Bug#990376: vim-icinga2: please migrate to dh-vim-addon

Control: tags -1 pending Hi Louis-Philippe, Thanks for the patch, it's applied in git with a few improvements. I like how it uses the start directory to have it automatically loaded on startup. This simplifies the procedure in the documentation to match the experience on other distributions

Bug#990559: Please unblock package mdevctl 0.81-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, please unblock mdevctl 0.81-1. It fixes a problem with an allowed combined usage two parameters. v0.78 -> 0.81 sounds a lot, but that is due to the way upstream creates versions which

Bug#989799: psmisc: Undeclared file conflict with manpages-de

Hi Helge, On Fri, 2 Jul 2021 10:29:53 +0900 Hideki Yamane wrote: > We can close it via mail, but should investigate its reason, IMO. Note it as https://bugs.debian.org/990557 Let's close Bug#989799 via hand. -- Hideki Yamane

Bug#867548: Available for Additional Testing

Since update from Buster to Bullseye on hard disc and on live USB boot when using Built-in Audio Digital Stereo(HDMI 2) on playback for Youtube and other video streams I have noticed variable skipping of audio and video , audio out of sync, video racing at fast

Bug#990375: vim-puppet: please migrate to dh-vim-addon

tags 990375 pending thanks This has been fixed by this commit [1] and a new version will be uploaded once Bullseye has been released. [1]: https://salsa.debian.org/puppet-team/vim-puppet/-/commit/844d15fe3d7f5b6c1cdf18785c6717fa14beea37 -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Louis-Philippe Véronneau ⢿⡄⠘⠷⠚⠋

Bug#990531: unblock: grub2/2.04-19

Paul Gevers (2021-07-01): > I had a look at this the other day and if my memory recalls correctly, > I'm fine with it. But as there's a block-udeb, we need an ACK from kibi > (in CC via boot). grub2 and its signed packages are welcome, thanks. Cheers, -- Cyril Brulebois (k...@debian.org)

Bug#989185: youtube-dl: needs version update to 2021.05.16 to continue working with youtube

Hi Thorsten, thanks for the explicit CC. You know I'm new to this package. I've subscribed in tracker now. On Thu, Jul 01, 2021 at 08:20:23PM +, Thorsten Glaser wrote: > Hi an3as, > > I know we’re in a freeze, but… > > >Using the upstream binary works, so, a mere update should fix this. >

Bug#990376: vim-icinga2: please migrate to dh-vim-addon

tags -1 patch thanks On 2021-06-28 00 h 34, Sebastiaan Couwenberg wrote: > Control: tags -1 moreinfo > > On 6/27/21 8:48 PM, Louis-Philippe Véronneau wrote: >> Debian now has dh-vim-addon [1] to manage the installation procedure of >> vim packages. It does "the right thing" (makes vim packages

Bug#990557: bugs.debian.org: Not automatically close Bug#989799 for buster-backports

Package: bugs.debian.org Severity: important Dear Maintainer, As https://tracker.debian.org/news/1243791/accepted-manpages-l10n-4100-1bpo101-source-into-buster-backports-backports-policy-buster-backports/ Bug#989799 was noted as "Closes" but not done automatically. We expect that is closed,

Bug#990162: power consumption regression

Tested Debian Bullseye RC2 - no Desktop Environment (GUI) appended to /etc/sources on deb lines: contrib nonfree apt install firmware-misc-nonfree apt install powertop powertop --auto-tune run as a service at boot /etc/default/grub contains GRUB_CMDLINE_LINUX_DEFAULT="quiet consoleblank=5" #

Bug#989799: psmisc: Undeclared file conflict with manpages-de

On Thu, 1 Jul 2021 21:07:03 +0200 Helge Kreutzmann wrote: > It now has. So this bug is closed, if users upgrade to the latestes > backport version. Hmm, however, this bug is not closed automatically. Weird.

Bug#990556: [chaos-marmosets]

Package: chaos-marmosets Version: SoapFault - faultcode: 'SOAP-ENV:Server' faultstring: 'Processing Failure' faultactor: 'null' detail: org.kxml2.kdom.Node@f50663c Severity: Tags: X-Debbugs-CC: Dear Maintainer, *** Please consider answering these questions, where appropriate *** * What led up

Bug#990555: When using an HTTPS proxy for HTTP repositories, APT ignores CaInfo (and possibly other Acquire::https options)

Package: apt Version: 1.8.2.3 When using an HTTPS proxy for plain-HTTP repositories, it seems that CaInfo is ignored. Typically: apt-get -o Acquire::https::CaInfo=/cafile.crt -o Acquire::http::Proxy= ["https://apt-cache.local;](https://apt-cache.local) update will fail with: Certificate

Bug#990554: tcpdump: leftover legacy configuration /etc/apparmor.d/local/usr.sbin.tcpdump

Package: tcpdump Version: 4.99.0-2 Severity: normal Hi. In some version, /etc/apparmor.d/usr.sbin.tcpdump was moved to /etc/apparmor.d/usr.bin.tcpdump. While this worked nicely for the file itself, any legacy instllations now have: ls -al /etc/apparmor.d/local/usr.*bin.tcpdump -rw-r--r-- 1

Bug#982794: firefox-esr: illegal instruction in libxul.so on armhf

(somehow my message didn't made it to the BTS, sorry for double post.) Hi Hideki and Vincent, just some information from a bystander. Also Ccing the bug author for more information. @Vincent: would be great to get your answers as well. * Hideki Yamane [2021-06-28 22:35]: On Sun, 14 Feb

Bug#927076: xournalpp packaging in Debian: how can we help?

Le Mon, Jun 28, 2021 at 12:52:02AM +0100, Barak A. Pearlmutter a écrit : > There is a pristine-tar branch on both salsa and my GitHub fork repo I *think* that the issue comes from uscan: | W: Unable to locate package xournalpp | Trying uscan --download --download-current-version ... | uscan

Bug#990553: linux-image-5.10.0-7-amd64: [Dell Inc. Latitude E6500] suspend & poweroff fail always

Package: src:linux Version: 5.10.40-1 Severity: normal X-Debbugs-Cc: ddbg72982...@gmail.com Dear Maintainer, Suspend does not complete on Latitude E6500. >From Fn+F1, mate menu, power-button, or lid: Display goes fully dark, but fan stays on and power LED does not

Bug#990183: libopenscap8: libopenscap.so.8 is missing from libopenscap8 and is expected by scap-workbench

Hi On 2021-06-30 17:40:42 +0900, Hideki Yamane wrote: > Hi, > > On Tue, 22 Jun 2021 11:23:51 +0200 Sebastian Ramacher > wrote: > > 1.3.4-1 would have needed to rename the package to libopenscap25 and > > start a library transition. The library package also contains a bunch of > > binaries and

Bug#931838: workaround

The easiest way to implement this it to create a base.tar file using mmdebstrap and then call fai-make-nfsroot -B base.tar . Then no deboostrap is called. -- viele Grüße Thomas

Bug#990552: unblock: irssi/1.2.3-1

Control: tags -1 moreinfo On 2021-07-01 21:23:57 +0200, Rhonda D'Vine wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Please unblock package irssi > > [ Reason ] > 1.2.3 was a pure bugfix and stability fix release of

Bug#982794: firefox-esr: illegal instruction in libxul.so on armhf

Hi Hideki and Vincent, just some information from a bystander. Also Ccing the bug author for more information. @Vincent: would be great to get your answers as well. * Hideki Yamane [2021-06-28 22:35]: On Sun, 14 Feb 2021 14:12:17 + Vincent Arkesteijn wrote: Firefox is killed with

Bug#990530: unblock: horizon/18.6.2-4 and all of its plugins

Hi Thomas On 2021-07-01 13:36:01 +0200, Thomas Goirand wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Dear release team, > > As per the discussion at: > https://bugs.debian.org/988188 > > I have uploaded an update

Bug#990416: unblock: python-pip/20.3.4-3

Control: retitle -1 unblock: python-pip/20.3.4-4 Changes: python-pip (20.3.4-4) unstable; urgency=medium . * No-change upload against distlib 0.3.2+really+0.3.1-0.1. See #990549. unblock python-pip/20.3.4-4 SR -- Stefano Rivera http://tumbleweed.org.za/ +1 415 683 3272

Bug#989185: youtube-dl: needs version update to 2021.05.16 to continue working with youtube

Hi an3as, I know we’re in a freeze, but… >Using the upstream binary works, so, a mere update should fix this. … there’s a problem, and… >Maybe the Release Team will accept this under the provisio of >keeping up with ever-changing external APIs? … I was under the impression that this was

Bug#990527: kimageformats: CVE-2021-36083

Hi > CVE-2021-36083[0]: kimageformats_5.78.0-5_source.changes uploaded with the fix. Thanks Norbert -- PREINING Norbert https://www.preining.info Fujitsu Research + IFMGA Guide + TU Wien + TeX Live + Debian Dev GPG: 0x860CDC13 fp: F7D8 A928 26E3 16A1 9FA0

Bug#988329: RFS: usbredir/0.9.0-1 -- Simple USB host TCP server

Hi Tobi, > Some review: > - upstream has released 0.10.0 in the meantime. The build system was replaced with Meson between 0.9.0 and 0.10.0 so i've gotten to work on that. it's been a fun challenge. I'll make sure to ping you when I'm done. > - compat level is at the ancient level "9".

Bug#988923: RFS: distorm3/3.5.2b-1 -- powerful disassembler library for x86/AMD64 binary streams (Python3 bindings)

> Thanks! Alas, it fails to build for me: Thanks for the feedback! I didnt fully understand how to use pbuilder so a Python dependency was missing. it should be fixed now and I better understand pbuilder which is nice. I am also fixing a bunch of the other lintian errors which Tobias mentioned

Bug#990552: unblock: irssi/1.2.3-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package irssi [ Reason ] 1.2.3 was a pure bugfix and stability fix release of irssi, no feature changes. Please allow this into bullseye. [ Impact ] bullseye would release

Bug#989799: psmisc: Undeclared file conflict with manpages-de

Hello Hideki, On Wed, Jun 30, 2021 at 01:46:37PM +0900, Hideki Yamane wrote: > Have it reached to buster-backports repo? It now has. So this bug is closed, if users upgrade to the latestes backport version. Greetings Helge -- Dr. Helge Kreutzmann

Bug#990551: unblock: devscripts/2.21.3

Package: release.debian.org User: release.debian@packages.debian.org Usertags: unblock Please unblock package devscripts/2.21.3. [ Reason ] There was a bug in the makefile, which made `debbisect` completely broken. Apologize, as I knew of the brokeness for quite some time, but I totally

Bug#990416: unblock: python-pip/20.3.4-3

Hrm, the original email got truncated at a "." line. Sounds like some broken SMTP thing somewhere... Please unblock package python-pip python-pip (20.3.4-3) unstable; urgency=medium * Modify hands-off-system-packages.patch to act correctly under PyPy3, which shares dist-packages with

Bug#990537: llvm-11: llvm-mt should be built with libxml support

Hello looks great! would you like to propose a patch? Thanks S Le 01/07/2021 à 16:19, Krzysztof Aleksander Pyrkosz a écrit : > Package: llvm-11 > Version: 1:11.0.1-2 > Severity: normal > X-Debbugs-Cc: krzpyrk...@gmail.com > > Dear Maintainer, > > llvm manifest tool (llvm-mt) is not

Bug#990549: unblock: distlib/0.3.2+really+0.3.1-0.1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: d...@debian.org Control: block 990416 with -1 Please unblock package distlib. [ Reason ] To migrate python-pip (#990416) which bundles distlib, I need distlib to migrate. A

Bug#990548: cdtool's cdown: depends on dead freedb.freedb.org network server

Package: cdtool Version: 2.1.8-release-8 Severity: normal Justification: grave for the only tool that depends on it, but the rest of the cdtool package is unaffected Dear maintainer, The cdown command is for querying the database hosted on freedb.freedb.org, but that hostname no longer

Bug#981815: Please explain

On Thu, Jul 01, 2021 at 07:59:51AM +0200, Marc Haber wrote: > I cringe at the necessity of using strace to obtain vital debugging > information. Would it be worth to make an upstream withlist request for > debugging output of this string so that stracing sudo unnecessary? It is > quite hard to

Bug#939287: Add urgency level separators

On Tue, 03 Sep 2019 03:37:58 +0800 =?utf-8?B?56mN5Li55bC8?= Dan Jacobson wrote: > Man page says 'The groups are sorted by the urgency of the most urgent > change, and than by the package name.' > > Alas, that looks like > > A > B > C > A > B > A > B > > to the user. So perhaps add > >

Bug#976461: [Pkg-privacy-maintainers] Bug#976461: torbrowser-launcher: fails to launch, apparmor=DENIED (incomplete fix for #908068?)

On 01/07/2021 16:32, Roger Shimizu wrote: Please kindly try latest version in bullseye or buster-backports. Thank you! I can confirm it works in the latest version from buster-backports (0.3.3-6~bpo10+1). Thanks! -- Andrew Gallagher OpenPGP_signature Description: OpenPGP digital

Bug#990493: node-babel-plugin-add-module-exports broken with babel-preset-env 7

On Wed, 30 Jun 2021 21:23:37 +0530 Pirate Praveen wrote: > $ reverse-depends -b node-babel-plugin-add-module-exports > Reverse-Build-Depends > * autosize.js > * node-babel-plugin-lodash > * node-colormin > * node-css-loader > * node-deep-for-each > * node-es6-promise > * node-handlebars > *

Bug#990547: libsystemd-shared broken in Multi-Arch

Source: systemd Version: 247.3-5 I noticed that systemd-machined was failing to start on an arm64 box. This box had armhf enabled, and turns out systemd had been cross-graded over to systemd:armhf[*]. It still had systemd-container:arm64 installed, so now I had an arm64

Bug#990546: bird2: IPv6 RPKI Remote Address truncated when using hostname as remote

Package: bird2 Version: 2.0.7-4.1~bpo10+2 Severity: important Tags: ipv6 upstream When Specifing an hostname as remote in the RPKI protocol which resolves to an IPv6 only host, the address is truncated. E.g. "rpki.example.com" resolves to 2001:DB8:a:b:c:d:e:f, in tcpdump it is visible that bird

Bug#990545: Please add iso-codes to the build-dependencies

Source: darktable Version: 3.4.1-5 Severity: wishlist Hello, Could you please add iso-codes to the build-dependencies? That will allow darktable to show the language name in the preference instead of just the language code Kind regards, Laurent Bigonville -- System Information: Debian

Bug#986840: apt-listchanges fails to parse status files with ^M characters; should use apt_pkg.TagFile, not write its own parser

Julian, I didn't see that you cloned this bug and assigned it to dpkg and that the bug is no longer in apt-listchanges. I still think that your original proposal for apt-listchanges is relevant and is a change worth making. -- Best regards, Brian T signature.asc Description: PGP signature

Bug#990544: python3-keystone: Some federated-identity operations fail due to provider name being a bytestream

Package: python3-keystone Version: 2:14.2.0-0+deb10u1 Severity: normal Tags: patch upstream Hello, With Keystone configured as a federated-identity Service Provider (with the IdP accessed over OpenID in our case but it might affect other protocols as well), certain operations performed as a

Bug#986840: apt-listchanges fails to parse status files with ^M characters; should use apt_pkg.TagFile, not write its own parser

> As reported in > https://bugs.launchpad.net/ubuntu/+source/apt-listchanges/+bug/1854772, > apt-listchanges > fails to parse status files that contain carriage return characters, as > Python normalizes the line endings. I'm tracking the downstream bug in Ubuntu as well as this one. > Instead of

Bug#990543: rpm: CVE-2021-35937 CVE-2021-35938 CVE-2021-35939

Source: rpm X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerabilities were published for rpm. CVE-2021-35937[0]: TOCTOU race in checks for unsafe symlinks https://bugzilla.redhat.com/show_bug.cgi?id=1964129 CVE-2021-35938[1]: races with

Bug#990542: glibc: CVE-2021-35942

Source: glibc X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for glibc. CVE-2021-35942[0]: Wild read in wordexp (parse_param) https://sourceware.org/bugzilla/show_bug.cgi?id=28011

Bug#898867: lintian: embedded-php-library libmarkdown-php vs. php-markdown confusion

Hi, On Thu, Jul 1, 2021 at 8:29 AM Thorsten Glaser wrote: > > I don’t follow: movim in sid depends on php-markdown: No worries. I assumed, mistakenly so it seems, that php-markdown was not part of the substitution variables here:

Bug#990541: unrar-nonfree: CVE-2018-25018

Source: unrar-nonfree X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for unrar-nonfree. CVE-2018-25018[0]: | UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write | during a memcpy in QuickOpen::ReadRaw when

Bug#976461: [Pkg-privacy-maintainers] Bug#976461: torbrowser-launcher: fails to launch, apparmor=DENIED (incomplete fix for #908068?)

control: tags -1 +moreinfo On Sat, Dec 5, 2020 at 9:09 PM Andrew Gallagher wrote: > > Package: torbrowser-launcher > Version: 0.3.3-2 > Severity: important > > Dear Maintainer, > > I updated torbrowser-launcher from 0.2.9-1~bpo9+1 to 0.3.2-14~bpo10+1. This > has rendered > torbrowser-launcher

Bug#898867: lintian: embedded-php-library libmarkdown-php vs. php-markdown confusion

Felix Lechner dixit: >> Surprised, I discovered that we have *two* versions of the same >> michelf/php-markdown source in Debian, libmarkdown-php being the >> older 1.0 version. > >Even though some time has passed, neither version seems to be used by >other packages in bullseye. (And, despite

Bug#990539: /etc/hosts not updated on boot

Control: forcemerge 942325 -1 Hi On Thu, Jul 01, 2021 at 05:07:26PM +0200, Thomas Goirand wrote: > As per the subject line, /etc/hosts isn't updated > when the machine boots on OpenStack. However, > it looks like the hostname is set. There is already a bug open for this one. Please don't open

Bug#990540: mruby: CVE-2020-36401

Source: mruby X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for mruby. CVE-2020-36401[0]: | mruby 2.1.2 has a double free in mrb_default_allocf (called from | mrb_free and obj_free).

Bug#990538: Please package a new testng version 7.x

TestNG 7.x requires Gradle 7 to build, this means we have to complete the packaging of Kotlin first (or rewrite the build script). Emmanuel Bourg

Bug#990539: /etc/hosts not updated on boot

Package: cloud.debian.org Severity: important Hi, As per the subject line, /etc/hosts isn't updated when the machine boots on OpenStack. However, it looks like the hostname is set. Having a VM's own hostname resolve through /etc/hosts is highly desirable, and IMO should be fixed ASAP. Cheers,

Bug#990538: Please package a new testng version 7.x

Package: src:testng OpenJDK 17, and 18 now require jtreg 6 to run the tests. Looking at jtreg 6 itself, I read: * TestNG: See . The recommended version is currently 7.3.0. (Do not use 7.4.0 to run OpenJDK tests.) TestNG has dependencies on JCommander and Google

Bug#990537: llvm-11: llvm-mt should be built with libxml support

Package: llvm-11 Version: 1:11.0.1-2 Severity: normal X-Debbugs-Cc: krzpyrk...@gmail.com Dear Maintainer, llvm manifest tool (llvm-mt) is not configured to use libxml2, which is an essential dependency of this program. $ llvm-mt /manifest foobar.xml llvm-mt: error: no libxml2 The problem is

Bug#990536: linux: Please enable RK805 PMIC components for Rock64 SBC.

Source: linux Version: 5.10.46-1 Severity: wishlist Tags: patch On Pine64's Rock64 SBC the RK805 Power Management IC is used, but it's not enabled in arm64's config, so hereby the request to enable it. It's about the following 2 settings: - CONFIG_PINCTRL_RK805=y - CONFIG_INPUT_RK805_PWRKEY=m

Bug#990535: Problem when using -p (parent) and json content together

Package: mdevctl Version: 0.78-1 There is a problem when using -p (parent) and json content together as it misses a directory and fails. While it will be more of a problem with libvirt 7.3 and later which we won't have in this release it still is an issue that people might face today when

Bug#988734: (no subject)

Control: tags 988734 patch I hope attached patch will help. bug988734.debdiff Description: Binary data

Bug#990417: small C code snipplet to reproduce the error

In order to reproduce the error I took the code from here (also attached): https://gist.github.com/chergert/eb6149916b10d3bf094c and commented out the #include . and compiled it with gcc vdso-getcpu.c -ldl running the resulting a.out will crash on a s390x qemu guest, but on ppc64el guest not. I

Bug#990534: arduino: Arduino-IDE not starting witch Cinnamon Desktop.

Package: arduino Version: 2:1.8.13+dfsg1-2 Severity: important X-Debbugs-Cc: sven...@gmail.com Dear Maintainer, * What led up to the situation? If I click on the icon of arduino, nothing is happening. In top I see only for a short moment something with Java. * What exactly did you do (or

Bug#960676: autofs: update service file

So my race condition doesn't seem to be because of autofs not signalling readiness itself, since my problem still occurs with systemd support enabled in autofs and, as I noticed, also well after boot. Still, building autofs with systemd support would be nice to have in bookworm. It's time. :)

Bug#990496: gcc-mingw-w64-x86-64-win32-runtime: libgcc_s_seh-1.dll built without NX and without ASLR

Hi Stephen, On 2021-06-30 21:18, Stephen Kitt wrote: On Wed, 30 Jun 2021 19:37:18 +0200, Tim Kosse ~$ x86_64-w64-mingw32-objdump -p /usr/lib/gcc/x86_64-w64-mingw32/8.3-win32/libgcc_s_seh-1.dll | grep DllCharacteristics DllCharacteristics 0160 Not quite: the DLLs were built with

Bug#990531: unblock: grub2/2.04-19

Control: tags -1 confirmed d-i Hi, On 01-07-2021 14:02, Colin Watson wrote: > Please unblock grub2 2.04-19. This fixes unbootability problems after > certain kinds of grub-install failure, which I think constituted an > important-severity bug at the very least. I did this by resyncing the >

Bug#990533: f2fs-tools: suggestions for the packaging

Package: src:f2fs-tools Severity: wishlist Tags: patch Hello. Please consider the attached style suggestions for the Debian packaging. >From 357cc821b7ed2bd1e6616a6b964780aeedfb2b83 Mon Sep 17 00:00:00 2001 From: Nicolas Boulenguez Date: Thu, 1 Jul 2021 11:09:38 +0200 Subject: [PATCH 1/4] Remove

Bug#990530: Wrong version for vitrage

vitrage-dashboard/2.0.0-3

Bug#990521: I wonder whether bug #990521 "apt-secure points to apt-key which is deprecated" should get a higher severity

On Thu, Jul 01, 2021 at 02:27:31PM +0200, Julian Andres Klode wrote: > > > I disagree, and think this bug is a minor documentation issue, > > > your issue here is likely outside the computer. > > > > I stick to the opinion that apt-secure pointing to apt-key which > > is deprecated is simply the

Bug#990532: RFS: eta/1.0.1-1 [ITP] -- Utility for monitoring ETA and progress of an arbitrary process

Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "eta": * Package name: eta Version : 1.0.1-1 Upstream Author : Andreas Lundblad * URL : https://github.com/aioobe/eta * License : GPL-3.0+ * Vcs

Bug#898867: lintian: embedded-php-library libmarkdown-php vs. php-markdown confusion

Hi Thorsten, > Surprised, I discovered that we have *two* versions of the same > michelf/php-markdown source in Debian, libmarkdown-php being the > older 1.0 version. Even though some time has passed, neither version seems to be used by other packages in bullseye. (And, despite your message,

Bug#990521: I wonder whether bug #990521 "apt-secure points to apt-key which is deprecated" should get a higher severity

On Thu, Jul 01, 2021 at 02:18:17PM +0200, Andreas Tille wrote: > Hi Julian, > > On Thu, Jul 01, 2021 at 02:02:43PM +0200, Julian Andres Klode wrote: > > Control: severity -1 minor > > > > On Thu, Jul 01, 2021 at 01:51:22PM +0200, Andreas Tille wrote: > > > I have some packages for my own use (I

Bug#990531: unblock: grub2/2.04-19

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock grub2 2.04-19. This fixes unbootability problems after certain kinds of grub-install failure, which I think constituted an important-severity bug at the very least. I did

Bug#990521: I wonder whether bug #990521 "apt-secure points to apt-key which is deprecated" should get a higher severity

Hi Julian, On Thu, Jul 01, 2021 at 02:02:43PM +0200, Julian Andres Klode wrote: > Control: severity -1 minor > > On Thu, Jul 01, 2021 at 01:51:22PM +0200, Andreas Tille wrote: > > I have some packages for my own use (I mean there is no reason to expect > > that someone wants to pull things from

Bug#990521: I wonder whether bug #990521 "apt-secure points to apt-key which is deprecated" should get a higher severity

Control: severity -1 minor On Thu, Jul 01, 2021 at 01:51:22PM +0200, Andreas Tille wrote: > Hi, > > I'm running a (quite) up to date testing and recently I stumbled upon > > $ sudo apt update > ... > Err:8 http://fam-tille.de/debian local InRelease > The following signatures couldn't be

Bug#990521: I wonder whether bug #990521 "apt-secure points to apt-key which is deprecated" should get a higher severity

Hi, I'm running a (quite) up to date testing and recently I stumbled upon $ sudo apt update ... Err:8 http://fam-tille.de/debian local InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 578A0494D1C646D1 ... W: GPG error:

Bug#990489: python3-expeyes: why is there a Conflicts: modemmanager ?

Dear Andreas, thank you for the hint about post-installation scripts. The colleague whom I lended my Eyes17 box could check the compatibility of expeyes software vs. modemmanager with success: this validates the udev rules file. I uploaded a fixed package to unstable, anf filed an unblock

Bug#990530: unblock: horizon/18.6.2-4 and all of its plugins

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Dear release team, As per the discussion at: https://bugs.debian.org/988188 I have uploaded an update of Horizon and all of its plugins. The debdiff for Horizon is attached. Below,

Bug#990529: tesseract: CVE-2021-36081

Source: tesseract X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for tesseract. CVE-2021-36081[0]: | Tesseract OCR 5.0.0-alpha-20201231 has a one_ell_conflict use-after- | free during a strpbrk call.

Bug#990528: ndpi: CVE-2021-36082

Source: ndpi X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for ndpi. CVE-2021-36082[0]: | ntop nDPI 3.4 has a stack-based buffer overflow in | processClientServerHello.

Bug#990527: kimageformats: CVE-2021-36083

Source: kimageformats X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for kimageformats. CVE-2021-36083[0]: | KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer | overflow in XCFImageFormat::loadTileRLE.

Bug#990440: debianutils: manage /etc/shells declaratively using triggers

On Thu, Jul 01, 2021 at 07:31:19AM +0200, Helmut Grohne wrote: > There is no need to read the whole discussion. My bug submission > contains the most important parts. If you have any other questions, just > ask and I'll answer them on the bug. > > What other files do you have in mind that could

Bug#990526: libsepol: CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087

Source: libsepol X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerabilities were published for libsepol. CVE-2021-36084[0]: | The CIL compiler in SELinux 3.2 has a use-after-free in | __cil_verify_classperms (called from

Bug#990525: libgrokj2k: CVE-2021-36089

Source: libgrokj2k X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for libgrokj2k. CVE-2021-36089[0]: | Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in | grk::FileFormatDecompress::apply_palette_clr (called from |

Bug#990523: unblock: expeyes/4.8.8+repack-2

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package expeyes [ Reason ] As Andreas Beckman reported, in bug #990489, this package did not allow a smooth upgrade from buster to bullseye. The reason was a declared

Bug#990524: rabbitmq-server: CVE-2021-32719 CVE-2021-32718

Source: rabbitmq-server X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerabilities were published for rabbitmq-server. CVE-2021-32719[0]: | RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server | prior to version 3.8.18, when a

Bug#990522: libtpms: CVE-2021-3623

Source: libtpms X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for libtpms. CVE-2021-3623[0]: out-of-bounds access when trying to resume the state of the vTPM https://github.com/stefanberger/libtpms/pull/223

Bug#987713: openjdk-11: non-free PKCS#11 headers

forwarded to https://mail.openjdk.java.net/pipermail/jdk-dev/2021-April/005416.html has a follow-up from Florian Weimer at https://mail.openjdk.java.net/pipermail/jdk-dev/2021-April/005426.html and Dalibor Topic https://mail.openjdk.java.net/pipermail/jdk-dev/2021-May/005526.html

Bug#990447: fwupdmgr: Unable to install new updates

Control: reassign -1 shim Control: affects -1 fwupd On Wed, Jun 30, 2021 at 11:27:52PM +0200, Ansgar wrote: > Salvatore Bonaccorso writes: > > On Tue, Jun 29, 2021 at 02:04:47PM +0200, Salvatore Bonaccorso wrote: > >> Package: fwupd > >> Version: 1.5.7-4 > [...] > > Interesting datapoint: I

Bug#990263: podman sets oom_score_adj to -1000 for processes inside the

I just found the bug and the fix! It's not in podman but in conmon! See https://github.com/containers/conmon/releases/tag/v2.0.29 and https://github.com/containers/conmon/commit/b033cb5dfde6de05e63408fc839f1bb641cddd85 On Tue, 29 Jun 2021 00:08:48 +0900 Hideki Yamane wrote: >  Well, I've

Bug#990521: apt-secure points to apt-key which is deprecated

Package: apt Version: 2.2.4 Severity: important Hi, I'm trying to workout how to provide keys for third party archives. Apt-secure(8) says: apt-key is the program that manages the list of keys used by APT to trust repositories. It can be used to add or remove keys as well as list the

Bug#990520: python2.7: add more Breaks to remove unversioned python packages and obsolete module packages

Source: python2.7 Version: 2.7.18-7 Severity: important Hi, here is a the next batch of Breaks for cleaning out obsolete unversioned python packages and python-* module packages on upgrades from buster to bullseye. I think this is as much as we can do on the python2.7 side. Andreas PS: the

Bug#968458: makes crossgrader completely broken, bumping severity

On Tue, Jun 01, 2021 at 09:04:46AM +0200, Julian Andres Klode wrote: >Control: severity -1 normal > >On Mon, May 31, 2021 at 04:57:41PM +0200, Adam Borowski wrote: >> Control: severity -1 serious >> >> Hi! >> Because of this lacking M-A setting, crossgrader always fails in bullseye. >> It had a

Bug#990515: release.debian.org: buster->bullseye upgrade issue: sshfs is not upgraded due to fuse/fuse3

On 01/07/2021 10.38, Paul Gevers wrote: Hi, On 01-07-2021 10:03, Michael Biebl wrote: Related issue: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918984 Right, I forgot about that bug. The issue and "solution" is documented in the release notes. @Andreas, can you confirm that the text

Bug#990519: RFS: sentry-python/1.1.0-2 -- new version of Python SDK for Sentry.io

Package: sponsorship-requests Severity: normal X-Debbugs-Cc: debian-pyt...@lists.debian.org Dear mentors, I am looking for a sponsor for the updated version of the "sentry-python" package. It updates to the upstream version 1.1.0 and addresses #990232. It builds the binary package:    

Bug#990516: why do I have to be root to download a deb file using apt?

Hi Julien, I'm fine with keeping the code as it is. It was just weird to find dpkg's file locking come up for something that should not involve dpkg at all. Of course I found debget, so I am happy. Ticket can be closed. Regards Harri

Bug#989294: unblock: insighttoolkit4/4.13.3withdata-dfsg1-4.1

On 7/1/21 11:25 AM, Sebastian Ramacher wrote: > Besides libotb-apps, is this an issue for any other package? I've randomly > tried two packages from your list above (elastix and odin), but apt > found upgrade paths just fine. > > libotp-apps has a reported popcon of 0. Even if that means that

Bug#990297: unblock: pyyaml/5.3.1-5

Hi, On 25-06-2021 01:12, Stefano Rivera wrote: > Please unblock package pyyaml unblocked. Paul OpenPGP_signature Description: OpenPGP digital signature

Bug#989294: unblock: insighttoolkit4/4.13.3withdata-dfsg1-4.1

On 2021-06-16 12:58:20, Andreas Beckmann wrote: > Control: tag -1 - moreinfo > > On 31/05/2021 13.54, Sebastian Ramacher wrote: > > On 2021-05-31 13:32:33, Andreas Beckmann wrote: > > > > Please unblock package insighttoolkit4 > > > > > > Let's add some Breaks for smoother upgrades from buster

Bug#990237: unblock: aoetools/36-5

Hi, On 23-06-2021 19:58, Christoph Biedl wrote: > Please unblock package aoetools (as of 36-5) unblocked. Paul OpenPGP_signature Description: OpenPGP digital signature

Bug#990518: apt: 'apt install ./.deb' segfaults if a malformed .list file exists

Package: apt Version: 2.2.4 Severity: normal Dear Maintainer, having a single malformed .list file lets 'apt install ./.deb' segfault e.g. having 'foo' in /etc/apt/sources.list.d/test.list maybe related to #792088, #977041 though the stack traces are different stacktrace: --- [Thread

Bug#990516: why do I have to be root to download a deb file using apt?

On Thu, Jul 01, 2021 at 10:30:52AM +0200, Harald Dunkel wrote: > Package: apt > Version: 2.2.4 > > Trying to download a package using an unprivileged account fails with > > % apt -o dir::cache::archives="/tmp/" -d install mg > E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13:

  1   2   >