as done (unblock: klaus/1.5.2-4)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 22:42:23 +
with message-id 
and subject line unblock klaus
has caused the Debian Bug report #991317,
regarding unblock: klaus/1.5.2-4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991317: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991317
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package klaus

  * Fix 500 when authentication is required. Closes: #987951
  (and trivial packaging changes documented in d/changelog)
(changes by Jelmer Vernooij)

One-line fix for basic/digest authentication.

(1.5.2-3 is missing in d/changelog, the changes it originally
 documented were already in 1.5.2-1)
diff -Nru klaus-1.5.2/debian/changelog klaus-1.5.2/debian/changelog
--- klaus-1.5.2/debian/changelog2020-07-20 01:15:41.0 +0300
+++ klaus-1.5.2/debian/changelog2021-07-11 22:32:42.0 +0300
@@ -1,3 +1,19 @@
+klaus (1.5.2-4) unstable; urgency=medium
+
+  * Source-only upload.
+
+ -- Jelmer Vernooij   Sun, 11 Jul 2021 20:32:42 +0100
+
+klaus (1.5.2-2) unstable; urgency=low
+
+  * Set Rules-Requires-Root: no.
+  * Fix field name typo in debian/upstream/metadata (Repository-Browser =>
+Repository-Browse).
+  * Update watch file format version to 4.
+  * Fix 500 when authentication is required. Closes: #987951
+
+ -- Jelmer Vernooij   Wed, 05 May 2021 16:38:43 +0100
+
 klaus (1.5.2-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru klaus-1.5.2/debian/control klaus-1.5.2/debian/control
--- klaus-1.5.2/debian/control  2020-07-20 01:15:41.0 +0300
+++ klaus-1.5.2/debian/control  2021-07-11 22:32:42.0 +0300
@@ -8,6 +8,7 @@
 Vcs-Git: https://salsa.debian.org/jelmer/klaus.git
 Vcs-Browser: https://salsa.debian.org/jelmer/klaus
 Build-Depends: debhelper-compat (= 12)
+Rules-Requires-Root: no
 
 Package: klaus
 Architecture: all
diff -Nru klaus-1.5.2/debian/patches/01_httpauth 
klaus-1.5.2/debian/patches/01_httpauth
--- klaus-1.5.2/debian/patches/01_httpauth  2020-07-20 01:15:41.0 
+0300
+++ klaus-1.5.2/debian/patches/01_httpauth  2021-07-11 22:32:42.0 
+0300
@@ -3,7 +3,7 @@
 index 000..82860d0
 --- /dev/null
 +++ b/klaus/httpauth.py
-@@ -0,0 +1,197 @@
+@@ -0,0 +1,198 @@
 +"""
 +Copyright (c) 2012 Jonas Haag . License: ISC
 +
@@ -138,7 +138,8 @@
 +'401 Authentication Required',
 +[('WWW-Authenticate', make_www_authenticate_header(self.realm))],
 +)
-+return ['401 - Authentication Required']
++html = '401 - Authentication Required'
++return [html if PY2 else html.encode()]
 +
 +
 +class DigestFileHttpAuthMiddleware(BaseHttpAuthMiddleware):
diff -Nru klaus-1.5.2/debian/upstream/metadata 
klaus-1.5.2/debian/upstream/metadata
--- klaus-1.5.2/debian/upstream/metadata2020-07-20 01:15:41.0 
+0300
+++ klaus-1.5.2/debian/upstream/metadata2021-07-11 22:32:42.0 
+0300
@@ -2,4 +2,3 @@
 Bug-Submit: https://github.com/jonashaag/klaus/issues/new
 Repository: https://github.com/jonashaag/klaus.git
 Repository-Browse: https://github.com/jonashaag/klaus
-Repository-Browser: https://github.com/jonashaag/klaus
diff -Nru klaus-1.5.2/debian/watch klaus-1.5.2/debian/watch
--- klaus-1.5.2/debian/watch2020-07-20 01:15:41.0 +0300
+++ klaus-1.5.2/debian/watch2021-07-11 22:32:42.0 +0300
@@ -1,2 +1,2 @@
-version=3
-https://pypi.debian.net/klaus/klaus-(.*).tar.gz
+version=4
+https://pypi.debian.net/klaus klaus-(.*).tar.gz
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---

Processed: Re: Bug#990956: uploading lintian-brush to testing-proposed-updates

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 990956 -moreinfo
Bug #990956 [release.debian.org] uploading lintian-brush to 
testing-proposed-updates
Removed tag(s) moreinfo.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
990956: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990956
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#990956: uploading lintian-brush to testing-proposed-updates

[Jelmer Vernooij]

tags 990956 -moreinfo
thanks

On Tue, Jul 20, 2021 at 10:46:12PM +0200, Paul Gevers wrote:
> On 20-07-2021 00:29, Jelmer Vernooij wrote:
> >> Still not promising anything, but what would be the proposed change in
> >> t-p-u?
> > Please find attached the proposed change. Please note that it only
> > affects the testsuite.
> 
> That last note was what I was hoping for. Under the assumption that the
> upload happens soon (we're hopefully close to releasing), please go
> ahead. Please remove the moreinfo tag once the upload happened.
Done, thanks. Hopefully this looks alright.

Cheers,

Jelmer


signature.asc
Description: PGP signature

Bug#991335: unblock: supertuxkart (pre-approval)

[Reiner Herrmann]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear release team,

this is a request for pre-approval of a supertuxkart upload.

The upstream tarball of supertuxkart 1.2+ds-2 currently includes data
files that are not free (#990368). Additionaly the d/copyright file is
lacking license information for a few additional resources (only data files).

To fix this bug, the two non-free karts will get removed from the upstream
tarball. But as removal of these files would cause a regression in online
multiplayer games, upstream provided two patches (+1 patch that fixes a
memory leak in one of these patches) that keep network compatibility with
other players intact.

Additionaly I'm currently in contact with an upstream contributor who is
investigating the remaining copyright/license issues.
To fix them, the plan is to amend d/copyright where possible
(investigations are currently ongoing), or to replace unknown/non-free files
with free alternatives.

I noticed that supertuxkart is marked for autoremoval on August 3rd
currently, which is probably after the bullseye release.
Does this mean supertuxkart 1.2+ds-2 will be part of bullseye and can
then still be fixed by a stable-proposed-update? Or does the upload
and migration to bullseye have to happen before July 31st?

Below is the full list of files that would get removed from the upstream
tarball:

data/karts/beastie/beastie-icon.png
data/karts/beastie/beastie.spm
data/karts/beastie/beastie_kart_colorizationMask.png
data/karts/beastie/beastie_kart_diffuse.png
data/karts/beastie/beastie_kart_gloss.png
data/karts/beastie/beastie_kart_leftDoor.png
data/karts/beastie/beastie_kart_leftDoor_colorizationMask.png
data/karts/beastie/beastie_kart_leftDoor_gloss.png
data/karts/beastie/beastie_n_kart_wheel_colorizationMask.png
data/karts/beastie/beastie_n_kart_wheel_diffuse.png
data/karts/beastie/beastie_n_kart_wheel_gloss.png
data/karts/beastie/beastie_shadow.png
data/karts/beastie/beastie_texture.png
data/karts/hexley/hexley.spm
data/karts/hexley/hexley_dashboard_diffuse.png
data/karts/hexley/hexley_dashboard_gloss.png
data/karts/hexley/hexley_diffuse.png
data/karts/hexley/hexley_gloss.png
data/karts/hexley/hexley_kart_Normal.png
data/karts/hexley/hexley_kart_colorizationMask.png
data/karts/hexley/hexley_kart_diffuse.png
data/karts/hexley/hexley_kart_frontGlass.png
data/karts/hexley/hexley_kart_gloss.png
data/karts/hexley/hexley_shadow.png
data/karts/hexley/hexley_wheel_Normal.png
data/karts/hexley/hexley_wheel_colorizationMask.png
data/karts/hexley/hexley_wheel_diffuse.png
data/karts/hexley/hexley_wheel_gloss.png
data/karts/hexley/hexley_window.png
data/karts/hexley/hexleyicon.png
data/karts/hexley/hexleyicon32.png

Attached are the mentioned upstream patches.

Kind regards,
  Reiner
From 851290d4c866130abb22ee61114016378af4cb45 Mon Sep 17 00:00:00 2001
From: Benau 
Date: Sun, 18 Jul 2021 00:49:49 +0800
Subject: [PATCH] Add code to generate official karts list

---
 data/official_karts.xml  |  21 ++
 sources.cmake|   2 +-
 src/karts/official_karts.cpp | 128 +++
 src/karts/official_karts.hpp |  20 ++
 src/main.cpp |   9 +++
 5 files changed, 179 insertions(+), 1 deletion(-)
 create mode 100644 data/official_karts.xml
 create mode 100644 src/karts/official_karts.cpp
 create mode 100644 src/karts/official_karts.hpp

diff --git a/data/official_karts.xml b/data/official_karts.xml
new file mode 100644
index 000..671aadf369e
--- /dev/null
+++ b/data/official_karts.xml
@@ -0,0 +1,21 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/sources.cmake b/sources.cmake
index d4f28ae4de4..ba4868d717e 100644
--- a/sources.cmake
+++ b/sources.cmake
@@ -1,5 +1,5 @@
 # Modify this file to change the last-modified date when you add/remove a file.
-# This will then trigger a new cmake run automatically.
+# This will then trigger a new cmake run automatically. 
 file(GLOB_RECURSE STK_HEADERS RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} "src/*.hpp")
 file(GLOB_RECURSE STK_SOURCES RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} "src/*.cpp")
 file(GLOB_RECURSE STK_SHADERS RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} "data/shaders/*")
diff --git a/src/karts/official_karts.cpp b/src/karts/official_karts.cpp
new file mode 100644
index 000..c8d7b9f38b7
--- /dev/null
+++ b/src/karts/official_karts.cpp
@@ -0,0 +1,128 @@
+#include "karts/official_karts.hpp"
+
+#include "karts/kart_properties_manager.hpp"
+#include "io/file_manager.hpp"
+#include "io/xml_node.hpp"
+#include "karts/kart_model.hpp"
+#include "karts/kart_properties.hpp"
+#include "utils/file_utils.hpp"
+#include "utils/log.hpp"
+#include "utils/vec3.hpp"
+
+#include 
+#include 
+#include 
+#include 
+
+namespace OfficialKarts
+{
+// 
+struct OfficialKart
+{

Bug#991314: marked as done (unblock: progress-linux/20210101-2)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 21:41:02 +
with message-id 
and subject line unblock progress-linux
has caused the Debian Bug report #991314,
regarding unblock: progress-linux/20210101-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991314: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991314
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package progress-linux

  * Adding initial Brazilian Portuguese debconf translations from Jorge
Neto  and Adriano Rafael Gomes
 (Closes: #986501).
  * Adding initial Spanish debconf translations from Camaleón
 (Closes: #987667).
(changes by Daniel Baumann)

Translation-only change.
diff -Nru progress-linux-20210101/debian/changelog 
progress-linux-20210101/debian/changelog
--- progress-linux-20210101/debian/changelog2021-02-09 16:53:47.0 
+0200
+++ progress-linux-20210101/debian/changelog2021-07-18 10:14:43.0 
+0300
@@ -1,3 +1,14 @@
+progress-linux (20210101-2) sid; urgency=medium
+
+  * Uploading to sid.
+  * Adding initial Brazilian Portuguese debconf translations from Jorge
+Neto  and Adriano Rafael Gomes
+ (Closes: #986501).
+  * Adding initial Spanish debconf translations from Camaleón
+ (Closes: #987667).
+
+ -- Daniel Baumann   Sun, 18 Jul 2021 
09:14:43 +0200
+
 progress-linux (20210101-1) sid; urgency=medium
 
   * Uploading to sid.
diff -Nru progress-linux-20210101/debian/po/es.po 
progress-linux-20210101/debian/po/es.po
--- progress-linux-20210101/debian/po/es.po 1970-01-01 02:00:00.0 
+0200
+++ progress-linux-20210101/debian/po/es.po 2021-07-18 10:14:02.0 
+0300
@@ -0,0 +1,67 @@
+# Spanish debconf translation of progress-linux
+# Copyright (C) 2021 Camaleón 
+# This file is distributed under the same license as the progress-linux 
package.
+msgid ""
+msgstr ""
+"Project-Id-Version: progress-linux\n"
+"Report-Msgid-Bugs-To: progress-li...@packages.debian.org\n"
+"POT-Creation-Date: 2019-11-18 17:31+0100\n"
+"PO-Revision-Date: 2021-04-16 17:45+0200\n"
+"Last-Translator: Camaleón \n"
+"Language-Team: Debian Spanish \n"
+"Language: es\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: title
+#. Description
+#: ../progress-linux.templates:1001
+msgid "Progress Linux: Setup"
+msgstr "Progress Linux: Configuración"
+
+#. Type: multiselect
+#. Description
+#: ../progress-linux.templates:2001
+msgid "setup apt archives:"
+msgstr "configurar archivos apt:"
+
+#. Type: multiselect
+#. Description
+#: ../progress-linux.templates:2001
+msgid "Please select the apt archives to setup."
+msgstr "Por favor, indique los archivos apt que desea configurar."
+
+#. Type: multiselect
+#. Description
+#: ../progress-linux.templates:3001
+msgid "setup apt archive areas:"
+msgstr "configurar áreas del archivo apt:"
+
+#. Type: multiselect
+#. Description
+#: ../progress-linux.templates:3001
+msgid "Please select the apt archive areas to setup."
+msgstr "Por favor, indique las áreas del archivo apt que desea configurar."
+
+#. Type: string
+#. Description
+#: ../progress-linux.templates:4001
+msgid "enter apt mirror:"
+msgstr "introduzca la réplica de apt:"
+
+#. Type: string
+#. Description
+#: ../progress-linux.templates:4001
+msgid "Please specify the mirror to download packages from."
+msgstr "Por favor, indique la réplica desde donde descargar los paquetes."
+
+#. Type: string
+#. Description
+#: ../progress-linux.templates:4001
+msgid ""
+"If unsure, leave empty which will use the default mirror (https://deb.;
+"progress-linux.org/packages)."
+msgstr ""
+"Si no está seguro, puede dejarlo en blanco y se utilizará la réplica "
+"predeterminada («https://deb.progress-linux.org/packages»)."
diff -Nru progress-linux-20210101/debian/po/pt_BR.po 
progress-linux-20210101/debian/po/pt_BR.po
--- progress-linux-20210101/debian/po/pt_BR.po  1970-01-01 02:00:00.0 
+0200
+++ progress-linux-20210101/debian/po/pt_BR.po  2021-07-18 10:13:09.0 
+0300
@@ -0,0 +1,74 @@
+# Brazilian Portuguese debconf translation of progress-linux
+# Copyright (C) 2019 Jorge Neto 
+# Copyright (C) 2019 Adriano Rafael Gomes 
+# This file is distributed under the same license as the progress-linux 
package.
+msgid ""
+msgstr ""
+"Project-Id-Version: progress-linux\n"
+"Report-Msgid-Bugs-To: progress-li...@packages.debian.org\n"
+"POT-Creation-Date: 2019-11-18 17:31+0100\n"
+"PO-Revision-Date: 2019-12-20 

Bug#991319: marked as done (unblock: qutebrowser/2.0.2-2)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 21:41:38 +
with message-id 
and subject line unblock qutebrowser
has caused the Debian Bug report #991313,
regarding unblock: qutebrowser/2.0.2-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991313: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991313
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: a...@debian.org, reichw...@b1-systems.de, m...@fritzreichwald.de, 
m...@the-compiler.org

Dear Release Team,

please unblock package qutebrowser/2.0.2-2.

It is a pure documentation update related to the Freenode f*ckup.

[ Reason ]

The upload adds a patch which updates the pointers to qutebrowser's
IRC channel which — like many other projects — recently had to change
from Freenode to Libera.Chat due to a hostile takeover of the prject's
IRC channel on Freenode.

[ Impact ]

According to upstream, from time to time people still join the
project's old channel on Freenode. It is suspected that outdated links
in packaged versions of qutebrowser are one source for this.

So if we don't get this tiny documentation update into Bullseye, the
Freenode f*ckup will just last longer for this project and were
continue to feed the new, hostile Freenode owners.

[ Tests ]

* I started qutebrowser, opened qute://help/, checked the IRC links.

* I viewed the man page, searched for "freenode" (not present) and "IRC"
  to verify that the IRC references are updated in there, too.

* I used qutebrowser as usually for about a day.

* A debdiff on the .changes file (i.e. the resulting .deb files only
  showed version field changes"

  $ debdiff /…/pbuilder/result/qutebrowser_2.0.2-{1,2}_amd64.changes
  File lists identical (after any substitutions)
  
  Control files of package qutebrowser: lines which differ (wdiff format)
  ---
  Version: [-2.0.2-1-] {+2.0.2-2+}
  
  Control files of package qutebrowser-qtwebengine: lines which differ (wdiff 
format)
  
---
  Depends: libqt5webenginecore5 (>= 5.12), python3-pyqt5.qtwebengine (>= 5.12), 
qutebrowser (= [-2.0.2-1)-] {+2.0.2-2)+}
  Version: [-2.0.2-1-] {+2.0.2-2+}
  
  Control files of package qutebrowser-qtwebkit: lines which differ (wdiff 
format)
  

  Depends: python3-pyqt5.qtwebkit (>= 5.12), libqt5webkit5 (>= 5.212), 
qutebrowser (= [-2.0.2-1)-] {+2.0.2-2)+}
  Version: [-2.0.2-1-] {+2.0.2-2+}

* diffoscope /…/pbuilder/result/qutebrowser_2.0.2-{1,2}_all.deb
  (i.e. the .deb file where the changed files are in) only showed
  expected changes:

  * The updated parts of the documentation
  * One new changelog entry (expected as well :-).
  * Version number changes (qutebrowser and debhelper, the latter from
13.3.3 to 13.3.4, so no big gap either)
  * Timestamps

[ Risks ]

Very low:

* Leaf package

* Only asciidoc source files (for the man page), one SVG vector image
  (XML) and HTML files are touched by the added patch.

* It's a simple patch updating a few lines of documentation. The
  standalone patch is attached as well as the full source debdiff.

[ Checklist ]
  [√] all changes are documented in the d/changelog
  [√] I reviewed all changes and I approve them
  [√] attach debdiff against the package in testing

[ Other info ]

I deliberately _only_ patched the SVG/XML version of the cheatsheet
image, _not_ the PNG version of it as that would have added a 1.7 MB
binary patch or an additional file plus changes in e.g.
debian/qutebrowser.install. (Both variants were discussed between
Debian packagers and upstream. Given the time shortly before the
full-freeze, we've chosen the simplest variant with the drawback of
not patching each occurrence, but leaving out one deliberately.)

So please…

unblock qutebrowser/2.0.2-2

Thanks in advance!
diff -Nru qutebrowser-2.0.2/debian/changelog qutebrowser-2.0.2/debian/changelog
--- qutebrowser-2.0.2/debian/changelog  2021-02-05 04:27:06.0 +0100
+++ qutebrowser-2.0.2/debian/changelog  2021-07-14 02:38:48.0 +0200
@@ -1,3 +1,10 @@
+qutebrowser (2.0.2-2) unstable; urgency=medium
+
+  * Apply patch to update documentation with regards to the #qutebrowser
+IRC channel having moved from Freenode to Libera.Chat.
+
+ -- Axel Beckert   Wed, 14 Jul 2021 02:38:48 +0200
+
 qutebrowser (2.0.2-1) unstable; urgency=medium

Bug#991313: marked as done (unblock: qutebrowser/2.0.2-2)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 21:41:38 +
with message-id 
and subject line unblock qutebrowser
has caused the Debian Bug report #991313,
regarding unblock: qutebrowser/2.0.2-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991313: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991313
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package qutebrowser

  * Apply patch to update documentation with regards to the #qutebrowser
IRC channel having moved from Freenode to Libera.Chat.
(change by Axel Beckert)

Documentation-only change.
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---

Bug#991310: marked as done (unblock: libnet-freedb-perl/0.10-2)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 21:40:27 +
with message-id 
and subject line unblock libnet-freedb-perl
has caused the Debian Bug report #991310,
regarding unblock: libnet-freedb-perl/0.10-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991310: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991310
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package libnet-freedb-perl

  * Add a patch to change the default host from the defunct
freedb.freedb.org to gnudb.gnudb.org.
(change by gregor herrmann)

autopkgtest for libnet-freedb-perl/0.10-2: amd64: Pass, arm64: Pass, armhf: 
Pass, i386: Pass, ppc64el: Pass
diff -Nru libnet-freedb-perl-0.10/debian/changelog 
libnet-freedb-perl-0.10/debian/changelog
--- libnet-freedb-perl-0.10/debian/changelog2015-12-01 23:24:47.0 
+0200
+++ libnet-freedb-perl-0.10/debian/changelog2021-07-16 21:53:11.0 
+0300
@@ -1,3 +1,11 @@
+libnet-freedb-perl (0.10-2) unstable; urgency=medium
+
+  * Add a patch to change the default host from the defunct
+freedb.freedb.org to gnudb.gnudb.org.
+Thanks to Adrian Bunk for the bug report. (Closes: #991089)
+
+ -- gregor herrmann   Fri, 16 Jul 2021 20:53:11 +0200
+
 libnet-freedb-perl (0.10-1) unstable; urgency=medium
 
   * Team upload
diff -Nru 
libnet-freedb-perl-0.10/debian/patches/replace_freedb_with_gnudb.patch 
libnet-freedb-perl-0.10/debian/patches/replace_freedb_with_gnudb.patch
--- libnet-freedb-perl-0.10/debian/patches/replace_freedb_with_gnudb.patch  
1970-01-01 02:00:00.0 +0200
+++ libnet-freedb-perl-0.10/debian/patches/replace_freedb_with_gnudb.patch  
2021-07-16 21:53:11.0 +0300
@@ -0,0 +1,52 @@
+Description: replace default host freedb.freedb.org with gnudb.gnudb.org.
+ Also remove reference to inaccessible documentation, and fix the non-online
+ test which checks for the default host.
+Origin: vendor
+Bug-Debian: https://bugs.debian.org/991089
+Author: gregor herrmann 
+Last-Update: 2021-07-16
+Forwarded: https://rt.cpan.org/Ticket/Display.html?id=137752
+Bug: https://rt.cpan.org/Ticket/Display.html?id=137752
+
+--- a/FreeDB.pm
 b/FreeDB.pm
+@@ -7,7 +7,7 @@
+ use File::Temp;
+ 
+ has hostname   => (is => 'ro', default => $ENV{HOSTNAME} // 
'unknown');
+-has remote_host=> (is => 'rw', default => 'freedb.freedb.org');
++has remote_host=> (is => 'rw', default => 'gnudb.gnudb.org');
+ has remote_port=> (is => 'rw', default => 8880);
+ has user   => (is => 'rw', default => $ENV{USER} // 
'unknown');
+ has timeout=> (is => 'rw', default => 120);
+@@ -449,7 +449,7 @@
+ 
+ 
+ new() creates and returns a new Net::FreeDB object that is connected
+-to either the given host or freedb.freedb.org as default.
++to either the given host or gnudb.gnudb.org as default.
+ 
+ =item lscat
+ 
+@@ -723,10 +723,6 @@
+ giving the correct drive number will return in an
+ accurate return.
+ 
+-=head1 Resources
+-The current version of the CDDB Server Protocol can be
+-found at: http://ftp.freedb.org/pub/freedb/latest/CDDBPROTO
+-
+ =head1 AUTHOR
+ David Shultz Edshu...@cpan.orge
+ Peter Pentchev Er...@ringlet.nete
+--- a/t/00-basic.t
 b/t/00-basic.t
+@@ -10,7 +10,7 @@
+ ok($freedb->hostname eq 'unknown', 'Error setting hostname');
+ }
+ 
+-ok($freedb->remote_host eq 'freedb.freedb.org', 'Error setting default host');
++ok($freedb->remote_host eq 'gnudb.gnudb.org', 'Error setting default host');
+ 
+ ok($freedb->remote_port == 8880, 'Error setting default port');
+ 
diff -Nru libnet-freedb-perl-0.10/debian/patches/series 
libnet-freedb-perl-0.10/debian/patches/series
--- libnet-freedb-perl-0.10/debian/patches/series   1970-01-01 
02:00:00.0 +0200
+++ libnet-freedb-perl-0.10/debian/patches/series   2021-07-16 
21:53:11.0 +0300
@@ -0,0 +1 @@
+replace_freedb_with_gnudb.patch
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---

Bug#991305: marked as done (unblock: lshw/02.18.85-0.7)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 21:39:54 +
with message-id 
and subject line unblock lshw
has caused the Debian Bug report #991305,
regarding unblock: lshw/02.18.85-0.7
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991305: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991305
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package lshw

  * Backport upstream fix for floating point exception on invalid FAT,
thanks to Dave Gomboc and Bernhard Übelacker. (Closes: #946940)
diff -Nru lshw-02.18.85/debian/changelog lshw-02.18.85/debian/changelog
--- lshw-02.18.85/debian/changelog  2021-01-04 00:41:23.0 +0200
+++ lshw-02.18.85/debian/changelog  2021-07-17 20:19:28.0 +0300
@@ -1,3 +1,11 @@
+lshw (02.18.85-0.7) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Backport upstream fix for floating point exception on invalid FAT,
+thanks to Dave Gomboc and Bernhard Übelacker. (Closes: #946940)
+
+ -- Adrian Bunk   Sat, 17 Jul 2021 20:19:28 +0300
+
 lshw (02.18.85-0.6) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru lshw-02.18.85/debian/patches/0001-fix-755-handle-invalid-FAT.patch 
lshw-02.18.85/debian/patches/0001-fix-755-handle-invalid-FAT.patch
--- lshw-02.18.85/debian/patches/0001-fix-755-handle-invalid-FAT.patch  
1970-01-01 02:00:00.0 +0200
+++ lshw-02.18.85/debian/patches/0001-fix-755-handle-invalid-FAT.patch  
2021-07-17 20:19:05.0 +0300
@@ -0,0 +1,41 @@
+From 89b3b6b9ed03f22ca98954712db5a90acf2c6755 Mon Sep 17 00:00:00 2001
+From: Lyonel Vincent 
+Date: Sat, 28 Dec 2019 00:02:44 +0100
+Subject: fix #755: handle invalid FAT
+
+check that sectors_per_cluster!=0
+---
+ src/core/fat.cc | 10 +-
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/core/fat.cc b/src/core/fat.cc
+index e68aea6..41b0001 100644
+--- a/src/core/fat.cc
 b/src/core/fat.cc
+@@ -186,11 +186,6 @@ bool scan_fat(hwNode & n, source & id)
+   if (vs.heads == 0)
+   return false;
+ 
+-  /* cluster size check */
+-  if (vs.sectors_per_cluster == 0 ||
+-  (vs.sectors_per_cluster & (vs.sectors_per_cluster-1)))
+-  return false;
+-
+   /* media check */
+   if (vs.media < 0xf8 && vs.media != 0xf0)
+   return false;
+@@ -200,6 +195,11 @@ bool scan_fat(hwNode & n, source & id)
+   return false;
+ 
+ valid:
++  /* cluster size check */
++  if (vs.sectors_per_cluster == 0 ||
++  (vs.sectors_per_cluster & (vs.sectors_per_cluster-1)))
++  return false;
++
+   /* sector size check */
+   sector_size_bytes = le_short(_size_bytes);
+   if (sector_size_bytes != 0x200 && sector_size_bytes != 0x400 &&
+-- 
+2.20.1
+
diff -Nru lshw-02.18.85/debian/patches/series 
lshw-02.18.85/debian/patches/series
--- lshw-02.18.85/debian/patches/series 2020-04-26 14:43:52.0 +0300
+++ lshw-02.18.85/debian/patches/series 2021-07-17 20:19:28.0 +0300
@@ -10,3 +10,4 @@
 add-missing-ethlink-standards.patch
 cross.patch
 #revert-Fix_JSON_output_format.patch
+0001-fix-755-handle-invalid-FAT.patch
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---

Bug#991304: marked as done (unblock: eboard/1.1.3-0.4)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 21:39:03 +
with message-id 
and subject line unblock eboard
has caused the Debian Bug report #991304,
regarding unblock: eboard/1.1.3-0.4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991304: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991304
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package eboard

  * Add upstream fix for segfault on engine selection,
thanks to Eric Cooper and Bernhard Übelacker. (Closes: #962627)
diff -Nru eboard-1.1.3/debian/changelog eboard-1.1.3/debian/changelog
--- eboard-1.1.3/debian/changelog   2019-05-17 16:17:10.0 +0300
+++ eboard-1.1.3/debian/changelog   2021-07-17 21:48:28.0 +0300
@@ -1,3 +1,11 @@
+eboard (1.1.3-0.4) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add upstream fix for segfault on engine selection,
+thanks to Eric Cooper and Bernhard Übelacker. (Closes: #962627)
+
+ -- Adrian Bunk   Sat, 17 Jul 2021 21:48:28 +0300
+
 eboard (1.1.3-0.3) unstable; urgency=medium
 
   [ Gianfranco Costamagna ]
diff -Nru 
eboard-1.1.3/debian/patches/0001-https-bugs.launchpad.net-ubuntu-source-eboard-bug-13.patch
 
eboard-1.1.3/debian/patches/0001-https-bugs.launchpad.net-ubuntu-source-eboard-bug-13.patch
--- 
eboard-1.1.3/debian/patches/0001-https-bugs.launchpad.net-ubuntu-source-eboard-bug-13.patch
 1970-01-01 02:00:00.0 +0200
+++ 
eboard-1.1.3/debian/patches/0001-https-bugs.launchpad.net-ubuntu-source-eboard-bug-13.patch
 2021-07-17 21:48:09.0 +0300
@@ -0,0 +1,21 @@
+From ed33049aff2cefd7508bcda8ab738b8ec871c948 Mon Sep 17 00:00:00 2001
+From: Christian Palazzo 
+Date: Thu, 30 Apr 2020 00:43:21 +0200
+Subject: https://bugs.launchpad.net/ubuntu/+source/eboard/+bug/1306419
+
+diff --git a/proto_xboard.cc b/proto_xboard.cc
+index ba48aa1..edabe1b 100644
+--- a/proto_xboard.cc
 b/proto_xboard.cc
+@@ -1083,7 +1083,7 @@ void CraftyProtocol::readDialog() {
+   snprintf(EngineCommandLine,512,"crafty bookpath=%s logpath=%s tbpath=%s",
+  BookPath,LogPath,LogPath);
+   if (!global.env.Home.empty())
+-snprintf(EngineRunDir,512,"%s/.eboard/craftylog",global.env.Home.c_str());
++snprintf(EngineRunDir,256,"%s/.eboard/craftylog",global.env.Home.c_str());
+   else
+ strcpy(EngineRunDir,"/tmp");
+ 
+-- 
+2.20.1
+
diff -Nru eboard-1.1.3/debian/patches/series eboard-1.1.3/debian/patches/series
--- eboard-1.1.3/debian/patches/series  2019-05-17 16:16:10.0 +0300
+++ eboard-1.1.3/debian/patches/series  2021-07-17 21:48:28.0 +0300
@@ -2,3 +2,4 @@
 hungarian-translation.patch
 90_respect_deb_build_options.patch
 ld-as-needed.patch
+0001-https-bugs.launchpad.net-ubuntu-source-eboard-bug-13.patch
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---

Bug#991321: marked as done (unblock: dovecot/1:2.3.13+dfsg1-2)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 21:37:17 +
with message-id 
and subject line unblock dovecot
has caused the Debian Bug report #991321,
regarding unblock: dovecot/1:2.3.13+dfsg1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991321: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991321
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package dovecot

[ Reason ]

Dovecot 1:2.3.13+dfsg1-2 includes two targeted security fixes and no other
changes.  The relevant section of debian/changelog is:

dovecot (1:2.3.13+dfsg1-2) unstable; urgency=high

  * Import upstream fixes for security issues (Closes: #990566):
- CVE-2021-29157: Path traversal issue allowing an attacker with
  access to the local filesystem can trick OAuth2 authentication into
  using an HS256 validation key from an attacker-controlled location
- CVE-2021-33515: Sensitive information could be redirected to an
  attacker-controlled address because of a STARTTLS command injection
  bug in the submission service

 -- Noah Meyerhans   Tue, 20 Jul 2021 08:05:19 -0700

[ Impact ]

We release bullseye with known security issues and will likely need to fix them
in a subsequent point release.

[ Tests ]

I've done basic functionality testing.  Additionally, the fixes are backported
from upstream's changes and are already included in Ubuntu's security archive,
so they've gotten reasonable test coverage at that level.  I do not have
reproducers for the security issues, so I have been unable to verify
experimentally that the problems have been fixed.

[ Risks ]

Code changes are reasonably straightforward, and as mentioned are already
deployed elsewhere.  Further, they impact what I believe to be less common
features of dovecot, meaning that even in the worst-case scenario, impact is
likely to be limited to a small number of users.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]

n/a

unblock dovecot/1:2.3.13+dfsg1-2
diff -Nru dovecot-2.3.13+dfsg1/debian/changelog 
dovecot-2.3.13+dfsg1/debian/changelog
--- dovecot-2.3.13+dfsg1/debian/changelog   2021-01-25 23:38:17.0 
+
+++ dovecot-2.3.13+dfsg1/debian/changelog   2021-07-20 15:05:19.0 
+
@@ -1,3 +1,15 @@
+dovecot (1:2.3.13+dfsg1-2) unstable; urgency=high
+
+  * Import upstream fixes for security issues (Closes: #990566):
+- CVE-2021-29157: Path traversal issue allowing an attacker with
+  access to the local filesystem can trick OAuth2 authentication into
+  using an HS256 validation key from an attacker-controlled location
+- CVE-2021-33515: Sensitive information could be redirected to an
+  attacker-controlled address because of a STARTTLS command injection
+  bug in the submission service
+
+ -- Noah Meyerhans   Tue, 20 Jul 2021 08:05:19 -0700
+
 dovecot (1:2.3.13+dfsg1-1) unstable; urgency=medium
 
   [ Christian Göttsche ]
diff -Nru dovecot-2.3.13+dfsg1/debian/patches/CVE-2021-29157.patch 
dovecot-2.3.13+dfsg1/debian/patches/CVE-2021-29157.patch
--- dovecot-2.3.13+dfsg1/debian/patches/CVE-2021-29157.patch1970-01-01 
00:00:00.0 +
+++ dovecot-2.3.13+dfsg1/debian/patches/CVE-2021-29157.patch2021-07-19 
22:09:38.0 +
@@ -0,0 +1,134 @@
+Description: fix incorrectly escapes kid and azp fields in JWT tokens
+Origin: 
https://launchpadlibrarian.net/544092180/dovecot_1%3A2.3.13+dfsg1-1ubuntu1_1%3A2.3.13+dfsg1-1ubuntu1.1.diff.gz
+
+--- a/src/lib-dict-extra/dict-fs.c
 b/src/lib-dict-extra/dict-fs.c
+@@ -67,8 +67,37 @@ static void fs_dict_deinit(struct dict *
+   i_free(dict);
+ }
+ 
++/* Remove unsafe paths */
++static const char *fs_dict_escape_key(const char *key)
++{
++  const char *ptr;
++  string_t *new_key = NULL;
++  /* we take the slow path always if we see potential
++ need for escaping */
++  while ((ptr = strstr(key, "/.")) != NULL) {
++  /* move to the first dot */
++  const char *ptr2 = ptr + 1;
++  /* find position of non-dot */
++  while (*ptr2 == '.') ptr2++;
++  if (new_key == NULL)
++  new_key = t_str_new(strlen(key));
++  str_append_data(new_key, key, ptr - key);
++  /* if ptr2 is / or end of string, escape */
++  if (*ptr2 == '/' || *ptr2 == '\0')
++

Bug#991303: marked as done (unblock: scottfree/1.14-10.1)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 21:38:21 +
with message-id 
and subject line unblock scottfree
has caused the Debian Bug report #991303,
regarding unblock: scottfree/1.14-10.1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991303: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991303
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package scottfree

  * Add patch from Bernhard Übelacker to fix crash when restoring
from save-file. (Closes: #968375)
diff -Nru scottfree-1.14/debian/changelog scottfree-1.14/debian/changelog
--- scottfree-1.14/debian/changelog 2017-01-20 13:52:21.0 +0200
+++ scottfree-1.14/debian/changelog 2021-07-17 22:54:45.0 +0300
@@ -1,3 +1,11 @@
+scottfree (1.14-10.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add patch from Bernhard Übelacker to fix crash when restoring
+from save-file. (Closes: #968375)
+
+ -- Adrian Bunk   Sat, 17 Jul 2021 22:54:45 +0300
+
 scottfree (1.14-10) unstable; urgency=low
 
   * Team upload.
diff -Nru scottfree-1.14/debian/patches/04_968375.patch 
scottfree-1.14/debian/patches/04_968375.patch
--- scottfree-1.14/debian/patches/04_968375.patch   1970-01-01 
02:00:00.0 +0200
+++ scottfree-1.14/debian/patches/04_968375.patch   2021-07-17 
22:53:59.0 +0300
@@ -0,0 +1,37 @@
+Description: Include time.h, fix two warnings in fscanf calls.
+
+Author: Bernhard Übelacker 
+Bug-Debian: https://bugs.debian.org/968375
+Forwarded: no
+Last-Update: 2020-08-14
+
+Index: scottfree-1.14/ScottCurses.c
+===
+--- scottfree-1.14.orig/ScottCurses.c
 scottfree-1.14/ScottCurses.c
+@@ -22,6 +22,7 @@
+ #include 
+ #include 
+ #include 
++#include 
+ 
+ #include "Scott.h"
+ 
+@@ -239,7 +240,7 @@ void LoadDatabase(FILE *f, int loud)
+ /* Load the header */
+   
+   if(fscanf(f,"%*d %d %d %d %d %d %d %d %d %d %d %d",
+-  ,,,)<10)
++  ,,)<10)
+   Fatal("Invalid database(bad header)");
+   GameHeader.NumItems=ni;
+   Items=(Item *)MemAlloc(sizeof(Item)*(ni+1));
+@@ -693,7 +694,7 @@ void LoadGame(char *name)
+   {
+   fscanf(f,"%d %d\n",[ct],[ct]);
+   }
+-  fscanf(f,"%ld %d %hd %d %d %hd\n",
++  fscanf(f,"%ld %hd %hd %d %d %hd\n",
+   ,
+   );
+   /* Backward compatibility */
diff -Nru scottfree-1.14/debian/patches/series 
scottfree-1.14/debian/patches/series
--- scottfree-1.14/debian/patches/series2017-01-20 13:48:06.0 
+0200
+++ scottfree-1.14/debian/patches/series2021-07-17 22:54:42.0 
+0300
@@ -1,3 +1,4 @@
 01_makefile.diff
 02_scottcurses_includes.diff
 03_clang.diff
+04_968375.patch
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---

Bug#991302: marked as done (unblock: smem/1.5-1.1)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 21:37:36 +
with message-id 
and subject line unblock smem
has caused the Debian Bug report #991302,
regarding unblock: smem/1.5-1.1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991302: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991302
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package smem

  * Add patch from Marco Paganini for Python 3 incompatibility
in "smem --bar". (Closes: #958129)

Regression from buster caused by the switch to Python 3.
diff -Nru smem-1.5/debian/changelog smem-1.5/debian/changelog
--- smem-1.5/debian/changelog   2020-01-05 05:57:10.0 +0200
+++ smem-1.5/debian/changelog   2021-07-17 22:47:50.0 +0300
@@ -1,3 +1,11 @@
+smem (1.5-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add patch from Marco Paganini for Python 3 incompatibility
+in "smem --bar". (Closes: #958129)
+
+ -- Adrian Bunk   Sat, 17 Jul 2021 22:47:50 +0300
+
 smem (1.5-1) unstable; urgency=medium
 
   [ Ondřej Nový ]
diff -Nru smem-1.5/debian/patches/series smem-1.5/debian/patches/series
--- smem-1.5/debian/patches/series  2020-01-05 05:57:10.0 +0200
+++ smem-1.5/debian/patches/series  2021-07-17 22:47:40.0 +0300
@@ -1,3 +1,4 @@
 manpage.patch
 buildsystem.patch
 smem-py3k.patch
+smem-xrange-fix.patch
diff -Nru smem-1.5/debian/patches/smem-xrange-fix.patch 
smem-1.5/debian/patches/smem-xrange-fix.patch
--- smem-1.5/debian/patches/smem-xrange-fix.patch   1970-01-01 
02:00:00.0 +0200
+++ smem-1.5/debian/patches/smem-xrange-fix.patch   2021-07-17 
22:47:10.0 +0300
@@ -0,0 +1,11 @@
+--- original/smem  2020-04-18 12:20:22.524849106 -0700
 fixed/smem 2020-04-18 12:19:24.912251338 -0700
+@@ -646,7 +646,7 @@
+ 
+ pl = []
+ ind = numpy.arange(len(l))
+-for n in xrange(len(rc)):
++for n in range(len(rc)):
+ pl.append(pylab.bar(ind + offset + width * n,
+  [x[1][rc[n]] for x in l], width, color=gc(n)))
+ 
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---

Processed: tagging 991122

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 991122 - moreinfo
Bug #991122 [release.debian.org] unblock: varnish/6.5.2-1
Removed tag(s) moreinfo.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
991122: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991122
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#990897: unblock: linux/5.10.46-1

[Paul Gevers]

Hi Salvatore,

On 20-07-2021 20:05, Salvatore Bonaccorso wrote:
> We do not have yet the signed packages that said, but once present
> ideally the package get's aged as well to have fixes asap in bullseye.

As asked on IRC: IIUC it's best to wait until all binaries are in and
migrate the set right? So including the linux-signed-(amd64|arm64|i386)
binaries.

I've added the unblocks and urgents for linux-signed-* and all *but* the
urgent for linux. If the answer is: let's migrate as they get in,
please, any RT member, urgent linux. If the set arrives before I'm back
on line, please, urgent linux.

Paul



OpenPGP_signature
Description: OpenPGP digital signature

Processed: Re: Bug#990956: uploading lintian-brush to testing-proposed-updates

[Debian Bug Tracking System]

Processing control commands:

> tags -1 confirmed moreinfo
Bug #990956 [release.debian.org] uploading lintian-brush to 
testing-proposed-updates
Added tag(s) confirmed and moreinfo.

-- 
990956: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990956
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#990956: uploading lintian-brush to testing-proposed-updates

[Paul Gevers]

Control: tags -1 confirmed moreinfo

On 20-07-2021 00:29, Jelmer Vernooij wrote:
>> Still not promising anything, but what would be the proposed change in
>> t-p-u?
> Please find attached the proposed change. Please note that it only
> affects the testsuite.

That last note was what I was hoping for. Under the assumption that the
upload happens soon (we're hopefully close to releasing), please go
ahead. Please remove the moreinfo tag once the upload happened.

Paul



OpenPGP_signature
Description: OpenPGP digital signature

Re: Finding a tentative bullseye release date

[Paul Gevers]

Hi all,

Current overview to check if I got things right and to hopefully trigger
more replies. We currently don't have any day yet with all involved
teams comfortably present, the one coming closest is 4 September.
Somebody from ftp available on 14 august?

14 August (day before DebCamp)
RT: Adam
Image: Steve, Andy
Press: Donald
FTP:
21 August (last day of DebCamp)
RT: Adam, elbrus
Image:
Press: 1/2 (not ideal)
FTP:
28 August (DebConf)
RT: elbrus
Image:
Press:
FTP: Joerg
4 September
RT: Adam, elbrus
Image: Steve, Andy
Press:
FTP: Joerg
11 September:
RT: Adam, elbrus, Sebastian
Image: Andy
Press:
FTP: Joerg
18 September:
RT: Adam, elbrus
Image: Andy
Press: Donald
FTP:

Paul



OpenPGP_signature
Description: OpenPGP digital signature

Bug#991325: marked as done (unblock: systemd/247.3-6)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 21:40:34 +0200
with message-id <6a3f7368-a557-444e-415b-05ac333f4...@debian.org>
and subject line Re: Bug#991325: unblock: systemd/247.3-6
has caused the Debian Bug report #991325,
regarding unblock: systemd/247.3-6
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991325: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991325
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: car...@debian.org,k...@debian.org,bi...@debian.org
Control: tags -1 d-i

Hi,

Please unblock package systemd

[ Reason ]
The upload fixes CVE-2021-33910, which for buster was fixed via
DSA-4942-1, 
https://lists.debian.org/debian-security-announce/2021/msg00125.html 
which can result in denial of service, crashing systemd and so the
entire system.

[ Impact ]
CVE-2021-33910 needs to be fixed in all suites.

[ Tests ]
The testsuite on one hand, and specifically the fixes needed for
CVE-2021-33910.

[ Risks ]
The changes has been tested by various vendors in preparation of the
security advisories. No regression spotted in the automated testsuite
nor while manually testing.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
Needs a d-i ack as well, kibi is aded in X-Debbugs-CC.

unblock systemd/247.3-6

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Hi Salvatore,

On 20-07-2021 20:03, Salvatore Bonaccorso wrote:
> Please unblock package systemd

Unblocked and urgented.

Paul

PS: for the readers at home, kibi ACKed on IRC



OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---

Bug#991122: unblock: varnish/6.5.2-1

[Stig Sandbeck Mathisen]

On Mon, Jul 19, 2021 at 10:06:37PM +0200, Graham Inggs wrote:
> On Mon, 19 Jul 2021 at 13:00, Stig Sandbeck Mathisen  wrote:
> > Attached is the diff. Changes are the upstream bugfix, as well as two
> > commits in the packaging repository:
> 
> Thanks.  Please go ahead and upload to unstable, then remove the moreinfo tag
> once it has built.

Hello Graham,

Thanks, will do.

-- 
Stig Sandbeck Mathisen

Bug#990990: unblock: libcgroup/2.0

[Thomas Goirand]

On 7/19/21 3:07 PM, Santiago Ruano Rincón wrote:
> On Thu, 15 Jul 2021 12:27:35 +0200 Paul Gevers  wrote:
>> Hi,
>>
>> On 12-07-2021 18:45, Michael Biebl wrote:
>>> This was already discussed in
>>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959022
>>>
>>> My takeaway from that discussion was, that rdeps of cgroup-tools, would
>>> itself have to be made cgroupv2 aware, especially OpenStack and its
>>> components.
>>
>> That resembles my understanding of that discussion too.
> 
> Mine too.
> 
> zigo, are there any news from openstack about this?

There is no way that Cinder and Nova produce a patch for OpenStack
Victoria (the release in Bullseye), which was released 9 months ago.
They are *planning* to use Cgroups v2 right now, but I'm not even sure
it's going to be ready for next version in October.

>>> Have those rdeps been tested successfully with libcgroup/cgroup-tools
>>> from experimental?
>>
>> I'm not in favor of doing this transition now.
>>
> 
> Please, keep in mind this comment, made before the release of 2.0:
> "we are planning something for next week. The version number will
> probably be 2.0 - with expectation that the v2 cycle will have
> continously breaking ABI. When we are happy where it is, we will push
> out v3 which will then maintain ABI through its lifetime."
> https://github.com/libcgroup/libcgroup/issues/12#issuecomment-825816328

This means that probably, it's best that Bullseye continues to support
Cgroups v1 (which isn't the case currently if we don't allow libcgroup
2.0 in).

On 7/19/21 11:48 PM, Adrian Bunk wrote:
> Based on soname and package name, the libcgroup1 in experimental
> claims to be ABI compatible with the library in buster.
> Changes in bookworm would be a normal library transition.
>
> OpenStack uses cgroup-tools, which is the only reason why libcgroup
> stayed in bullseye at all.
> My suggestion was basically asking whether 2.0 would be better for
> using with the version of OpenStack in bullseye, this is similar to
> your question to Thomas above.
>
> If cgroup-tools in *bookworm* would be incompatible with OpenStack in
> bullseye, this could be resolved with Breaks on the bullseye versions
> of cinder-common/nova-compute - this is irrelevant for discussing
> which version of libcgroup to ship in bullseye.

Maybe I'm not understanding fully, though what I think I've read in this
discussion, is that libcgroup in experimental makes it possible to use
cgcreate / cgset without any additional kernel command line parameters
(please let me know if I'm mistaking). On the OpenStack side, that's the
only thing which is needed. Cinder isn't using any library directly,
they just use the cgroup userland binaries. As for Nova, I'm not even
sure it's doing anything but using features from Qemu/Libvirt (this
would have to be checked). At least, doing a "grep -r cgcreate" in the
Nova source code returns nothing.

Cheers,

Thomas Goirand (zigo)

Bug#991325: unblock: systemd/247.3-6

[Salvatore Bonaccorso]

Hi,

On Tue, Jul 20, 2021 at 08:03:17PM +0200, Salvatore Bonaccorso wrote:
>   [x] attach debdiff against the package in testing

... or rather not ... attached.

Regards,
Salvatore
diff -Nru systemd-247.3/debian/changelog systemd-247.3/debian/changelog
--- systemd-247.3/debian/changelog  2021-04-12 20:21:24.0 +0200
+++ systemd-247.3/debian/changelog  2021-07-13 19:29:24.0 +0200
@@ -1,3 +1,13 @@
+systemd (247.3-6) unstable; urgency=high
+
+  * Non-maintainer upload (acked by maintainers)
+  * unit-name: generate a clear error code when converting an overly long fs
+path to a unit name
+  * basic/unit-name: do not use strdupa() on a path (CVE-2021-33910)
+  * basic/unit-name: adjust comments
+
+ -- Salvatore Bonaccorso   Tue, 13 Jul 2021 19:29:24 +0200
+
 systemd (247.3-5) unstable; urgency=medium
 
   * udev-udeb: setup /dev/fd, /dev/std{in,out,err} symlinks.
diff -Nru systemd-247.3/debian/patches/basic-unit-name-adjust-comments.patch 
systemd-247.3/debian/patches/basic-unit-name-adjust-comments.patch
--- systemd-247.3/debian/patches/basic-unit-name-adjust-comments.patch  
1970-01-01 01:00:00.0 +0100
+++ systemd-247.3/debian/patches/basic-unit-name-adjust-comments.patch  
2021-07-13 19:29:07.0 +0200
@@ -0,0 +1,38 @@
+From cbcea9f517bfe79b019fcec5c364952ea33d24f2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= 
+Date: Wed, 23 Jun 2021 11:52:56 +0200
+Subject: basic/unit-name: adjust comments
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+We already checked for "too long" right above…
+---
+ src/basic/unit-name.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/basic/unit-name.c b/src/basic/unit-name.c
+index a22763443fdd..1deead74588b 100644
+--- a/src/basic/unit-name.c
 b/src/basic/unit-name.c
+@@ -528,7 +528,7 @@ int unit_name_from_path(const char *path, const char 
*suffix, char **ret) {
+ if (strlen(s) >= UNIT_NAME_MAX) /* Return a slightly more descriptive 
error for this specific condition */
+ return -ENAMETOOLONG;
+ 
+-/* Refuse this if this got too long or for some other reason didn't 
result in a valid name */
++/* Refuse if this for some other reason didn't result in a valid name 
*/
+ if (!unit_name_is_valid(s, UNIT_NAME_PLAIN))
+ return -EINVAL;
+ 
+@@ -562,7 +562,7 @@ int unit_name_from_path_instance(const char *prefix, const 
char *path, const cha
+ if (strlen(s) >= UNIT_NAME_MAX) /* Return a slightly more descriptive 
error for this specific condition */
+ return -ENAMETOOLONG;
+ 
+-/* Refuse this if this got too long or for some other reason didn't 
result in a valid name */
++/* Refuse if this for some other reason didn't result in a valid name 
*/
+ if (!unit_name_is_valid(s, UNIT_NAME_INSTANCE))
+ return -EINVAL;
+ 
+-- 
+2.32.0
+
diff -Nru 
systemd-247.3/debian/patches/basic-unit-name-do-not-use-strdupa-on-a-path.patch 
systemd-247.3/debian/patches/basic-unit-name-do-not-use-strdupa-on-a-path.patch
--- 
systemd-247.3/debian/patches/basic-unit-name-do-not-use-strdupa-on-a-path.patch 
1970-01-01 01:00:00.0 +0100
+++ 
systemd-247.3/debian/patches/basic-unit-name-do-not-use-strdupa-on-a-path.patch 
2021-07-13 19:29:07.0 +0200
@@ -0,0 +1,64 @@
+From bae2f0d1109a8c75a7fb89ae6b8d1b6ef8dfab16 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= 
+Date: Wed, 23 Jun 2021 11:46:41 +0200
+Subject: basic/unit-name: do not use strdupa() on a path
+
+The path may have unbounded length, for example through a fuse mount.
+
+CVE-2021-33910: attacked controlled alloca() leads to crash in systemd and
+ultimately a kernel panic. Systemd parses the content of /proc/self/mountinfo
+and each mountpoint is passed to mount_setup_unit(), which calls
+unit_name_path_escape() underneath. A local attacker who is able to mount a
+filesystem with a very long path can crash systemd and the whole system.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1970887
+
+The resulting string length is bounded by UNIT_NAME_MAX, which is 256. But we
+can't easily check the length after simplification before doing the
+simplification, which in turns uses a copy of the string we can write to.
+So we can't reject paths that are too long before doing the duplication.
+Hence the most obvious solution is to switch back to strdup(), as before
+7410616cd9dbbec97cf98d75324da5cda2b2f7a2.
+---
+ src/basic/unit-name.c | 13 +
+ 1 file changed, 5 insertions(+), 8 deletions(-)
+
+diff --git a/src/basic/unit-name.c b/src/basic/unit-name.c
+index 284a77348316..a22763443fdd 100644
+--- a/src/basic/unit-name.c
 b/src/basic/unit-name.c
+@@ -378,12 +378,13 @@ int unit_name_unescape(const char *f, char **ret) {
+ }
+ 
+ int unit_name_path_escape(const char *f, char **ret) {
+-char *p, *s;
++

Processed: unblock: systemd/247.3-6

[Debian Bug Tracking System]

Processing control commands:

> tags -1 d-i
Bug #991325 [release.debian.org] unblock: systemd/247.3-6
Added tag(s) d-i.

-- 
991325: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991325
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#991325: unblock: systemd/247.3-6

[Salvatore Bonaccorso]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: car...@debian.org,k...@debian.org,bi...@debian.org
Control: tags -1 d-i

Hi,

Please unblock package systemd

[ Reason ]
The upload fixes CVE-2021-33910, which for buster was fixed via
DSA-4942-1, 
https://lists.debian.org/debian-security-announce/2021/msg00125.html 
which can result in denial of service, crashing systemd and so the
entire system.

[ Impact ]
CVE-2021-33910 needs to be fixed in all suites.

[ Tests ]
The testsuite on one hand, and specifically the fixes needed for
CVE-2021-33910.

[ Risks ]
The changes has been tested by various vendors in preparation of the
security advisories. No regression spotted in the automated testsuite
nor while manually testing.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
Needs a d-i ack as well, kibi is aded in X-Debbugs-CC.

unblock systemd/247.3-6

Regards,
Salvatore

Processed: Re: Bug#990897: unblock: linux/5.10.46-1

[Debian Bug Tracking System]

Processing control commands:

> retitle -1 unblock: linux/5.10.46-2
Bug #990897 [release.debian.org] unblock: linux/5.10.46-1
Changed Bug title to 'unblock: linux/5.10.46-2' from 'unblock: linux/5.10.46-1'.

-- 
990897: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990897
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#990897: unblock: linux/5.10.46-1

[Salvatore Bonaccorso]

Control: retitle -1 unblock: linux/5.10.46-2

On Sun, Jul 11, 2021 at 10:35:15PM +0200, Paul Gevers wrote:
> Control: tags -1 d-i
> 
> Hi,
> 
> On 10-07-2021 22:15, Salvatore Bonaccorso wrote:
> > Hi release team, hi Cyril (specifically for d-i)
> 
> So, let's add him (via d-boot) in.
> 
> > Please unblock package linux
> > 
> > It contained a rebase of the 5.10.y series to 5.10.46 upstream and
> > included the following changes relevant to add additional HW support
> > and bugfxes. The upstream import to 5.10.46 contained fixes for
> > various CVEs.
> 
> Ack.

This now needs to be 5.10.46-2 which includes most notably the fix for
CVE-2021-33909, which could lead to a local privilege escalation, see
DSA 4941-1.

We do not have yet the signed packages that said, but once present
ideally the package get's aged as well to have fixes asap in bullseye.

Regards,
Salvatore

Bug#991319: unblock: qutebrowser/2.0.2-2

[Florian Bruhin]

Hi,

I'm the upstream for qutebrowser. Thanks Axel for taking care of this!

On Thu, Jul 15, 2021 at 03:24:12AM +0200, Axel Beckert wrote:
> The upload adds a patch which updates the pointers to qutebrowser's
> IRC channel which — like many other projects — recently had to change
> from Freenode to Libera.Chat due to a hostile takeover of the prject's
> IRC channel on Freenode.

Indeed - for more context:
https://blog.qutebrowser.org/qutebrowser-moving-to-libera-chat.html

> According to upstream, from time to time people still join the
> project's old channel on Freenode. It is suspected that outdated links
> in packaged versions of qutebrowser are one source for this.

At least that's what people told me when I asked them how they found the
old channel. I do not know how many of them are using Debian stable,
compared to Ubuntu or other distributions not shipping the latest
upstream release.

Still, at some point I'd like to leave the old channel without having to
redirect people to the proper place (I can't set the topic, because I
lost my admin access to the old channel as part of Freenode's actions).

> Author: Axel Beckert 
> Description: Update IRC links to Libera Chat
>  Based on a patch by Florian Bruhin 
> Forwarded: not-needed

For context, I suggested a patch which only patches the asciidoc files,
while the release tarballs ship HTML files.

I've taken a quick look at the diff, looks good to me.

Florian

-- 
m...@the-compiler.org | https://www.qutebrowser.org 
   https://bruhin.software/ | https://github.com/sponsors/The-Compiler/
   GPG: 916E B0C8 FD55 A072 | https://the-compiler.org/pubkey.asc
 I love long mails! | https://email.is-not-s.ms/


signature.asc
Description: PGP signature

Bug#991270: marked as done (unblock: suricata/6.0.1-3)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 19:23:32 +0200
with message-id 

and subject line Re: Bug#991270: unblock: suricata/6.0.1-3
has caused the Debian Bug report #991270,
regarding unblock: suricata/6.0.1-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991270: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991270
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package suricata

This minimal patch that I added fixes CVE-2021-35063 by backporting the
corresponding fix commit from upstream [1]. By doing so it addresses
#990835.

I have added a debdiff to this bugreport that illustrates the
situation. I could upload to unstable anytime. Please let me know if the
fix is appropriate and I will initiate an upload if confirmed.

Thanks
Sascha

[1] 
https://github.com/OISF/suricata/commit/556570f7dd7f21f11cffda5ebcb72738a29cbb90
 

unblock suricata/6.0.1-3
diff -Nru suricata-6.0.1/debian/changelog suricata-6.0.1/debian/changelog
--- suricata-6.0.1/debian/changelog 2020-12-11 09:35:57.0 +0100
+++ suricata-6.0.1/debian/changelog 2021-07-19 13:26:22.0 +0200
@@ -1,3 +1,10 @@
+suricata (1:6.0.1-3) unstable; urgency=medium
+
+  * Address CVE-2021-35063 by backporting upstream fix.
+Closes: #990835
+
+ -- Sascha Steinbiss   Mon, 19 Jul 2021 13:26:22 +0200
+
 suricata (1:6.0.1-2) unstable; urgency=medium
 
   * Also specify explicit separate '-latomic' reference on mipsel.
diff -Nru suricata-6.0.1/debian/patches/series 
suricata-6.0.1/debian/patches/series
--- suricata-6.0.1/debian/patches/series2020-12-09 23:02:55.0 
+0100
+++ suricata-6.0.1/debian/patches/series2021-07-19 13:26:22.0 
+0200
@@ -9,3 +9,4 @@
 remove-conflicting-python-file.patch
 avoid-to-include-if_tunnel-h.patch
 llc.patch
+stream-no-reject-bad-ack.patch
diff -Nru suricata-6.0.1/debian/patches/stream-no-reject-bad-ack.patch 
suricata-6.0.1/debian/patches/stream-no-reject-bad-ack.patch
--- suricata-6.0.1/debian/patches/stream-no-reject-bad-ack.patch
1970-01-01 01:00:00.0 +0100
+++ suricata-6.0.1/debian/patches/stream-no-reject-bad-ack.patch
2021-07-19 13:26:22.0 +0200
@@ -0,0 +1,30 @@
+From 556570f7dd7f21f11cffda5ebcb72738a29cbb90 Mon Sep 17 00:00:00 2001
+From: Eric Leblond 
+Date: Fri, 28 May 2021 12:19:38 +0200
+Subject: [PATCH] stream/tcp: don't reject on bad ack
+
+Not using a packet for the streaming analysis when a non zero
+ACK value and ACK bit was unset was leading to evasion as it was
+possible to start a session with a SYN packet with a non zero ACK
+value to see the full TCP stream to escape all stream and application
+layer detection.
+
+This addresses CVE-2021-35063.
+
+Fixes: fa692df37 ("stream: reject broken ACK packets")
+
+Ticket: #4504.
+---
+ src/stream-tcp.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/src/stream-tcp.c
 b/src/stream-tcp.c
+@@ -4789,7 +4789,6 @@
+ /* broken TCP 
http://ask.wireshark.org/questions/3183/acknowledgment-number-broken-tcp-the-acknowledge-field-is-nonzero-while-the-ack-flag-is-not-set
 */
+ if (!(p->tcph->th_flags & TH_ACK) && TCP_GET_ACK(p) != 0) {
+ StreamTcpSetEvent(p, STREAM_PKT_BROKEN_ACK);
+-goto error;
+ }
+ 
+ /* If we are on IPS mode, and got a drop action triggered from
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---

Bug#991298: marked as done (unblock: pillow/8.1.2+dfsg-0.3)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 17:53:18 +0200
with message-id 

and subject line Re: Bug#991298: unblock: pillow/8.1.2+dfsg-0.3
has caused the Debian Bug report #991298,
regarding unblock: pillow/8.1.2+dfsg-0.3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991298: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991298
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package pillow

8.1.2+dfsg-0.3 includes fix for CVE-2021-34552

unblock pillow/8.1.2+dfsg-0.3
diffstat for pillow-8.1.2+dfsg pillow-8.1.2+dfsg

 changelog|8 
 patches/CVE-2021-34552.patch |   40 
 patches/series   |1 +
 3 files changed, 49 insertions(+)

diff -Nru pillow-8.1.2+dfsg/debian/changelog pillow-8.1.2+dfsg/debian/changelog
--- pillow-8.1.2+dfsg/debian/changelog  2021-06-13 17:11:04.0 +0100
+++ pillow-8.1.2+dfsg/debian/changelog  2021-07-19 09:52:20.0 +0100
@@ -1,3 +1,11 @@
+pillow (8.1.2+dfsg-0.3) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * CVE-2021-34552 - Replace sprintf with snprintf. Backport upstream change
+from 8.3 to 8.1. 
+
+ -- Neil Williams   Mon, 19 Jul 2021 09:52:20 +0100
+
 pillow (8.1.2+dfsg-0.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru pillow-8.1.2+dfsg/debian/patches/CVE-2021-34552.patch 
pillow-8.1.2+dfsg/debian/patches/CVE-2021-34552.patch
--- pillow-8.1.2+dfsg/debian/patches/CVE-2021-34552.patch   1970-01-01 
01:00:00.0 +0100
+++ pillow-8.1.2+dfsg/debian/patches/CVE-2021-34552.patch   2021-07-19 
09:51:59.0 +0100
@@ -0,0 +1,40 @@
+From 5f4504bb03f4edeeef8c2633dc5ba03a4c2a8a97 Mon Sep 17 00:00:00 2001
+From: Andrew Murray 
+Date: Tue, 15 Jun 2021 15:14:26 +1000
+Subject: [PATCH 1/2] Limit sprintf modes to 10 characters
+
+From 518ee3722a99d7f7d890db82a20bd81c1c0327fb Mon Sep 17 00:00:00 2001
+From: Andrew Murray 
+Date: Wed, 30 Jun 2021 23:47:10 +1000
+Subject: [PATCH 2/2] Use snprintf instead of sprintf
+
+* https://github.com/python-pillow/Pillow/pull/5567/files
+* Replace sprintf with snprintf in src/libImaging/Convert.c
+
+---
+--- a/src/libImaging/Convert.c
 b/src/libImaging/Convert.c
+@@ -1664,9 +1664,8 @@
+ #ifdef notdef
+ return (Imaging) ImagingError_ValueError("conversion not supported");
+ #else
+-static char buf[256];
+-/* FIXME: may overflow if mode is too large */
+-sprintf(buf, "conversion from %s to %s not supported", imIn->mode, 
mode);
++static char buf[100];
++snprintf(buf, 100, "conversion from %.10s to %.10s not supported", 
imIn->mode, mode);
+ return (Imaging) ImagingError_ValueError(buf);
+ #endif
+ }
+@@ -1724,9 +1723,8 @@
+ }
+ #else
+ {
+-  static char buf[256];
+-  /* FIXME: may overflow if mode is too large */
+-  sprintf(buf, "conversion from %s to %s not supported in 
convert_transparent", imIn->mode, mode);
++  static char buf[100];
++  snprintf(buf, 100, "conversion from %.10s to %.10s not supported in 
convert_transparent", imIn->mode, mode);
+   return (Imaging) ImagingError_ValueError(buf);
+ }
+ #endif
diff -Nru pillow-8.1.2+dfsg/debian/patches/series 
pillow-8.1.2+dfsg/debian/patches/series
--- pillow-8.1.2+dfsg/debian/patches/series 2021-06-13 17:10:51.0 
+0100
+++ pillow-8.1.2+dfsg/debian/patches/series 2021-07-19 09:45:27.0 
+0100
@@ -7,3 +7,4 @@
 CVE-2021-28676.patch
 CVE-2021-28677.patch
 CVE-2021-28678.patch
+CVE-2021-34552.patch
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---

Bug#991321: unblock: dovecot/1:2.3.13+dfsg1-2

[Noah Meyerhans]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package dovecot

[ Reason ]

Dovecot 1:2.3.13+dfsg1-2 includes two targeted security fixes and no other
changes.  The relevant section of debian/changelog is:

dovecot (1:2.3.13+dfsg1-2) unstable; urgency=high

  * Import upstream fixes for security issues (Closes: #990566):
- CVE-2021-29157: Path traversal issue allowing an attacker with
  access to the local filesystem can trick OAuth2 authentication into
  using an HS256 validation key from an attacker-controlled location
- CVE-2021-33515: Sensitive information could be redirected to an
  attacker-controlled address because of a STARTTLS command injection
  bug in the submission service

 -- Noah Meyerhans   Tue, 20 Jul 2021 08:05:19 -0700

[ Impact ]

We release bullseye with known security issues and will likely need to fix them
in a subsequent point release.

[ Tests ]

I've done basic functionality testing.  Additionally, the fixes are backported
from upstream's changes and are already included in Ubuntu's security archive,
so they've gotten reasonable test coverage at that level.  I do not have
reproducers for the security issues, so I have been unable to verify
experimentally that the problems have been fixed.

[ Risks ]

Code changes are reasonably straightforward, and as mentioned are already
deployed elsewhere.  Further, they impact what I believe to be less common
features of dovecot, meaning that even in the worst-case scenario, impact is
likely to be limited to a small number of users.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]

n/a

unblock dovecot/1:2.3.13+dfsg1-2
diff -Nru dovecot-2.3.13+dfsg1/debian/changelog 
dovecot-2.3.13+dfsg1/debian/changelog
--- dovecot-2.3.13+dfsg1/debian/changelog   2021-01-25 23:38:17.0 
+
+++ dovecot-2.3.13+dfsg1/debian/changelog   2021-07-20 15:05:19.0 
+
@@ -1,3 +1,15 @@
+dovecot (1:2.3.13+dfsg1-2) unstable; urgency=high
+
+  * Import upstream fixes for security issues (Closes: #990566):
+- CVE-2021-29157: Path traversal issue allowing an attacker with
+  access to the local filesystem can trick OAuth2 authentication into
+  using an HS256 validation key from an attacker-controlled location
+- CVE-2021-33515: Sensitive information could be redirected to an
+  attacker-controlled address because of a STARTTLS command injection
+  bug in the submission service
+
+ -- Noah Meyerhans   Tue, 20 Jul 2021 08:05:19 -0700
+
 dovecot (1:2.3.13+dfsg1-1) unstable; urgency=medium
 
   [ Christian Göttsche ]
diff -Nru dovecot-2.3.13+dfsg1/debian/patches/CVE-2021-29157.patch 
dovecot-2.3.13+dfsg1/debian/patches/CVE-2021-29157.patch
--- dovecot-2.3.13+dfsg1/debian/patches/CVE-2021-29157.patch1970-01-01 
00:00:00.0 +
+++ dovecot-2.3.13+dfsg1/debian/patches/CVE-2021-29157.patch2021-07-19 
22:09:38.0 +
@@ -0,0 +1,134 @@
+Description: fix incorrectly escapes kid and azp fields in JWT tokens
+Origin: 
https://launchpadlibrarian.net/544092180/dovecot_1%3A2.3.13+dfsg1-1ubuntu1_1%3A2.3.13+dfsg1-1ubuntu1.1.diff.gz
+
+--- a/src/lib-dict-extra/dict-fs.c
 b/src/lib-dict-extra/dict-fs.c
+@@ -67,8 +67,37 @@ static void fs_dict_deinit(struct dict *
+   i_free(dict);
+ }
+ 
++/* Remove unsafe paths */
++static const char *fs_dict_escape_key(const char *key)
++{
++  const char *ptr;
++  string_t *new_key = NULL;
++  /* we take the slow path always if we see potential
++ need for escaping */
++  while ((ptr = strstr(key, "/.")) != NULL) {
++  /* move to the first dot */
++  const char *ptr2 = ptr + 1;
++  /* find position of non-dot */
++  while (*ptr2 == '.') ptr2++;
++  if (new_key == NULL)
++  new_key = t_str_new(strlen(key));
++  str_append_data(new_key, key, ptr - key);
++  /* if ptr2 is / or end of string, escape */
++  if (*ptr2 == '/' || *ptr2 == '\0')
++  str_append(new_key, "/...");
++  else
++  str_append(new_key, "/.");
++  key = ptr + 2;
++  }
++  if (new_key == NULL)
++  return key;
++  str_append(new_key, key);
++  return str_c(new_key);
++}
++
+ static const char *fs_dict_get_full_key(struct fs_dict *dict, const char *key)
+ {
++  key = fs_dict_escape_key(key);
+   if (str_begins(key, DICT_PATH_SHARED))
+   return key + strlen(DICT_PATH_SHARED);
+   else if (str_begins(key, DICT_PATH_PRIVATE)) {
+--- a/src/lib-oauth2/oauth2-jwt.c
 b/src/lib-oauth2/oauth2-jwt.c
+@@ -250,6 +250,34 @@ oauth2_jwt_copy_fields(ARRAY_TYPE(oauth2
+   }
+ }
+ 
++/* Escapes '/' and '%' in identifier to %hex */

Processed: merging 991319 991313

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> merge 991319 991313
Bug #991319 [release.debian.org] unblock: qutebrowser/2.0.2-2
Bug #991313 [release.debian.org] unblock: qutebrowser/2.0.2-2
Merged 991313 991319
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
991313: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991313
991319: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991319
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#991313: unblock: qutebrowser/2.0.2-2

[Axel Beckert]

Hi Adrian,

Adrian Bunk wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package qutebrowser
> 
>   * Apply patch to update documentation with regards to the #qutebrowser
> IRC channel having moved from Freenode to Libera.Chat.
> (change by Axel Beckert)
> 
> Documentation-only change.

Huh? I thought I filed an unblock request last week already. Hmmm.
Can't find it in the BTS. Oh, fuck, my local postfix daemon was no
more running. So thanks for writing one, too!

So there will show up a proper, full unblock request arrive soon.
Sorry for not having noticed that it didn't go out before the full
freeze. :-(

Will merge them once it arrived in the BTS.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Bug#991319: unblock: qutebrowser/2.0.2-2

[Axel Beckert]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: a...@debian.org, reichw...@b1-systems.de, m...@fritzreichwald.de, 
m...@the-compiler.org

Dear Release Team,

please unblock package qutebrowser/2.0.2-2.

It is a pure documentation update related to the Freenode f*ckup.

[ Reason ]

The upload adds a patch which updates the pointers to qutebrowser's
IRC channel which — like many other projects — recently had to change
from Freenode to Libera.Chat due to a hostile takeover of the prject's
IRC channel on Freenode.

[ Impact ]

According to upstream, from time to time people still join the
project's old channel on Freenode. It is suspected that outdated links
in packaged versions of qutebrowser are one source for this.

So if we don't get this tiny documentation update into Bullseye, the
Freenode f*ckup will just last longer for this project and were
continue to feed the new, hostile Freenode owners.

[ Tests ]

* I started qutebrowser, opened qute://help/, checked the IRC links.

* I viewed the man page, searched for "freenode" (not present) and "IRC"
  to verify that the IRC references are updated in there, too.

* I used qutebrowser as usually for about a day.

* A debdiff on the .changes file (i.e. the resulting .deb files only
  showed version field changes"

  $ debdiff /…/pbuilder/result/qutebrowser_2.0.2-{1,2}_amd64.changes
  File lists identical (after any substitutions)
  
  Control files of package qutebrowser: lines which differ (wdiff format)
  ---
  Version: [-2.0.2-1-] {+2.0.2-2+}
  
  Control files of package qutebrowser-qtwebengine: lines which differ (wdiff 
format)
  
---
  Depends: libqt5webenginecore5 (>= 5.12), python3-pyqt5.qtwebengine (>= 5.12), 
qutebrowser (= [-2.0.2-1)-] {+2.0.2-2)+}
  Version: [-2.0.2-1-] {+2.0.2-2+}
  
  Control files of package qutebrowser-qtwebkit: lines which differ (wdiff 
format)
  

  Depends: python3-pyqt5.qtwebkit (>= 5.12), libqt5webkit5 (>= 5.212), 
qutebrowser (= [-2.0.2-1)-] {+2.0.2-2)+}
  Version: [-2.0.2-1-] {+2.0.2-2+}

* diffoscope /…/pbuilder/result/qutebrowser_2.0.2-{1,2}_all.deb
  (i.e. the .deb file where the changed files are in) only showed
  expected changes:

  * The updated parts of the documentation
  * One new changelog entry (expected as well :-).
  * Version number changes (qutebrowser and debhelper, the latter from
13.3.3 to 13.3.4, so no big gap either)
  * Timestamps

[ Risks ]

Very low:

* Leaf package

* Only asciidoc source files (for the man page), one SVG vector image
  (XML) and HTML files are touched by the added patch.

* It's a simple patch updating a few lines of documentation. The
  standalone patch is attached as well as the full source debdiff.

[ Checklist ]
  [√] all changes are documented in the d/changelog
  [√] I reviewed all changes and I approve them
  [√] attach debdiff against the package in testing

[ Other info ]

I deliberately _only_ patched the SVG/XML version of the cheatsheet
image, _not_ the PNG version of it as that would have added a 1.7 MB
binary patch or an additional file plus changes in e.g.
debian/qutebrowser.install. (Both variants were discussed between
Debian packagers and upstream. Given the time shortly before the
full-freeze, we've chosen the simplest variant with the drawback of
not patching each occurrence, but leaving out one deliberately.)

So please…

unblock qutebrowser/2.0.2-2

Thanks in advance!
diff -Nru qutebrowser-2.0.2/debian/changelog qutebrowser-2.0.2/debian/changelog
--- qutebrowser-2.0.2/debian/changelog  2021-02-05 04:27:06.0 +0100
+++ qutebrowser-2.0.2/debian/changelog  2021-07-14 02:38:48.0 +0200
@@ -1,3 +1,10 @@
+qutebrowser (2.0.2-2) unstable; urgency=medium
+
+  * Apply patch to update documentation with regards to the #qutebrowser
+IRC channel having moved from Freenode to Libera.Chat.
+
+ -- Axel Beckert   Wed, 14 Jul 2021 02:38:48 +0200
+
 qutebrowser (2.0.2-1) unstable; urgency=medium
 
   * New upstream bugfix release.
diff -Nru 
qutebrowser-2.0.2/debian/patches/0001-Update-IRC-links-to-Libera-Chat.patch 
qutebrowser-2.0.2/debian/patches/0001-Update-IRC-links-to-Libera-Chat.patch
--- qutebrowser-2.0.2/debian/patches/0001-Update-IRC-links-to-Libera-Chat.patch 
1970-01-01 01:00:00.0 +0100
+++ qutebrowser-2.0.2/debian/patches/0001-Update-IRC-links-to-Libera-Chat.patch 
2021-07-14 02:38:48.0 +0200
@@ -0,0 +1,74 @@
+Author: Axel Beckert 
+Description: Update IRC links to Libera Chat
+ Based on a patch by Florian Bruhin 
+Forwarded: not-needed
+
+--- a/doc/qutebrowser.1.asciidoc
 b/doc/qutebrowser.1.asciidoc
+@@ -152,8 +152,8 @@
+ https://lists.schokokeks.org/mailman/listinfo.cgi/qutebrowser
+ * Announce-only mailinglist: 

Bug#991318: unblock: munin/2.0.67-2

[Holger Levsen]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package munin 2.0.67-2 as it fixes a serious bug with a oneline 
fix:

$ debdiff munin_2.0.67-1.dsc munin_2.0.67-2.dsc
diff -Nru munin-2.0.67/debian/changelog munin-2.0.67/debian/changelog
--- munin-2.0.67/debian/changelog   2021-02-26 13:24:19.0 +0100
+++ munin-2.0.67/debian/changelog   2021-07-20 14:40:08.0 +0200
@@ -1,3 +1,11 @@
+munin (2.0.67-2) unstable; urgency=medium
+
+  [ Kentaro Hayashi ]
+  * debian/munin-node.service: ensure /run/munin directory exists.
+Closes: #990371.
+
+ -- Holger Levsen   Tue, 20 Jul 2021 14:40:08 +0200
+
 munin (2.0.67-1) unstable; urgency=medium
 
   [ Holger Levsen ]
diff -Nru munin-2.0.67/debian/munin-node.service 
munin-2.0.67/debian/munin-node.service
--- munin-2.0.67/debian/munin-node.service  2021-01-17 23:34:32.0 
+0100
+++ munin-2.0.67/debian/munin-node.service  2021-07-20 14:39:29.0 
+0200
@@ -7,6 +7,7 @@
 EnvironmentFile=-/etc/default/munin-node
 Type=notify
 Restart=always
+RuntimeDirectory=munin
 ExecStart=/usr/sbin/munin-node --foreground $DAEMON_ARGS
 PIDFile=/run/munin/munin-node.pid
 # Plugins like "smart_" require access to devices


I've uploaded it and just saw the source package appear in unstable, though it
hasn't been built yet.

unblock munin/2.0.67-2

Thanks for your work on bullseye!


-- 
cheers,
Holger

 ⢀⣴⠾⠻⢶⣦⠀
 ⣾⠁⢠⠒⠀⣿⡁  holger@(debian|reproducible-builds|layer-acht).org
 ⢿⡄⠘⠷⠚⠋⠀  OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
 ⠈⠳⣄

No future.


signature.asc
Description: PGP signature

Bug#991317: unblock: klaus/1.5.2-4

[Adrian Bunk]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package klaus

  * Fix 500 when authentication is required. Closes: #987951
  (and trivial packaging changes documented in d/changelog)
(changes by Jelmer Vernooij)

One-line fix for basic/digest authentication.

(1.5.2-3 is missing in d/changelog, the changes it originally
 documented were already in 1.5.2-1)
diff -Nru klaus-1.5.2/debian/changelog klaus-1.5.2/debian/changelog
--- klaus-1.5.2/debian/changelog2020-07-20 01:15:41.0 +0300
+++ klaus-1.5.2/debian/changelog2021-07-11 22:32:42.0 +0300
@@ -1,3 +1,19 @@
+klaus (1.5.2-4) unstable; urgency=medium
+
+  * Source-only upload.
+
+ -- Jelmer Vernooij   Sun, 11 Jul 2021 20:32:42 +0100
+
+klaus (1.5.2-2) unstable; urgency=low
+
+  * Set Rules-Requires-Root: no.
+  * Fix field name typo in debian/upstream/metadata (Repository-Browser =>
+Repository-Browse).
+  * Update watch file format version to 4.
+  * Fix 500 when authentication is required. Closes: #987951
+
+ -- Jelmer Vernooij   Wed, 05 May 2021 16:38:43 +0100
+
 klaus (1.5.2-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru klaus-1.5.2/debian/control klaus-1.5.2/debian/control
--- klaus-1.5.2/debian/control  2020-07-20 01:15:41.0 +0300
+++ klaus-1.5.2/debian/control  2021-07-11 22:32:42.0 +0300
@@ -8,6 +8,7 @@
 Vcs-Git: https://salsa.debian.org/jelmer/klaus.git
 Vcs-Browser: https://salsa.debian.org/jelmer/klaus
 Build-Depends: debhelper-compat (= 12)
+Rules-Requires-Root: no
 
 Package: klaus
 Architecture: all
diff -Nru klaus-1.5.2/debian/patches/01_httpauth 
klaus-1.5.2/debian/patches/01_httpauth
--- klaus-1.5.2/debian/patches/01_httpauth  2020-07-20 01:15:41.0 
+0300
+++ klaus-1.5.2/debian/patches/01_httpauth  2021-07-11 22:32:42.0 
+0300
@@ -3,7 +3,7 @@
 index 000..82860d0
 --- /dev/null
 +++ b/klaus/httpauth.py
-@@ -0,0 +1,197 @@
+@@ -0,0 +1,198 @@
 +"""
 +Copyright (c) 2012 Jonas Haag . License: ISC
 +
@@ -138,7 +138,8 @@
 +'401 Authentication Required',
 +[('WWW-Authenticate', make_www_authenticate_header(self.realm))],
 +)
-+return ['401 - Authentication Required']
++html = '401 - Authentication Required'
++return [html if PY2 else html.encode()]
 +
 +
 +class DigestFileHttpAuthMiddleware(BaseHttpAuthMiddleware):
diff -Nru klaus-1.5.2/debian/upstream/metadata 
klaus-1.5.2/debian/upstream/metadata
--- klaus-1.5.2/debian/upstream/metadata2020-07-20 01:15:41.0 
+0300
+++ klaus-1.5.2/debian/upstream/metadata2021-07-11 22:32:42.0 
+0300
@@ -2,4 +2,3 @@
 Bug-Submit: https://github.com/jonashaag/klaus/issues/new
 Repository: https://github.com/jonashaag/klaus.git
 Repository-Browse: https://github.com/jonashaag/klaus
-Repository-Browser: https://github.com/jonashaag/klaus
diff -Nru klaus-1.5.2/debian/watch klaus-1.5.2/debian/watch
--- klaus-1.5.2/debian/watch2020-07-20 01:15:41.0 +0300
+++ klaus-1.5.2/debian/watch2021-07-11 22:32:42.0 +0300
@@ -1,2 +1,2 @@
-version=3
-https://pypi.debian.net/klaus/klaus-(.*).tar.gz
+version=4
+https://pypi.debian.net/klaus klaus-(.*).tar.gz

Bug#991270: unblock: suricata/6.0.1-3

[Sascha Steinbiss]

tags 991270 - moreinfo
thanks

Hi Graham,

[...]
> Please go ahead and upload to unstable, then remove the moreinfo tag
> once it has built.

Done. 6.0.1-3 is now built in unstable on all of the official archs that
the previous version was built on.

Cheers
Sascha



OpenPGP_signature
Description: OpenPGP digital signature

Processed: Re: Bug#991270: unblock: suricata/6.0.1-3

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 991270 - moreinfo
Bug #991270 [release.debian.org] unblock: suricata/6.0.1-3
Removed tag(s) moreinfo.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
991270: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991270
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#991313: unblock: qutebrowser/2.0.2-2

[Adrian Bunk]

On Tue, Jul 20, 2021 at 04:23:24PM +0300, Adrian Bunk wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package qutebrowser
> 
>   * Apply patch to update documentation with regards to the #qutebrowser
> IRC channel having moved from Freenode to Libera.Chat.
> (change by Axel Beckert)
> 
> Documentation-only change.

And with attachment.

cu
Adrian
diff -Nru qutebrowser-2.0.2/debian/changelog qutebrowser-2.0.2/debian/changelog
--- qutebrowser-2.0.2/debian/changelog  2021-02-05 05:27:06.0 +0200
+++ qutebrowser-2.0.2/debian/changelog  2021-07-14 03:38:48.0 +0300
@@ -1,3 +1,10 @@
+qutebrowser (2.0.2-2) unstable; urgency=medium
+
+  * Apply patch to update documentation with regards to the #qutebrowser
+IRC channel having moved from Freenode to Libera.Chat.
+
+ -- Axel Beckert   Wed, 14 Jul 2021 02:38:48 +0200
+
 qutebrowser (2.0.2-1) unstable; urgency=medium
 
   * New upstream bugfix release.
diff -Nru 
qutebrowser-2.0.2/debian/patches/0001-Update-IRC-links-to-Libera-Chat.patch 
qutebrowser-2.0.2/debian/patches/0001-Update-IRC-links-to-Libera-Chat.patch
--- qutebrowser-2.0.2/debian/patches/0001-Update-IRC-links-to-Libera-Chat.patch 
1970-01-01 02:00:00.0 +0200
+++ qutebrowser-2.0.2/debian/patches/0001-Update-IRC-links-to-Libera-Chat.patch 
2021-07-14 03:38:48.0 +0300
@@ -0,0 +1,74 @@
+Author: Axel Beckert 
+Description: Update IRC links to Libera Chat
+ Based on a patch by Florian Bruhin 
+Forwarded: not-needed
+
+--- a/doc/qutebrowser.1.asciidoc
 b/doc/qutebrowser.1.asciidoc
+@@ -152,8 +152,8 @@
+ https://lists.schokokeks.org/mailman/listinfo.cgi/qutebrowser
+ * Announce-only mailinglist: 
mailto:qutebrowser-annou...@lists.qutebrowser.org[] /
+ https://lists.schokokeks.org/mailman/listinfo.cgi/qutebrowser-announce
+-* IRC: irc://irc.freenode.org/#qutebrowser[`#qutebrowser`] on
+-https://freenode.net/[Freenode]
++* IRC: irc://irc.libera.chat/#qutebrowser[`#qutebrowser`] on
++https://libera.chat/[Libera Chat]
+ * Github: https://github.com/qutebrowser/qutebrowser
+ 
+ == AUTHOR
+--- a/misc/cheatsheet.svg
 b/misc/cheatsheet.svg
+@@ -2570,7 +2570,7 @@
+  id="flowPara5604"
+  
style="font-size:13.8667px;line-height:1.25;font-family:sans-serif;stroke-width:1.06667">Website:
 https://www.qutebrowser.org/ IRC:
 #qutebrowser on FreenodeIRC:
 #qutebrowser on Libera ChatMailinglist:
 qutebrow...@lists.qutebrowser.org
+ 
+ 
+ 
+-Join the IRC channel #qutebrowser on
+-https://freenode.net/;>Freenode
+-(https://webchat.freenode.net/?channels=#qutebrowser;>webchat).
++Join the IRC channel #qutebrowser on
++https://libera.chat/;>Libera Chat
++(https://web.libera.chat/#qutebrowser;>webchat).
+ 
+ 
+ 
+--- a/qutebrowser/html/doc/index.html
 b/qutebrowser/html/doc/index.html
+@@ -866,9 +866,9 @@
+ Getting help
+ 
+ You can get help in the IRC channel
+-#qutebrowser on
+-http://freenode.net/;>Freenode
+-(https://webchat.freenode.net/?channels=#qutebrowser;>webchat), 
or by writing a
++#qutebrowser on
++https://libera.chat/;>Libera Chat
++(https://web.libera.chat/#qutebrowser;>webchat), or by writing a
+ message to the
+ https://lists.schokokeks.org/mailman/listinfo.cgi/qutebrowser;>mailinglist
 at
+ mailto:qutebrow...@lists.qutebrowser.org;>qutebrow...@lists.qutebrowser.org.
+--- a/qutebrowser/html/doc/quickstart.html
 b/qutebrowser/html/doc/quickstart.html
+@@ -939,9 +939,9 @@
+ 
+ 
+ 
+-Chat via the IRC channel: #qutebrowser on
+-https://freenode.net/;>Freenode
+-(https://webchat.freenode.net/?channels=#qutebrowser;>webchat)
++Chat via the IRC channel: #qutebrowser on
++https://libera.chat/;>Libera Chat
++(https://web.libera.chat/#qutebrowser;>webchat)
+ 
+ 
+ 
diff -Nru qutebrowser-2.0.2/debian/patches/series 
qutebrowser-2.0.2/debian/patches/series
--- qutebrowser-2.0.2/debian/patches/series 2021-02-05 01:50:57.0 
+0200
+++ qutebrowser-2.0.2/debian/patches/series 2021-07-14 03:36:35.0 
+0300
@@ -1 +1,2 @@
 replace-external-merch-images-with-links.patch
+0001-Update-IRC-links-to-Libera-Chat.patch

Bug#991314: unblock: progress-linux/20210101-2

[Adrian Bunk]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package progress-linux

  * Adding initial Brazilian Portuguese debconf translations from Jorge
Neto  and Adriano Rafael Gomes
 (Closes: #986501).
  * Adding initial Spanish debconf translations from Camaleón
 (Closes: #987667).
(changes by Daniel Baumann)

Translation-only change.
diff -Nru progress-linux-20210101/debian/changelog 
progress-linux-20210101/debian/changelog
--- progress-linux-20210101/debian/changelog2021-02-09 16:53:47.0 
+0200
+++ progress-linux-20210101/debian/changelog2021-07-18 10:14:43.0 
+0300
@@ -1,3 +1,14 @@
+progress-linux (20210101-2) sid; urgency=medium
+
+  * Uploading to sid.
+  * Adding initial Brazilian Portuguese debconf translations from Jorge
+Neto  and Adriano Rafael Gomes
+ (Closes: #986501).
+  * Adding initial Spanish debconf translations from Camaleón
+ (Closes: #987667).
+
+ -- Daniel Baumann   Sun, 18 Jul 2021 
09:14:43 +0200
+
 progress-linux (20210101-1) sid; urgency=medium
 
   * Uploading to sid.
diff -Nru progress-linux-20210101/debian/po/es.po 
progress-linux-20210101/debian/po/es.po
--- progress-linux-20210101/debian/po/es.po 1970-01-01 02:00:00.0 
+0200
+++ progress-linux-20210101/debian/po/es.po 2021-07-18 10:14:02.0 
+0300
@@ -0,0 +1,67 @@
+# Spanish debconf translation of progress-linux
+# Copyright (C) 2021 Camaleón 
+# This file is distributed under the same license as the progress-linux 
package.
+msgid ""
+msgstr ""
+"Project-Id-Version: progress-linux\n"
+"Report-Msgid-Bugs-To: progress-li...@packages.debian.org\n"
+"POT-Creation-Date: 2019-11-18 17:31+0100\n"
+"PO-Revision-Date: 2021-04-16 17:45+0200\n"
+"Last-Translator: Camaleón \n"
+"Language-Team: Debian Spanish \n"
+"Language: es\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: title
+#. Description
+#: ../progress-linux.templates:1001
+msgid "Progress Linux: Setup"
+msgstr "Progress Linux: Configuración"
+
+#. Type: multiselect
+#. Description
+#: ../progress-linux.templates:2001
+msgid "setup apt archives:"
+msgstr "configurar archivos apt:"
+
+#. Type: multiselect
+#. Description
+#: ../progress-linux.templates:2001
+msgid "Please select the apt archives to setup."
+msgstr "Por favor, indique los archivos apt que desea configurar."
+
+#. Type: multiselect
+#. Description
+#: ../progress-linux.templates:3001
+msgid "setup apt archive areas:"
+msgstr "configurar áreas del archivo apt:"
+
+#. Type: multiselect
+#. Description
+#: ../progress-linux.templates:3001
+msgid "Please select the apt archive areas to setup."
+msgstr "Por favor, indique las áreas del archivo apt que desea configurar."
+
+#. Type: string
+#. Description
+#: ../progress-linux.templates:4001
+msgid "enter apt mirror:"
+msgstr "introduzca la réplica de apt:"
+
+#. Type: string
+#. Description
+#: ../progress-linux.templates:4001
+msgid "Please specify the mirror to download packages from."
+msgstr "Por favor, indique la réplica desde donde descargar los paquetes."
+
+#. Type: string
+#. Description
+#: ../progress-linux.templates:4001
+msgid ""
+"If unsure, leave empty which will use the default mirror (https://deb.;
+"progress-linux.org/packages)."
+msgstr ""
+"Si no está seguro, puede dejarlo en blanco y se utilizará la réplica "
+"predeterminada («https://deb.progress-linux.org/packages»)."
diff -Nru progress-linux-20210101/debian/po/pt_BR.po 
progress-linux-20210101/debian/po/pt_BR.po
--- progress-linux-20210101/debian/po/pt_BR.po  1970-01-01 02:00:00.0 
+0200
+++ progress-linux-20210101/debian/po/pt_BR.po  2021-07-18 10:13:09.0 
+0300
@@ -0,0 +1,74 @@
+# Brazilian Portuguese debconf translation of progress-linux
+# Copyright (C) 2019 Jorge Neto 
+# Copyright (C) 2019 Adriano Rafael Gomes 
+# This file is distributed under the same license as the progress-linux 
package.
+msgid ""
+msgstr ""
+"Project-Id-Version: progress-linux\n"
+"Report-Msgid-Bugs-To: progress-li...@packages.debian.org\n"
+"POT-Creation-Date: 2019-11-18 17:31+0100\n"
+"PO-Revision-Date: 2019-12-20 14:36-0300\n"
+"Last-Translator: Jorge Neto  \n"
+"Language-Team: Brazilian Portuguese \n"
+"Language: pt_BR\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#. Type: title
+#. Description
+#: ../progress-linux.templates:1001
+msgid "Progress Linux: Setup"
+msgstr "Progress Linux: Configuração"
+
+#. Type: multiselect
+#. Description
+#: ../progress-linux.templates:2001
+msgid "setup apt archives:"
+msgstr "configurar repositórios do apt:"
+
+#. Type: multiselect
+#. Description
+#: ../progress-linux.templates:2001
+msgid "Please select the apt archives to setup."
+msgstr "Por favor, selecione os repositórios do apt para configurar."
+
+#. Type: multiselect
+#. 

Bug#991313: unblock: qutebrowser/2.0.2-2

[Adrian Bunk]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package qutebrowser

  * Apply patch to update documentation with regards to the #qutebrowser
IRC channel having moved from Freenode to Libera.Chat.
(change by Axel Beckert)

Documentation-only change.

Re: Finding a tentative bullseye release date

[Sebastian Ramacher]

On 2021-07-17 22:25:17, Paul Gevers wrote:
> Hi all,
> 
> On 11-07-2021 21:11, Paul Gevers wrote:
> > With less than three weeks to go until the tentative release date, I
> > would love to confirm the date by now, but there is a serious issue with
> > crucial infrastructure (cdbuilder.d.o). Apart from this issue (and what
> > it means for solving the debian-installer blocking issues in time), I'm
> > not aware of other blocking issues, so let's hope the teams involved can
> > recover in time.
> 
> Albeit there is some progress, we think it better for the people
> involved to now say that we will *not* release on July 31.
> 
> Unfortunately, that means that we have to start looking for a new date
> again. Assuming what we'll learn in the upcoming week or two is good, I
> propose to already start the list below with two weeks after the
> previous date. Upcoming time is around DebConf, I can imagine it could
> even be an advantage, especially as that's on-line, let's see.
> 
> 14 August (day before DebCamp)
> 21 August (last day of DebCamp)
>   RT: elbrus
> 28 August (DebConf)
>   RT: elbrus
> 4 September
>   RT: elbrus
> 11 September:
>   RT: elbrus

11 September works for me. I am going to be on VAC on 28 August and 4
September. On the other dates I can try to be around, but cannot commit.

Cheers
-- 
Sebastian Ramacher

Bug#991310: unblock: libnet-freedb-perl/0.10-2

[Adrian Bunk]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package libnet-freedb-perl

  * Add a patch to change the default host from the defunct
freedb.freedb.org to gnudb.gnudb.org.
(change by gregor herrmann)

autopkgtest for libnet-freedb-perl/0.10-2: amd64: Pass, arm64: Pass, armhf: 
Pass, i386: Pass, ppc64el: Pass
diff -Nru libnet-freedb-perl-0.10/debian/changelog 
libnet-freedb-perl-0.10/debian/changelog
--- libnet-freedb-perl-0.10/debian/changelog2015-12-01 23:24:47.0 
+0200
+++ libnet-freedb-perl-0.10/debian/changelog2021-07-16 21:53:11.0 
+0300
@@ -1,3 +1,11 @@
+libnet-freedb-perl (0.10-2) unstable; urgency=medium
+
+  * Add a patch to change the default host from the defunct
+freedb.freedb.org to gnudb.gnudb.org.
+Thanks to Adrian Bunk for the bug report. (Closes: #991089)
+
+ -- gregor herrmann   Fri, 16 Jul 2021 20:53:11 +0200
+
 libnet-freedb-perl (0.10-1) unstable; urgency=medium
 
   * Team upload
diff -Nru 
libnet-freedb-perl-0.10/debian/patches/replace_freedb_with_gnudb.patch 
libnet-freedb-perl-0.10/debian/patches/replace_freedb_with_gnudb.patch
--- libnet-freedb-perl-0.10/debian/patches/replace_freedb_with_gnudb.patch  
1970-01-01 02:00:00.0 +0200
+++ libnet-freedb-perl-0.10/debian/patches/replace_freedb_with_gnudb.patch  
2021-07-16 21:53:11.0 +0300
@@ -0,0 +1,52 @@
+Description: replace default host freedb.freedb.org with gnudb.gnudb.org.
+ Also remove reference to inaccessible documentation, and fix the non-online
+ test which checks for the default host.
+Origin: vendor
+Bug-Debian: https://bugs.debian.org/991089
+Author: gregor herrmann 
+Last-Update: 2021-07-16
+Forwarded: https://rt.cpan.org/Ticket/Display.html?id=137752
+Bug: https://rt.cpan.org/Ticket/Display.html?id=137752
+
+--- a/FreeDB.pm
 b/FreeDB.pm
+@@ -7,7 +7,7 @@
+ use File::Temp;
+ 
+ has hostname   => (is => 'ro', default => $ENV{HOSTNAME} // 
'unknown');
+-has remote_host=> (is => 'rw', default => 'freedb.freedb.org');
++has remote_host=> (is => 'rw', default => 'gnudb.gnudb.org');
+ has remote_port=> (is => 'rw', default => 8880);
+ has user   => (is => 'rw', default => $ENV{USER} // 
'unknown');
+ has timeout=> (is => 'rw', default => 120);
+@@ -449,7 +449,7 @@
+ 
+ 
+ new() creates and returns a new Net::FreeDB object that is connected
+-to either the given host or freedb.freedb.org as default.
++to either the given host or gnudb.gnudb.org as default.
+ 
+ =item lscat
+ 
+@@ -723,10 +723,6 @@
+ giving the correct drive number will return in an
+ accurate return.
+ 
+-=head1 Resources
+-The current version of the CDDB Server Protocol can be
+-found at: http://ftp.freedb.org/pub/freedb/latest/CDDBPROTO
+-
+ =head1 AUTHOR
+ David Shultz Edshu...@cpan.orge
+ Peter Pentchev Er...@ringlet.nete
+--- a/t/00-basic.t
 b/t/00-basic.t
+@@ -10,7 +10,7 @@
+ ok($freedb->hostname eq 'unknown', 'Error setting hostname');
+ }
+ 
+-ok($freedb->remote_host eq 'freedb.freedb.org', 'Error setting default host');
++ok($freedb->remote_host eq 'gnudb.gnudb.org', 'Error setting default host');
+ 
+ ok($freedb->remote_port == 8880, 'Error setting default port');
+ 
diff -Nru libnet-freedb-perl-0.10/debian/patches/series 
libnet-freedb-perl-0.10/debian/patches/series
--- libnet-freedb-perl-0.10/debian/patches/series   1970-01-01 
02:00:00.0 +0200
+++ libnet-freedb-perl-0.10/debian/patches/series   2021-07-16 
21:53:11.0 +0300
@@ -0,0 +1 @@
+replace_freedb_with_gnudb.patch

Bug#991305: unblock: lshw/02.18.85-0.7

[Adrian Bunk]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package lshw

  * Backport upstream fix for floating point exception on invalid FAT,
thanks to Dave Gomboc and Bernhard Übelacker. (Closes: #946940)
diff -Nru lshw-02.18.85/debian/changelog lshw-02.18.85/debian/changelog
--- lshw-02.18.85/debian/changelog  2021-01-04 00:41:23.0 +0200
+++ lshw-02.18.85/debian/changelog  2021-07-17 20:19:28.0 +0300
@@ -1,3 +1,11 @@
+lshw (02.18.85-0.7) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Backport upstream fix for floating point exception on invalid FAT,
+thanks to Dave Gomboc and Bernhard Übelacker. (Closes: #946940)
+
+ -- Adrian Bunk   Sat, 17 Jul 2021 20:19:28 +0300
+
 lshw (02.18.85-0.6) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru lshw-02.18.85/debian/patches/0001-fix-755-handle-invalid-FAT.patch 
lshw-02.18.85/debian/patches/0001-fix-755-handle-invalid-FAT.patch
--- lshw-02.18.85/debian/patches/0001-fix-755-handle-invalid-FAT.patch  
1970-01-01 02:00:00.0 +0200
+++ lshw-02.18.85/debian/patches/0001-fix-755-handle-invalid-FAT.patch  
2021-07-17 20:19:05.0 +0300
@@ -0,0 +1,41 @@
+From 89b3b6b9ed03f22ca98954712db5a90acf2c6755 Mon Sep 17 00:00:00 2001
+From: Lyonel Vincent 
+Date: Sat, 28 Dec 2019 00:02:44 +0100
+Subject: fix #755: handle invalid FAT
+
+check that sectors_per_cluster!=0
+---
+ src/core/fat.cc | 10 +-
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/core/fat.cc b/src/core/fat.cc
+index e68aea6..41b0001 100644
+--- a/src/core/fat.cc
 b/src/core/fat.cc
+@@ -186,11 +186,6 @@ bool scan_fat(hwNode & n, source & id)
+   if (vs.heads == 0)
+   return false;
+ 
+-  /* cluster size check */
+-  if (vs.sectors_per_cluster == 0 ||
+-  (vs.sectors_per_cluster & (vs.sectors_per_cluster-1)))
+-  return false;
+-
+   /* media check */
+   if (vs.media < 0xf8 && vs.media != 0xf0)
+   return false;
+@@ -200,6 +195,11 @@ bool scan_fat(hwNode & n, source & id)
+   return false;
+ 
+ valid:
++  /* cluster size check */
++  if (vs.sectors_per_cluster == 0 ||
++  (vs.sectors_per_cluster & (vs.sectors_per_cluster-1)))
++  return false;
++
+   /* sector size check */
+   sector_size_bytes = le_short(_size_bytes);
+   if (sector_size_bytes != 0x200 && sector_size_bytes != 0x400 &&
+-- 
+2.20.1
+
diff -Nru lshw-02.18.85/debian/patches/series 
lshw-02.18.85/debian/patches/series
--- lshw-02.18.85/debian/patches/series 2020-04-26 14:43:52.0 +0300
+++ lshw-02.18.85/debian/patches/series 2021-07-17 20:19:28.0 +0300
@@ -10,3 +10,4 @@
 add-missing-ethlink-standards.patch
 cross.patch
 #revert-Fix_JSON_output_format.patch
+0001-fix-755-handle-invalid-FAT.patch

Bug#991304: unblock: eboard/1.1.3-0.4

[Adrian Bunk]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package eboard

  * Add upstream fix for segfault on engine selection,
thanks to Eric Cooper and Bernhard Übelacker. (Closes: #962627)
diff -Nru eboard-1.1.3/debian/changelog eboard-1.1.3/debian/changelog
--- eboard-1.1.3/debian/changelog   2019-05-17 16:17:10.0 +0300
+++ eboard-1.1.3/debian/changelog   2021-07-17 21:48:28.0 +0300
@@ -1,3 +1,11 @@
+eboard (1.1.3-0.4) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add upstream fix for segfault on engine selection,
+thanks to Eric Cooper and Bernhard Übelacker. (Closes: #962627)
+
+ -- Adrian Bunk   Sat, 17 Jul 2021 21:48:28 +0300
+
 eboard (1.1.3-0.3) unstable; urgency=medium
 
   [ Gianfranco Costamagna ]
diff -Nru 
eboard-1.1.3/debian/patches/0001-https-bugs.launchpad.net-ubuntu-source-eboard-bug-13.patch
 
eboard-1.1.3/debian/patches/0001-https-bugs.launchpad.net-ubuntu-source-eboard-bug-13.patch
--- 
eboard-1.1.3/debian/patches/0001-https-bugs.launchpad.net-ubuntu-source-eboard-bug-13.patch
 1970-01-01 02:00:00.0 +0200
+++ 
eboard-1.1.3/debian/patches/0001-https-bugs.launchpad.net-ubuntu-source-eboard-bug-13.patch
 2021-07-17 21:48:09.0 +0300
@@ -0,0 +1,21 @@
+From ed33049aff2cefd7508bcda8ab738b8ec871c948 Mon Sep 17 00:00:00 2001
+From: Christian Palazzo 
+Date: Thu, 30 Apr 2020 00:43:21 +0200
+Subject: https://bugs.launchpad.net/ubuntu/+source/eboard/+bug/1306419
+
+diff --git a/proto_xboard.cc b/proto_xboard.cc
+index ba48aa1..edabe1b 100644
+--- a/proto_xboard.cc
 b/proto_xboard.cc
+@@ -1083,7 +1083,7 @@ void CraftyProtocol::readDialog() {
+   snprintf(EngineCommandLine,512,"crafty bookpath=%s logpath=%s tbpath=%s",
+  BookPath,LogPath,LogPath);
+   if (!global.env.Home.empty())
+-snprintf(EngineRunDir,512,"%s/.eboard/craftylog",global.env.Home.c_str());
++snprintf(EngineRunDir,256,"%s/.eboard/craftylog",global.env.Home.c_str());
+   else
+ strcpy(EngineRunDir,"/tmp");
+ 
+-- 
+2.20.1
+
diff -Nru eboard-1.1.3/debian/patches/series eboard-1.1.3/debian/patches/series
--- eboard-1.1.3/debian/patches/series  2019-05-17 16:16:10.0 +0300
+++ eboard-1.1.3/debian/patches/series  2021-07-17 21:48:28.0 +0300
@@ -2,3 +2,4 @@
 hungarian-translation.patch
 90_respect_deb_build_options.patch
 ld-as-needed.patch
+0001-https-bugs.launchpad.net-ubuntu-source-eboard-bug-13.patch

Bug#991303: unblock: scottfree/1.14-10.1

[Adrian Bunk]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package scottfree

  * Add patch from Bernhard Übelacker to fix crash when restoring
from save-file. (Closes: #968375)
diff -Nru scottfree-1.14/debian/changelog scottfree-1.14/debian/changelog
--- scottfree-1.14/debian/changelog 2017-01-20 13:52:21.0 +0200
+++ scottfree-1.14/debian/changelog 2021-07-17 22:54:45.0 +0300
@@ -1,3 +1,11 @@
+scottfree (1.14-10.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add patch from Bernhard Übelacker to fix crash when restoring
+from save-file. (Closes: #968375)
+
+ -- Adrian Bunk   Sat, 17 Jul 2021 22:54:45 +0300
+
 scottfree (1.14-10) unstable; urgency=low
 
   * Team upload.
diff -Nru scottfree-1.14/debian/patches/04_968375.patch 
scottfree-1.14/debian/patches/04_968375.patch
--- scottfree-1.14/debian/patches/04_968375.patch   1970-01-01 
02:00:00.0 +0200
+++ scottfree-1.14/debian/patches/04_968375.patch   2021-07-17 
22:53:59.0 +0300
@@ -0,0 +1,37 @@
+Description: Include time.h, fix two warnings in fscanf calls.
+
+Author: Bernhard Übelacker 
+Bug-Debian: https://bugs.debian.org/968375
+Forwarded: no
+Last-Update: 2020-08-14
+
+Index: scottfree-1.14/ScottCurses.c
+===
+--- scottfree-1.14.orig/ScottCurses.c
 scottfree-1.14/ScottCurses.c
+@@ -22,6 +22,7 @@
+ #include 
+ #include 
+ #include 
++#include 
+ 
+ #include "Scott.h"
+ 
+@@ -239,7 +240,7 @@ void LoadDatabase(FILE *f, int loud)
+ /* Load the header */
+   
+   if(fscanf(f,"%*d %d %d %d %d %d %d %d %d %d %d %d",
+-  ,,,)<10)
++  ,,)<10)
+   Fatal("Invalid database(bad header)");
+   GameHeader.NumItems=ni;
+   Items=(Item *)MemAlloc(sizeof(Item)*(ni+1));
+@@ -693,7 +694,7 @@ void LoadGame(char *name)
+   {
+   fscanf(f,"%d %d\n",[ct],[ct]);
+   }
+-  fscanf(f,"%ld %d %hd %d %d %hd\n",
++  fscanf(f,"%ld %hd %hd %d %d %hd\n",
+   ,
+   );
+   /* Backward compatibility */
diff -Nru scottfree-1.14/debian/patches/series 
scottfree-1.14/debian/patches/series
--- scottfree-1.14/debian/patches/series2017-01-20 13:48:06.0 
+0200
+++ scottfree-1.14/debian/patches/series2021-07-17 22:54:42.0 
+0300
@@ -1,3 +1,4 @@
 01_makefile.diff
 02_scottcurses_includes.diff
 03_clang.diff
+04_968375.patch

Bug#991302: unblock: smem/1.5-1.1

[Adrian Bunk]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package smem

  * Add patch from Marco Paganini for Python 3 incompatibility
in "smem --bar". (Closes: #958129)

Regression from buster caused by the switch to Python 3.
diff -Nru smem-1.5/debian/changelog smem-1.5/debian/changelog
--- smem-1.5/debian/changelog   2020-01-05 05:57:10.0 +0200
+++ smem-1.5/debian/changelog   2021-07-17 22:47:50.0 +0300
@@ -1,3 +1,11 @@
+smem (1.5-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add patch from Marco Paganini for Python 3 incompatibility
+in "smem --bar". (Closes: #958129)
+
+ -- Adrian Bunk   Sat, 17 Jul 2021 22:47:50 +0300
+
 smem (1.5-1) unstable; urgency=medium
 
   [ Ondřej Nový ]
diff -Nru smem-1.5/debian/patches/series smem-1.5/debian/patches/series
--- smem-1.5/debian/patches/series  2020-01-05 05:57:10.0 +0200
+++ smem-1.5/debian/patches/series  2021-07-17 22:47:40.0 +0300
@@ -1,3 +1,4 @@
 manpage.patch
 buildsystem.patch
 smem-py3k.patch
+smem-xrange-fix.patch
diff -Nru smem-1.5/debian/patches/smem-xrange-fix.patch 
smem-1.5/debian/patches/smem-xrange-fix.patch
--- smem-1.5/debian/patches/smem-xrange-fix.patch   1970-01-01 
02:00:00.0 +0200
+++ smem-1.5/debian/patches/smem-xrange-fix.patch   2021-07-17 
22:47:10.0 +0300
@@ -0,0 +1,11 @@
+--- original/smem  2020-04-18 12:20:22.524849106 -0700
 fixed/smem 2020-04-18 12:19:24.912251338 -0700
+@@ -646,7 +646,7 @@
+ 
+ pl = []
+ ind = numpy.arange(len(l))
+-for n in xrange(len(rc)):
++for n in range(len(rc)):
+ pl.append(pylab.bar(ind + offset + width * n,
+  [x[1][rc[n]] for x in l], width, color=gc(n)))
+ 

Bug#991285: marked as done (unblock: strip-nondeterminism/1.12-0.1)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 11:33:40 +0200
with message-id 

and subject line Re: Bug#991285: unblock: strip-nondeterminism/1.12-0.1
has caused the Debian Bug report #991285,
regarding unblock: strip-nondeterminism/1.12-0.1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991285: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991285
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
x-debbugs-cc: reproducible-bui...@lists.alioth.debian.org

Hi,

I'm wondering whether it makes sense to unblock strip-nondeterminism 1.12.0-1,
which has been uploaded on 2021-05-07 and which since then (or rather shortly 
after)
has been used on the buildds when building packages. There haven't been any bugs
filed since the upload and the changes are pretty small:

strip-nondeterminism (1.12.0-1) unstable; urgency=medium

  [ Chris Lamb ]
  * Support normalising Python "pyzip" files -- ie. zip-compressed .py files
with a regular Python shebang. (Closes: 
reproducible-builds/strip-nondeterminism#18)
  * Drop single-debian-patch, etc.

  [ Bernhard M. Wiedemann ]
  * Move exception handling closer to call using perl's "//" operator.

The debdiffstat is:

 debdiff strip-nondeterminism_1.11.0-1.dsc 
strip-nondeterminism_1.12.0-1.dsc|diffstat
 debian/changelog   |   12 ++
 debian/source/options  |1 
 debian/source/patch-header |   17 
 lib/File/StripNondeterminism.pm|   11 ++
 lib/File/StripNondeterminism/handlers/pyzip.pm |  106 +
 5 files changed, 128 insertions(+), 19 deletions(-)

and the full debdiff is attached.

Rather obviously this more or less against the freeze guidelines but given the
fact that it's been used in many bullseye builds during the freeze I thought
I'd ask.
And I decided to ask via a bug report. Feel free to close or unblock :)

(And before you ask: I don't really know why I didn't file this unblock request
earlier. I guess it's because the change is not soo relevant but then I somehow
continued to be bothered by the fact that bullseye is build with packages from
out of bullseye and so I finally decided to ask anyway.)

unblock strip-nondeterminism/1.12-0.1

and thank you for releasing bullseye and dealing with requests like these! ;)


-- 
cheers,
Holger

 ⢀⣴⠾⠻⢶⣦⠀
 ⣾⠁⢠⠒⠀⣿⡁  holger@(debian|reproducible-builds|layer-acht).org
 ⢿⡄⠘⠷⠚⠋⠀  OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
 ⠈⠳⣄

"A developed country is not a place where the poor have cars. It's where the
rich use public transportation." (quote attributed to several people)
diff -Nru strip-nondeterminism-1.11.0/debian/changelog strip-nondeterminism-1.12.0/debian/changelog
--- strip-nondeterminism-1.11.0/debian/changelog	2021-02-05 13:04:06.0 +0100
+++ strip-nondeterminism-1.12.0/debian/changelog	2021-05-07 13:36:57.0 +0200
@@ -1,3 +1,15 @@
+strip-nondeterminism (1.12.0-1) unstable; urgency=medium
+
+  [ Chris Lamb ]
+  * Support normalising Python "pyzip" files -- ie. zip-compressed .py files
+with a regular Python shebang. (Closes: reproducible-builds/strip-nondeterminism#18)
+  * Drop single-debian-patch, etc.
+
+  [ Bernhard M. Wiedemann ]
+  * Move exception handling closer to call using perl's "//" operator.
+
+ -- Chris Lamb   Fri, 07 May 2021 12:36:57 +0100
+
 strip-nondeterminism (1.11.0-1) unstable; urgency=medium
 
   [ Helmut Grohne ]
diff -Nru strip-nondeterminism-1.11.0/debian/source/options strip-nondeterminism-1.12.0/debian/source/options
--- strip-nondeterminism-1.11.0/debian/source/options	2021-02-05 13:04:06.0 +0100
+++ strip-nondeterminism-1.12.0/debian/source/options	1970-01-01 01:00:00.0 +0100
@@ -1 +0,0 @@
-single-debian-patch
diff -Nru strip-nondeterminism-1.11.0/debian/source/patch-header strip-nondeterminism-1.12.0/debian/source/patch-header
--- strip-nondeterminism-1.11.0/debian/source/patch-header	2021-02-05 13:04:06.0 +0100
+++ strip-nondeterminism-1.12.0/debian/source/patch-header	1970-01-01 01:00:00.0 +0100
@@ -1,17 +0,0 @@
-Subject: Collected Debian patches for strip-nondeterminism
-Author: Andrew Ayer 
-
-Since I am also upstream for this package, there will normally not be
-any patches to apply to the upstream source.  However, occasionally
-I'll pull up specific upstream commits prior to making an upstream
-release.  When this happens, this patch will collect all of those
-modifications.
-
-I use Git 

Processed: Re: Bug#991270: unblock: suricata/6.0.1-3

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + moreinfo confirmed
Bug #991270 [release.debian.org] unblock: suricata/6.0.1-3
Added tag(s) confirmed and moreinfo.

-- 
991270: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991270
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#991270: unblock: suricata/6.0.1-3

[Graham Inggs]

Control: tags -1 + moreinfo confirmed

Hi Sascha

On Mon, 19 Jul 2021 at 13:57, Sascha Steinbiss  wrote:
> I have added a debdiff to this bugreport that illustrates the
> situation. I could upload to unstable anytime. Please let me know if the
> fix is appropriate and I will initiate an upload if confirmed.

Please go ahead and upload to unstable, then remove the moreinfo tag
once it has built.

Regards
Graham

Bug#991298: unblock: pillow/8.1.2+dfsg-0.3

[Neil Williams]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package pillow

8.1.2+dfsg-0.3 includes fix for CVE-2021-34552

unblock pillow/8.1.2+dfsg-0.3
diffstat for pillow-8.1.2+dfsg pillow-8.1.2+dfsg

 changelog|8 
 patches/CVE-2021-34552.patch |   40 
 patches/series   |1 +
 3 files changed, 49 insertions(+)

diff -Nru pillow-8.1.2+dfsg/debian/changelog pillow-8.1.2+dfsg/debian/changelog
--- pillow-8.1.2+dfsg/debian/changelog  2021-06-13 17:11:04.0 +0100
+++ pillow-8.1.2+dfsg/debian/changelog  2021-07-19 09:52:20.0 +0100
@@ -1,3 +1,11 @@
+pillow (8.1.2+dfsg-0.3) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * CVE-2021-34552 - Replace sprintf with snprintf. Backport upstream change
+from 8.3 to 8.1. 
+
+ -- Neil Williams   Mon, 19 Jul 2021 09:52:20 +0100
+
 pillow (8.1.2+dfsg-0.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru pillow-8.1.2+dfsg/debian/patches/CVE-2021-34552.patch 
pillow-8.1.2+dfsg/debian/patches/CVE-2021-34552.patch
--- pillow-8.1.2+dfsg/debian/patches/CVE-2021-34552.patch   1970-01-01 
01:00:00.0 +0100
+++ pillow-8.1.2+dfsg/debian/patches/CVE-2021-34552.patch   2021-07-19 
09:51:59.0 +0100
@@ -0,0 +1,40 @@
+From 5f4504bb03f4edeeef8c2633dc5ba03a4c2a8a97 Mon Sep 17 00:00:00 2001
+From: Andrew Murray 
+Date: Tue, 15 Jun 2021 15:14:26 +1000
+Subject: [PATCH 1/2] Limit sprintf modes to 10 characters
+
+From 518ee3722a99d7f7d890db82a20bd81c1c0327fb Mon Sep 17 00:00:00 2001
+From: Andrew Murray 
+Date: Wed, 30 Jun 2021 23:47:10 +1000
+Subject: [PATCH 2/2] Use snprintf instead of sprintf
+
+* https://github.com/python-pillow/Pillow/pull/5567/files
+* Replace sprintf with snprintf in src/libImaging/Convert.c
+
+---
+--- a/src/libImaging/Convert.c
 b/src/libImaging/Convert.c
+@@ -1664,9 +1664,8 @@
+ #ifdef notdef
+ return (Imaging) ImagingError_ValueError("conversion not supported");
+ #else
+-static char buf[256];
+-/* FIXME: may overflow if mode is too large */
+-sprintf(buf, "conversion from %s to %s not supported", imIn->mode, 
mode);
++static char buf[100];
++snprintf(buf, 100, "conversion from %.10s to %.10s not supported", 
imIn->mode, mode);
+ return (Imaging) ImagingError_ValueError(buf);
+ #endif
+ }
+@@ -1724,9 +1723,8 @@
+ }
+ #else
+ {
+-  static char buf[256];
+-  /* FIXME: may overflow if mode is too large */
+-  sprintf(buf, "conversion from %s to %s not supported in 
convert_transparent", imIn->mode, mode);
++  static char buf[100];
++  snprintf(buf, 100, "conversion from %.10s to %.10s not supported in 
convert_transparent", imIn->mode, mode);
+   return (Imaging) ImagingError_ValueError(buf);
+ }
+ #endif
diff -Nru pillow-8.1.2+dfsg/debian/patches/series 
pillow-8.1.2+dfsg/debian/patches/series
--- pillow-8.1.2+dfsg/debian/patches/series 2021-06-13 17:10:51.0 
+0100
+++ pillow-8.1.2+dfsg/debian/patches/series 2021-07-19 09:45:27.0 
+0100
@@ -7,3 +7,4 @@
 CVE-2021-28676.patch
 CVE-2021-28677.patch
 CVE-2021-28678.patch
+CVE-2021-34552.patch

Bug#991285: unblock: strip-nondeterminism/1.12-0.1

[Chris Lamb]

Holger Levsen wrote:

> strip-nondeterminism (1.12.0-1) unstable; urgency=medium
>
>   [ Chris Lamb ]
>   * Support normalising Python "pyzip" files -- ie. zip-compressed .py files
> with a regular Python shebang. (Closes:  
> reproducible-builds/strip-nondeterminism#18)
>   * Drop single-debian-patch, etc.
>
>   [ Bernhard M. Wiedemann ]
>   * Move exception handling closer to call using perl's "//" operator.

As the author/merger of these changes, I would support an unblock and
have no reason to suspect that this might cause a regression,
especially given the codepaths that were modified.

However, the problems that this version fixes are relatively minor and
were actually to address issues that were initially discovered in
openSUSE, not Debian. They do affect Debian, but this remark provides
some insight on the impact of the issue in Debian itself.

However, as Holger mentions, the strongest argument for an unblock is
the following:

> Rather obviously this more or less against the freeze guidelines but given the
> fact that it's been used in many bullseye builds during the freeze  [...]

Either way though, it's always nice to minimise the diff, but I would
perfectly understand if this is rather too late.


Regards,

--
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org  chris-lamb.co.uk
   `-

Bug#991287: marked as done (unblock: containerd/1.4.5~ds1-2)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 07:42:36 +
with message-id 
and subject line unblock containerd
has caused the Debian Bug report #991287,
regarding unblock: containerd/1.4.5~ds1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991287: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991287
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: z...@debian.org

Please unblock package containerd

[ Reason ]
Backport patch for CVE-2021-32760:
https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w

[ Impact ]
If it's blocked, the package has security issue.

[ Tests ]
Upstream has added a regression test to the patch.

[ Risks ]
Only one line change(in archive/tar_unix.go file), and a new test (in 
archive/tar_unix.go file).

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]

unblock containerd/1.4.5~ds1-2


diff -Nru containerd-1.4.5~ds1/debian/changelog 
containerd-1.4.5~ds1/debian/changelog
--- containerd-1.4.5~ds1/debian/changelog   2021-05-12 13:17:38.0 
+0800
+++ containerd-1.4.5~ds1/debian/changelog   2021-07-20 02:36:10.0 
+0800
@@ -1,3 +1,9 @@
+containerd (1.4.5~ds1-2) unstable; urgency=medium
+
+  * Backport patches for CVE-2021-32760
+
+ -- Shengjing Zhu   Tue, 20 Jul 2021 02:36:10 +0800
+
 containerd (1.4.5~ds1-1) unstable; urgency=medium
 
   * New upstream patch version v1.4.5
diff -Nru containerd-1.4.5~ds1/debian/gbp.conf 
containerd-1.4.5~ds1/debian/gbp.conf
--- containerd-1.4.5~ds1/debian/gbp.conf2021-05-12 13:17:38.0 
+0800
+++ containerd-1.4.5~ds1/debian/gbp.conf2021-07-20 02:36:10.0 
+0800
@@ -1,4 +1,5 @@
 [DEFAULT]
 pristine-tar = True
 debian-branch = debian/sid
+upstream-branch = upstream/sid
 dist = DEP14
diff -Nru containerd-1.4.5~ds1/debian/patches/0008-CVE-2021-32760.patch 
containerd-1.4.5~ds1/debian/patches/0008-CVE-2021-32760.patch
--- containerd-1.4.5~ds1/debian/patches/0008-CVE-2021-32760.patch   
1970-01-01 08:00:00.0 +0800
+++ containerd-1.4.5~ds1/debian/patches/0008-CVE-2021-32760.patch   
2021-07-20 02:36:10.0 +0800
@@ -0,0 +1,91 @@
+From 03aa748c11663e87a72fab92b7ab7c88c28bf13e Mon Sep 17 00:00:00 2001
+From: Derek McGowan 
+Date: Tue, 6 Jul 2021 12:37:54 -0700
+Subject: [PATCH 1/2] Use chmod path for checking symlink
+
+Signed-off-by: Derek McGowan 
+(cherry picked from commit 27597ccfd30d8aa06b448062896bccfb33ad8f22)
+Signed-off-by: Derek McGowan 
+---
+ archive/tar_unix.go | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/archive/tar_unix.go b/archive/tar_unix.go
+index 6e89d2fdbc9..c22e79bf2be 100644
+--- a/archive/tar_unix.go
 b/archive/tar_unix.go
+@@ -113,7 +113,7 @@ func handleTarTypeBlockCharFifo(hdr *tar.Header, path 
string) error {
+ 
+ func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error {
+   if hdr.Typeflag == tar.TypeLink {
+-  if fi, err := os.Lstat(hdr.Linkname); err == nil && 
(fi.Mode() == 0) {
++  if fi, err := os.Lstat(path); err == nil && 
(fi.Mode() == 0) {
+   if err := os.Chmod(path, hdrInfo.Mode()); err != nil && 
!os.IsNotExist(err) {
+   return err
+   }
+
+From 664f93ead6c613a9f0e9932dfa75c602dbe35f41 Mon Sep 17 00:00:00 2001
+From: Derek McGowan 
+Date: Tue, 6 Jul 2021 16:23:03 -0700
+Subject: [PATCH 2/2] Add test for archive breakout test for lchmod
+
+Signed-off-by: Derek McGowan 
+(cherry picked from commit ad81d76219a75559cb9d74a214efe0d779d7cbef)
+Signed-off-by: Derek McGowan 
+---
+ archive/tar_test.go | 35 +++
+ 1 file changed, 35 insertions(+)
+
+diff --git a/archive/tar_test.go b/archive/tar_test.go
+index 568f5a95f1c..8ffd3f221b8 100644
+--- a/archive/tar_test.go
 b/archive/tar_test.go
+@@ -243,6 +243,11 @@ func TestBreakouts(t *testing.T) {
+   return nil
+   }
+   errFileDiff := errors.New("files differ")
++  td, err := ioutil.TempDir("", "test-breakouts-")
++  if err != nil {
++  t.Fatal(err)
++  }
++  defer os.RemoveAll(td)
+ 
+   isSymlinkFile := func(f string) func(string) error {
+   return func(root string) error {
+@@ -744,6 +749,36 @@ func TestBreakouts(t *testing.T) {
+   // resolution 

Bug#991286: marked as done (unblock: netdiscover/0.7-4)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 07:40:55 +
with message-id 
and subject line unblock netdiscover
has caused the Debian Bug report #991286,
regarding unblock: netdiscover/0.7-4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
991286: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991286
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: eribe...@debian.org

Dear Release Team,

Please unblock package netdiscover.

[ Reason ]

The revision 0.7-4 has a patch (030) to add an important fix from the
upstream[1]. This fix allows netdiscover to use correctly CIDR /24 if
netdiscover is being built with libpcap >= 1.10.

This fix closes #991258

[1] 
https://github.com/netdiscover-scanner/netdiscover/commit/2de0187c8b6aad3ca5393d96fbc5b00c453c3d23

Short explanation: Older versions of libpcap ignored to_ms on Linux. The
current version captures packets until a buffer a filled or the specified
timeout elapses. The value 0 disables that timeout, so libpcap will only start
delivering packets once the buffer is filled.

[ Impact ]

If the unblock isn't granted, the user will not able to scan a network using
the option '-r /24', so only /8 and /16 will work.

[ Tests ]

Several tests were made after the fix and it worked fine.

[ Risks ]

This is a trivial fix and it has no risks for the whole source code.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

unblock netdiscover/0.7-4
diff -Nru netdiscover-0.7/debian/changelog netdiscover-0.7/debian/changelog
--- netdiscover-0.7/debian/changelog2021-02-06 00:05:00.0 -0300
+++ netdiscover-0.7/debian/changelog2021-07-18 17:23:16.0 -0300
@@ -1,3 +1,10 @@
+netdiscover (0.7-4) unstable; urgency=medium
+
+  * debian/patches/030_fix_cidr24.patch: created to fix no results with CIDR 
/24
+and libpcap >= 1.10. Thanks to Enrico Schmitz. (Closes: #991258)
+
+ -- Joao Eriberto Mota Filho   Sun, 18 Jul 2021 17:23:16 
-0300
+
 netdiscover (0.7-3) unstable; urgency=medium
 
   * debian/patches/20_update-oui.patch: updated.
diff -Nru netdiscover-0.7/debian/patches/030_fix_cidr24.patch 
netdiscover-0.7/debian/patches/030_fix_cidr24.patch
--- netdiscover-0.7/debian/patches/030_fix_cidr24.patch 1969-12-31 
21:00:00.0 -0300
+++ netdiscover-0.7/debian/patches/030_fix_cidr24.patch 2021-07-18 
17:23:16.0 -0300
@@ -0,0 +1,21 @@
+Description: Fix no results with CIDR /24 and libpcap >= 1.10
+Author: Enrico Schmitz
+Origin: 
https://github.com/netdiscover-scanner/netdiscover/commit/2de0187c8b6aad3ca5393d96fbc5b00c453c3d23
+Bug: https://github.com/netdiscover-scanner/netdiscover/issues/9
+Bug-Debian: https://bugs.debian.org/991258
+Forwarded: not-needed
+Reviewed-By: Joao Eriberto Mota Filho 
+Last-Update: 2021-07-18
+Index: netdiscover/src/ifaces.h
+===
+--- netdiscover.orig/src/ifaces.h
 netdiscover/src/ifaces.h
+@@ -45,7 +45,7 @@ extern "C"
+   typedef uint16_t u_int16_t;
+   typedef uint8_t  u_int8_t;
+#else
+-  #define PCAP_TOUT 0
++  #define PCAP_TOUT 512
+#endif
+ 
+ 
diff -Nru netdiscover-0.7/debian/patches/series 
netdiscover-0.7/debian/patches/series
--- netdiscover-0.7/debian/patches/series   2021-02-06 00:04:57.0 
-0300
+++ netdiscover-0.7/debian/patches/series   2021-07-18 17:23:16.0 
-0300
@@ -1,2 +1,3 @@
 10_fix-makefile.patch
 20_update-oui.patch
+030_fix_cidr24.patch
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---

Bug#990977: marked as done (unblock: python-aiosqlite/0.16.1-2)

[Debian Bug Tracking System]

Your message dated Tue, 20 Jul 2021 09:08:57 +0200
with message-id 

and subject line Re: Bug#990977: unblock: python-aiosqlite/0.16.1-2
has caused the Debian Bug report #990977,
regarding unblock: python-aiosqlite/0.16.1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
990977: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990977
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock package python-aiosqlite

[ Reason ]
The upload contains a small bugfix (#982529) to the package build.

We mistakenly thought the existing autopkgtest would allow the package
to migrate and missed that it is marked 'superficial'.

I'd be happy to provide a new upload with a more useful autopkgtest
that executes the test suite, if that'd work for you.

[ Impact ]
Package does not build reproducibly.

[ Tests ]
The test suite runs through.

[ Risks ]
One line change to the package build.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

unblock python-aiosqlite/0.16.1-2
diff -Nru python-aiosqlite-0.16.1/debian/changelog 
python-aiosqlite-0.16.1/debian/changelog
--- python-aiosqlite-0.16.1/debian/changelog2020-11-28 09:32:34.0 
+0100
+++ python-aiosqlite-0.16.1/debian/changelog2021-06-27 23:17:37.0 
+0200
@@ -1,3 +1,10 @@
+python-aiosqlite (0.16.1-2) unstable; urgency=medium
+
+  * Fix reproducibility by removing RECORD file (Closes: #982529). Thanks to
+Chris Lamb.
+
+ -- Benjamin Hof   Sun, 27 Jun 2021 23:17:37 +0200
+
 python-aiosqlite (0.16.1-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru python-aiosqlite-0.16.1/debian/rules 
python-aiosqlite-0.16.1/debian/rules
--- python-aiosqlite-0.16.1/debian/rules2020-11-28 09:32:34.0 
+0100
+++ python-aiosqlite-0.16.1/debian/rules2021-06-27 23:17:37.0 
+0200
@@ -21,4 +21,4 @@
 # make reproducible
 override_dh_auto_install:
dh_auto_install
-   find -name direct_url.json -delete
+   find \( -name direct_url.json -or -name RECORD \) -delete
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---