Bug#1055509: diversions of /sbin/halt and friends

On 12/22/23 12:30, Helmut Grohne wrote: I am happy with all of these changes moving to unstable and trixie. applied and uploaded both p-l-metapackages and bfh-metapackages to unstable. Thanks for your patience. thank you for all your work and help! Regards, Daniel

Bug#1059352: src:apt: fails to migrate to testing for too long: autopkgtest regression on armhf

Source: apt Version: 2.7.6 Severity: serious Control: close -1 2.7.7 Tags: sid trixie User: release.debian@packages.debian.org Usertags: out-of-sync Dear maintainer(s), The Release Team considers packages that are out-of-sync between testing and unstable for more than 30 days as having a

Bug#1059351: swiftlang: [INTL:de] initial German debconf translation

Package: swiftlang Version: 5.6.3 Severity: wishlist Tags: patch l10n Please find the initial German debconf translation for swiftlang attached. Please place this file in debian/po/ as de.po for your next upload. If you update your template, please use 'msgfmt --statistics ' to check the

Bug#1053000: RFS: golang-github-google-gnostic-models/0.6.8-1 [ITP] -- Protocol buffer models for gnostic

On Fri, Dec 22, 2023 at 12:49:34PM +0100, Nicolas Schier wrote: > thanks a lot for your review! I fixed all four points (and updated the > debian/watch version) so lintian is now completely satisfied. > > The corresponding fixup commit is pushed to > > >

Bug#1059350: debian-keyring: missing update since 2023.09.24

Package: debian-keyring X-Debbugs-Cc: ken...@xdump.org Version: 2023.09.24 Severity: normal Dear Maintainer, * What led up to the situation? debian-keyring package has not updated for a while. (last update was debian-keyring 2023.09.24) * What exactly did you do (or not do) that was effective

Bug#1059349: deal.ii ftbfs on ppc64el (with boost1.83)

Package: src:deal.ii Version: 9.5.1-1 Severity: serious Tags: sid trixie X-Debbugs-CC: debian-powe...@lists.debian.org, Debian Boost Team [...] [ 41%] Building CXX object source/dofs/CMakeFiles/object_dofs_debug.dir/number_cache.cc.o cd /<>/obj-powerpc64le-linux-gnu/source/dofs &&

Bug#1012720: golang-k8s-apimachinery: Please remove protected references from salsa repo

On Fri, Dec 22, 2023 at 06:03:11AM +0100, Nicolas Schier wrote: > On Thu, Dec 21, 2023 at 11:01:23PM +0530 Nilesh Patra wrote: > > On Wed, Dec 20, 2023 at 09:49:48AM +0100, Nicolas Schier wrote: > > > On Wed, Dec 20, 2023 at 09:44:31AM +0100 Nicolas Schier wrote: > > > ah, I forgot to mention that

Bug#1059235: bookworm-pu: package fish/3.6.0-3.1+deb12u1

On Thu, 2023-12-21 at 21:48 +, Jonathan Wiltshire wrote: > Control: tag -1 confirmed > > On Thu, Dec 21, 2023 at 10:06:23PM +0100, Salvatore Bonaccorso wrote: > > Can you as well add  a bug closer for #1057455? > > And a brief description of what the vulnerability actually is, please. You >

Bug#1059348: UDD: import/display data from piuparts about dpkg alternatives

Package: qa.debian.org Severity: wishlist User: qa.debian@packages.debian.org Usertags: udd piuparts is extracting data about dpkg alternatives for every package it tests. It would be nice to have the data imported into UDD and the results presented in a CGI on the UDD website.

Bug#1022718: O: ghostscript -- interpreter for the PostScript language and for PDF

retitle 1022718 'ITA: ghostscript -- interpreter for the PostScript language and for PDF' owner 1022718 s...@debian.org done 1036869 signature.asc Description: This is a digitally signed message part.

Bug#1056643: RFS: gtklock/2.1.0-1 [ITP] -- GTK-based lockscreen for wayland

Hi Matthias, On Wed, 2023-12-13 at 23:29 +0100, Matthias Geiger wrote: > copyright looks good now, good work. Minor nitpick: Section should be > x11 since it's a sway-related package. Done. Kind regards, Maytham signature.asc Description: This is a digitally signed message part

Bug#1059347: flashrom doesn't know its own version

Package: flashrom Version: 1.3.0-2.1 Severity: minor I don't know if it's due to an upstream bug, or a problem in the Debian packaging, but flashrom fails to report its own version when asked with --version: > $ flashrom --version > flashrom unknown on Linux 6.5.0-4-amd64 (x86_64) > flashrom is

Bug#1059336: ITP: node-html5-qrcode -- qr-code and bar-code scanning library for the web

On 12/22/23 22:58, Georges Khaznadar wrote: Package: wnpp Severity: wishlist Owner: Georges Khaznadar X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: node-html5-qrcode Version : 2.3.8 Upstream Contact: https://github.com/mebjas/html5-qrcode/issues * URL

Bug#1053334: galera-4: FTBFS because of expired certificates

Sure, this will be fixed (automatically) with uploading latest upstream minor release as stable update, and I intend to do it in coming 1-2 weeks.

Bug#1052740: graphite2: FTBFS: graph_legend.dot:1: error: Problems running dot: exit code=1, command='dot', arguments='"/<>/build/doc/doxygen/html/graph_legend.dot" -Tpng -o "/<

graph_legend.dot should have quotes around the font name references. This is probably a doxygen bug. A workaround would be removing doxygen from Build-Depends and the two doxgen output files from debian/libgraphite2-doc.docs

Bug#1059346: Grub install dummy failed arm64

Package: installation-reportsVersion: 12.0 Machine is a Gigabyte R272 Ampere Altra. Trying to install bookworm. Machine was running bullseye previously. Only storage in the machine is an m2 nvme drive. Using the netinst installer written to a USB thumb drive. Machine boots into Debian

Bug#1059345: bullseye-pu: package libdatetime-timezone-perl/1:2.47-1+2023d

Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: libdatetime-timezone-p...@packages.debian.org Control: affects -1 + src:libdatetime-timezone-perl -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I've uploaded

Bug#1059344: bookworm-pu: package libdatetime-timezone-perl/1:2.60-1+2023d

Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: libdatetime-timezone-p...@packages.debian.org Control: affects -1 + src:libdatetime-timezone-perl -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I've uploaded

Bug#1041311: marked as done (jool: please drop superfluous B-D: dkms)

Sorry, Andreas. As mentioned in the other bug, I struggle to notice these bug reports among the Debian notifications. Removing dkms from Build-Depends results in a Lintian error: E: jool source: missing-build-dependency-for-dh_-command dh_dkms => dkms N: E:

Bug#1057703: Please stop build-depending on mime-support

Sorry; I struggle to notice these bug reports among the Debian notifications. Thank you; I will have this fixed by version 4.1.11, which should be released tomorrow at the latest. On Tue, Dec 12, 2023 at 8:29 AM Charles Plessy wrote: > > Le Thu, Dec 07, 2023 at 08:14:30PM +0900, Charles Plessy

Bug#1042299: libfirefox-marionette-perl: FTBFS: tests fail

Control: block -1 with 1059343 On Fri, 22 Dec 2023 20:35:57 +0100, Santiago Vila wrote: > Hi. I found this bug while rebuilding all packages in bookworm: > https://tests.reproducible-builds.org/debian/rb-pkg/bookworm/amd64/libfirefox-marionette-perl.html > I'm fixing the metadata since it's a

Bug#1059343: bookworm-pu: package libfirefox-marionette-perl/1.35-1+deb12u1

Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: libfirefox-marionette-p...@packages.debian.org Control: affects -1 + src:libfirefox-marionette-perl -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I've uploaded

Bug#1058701: pm-utils: unauthorised and uncommunicated removal

Thorsten Alteholz writes ("Re: pm-utils: unauthorised and uncommunicated removal"): > On Thu, 21 Dec 2023, Ian Jackson wrote: > > I intend to re-upload the last version shortly (and reopen all the > > bug reports). > > Yes, please do so. Thanks. This has now been done. I chose to *not* fix

Bug#1059266: error: cannot verify inline signature

Hi! On Fri, 2023-12-22 at 19:37:16 +0100, Aurelien Jarno wrote: > On 2023-12-22 19:23, Aurelien Jarno wrote: > > This also causes issues on the riscv64 build daemons running sid: > > > > | dupload exit status 9/0 > > | Removed to reupload later. > > | > > | Complete output from dupload: > > |

Bug#1059342: live-build: Can we please install net-tools?

Package: live-build Severity: normal Hi. This is a feature request. Can we please include net-tools in the set of packages we ship with debian-live? It is small, and would make many people's lives easier. I personally use this as a rescue disk, and configuring the network is a common need for such

Bug#1059341: gir1.2-cscreensaver-1.0: contains 900K of GIR XML which shouldn't usually be necessary on end user systems

Package: gir1.2-cscreensaver-1.0 Version: 5.8.1-2 Severity: normal X-Debbugs-Cc: gobject-introspect...@packages.debian.org In addition to the binary typelib (about 50K), gir1.2-cscreensaver-1.0 contains GIR XML (about 900K). This is not right for the conventional way to package

Bug#1058701: pm-utils: unauthorised and uncommunicated removal

On Thu, 21 Dec 2023 21:57:33 -0500, Paul R. Tagliamonte wrote: Thanks for your thoughtful response. And I share your conclusion: > This specific situation seems unfortunate. I have every confidence the > maintainers involved will collaborate in a good faith effort to move > the distro forward.

Bug#1057391: cinnamon and private GIR XML

Here is an attempt at a more comprehensive answer to your questions about correct handling of Cinnamon's private typelibs and private GIR XML. The first thing I should say is that the GObject-Introspection mini-policy (file:///usr/share/doc/gobject-introspection/policy.txt.gz) was written for the

Bug#1058768: [Debian-med-packaging] Bug#1058768: cyvcf2: ftbfs and autopkgtest regression with htslib 1.19

Hi Andreas, Andreas Tille, on 2023-12-21: > I have *not* tested cyvcf2 with htslib 1.19 from experimental thus not > closing this bug. However it builds nicely with htslib 1.18 now and > thus I uploaded to close cython3-legacy related bug #1056799. You did good not closing, I quickly checked

Bug#1059340: libstdc++6:riscv64: stream output for NaN is optimization-dependent

Control: user debian-ri...@lists.debian.org Control: usertag 1059340 + riscv64 Just to be clear, I've only observed this behavior on riscv64.

Bug#1059340: libstdc++6:riscv64: stream output for NaN is optimization-dependent

Package: libstdc++6 Version: 13.2.0-9 Streaming a negative NaN float produces "-nan" with g++ -O0 and "nan" with g++ -O1 or above: $ cat >mwe.cc < // Copyright 2023 Google LLC > // SPDX-License-Identifier: Apache-2.0 > > #include > #include >

Bug#1059339: nv-codec-headers: Version mismatch with nvidia-driver package

Source: nv-codec-headers Version: 12.1.14.0-1 Severity: important Dear Maintainer, After I updated FFmpeg to version 7:6.1-5 hardware accelerated encoding via h264_nvenc stopped working. FFmpeg reports: Driver does not support the required nvenc API version. Required: 12.1 Found: 12.0 [1]

Bug#1059338: Update database config for 15.9 -> 16.0 upgrade (current config is deprecated)

Package: gitlab Version: 16.4.4+ds1-1 severity: important Currently gitlab shows a warning during installation ██ ██  █  ██  ███  ██ ██ ███  ██  ██  ██ ██ ██   ██ ██   ██   ██ ██   ██ ██   ██  █  ██ ███ ██  ██ ██  ██ ██ 

Bug#999975: rdup: depends on obsolete pcre3 library

Control: tags -1 + patch Please find attached a patch -- build-tested after adding -Wno-error to CFLAGS due to #941101. Description: Port to PCRE2. Bug-Debian: https://bugs.debian.org/75 Author: Yavor Doganov Forwarded: no Last-Update: 2023-12-22 --- --- rdup-1.1.15.orig/configure.ac +++

Bug#958682: node-jsonld: Remove dependency to node-request

On Sun, 29 Oct 2023 21:37:08 +0100 Jonas Smedegaard wrote: Yes, I still want to work on node-jsonld - I will make time to look at this soon... yarnpkg 4.0.2 was recently uploaded to unstable, so this and node-matrix-js-sdk are the only remaining reverse dependencies for node-request. We

Bug#1056792: bitshuffle: ftbfs with cython 3.0.x

It seems to me that the FTBFS was not due to cython 3.x but related to this bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054716 now that this bug is solved, can you re run the build for bitshuffle ? Frederic

Bug#1059267: ITP: apt-verify - extend apt's gpgv-based verification mechanism

On Fri, Dec 22, 2023 at 10:54:10AM +0100, Simon Josefsson wrote: > Package: wnpp > Severity: wishlist > Owner: si...@josefsson.org > X-Debbugs-CC: debian-de...@lists.debian.org > > * Package name: apt-verify > Version : 2.0 > Upstream Contact: Simon Josefsson > * URL

Bug#1042299: libfirefox-marionette-perl: FTBFS: tests fail

tags 1042299 - trixie sid tags 1042299 + bookworm thanks Hi. I found this bug while rebuilding all packages in bookworm: https://tests.reproducible-builds.org/debian/rb-pkg/bookworm/amd64/libfirefox-marionette-perl.html I'm fixing the metadata since it's a FTBFS bug. Would be possible to fix

Bug#1059061: libssh: CVE-2023-6004

Hi Martin, On Fri, Dec 22, 2023 at 04:39:46PM +0100, Martin Pitt wrote: > Hello Salvatore, > > Salvatore Bonaccorso [2023-12-22 13:20 +0100]: > > > However, the fix for CVE-2023-6004 caused a regression: > > > https://gitlab.com/libssh/libssh-mirror/-/issues/227 > > > I will monitor this, and

Bug#1056671: closed by Debian FTP Masters (reply to Andreas Tille ) (Bug#1056671: fixed in emmax 0~beta.20100307-4)

Hi Sébastien, Am Fri, Dec 22, 2023 at 07:01:49PM +0100 schrieb Sébastien Villemot: > Unfortunately the updated package won’t build on some architectures > (notably armel), because you put libopenblas-dev as a first alternative > in Build-Depends, and libopenblas-dev is not available on all archs.

Bug#1053334: galera-4: FTBFS because of expired certificates

retitle 1053334 galera-4: FTBFS in bookworm because of expired SSL certificates found 1053334 26.4.13-1 severity 1053334 serious tags 1053334 bookworm thanks Hello. I found about this bug during a rebuild of all packages in bookworm. Could you please fix this in bookworm as well? Packages in

Bug#1059337: RM: node-request-capture-har -- ROM; wrapper around deprecated node-request

Package: ftp.debian.org Severity: normal User: ftp.debian@packages.debian.org Usertags: remove X-Debbugs-Cc: node-request-capture-...@packages.debian.org Control: affects -1 + src:node-request-capture-har Control: block 1002901 by -1 Affected by rc bug #1002901 (yarnpkg no longer depend on

Bug#1058863: libqwt-qt5-dev: invalid conversion from ‘int’ to ‘QwtPlotLayout::Option’

Hi Yadd I could not find ovito in Debian. Are you packaging it? If so, can you please provide me a link? Qwt version 6.2.0 is in experimental and I would like to get it into unstable ASAP but it will unfortunately take some time. Regards Gudjon

Bug#1059336: ITP: node-html5-qrcode -- qr-code and bar-code scanning library for the web

Package: wnpp Severity: wishlist Owner: Georges Khaznadar X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: node-html5-qrcode Version : 2.3.8 Upstream Contact: https://github.com/mebjas/html5-qrcode/issues * URL : https://github.com/mebjas/html5-qrcode *

Bug#1059286: cacti: CVE-2023-46490

Hi, On 22-12-2023 13:17, Moritz Mühlenhoff wrote: There's also a reference for https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c but it's noin-public for two months now, might be worth checking with upstream for the status. Upstream confirmed they are working on an

Bug#1059266: error: cannot verify inline signature

On 2023-12-22 19:23, Aurelien Jarno wrote: > control: reopen -1 > > Hi, > > On 2023-12-22 12:16, Guillem Jover wrote: > > Hi! > > > > On Fri, 2023-12-22 at 10:53:18 +0100, Christian Marillat wrote: > > > Package: dupload > > > Version: 2.10.4 > > > Severity: grave > > > > > This version fail

Bug#1059266: error: cannot verify inline signature

control: reopen -1 Hi, On 2023-12-22 12:16, Guillem Jover wrote: > Hi! > > On Fri, 2023-12-22 at 10:53:18 +0100, Christian Marillat wrote: > > Package: dupload > > Version: 2.10.4 > > Severity: grave > > > This version fail to check a signature. Work fine with 2.10.3 > > > > , > > | $

Bug#1055024: cryptsetup-initramfs changes crypttab entries order when generating initramfs

On Sun, Oct 29, 2023 at 03:10:18PM +0100, Nicolas Melot wrote: > This is a repost of the same bug report I submitted to Ubuntu maintainers on > https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/2031499 and that > seems to have been left as is. I am now hitting the same issue on Debian >

Bug#983291: [Pkg-fonts-devel] Bug#983291: Default font: Transition from DejaVu to Noto

Quoting dr. ir. Tjeerd J. Pinkert (2023-12-22 17:48:09) > Dear Fabian, List, > > thanks for packaging fonts for Debian. > > On Mon, 18 Sep 2023 13:28:36 +0200 Fabian Greffrath > wrote: > > > If I recall it correctly, the primary suggestion in that bug report > > > is to split fonts-noto-core

Bug#1056671: closed by Debian FTP Masters (reply to Andreas Tille ) (Bug#1056671: fixed in emmax 0~beta.20100307-4)

Thanks Andreas for uploading a fixed package. Unfortunately the updated package won’t build on some architectures (notably armel), because you put libopenblas-dev as a first alternative in Build-Depends, and libopenblas-dev is not available on all archs. One should put libblas-dev as the first

Bug#1030223: gobject-introspection mini-policy: separate GIR XML from -dev package to make cross-compilation possible?

On Wed, 01 Feb 2023 at 10:39:30 +, Simon McVittie wrote: > I think this would require changes to dependent packages if they make > use of the GIR XML (because build-depending on libflatpak-dev would > no longer be enough, and it would also be necessary to build-depend on >

Bug#1059335: librandombytes-dev has an undeclared file conflict on /usr/lib/x86_64-linux-gnu/librandombytes.a

Package: librandombytes-dev Version: 0~20230919-3 Severity: serious User: debian...@lists.debian.org Usertags: fileconflict Control: affects -1 + libnacl-dev librandombytes-dev has an undeclared file conflict. This may result in an unpack error from dpkg. The file

Bug#1058937: /usr-move: Do we support upgrades without apt?

Hi Matthew, On Thu, Dec 21, 2023 at 02:42:56PM +, Matthew Vernon wrote: > On 21/12/2023 09:41, Helmut Grohne wrote: > > > Is it ok to call upgrade scenarios failures that cannot be reproduced > > using apt unsupported until we no longer deal with aliasing? Let me thank David for clarifying

Bug#1059171: firefox-esr: Firefox freezes after upgrade from 115.5 to 115.6.0esr-1~deb12u1

Le 20/12/2023 à 23:10, Mike Hommey a écrit : Which process specifically is using the CPU? The process is firefox-esr Does it happen if you use 115.6.0esr from upstream[1]? 1.https://archive.mozilla.org/pub/firefox/releases/115.6.0esr/linux-x86_64/en-US/firefox-115.6.0esr.tar.bz2 Yes. I

Bug#1058701: pm-utils: unauthorised and uncommunicated removal

Hi. Thanks for your nice email. Thorsten Alteholz writes ("Re: pm-utils: unauthorised and uncommunicated removal"): > this is sad. The RM bug appeared on the tracker page of the package, in > your packages overview, on the ftpmaster removals page (or on the bug > page). It was also sent to

Bug#1059267: ITP: apt-verify - extend apt's gpgv-based verification mechanism

On Fri, Dec 22, 2023 at 10:54:10AM +0100, Simon Josefsson wrote: > * Package name: apt-verify It is bad enough that apt-* is a free for all name grab outside of the Debian archive, I would very much prefer if we would not encourage it inside Debian at least… Especially as this has zero

Bug#1059334: python-bytecode fails it's autopkg tests

Package: src:python-bytecode Version: 0.15.1-2 Severity: serious Tags: sid trixie python-bytecode fails it's autopkg tests: [...] 57s autopkgtest [00:42:21]: test pybuild-autopkgtest: pybuild-autopkgtest 57s autopkgtest [00:42:21]: test pybuild-autopkgtest: [--- 57s dh

Bug#1039990: [Pkg-javascript-devel] Bug#1039990: Bug#1039990: nodejs: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590

On Fri, Dec 22, 2023 at 05:47:20PM +0100, Jérémy Lal wrote: > Le jeu. 21 déc. 2023 à 23:30, Jérémy Lal a écrit : > > > > > > > Le jeu. 21 déc. 2023 à 20:34, Moritz Mühlenhoff a écrit : > > > >> Am Thu, Dec 21, 2023 at 11:29:12AM +0100 schrieb Jérémy Lal: > >> > Le jeu. 21 déc. 2023 à 10:54,

Bug#1000014: mydumper: depends on obsolete pcre3 library

Control: tags -1 + patch Please find attached a patch; build-tested only. Description: Port to PCRE2. Bug-Debian: https://bugs.debian.org/114 Author: Yavor Doganov Forwarded: no Last-Update: 2023-12-22 --- --- mydumper-0.10.1.orig/cmake/modules/FindPCRE.cmake +++

Bug#1059329: cinnamon-desktop-environment: dependency on noto-font installs too many fonts, fontlist exploded.

Dear Fabio, thanks for the quick reply. OK, so that is one issue less... then please close this bug? I also made a reply to the fonts-noto main package. Both the exploding fontlist and difficult deinstallation are discussed there in threads:

Bug#983291: Default font: Transition from DejaVu to Noto

Dear Fabian, List, thanks for packaging fonts for Debian. On Mon, 18 Sep 2023 13:28:36 +0200 Fabian Greffrath wrote: > If I recall it correctly, the primary suggestion in that bug report > is to split fonts-noto-core into an LCG and an "other" package. I have created a MR to implement this:

Bug#1059333: mirage: Please disable LTO

Source: mirage Version: 0.11.1-1 Severity: wishlist Tags: patch X-Debbugs-Cc: sudipm.mukher...@gmail.com Dear Maintainer, Please disable LTO for the issue at https://gitlab.com/thomasross/mirage/-/issues/24. The attached patch will disable LTO. -- Regars Sudip diff --git a/debian/rules

Bug#1059332: bridge-utils: Using tokenized interface identifiers with bridge-utils ifupdown via /etc/network/interfaces fails

Package: bridge-utils Version: 1.7.1-1 Severity: normal Issue = Using "ip token", a command to specify a fixed Interface ID for IPv6 addressing, fails with bridges in Debian Bookworm, as the token needs to be set in between interface creation and taking the interface up.

Bug#1039990: [Pkg-javascript-devel] Bug#1039990: Bug#1039990: nodejs: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590

Le jeu. 21 déc. 2023 à 23:30, Jérémy Lal a écrit : > > > Le jeu. 21 déc. 2023 à 20:34, Moritz Mühlenhoff a écrit : > >> Am Thu, Dec 21, 2023 at 11:29:12AM +0100 schrieb Jérémy Lal: >> > Le jeu. 21 déc. 2023 à 10:54, Moritz Muehlenhoff a >> écrit : >> > >> > > On Thu, Dec 21, 2023 at 06:43:35AM

Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2

Control: tag -1 - moreinfo Hi, On Thu, 21 Dec 2023 at 21:59:40 +, Jonathan Wiltshire wrote: > On Mon, Dec 18, 2023 at 02:10:20PM +0100, Guilhem Moulin wrote: >> [ Reason ] >> >> 1. cryptsetup-suspend 2:2.6.1-4~deb12u1 was found incompatible with >> systemd 254.1-3 and later, in particular

Bug#1055509: diversions of /sbin/halt and friends

On Fri, Dec 22, 2023 at 12:30:04PM +0100, Helmut Grohne wrote: > My patch for progress-linux-container and bfh-container fails to remove > /usr/lib/container on package removal. This probably breaks piuparts. I > am attaching a followup patch. This defect is unrelated to the /usr-move > as far as

Bug#1059329: cinnamon-desktop-environment: dependency on noto-font installs too many fonts, fontlist exploded.

Hi, this was already reported by other people and fixed in 5.8.0 (that is in unstable/testing) moving fonts-noto from deps to recommends. I was thinking if it might be useful to further reduce the default installation (with recommended) by replacing fonts-noto with fonts-noto-core, but I

Bug#1054189: bullseye-pu: package debian-security-support/1:11+2023.10.17

On Thu, Dec 21, 2023 at 08:59:31PM +, Jonathan Wiltshire wrote: > > I've updated this update request for adding 3 more lines to > > security-support-ended.deb11 (and updating d/changelog) > Please go ahead. thanks, uploaded. -- cheers, Holger ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁

Bug#1059331: spip: XSS issue fixed in 4.1.13 upstream

Source: spip Version: 4.1.12+dfsg-1 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Control: fixed -1 4.1.13+dfsg-1 Control: found -1 4.1.9+dfsg-1+deb12u2 Control: found -1 3.2.11-3+deb11u9 Filling a bug for tracking (as otherwise beeing a

Bug#1059061: libssh: CVE-2023-6004

Hello Salvatore, Salvatore Bonaccorso [2023-12-22 13:20 +0100]: > > However, the fix for CVE-2023-6004 caused a regression: > > https://gitlab.com/libssh/libssh-mirror/-/issues/227 > > I will monitor this, and include the fix in the security upload once it is > > available (or presumably they'll

Bug#1059330: transition: shapelib

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition X-Debbugs-Cc: shape...@packages.debian.org Control: affects -1 + src:shapelib Control: forwarded -1 https://release.debian.org/transitions/html/auto-shapelib.html Shapelib 1.6.0 bumps

Bug#1059329: cinnamon-desktop-environment: dependency on noto-font installs too many fonts, fontlist exploded.

Package: cinnamon-desktop-environment Version: 5.6.0 Severity: whishlist X-Debbugs-Cc: t.j.pink...@alumnus.utwente.nl Dear Maintainer, to have several desktop environments available on my computer, I installed the cinnamon desktop environment. This package has a hard dependency on the noto-font

Bug#1059326: Workaround

In case someone out there is stuck real bad with this bug in bookworm, here's a very nasty workaround for which I of course decline all responsibility: $ mkdir /usr/share/fonts/type1/gsfonts $ ln -sf /usr/share/fonts/X11/Type1/C059-Roman.pfb /usr/share/fonts/type1/gsfonts/n021003l.pfb

Bug#1059328: ITP: trml2pdf -- implementation of RML (Report Markup Language) from ReportLab

Package: wnpp Severity: wishlist Owner: Georges Khaznadar X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: trml2pdf Version : 0.6 Upstream Contact: Roman Lyashov * URL : https://github.com/romanlv/trml2pdf * License : LGPL2+ Programming Lang:

Bug#1059326: fixed in 4.0.8-1

Control: fixed 1059326 4.0.8-1 The earliest fixed version is most likely between 4.0.4-7 and 4.0.4-11. Cheers, -- Seb

Bug#1059245: gdm3: GDM3 fails to start on Wayland, maybe due to org.freedesktop.systemd1 failing to activate

On Fri, 22 Dec 2023 at 03:23:21 +0100, Olivier Mehani wrote: > GDM3 doesn't seem to be able to start a Wayland session (nor a fallback Xorg > session, but I'm less concerned about this, and this seems to be a > separate permission issue). That's a valid bug, let's leave your report open for

Bug#1057750: ciso: Please update to ciso 1.0.2

Sorry for the late reply. I'd be happy to co-maintain ciso. Thanks! The patch was taken from upstream, so I'm not sure why you're getting failures. I'll take a closer look hopefully in the near future. Perhaps the ciso packaging you have on your system has changes that aren't in the archive

Bug#1053873: cronie: Crond with high load after 19-01-2038

Control: tags 1053873 = wontfix I hope Debian will find all 32bit problems in the new versions, because there will be more people want to use it. We have a world wide problem in 2038. All old unix (like) systems will fail because the signed value of unix will cause programs in all layers to

Bug#1059326: python3-reportlab: Can't set standard fonts

Package: python3-reportlab Version: 3.6.12-1 Severity: normal Control: notfound -1 4.0.8-1 Control: found -1 3.6.12-1 This is the same type of issue as archived bug https://bugs.debian.org/1029683, and I'm filing this new one to make it clear python3-reportlab in bookworm is affected. Here's a

Bug#1059325: bash: printf does not recognise numeric constants with explicit base 10

Package: bash Version: 5.2.21-2 Severity: normal X-Debbugs-Cc: none, Francesco Potortì $ bash --version GNU bash, version 5.2.21(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2022 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This

Bug#1056681: build-depends on atlas, which is obsolete and scheduled for removal

Control: tags -1 + patch Hi Andreas, Le mercredi 29 novembre 2023 à 11:53 +0100, Andreas Tille a écrit : > Control: tags -1 help > > [Ritika Ramani in CC to inform that Debian tries to get rid of Atlas > which also affects phast. see https://bugs.debian.org/1056681] > > Hi, > > I tried to

Bug#942274: uscan: handling several levels of http links

On Sun, 13 Oct 2019 18:36:51 +0200 Samuel Thibault wrote: > Package: devscripts > Version: 2.19.6 > Severity: wishlist > > Hello, > > For the hwloc package, there is on single webpage that references all > releases. > [...] > > But this doesn't seem supported. Am I missing something or is

Bug#1059324: subversion: "svn revert -R" signals reverted files with no changes

Package: subversion Version: 1.14.2-5+b1 Severity: important I get the following: qaa% svn st M config.dat M dpkg-l M grub.cfg M mutt-v M postconf M selections M version.out qaa% svn pl -v etc/apache2/mods-available/dnssd.conf Properties on

Bug#1059323: mount.cifs fails to mount a share which smbclient can access all right

Package: cifs-utils Version: 2:7.0-2 We have one share here which can be opened by smbclient, but not mounted using mount.cifs: smbclient -A ~alain/.smbcredentials-admin //work03.gouv.etat.lu/aev => succeeds # mount.cifs -o credentials=/home/alain/.smbcredentials-admin

Bug#1059321: ITP: pylabels -- python library for creating PDFs to print sheets of labels

Package: wnpp Severity: wishlist Owner: Georges Khaznadar X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: pylabels Version : 1.2.1 Upstream Contact: Blair Bonnett * URL : https://pypi.org/project/pylabels/ * License :

Bug#1059322: zfs-linux: CVE-2013-20001

Source: zfs-linux X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for zfs-linux. CVE-2013-20001[0]: | An issue was discovered in OpenZFS through 2.0.3. When an NFS share | is exported to IPv6 addresses via the sharenfs

Bug#1059320: libitext5-java: CVE-2021-37819

Source: libitext5-java X-Debbugs-CC: t...@security.debian.org Severity: normal Tags: security Hi, The following vulnerability was published for PDfReader, which is embedded in libitext5-java. CVE-2021-37819[0]: | PDF Labs pdftk-java v3.2.3 was discovered to contain an infinite | loop via the

Bug#1059319: libitext1-java: CVE-2021-37819

Source: libitext1-java X-Debbugs-CC: t...@security.debian.org Severity: normal Tags: security Hi, The following vulnerability was published for PdfReader, which is embedded in libitext1-java. CVE-2021-37819[0]: | PDF Labs pdftk-java v3.2.3 was discovered to contain an infinite | loop via the

Bug#1059318: libitext-java: CVE-2021-37819

Source: libitext-java X-Debbugs-CC: t...@security.debian.org Severity: normal Tags: security Hi, The following vulnerability was published for PdfReader, which is embedded by libitext-java. CVE-2021-37819[0]: | PDF Labs pdftk-java v3.2.3 was discovered to contain an infinite | loop via the

Bug#1059317: r-cran-jsonlite: CVE-2023-33460

Source: r-cran-jsonlite X-Debbugs-CC: t...@security.debian.org Severity: normal Tags: security Hi, The following vulnerability was published for yajl, which is embedded by r-cran-jsonlite: CVE-2023-33460[0]: | There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse | function. which

Bug#1059316: epics-base: CVE-2023-33460

Source: epics-base X-Debbugs-CC: t...@security.debian.org Severity: normal Tags: security Hi, The following vulnerability was published for yajl, which is embedded by epics-base: CVE-2023-33460[0]: | There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse | function. which will cause

Bug#1059315: tinyxml: CVE-2023-34194 CVE-2023-40462 CVE-2023-40458

Source: tinyxml X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, https://www.forescout.com/resources/sierra21-vulnerabilities mentions three security issues in Tinyxml: CVE-2023-34194[0]: | StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in | TinyXML

Bug#1059314: imagemagick-6.q16: please update "Suggests: imagemagick-doc" to imagemagick-6-doc

Package: imagemagick-6.q16 Version: 8:6.9.12.98+dfsg1-4 Severity: serious The imagemagick-doc package is not longer built and has been replaced by imagemagick-6-doc. So the "Suggests" should be updated. Note that the current Suggests can prevent installations/upgrades if suggested packages are

Bug#1059313: libxml-security-java: CVE-2023-44483

Source: libxml-security-java X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for libxml-security-java. CVE-2023-44483[0]: | All versions of Apache Santuario - XML Security for Java prior to | 2.2.6, 2.3.4, and 3.0.3, when

Bug#1059312: libcrypto++: CVE-2023-50981

Source: libcrypto++ X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for libcrypto++. CVE-2023-50981[0]: | ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows | attackers to cause a denial of service (infinite

Bug#1059311: libcrypto++: CVE-2023-50980

Source: libcrypto++ X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for libcrypto++. CVE-2023-50980[0]: | gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers | to cause a denial of service (application crash)

Bug#1059310: libcrypto++: CVE-2023-50979

Source: libcrypto++ X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for libcrypto++. CVE-2023-50979[0]: | Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel | during decryption with PKCS#1 v1.5 padding.

Bug#1059309: libcrypto++: CVE-2022-48570

Source: libcrypto++ X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for libcrypto++. CVE-2022-48570[0]: | Crypto++ through 8.4 contains a timing side channel in ECDSA | signature generation. Function

Bug#1059308: python-cryptography: CVE-2023-50782

Source: python-cryptography X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for python-cryptography. CVE-2023-50782[0]: Bleichenbacher timing oracle attack against RSA decryption - incomplete fix for CVE-2020-25659

Bug#1059307: ring: CVE-2023-38703

Source: ring X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for pjsig, which is bundled in ring: CVE-2023-38703[0]: | PJSIP is a free and open source multimedia communication library | written in C with high level API in C,

  1   2   >