Bug#780094: pre-unblock: virtualbox/4.3.18-dfsg-3, virtualbox-guest-additions-iso 4.3.18-2

[Ritesh Raj Sarraf]

On Friday 13 March 2015 01:36 AM, Niels Thykier wrote:
>> > unblock virtualbox/4.3.18-dfsg-3
>> > unblock virtualbox-guest-additions-iso/4.3.18-2 
>> > 
>> > 
> Ack, go ahead and upload this to unstable.  Please remove the moreinfo
> tag once it has been uploaded.
Thanks Gianfranco.

I'm building it now and should be able to upload in a couple of hours.

-- 
Ritesh Raj Sarraf
RESEARCHUT - http://www.researchut.com
"Necessity is the mother of invention."



signature.asc
Description: OpenPGP digital signature

Bug#780383: libopensaml2-java: CVE-2015-1796

[Salvatore Bonaccorso]

Source: libopensaml2-java
Version: 2.6.2-1
Severity: grave
Tags: security upstream fixed-upstream

Hi,

the following vulnerability was published for libopensaml2-java. Note
that I don't know libopensaml2-java well enough, so could you assess
if this affeccts Debian as well, and if the severity is approriate (if
not please feel free to downgrade it). Information follows:

CVE-2015-1796[0]:
PKIX Trust Engines Exhibit Critical Flaw In Trusted Names Evaluation

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2015-1796
[1] http://shibboleth.net/community/advisories/secadv_20150225.txt

Regards,
Salvatore


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#397632: gpart should not be little endian specific

[Baruch Even]

In the v0.2 branch I tried to fix such issues by collating patches from the
various distributions. If there are still issues of endianes they should be
reported and fixed.


I believe there are no such issues right now but have no ability to test it
all myself.

Thanks,
Baruch

Bug#636814: Issue should be fixed

[Baruch Even]

With the v0.2 branch I tried to fix such issues, I believe all should be
fixed and this bug report retested and closed.

Baruch

Bug#780384: nmtui: hangs sometimes after activating a connection

[Paul Wise]

Package: network-manager
Version: 1.0.0-3
Severity: normal
File: /usr/bin/nmtui

nmtui sometimes hangs after activating a connection, Ctrl+C doesn't kill
it, I have to switch to another terminal to do so.

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (900, 'testing'), (890, 'buildd-testing-proposed-updates'), (800, 
'unstable'), (790, 'buildd-unstable'), (700, 'experimental'), (690, 
'buildd-experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages network-manager depends on:
ii  adduser3.113+nmu3
ii  dbus   1.8.16-1
ii  init-system-helpers1.22
ii  isc-dhcp-client4.3.1-6
ii  libbluetooth3  5.23-2+b1
ii  libc6  2.19-15
ii  libdbus-1-31.8.16-1
ii  libdbus-glib-1-2   0.102-1
ii  libgcrypt201.6.3-2
ii  libglib2.0-0   2.42.1-1
ii  libgnutls-deb0-28  3.3.8-6
ii  libgudev-1.0-0 215-12
ii  libmm-glib01.4.0-1
ii  libndp01.4-2
ii  libnewt0.520.52.17-1+b1
ii  libnl-3-2003.2.24-2
ii  libnl-genl-3-200   3.2.24-2
ii  libnl-route-3-200  3.2.24-2
ii  libnm0 1.0.0-3
ii  libpam-systemd 215-12
ii  libpolkit-agent-1-00.105-8
ii  libpolkit-gobject-1-0  0.105-8
ii  libreadline6   6.3-8+b3
ii  libsoup2.4-1   2.48.0-1
ii  libsystemd0215-12
ii  libteamdctl0   1.12-1
ii  libuuid1   2.25.2-5
ii  lsb-base   4.1+Debian13+nmu1
ii  policykit-10.105-8
ii  udev   215-12
ii  wpasupplicant  2.3-1

Versions of packages network-manager recommends:
ii  crda3.13-1
ii  dnsmasq-base2.72-3
ii  iptables1.4.21-2+b1
ii  iputils-arping  3:20121221-5+b2
ii  modemmanager1.4.0-1
ii  ppp 2.4.6-3

Versions of packages network-manager suggests:
ii  avahi-autoipd  0.6.31-4+b2
pn  libteam-utils  

-- no debconf information

-- 
bye,
pabs

https://wiki.debian.org/PaulWise



signature.asc
Description: This is a digitally signed message part

Bug#780094: pre-unblock: virtualbox/4.3.18-dfsg-3, virtualbox-guest-additions-iso 4.3.18-2

[Gianfranco Costamagna]

thanks! I updated also the master branch of both virtualbox and guest additions 
with the jessie changelogs :)



thanks a lot for caring!

Gianfranco


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780385: ecryptfs-utils: CVE-2014-9687

[Moritz Muehlenhoff]

Package: ecryptfs-utils
Severity: grave
Tags: security
Justification: user security hole

This has been assigned CVE-2014-9687:
http://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/839

Cheers,
Moritz


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#725301: suricata: init script looking for unexisting /proc/net/netfilter/nf_queue

[Arturo Borrero Gonzalez]

tags confirmed
thanks

On Thu, 12 Mar 2015 20:51:22 +0100 Florian Ernst  wrote:
> # still present in jessie
> found 725301 2.0.6-3
> # and preventing daemon startup in the default configuration, thus marking as 
> grave
> severity 725301 grave
> thanks
>

Thanks Frederik.

I'm working on a fix.

best regards.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780386: missing Depends

[Harald Dunkel]

Package: freeipa-server
Version: 4.0.5-3

Failure:
root@ldap0:~# ipa-server-install 

The log file for this installation can be found in 
/var/log/ipaserver-install.log
==
This program will set up the FreeIPA Server.

This includes:
  * Configure a stand-alone CA (dogtag) for certificate management
  * Configure the Network Time Daemon (ntpd)
  * Create and configure an instance of Directory Server
  * Create and configure a Kerberos Key Distribution Center (KDC)
  * Configure Apache (httpd)

To accept the default shown in brackets, press the Enter key.

Unexpected error - see /var/log/ipaserver-install.log for details:
OSError: [Errno 2] No such file or directory
root@ldap0:~# cat /var/log/ipaserver-install.log
2015-03-13T08:05:14Z DEBUG Loading StateFile from 
'/var/lib/ipa/sysrestore/sysrestore.state'
2015-03-13T08:05:14Z DEBUG Loading Index file from 
'/var/lib/ipa/sysrestore/sysrestore.index'
2015-03-13T08:05:14Z DEBUG httpd is not configured
2015-03-13T08:05:14Z DEBUG kadmin is not configured
2015-03-13T08:05:14Z DEBUG dirsrv is not configured
2015-03-13T08:05:14Z DEBUG pki-cad is not configured
2015-03-13T08:05:14Z DEBUG pki-tomcatd is not configured
2015-03-13T08:05:14Z DEBUG install is not configured
2015-03-13T08:05:14Z DEBUG krb5kdc is not configured
2015-03-13T08:05:14Z DEBUG ntpd is not configured
2015-03-13T08:05:14Z DEBUG named is not configured
2015-03-13T08:05:14Z DEBUG ipa_memcached is not configured
2015-03-13T08:05:14Z DEBUG filestore is tracking no files
2015-03-13T08:05:14Z DEBUG Loading Index file from 
'/var/lib/ipa-client/sysrestore/sysrestore.index'
2015-03-13T08:05:14Z DEBUG /usr/sbin/ipa-server-install was invoked with 
options: {'reverse_zone': None, 'setup_pkinit': True, 'mkhomedir': False, 
'create_sshfp': True, 'conf_sshd': True, 'conf_ntp': True, 'subject': None, 
'no_forwarders': False, 'ui_redirect': True, 'domain_name': None, 'idmax': 0, 
'hbac_allow': False, 'no_reverse': False, 'dirsrv_pkcs12': None, 'unattended': 
False, 'pkinit_pkcs12': None, 'trust_sshfp': False, 'external_ca_file': None, 
'no_host_dns': False, 'http_pkcs12': None, 'realm_name': None, 'forwarders': 
None, 'idstart': 177980, 'external_ca': False, 'ip_address': None, 
'conf_ssh': True, 'zonemgr': None, 'root_ca_file': None, 'setup_dns': False, 
'host_name': None, 'debug': False, 'external_cert_file': None, 'uninstall': 
False, 'pkinit_pin': None}
2015-03-13T08:05:14Z DEBUG missing options might be asked for interactively 
later

2015-03-13T08:05:14Z DEBUG IPA version 4.0.5
2015-03-13T08:05:14Z DEBUG Loading Index file from 
'/var/lib/ipa/sysrestore/sysrestore.index'
2015-03-13T08:05:14Z DEBUG Loading StateFile from 
'/var/lib/ipa/sysrestore/sysrestore.state'
2015-03-13T08:05:14Z DEBUG Starting external process
2015-03-13T08:05:14Z DEBUG args='/bin/systemctl' 'is-enabled' 'chronyd.service'
2015-03-13T08:05:14Z DEBUG Process execution failed
2015-03-13T08:05:14Z DEBUG   File 
"/usr/lib/python2.7/dist-packages/ipaserver/install/installutils.py", line 639, 
in run_script
return_value = main_function()

  File "/usr/sbin/ipa-server-install", line 814, in main
ipaclient.ntpconf.check_timedate_services()

  File "/usr/lib/python2.7/dist-packages/ipaclient/ntpconf.py", line 183, in 
check_timedate_services
if instance.is_enabled() or instance.is_running():

  File "/usr/lib/python2.7/dist-packages/ipaplatform/base/services.py", line 
321, in is_enabled
self.service_instance(instance_name)])

  File "/usr/lib/python2.7/dist-packages/ipapython/ipautil.py", line 321, in run
preexec_fn=preexec_fn)

  File "/usr/lib/python2.7/subprocess.py", line 710, in __init__
errread, errwrite)

  File "/usr/lib/python2.7/subprocess.py", line 1335, in _execute_child
raise child_exception

2015-03-13T08:05:14Z DEBUG The ipa-server-install command failed, exception: 
OSError: [Errno 2] No such file or directory
2015-03-13T08:05:14Z DEBUG Restoring system configuration file '/etc/hosts'
root@ldap0:~# ls -al 
/usr/lib/python2.7/dist-packages/ipaserver/install/installutils.py^C
root@ldap0:~# systemctl
-bash: systemctl: command not found


Regards
Harri


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780295: linux-image-3.19.0-trunk-amd64: net bridge devices no longer brought up correctly

[Bastian Blank]

On Wed, Mar 11, 2015 at 07:47:53PM +0100, Christoph Anton Mitterer wrote:
> Since I've upgraded from 3.16 from sid to 3.19 from experimental
> libvirtd gives me an error when starting virtual networks (vibr1
> and so on, which are set up as bridge devices via dnsmasq.

How is vibr1 defined in /etc/network/interfaces?

> The message is that the device already exists.

Which is a true message.

> What happens is apparently the following:
> The tun modules is not (no longer?) auto-loaded by the kernel
> and a vibrX device is set up but not fully working.

So this is actually a missing error cleanup somewhere.

> So either there's some regression in the kernel that the module
> is no longer auto-loaded... or one of the using packages
> (libvirtd, dnsmasq, etc.) should do so but doesn't.

No, it is not a problem with the kernel.  The ability to autoload
modules was restricted as it was the source of nasty surprises.

Bastian

-- 
Schshschshchsch.
-- The Gorn, "Arena", stardate 3046.2


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780387: unburden-home-dir: should /run/user be the default

[Ritesh Raj Sarraf]

Package: unburden-home-dir
Version: 0.3.3
Severity: normal

Thanks for writing this tool. While configuring it, this thought came in mind.

/tmp is very generic a location for many things. Should uhd use something more 
uncommon? Like /run/user ??

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.19.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IN, LC_CTYPE=en_IN (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages unburden-home-dir depends on:
ii  dpkg  1.17.24
ii  libconfig-file-perl   1.50-2
ii  libfile-basedir-perl  0.03-1
ii  libfile-rsync-perl0.43-1
ii  libfile-touch-perl0.09-1
ii  libfile-which-perl1.09-1
ii  perl  5.20.2-2

Versions of packages unburden-home-dir recommends:
ii  lsof4.86+dfsg-1
ii  x11-common  1:7.7+7

Versions of packages unburden-home-dir suggests:
pn  agedu   
pn  autotrash   
pn  bleachbit   
pn  corekeeper  
ii  eatmydata   82-6
ii  filelight   4:4.14.2-1
pn  fslint  
pn  tmpreaper   

-- Configuration Files:
/etc/unburden-home-dir.list changed:
m D .cache cache
m D .thumbnails thumbnails
m D .ccache ccache
m f .config/google-chrome/*/Thumbnails google-chrome-thumbnails-%1
m f .config/google-chrome/*/Thumbnails-journal 
google-chrome-thumbnails-journal-%1
m f .config/chromium/*/Thumbnails google-chrome-thumbnails-%1
m f .config/chromium/*/Thumbnails-journal google-chrome-thumbnails-journal-%1
m d .mozilla/default/*/Cache mozilla-default-cache-%1
m d .mozilla/default/*/startupCache mozilla-default-startup-cache-%1
m d .mozilla/firefox/*/Cache firefox-cache-%1
m d .mozilla/firefox/*/startupCache firefox-startup-cache-%1
m d .mozilla/firefox/*/Cache.Trash firefox-cache-trash-%1
m d .conkeror.mozdev.org/conkeror/*/Cache conkeror-cache-%1
m d .conkeror.mozdev.org/conkeror/*/startupCache conkeror-startup-cache-%1
m d .conkeror.mozdev.org/conkeror/*/Cache.Trash conkeror-cache-trash-%1
m d .kazehakase/mozilla/kazehakase/Cache kazehakase-cache
m d .galeon/mozilla/galeon/Cache galeon-cache
m d .gnome2/epiphany/mozilla/epiphany/Cache epiphany-cache
m d .xxxterm/cache xxxterm-cache
m d .forg/cache forg-cache
m d .opera/cache opera-cache
m d .opera/cache4 opera-cache4
m d .opera/opcache opera-opcache
m d .opera/cacheOp opera-cacheOp
m d .config/qupzilla/profiles/*/networkcache qupzilla-cache-%1
m d .thunderbird/*/Cache thunderbird-cache-%1
m d .mozilla-thunderbird/*/Cache debian-thunderbird-cache-%1
m d .icedove/*/Cache icedove-cache-%1
m d .buzzbird/*/Cache buzzbird-cache
m f .aptitude/cache aptitude-cache
m d .wesnoth*/cache wesnoth%1-cache
m d .gaia/cache gaia-cache
m d .googleearth/Cache google-earth-cache
m d .java/deployment/cache java-deployment-cache
m d .adobe/Acrobat/*/Cache adobe-acrobat-%1-cache
m d .shotwell/thumbs shotwell-thumbs
m D .sxiv sxiv-thumbs
m D .devscripts_cache devscripts_cache
r D .Trash trash
r D .local/Trash local-trash


-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780388: RM: trafficserver/5.0.1-1

[Arnaud Fontaine]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm

Hello,

Considering that trafficserver is currently  affected by 3 security bugs
(CVE-2014-3624, CVE-2014-10022  (#778895) and #749846) fixed  in Sid but
which was  not uploaded on time  to testing before the  freeze, and that
these bugs cannot be easily fixed, it would probably be better to remove
it  from  testing   as  suggested  by  Arno  Töll,   the  maintainer  of
trafficserver, on #778895:

  "However, the Release  Team was uncomfortable to  unblock that package
  (cf.  #769689).   I'm afraid, that we  better ask for removal  of that
  package  in  Testing  rather  than  bothering with  it,  as  we  -  as
  maintainers -  cannot guarantee for  the security of it  already, even
  less so over the lifespan of  a Debian Release, and upstream is moving
  faster than us."

Thanks in advance.

Regards,
-- 
Arnaud Fontaine


signature.asc
Description: PGP signature

Bug#780390: v86d: segfault in libc

[Giuseppe Bilotta]

Package: v86d
Version: 0.1.10-1
Severity: normal

I've recently noticed this message in my early dmesg boot:

[1.594636] v86d[160]: segfault at 7ffd29b9f3e0 ip 7f66ca1f6e64 sp 
7ffc29bb02f8 error 4 in libc.so.6[7f66ca175000+19f000]

I'm honestly not sure when it started happening though. The system
doesn't seem to be otherwise affected, AFAICS.

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages v86d depends on:
ii  libc6 2.19-15
ii  libx86-1  1.1+ds1-10

Versions of packages v86d recommends:
ii  initramfs-tools  0.119

v86d suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780346: linux-image-3.16.0-4-686-pae: Unknown problem on new kernel version causes several errors on boot

[Bastian Blank]

Control: severity -1 important

On Thu, Mar 12, 2015 at 08:57:16AM -0400, Tiago Saboga wrote:
> Mar 11 19:41:56 piolho kernel: ata1.00: exception Emask 0x0 SAct 0x70 SErr 
> 0x0 action 0x6 frozen
> Mar 11 19:41:56 piolho kernel: ata1.00: failed command: READ FPDMA QUEUED
> Mar 11 19:41:56 piolho kernel: ata1.00: cmd 
> 60/a0:20:48:be:da/00:00:09:00:00/40 tag 4 ncq 81920 in
> res 
> 40/00:00:00:00:00/00:00:00:00:00/00 Emask 0x4 (timeout)
> Mar 11 19:41:56 piolho kernel: ata1.00: status: { DRDY }
> Mar 11 19:41:56 piolho kernel: ata1.00: failed command: READ FPDMA QUEUED
> Mar 11 19:41:56 piolho kernel: ata1.00: cmd 
> 60/10:28:e0:d9:60/00:00:0c:00:00/40 tag 5 ncq 8192 in
> res 
> 40/00:00:00:00:00/00:00:00:00:00/00 Emask 0x4 (timeout)
> Mar 11 19:41:56 piolho kernel: ata1.00: status: { DRDY }
> Mar 11 19:41:56 piolho kernel: ata1.00: failed command: READ FPDMA QUEUED
> Mar 11 19:41:56 piolho kernel: ata1.00: cmd 
> 60/b8:30:68:71:de/00:00:0c:00:00/40 tag 6 ncq 94208 in
> res 
> 40/00:00:00:00:00/00:00:00:00:00/00 Emask 0x4 (timeout)
> Mar 11 19:41:56 piolho kernel: ata1.00: status: { DRDY }
> Mar 11 19:41:56 piolho kernel: ata1: hard resetting link
> Mar 11 19:41:56 piolho kernel: ata1: SATA link up 1.5 Gbps (SStatus 113 
> SControl 300)
> Mar 11 19:41:56 piolho kernel: ata1.00: ACPI cmd f5/00:00:00:00:00:a0 
> (SECURITY FREEZE LOCK) filtered out
> Mar 11 19:41:56 piolho kernel: ata1.00: ACPI cmd f5/00:00:00:00:00:a0 
> (SECURITY FREEZE LOCK) filtered out
> Mar 11 19:41:56 piolho kernel: ata1.00: configured for UDMA/133
> Mar 11 19:41:56 piolho kernel: ata1.00: device reported invalid CHS sector 0
> Mar 11 19:41:56 piolho kernel: ata1.00: device reported invalid CHS sector 0
> Mar 11 19:41:56 piolho kernel: ata1.00: device reported invalid CHS sector 0
> Mar 11 19:41:56 piolho kernel: ata1: EH complete

I would count that as broken hardware.

> Mar 11 19:41:56 piolho systemd-udevd[189]: timeout: killing 
> '/usr/sbin/alsactl -E HOME=/var/run/alsa restore 0' [308]
> Mar 11 19:41:56 piolho systemd-udevd[185]: timeout: killing '/sbin/crda' [307]
> Mar 11 19:41:56 piolho systemd-udevd[185]: '/sbin/crda' [307] terminated by 
> signal 9 (Killed)
> Mar 11 19:41:57 piolho systemd-udevd[186]: timeout: killing 
> '/usr/sbin/alsactl -E HOME=/var/run/alsa restore 1' [309]
> Mar 11 19:41:57 piolho systemd-udevd[186]: '/usr/sbin/alsactl -E 
> HOME=/var/run/alsa restore 1' [309] terminated by signal 9 (Killed)

More evidence of broken hardware or at least hard disk.

Bastian

-- 
Suffocating together ... would create heroic camaraderie.
-- Khan Noonian Singh, "Space Seed", stardate 3142.8


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780389: sensible-utils: how does the package decide sensible tools

[Ritesh Raj Sarraf]

Package: sensible-utils
Version: 0.0.9
Severity: normal

Please see case below:


rrs@learner:~$ sensible-editor 
/usr/bin/sensible-editor: 25: /usr/bin/sensible-editor: /usr/bin/vim.nox: not 
found
14:01 ♒♒♒   ☺
rrs@learner:~$ editor
14:01 ♒♒♒   ☺
rrs@learner:~$ which editor
/usr/bin/editor
14:01 ♒♒♒   ☺
rrs@learner:~$ file /usr/bin/editor
/usr/bin/editor: symbolic link to /etc/alternatives/editor
14:01 ♒♒♒   ☺
rrs@learner:~$ file /etc/alternatives/editor
/etc/alternatives/editor: symbolic link to /usr/bin/vim.gtk
14:01 ♒♒♒   ☺


-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.19.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IN, LC_CTYPE=en_IN (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780391: initramfs-tools: Boot drops to initramfs if usr as /dev/vg0/usr in fstab

[Mikael Flood]

Package: initramfs-tools
Version: 0.119
Severity: normal

Dear Maintainer,

   * What led up to the situation?

Upgrade to initramfs-tools 0.119 with /usr specified as /dev/vg0/usr in 
/etc/fstab.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

* downgrade to initramfs-tools 0.116 works.

* change /dev/vg0/usr to /dev/mapper/vg0-usr in /etc/fstab with 
update-initramfs -u works.

* boot before change in fstab works with vgchange -ay and ctrl +d to continue 
booting.

   * What outcome did you expect instead?

Should LVM-volume names not work as both /dev// and 
/dev/mapper// as before?


-- Package-specific info:
-- initramfs sizes
-rw-r--r-- 1 root root 15M Nov  9 19:37 /boot/initrd.img-3.16-3-amd64
-rw-r--r-- 1 root root 16M Mar 13 07:08 /boot/initrd.img-3.16.0-4-amd64
-rw-r--r-- 1 root root 11M Apr  8  2014 /boot/initrd.img-3.2.0-4-amd64
-- /proc/cmdline
BOOT_IMAGE=/vmlinuz-3.16.0-4-amd64 root=/dev/mapper/vg0-root ro 
initrd=/install/initrd.gz quiet

-- resume
RESUME=UUID=52eb45ea-0cf5-429f-a0ae-5ef38fe49328
-- /proc/filesystems
ext3
ext2
ext4
fuseblk

-- lsmod
Module  Size  Used by
xt_CHECKSUM12471  1 
iptable_mangle 12536  1 
ipt_MASQUERADE 12594  3 
iptable_nat12646  1 
nf_nat_ipv412912  1 iptable_nat
nf_nat 18241  3 ipt_MASQUERADE,nf_nat_ipv4,iptable_nat
nf_conntrack_ipv4  18448  2 
nf_defrag_ipv4 12483  1 nf_conntrack_ipv4
xt_conntrack   12681  1 
nf_conntrack   87424  6 
ipt_MASQUERADE,nf_nat,nf_nat_ipv4,xt_conntrack,iptable_nat,nf_conntrack_ipv4
ipt_REJECT 12465  2 
xt_tcpudp  12527  6 
iptable_filter 12536  1 
ip_tables  26011  3 iptable_filter,iptable_mangle,iptable_nat
x_tables   27111  8 
xt_CHECKSUM,ip_tables,xt_tcpudp,ipt_MASQUERADE,xt_conntrack,iptable_filter,ipt_REJECT,iptable_mangle
bridge106102  0 
stp12437  1 bridge
llc12745  2 stp,bridge
binfmt_misc16949  1 
cpufreq_powersave  12454  0 
cpufreq_stats  12782  0 
cpufreq_userspace  12525  0 
cpufreq_conservative14184  0 
nfsd  263032  2 
auth_rpcgss51211  1 nfsd
oid_registry   12419  1 auth_rpcgss
nfs_acl12511  1 nfsd
nfs   188136  0 
lockd  83389  2 nfs,nfsd
fscache45542  1 nfs
sunrpc237402  6 nfs,nfsd,auth_rpcgss,lockd,nfs_acl
snd_hda_codec_hdmi 45118  1 
arc4   12536  2 
ath9k  90244  0 
nvidia  10507891  39 
ath9k_common   21746  1 ath9k
ath9k_hw  391172  2 ath9k_common,ath9k
ath26067  3 ath9k_common,ath9k,ath9k_hw
iTCO_wdt   12831  0 
snd_hda_codec_realtek67127  1 
iTCO_vendor_support12649  1 iTCO_wdt
snd_hda_codec_generic63107  1 snd_hda_codec_realtek
mxm_wmi12515  0 
evdev  17445  19 
joydev 17063  0 
mac80211  474218  1 ath9k
wacom  59529  0 
coretemp   12820  0 
kvm_intel 139116  0 
snd_hda_intel  26327  5 
cfg80211  405538  4 ath,ath9k_common,ath9k,mac80211
kvm   388635  1 kvm_intel
snd_hda_controller 26727  1 snd_hda_intel
psmouse98616  0 
rfkill 18867  3 cfg80211
snd_hda_codec 104463  5 
snd_hda_codec_realtek,snd_hda_codec_hdmi,snd_hda_codec_generic,snd_hda_intel,snd_hda_controller
snd_hwdep  13148  1 snd_hda_codec
pcspkr 12595  0 
snd_pcm88662  4 
snd_hda_codec_hdmi,snd_hda_codec,snd_hda_intel,snd_hda_controller
lpc_ich20768  0 
snd_timer  26614  1 snd_pcm
serio_raw  12849  0 
mfd_core   12601  1 lpc_ich
drm   249955  3 nvidia
snd65244  18 
snd_hda_codec_realtek,snd_hwdep,snd_timer,snd_hda_codec_hdmi,snd_pcm,snd_hda_codec_generic,snd_hda_codec,snd_hda_intel
i2c_i801   16965  0 
soundcore  13026  2 snd,snd_hda_codec
i2c_core   46012  3 drm,i2c_i801,nvidia
i7core_edac22278  0 
edac_core  51465  2 i7core_edac
acpi_cpufreq   17218  0 
asus_atk0110   17216  0 
wmi17339  1 mxm_wmi
shpchp 31121  0 
processor  28221  1 acpi_cpufreq
thermal_sys27642  1 processor
button 12944  0 
vmhgfs 65266  0 
vmw_vmci   55383  1 vmhgfs
loop   26605  0 
fuse   83350  3 
parport_pc 26300  0 
ppdev  16782  0 
lp 17074  0 
parport35749  3 lp,ppdev,parport_pc
autofs435529  2 
ext4  473802  6 
crc16   

Bug#780386: [Pkg-freeipa-devel] Bug#780386: missing Depends

[Timo Aaltonen]

On 13.03.2015 10:20, Harald Dunkel wrote:
> Package: freeipa-server
> Version: 4.0.5-3
> 
> root@ldap0:~# systemctl
> -bash: systemctl: command not found

Oh yes, freeipa essentially depends on systemd anyway as it's install
would fail later on if not running systemd as init. I'll make it depend
on systemd-sysv.


-- 
t


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#755050: Bug#775877: gnome-session: No mouse pointer after login

[Simon McVittie]

Control: retitle 775877 gnome-settings-daemon crashes: 
invoke_set_property_in_idle_cb: assertion failed: (error != NULL)
Control: retitle 755050 gnome-settings-daemon: cursor plugin makes mouse 
pointer disappear in non-Shell sessions
Control: affects 755050 + gnome-session-flashback

On Wed, 11 Mar 2015 at 10:05:10 +1100, Cam Hutchison wrote:
> I've had this problem for about a year (from memory) on both Debian
> and Ubuntu.

More precisely, you have had this *symptom* for about a year.

If your gnome-settings-daemon is not crashing, then I don't think you are
experiencing the same underlying bug as Aron. It looks as though
bug #755050 refers to what you're experiencing, and has the same or a very
similar workaround (using dconf/gsettings to disable the relevant g-s-d
plugin) - please follow up there instead if necessary.

I'm trying to avoid tracking more than one underlying bug with
similar symptoms on the same bug number, because it makes it really hard
to determine when something has been fixed.

S


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780392: asterisk-modules: Asterisk fai to load some modules

[Corcodel Marian]

Package: asterisk-modules
Version: 1:11.13.1~dfsg-2+b1
Severity: normal

Hi 
this issue is bellow lines
[Mar 13 10:00:39] WARNING[807] loader.c: Error loading module 'func_odbc.so': 
/usr/lib/asterisk/modules/func_odbc.so: undefined symbol: SQLRowCount
[Mar 13 10:00:40] WARNING[807] loader.c: Error loading module 'chan_sip.so': 
/usr/lib/asterisk/modules/chan_sip.so: undefined symbol: ast_websocket_write
[Mar 13 10:00:40] WARNING[807] loader.c: Error loading module 'cdr_odbc.so': 
/usr/lib/asterisk/modules/cdr_odbc.so: undefined symbol: SQLRowCount
[Mar 13 10:00:40] WARNING[807] loader.c: Error loading module 
'app_voicemail.so': /usr/lib/asterisk/modules/app_voicemail.so: undefined 
symbol: ast_smdi_mwi_set
[Mar 13 10:00:40] WARNING[807] loader.c: Error loading module 
'res_calendar_ews.so': /usr/lib/asterisk/modules/res_calendar_ews.so: undefined 
symbol: ast_calendar_register
[Mar 13 10:00:40] WARNING[807] loader.c: Error loading module 'cel_odbc.so': 
/usr/lib/asterisk/modules/cel_odbc.so: undefined symbol: SQLColumns
[Mar 13 10:00:40] WARNING[807] loader.c: Error loading module 
'cdr_adaptive_odbc.so': /usr/lib/asterisk/modules/cdr_adaptive_odbc.so: 
undefined symbol: SQLColumns
[Mar 13 10:00:40] WARNING[807] loader.c: Error loading module 
'res_calendar_exchange.so': /usr/lib/asterisk/modules/res_calendar_exchange.so: 
undefined symbol: ast_calendar_register
[Mar 13 10:00:40] WARNING[807] loader.c: Error loading module 'func_aes.so': 
/usr/lib/asterisk/modules/func_aes.so: undefined symbol: ast_aes_set_decrypt_key
[Mar 13 10:00:40] WARNING[807] loader.c: Error loading module 'app_queue.so': 
/usr/lib/asterisk/modules/app_queue.so: undefined symbol: ast_monitor_start
[Mar 13 10:00:40] WARNING[807] loader.c: Error loading module 'pbx_dundi.so': 
/usr/lib/asterisk/modules/pbx_dundi.so: undefined symbol: 
ast_check_signature_bin
[Mar 13 10:00:41] WARNING[807] loader.c: Error loading module 'chan_agent.so': 
/usr/lib/asterisk/modules/chan_agent.so: undefined symbol: ast_monitor_start

On modules exist some undefined symbols.



-- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.14-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages asterisk-modules depends on:
ii  libasound21.0.28-1
ii  libc6 2.19-15
ii  libcfg4   1.4.6-1.1
ii  libcpg4   1.4.6-1.1
ii  libcurl3  7.38.0-4
ii  libfreeradius-client2 1.1.6-7
ii  libglib2.0-0  2.42.1-1
ii  libgmime-2.6-02.6.20-1+b1
ii  libgsm1   1.0.13-4
ii  libical1a 1.0-1.3
ii  libiksemel3   1.4-2
ii  libjack-jackd2-0 [libjack-0.116]  1.9.10+20140719git3eb0ae6a~dfsg-2
ii  liblua5.1-0   5.1.5-7.1
ii  libneon27-gnutls  0.30.1-1
ii  libodbc1  2.3.1-3
ii  libogg0   1.3.2-1
ii  libpci3   1:3.2.1-3
ii  libpj22.1.0.0.ast20130823-1
ii  libpjlib-util22.1.0.0.ast20130823-1
ii  libpjmedia-audiodev2  2.1.0.0.ast20130823-1
ii  libpjmedia-codec2 2.1.0.0.ast20130823-1
ii  libpjmedia-videodev2  2.1.0.0.ast20130823-1
ii  libpjmedia2   2.1.0.0.ast20130823-1
ii  libpjnath22.1.0.0.ast20130823-1
ii  libpjsip-simple2  2.1.0.0.ast20130823-1
ii  libpjsip-ua2  2.1.0.0.ast20130823-1
ii  libpjsip2 2.1.0.0.ast20130823-1
ii  libpjsua2 2.1.0.0.ast20130823-1
ii  libpq59.4.1-1
ii  libresample1  0.1.3-4
ii  libsensors4   1:3.3.5-2
ii  libsnmp30 5.7.2.1~dfsg-7
ii  libspandsp2   0.0.6-2+b2
ii  libspeex1 1.2~rc1.2-1
ii  libspeexdsp1  1.2~rc1.2-1
ii  libsqlite02.8.17-12
ii  libsqlite3-0  3.8.7.1-1
ii  libsrtp0  1.4.5~20130609~dfsg-1.1
ii  libssl1.0.0   1.0.1k-1
ii  libsybdb5 0.91-6+b1
ii  libtiff5  4.0.3-12.1
ii  libvorbis0a   1.3.4-2
ii  libvorbisenc2 1.3.4-2
ii  libvorbisfile31.3.4-2
ii  libwrap0  7.6.q-25
ii  libxml2   2.9.1+dfsg1-5
ii  zlib1g1:1.2.8.dfsg-2+b1

asterisk-modules recommends no packages.

asterisk-modules suggests no packages.

-- no debconf information


-- 
To 

Bug#780373: Add the ability to set preferred auto IM by locale

[Aron Xu]

Updated patch, really filters out commented lines.

I'm thinking whether we want to make it a conffile, so local
administrator can override it themselves, what do you think?

Thanks,
Aron
From 5fb66297a70e4afcfcb1c9893fc8e660da397aaf Mon Sep 17 00:00:00 2001
From: Aron Xu 
Date: Fri, 13 Mar 2015 04:25:58 +0800
Subject: [PATCH] Add the ability to set preferred auto IM by locale

Users of different locales may have their preferred default IM,
this adds the ability of setting an IM that's preferred when
"auto" is selected (which is the default), managed by locale.
---
 share/locale_prefs   |  7 +++
 share/xinputrc.common.in | 12 +++-
 2 files changed, 18 insertions(+), 1 deletion(-)
 create mode 100644 share/locale_prefs.conf

Index: im-config-0.27/share/xinputrc.common.in
===
--- im-config-0.27.orig/share/xinputrc.common.in
+++ im-config-0.27/share/xinputrc.common.in
@@ -8,6 +8,7 @@
 #
 IM_CONFIG_VERSION=@@VERSION@@
 IM_CONFIG_DATA=/usr/share/im-config/data
+IM_CONFIG_LC_PREFS=/usr/share/im-config/locale_prefs
 IM_CONFIG_XINPUTRC_USR=$HOME/.xinputrc
 IM_CONFIG_XINPUTRC_SYS=/etc/X11/xinit/xinputrc
 IM_CONFIG_DEFAULT=/etc/default/im-config
@@ -86,7 +87,16 @@ avail_auto () {
 # automatic_im
 #   echo automatic IM configuration name
 automatic_im () {
-# auto mode uses first available script in 10-79
+# locale preference handling, takes precedence if valid
+if [ -r $IM_CONFIG_LC_PREFS ]; then
+IM_CONFIG_LC_CTYPE=$(locale | sed -nr 's/LC_CTYPE=\"([a-zA-Z_]*).*\"/\1/p')
+IM_CONFIG_SCRIPT=$(grep $IM_CONFIG_LC_CTYPE $IM_CONFIG_LC_PREFS | grep -v '^#' | awk '{print $2}')
+if [ "$IM_CONFIG_SCRIPT" != "" ] && avail_auto $IM_CONFIG_SCRIPT ; then
+echo -n "$IM_CONFIG_SCRIPT"
+return
+fi
+fi
+# otherwise auto mode uses first available script in 10-79
 # 79 is for "none", i.e., no IM used
 for IM_CONFIG_SCRIPT_PATH in $IM_CONFIG_DATA/[1234567]*.rc ; do
 IM_CONFIG_SCRIPT=$(name_im $IM_CONFIG_SCRIPT_PATH)
Index: im-config-0.27/share/locale_prefs
===
--- /dev/null
+++ im-config-0.27/share/locale_prefs
@@ -0,0 +1,7 @@
+# Preferred IM for "auto" by locale
+#
+# Syntax:
+# 1) Each line shall contain an ordered pair of values separated by space:
+#locale name and preferred IM name;
+# 2) Add multiple lines for as many locales as desired;
+# 3) Lines begin with a hash sign ("#") are ignored.

Bug#780393: Monkeyscan shows wrong fingerprint

[Dimitri Dhuyvetter]

Package: monkeysign

When I scan a QR code I made outside of Monkeysig, which contains the
string "openpgp4fpr:6FC84DA08920932D34DDCBCD188E3F108C693450" Monkeysign
shows me this message:
> Signing the following key
> 
> pub  [unknown] 4096R/D4E5573D 1412669072 [expiry: 1475741072]
> Fingerprint = 7699 3358 A023 D4C7 460E  CD23 E690 607D D4E5 573D
> uid 1  [unknown] Dimitri Dhuyvetter 
> uid 2  [unknown] Dimitri Dhuyvetter 
> uid 3  [unknown] Dimitri Dhuyvetter 
> sub   4096R/D4E5573D 1412669072 [expiry: 1475741072]
> 
> 
> Sign all identities? [y/N] 

This should be
> sec   4096R/0x188E3F108C693450 2014-10-07 [expires: 2016-10-06]
>   Key fingerprint = 6FC8 4DA0 8920 932D 34DD  CBCD 188E 3F10 8C69 3450
> uidDimitri Dhuyvetter 
> uidDimitri Dhuyvetter 
> uidDimitri Dhuyvetter 
> uidDimitri Dhuyvetter 
> ssb   4096R/0xE690607DD4E5573D 2014-10-07

Or short ID 0x8C693450

I've attached the QR in question, so you can test it out yourself.

I'm not sure which version of Monkeysign or Monkeyscan I have, I
installed it today from Ubuntu repos.
I am running Ubuntu 14.03 LTS

Kind regards,
-- 
Dimitri Dhuyvetter | P: +32 486 445 747 | W: dhuyvetter.eu
 | T: @dhuyvetter_eu
 | PGP: 0x188E3F108C693450

<>

Bug#780394: asterisk-config: Please change level from ERROR on WARNING on manager.d/*.conf directory empty

[Corcodel Marian]

Package: asterisk-config
Version: 1:11.13.1~dfsg-2
Severity: wishlist

Hi 
On messages on second line follow eror appear:
[Mar 13 10:42:13] ERROR[2810] config.c: The file 'manager.d/*.conf' was listed 
as a #include but it does not exist.

This issue is because on "/etc/asterisk/manager.conf" on last line is included 
alls conf file from directory manager.d wich is on default empty and isn't
necesary to be populated. 



-- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.14-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

asterisk-config depends on no packages.

Versions of packages asterisk-config recommends:
ii  asterisk  1:11.13.1~dfsg-2+b1

asterisk-config suggests no packages.

-- Configuration Files:
/etc/asterisk/acl.conf [Errno 13] Permission denied: u'/etc/asterisk/acl.conf'
/etc/asterisk/adsi.conf [Errno 13] Permission denied: u'/etc/asterisk/adsi.conf'
/etc/asterisk/agents.conf [Errno 13] Permission denied: 
u'/etc/asterisk/agents.conf'
/etc/asterisk/alarmreceiver.conf [Errno 13] Permission denied: 
u'/etc/asterisk/alarmreceiver.conf'
/etc/asterisk/alsa.conf [Errno 13] Permission denied: u'/etc/asterisk/alsa.conf'
/etc/asterisk/amd.conf [Errno 13] Permission denied: u'/etc/asterisk/amd.conf'
/etc/asterisk/app_mysql.conf [Errno 13] Permission denied: 
u'/etc/asterisk/app_mysql.conf'
/etc/asterisk/app_skel.conf [Errno 13] Permission denied: 
u'/etc/asterisk/app_skel.conf'
/etc/asterisk/asterisk.adsi [Errno 13] Permission denied: 
u'/etc/asterisk/asterisk.adsi'
/etc/asterisk/asterisk.conf [Errno 13] Permission denied: 
u'/etc/asterisk/asterisk.conf'
/etc/asterisk/calendar.conf [Errno 13] Permission denied: 
u'/etc/asterisk/calendar.conf'
/etc/asterisk/ccss.conf [Errno 13] Permission denied: u'/etc/asterisk/ccss.conf'
/etc/asterisk/cdr.conf [Errno 13] Permission denied: u'/etc/asterisk/cdr.conf'
/etc/asterisk/cdr_adaptive_odbc.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_adaptive_odbc.conf'
/etc/asterisk/cdr_custom.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_custom.conf'
/etc/asterisk/cdr_manager.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_manager.conf'
/etc/asterisk/cdr_mysql.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_mysql.conf'
/etc/asterisk/cdr_odbc.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_odbc.conf'
/etc/asterisk/cdr_pgsql.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_pgsql.conf'
/etc/asterisk/cdr_sqlite3_custom.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_sqlite3_custom.conf'
/etc/asterisk/cdr_syslog.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_syslog.conf'
/etc/asterisk/cdr_tds.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_tds.conf'
/etc/asterisk/cel.conf [Errno 13] Permission denied: u'/etc/asterisk/cel.conf'
/etc/asterisk/cel_custom.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cel_custom.conf'
/etc/asterisk/cel_odbc.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cel_odbc.conf'
/etc/asterisk/cel_pgsql.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cel_pgsql.conf'
/etc/asterisk/cel_sqlite3_custom.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cel_sqlite3_custom.conf'
/etc/asterisk/cel_tds.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cel_tds.conf'
/etc/asterisk/chan_dahdi.conf [Errno 13] Permission denied: 
u'/etc/asterisk/chan_dahdi.conf'
/etc/asterisk/chan_mobile.conf [Errno 13] Permission denied: 
u'/etc/asterisk/chan_mobile.conf'
/etc/asterisk/cli.conf [Errno 13] Permission denied: u'/etc/asterisk/cli.conf'
/etc/asterisk/cli_aliases.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cli_aliases.conf'
/etc/asterisk/cli_permissions.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cli_permissions.conf'
/etc/asterisk/codecs.conf [Errno 13] Permission denied: 
u'/etc/asterisk/codecs.conf'
/etc/asterisk/confbridge.conf [Errno 13] Permission denied: 
u'/etc/asterisk/confbridge.conf'
/etc/asterisk/config_test.conf [Errno 13] Permission denied: 
u'/etc/asterisk/config_test.conf'
/etc/asterisk/console.conf [Errno 13] Permission denied: 
u'/etc/asterisk/console.conf'
/etc/asterisk/dbsep.conf [Errno 13] Permission denied: 
u'/etc/asterisk/dbsep.conf'
/etc/asterisk/dnsmgr.conf [Errno 13] Permission denied: 
u'/etc/asterisk/dnsmgr.conf'
/etc/asterisk/dsp.conf [Errno 13] Permission denied: u'/etc/asterisk/dsp.conf'
/etc/asterisk/dundi.conf [Errno 13] Permission denied: 
u'/etc/asterisk/dundi.conf'
/etc/asterisk/enum.conf [Errno 13] Permission denied: u'/etc/asterisk/enum.conf'
/etc/asterisk/extconfig.conf [Errno 13] Permission denied: 
u'/etc/asterisk/extconfig.conf'
/etc/asterisk/extensions.ael [Errno 13] Permission denied: 
u'/etc/asterisk/extensions.ael'
/etc/asterisk/extensions.conf [Errno 13] Permission denied: 
u'/etc/asteri

Bug#755050: gnome-settings-daemon: cursor plugin makes mouse pointer disappear in non-Shell sessions

[Simon McVittie]

On Thu, 17 Jul 2014 at 09:44:33 +0200, Joachim Breitner wrote:
> since upgrading [g-s-d] from 3.8.5-2+b2 to 3.12.2-1, my mouse pointer was
> invisible after login.

Looking at  it seems that the intention
these days is:

* gnome-settings-daemon is only intended to work with GNOME Shell
  (or at least Mutter);
* non-Shell GNOME sessions should run gnome-flashback components instead of
  gnome-settings-daemon;
* non-GNOME sessions should not run either

In particular, the Compiz- and Metacity-based sessions provided by
gnome-session-flashback already do this, so they should no longer be
affected by this.

gnome-flashback and/or g-s-d maintainers: is what I said above accurate?

Gtk 3.14+ defaults to the Adwaita theme that is also the GNOME default,
instead of the ugly Raleigh theme that was historically the Gtk default,
which I think removes one historical reason why users of other desktops
might have wanted to run gnome-settings-daemon.

I see xmonad has dropped its built-in support for running a hybrid
xmonad + GNOME session, so it is not directly relevant here.

openbox-gnome-session's /usr/share/gnome-session/sessions/openbox-gnome.session
and /usr/share/gnome-session/sessions/openbox-gnome-fallback.session still
uses gnome-settings-daemon, so they probably still suffer from this bug?
Similarly, cairo-dock-core appears to use gnome-settings-daemon in its
cairo-dock + compiz + GNOME session.

On Wed, 30 Jul 2014 at 10:52:08 +0200, Michał Politowski wrote:
> Same problem under gnome-session-flashback.
> Disabling the cursor plugin with dconf also helped here (after restart).

This particular case should have been fixed in September (gnome-panel/3.8.1-4)
according to , because gnome-session-flashback
no longer uses gnome-settings-daemon.

Regards,
S


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#777508: Would like to confirm this behavior

[dr.allc...@gmx.de]

Dear Sir, Dear Madam

I would like to confirm this bug as I came across it as well with 2 out of 2 
test machines.

Would love to get some hints on a work around. Are there any information 
available already?

Thank you.

Regards


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#775689: mkusb

[Nio Wiklund]

From: Steve McIntyre 
To: Debian Bug Tracking System 
Subject: Do NOT use unetbootin for Debian CD images
Date: Sun, 18 Jan 2015 18:06:18 +

Source: unetbootin
Severity: serious
Tags: d-i
Justification: wasting massive amounts of developer and user time
...
Please add:

 * An entry in the Debian package description to say "Do not use
   unetbootin for Debian CD images, just write them raw using dd" or
   similar.
_

I would suggest wrapping safety around dd with the shell-script 'mkusb'.

Extra safety can be very important because dd is nick-named 'disk
destroyer' for a reason: It does what you *tell* it to do without
questions, even if it is not what you *want* to do (for example wipe a
drive with not yet backed up family photos).

mkusb is tested with debian Jessie (and worked reliably after some
tweaks). If you are interested, I can try to make it work without tweaks.

There is a PPA for Ubuntu, but for Debian please look at this link

https://help.ubuntu.com/community/mkusb/v9#from_phillw.net

Best regards
Nio


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#649106: syncid 'fix' breaks state sync in init script completely

[Hans van Kranenburg]

Hello,

I'm in the process of testing the upgrade from wheezy to jessie of a few 
systems that use keepalived/ipvsadm.


ipvs state sync is not functional any more since 1:1.26-3, because of a 
bug in the init script.


When looking at the history of the init script, I can see the bug was 
introduced in a commit called "Fix syncid handling", which ironically 
actually horribly breaks the same thing.


https://github.com/formorer/pkg-ipvsadm/commit/66bae1cee1cd3d0f89466a92ee99fb61e8f0d47f

-   $IPVSADM --start-daemon $DAEMON --mcast-interface $IFACE || 
log_end_msg 1
+   $IPVSADM --syncid $SYNCID --start-daemon $DAEMON 
--mcast-interface \

+$IFACE --syncid $SYNCID || log_end_msg 1

The --syncid $SYNCID is inserted twice in this line. This results in a 
command line that is rejected by ipvsadm, since the first occurence is a 
syntax error.


# ipvsadm --syncid 0 --start-daemon master --mcast-interface eth0 --syncid 0
Try `ipvsadm -h' or 'ipvsadm --help' for more information.

# ipvsadm --start-daemon master --mcast-interface eth0 --syncid 0
(OK)

Please remove the first --syncid $SYNCID in the three lines in the init 
script that start the sync daemon threads.


Was the change in this commit ever tested before releasing it? Due to 
the fact that Jessie is now frozen, every user of this functionality 
will end up with a disfunctional state sync after upgrading.


Thanks,
--
Hans van Kranenburg - System / Network Engineer
T +31 (0)10 2760434 | hans.van.kranenb...@mendix.com | www.mendix.com


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780383: libopensaml2-java: CVE-2015-1796

[Emmanuel Bourg]

Hi Salvatore,

Thank you for the report. Looking at the commit r1680 mentioned on the
security tracker I fail to see how it addresses the vulnerability
described. I suspect this is actually a vulnerability in a dependency
shared by opensaml and idp (maybe xmltooling which contains the
PKIXValidationInformationResolver class, or shib-common with a recent
commit referring to the same SIDP-624 issue [1]).

Emmanuel Bourg

[1]
http://svn.shibboleth.net/view/java-shib-common?view=revision&revision=1125


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780387: unburden-home-dir: should /run/user be the default

[Axel Beckert]

Control: tag -1 + confirmed
Control: severity -1 wishlist

Hi Ritesh,

Ritesh Raj Sarraf wrote:
> Thanks for writing this tool.

You're welcome. Happy to hear from another happy user! :-)

> While configuring it, this thought came in mind.
> 
> /tmp is very generic a location for many things. Should uhd use
> something more uncommon? Like /run/user ??

Actually using something under /run/user as default already came to my
mind a few weeks ago. (I'm not sure if /run/ already existed in Debian
Stable when I started implementing unburden-home-dir.)

I though wonder why I haven't written that down yet. I've done so now:
https://github.com/xtaran/unburden-home-dir/blob/master/TODO.md

That feature will likely be part of the planned 0.4 release.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780395: asterisk-config: Alls lines from motif.conf must be commented on default because errors

[Corcodel Marian]

Package: asterisk-config
Version: 1:11.13.1~dfsg-2
Severity: normal

Hi
Alls configurations from "/etc/asterisk/motif.conf" put errors on  messages 
please comment them except the [default] section.



-- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.14-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

asterisk-config depends on no packages.

Versions of packages asterisk-config recommends:
ii  asterisk  1:11.13.1~dfsg-2+b1

asterisk-config suggests no packages.

-- Configuration Files:
/etc/asterisk/acl.conf [Errno 13] Permission denied: u'/etc/asterisk/acl.conf'
/etc/asterisk/adsi.conf [Errno 13] Permission denied: u'/etc/asterisk/adsi.conf'
/etc/asterisk/agents.conf [Errno 13] Permission denied: 
u'/etc/asterisk/agents.conf'
/etc/asterisk/alarmreceiver.conf [Errno 13] Permission denied: 
u'/etc/asterisk/alarmreceiver.conf'
/etc/asterisk/alsa.conf [Errno 13] Permission denied: u'/etc/asterisk/alsa.conf'
/etc/asterisk/amd.conf [Errno 13] Permission denied: u'/etc/asterisk/amd.conf'
/etc/asterisk/app_mysql.conf [Errno 13] Permission denied: 
u'/etc/asterisk/app_mysql.conf'
/etc/asterisk/app_skel.conf [Errno 13] Permission denied: 
u'/etc/asterisk/app_skel.conf'
/etc/asterisk/asterisk.adsi [Errno 13] Permission denied: 
u'/etc/asterisk/asterisk.adsi'
/etc/asterisk/asterisk.conf [Errno 13] Permission denied: 
u'/etc/asterisk/asterisk.conf'
/etc/asterisk/calendar.conf [Errno 13] Permission denied: 
u'/etc/asterisk/calendar.conf'
/etc/asterisk/ccss.conf [Errno 13] Permission denied: u'/etc/asterisk/ccss.conf'
/etc/asterisk/cdr.conf [Errno 13] Permission denied: u'/etc/asterisk/cdr.conf'
/etc/asterisk/cdr_adaptive_odbc.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_adaptive_odbc.conf'
/etc/asterisk/cdr_custom.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_custom.conf'
/etc/asterisk/cdr_manager.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_manager.conf'
/etc/asterisk/cdr_mysql.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_mysql.conf'
/etc/asterisk/cdr_odbc.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_odbc.conf'
/etc/asterisk/cdr_pgsql.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_pgsql.conf'
/etc/asterisk/cdr_sqlite3_custom.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_sqlite3_custom.conf'
/etc/asterisk/cdr_syslog.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_syslog.conf'
/etc/asterisk/cdr_tds.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cdr_tds.conf'
/etc/asterisk/cel.conf [Errno 13] Permission denied: u'/etc/asterisk/cel.conf'
/etc/asterisk/cel_custom.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cel_custom.conf'
/etc/asterisk/cel_odbc.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cel_odbc.conf'
/etc/asterisk/cel_pgsql.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cel_pgsql.conf'
/etc/asterisk/cel_sqlite3_custom.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cel_sqlite3_custom.conf'
/etc/asterisk/cel_tds.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cel_tds.conf'
/etc/asterisk/chan_dahdi.conf [Errno 13] Permission denied: 
u'/etc/asterisk/chan_dahdi.conf'
/etc/asterisk/chan_mobile.conf [Errno 13] Permission denied: 
u'/etc/asterisk/chan_mobile.conf'
/etc/asterisk/cli.conf [Errno 13] Permission denied: u'/etc/asterisk/cli.conf'
/etc/asterisk/cli_aliases.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cli_aliases.conf'
/etc/asterisk/cli_permissions.conf [Errno 13] Permission denied: 
u'/etc/asterisk/cli_permissions.conf'
/etc/asterisk/codecs.conf [Errno 13] Permission denied: 
u'/etc/asterisk/codecs.conf'
/etc/asterisk/confbridge.conf [Errno 13] Permission denied: 
u'/etc/asterisk/confbridge.conf'
/etc/asterisk/config_test.conf [Errno 13] Permission denied: 
u'/etc/asterisk/config_test.conf'
/etc/asterisk/console.conf [Errno 13] Permission denied: 
u'/etc/asterisk/console.conf'
/etc/asterisk/dbsep.conf [Errno 13] Permission denied: 
u'/etc/asterisk/dbsep.conf'
/etc/asterisk/dnsmgr.conf [Errno 13] Permission denied: 
u'/etc/asterisk/dnsmgr.conf'
/etc/asterisk/dsp.conf [Errno 13] Permission denied: u'/etc/asterisk/dsp.conf'
/etc/asterisk/dundi.conf [Errno 13] Permission denied: 
u'/etc/asterisk/dundi.conf'
/etc/asterisk/enum.conf [Errno 13] Permission denied: u'/etc/asterisk/enum.conf'
/etc/asterisk/extconfig.conf [Errno 13] Permission denied: 
u'/etc/asterisk/extconfig.conf'
/etc/asterisk/extensions.ael [Errno 13] Permission denied: 
u'/etc/asterisk/extensions.ael'
/etc/asterisk/extensions.conf [Errno 13] Permission denied: 
u'/etc/asterisk/extensions.conf'
/etc/asterisk/extensions.lua [Errno 13] Permission denied: 
u'/etc/asterisk/extensions.lua'
/etc/asterisk/extensions_minivm.conf [Errno 13] Permission denied: 
u'/etc/asterisk/extensions_minivm.conf'
/et

Bug#649106: syncid 'fix' breaks state sync in init script completely

[Alexander Wirt]

On Fri, 13 Mar 2015, Hans van Kranenburg wrote:

> Hello,
> 
> I'm in the process of testing the upgrade from wheezy to jessie of a few
> systems that use keepalived/ipvsadm.
> 
> ipvs state sync is not functional any more since 1:1.26-3, because of a bug
> in the init script.
> 
> When looking at the history of the init script, I can see the bug was
> introduced in a commit called "Fix syncid handling", which ironically
> actually horribly breaks the same thing.
> 
> https://github.com/formorer/pkg-ipvsadm/commit/66bae1cee1cd3d0f89466a92ee99fb61e8f0d47f
> 
> -   $IPVSADM --start-daemon $DAEMON --mcast-interface $IFACE ||
> log_end_msg 1
> +   $IPVSADM --syncid $SYNCID --start-daemon $DAEMON
> --mcast-interface \
> +$IFACE --syncid $SYNCID || log_end_msg 1
> 
> The --syncid $SYNCID is inserted twice in this line. This results in a
> command line that is rejected by ipvsadm, since the first occurence is a
> syntax error.
> 
> # ipvsadm --syncid 0 --start-daemon master --mcast-interface eth0 --syncid 0
> Try `ipvsadm -h' or 'ipvsadm --help' for more information.
> 
> # ipvsadm --start-daemon master --mcast-interface eth0 --syncid 0
> (OK)
> 
> Please remove the first --syncid $SYNCID in the three lines in the init
> script that start the sync daemon threads.
> 
> Was the change in this commit ever tested before releasing it? Due to the
> fact that Jessie is now frozen, every user of this functionality will end up
> with a disfunctional state sync after upgrading.
I am pretty sure I tested it somehow, however I don't use ipvsadm in daemon
mode as I think it is pretty useless without a manager. Also your facts are
wrong, it is possible to get critical fixes into jessie. I will give it a
try.

Alex


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780237: unblock: ifupdown/0.7.53

[Andrew Shadura]

Control: tags -1 - moreinfo

Thanks,  uploaded.

-- 
Cheers,
  Andrew

Bug#780393: Scanned QR shows wrong fingerprint

[Dimitri Dhuyvetter]

Here is a link to the QR code in question:
https://cloud.dhuyvetter.eu/public.php?service=files&t=907eab930d2f9f9aba2e1941a57165b6

-- 
Dimitri Dhuyvetter | P: +32 486 445 747 | W: dhuyvetter.eu
 | T: @dhuyvetter_eu
 | PGP: 0x188E3F108C693450

<>

Bug#780396: setting up a headless system

[Harald Dunkel]

Package: openssh-server
Version: 1:6.7p1-3

Setting up a headless system failed: root is not 
allowed to login via ssh, even though it is the 
only account with a valid shell. 

This is fatal.


Regards
Harri


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#649106: syncid 'fix' breaks state sync in init script completely

[Hans van Kranenburg]

On 03/13/2015 10:53 AM, Alexander Wirt wrote:

I am pretty sure I tested it somehow, however I don't use ipvsadm in daemon
mode as I think it is pretty useless without a manager.


I use keepalived to set the rules and do health checking, but don't use 
keepalived for managing the state sync processes.


When using keepalived for this, it will start and stop those on a 
reload, restart, failover etc, which means that part of the state sync 
info just gets lost. If I want to reconfigure my backup lvs director, 
shut down keepalived there, reconfigure it etc etc, the receiving sync 
thread is turned off, and I cannot properly fail over to it in order to 
work on the other end.


By enabling the sync state processes in "both" mode, using the ipvsadm 
init script, results in a situation where the sending and receiving of 
information just always happens. Also, active/active is probably 
possible (don't use it now), where part of my IP addresses are on one 
director and part are on another.



Also your facts are
wrong, it is possible to get critical fixes into jessie. I will give it a
try.


That would be awesome, thanks.

--
Hans van Kranenburg - System / Network Engineer
+31 (0)10 2760434 | hans.van.kranenb...@mendix.com | www.mendix.com


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780396: setting up a headless system

[Colin Watson]

Control: reassign 780396 release-notes
Control: forcemerge 769388 780396

On Fri, Mar 13, 2015 at 11:06:53AM +0100, Harald Dunkel wrote:
> Setting up a headless system failed: root is not 
> allowed to login via ssh, even though it is the 
> only account with a valid shell. 

This is an intentional change, but it does require some adaptation by
people setting up headless systems to e.g. put a public key in place
using preseeding.  See README.Debian (the relevant text follows) and
#769388.

  PermitRootLogin
  ---
  
  As of 1:6.6p1-1, new installations will be set to "PermitRootLogin
  without-password".  This disables password authentication for root, foiling
  password dictionary attacks on the root user.  Some sites may wish to use
  the stronger "PermitRootLogin forced-commands-only" or "PermitRootLogin no",
  but note that "PermitRootLogin no" will break setups that SSH to root with a
  forced command to take full-system backups.  You can use PermitRootLogin in
  a Match block if you want finer-grained control here.
  
  For many years Debian's OpenSSH packaging used "PermitRootLogin yes", in
  line with upstream.  To avoid breaking local setups, this is still true for
  installations upgraded from before 1:6.6p1-1.  If you wish to change this,
  you should edit /etc/ssh/sshd_config, change it manually, and run "service
  ssh restart" as root.
  
  Disabling PermitRootLogin means that an attacker possessing credentials for
  the root account (any credentials in the case of "yes", or private key
  material in the case of "without-password") must compromise a normal user
  account rather than being able to SSH directly to root.  Be careful to avoid
  a false illusion of security if you change this setting; any account you
  escalate to root from should be considered equivalent to root for the
  purposes of security against external attack.  You might for example disable
  it if you know you will only ever log in as root from the physical console.
  
  Since the root account does not generally have non-password credentials
  unless you explicitly install an SSH public key in its
  ~/.ssh/authorized_keys, which you presumably only do if you want to SSH to
  it, "without-password" should be a reasonable default for most sites.
  
  For further discussion, see:
  
https://bugs.debian.org/298138
https://bugzilla.mindrot.org/show_bug.cgi?id=2164

-- 
Colin Watson   [cjwat...@debian.org]


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#775689: tip

[Nio Wiklund]

Hi László,
_

From: Thorsten Glaser 
To: László Böszörményi (GCS) 
Cc: 775...@bugs.debian.org
Subject: Re: Bug#775689: Do NOT use unetbootin for Debian CD images
Date: Mon, 19 Jan 2015 09:45:11 +0100 (CET)

On Sun, 18 Jan 2015, László Böszörményi (GCS) wrote:

> Also please note it's not a Debian specific tool. But it may exists in

Right. I think users of Debian derivate which must not be named
use it when they don’t manage to type “sudo dd”. I suggest to
patch it upstream to recognise at the very least Debian ISOs, if
not all isohybrid and manifold-boot ISOs, and just dd them over
if found, instead of doing whatever it is otherwise doing.
_

I suggested mkusb to be used now, but I also want to say that I have
used Unetbootin for years, and it is working well most of the time. It
is very good when people want persistence, and when they want to use the
pendrive for storage too (I don't, pendrives are temporary devices for
me). But sometimes there are bugs, when a new distro or version is
different in a way, that is not recognized by Unetbootin. This seems to
be the case now with Debian Jessie.

If you add a 'dd' cloning option, it would make Unetbootin even more
useful. You are welcome to borrow whatever code and concepts you want
from mkusb, it is FOSS :-)

Best regards
Nio


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780353: oaklisp: FTBFS on mips64el - gcc: error: unrecognized command line option '-m32'

[James Cowgill]

On Thu, 2015-03-12 at 21:06 +, Barak A. Pearlmutter wrote:
> Thanks for the bug report.
> 
> >> checking size of void *... 8
> >> configure: WARNING: non 32-bit pointer platform detected
> >> configure: trying to enabling 32-bit compilation mode
> >> checking size of void *... 0
> >> configure: WARNING: bad news, pointers are now 0 bytes
> 
> > This is caused by trying to use '-m32':
> 
> Indeed.
> 
> Until a 64-bit port is done, Oaklisp requires 32-bit pointers
> 
> I've just push code to error out when it notices "0 byte" pointers.
> 
> > -m32 isn't a valid option to gcc on mips (or on arm64 or ia64[1]).
> 
> > if you want to compile 32-bit code on mips64, you need to pass
> > something like '-march=mips2 -mabi=32' to gcc.
> 
> There is no possibility of compiling Oaklisp on a 64-bit machine without
> some compiler option requesting a 32-bit pointer memory model.
> 
> I thought GCC used -m32 for this purpose whenever feasible. Ah well.
> Perhaps there is an existing autoconf macro,
> AX_CFLAGS_32BIT_MEMORY_MODEL or something like that? I poked around but
> didn't find anything. I suppose I'll have to break down and write one
> myself, casing out on architecture.
> 
> You include the magic above for mips64. You wouldn't happen to know it
> for other multilib-enabled 64-bit platforms, would you?

I just tried using -mabi=32 (without the -march stuff) and it worked so
only that is needed on mips.

These options are untested, I just looked over the GCC manual for them.

alpha impossible?
amd64 -m32
arm64 -mabi=ilp32
ia64  -milp32
mips64el  -mabi=32
ppc64 -m32
ppc64el   -m32
s390x -m31
sparc64   -m32

But only some of these architectures have multilib enabled in the glibc
package:

amd64
mips64el
ppc64 (but not ppc64el?)
sparc64
s390x

> (Of course, another possibility would be to simply drop all 64-bit
> architectures aside from amd64 and let people use multiarch to install
> the appropriate 32-bit package when applicable.)

And that would work as well - I'll leave that up to you :)

Thanks,
James


signature.asc
Description: This is a digitally signed message part

Bug#749320: evince: selecting the print menu entry make evince segfault

[Samuel Wolf]

I can reproduce this on minimum two Debian Jessie amd64 today, but
unfortunately not 100%.

* download a PDF via Firefox (which open automatically)
* select bookmark "tmp" which point me to /tmp and edit the file name (do
not save!)
* select a other window, in my case Firefox
* click now direct in the name field of Evince and wait
---> segfault

The time to wait was from 1 second to over 80 seconds.

Do not find the exactly way to reproduce this, but something is wrong here.

Mar 13 11:01:40 debian-jessie kernel: [ 2025.512323] evince[2297]: segfault
at 14 ip 7f0e578d6c64 sp 7ffe83914840 error 4 in
libgtk-3.so.0.1400.5[7f0e575ec000+6a6000]
Mar 13 11:04:22 debian-jessie kernel: [ 2187.530810] evince[2334]: segfault
at 14 ip 7f1f82be7c64 sp 7fff95730d80 error 4 in
libgtk-3.so.0.1400.5[7f1f828fd000+6a6000]
Mar 13 11:05:09 debian-jessie kernel: [ 2234.270279] evince[2399]: segfault
at 14 ip 7f93785cac64 sp 7fffed498ba0 error 4 in
libgtk-3.so.0.1400.5[7f93782e+6a6000]
Mar 13 11:11:29 debian-jessie kernel: [ 2614.528368] evince[2564]: segfault
at 14 ip 7f7851dc9c64 sp 7ffc06f8dbb0 error 4 in
libgtk-3.so.0.1400.5[7f7851adf000+6a6000]

Samuel

Bug#749320: evince: selecting the print menu entry make evince segfault

[Samuel Wolf]

> * download a PDF via Firefox (which open automatically)
> * select bookmark "tmp" which point me to /tmp and edit the file name (do
> not save!)
> * select a other window, in my case Firefox
> * click now direct in the name field of Evince and wait
> ---> segfault

Sorry forget a step!

* download a PDF via Firefox (which open automatically)
* select save a copy in the menu
* select nautilus bookmark "tmp" which point me to /tmp and edit the
file name (do
not save!)
* select a other window, in my case Firefox
* click now direct in the name field of Evince and wait
---> segfault

Bug#749320: evince: selecting the print menu entry make evince segfault

[Simon McVittie]

On 13/03/15 10:35, Samuel Wolf wrote:
> Mar 13 11:01:40 debian-jessie kernel: [ 2025.512323] evince[2297]:
> segfault at 14 ip 7f0e578d6c64 sp 7ffe83914840 error 4 in
> libgtk-3.so.0.1400.5[7f0e575ec000+6a6000]

This is not enough information to say much about the crash. Can you get
a backtrace, please? 

Are you using the Unico theme engine (gtk3-engines-unico), like Norbert
apparently is? If so, is the crash reproducible with Gtk's default
Adwaita theme?

S


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#761867: Webapp: Add conjunctive search for ctags

[Stefano Zacchiroli]

[ just documenting here a quick summary of IRC discussions ]

On Thu, Mar 12, 2015 at 02:33:03PM +0100, Orestis Ioannou wrote:
> I have attached the patch for the conjunctive search.
> Raw sql commands are the following:

The patch looks good, but there are concerns that this feature will
allow to DoS the DB, given the ctags table currently contains ~380
million tuples.

We've pinged friendly neighborhood Postgres experts (Myon, mnencia) who
are looking into this to give feedback about: whether the feature is a
good idea at all and/or whether there are better ways to implement this
query.

I duly notice that we already have non-conjunctive ctags-based search.
And it's not given us problems thus far. If we can make the conjunctive
query, performance-wise, "as bad as" the non-conjunctive version, then
it's probably good to do.

Cheers.
-- 
Stefano Zacchiroli  . . . . . . .  z...@upsilon.cc . . . . o . . . o . o
Maître de conférences . . . . . http://upsilon.cc/zack . . . o . . . o o
Former Debian Project Leader  . . @zack on identi.ca . . o o o . . . o .
« the first rule of tautology club is the first rule of tautology club »


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780397: Minechangelog doesn't support unicode

[Jean-Michel Nirgal Vourgère]

Package: nm.debian.org

From https://nm.debian.org/am/minechangelogs/ when one search Vourgère,
there is no result.

According to
https://codesearch.debian.net/results/Vourg%C3%A8re%20path:debian%2Fchangelog
there should be many.

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (990, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)



signature.asc
Description: OpenPGP digital signature

Bug#780344: ffmpeg: encoding broken source is a success

[Michal Suchanek]

Hello,

Excerpts from Andreas Cadhalpun's message of Thu Mar 12 14:54:38 +0100 2015:
> Control: tag -1 moreinfo
> 
> Hi Michal,
> 
> On 12.03.2015 13:22, Michal Suchanek wrote:
> > I noticed that a video is broken (truncated).
> >
> > I tried to detect the breakage with ffmpeg in order to be able to detect
> > possible breakage of other video files but while ffmpeg prints a frame
> > error it returns success on finishing encode:
> >
> > $ ffmpeg -v warning -i /scratch/dwhelper/Mill_CPU_for_Humans_-_Part_2.mp4 
> > -f null /dev/null ; echo $?
> > [null @ 0x1554880] Encoder did not produce proper pts, making some up.
> > [h264 @ 0x1645bc0] AVC: nal size 5421
> >  Last message repeated 1 times
> > [h264 @ 0x1645bc0] no frame!
> > 0
> >
> > Can the error reporting be fixed for programmatic error detection?
> 
> I think ffmpeg tries to continue on errors, because the rest of the file 
> still might contain usable data.
> 
> If you want to use ffmpeg for programmatic error detection, you probably 
> want to use the '-xerror' command line option, which causes ffmpeg to 
> quit with an error exit code, if any error occurred.

I think that by default errors should lead to non-zero return value even
if output can be produced. Such output can also contain errors and
cannot be considered valid unless checked by the user. However, if this
is weird upstream design decision Debian is not the place to change that.

Unfortunately, the option to report errors does not seem to be
documented. After some grepping of the man page I get no relevant
results.

Also it does not change the fact that encoding broken source may result
in success.

> 
> So I don't see a bug here. If you still do, please elaborate.

Thanks

Michal

$ ffmpeg -xerror -v warning -i 
/scratch/dwhelper/Mill_CPU_for_Humans_-_Part_2.mp4 -f null /dev/null ; echo $?
[null @ 0x264f8c0] Encoder did not produce proper pts, making some up.
[h264 @ 0x26096e0] AVC: nal size 5421
Last message repeated 1 times
[h264 @ 0x26096e0] no frame!
0


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#749320: evince: selecting the print menu entry make evince segfault

[Samuel Wolf]

2015-03-13 11:45 GMT+01:00 Simon McVittie :

> On 13/03/15 10:35, Samuel Wolf wrote:
> > Mar 13 11:01:40 debian-jessie kernel: [ 2025.512323] evince[2297]:
> > segfault at 14 ip 7f0e578d6c64 sp 7ffe83914840 error 4 in
> > libgtk-3.so.0.1400.5[7f0e575ec000+6a6000]
>
> This is not enough information to say much about the crash. Can you get
> a backtrace, please? 
>
> Are you using the Unico theme engine (gtk3-engines-unico), like Norbert
> apparently is? If so, is the crash reproducible with Gtk's default
> Adwaita theme?


Using Adwaita theme.
I guess first step is to find a way to reproduce this issue 100%.

Samuel

Bug#780398: weak/insecure diffie-hellman parameters

[Adi Kriegisch]

Package: apache2
Version: 2.2.22-13+deb7u4

Hi!

As Wheezy will be around for some more time (and squeeze-lts might also be
interested in getting a little extra security), would you please consider
backporting the DHE parameter size feature of Apache 2.4 to Apache 2.2 as
you did with EC support?

Thanks & all the best,
Adi Kriegisch

PS: If you need more information and/or reasoning, please let me know!


signature.asc
Description: Digital signature

Bug#341935: closed by Baruch Even (Issue fixed in v0.2 branch)

[Andreas Krüger]

Seems to indeed work now. (Briefly tested with Version: 0.1h-11+b1 .)

Thank you!

Andreas




signature.asc
Description: OpenPGP digital signature

Bug#780399: m-s-d crashes due to unsafe access to list elements

[Vlad Orlov]

Source: mate-settings-daemon
Version: 1.8.2-1
Severity: important
Tags: jessie upstream
Control: forwarded -1 
https://github.com/mate-desktop/mate-settings-daemon/issues/67

Due to unsafe access to list elements, m-s-d tries to dereference
NULL pointer and crashes. The upstream pull request [1] should
fix the issue.


[1] https://github.com/mate-desktop/mate-settings-daemon/pull/101

Bug#780400: libkio5: cut and paste files on sftp can cause data loss

[Salvo Tomaselli]

Package: libkio5
Version: 4:4.14.2-5
Severity: critical
Justification: causes serious data loss

Dear Maintainer,
transferring some files over sftp using Dolphin caused the files in question to
be deleted.

1. Open two tabs in Dolphin, one locally and one over the remote server with 
sftp
2. Select a huge (4GiB) directory and select "cut"
3. Paste it in the remote directory
4. Wait
5. Run out of time, need to leave, suspend the laptop.
6. Re-open the laptop to manually re-do the transfer and delete the partial 
files
7. Login using ssh and terminal to the remote location
8. The remote directory contains a file.part that is incomplete
9. The local directory has been wiped and the original files are gone forever

I would expect that the behaviour should be similar to the one of "mv" when 
cutting
and pasting, and the original file shouldn't be deleted before the copy 
operation
is successful, and when in doubt not be deleted.

I suspect the bug is in kio library, but I don't know so much of the KDE 
architecture
to be able to exactly locate the problem.

I feel I've provided enough information to reproduce, but feel free to contact 
me if
more information is required.

Best regards

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.18.7a (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libkio5 depends on:
ii  libacl1 2.2.52-2
ii  libattr11:2.4.47-2
ii  libc6   2.19-15
ii  libkdecore5 4:4.14.2-5
ii  libkdeui5   4:4.14.2-5
ii  libnepomuk4 4:4.14.2-5
ii  libqt4-dbus 4:4.8.6+git64-g5dc8b2b+dfsg-3
ii  libqt4-network  4:4.8.6+git64-g5dc8b2b+dfsg-3
ii  libqt4-svg  4:4.8.6+git64-g5dc8b2b+dfsg-3
ii  libqt4-xml  4:4.8.6+git64-g5dc8b2b+dfsg-3
ii  libqtcore4  4:4.8.6+git64-g5dc8b2b+dfsg-3
ii  libqtgui4   4:4.8.6+git64-g5dc8b2b+dfsg-3
ii  libsolid4   4:4.14.2-5
ii  libstdc++6  4.9.2-10
ii  libstreamanalyzer0  0.7.8-1.2+b2
ii  libx11-62:1.6.2-3
ii  libxrender1 1:0.9.8-1+b1

Versions of packages libkio5 recommends:
ii  kdelibs5-plugins  4:4.14.2-5

libkio5 suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780401: gimp: crashes window manager (fvwm) on closing

[Olaf Dietrich]

Package: gimp
Version: 2.8.14-1+b1
Severity: critical
Justification: causes serious data loss

gimp crashes the window manager (fvwm) on closing (File > Quit),
i.e., all applications are aborted and the login screen appears.
All currently open data are lost.

The problems does not occur always, but very frequently; typically
after editing an image, exporting the image (e.g. to jpg), closing
the image (without saving in xcf format), and then closing gimp.

Error message from kern.log/sys.log:

Mar 13 11:23:46 sysname kernel: [123140.740473] x-window-manage[2373]: segfault 
at 7f76a7774ab0 ip 7f76a601ab95 sp 7fff06f883d0 error 4 in 
libc-2.19.so[7f76a5fa2000+19f000]


(One more window manager peculiarity (I do not know if this is
related to the wm crashes): gimp dialogs such as the File>Open
dialog appear without window handles, i.e., cannot be easily
moved or resized.)


Olaf



-- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages gimp depends on:
ii  gimp-data2.8.14-1
ii  libaa1   1.4p5-43
ii  libatk1.0-0  2.14.0-1
ii  libbabl-0.1-00.1.10-2
ii  libbz2-1.0   1.0.6-7+b2
ii  libc62.19-15
ii  libcairo21.14.0-2.1
ii  libdbus-1-3  1.8.16-1
ii  libdbus-glib-1-2 0.102-1
ii  libexif120.6.21-2
ii  libexpat12.1.0-6+b3
ii  libfontconfig1   2.11.0-6.3
ii  libfreetype6 2.5.2-3
ii  libgdk-pixbuf2.0-0   2.31.1-2+b1
ii  libgegl-0.2-00.2.0-7+b1
ii  libgimp2.0   2.8.14-1+b1
ii  libglib2.0-0 2.42.1-1
ii  libgs9   9.06~dfsg-2
ii  libgtk2.0-0  2.24.25-3
ii  libgudev-1.0-0   215-12
ii  libice6  2:1.0.9-1+b1
ii  libjasper1   1.900.1-debian1-2.4
ii  libjpeg62-turbo  1:1.3.1-11+deb7u1
ii  liblcms2-2   2.6-3+b3
ii  libmng1  1.0.10+dfsg-3.1+b3
ii  libpango-1.0-0   1.36.8-3
ii  libpangocairo-1.0-0  1.36.8-3
ii  libpangoft2-1.0-01.36.8-3
ii  libpng12-0   1.2.50-2+b2
ii  libpoppler-glib8 0.26.5-2
ii  librsvg2-2   2.40.5-1
ii  libsm6   2:1.2.2-1+b1
ii  libtiff5 4.0.3-12.1
ii  libwmf0.2-7  0.2.8.4-10.3+b2
ii  libx11-6 2:1.6.2-3
ii  libxcursor1  1:1.1.14-1+b1
ii  libxext6 2:1.3.3-1
ii  libxfixes3   1:5.0.1-2+b2
ii  libxmu6  2:1.1.2-1
ii  libxpm4  1:3.5.11-1+b1
ii  libxt6   1:1.1.4-1+b1
ii  python-gtk2  2.24.0-4
ii  python2.72.7.9-2
pn  python:any   
ii  zlib1g   1:1.2.8.dfsg-2+b1

Versions of packages gimp recommends:
ii  ghostscript  9.06~dfsg-2

Versions of packages gimp suggests:
pn  gimp-data-extras  
pn  gimp-help-en | gimp-help  
pn  gvfs-backends 
ii  libasound21.0.28-1

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780295: linux-image-3.19.0-trunk-amd64: net bridge devices no longer brought up correctly

[Christoph Anton Mitterer]

On Fri, 2015-03-13 at 09:29 +0100, Bastian Blank wrote: 
> How is vibr1 defined in /etc/network/interfaces?
Not at all, actually I still have many interfaces defined there (even
though non of them is used since NM is broken), but only the normal
eth/wlan stuff.

Normally, libvirtd should dynamically set these ifaces up.


> > What happens is apparently the following:
> > The tun modules is not (no longer?) auto-loaded by the kernel
> > and a vibrX device is set up but not fully working.
> So this is actually a missing error cleanup somewhere.
Well not sure,.. right after booting, none of these unconfigured vibrX
devices exist, only when I start them via libvirtd,... but then they
already fail to come up (unless I've manually loaded tun before) 


> No, it is not a problem with the kernel.  The ability to autoload
> modules was restricted as it was the source of nasty surprises.
So auto-loading tun was actually removed somewhere between 3.16 and .19?

So then we should probably reassign this to libvirtd (or dnsmasq)?


Cheers,
Chris.


smime.p7s
Description: S/MIME cryptographic signature

Bug#649106: syncid 'fix' breaks state sync in init script completely

[Alexander Wirt]

On Fri, 13 Mar 2015, Hans van Kranenburg wrote:

> On 03/13/2015 10:53 AM, Alexander Wirt wrote:
> >I am pretty sure I tested it somehow, however I don't use ipvsadm in daemon
> >mode as I think it is pretty useless without a manager.
> 
> I use keepalived to set the rules and do health checking, but don't use
> keepalived for managing the state sync processes.
> 
> When using keepalived for this, it will start and stop those on a reload,
> restart, failover etc, which means that part of the state sync info just
> gets lost. If I want to reconfigure my backup lvs director, shut down
> keepalived there, reconfigure it etc etc, the receiving sync thread is
> turned off, and I cannot properly fail over to it in order to work on the
> other end.
> 
> By enabling the sync state processes in "both" mode, using the ipvsadm init
> script, results in a situation where the sending and receiving of
> information just always happens. Also, active/active is probably possible
> (don't use it now), where part of my IP addresses are on one director and
> part are on another.
> 
> >Also your facts are
> >wrong, it is possible to get critical fixes into jessie. I will give it a
> >try.
> 
> That would be awesome, thanks.
Would you mind to test the attached patch?

Thanks
Alex

diff -ruN /tmp/ipvsadm-1.26/debian/ipvsadm.init ipvsadm-1.26/debian/ipvsadm.init
--- /tmp/ipvsadm-1.26/debian/ipvsadm.init   2014-02-11 08:27:01.0 
+0100
+++ ipvsadm-1.26/debian/ipvsadm.init2015-03-13 13:06:27.641483006 +0100
@@ -29,16 +29,16 @@
 case $DAEMON in
master|backup)
log_daemon_msg "Starting IPVS Connection Synchronization Daemon" 
"$DAEMON"
-   $IPVSADM --syncid $SYNCID --start-daemon $DAEMON --mcast-interface \
+   $IPVSADM --start-daemon $DAEMON --mcast-interface \
 $IFACE --syncid $SYNCID || log_end_msg 1
log_end_msg 0
;;
both)
log_daemon_msg "Starting IPVS Connection Synchronization Daemon" 
"master"
-   $IPVSADM --syncid $SYNCID --start-daemon master --mcast-interface \
-$IFACE --syncid $SYNCID  || FAILURE=1
+   $IPVSADM --start-daemon master --mcast-interface \
+$IFACE --syncid $SYNCID || FAILURE=1
log_progress_msg "backup"
-   $IPVSADM --syncid $SYNCID --start-daemon backup --mcast-interface \
+   $IPVSADM --start-daemon backup --mcast-interface \
 $IFACE --syncid $SYNCID || FAILURE=1
if [ "$FAILURE" -eq 1 ]
then

Bug#780402: unblock: libssh2/1.4.3-4.1

[Salvatore Bonaccorso]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi Release Team,

Please unblock package libssh2. It fixes CVE-2015-1782, #780249 in the
BTS. The changelog entry reads as:

>libssh2 (1.4.3-4.1) unstable; urgency=high
>
>  * Non-maintainer upload by the Security Team.
>  * Add 0003-CVE-2015-1782.patch.
>CVE-2015-1782: Using SSH_MSG_KEXINIT data unbounded. (Closes: #780249)
>
> -- Salvatore Bonaccorso   Wed, 11 Mar 2015 12:08:30 +0100

Attached is as well the full debdiff.

unblock libssh2/1.4.3-4.1

Regards and thanks in advance!

Salvatore
diff -Nru libssh2-1.4.3/debian/changelog libssh2-1.4.3/debian/changelog
--- libssh2-1.4.3/debian/changelog	2014-09-03 15:52:17.0 +0200
+++ libssh2-1.4.3/debian/changelog	2015-03-11 12:13:08.0 +0100
@@ -1,3 +1,11 @@
+libssh2 (1.4.3-4.1) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Add 0003-CVE-2015-1782.patch.
+CVE-2015-1782: Using SSH_MSG_KEXINIT data unbounded. (Closes: #780249)
+
+ -- Salvatore Bonaccorso   Wed, 11 Mar 2015 12:08:30 +0100
+
 libssh2 (1.4.3-4) unstable; urgency=low
 
   * Update description to mention SFTPv5 support
diff -Nru libssh2-1.4.3/debian/patches/0003-CVE-2015-1782.patch libssh2-1.4.3/debian/patches/0003-CVE-2015-1782.patch
--- libssh2-1.4.3/debian/patches/0003-CVE-2015-1782.patch	1970-01-01 01:00:00.0 +0100
+++ libssh2-1.4.3/debian/patches/0003-CVE-2015-1782.patch	2015-03-11 12:13:08.0 +0100
@@ -0,0 +1,111 @@
+From c7f66cca285033da9b8c9de8eceff52d7b3c3ef3 Mon Sep 17 00:00:00 2001
+From: Mariusz Ziulek 
+Date: Sat, 21 Feb 2015 23:31:36 +0100
+Subject: [PATCH] kex: bail out on rubbish in the incoming packet
+
+---
+ src/kex.c | 73 +++
+ 1 file changed, 41 insertions(+), 32 deletions(-)
+
+diff --git a/src/kex.c b/src/kex.c
+index fa4c4e1..ad7498a 100644
+--- a/src/kex.c
 b/src/kex.c
+@@ -1547,10 +1547,34 @@ static int kex_agree_comp(LIBSSH2_SESSION *session,
+ 
+ /* TODO: When in server mode we need to turn this logic on its head
+  * The Client gets to make the final call on "agreed methods"
+  */
+ 
++/*
++ * kex_string_pair() extracts a string from the packet and makes sure it fits
++ * within the given packet.
++ */
++static int kex_string_pair(unsigned char **sp,   /* parsing position */
++   unsigned char *data,  /* start pointer to packet */
++   size_t data_len,  /* size of total packet */
++   size_t *lenp, /* length of the string */
++   unsigned char **strp) /* pointer to string start */
++{
++unsigned char *s = *sp;
++*lenp = _libssh2_ntohu32(s);
++
++/* the length of the string must fit within the current pointer and the
++   end of the packet */
++if (*lenp > (data_len - (s - data) -4))
++return 1;
++*strp = s + 4;
++s += 4 + *lenp;
++
++*sp = s;
++return 0;
++}
++
+ /* kex_agree_methods
+  * Decide which specific method to use of the methods offered by each party
+  */
+ static int kex_agree_methods(LIBSSH2_SESSION * session, unsigned char *data,
+  unsigned data_len)
+@@ -1566,42 +1590,27 @@ static int kex_agree_methods(LIBSSH2_SESSION * session, unsigned char *data,
+ 
+ /* Skip cookie, don't worry, it's preserved in the kexinit field */
+ s += 16;
+ 
+ /* Locate each string */
+-kex_len = _libssh2_ntohu32(s);
+-kex = s + 4;
+-s += 4 + kex_len;
+-hostkey_len = _libssh2_ntohu32(s);
+-hostkey = s + 4;
+-s += 4 + hostkey_len;
+-crypt_cs_len = _libssh2_ntohu32(s);
+-crypt_cs = s + 4;
+-s += 4 + crypt_cs_len;
+-crypt_sc_len = _libssh2_ntohu32(s);
+-crypt_sc = s + 4;
+-s += 4 + crypt_sc_len;
+-mac_cs_len = _libssh2_ntohu32(s);
+-mac_cs = s + 4;
+-s += 4 + mac_cs_len;
+-mac_sc_len = _libssh2_ntohu32(s);
+-mac_sc = s + 4;
+-s += 4 + mac_sc_len;
+-comp_cs_len = _libssh2_ntohu32(s);
+-comp_cs = s + 4;
+-s += 4 + comp_cs_len;
+-comp_sc_len = _libssh2_ntohu32(s);
+-comp_sc = s + 4;
+-#if 0
+-s += 4 + comp_sc_len;
+-lang_cs_len = _libssh2_ntohu32(s);
+-lang_cs = s + 4;
+-s += 4 + lang_cs_len;
+-lang_sc_len = _libssh2_ntohu32(s);
+-lang_sc = s + 4;
+-s += 4 + lang_sc_len;
+-#endif
++if(kex_string_pair(&s, data, data_len, &kex_len, &kex))
++   return -1;
++if(kex_string_pair(&s, data, data_len, &hostkey_len, &hostkey))
++   return -1;
++if(kex_string_pair(&s, data, data_len, &crypt_cs_len, &crypt_cs))
++   return -1;
++if(kex_string_pair(&s, data, data_len, &crypt_sc_len, &crypt_sc))
++   return -1;
++if(kex_string_pair(&s, data, data_len, &mac_cs_len, &mac_cs))
++   return -1;
++if(kex_string_pair(&s, data, data_len, &mac_sc_len, &mac_sc))
++   return -1;
++if(kex_string_pair(&s, data, data_

Bug#779918: kdenlive: Effects are not localized

[Patrick Matthäi]

found #779918 0.9.10-2
notfound #779918 0.9.10-neptune3
thanks

Hi,

is this reported and fixed @ upstream?

Am 06.03.2015 um 13:35 schrieb Leszek Lesner:

Package: kdenlive
Version: 0.9.10-neptune3
Severity: important
Tags: upstream

The kdenlive in upstream is shipping broken localizations that do not localize
effects anymore.

We fixed it for Neptune and want to provide our upstream (Debian) with the
patch that can be found here:
https://github.com/NeptuneOS/kde-patches/tree/master/kdenlive



-- System Information:
Debian Release: 7.8
   APT prefers stable
   APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.3 (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages kdenlive depends on:
ii  kde-runtime   4:4.13.0-neptune6
ii  kdenlive-data 0.9.10-neptune3
ii  libav-tools   6:10.1-1~bpo70+1neptune1
ii  libc6 2.13-38+deb7u8
ii  libgcc1   1:4.7.2-5
ii  libgl1-mesa-glx [libgl1]  9.2.2-1neptune1
ii  libglu1-mesa [libglu1]8.0.5-4+deb7u2
ii  libice6   2:1.0.8-2
ii  libkdecore5   4:4.14.3-neptune2
ii  libkdeui5 4:4.14.3-neptune2
ii  libkio5   4:4.14.3-neptune2
ii  libknewstuff3-4   4:4.14.3-neptune2
ii  libknotifyconfig4 4:4.14.3-neptune2
ii  libkrossui4   4:4.14.3-neptune2
ii  libmlt++3 0.9.2+git20141027-1neptune1
ii  libmlt6   0.9.2+git20141027-1neptune1
ii  libnepomukcore4abi1   4:4.13.0-neptune1
ii  libqjson0 0.8.1-1
ii  libqt4-dbus   4:4.8.2+dfsg-11
ii  libqt4-network4:4.8.2+dfsg-11
ii  libqt4-opengl 4:4.8.2+dfsg-11
ii  libqt4-script 4:4.8.2+dfsg-11
ii  libqt4-svg4:4.8.2+dfsg-11
ii  libqt4-xml4:4.8.2+dfsg-11
ii  libqtcore44:4.8.2+dfsg-11
ii  libqtgui4 4:4.8.2+dfsg-11
ii  libsm62:1.2.1-2
ii  libsolid4 4:4.14.3-neptune2
ii  libsoprano4   2.9.3+dfsg1-0neptune1
ii  libstdc++64.7.2-5
ii  libv4l-0  0.8.8-3
ii  libx11-6  2:1.5.0-1+deb7u1
ii  libxau6   1:1.0.7-1
ii  libxdmcp6 1:1.1.1-1
ii  libxext6  2:1.3.1-2+deb7u1
ii  libxft2   2.3.1-1
ii  libxpm4   1:3.5.10-1
ii  melt  0.9.2+git20141027-1neptune1

Versions of packages kdenlive recommends:
ii  dvdauthor0.7.0-1.1+b2
ii  dvgrab   3.5-2
ii  frei0r-plugins   1.1.22git20091109-1.2
ii  genisoimage  9:1.1.11-2
ii  recordmydesktop  0.3.8.1+svn602-1+b1
ii  swh-plugins  0.4.15+1-6

Versions of packages kdenlive suggests:
ii  khelpcenter4  4:4.13.0-neptune6

-- no debconf information


--
/*
Mit freundlichem Gruß / With kind regards,
 Patrick Matthäi
 GNU/Linux Debian Developer

  Blog: http://www.linux-dev.org/
E-Mail: pmatth...@debian.org
patr...@linux-dev.org
*/


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780237: unblock: ifupdown/0.7.53

[Andrew Shadura]

Hi,

I'm really sorry, I uploaded a wrong thing. 0.7.53.1 is what should
really be unblocked.

-- 
Cheers,
  Andrew


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780403: debian-policy: Define what should happen when installing a package and the init script fails to start it

[Ivan Baldo]

Package: debian-policy
Severity: wishlist

  What should happen if installing a package and then when it tries to start
its service it fails?
  Currently the most common behaviour seems to be that the installation fails.
  But is that the best outcome?
  What if the sysadmin has a reverse proxy listening on port 80 and then
decides to install Apache or Nginx?
  The init script fails until it changes the port to 8080 for example, but
shouldn't the package just install fine anyway?
  It could be said that a failure to startup is not a failure to install; the
package is installed fine but configured wrong.
  What if one wants to install Nginx as a frontend to static files and delegate
dynamic pages to Apache?
  Maybe for the sake of flexibility and not so standard setups, init script
failure could be defined to not cause install failure.
  For example, change this in postinst:
invoke-rc.d  start || exit $?
to this:
invoke-rc.d  start || true
  See for example:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779825
  Thanks for considering!
  Have a good day.



-- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=es_UY.UTF-8, LC_CTYPE=es_UY.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780334: please provide normal lib (with SOVERSION) and lib-dev packages for the libs

[Michael Tokarev]

Thank you for the reply.

Can you believe I tried to search for similar bugs,
but overlooked the already existing bug, #630147?.. ;)

Maybe it's better to keep it open+wontfix than closed+wontfix,
so that it will be easier to find -- either this one or #630147?

13.03.2015 12:17, Patrick Matthäi wrote:
> Hi,
> 
> this was changed with 3.2.1-1, see #630147
> Upstream will not follow the standards of the library versioning schema, so 
> it is not possible to maintain it in this way in Debian.

Ok, that makes sense, especially since it is an internal library.

> If you need to build-depend on it, than you have to use the -common package,
> but with the changes made in #630147 I also wanted to say (and that is 
> conform):
> better do not use this package as b-d.

And this is something I don't understand.  In my case (see #775431), the
question is about adding glusterfs to qemu packages.  Qemu can use glusterfs,
but it needs headers and libs (I'm not sure if it really needs libs, at least
the configure script sets up GLUSTERFS_LIBS and uses it for linking).  If
this package is better NOT to be used as b-d, and if these libs are for
internal use only, what to do?

Thanks,

/mjt


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780334: please provide normal lib (with SOVERSION) and lib-dev packages for the libs

[Patrick Matthäi]

Am 13.03.2015 um 13:32 schrieb Michael Tokarev:

Thank you for the reply.

Can you believe I tried to search for similar bugs,
but overlooked the already existing bug, #630147?.. ;)


No problem :)



Maybe it's better to keep it open+wontfix than closed+wontfix,
so that it will be easier to find -- either this one or #630147?


Then the bug is marked as "open" in all overviews and I do not like it :D



13.03.2015 12:17, Patrick Matthäi wrote:

Hi,

this was changed with 3.2.1-1, see #630147
Upstream will not follow the standards of the library versioning schema, so it 
is not possible to maintain it in this way in Debian.

Ok, that makes sense, especially since it is an internal library.


If you need to build-depend on it, than you have to use the -common package,
but with the changes made in #630147 I also wanted to say (and that is conform):
better do not use this package as b-d.

And this is something I don't understand.  In my case (see #775431), the
question is about adding glusterfs to qemu packages.  Qemu can use glusterfs,
but it needs headers and libs (I'm not sure if it really needs libs, at least
the configure script sets up GLUSTERFS_LIBS and uses it for linking).  If
this package is better NOT to be used as b-d, and if these libs are for
internal use only, what to do?

Thanks,

/mjt


--
/*
Mit freundlichem Gruß / With kind regards,
 Patrick Matthäi
 GNU/Linux Debian Developer

  Blog: http://www.linux-dev.org/
E-Mail: pmatth...@debian.org
patr...@linux-dev.org
*/


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#761149: debsources: allow redirects to package versions based on suite/codename

[Jason Pleau]

Updated patches to use the latest testdata commit

Cheers

Jason
>From 16d72a6e13a6cada34215dda3a6d4946a772f232 Mon Sep 17 00:00:00 2001
From: Jason Pleau 
Date: Sun, 16 Nov 2014 11:27:43 -0500
Subject: [PATCH 1/2] allow redirects to package versions based on
 suite/codename

We now check for suite names to redirect to a specific version. If package foo
has version 1.5-1 in sid, going to /src/foo/sid will display as if we went to
/src/foo/1.5-1.

How this works: If we go to /src/foo/sid for example, we iterate through
the package's (foo) suites. If we find 'sid', we simply handle the
request as if it was /src/foo/1.5-1.

This commit also adds a "suites_aliases" table which let us setup aliases to
suites (ie: unstable->sid, testing->jessie). I have also updated the
"updater.py" script to also auto-generate those aliases, by parsing the
symlinks in the dists/ folders.

When a user requests /src/foo/unstable, it will lookup the suites_aliases
table and check if this alias is mapped to a suite. If yes, it will handle
the request as if the user requested that particular suite (in this case,
/src/foo/sid). Which in turns would handle it as if it was /src/foo1.5-1.
(taking the example above)
---
 debsources/app/sources/views.py   | 19 ++-
 debsources/debmirror.py   | 24 
 debsources/migrate/007-to-008.sql | 10 ++
 debsources/models.py  | 18 +++---
 debsources/tests/test_webapp.py   | 10 ++
 debsources/updater.py | 14 ++
 6 files changed, 87 insertions(+), 8 deletions(-)
 create mode 100644 debsources/migrate/007-to-008.sql

diff --git a/debsources/app/sources/views.py b/debsources/app/sources/views.py
index e6c6bf1..21b5770 100644
--- a/debsources/app/sources/views.py
+++ b/debsources/app/sources/views.py
@@ -10,7 +10,8 @@ from debsources.excepts import (
 from debsources.consts import SLOCCOUNT_LANGUAGES
 from debsources import statistics
 from debsources.models import (
-PackageName, SourceFile, Checksum, Directory, Location, SuiteInfo)
+PackageName, SourceFile, Checksum, Directory, Location, SuiteInfo,
+SuiteAlias)
 
 from ..views import GeneralView, app, session
 from ..extract_stats import extract_stats
@@ -305,4 +306,20 @@ class SourceView(GeneralView):
 if version == "latest":  # we search the latest available version
 return self._handle_latest_version(package, path)
 else:
+# Check if an alias was used. If positive, handle the request
+# as if the suite was used instead of the alias
+check_for_alias = session.query(SuiteAlias) \
+.filter(SuiteAlias.alias == version).first()
+if check_for_alias:
+version = check_for_alias.suite
+try:
+versions_w_suites = PackageName.list_versions_w_suites(
+session, package)
+except InvalidPackageOrVersionError:
+raise Http404Error("%s not found" % package)
+for version_suite in versions_w_suites:
+if version in version_suite['suites']:
+return self._render_location(
+package, version_suite['version'], path)
+
 return self._render_location(package, version, path)
diff --git a/debsources/debmirror.py b/debsources/debmirror.py
index 0ce81ba..a8cfa1a 100644
--- a/debsources/debmirror.py
+++ b/debsources/debmirror.py
@@ -273,6 +273,30 @@ class SourceMirror(object):
 
 return suites
 
+def ls_suites_with_aliases(self):
+""" list suites, as well as their aliases
+
+Return value: { suite: [aliases] }
+Example: { sid: [unstable], jessie: [testing] }
+
+"""
+suites = {}
+
+def add_suite(suite):
+if suite not in suites:
+suites[suite] = []
+
+for f in os.listdir(self._dists_dir):
+path = os.path.join(self._dists_dir, f)
+if os.path.isdir(path):
+if not os.path.islink(path):
+add_suite(f)
+else:
+add_suite(os.readlink(path))
+suites[os.readlink(path)].append(f)
+
+return suites
+
 
 class SourceMirrorArchive(SourceMirror):
 """Handle for a local Debian source mirror archive, i.e. a mirror of
diff --git a/debsources/migrate/007-to-008.sql b/debsources/migrate/007-to-008.sql
new file mode 100644
index 000..ba647c7
--- /dev/null
+++ b/debsources/migrate/007-to-008.sql
@@ -0,0 +1,10 @@
+CREATE TABLE suites_aliases (
+  alias VARCHAR NOT NULL,
+  suite VARCHAR NOT NULL,
+  CONSTRAINT suites_aliases_alias_suite_key 
+UNIQUE(alias),
+  CONSTRAINT suites_aliases_suite_fkey
+FOREIGN KEY (suite) REFERENCES suites_info(name)
+ON DELETE CASCADE,
+  PRIMARY KEY (alias, suite)
+);
diff --git a/debsourc

Bug#780404: icedove/ppc: Compile-time page size does not divide the runtime one.

[Adi Kriegisch]

Package: icedove
Version: 31.5.0-1

Hi!

(I am very sorry, I missed reporting this issue earlier as I did for
iceweasel in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763900)

When starting icedove on Jessie on an iMac G5, I get the following message:
  | Compile-time page size does not divide the runtime one.
  | Segmentation fault

This can be fixed with the following patch:
--- a/mozilla/memory/mozjemalloc/jemalloc.c 2014-08-25
15:17:22.0 +0200
+++ b/mozilla/memory/mozjemalloc/jemalloc.c 2014-10-03
11:30:51.183346370 +0200
@@ -1088,7 +1088,7 @@
  * controlling the malloc behavior are defined as compile-time constants
  * for best performance and cannot be altered at runtime.
  */
-#if !defined(__ia64__) && !defined(__sparc__) && !defined(__mips__)
+#if !defined(__ia64__) && !defined(__sparc__) && !defined(__mips__) &&
!defined(__powerpc__)
 #define MALLOC_STATIC_SIZES 1
 #endif

Hope, this still makes it into Jessie!

-- Adi


signature.asc
Description: Digital signature

Bug#780369: libxml-libxml-perl: Segmentation fault (and others) when using replaceNode()

[Manfred Stock]

Hi,

On Thu, Mar 12, 2015 at 09:37:54PM +0100, Manfred Stock wrote:
> When I remove the comment sign from '$doc2->adoptNode($node);', I'm not able 
> to
> reproduce the issue anymore. Doing an importNode() instead does not solve the
> issue (which would also be kind-of surprising, as this most likely already 
> gets
> done according to the XML::LibXML::Node documentation). So using adoptNode()
> might be a workaround (maybe actually the proper way to do this, but as far as
> I read and understood the documentation, it should not be necessary - and, in
> my opinion, certainly should not result in a segfault when running a Perl
> script when it is not done...).

please ignore the part about this being a workaround ;). While trying
this in the
actual code base, I noticed that it does not really help. Then I
realized that I was
doing the adoptNode() the wrong way around in the example, which certainly did
not have the intended effect as it resulted in a different output
document. The call
should actually read
$doc->adoptNode($new_node);
instead of
$doc2->adoptNode($node);

In the meantime, I quickly tried the test script on FreeBSD 9.3, with
Perl 5.18.4,
libxml2 2.9.2_2, p5-XML-LibXML 2.0118,1, but so far have not noticed
any crashes.

Best regards
Manfred


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#776911: gnome-shell: fails to start on i386 when [Mesa was] built with llvm-3.5

[Simon McVittie]

Control: unmerge 775235
Control: retitle 775235 gnome-shell: fails to start on i386 when Mesa was built 
with llvm-3.5
Control: reassign 775235 libgl1-mesa-dri
Control: retitle 770130 gnome-shell: crashes with "Failed to create texture 2d" 
after "[drm:i8xx_irq_handler] *ERROR* pipe A underrun"

On 09/03/15 20:57, Julien Cristau wrote:
> On Thu, Feb 26, 2015 at 08:54:10 +, Simon McVittie wrote:
>> Context for Mesa maintainers: #775235 is that gnome-shell crashes in
>> an i386 VM with its default choice of emulated CPU, with
>> "LLVM ERROR: Do not know how to split the result of this operator!".

I think this should go to Mesa. There are two potential patches,
both tested by Bernhard Übelacker, with 

go back to llvm-3.4:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775235#15

or apply an unmerged patch:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775235#32

>> The merged bug #770130 is that gnome-shell crashes on an unknown i386
>> (probably relatively old, since it has 82830M/MG integrated graphics,
>> which Wikipedia says is a Pentium III-M chipset) with
>> "Cogl-ERROR **: Failed to create texture 2d due to size/format constraints".
>> Oddly, this only happens for non-power-of-two textures in the gnome-shell
>> run by the actual user, not by the gnome-shell used for the gdm login
>> prompt (even though both use non-power-of-two textures). Michael Gilbert
>> merged this with #775235 and #776911 without comment; I'm not sure of
>> the reasoning for believing that #775235 and #770130 is the same thing.
>>
>> The other merged bug #776911 is that gnome-shell crashes on an
>> unknown i386 with "Cogl-ERROR **: Failed to create texture 2d due to
>> size/format constraints"; that looks like the same thing as #770130.

I can reproduce symptoms similar to these on a slightly newer machine
(Pentium IV) and have filed an xserver-xorg-video-intel bug with full
logs. These two should maybe be merged with that bug, but I'll leave
that to the X maintainers.

This is on hardware about a decade old, so I don't think it should
realistically be RC: I filed my new bug as "normal".

Regards,
S


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780240: libgphoto2-port10: Wrong transition package for ABI changing library

[Andreas Beckmann]

On 2015-03-12 20:33, Herbert Parentes Fortes Neto (hpfn) wrote:
> I made the new debian package. 2.5.7-2. And uploaded to mentors.
> No transitional package.
> 
> Can you take a look ?
> 
> link: http://mentors.debian.net/package/libgphoto2

diff looks good, minor nitpicking:

+  * fix wrong trasitional package libgphoto2-port10. (Closes: #780240)
+Thanks Guillem Jover and Andreas Beckmann.

+  * Removed the libgphoto2_port.so.1o symlink.
   
typo: 10

+  * debian/control: libgphoto2-port10 removed.
+For libgphoto-port12:

typo: gphoto2

+Breaks: libgphoto2-port10 (>= 2.5.7)
+Replaces: libgphoto2-port10 (>= 2.5.7)

+Removed Vcs* fields.

Why? Going non-Vcs does not sound sensible.


Andreas


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780391: Addition note

[Mikael Flood]

Hello again,

A colleague pointed out bug 762984 is likely related.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762984

-- 
//Yours sincerely Mikael Flood

Bug#780344: ffmpeg: encoding broken source is a success

[Andreas Cadhalpun]

Hi Michal,

On 13.03.2015 11:54, Michal Suchanek wrote:
> I think that by default errors should lead to non-zero return value even
> if output can be produced. Such output can also contain errors and
> cannot be considered valid unless checked by the user. However, if this
> is weird upstream design decision Debian is not the place to change that.

I don't think it's so weird, because if ffmpeg created a file it should have
no errors in the sense that a player can play it just fine.

> Unfortunately, the option to report errors does not seem to be
> documented. After some grepping of the man page I get no relevant
> results.

At least it's mentioned in the long help output:
$ ffmpeg --help long 2>&1 | grep xerror
-xerror error   exit on error

> Also it does not change the fact that encoding broken source may result
> in success.
> 
> $ ffmpeg -xerror -v warning -i 
> /scratch/dwhelper/Mill_CPU_for_Humans_-_Part_2.mp4 -f null /dev/null ; echo $?
> [null @ 0x264f8c0] Encoder did not produce proper pts, making some up.
> [h264 @ 0x26096e0] AVC: nal size 5421
> Last message repeated 1 times
> [h264 @ 0x26096e0] no frame!
> 0

This option works here, i.e. it changes the return code to 1, if decoding
a part of the input file failed.
It seems your file is not broken enough...
Can you share it, so that I can have a look at why '-xerror' doesn't make
a difference?

Best regards,
Andreas


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780391: initramfs-tools: Boot drops to initramfs if usr as /dev/vg0/usr in fstab

[Ben Hutchings]

Control: reassign -1 lvm2
Control: forcemerge 780319 -1

On Fri, 2015-03-13 at 09:55 +0100, Mikael Flood wrote:
> Package: initramfs-tools
> Version: 0.119
> Severity: normal
> 
> Dear Maintainer,
> 
>* What led up to the situation?
> 
> Upgrade to initramfs-tools 0.119 with /usr specified as /dev/vg0/usr in 
> /etc/fstab.
> 
>* What exactly did you do (or not do) that was effective (or
>  ineffective)?
> 
> * downgrade to initramfs-tools 0.116 works.
> 
> * change /dev/vg0/usr to /dev/mapper/vg0-usr in /etc/fstab with
> update-initramfs -u works.
> 
> * boot before change in fstab works with vgchange -ay and ctrl +d to
> continue booting.
> 
>* What outcome did you expect instead?
> 
> Should LVM-volume names not work as both /dev// and
> /dev/mapper// as before?

I'm not sure.  This has never worked for root.  But we do need to handle
upgrades properly, whether by supporting this format, editing
/etc/fstab, or in the worst case warning the user.

Ben.

-- 
Ben Hutchings
If the facts do not conform to your theory, they must be disposed of.


signature.asc
Description: This is a digitally signed message part

Bug#780240: libgphoto2-port10: Wrong transition package for ABI changing library

[Andreas Beckmann]

Hi,

maybe it's even time to remove the old transitional libgphoto2-2-dev
package? (libsane-dev seems to be the only package still having a
dependency on the old transitional one)

Andreas


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780405: unblock: mate-settings-daemon/1.8.2-4

[Mike Gabriel]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package mate-settings-daemon

+  * debian/changelog:
++ Fix typo in previous changelog stanza.

Tststs... silly me (see attached .debdiff).

+  * debian/patches:
++ 0003_fix-unsafe-access-to-list-elements-in-background-plugin.patch.
+  Prevent mate-settings-daemon and thus MATE desktop from crashing (e.g.)
+  during screen size changes or screen configuration changes. (Closes:
+  #780399, LP:#1430204).

Our bug hunter (Vlad) is an awesome guy, unfortunately coming up with
more and more severe issues everyday. This issue is important to people
using MATE and changing their background size / screen configuration
(connecting a beamer etc.) in certain situation.

As the patch in this upload fixes a crash of mate-settings-daemon, I
already uploaded the package.

light+love,
Mike

unblock mate-settings-daemon/1.8.2-4

-- System Information:
Debian Release: 8.0
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780139: CVE-2015-0885

[Salvatore Bonaccorso]

Hi

The following can be done to verify the issue: Install both qmail and
checkpw.

# qmail-popup sid /usr/bin/checkpw id
+OK <20138.1426255113@sid>
user foo--bar
+OK 
pass foobar

now checkpw on the host will enter an infinite loop consuming cpu
ressources.

Regards,
Salvatore


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780407: netfilter-persistent: boot continues if netfilter-persistent fails

[Jann]

Package: netfilter-persistent
Version: 1.0.3
Severity: grave
Tags: security
Justification: user security hole

If netfilter-persistent or one of its dependencies fails to load,
system boot continues normally with a wide-open netfilter
configuration. IMO, this should fail secure: If the firewall can't
be brought up, at least networking should not be brought up either.

In my case, netfilter was not brought up because the "lp" module was
not present in the custom kernel I'm using, causing
systemd-modules-load to fail. These are the relevant syslog lines:

Mar 11 17:51:00 pc systemd-modules-load[307]: Failed to find module 'lp'
Mar 11 17:51:00 pc systemd-modules-load[307]: Module 'ppdev' is builtin
Mar 11 17:51:00 pc systemd-modules-load[307]: Module 'parport_pc' is builtin
Mar 11 17:51:00 pc systemd-modules-load[307]: Module 'fuse' is builtin
Mar 11 17:51:00 pc systemd[1]: systemd-modules-load.service: main process 
exited, code=exited, status=1/FAILURE
Mar 11 17:51:00 pc systemd[1]: Failed to start Load Kernel Modules.
Mar 11 17:51:00 pc systemd[1]: Dependency failed for netfilter persistent 
configuration.
Mar 11 17:51:00 pc systemd[1]: Unit systemd-modules-load.service entered failed 
state.

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.18.6jann (SMP w/8 CPU cores; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages netfilter-persistent depends on:
ii  init-system-helpers  1.22
ii  lsb-base 4.1+Debian13+nmu1

netfilter-persistent recommends no packages.

netfilter-persistent suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780373: Add the ability to set preferred auto IM by locale

[Osamu Aoki]

Hi,

I think it is good timing to design a new functionality for the 
post-release :-)

On Fri, Mar 13, 2015 at 05:11:25PM +0800, Aron Xu wrote:
> Updated patch, really filters out commented lines.
> 
> I'm thinking whether we want to make it a conffile, so local
> administrator can override it themselves, what do you think?

Yes.  Overridability is the *required* feature for the new im-config
functionality.  But why not make existance of
/etc/im-config/locale_prefs overrides /usr/share/im-config/locale_prefs
or something similar.  /etc/* are all conffiles without decaring them.

> From 5fb66297a70e4afcfcb1c9893fc8e660da397aaf Mon Sep 17 00:00:00 2001
> From: Aron Xu 
> Date: Fri, 13 Mar 2015 04:25:58 +0800
> Subject: [PATCH] Add the ability to set preferred auto IM by locale
> 
> Users of different locales may have their preferred default IM,
> this adds the ability of setting an IM that's preferred when
> "auto" is selected (which is the default), managed by locale.

Let's not change the existing behavior of "auto".  It may be registered
in use's ~/.xinputrc.
Let's add a new mode such as "autolocale" and set it as the new default
in the /etc/defaulkt/im-config .

I guess you are thinking to set like, e.g.:
/etc/im-config/locale_prefs
en_US ibus
ja_JP uim
zh_CN fcitx

Then, I wonder why not have another entry in /etc/default/im-config
specifying this new "autolocale" setting and not to introduce a new
configuration file.

IM_CONFIG_DEFAULT_MODE=auto
IM_CONFIG_AUTOLOCALE="en_US,ibus:ja_JP,uim:zh_CN,fcitx:*,auto"

Regards,

Osamu


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#772963: new release-notes CSS looks really good

[Osamu Aoki]

Hi,

On Tue, Mar 10, 2015 at 03:12:26PM +0100, Holger Levsen wrote:
> Hi,
> 
> I just noticed the new CSS for the release-notes and am very happy how nicely 
> it looks now! Kudos and thanks for your work!

I agree.

If I find time, I will copy this to maint-guide etc. which uses older
version of cellphone friendly CSS.

Osamu


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780408: Please package latest upstream

[Julien Puydt]

Package: ipython
Severity: wishlist

Hi,

ipython 3 is available ; could you package it? I know there's a freeze, 
but an upload in experimental would still make it available.


Thanks,

Snark on #debian-science


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780139: checkpw: diff for NMU version 1.02-1.1

[Salvatore Bonaccorso]

Control: tags 780139 + pending

Hi Gerrit,

I've prepared an NMU for checkpw (versioned as 1.02-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards,
Salvatore
diff -u checkpw-1.02/debian/changelog checkpw-1.02/debian/changelog
--- checkpw-1.02/debian/changelog
+++ checkpw-1.02/debian/changelog
@@ -1,3 +1,10 @@
+checkpw (1.02-1.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * CVE-2015-0885: Fix denial of service via -- in usernames (Closes: #780139)
+
+ -- Salvatore Bonaccorso   Fri, 13 Mar 2015 14:49:55 +0100
+
 checkpw (1.02-1) unstable; urgency=low
 
   * new upstream point release.
only in patch2:
unchanged:
--- checkpw-1.02.orig/checkapoppw.c
+++ checkpw-1.02/checkapoppw.c
@@ -85,7 +85,7 @@
 pw = getpwnam(login);
 if (pw) break;
 if (errno == error_txtbsy) die(111);
-for (; ext != login && *ext != '-'; --ext);
+do {--ext;} while (ext != login && *ext != '-');
 if (ext == login) die(1);
 if (i) login[i] = '-';
 i = ext - login;
only in patch2:
unchanged:
--- checkpw-1.02.orig/checkpw.c
+++ checkpw-1.02/checkpw.c
@@ -71,7 +71,7 @@
 pw = getpwnam(login);
 if (pw) break;
 if (errno == error_txtbsy) die(111);
-for (; ext != login && *ext != '-'; --ext);
+do {--ext;} while (ext != login && *ext != '-');
 if (ext == login) die(1);
 if (i) login[i] = '-';
 i = ext - login;

Bug#649106: syncid 'fix' breaks state sync in init script completely

[Hans van Kranenburg]

On 03/13/2015 01:09 PM, Alexander Wirt wrote:

Would you mind to test the attached patch?


Yes.

Without the patch I see the 'ipvsadm -h' errors and on stop even weird 
"Memory allocation problem" errors. I have no idea why. Worse, systemd 
just says: "SUCCESS", both on start and stop...:


# systemctl start ipvsadm
# systemctl status ipvsadm
● ipvsadm.service - LSB: ipvsadm daemon
   Loaded: loaded (/etc/init.d/ipvsadm)
   Active: active (exited) since Fri 2015-03-13 15:05:19 CET; 1s ago
  Process: 2760 ExecStop=/etc/init.d/ipvsadm stop (code=exited, 
status=0/SUCCESS)
  Process: 2926 ExecStart=/etc/init.d/ipvsadm start (code=exited, 
status=0/SUCCESS)


Mar 13 15:05:19 lb-bassie ipvsadm[2926]: Starting IPVS Connection 
Synchronization Daemon: masterTry `/sbin/ipvsadm -h' or '/sb...mation.
Mar 13 15:05:19 lb-bassie ipvsadm[2926]: backupTry `/sbin/ipvsadm -h' or 
'/sbin/ipvsadm --help' for more information.

Mar 13 15:05:19 lb-bassie ipvsadm[2926]: failed!
Mar 13 15:05:19 lb-bassie systemd[1]: Started LSB: ipvsadm daemon.
Hint: Some lines were ellipsized, use -l to show in full.
# ps afxu | grep ipvs
root  3079  0.0  0.4  12720  2152 pts/0S+   15:05   0:00 
  \_ grep ipvs

# systemctl stop ipvsadm
# systemctl status ipvsadm
● ipvsadm.service - LSB: ipvsadm daemon
   Loaded: loaded (/etc/init.d/ipvsadm)
   Active: inactive (dead) since Fri 2015-03-13 15:08:24 CET; 1s ago
  Process: 3820 ExecStop=/etc/init.d/ipvsadm stop (code=exited, 
status=0/SUCCESS)
  Process: 2926 ExecStart=/etc/init.d/ipvsadm start (code=exited, 
status=0/SUCCESS)


Mar 13 15:05:19 lb-bassie ipvsadm[2926]: Starting IPVS Connection 
Synchronization Daemon: masterTry `/sbin/ipvsadm -h' or '/sb...mation.
Mar 13 15:05:19 lb-bassie ipvsadm[2926]: backupTry `/sbin/ipvsadm -h' or 
'/sbin/ipvsadm --help' for more information.

Mar 13 15:05:19 lb-bassie ipvsadm[2926]: failed!
Mar 13 15:05:19 lb-bassie systemd[1]: Started LSB: ipvsadm daemon.
Mar 13 15:08:24 lb-bassie systemd[1]: Stopping LSB: ipvsadm daemon...
Mar 13 15:08:24 lb-bassie ipvsadm[3820]: Stopping IPVS Connection 
Synchronization Daemon: masterMemory allocation problem

Mar 13 15:08:24 lb-bassie ipvsadm[3820]: backupMemory allocation problem
Mar 13 15:08:24 lb-bassie ipvsadm[3820]: failed!
Mar 13 15:08:24 lb-bassie systemd[1]: Stopped LSB: ipvsadm daemon.
Hint: Some lines were ellipsized, use -l to show in full.



And with the patch, it's like this:

# systemctl start ipvsadm
# systemctl status ipvsadm
● ipvsadm.service - LSB: ipvsadm daemon
   Loaded: loaded (/etc/init.d/ipvsadm)
   Active: active (exited) since Fri 2015-03-13 15:01:51 CET; 1s ago
  Process: 1747 ExecStop=/etc/init.d/ipvsadm stop (code=exited, 
status=0/SUCCESS)
  Process: 1859 ExecStart=/etc/init.d/ipvsadm start (code=exited, 
status=0/SUCCESS)


Mar 13 15:01:51 lb-bassie ipvsadm[1859]: Starting IPVS Connection 
Synchronization Daemon: master backup.

Mar 13 15:01:51 lb-bassie systemd[1]: Started LSB: ipvsadm daemon.
# ps afxu | grep ipvs
root  1862  0.0  0.0  0 0 ?S15:01   0:00  \_ 
[ipvs-m:0:0]
root  1864  0.0  0.0  0 0 ?S15:01   0:00  \_ 
[ipvs-b:0:0]
root  1917  0.0  0.4  12720  2112 pts/0S+   15:02   0:00 
  \_ grep ipvs

# systemctl stop ipvsadm
# systemctl status ipvsadm
● ipvsadm.service - LSB: ipvsadm daemon
   Loaded: loaded (/etc/init.d/ipvsadm)
   Active: inactive (dead) since Fri 2015-03-13 15:02:05 CET; 1s ago
  Process: 1938 ExecStop=/etc/init.d/ipvsadm stop (code=exited, 
status=0/SUCCESS)
  Process: 1859 ExecStart=/etc/init.d/ipvsadm start (code=exited, 
status=0/SUCCESS)


Mar 13 15:01:51 lb-bassie ipvsadm[1859]: Starting IPVS Connection 
Synchronization Daemon: master backup.

Mar 13 15:01:51 lb-bassie systemd[1]: Started LSB: ipvsadm daemon.
Mar 13 15:02:05 lb-bassie systemd[1]: Stopping LSB: ipvsadm daemon...
Mar 13 15:02:05 lb-bassie ipvsadm[1938]: Stopping IPVS Connection 
Synchronization Daemon: master backup.

Mar 13 15:02:05 lb-bassie systemd[1]: Stopped LSB: ipvsadm daemon.
# ps afxu | grep ipvs
root  1976  0.0  0.4  12720  2152 pts/0S+   15:02   0:00 
  \_ grep ipvs


So, that's ok!

--
Hans van Kranenburg - System / Network Engineer
+31 (0)10 2760434 | hans.van.kranenb...@mendix.com | www.mendix.com


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#779997: unblock: (pre-approval) mksh/50d-4

[Thorsten Glaser]

Niels Thykier dixit:

>I see the upload has happened, but the diff seems to be very unlike the
>one you included in the bug.  A diffstat of what I see is:
[…]
>I.e. a patch is being dropped and no other changes.  Your original
>debdiff suggested there ought to be changes to said patch instead.

Indeed. Huh. This seems to be a mistake on the sponsor’s side,
as this most certainly does not match what I asked them to pull
from collab-maint/mksh.git and upload. I’ll retry; sorry.

bye,
//mirabilos
-- 
[16:04:33] bkix: "veni vidi violini"
[16:04:45] bkix: "ich kam, sah und vergeigte"...


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780409: abyss: FTBFS on 32-bit architectures

[Graham Inggs]

Source: abyss
Version: 1.5.2-1
Severity: normal
Tags: patch

Hi maintainer

Version 1.5.2-1 of abyss FTBFS on 32-bit architectures (armhf, i386 and 
powerpc) in Ubuntu [1].

Previous versions built fine on all architectures.

I found there were a couple of places in the code that was introduced in 
version 1.5.2 where size_t data type was used instead of a fixed size 
data type.
I was able to get abyss 1.5.2-1 to build on amd64, i386 and armhf with 
the attached patch in place and all unit tests passed.

I have no idea where to begin actually testing abyss itself.

Is it worth me uploading abyss with this patch into Ubuntu?
This will at least allow version 1.5.2-1 to migrate from proposed to 
release.
Alternatively, is this software useful on a 32-bit system?  The other 
solution is for me to disable building for these architectures.


Regards
Graham

[1] https://launchpad.net/ubuntu/+source/abyss/1.5.2-1

--- a/Common/StringUtil.h
+++ b/Common/StringUtil.h
@@ -106,7 +106,7 @@
 	return false;
 }
 
-static inline size_t SIToBytes(std::istringstream& iss)
+static inline unsigned long long SIToBytes(std::istringstream& iss)
 {
 	double size;
 	std::string units;
@@ -122,7 +122,7 @@
 		// no units given; clear fail flag
 		// and assume bytes
 		iss.clear(std::ios::eofbit);
-		return (size_t)ceil(size);
+		return (unsigned long long)ceil(size);
 	}
 
 	if (units.size() > 1) {
@@ -133,22 +133,22 @@
 
 	switch(tolower(units[0])) {
 		case 'k':
-			size *= (size_t)1<<10; break;
+			size *= (unsigned long long)1<<10; break;
 		case 'm':
-			size *= (size_t)1<<20; break;
+			size *= (unsigned long long)1<<20; break;
 		case 'g':
-			size *= (size_t)1<<30; break;
+			size *= (unsigned long long)1<<30; break;
 		case 't':
-			size *= (size_t)1<<40; break;
+			size *= (unsigned long long)1<<40; break;
 		default:
 			iss.setstate(std::ios::failbit);
 			return 0;
 	}
 
-	return (size_t)ceil(size);
+	return (unsigned long long)ceil(size);
 }
 
-static inline size_t SIToBytes(const std::string& str)
+static inline unsigned long long SIToBytes(const std::string& str)
 {
 	std::istringstream iss(str);
 	return SIToBytes(iss);
--- a/Bloom/Bloom.h
+++ b/Bloom/Bloom.h
@@ -165,10 +165,10 @@
 		// bloom filter bits
 
 		size_t bits = endBitPos - startBitPos + 1;
-		size_t bytes = (bits + 7) / 8;
+		unsigned long bytes = (bits + 7) / 8;
 		char buf[IO_BUFFER_SIZE];
 		for (size_t i = 0, j = 0; i < bytes;) {
-			size_t writeSize = std::min(IO_BUFFER_SIZE, bytes - i);
+			unsigned long writeSize = std::min(IO_BUFFER_SIZE, bytes - i);
 			for (size_t k = 0; k < writeSize; k++) {
 buf[k] = 0;
 for (unsigned l = 0; l < 8; l++, j++) {
@@ -270,11 +270,11 @@
 
 		size_t offset = header.startBitPos;
 		size_t bits = header.endBitPos - header.startBitPos + 1;
-		size_t bytes = (bits + 7) / 8;
+		unsigned long bytes = (bits + 7) / 8;
 
 		char buf[IO_BUFFER_SIZE];
 		for (size_t i = 0, j = offset; i < bytes; ) {
-			size_t readSize = std::min(IO_BUFFER_SIZE, bytes - i);
+			unsigned long readSize = std::min(IO_BUFFER_SIZE, bytes - i);
 			in.read(buf, readSize);
 			assert(in);
 			for (size_t k = 0; k < readSize; k++) {

Bug#678696: Bug 678696

[Kyle Girard]

With the latest package 0.119 I am still unable to boot without doing a
'vgchange -a y'.  I'm running the latest and greatest from unstable on
an amd64 machine.

ii  initramfs-tools   0.119

Unfortunately, I don't really have a lot of time to help track this down
but if you need output from a command or two I can definitely do that.

Cheers,

Kyle

Bug#766284: still an issue Re: openjdk-8-jre-jamvm: JamVM fails with incorrect ClassBlock padding

[David Brown]

Package: openjdk-8-jre-jamvm
Version: 8u40~b22-2
Followup-For: Bug #766284

Dear Maintainer,

dbrown@debian:~$ java -jamvm -version
Error initialising VM (initialiseClassStage2)
ClassBlock padding is less than java.lang.Class fields!
Error: Could not create the Java Virtual Machine.
Error: A fatal exception has occurred. Program will exit.

-- System Information:
Debian Release: 7.8
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: armel (armv5tel)

Kernel: Linux 3.2.0-4-kirkwood
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set
to C.UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openjdk-8-jre-jamvm depends on:
ii  libc6   2.19-14
ii  openjdk-8-jre-headless  8u40~b22-2
ii  zlib1g  1:1.2.7.dfsg-13

openjdk-8-jre-jamvm recommends no packages.

openjdk-8-jre-jamvm suggests no packages.

-- no debconf information

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64),

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages openjdk-8-jre-jamvm depends on:
ii  libc6   2.19-16
ii  openjdk-8-jre-headless  8u40~b22-2
ii  zlib1g  1:1.2.8.dfsg-2+b1

openjdk-8-jre-jamvm recommends no packages.

openjdk-8-jre-jamvm suggests no packages.

-- no debconf information

David Brown

Bug#775072: closed by Matthias Klose (Bug#775072: fixed in openjdk-7 7u75-2.5.4-3)

[Andreas Beckmann]

Control: found -1 7u75-2.5.4-3

The version in the preinst was not updated, so the fix will not be run
for people tracking testing.

in debian/JB-jre.preinst.in the version "7u75-2.5.4-2~" needs to be
replaced with "7u75-2.5.4-4~" (or whatever the version of the next
upload will be).


Andreas


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#779937: GDP shouldn't process all yaml files all the time

[Alexandre Detiste]

2015-03-13 1:09 GMT+01:00 Simon McVittie :
> Next idea: YAML is pretty complicated, JSON is much simpler while still
> human-editable, maybe we can use that? That turns out to be simple to
> do, and is another factor of 20 speedup. I'll push the results shortly.

This also seems much less intrusive than the pickled arg parser.

Some people have analysed that in deep:
http://www.csc.kth.se/utbildning/kth/kurser/DD143X/dkand11/Group2Mads/victor.hallberg.malin.eriksson.report.pdf

> I'd like to keep using YAML for the source files, because it's a lot
> more pleasant to write

I agree !

>> That's only the package name, aliases, longname & demo_for tags.
>
> I think a factor of 400 should be enough to keep your RPi happy until we
> add quite a lot more games :-)

This gets around 2,5 seconds and certainly around the double for the RPi;
much less than things like aptitude's GUI.

I've added a minimal process indicator to give user some feedback.
I didn't bother with isatty() for now...
would people ever run GDP unattended / through a pipe ?

 for jsonfile in glob.glob(os.path.join(DATADIR, '*.json')):
 +  print('.', end='', flush=True)
 ...
 +  print('\r', end='', flush=True)
 return games


> If we need more, I suspect kicking out the md5sums etc. into separate
> files (probably in plain md5sums format, or whatever), and loading them
> "lazily", would get us another significant speedup. File lists could
> maybe be kicked out too; I expect the rest of the metadata for games,
> packages and CD tracks is small enough to not matter either way.
> Combining all the remaining metadata into one big JSON file (perhaps a
> map from game name to data) might also be good.

Ok, there's no hurry for this at all; it felt wrong that GDP took more time
to load up than RTCW on the same computer; but now it's perfectly acceptable.

Thanks,


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780410: osc: CVE-2015-0778: osc _service file shell injection flaw

[Salvatore Bonaccorso]

Source: osc
Version: 0.134.1-1
Severity: grave
Tags: security upstream patch fixed-upstream

Hi,

the following vulnerability was published for osc. Note that I have
choosen severity grave since it allows client side arbitrary command
execution via a crafted service file, but I don't know osc well
enough, so please adjust severity if you disagree.

CVE-2015-0778[0]:
shell command injection via crafted _service files

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2015-0778
[1] https://bugzilla.novell.com/show_bug.cgi?id=901643
[2] https://bugzilla.novell.com/attachment.cgi?id=626334

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#770659: Bug WebRCT Chromium

[Marco Maria Luciani]

Into recent months the quality of this package has dropped considerably :(

Also I hope as soon as possible to completely switch to firefox...*while
respecting the work of all volunteer maintainer in debian*...this package
is bugged for months...disable the sandbox flag also involves a browser
vulnerability...when fireofx will enables video-chat in gmail without the
use of plugins...me too won't need chromium anymore.

Bug#761149: debsources: allow redirects to package versions based on suite/codename

[Stefano Zacchiroli]

On Thu, Mar 12, 2015 at 06:45:37PM -0400, Jason Pleau wrote:
> As discussed on IRC, I rebase my patches for this bug.

Thanks Jason, I've made minor changes to your patches, and pushed them
to the feature/suite-aliasing branch here:

  http://anonscm.debian.org/cgit/qa/debsources.git/log/?h=feature/suite-aliasing

I've also updated the testdata submodule, and pushed it to the
feature/suite-aliasing branch here:

  
http://git.upsilon.cc/?p=hacks/debsources-testdata.git;a=shortlog;h=refs/heads/feature/suite-aliasing

I haven't yet merged the branch because while "make test" works well,
"make test-all" (which runs all the testsuite, including updater tests),
fails in 3 tests due to constraint violation errors, e.g.:

excludeFiles (debsources.tests.test_updater.Updater) ... ERROR
garbageCollects (debsources.tests.test_updater.Updater) ... ERROR
producesReferenceSourcesTxt (debsources.tests.test_updater.Updater) ... ERROR
[...]
IntegrityError: (IntegrityError) update or delete on table "suites_info" 
violates foreign key constraint "suites_aliases_suite_fkey" on table 
"suites_aliases"
DETAIL:  Key (name)=(jessie) is still referenced from table "suites_aliases".
 'DELETE FROM suites_info WHERE suites_info.name = %(name_1)s' {'name_1': 
'jessie'}

Which looks like an actual regression.

Can you look into this?

As fixes, I'd appreciate an *additional* patch wrt the above branches,
which I'll then squash onto your previous commits in that branch.

TIA,
Cheers.
-- 
Stefano Zacchiroli  . . . . . . .  z...@upsilon.cc . . . . o . . . o . o
Maître de conférences . . . . . http://upsilon.cc/zack . . . o . . . o o
Former Debian Project Leader  . . @zack on identi.ca . . o o o . . . o .
« the first rule of tautology club is the first rule of tautology club »


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#779150: uif/pings: false - accepts pings from non-trusted networks.

[Jeffrey Sheinberg]

On Wed, Mar 11, 2015 at 07:46:38AM +, Mike Gabriel wrote:
...
> I'd appreciate if you could test this patch (apply it to
> /usr/sbin/uif on your test system).
...

Hi Mike,

The patch is working well for my configuration.  I used "ShieldsUp" all
service ports scan, and "ping.eu" to scan a few random ports, as well as
ping and traceroute.

I applied the patch and tested it with my desired configuration - single
workstation, connected to the ipv4 Internet, only 127.0.0.1 trusted,
otherwise no ping, no traceroute, drop rather than reject for all
other logged traffic.

This was my usual configuration before ipv6 support was added to uif.

Thanks for working on Debian.

-- 
Jeffrey Sheinberg


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#779825: no port attached to webserver

[Ivan Baldo]

And I filled 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780403 just in case.


I wonder, what would happen if the config just says "listen 80" or 
"listen *:80"? It will listen in both IPv4 and IPv6 and if IPv6 isn't 
available fall back gracefully to only IPv4?

Can someone test? That could be the fix for this bug.
Thanks!!!



El 13/03/15 a las 02:16, Kartik Mistry escibió:

severity 779825 important
thanks

Setting severity to important as per discussion above.

On Wed, Mar 11, 2015 at 12:28 AM, Michael Lustfield
 wrote:

I've seen this in other packages such as mysql. Admittedly, it can be a bit
frustrating that an inability to cleanly update/install a package can cause
issues during an upgrade.

However, it is possible that something else may depend on a package cleanly
upgrading before it can proceed. I can think of a few cases where this could
happen.

To be perfectly honest, I'd like to make an inability to start not prevent a
clean upgrade as well. We'll definitely need to discuss it a bit. I do wish
there was a Debian policy about this because we've really just stuck with
how most packages behave.





--
Ivan Baldo - iba...@adinet.com.uy - http://ibaldo.codigolibre.net/
From Montevideo, Uruguay, at the south of South America.
Freelance programmer and GNU/Linux system administrator, hire me!
Alternatives: iba...@codigolibre.net - http://go.to/ibaldo


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780233: [Pkg-fonts-devel] Bug#780233: fonts-inconsolata: Please package v1.014 from Google Font Directory

[Antoine Musso]

On 11/03/15 03:13, Paul Wise wrote:

On Wed, Mar 11, 2015 at 5:18 AM, Antoine Musso wrote:


I found out on wikipedia that the inconsolata font has been forked on
Google Foot Directory. It has been fully hinted and a bold variant
created.

Project directory:
https://code.google.com/p/googlefontdirectory/source/browse/ofl/inconsolata/


Hhhmm, this doesn't include the FontForge source so uploading it would
probably be a DFSG violation.


Hello Paul,

The fonts-inconsolata source package already has some references to 
FontForge, at least there is a /fontforge-sfds/ directory with an 
Inconsolata.sfd file.


Might be worth another bug to migrate the package to contrib per DFSG if 
it violates it.




It would also be great if the Google folks could forward their changes
upstream instead of forking it.


Upstream Raph Levien (added to CC) commented on another bug report:

 > Yes, the version at Google Web Fonts is more recent and should
 > be considered the definitive one.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688212#20

Seems fine :)



- Completed Bold version of Inconsolata in VBF format.


VFB format is from the proprietary FontLab tool. Is there a tool in
Debian main to build the TTF/OTF files from that? If not we would have
to move fonts-inconsolata to contrib.


That is a similar issue to the FontForge sources above. Other fonts 
package probably ships .VFB. If they are in contrib, I guess Inconsolata 
should be moved there as well.



Thanks!

Antoine Musso


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#685575: Build dep

[Geoff]

Hi Antoine,

Le 10/03/2015 02:45, Antoine Beaupré wrote :
> On 2015-02-06 09:39:15, Geoff wrote:
>> I've been playing around with opentracker packaging on Linux only.
>>
>> I made some improvements to Roman's packaging work.
> 
> Where?

Unpublished actually, I believed my work was not good|mature enough to
share. But anyway, here is my git repo, it is not related to Roman's git
repo (ie. i started from scratch with git-buildpackage).

http://git.kaliko.me/?p=opentracker-debian.git


The package is still missing a systemd/sysV conf files, a manual, a
watch file and probably needs more work.

Cheers,
Geoff



signature.asc
Description: OpenPGP digital signature

Bug#780412: gnome-shell: Requiring GSystem, version none: Typelib file for namespace 'GSystem' (any version) not found ST4121)

[Simon McVittie]

Package: gnome-shell
Version: 3.14.2-3
Severity: minor
Tags: patch

On Sat, 31 Jan 2015 at 12:55:56 -0500, Michael Gilbert wrote:
> > Nov 19 15:59:04 boss gnome-session[3518]: (gnome-shell:3624): Gjs-WARNING 
> > **: JS ERROR: Exception in callback for signal: startup-complete: Error: 
> > Requiring GSystem, version none: Typelib file for namespace 'GSystem' (any 
> > version) not found
> 
> This error might also be worth spending some time to troubleshoot.

I believe this is a red herring: I also get that on my fully-working
GNOME 3 system. gnome-shell has an optional runtime dependency
on libgsystem, which is a GNOME library for Unix-specific misc.
It uses it exactly once, to do structured logging to systemd-journald:

if (LoginManager.haveSystemd() &&
sessionMode.currentMode != 'gdm' &&
sessionMode.currentMode != 'initial-setup') {
// Do not import globally to not depend
// on systemd on non-systemd systems.
let GSystem = imports.gi.GSystem;
GSystem.log_structured_print('GNOME Shell started at ' + _startDate,
 ['MESSAGE_ID=' + 
GNOMESHELL_STARTED_MESSAGE_ID]);
} else {
log('GNOME Shell started at ' + _startDate);
}

... which is just not worth a dependency IMO.

We don't actually package libgsystem at all, so should probably
stub that out (if (false && ...)) and just take the non-systemd code path.

S


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780383: libopensaml2-java: CVE-2015-1796

[Salvatore Bonaccorso]

Hi Emmanuel,

Thanks for the quick feedback.

On Fri, Mar 13, 2015 at 10:42:41AM +0100, Emmanuel Bourg wrote:
> Hi Salvatore,
> 
> Thank you for the report. Looking at the commit r1680 mentioned on the
> security tracker I fail to see how it addresses the vulnerability
> described. I suspect this is actually a vulnerability in a dependency
> shared by opensaml and idp (maybe xmltooling which contains the
> PKIXValidationInformationResolver class, or shib-common with a recent
> commit referring to the same SIDP-624 issue [1]).

Note the commit reference was added by me, while searching to isolate
were the problem lies, i.e. searching for relevant commits between tag
2.6.4 and 2.6.5. I don't understand though libopensaml2-java well
enough. Upstream advisory just say:

Affected Versions
=

Versions of OpenSAML Java < 2.6.5
[...]
OpenSAML users: Upgrade to OpenSAML Java 2.6.5 or greater, if PKIX
trust engines are in use. PKIX trust engine implementations in this
version will fail a candidate credential if no trusted names are
resolved for the relevant entityID; the existing PKIX resolver
implementations now also automatically treat the target entityID as an
implicit trusted name. If this is not feasible, ensure that ALL entity
data resolved via instances of PKIXValidationInformationResolver have
at least 1 trusted name which is resolveable. For resolvers based on
SAML metadata, see IdP recommendations below.
[...]

https://bugzilla.redhat.com/show_bug.cgi?id=1196619

and

https://bugzilla.novell.com/show_bug.cgi?id=922199

both don't give much more information.

Regards,
Salvatore


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780411: libcap2-bin: missing Breaks+Replaces: libcap-bin

[Andreas Beckmann]

Package: libcap2-bin
Version: 1:2.24-6
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: affects -1 + libcap-bin

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'lenny' to 'squeeze' to 'wheezy' to 'jessie'.
Its predecessor 'libcap-bin' installed fine in 'lenny', and was kept
installed during the upgrades to 'squeeze' and 'wheezy', but the upgrade
to 'jessie' eventually pulled in libcap2-bin (which was not installed
previously) which failed to install because it tries to overwrite
other packages files without declaring a Breaks+Replaces relation.

>From the attached log (scroll to the bottom...):

  Selecting previously unselected package libcap2-bin.
  (Reading database ... 6856 files and directories currently installed.)
  Preparing to unpack .../libcap2-bin_1%3a2.24-6_amd64.deb ...
  Unpacking libcap2-bin (1:2.24-6) ...
  dpkg: error processing archive 
/var/cache/apt/archives/libcap2-bin_1%3a2.24-6_amd64.deb (--unpack):
   trying to overwrite '/sbin/getpcaps', which is also in package libcap-bin 
1:1.10-14
  Errors were encountered while processing:
   /var/cache/apt/archives/libcap2-bin_1%3a2.24-6_amd64.deb


cheers,

Andreas


libcap-bin_None.log.gz
Description: application/gzip

Bug#780143: Backport of the PCF fix from 2.5.5

[Axel]

The patch.
From 74af85c4b62b35e55b0ce9dec55ee10cbc4962a2 Mon Sep 17 00:00:00 2001
From: Werner Lemberg 
Date: Mon, 8 Dec 2014 16:01:50 +0100
Subject: [PATCH] [pcf] Fix Savannah bug #43774.

Work around `features' of X11's `pcfWriteFont' and `pcfReadFont'
functions.  Since the PCF format doesn't have an official
specification, we have to exactly follow these functions' behaviour.

The problem was unveiled with a patch from 2014-11-06, fixing issue #43547.

* src/pcf/pcfread.c (pcf_read_TOC): Don't check table size for last
element.  Instead, assign real size.
---
 ChangeLog | 14 ++
 src/pcf/pcfread.c | 54 +++---
 2 files changed, 57 insertions(+), 11 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index afc342f..e560b4f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,17 @@
+2014-12-08  Werner Lemberg  
+
+	[pcf] Fix Savannah bug #43774.
+
+	Work around `features' of X11's `pcfWriteFont' and `pcfReadFont'
+	functions.  Since the PCF format doesn't have an official
+	specification, we have to exactly follow these functions' behaviour.
+
+	The problem was unveiled with a patch from 2014-11-06, fixing issue
+	#43547.
+
+	* src/pcf/pcfread.c (pcf_read_TOC): Don't check table size for last
+	element.  Instead, assign real size.
+
 2014-04-20  Werner Lemberg  
 
    [autofit] Fix Savannah bug #42148. 
diff --git a/src/pcf/pcfread.c b/src/pcf/pcfread.c
index 998cbed..e3caf82 100644
--- a/src/pcf/pcfread.c
+++ b/src/pcf/pcfread.c
@@ -2,7 +2,7 @@
 
 FreeType font driver for pcf fonts
 
-  Copyright 2000-2010, 2012, 2013 by
+  Copyright 2000-2010, 2012-2014 by
   Francesco Zappa Nardelli
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -78,7 +78,7 @@ THE SOFTWARE.
 FT_FRAME_START( 16  ),
   FT_FRAME_ULONG_LE( type ),
   FT_FRAME_ULONG_LE( format ),
-  FT_FRAME_ULONG_LE( size ),
+  FT_FRAME_ULONG_LE( size ),   /* rounded up to a multiple of 4 */
   FT_FRAME_ULONG_LE( offset ),
 FT_FRAME_END
   };
@@ -95,9 +95,11 @@ THE SOFTWARE.
 FT_Memory  memory = FT_FACE( face )->memory;
 FT_UIntn;
 
+FT_ULong   size;
 
-if ( FT_STREAM_SEEK ( 0 )  ||
- FT_STREAM_READ_FIELDS ( pcf_toc_header, toc ) )
+
+if ( FT_STREAM_SEEK( 0 )  ||
+ FT_STREAM_READ_FIELDS( pcf_toc_header, toc ) )
   return FT_THROW( Cannot_Open_Resource );
 
 if ( toc->version != PCF_FILE_VERSION ||
@@ -154,14 +156,35 @@ THE SOFTWARE.
 break;
 }
 
-/* we now check whether the `size' and `offset' values are reasonable: */
-/* `offset' + `size' must not exceed the stream size   */
+/*
+ *  We now check whether the `size' and `offset' values are reasonable:
+ *  `offset' + `size' must not exceed the stream size.
+ *
+ *  Note, however, that X11's `pcfWriteFont' routine (used by the
+ *  `bdftopcf' program to create PDF font files) has two special
+ *  features.
+ *
+ *  - It always assigns the accelerator table a size of 100 bytes in the
+ *TOC, regardless of its real size, which can vary between 34 and 72
+ *bytes.
+ *
+ *  - Due to the way the routine is designed, it ships out the last font
+ *table with its real size, ignoring the TOC's size value.  Since
+ *the TOC size values are always rounded up to a multiple of 4, the
+ *difference can be up to three bytes for all tables except the
+ *accelerator table, for which the difference can be as large as 66
+ *bytes.
+ *
+ */
+
 tables = face->toc.tables;
-for ( n = 0; n < toc->count; n++ )
+size   = stream->size;
+
+for ( n = 0; n < toc->count - 1; n++ )
 {
   /* we need two checks to avoid overflow */
-  if ( ( tables->size   > stream->size) ||
-   ( tables->offset > stream->size - tables->size ) )
+  if ( ( tables->size   > size) ||
+   ( tables->offset > size - tables->size ) )
   {
 error = FT_THROW( Invalid_Table );
 goto Exit;
@@ -169,6 +192,15 @@ THE SOFTWARE.
   tables++;
 }
 
+/* no check of `tables->size' for last table element ... */
+if ( ( tables->offset > size ) )
+{
+  error = FT_THROW( Invalid_Table );
+  goto Exit;
+}
+/* ... instead, we adjust `tables->size' to the real value */
+tables->size = size - tables->offset;
+
 #ifdef FT_DEBUG_LEVEL_TRACE
 
 {
@@ -733,8 +765,8 @@ THE SOFTWARE.
 
 FT_TRACE4(( "  number of bitmaps: %d\n", nbitmaps ));
 
-/* XXX: PCF_Face->nmetrics is singed FT_Long, see pcf.h */
-if ( face->nmetrics < 0 || nbitmaps != ( FT_ULong )face->nmetrics )
+/* XXX: PCF_Face->nmetrics is signed FT_Long, see pcf.h */
+if ( face->nmetrics < 0 || nbitmaps != (FT_ULong)face->nmetrics )
   return FT_THROW( Invalid_File_Format );
 
 if ( FT

Bug#749739: 'exit 1' cannot be used in pbuilderrc with cowbuilder

[Thorsten Glaser]

Hi XTaran,

this is an easily circumvented issue:


setuptofail() {
# this makes cowbuilder succeed and pbuilder fail
for i in "${BASH_SOURCE[@]}"; do
case $i in
*/pbuilder-loadconfig)
echo >&2 "E: MirDebian pbuilderrc: aborting"
echo >&2
exit 1
;;
esac
done
export BASEPATH=/var/cache/pbuilder/result
}
# […]
if test x"$ARCHITECTURE" = x"$(dpkg-architecture -qDEB_HOST_ARCH \
-a"$ARCHITECTURE" 2>/dev/null)"; then
: $ARCHITECTURE is a valid Debian architecture
else
echo >&2 "E: Unknown Debian architecture: '$ARCHITECTURE'"
setuptofail
return
fi


See: https://www.mirbsd.org/cvs.cgi/contrib/hosted/tg/deb/pbuilderrc?rev=HEAD
The way to make it fail is because /var/cache/pbuilder/result
does not contain a valid chroot.

bye,
//mirabilos
-- 
Yay for having to rewrite other people's Bash scripts because bash
suddenly stopped supporting the bash extensions they make use of
-- Tonnerre Lombard in #nosec


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780355: Build empty golang-go and golang-src packages on architectures without golang support and depend on gccgo instead

[Tianon Gravi]

On 12 March 2015 at 09:02, Matthias Klose  wrote:
> gccgo, starting with GCC 5 now ships the go tool, which allows building of 
> most
> packages in the archive.  Instead of hard-coding any package to build-depend 
> on
> gccgo on architectures where golang is unsupported, I built empty golang-go 
> and
> golang-src packages which depend on gccgo instead.

I'd be a lot more comfortable with this being a deliberate change in
the package dependencies to explicitly state that they're
gccgo-compatible, especially if failure to build or failure in the
test suite is a common occurrence.  Those kinds of FTBFS also only
account for compilation bugs or ones that the project test suite
happens to catch -- what worries me even more are the more subtle
runtime bugs we might introduce with such a change.

I'm still very much +1 to using alternatives for "go" (ala #779503),
but I'm definitely not ready to claim that GCCGO 5 and Go 1.4 are
actually equivalent and compatible to the level a virtual like this
implies.

♥,
- Tianon
  4096R / B42F 6819 007F 00F8 8E36  4FD4 036A 9C25 BF35 7DD4


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780143: Backport of the PCF fix from 2.5.5

[Axel]

I have successfully backported a patch coming from libfreetype6 upstream
into the current version of debian. I've tested it with Dina which is
affected by this bug (pcf version) and it works fine.

I have made a small change to the upstream patch: the Changelog file
differs thus I had to change the two lines of context.

I took the debian source, added one line at the end of
debian/patches-freetype/series:
0001-pcf-Fix-Savannah-bug-43774.patch

Then wrote the adapted upstream patch (attached to this email, commit
74af85c4b62b35e55b0ce9dec55ee10cbc4962a2) into
debian/patches-freetype/0001-pcf-Fix-Savannah-bug-43774.patch

I proceed to compile my package with dpkg-buildpackage and installed it
successfully with dpkg -i that's all.

I suggest to test this change and include it in the jessie release.
Thank you.


signature.asc
Description: Digital signature

Bug#755050: gnome-settings-daemon: cursor plugin makes mouse pointer disappear in non-Shell sessions

[Dmitry Shachnev]

Hi,

On Fri, 13 Mar 2015 09:36:29 +, Simon McVittie wrote:
> Looking at  it seems that the intention
> these days is:
>
> * gnome-settings-daemon is only intended to work with GNOME Shell
>   (or at least Mutter);
> * non-Shell GNOME sessions should run gnome-flashback components instead of
>   gnome-settings-daemon;
> * non-GNOME sessions should not run either
>
> In particular, the Compiz- and Metacity-based sessions provided by
> gnome-session-flashback already do this, so they should no longer be
> affected by this.
>
> gnome-flashback and/or g-s-d maintainers: is what I said above accurate?

In GNOME Flashback, we *do* use gnome-settings-daemon, just not all
components of it do something useful for us.

So non-Shell GNOME sessions should run gnome-flashback components
(it is possible to enable/disable needed components via GSettings)
*in addition to* gnome-settings-daemon.

The code that makes mouse cursor appear is libidle-monitor [1].
That code is based on code in Mutter and is not needed when the
window manager is Mutter (or something based on it).

[1]: 
https://git.gnome.org/browse/gnome-flashback/tree/gnome-flashback/libidle-monitor

Note: There should be no Compiz-based session in Debian, if one is
shown for you, please report a bug :)

> On Wed, 30 Jul 2014 at 10:52:08 +0200, Michał Politowski wrote:
>> Same problem under gnome-session-flashback.
>> Disabling the cursor plugin with dconf also helped here (after restart).
>
> This particular case should have been fixed in September (gnome-panel/3.8.1-4)
> according to , because gnome-session-flashback
> no longer uses gnome-settings-daemon.

Yes, it should no longer be an issue.

--
Dmitry Shachnev

signature.asc
Description: OpenPGP digital signature

Bug#780414: Depend on zendframework, but zendframework is going away

[David Prévot]

Package: php-letodms-lucene
Version: 1.0.2-2
Severity: important
Control: affects -1 zendframework

Hi,

php-letodms-lucene depends on zendframework (version 1), but this
package is unlikely to make it for Stretch: we intend to ship version 3
of zendframework, that will be maintained in separate packages
(associated with separate upstream components). We’d thus like to get
rid of the zendframework package as soon as possible after Jessie gets
released.

I’ve not been able to find where upstream develops php-letodms-lucene
(the PEAR page mentioned in d/copyright is a dead URL), and have not
looked into your package, but I assume it uses the Search Lucene feature
of ZendFramework. Please note that a php-zend-search package
(version 2.0.0~rc5-1) has recently been uploaded [0] and may provide the
functions or classes you need

0: https://ftp-master.debian.org/new/php-zend-search_2.0.0~rc5-1.html

Do not hesitate to stay in touch with the Debian PHP PEAR Maintainers
team  if you need any help moving
forward.

Regards

David


signature.asc
Description: Digital signature

Bug#779150: uif/pings: false - accepts pings from non-trusted networks.

[Mike Gabriel]

Hi,

the fix will enter Debian jessie within a few days. Thanks for confirming.

Mike

-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976148

GnuPG Key ID 0x25771B13
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de


- Original message -
> On Wed, Mar 11, 2015 at 07:46:38AM +, Mike Gabriel wrote:
> ...
> > I'd appreciate if you could test this patch (apply it to
> > /usr/sbin/uif on your test system).
> ...
> 
> Hi Mike,
> 
> The patch is working well for my configuration.   I used "ShieldsUp" all
> service ports scan, and "ping.eu" to scan a few random ports, as well as
> ping and traceroute.
> 
> I applied the patch and tested it with my desired configuration - single
> workstation, connected to the ipv4 Internet, only 127.0.0.1 trusted,
> otherwise no ping, no traceroute, drop rather than reject for all
> other logged traffic.
> 
> This was my usual configuration before ipv6 support was added to uif.
> 
> Thanks for working on Debian.
> 
> -- 
> Jeffrey Sheinberg
> 


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#779223: box2d: please make the build reproducible

[marivalen]

Hi,

On 03/02/2015 07:41 PM, Markus Koschany wrote:

I would like to know how other maintainers think about this issue and
wait until it is clear whether this issue will be fixed in Debian's
doxygen package or not. If it turns out that the project favors the
"patch-all-affected-packages" approach, then this patch can be quickly
applied. But I still have my doubts about the efficiency of this approach.



I talked to helmut as a doxygen maintainer on IRC and he pointed out the 
following:


 - dh_doxygen only runs after the build is completed and thus has no
   way to influence the run of doxygen

 - since it is impossible to determine the configuration file used by
   doxygen during the build, the only working solution in practice
   would be to move /usr/bin/doxygen to /usr/bin/doxygen.real and let
   the former be a thin wrapper around the latter which detects using
   environment variable when a package build is in progress and if so
   determines the used configuration file and changes its value of
   HTML_TIMESTAMP to NO before passing it on to doxygen.real

It is unlikely that such a fragile and hacky workaround will be included 
in dh_doxygen.


Cheers, akira


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#776746: gnome-session: GNOME crashes during a remote desktop access

[GGaotx]

> Date: Thu, 12 Mar 2015 09:35:27 +
> From: s...@debian.org
> To: ljlz...@hotmail.com; 776...@bugs.debian.org
> Subject: Re: Bug&776746: gnome-session: GNOME crashes during a remote desktop 
> access
>
> On Tue, 10 Mar 2015 at 04:32:39 +, GGaotx wrote:
>> But if it's considered as GNOME's bug, probably it
>> should be patched to make GNOME 3 support non-compositing
>> environment
>
> GNOME Shell, via its use of Mutter code for window management, requires
> the Composite extension. This is not a feature that can be turned on or
> off; Mutter's design relies on the ability to act as a compositing manager,
> and it has no support for not doing so (just like Compiz and Unity,
> and unlike traditional "stacking window managers" like Metacity).
>
> The full GNOME environment as used by the GNOME and GNOME Classic
> session types, in turn, requires GNOME Shell. If you want something
> that superficially resembles GNOME but does not use GNOME Shell,
> that's exactly GNOME Flashback, which is now packaged separately.
>
> If your X server does not meet the requirements to run GNOME Shell,
> then your only option is to use something that is not the full GNOME
> environment, such as GNOME Flashback (which uses Metacity),
> OpenBox's "GNOME/Openbox" session (which uses Openbox), or one of the
> various GNOME forks like MATE.
>
> I do not consider "requires modern X server features" to be a GNOME bug,
> and neither do its upstream developers.
>
> S

But both CentOS 7 with GNOME 3.8, Fedora 20 with GNOME 3.10 and Fedora 21 
with GNOME 3.14 tell us that GNOME 3 itself can work well with xrdp without 
any issues and this is a Debian ONLY bug. You can try them as well. And maybe
you can find the difference of xrdp between Debian and those Red Hat based
OS and find how they overcome this issue. If you need any more information,
I would like to help.

Best wishes,
Gaotx 

--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#780334: please provide normal lib (with SOVERSION) and lib-dev packages for the libs

[Michael Tokarev]

Hello again.  It looks lile you overlooked the
main part of my reply, here it goes again:

13.03.2015 15:38, Patrick Matthäi wrote:
>> 13.03.2015 12:17, Patrick Matthäi wrote:
>>> Hi,
>>>
>>> this was changed with 3.2.1-1, see #630147
>>> Upstream will not follow the standards of the library versioning schema, so 
>>> it is not possible to maintain it in this way in Debian.
>>
>> Ok, that makes sense, especially since it is an internal library.
>>
>>> If you need to build-depend on it, than you have to use the -common package,
>>> but with the changes made in #630147 I also wanted to say (and that is 
>>> conform):
>>> better do not use this package as b-d.
>>
>> And this is something I don't understand.  In my case (see #775431), the
>> question is about adding glusterfs to qemu packages.  Qemu can use glusterfs,
>> but it needs headers and libs (I'm not sure if it really needs libs, at least
>> the configure script sets up GLUSTERFS_LIBS and uses it for linking).  If
>> this package is better NOT to be used as b-d, and if these libs are for
>> internal use only, what to do?

So, Patrick, what do you suggest?

Thanks,

/mjt


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org