Bug#886742: postgresql-9.4-postgis-2.1 missing in stretch

[Bas Couwenberg]

On 2018-01-10 08:35, Jürgen Fuchsberger wrote:

On 2018-01-09 18:18, Sebastiaan Couwenberg wrote:

severity 886742 normal
thanks

Hi Juergen,

On 01/09/2018 02:16 PM, Bas Couwenberg wrote:

On 2018-01-09 14:08, Christoph Berg wrote:

Re: Juergen Fuchsberger 2018-01-09
Due to missing postgresql-9.4-postgis-2.1 in stretch, a postgis 
enabled
database becomes corrupt when upgrading from jessie to stretch 
since
the required postgis libraries are missing. This can cause serious 
data

loss, because once upgraded to stretch, the postgis data can't be
accesed nor dumped (Database gives error "could not access file
"$libdir/postgis-2.1": no such file or directory").


The database is not corrupt, your old database still works (after
installing the old postgis).


Sure, but I can't install the old postgis-2.1 because it is not
available in stretch.


So temporarily add the sources for jessie and install postgis from 
jessie and remove the sources again.


Or use the symlink hack.


I think the problem is that postgis-2.1 was removed on updating which
should not be the case, should it?


Removing packages no longer in the distribution your upgrading to is 
quite common.


Kind Regards,

Bas

Bug#886727: nouveau: no desktop on nvidia NVS 310 card on DELL precision 7810

[Joachim Schmidt]

Hi Sven,


Package: xserver-xorg-video-nouveau
Version: 1:1.0.15-2
Severity: important
File: nouveau

Dear Maintainer,

* installed testing version parallel (stable version runs well)
* no display will be shown - terminal goes into standby


Before or after X starts?  Does it work when you use the stretch kernel
on testing?
it's also if I start recovery mode - some lines are displayed and then 
terminal goes into standby.

stretch kernel into testing will take some time (I just don't know how)



VGA-compatible devices on PCI bus:
--
03:00.0 VGA compatible controller [0300]: NVIDIA Corporation GF119 [NVS 310] 
[10de:107d] (rev a1)


Probably that is https://bugs.freedesktop.org/show_bug.cgi?id=103421,
but a kernel log would be useful to be sure.  Can you find a backtrace
in /var/log/kern.log?

I think you are right, I attach kernel.log

Thanks
Joachim



kern.7z
Description: application/7z-compressed

Bug#886729: atop: noisy service restarts every night

[Cristian Ionescu-Idbohrn]

On Tue, 9 Jan 2018, Marc Haber wrote:
> 
> I have never seen that. Are you running your systemd in some debug mode?

Not that I know of.  Pid 1 command line is:

/lib/systemd/systemd --system --deserialize 24

Is there anything else I can check or watch?


Cheers,

-- 
Cristian

Bug#886768: Acknowledgement (linux-headers-3.16.0-5-amd64: inode_change_ok() missing, breaks openafs module build)

[Arne Nordmark]

Newer OpenAFS versions replace

code = inode_change_ok(inode, &newattrs);

by

code = setattr_prepare(file_dentry(afile->filp), &newattrs);

The file_dentry() helper is not present in linux-headers-3.16.0-5
either, but

code = setattr_prepare(afile->filp->f_path.dentry, &newattrs);

at least seems to compile. Is this the correct replacement?

Arne

Bug#882414: [src:linux] Oops: NULL pointer dereference - RIP: isci_task_abort_task+0x30/0x3e0 [isci]

[Yves-Alexis Perez]

On Thu, 2018-01-04 at 09:53 +0100, Yves-Alexis Perez wrote:
> I'm experiencing the same issue on a workstation here (Dell Precision T5600)
> with:
> 
> 00:1f.2 SATA controller: Intel Corporation C600/X79 series chipset 6-Port SATA
> AHCI Controller (rev 05)
> 05:00.0 Serial Attached SCSI controller: Intel Corporation C602 chipset 
> 4-Port 
> SATA Storage Control Unit (rev 05)
> 
> I've built a 4.15-rc6 kernel with that patch reverted and the system seems to
> boot fine.

After porting the issue upstream, a patch has been submitted upstream (and CC:
stable): https://marc.info/?l=linux-scsi&m=151557324907914

Regards,
-- 
Yves-Alexis

signature.asc
Description: This is a digitally signed message part

Bug#886729: atop: noisy service restarts every night

[Marc Haber]

On Wed, Jan 10, 2018 at 09:19:51AM +0100, Cristian Ionescu-Idbohrn wrote:
> On Tue, 9 Jan 2018, Marc Haber wrote:
> > 
> > I have never seen that. Are you running your systemd in some debug mode?
> 
> Not that I know of.  Pid 1 command line is:
> 
>   /lib/systemd/systemd --system --deserialize 24
> 
> Is there anything else I can check or watch?

Nothing that is inside my systemd foo. All my systems just work, and
your bug report is the first (and only) one about this issue.

Did the issue appear with atop 2.3.0, or are you having this with older
versions as well?

Greetings
Marc

-- 
-
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany|  lose things."Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421

Bug#886811: Can't do system-wide mounts/unmounts in a ssh sessions

[Marius Vollmer]

Package: openssh-server
Version: 1:7.6p1-2

Mounting or unmounting filesystems from within a ssh session used to
affect all processes, but now it only affects ssh sessions (all of them,
not just the one doing the mounts/unmounts).

To reproduce:

 $ ssh root@debian-box
 # dd if=/dev/zero of=/disk.img bs=1M count=20
 # dev=$(losetup --show --find /disk.img)
 # mkfs.ext4 $dev

 # mount $dev /mnt
 # grep /mnt /proc/self/mounts
 /dev/loop0 /mnt ext4 rw,relatime,data=ordered 0 0
 # grep /mnt /proc/1/mounts
 

It seems that sshd and all its sessions are now in a single dedicated
"mnt" namespace:

 # lsns
 NS TYPE   NPROCS   PID USER COMMAND
 ...
 4026532316 mnt 1   508 root /usr/sbin/sshd -D
 ...

Bug#886812: service: start/stop tries to use invalid systemd units when using socket templates

[Cyrill Troxler]

Package: init-system-helpers
Version: 1.48

I stumbled upon a issue with the start/stop triggers when using systemd
 socket templates on Debian stretch. I started getting unrelated error
messages when entering `service some_service start` on a system which
has a systemd socket template defined. The issue is quite easy to
replicate:

```
# touch /etc/systemd/system/test@.socket
# service cron start
Failed to get properties: Unit name test@.socket is not valid.
```

I have tracked down the issue to line 205 in /usr/sbin/service. (line
182 in 1.51)
```
for unit in $(systemctl list-unit-files --full --type=socket
2>/dev/null | sed -ne 's/\.socket\s*[a-z]*\s*$/.socket/p'); do
if [ "$(systemctl -p Triggers show $unit)"

```
Here it gets all unit files and then tries to show get the Triggers of
that unit. This not only causes the error message shown above, it also
causes not stopping the actual socket units like it is described in the
comment above line 205. The issue could be solved by using `list-units` 
instead of `list-unit-files` because `list-units` will only list actual
socket units and not their templates.

Tested on Debian GNU/Linux 9.3 kernel 4.9.65-3+deb9u2.

Bug#884994: systemd: shutdown does not send its warning messages when time is more than ten minutes

[Christoph Pleger]

Hello,


Fwiw, this behaviour makes sense to me.
If you start a scheduled login 2 days in advance, sending a shutdown
message every minute would not be helpful. Restricting that to the last
ten minutes seems reasonable.

How did sysvinit behave in that regard?


As far as I remember, sysvinit started earlier with showing messages, 
but the interval between the shutdown messages became shorter the closer 
the actual shutdown time came, every minute in the last ten minutes, 
five minutes with current_time < shutdown_time - 10 minutes, even longer 
intervals with current_time << shutdown_time - 10 minutes.


Regards
  Christoph

Bug#886813: screen: GNU screen wipes X selection (copy buffer / clipboard) on init with TERM=xterm-256color

[Walter Doekes]

Package: screen
Version: 4.5.0-6
Severity: normal
Tags: patch

Dear Maintainer,

for bug #134198 ("konsole behaves oddly with the default xterm
init_2string/:is terminfo description") from 2002, a fix was added into
/etc/screenrc that goes like this:

  # Change the xterm initialization string from is2=\E[!p\E[?3;4l\E[4l\E>
  # (This fixes the "Aborted because of window size change" konsole
  # symptoms found
  #  in bug #134198)
  termcapinfo xterm 'is=\E[r\E[m\E[2J\E[H\E[?7h\E[?1;4;6l'

That fix also fixes the following problem:

  "Soft reset shouldn't wipe out selection" (2017)
  https://bugzilla.gnome.org/show_bug.cgi?id=789954

that has plagued gnome-terminal for quite some time now. The '\e[!p'
wipes the contents of the selection if you're using a GNOME VTE widget
(which gnome-terminal does).


For older graphical desktops, the TERM env inside a gnome-terminal would
be set to xterm, but newer ones (at least on Ubuntu Xenial through
Artful) get TERM=xterm-256color by default and there the problems
reappeared. Instead of the "fixed" is= description, we get the original
one with '\e[!p' and our selection is emptied upon screen startup.

Can we get the screenrc fix replaced by one that also matches
xterm-256color to fix the VTE bug as well? Adding an asterisk would
suffice:
  
  termcapinfo xterm* 'is=\E[r\E[m\E[2J\E[H\E[?7h\E[?1;4;6l'


Steps to reproduce:

  - fire up gnome-terminal
  - put something in X selection
  - start screen: TERM=xterm-256color screen
  - observe how the selection has been cleared


Yes, I am aware that this should ideally be fixed in VTE, as screen
simply uses the :is= description as intended. But since the konsole
workaround has fixed this issue in the past, it might as well fix it in
the future as well.

And since my google-fu didn't turn up much about this issue, a bit more
exposure through this tracker wouldn't hurt either.


An alternative workaround for the gnome-terminal is to manually set a
custom command with TERM=xterm:

  $ dconf dump /org/gnome/terminal/legacy/profiles:/ | grep command
  custom-command='/usr/bin/env TERM=xterm /bin/bash'
  use-custom-command=true


Cheers,
Walter Doekes
OSSO B.V.


-- System Information:
Debian Release: 9.3
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages screen depends on:
ii  libc6  2.24-11+deb9u1
ii  libpam0g   1.1.8-3.6
ii  libtinfo5  6.0+20161126-1+deb9u1

screen recommends no packages.

Versions of packages screen suggests:
pn  byobu | screenie | iselect  
ii  ncurses-term6.0+20161126-1+deb9u1

-- Configuration Files:
/etc/screenrc changed [not included]

-- no debconf information

Bug#886676: clone

[Rene Engelhard]

reassign 886676 parl-desktop-eu,parl-desktop-world
clone 886676 -1
severity -1 important
block 886676 by -1
retitle -1 please replace myspell-nl with hunspell-nl
thanks

Hi,

ans as usual because of this overengineered stuff this needs to be done
in boxer-data. Can't we just get "normal" metapackages? (Or remove them
at all? Or make it Recommends?)

Regards,

Rene

Bug#886815: ITP: r-cran-git2r -- GNU R access to Git repositories

[Andreas Tille]

Package: wnpp
Severity: wishlist
Owner: Andreas Tille 

* Package name: r-cran-git2r
  Version : 0.21.0
  Upstream Author : Stefan Widgren 
* URL : https://cran.r-project.org/package=git2r
* License : GPL
  Programming Lang: GNU R
  Description : GNU R access to Git repositories
 This GNU R package provides an interface to the 'libgit2' library, which is
 a pure C implementation of the 'Git' core methods. Provides access to 'Git'
 repositories to extract data and running some basic 'Git' commands.


Remark: I'm currently trying to get all dependencies for Shiny-Server
and this package is one of these.  It will be maintained in r-pkg-team
(since there is no mailing list yet
debian-science-maintain...@lists.alioth.debian.org is used as
Maintainer).  The maintenance repository is

https://salsa.debian.org/r-pkg-team/r-cran-git2r.git

Bug#677845: ITP: r-cran-devtools -- Tools to make developing R code easier

[Andreas Tille]

control: owner -1 Andreas Tille 
control: retitle -1 ITP: r-cran-devtools -- Tools to make developing R code 
easier

Hi,

when working on the preconditions for Shiny-server I need this package.
It will be packaged in the r-pkg-team at

   https://salsa.debian.org/r-pkg-team/r-cran-devtools.git

-- 
http://fam-tille.de

Bug#886742: postgresql-9.4-postgis-2.1 missing in stretch

[Jürgen Fuchsberger]

On 2018-01-10 09:10, Bas Couwenberg wrote:
> On 2018-01-10 08:35, Jürgen Fuchsberger wrote:
>> On 2018-01-09 18:18, Sebastiaan Couwenberg wrote:
>>> severity 886742 normal
>>> thanks
>>>
>>> Hi Juergen,
>>>
>>> On 01/09/2018 02:16 PM, Bas Couwenberg wrote:
 On 2018-01-09 14:08, Christoph Berg wrote:
> Re: Juergen Fuchsberger 2018-01-09
>> Due to missing postgresql-9.4-postgis-2.1 in stretch, a postgis
>> enabled
>> database becomes corrupt when upgrading from jessie to stretch since
>> the required postgis libraries are missing. This can cause serious
>> data
>> loss, because once upgraded to stretch, the postgis data can't be
>> accesed nor dumped (Database gives error "could not access file
>> "$libdir/postgis-2.1": no such file or directory").
>>>
>>> The database is not corrupt, your old database still works (after
>>> installing the old postgis).
>>
>> Sure, but I can't install the old postgis-2.1 because it is not
>> available in stretch.
> 
> So temporarily add the sources for jessie and install postgis from
> jessie and remove the sources again.
> 
> Or use the symlink hack.
> 
>> I think the problem is that postgis-2.1 was removed on updating which
>> should not be the case, should it?
> 
> Removing packages no longer in the distribution your upgrading to is
> quite common.
> 
OK, this is all clear - *but*: is this behavior really ok? Isn't it
affecting every single Debian user when upgrading from Jessie to Stretch
if he is running postgresql + postgis?

Best,
Juergen

Bug#886742: postgresql-9.4-postgis-2.1 missing in stretch

[Bas Couwenberg]

On 2018-01-10 10:22, Jürgen Fuchsberger wrote:

On 2018-01-10 09:10, Bas Couwenberg wrote:

On 2018-01-10 08:35, Jürgen Fuchsberger wrote:

On 2018-01-09 18:18, Sebastiaan Couwenberg wrote:

severity 886742 normal
thanks

Hi Juergen,

On 01/09/2018 02:16 PM, Bas Couwenberg wrote:

On 2018-01-09 14:08, Christoph Berg wrote:

Re: Juergen Fuchsberger 2018-01-09

Due to missing postgresql-9.4-postgis-2.1 in stretch, a postgis
enabled
database becomes corrupt when upgrading from jessie to stretch 
since
the required postgis libraries are missing. This can cause 
serious

data
loss, because once upgraded to stretch, the postgis data can't be
accesed nor dumped (Database gives error "could not access file
"$libdir/postgis-2.1": no such file or directory").


The database is not corrupt, your old database still works (after
installing the old postgis).


Sure, but I can't install the old postgis-2.1 because it is not
available in stretch.


So temporarily add the sources for jessie and install postgis from
jessie and remove the sources again.

Or use the symlink hack.


I think the problem is that postgis-2.1 was removed on updating which
should not be the case, should it?


Removing packages no longer in the distribution your upgrading to is
quite common.


OK, this is all clear - *but*: is this behavior really ok? Isn't it
affecting every single Debian user when upgrading from Jessie to 
Stretch

if he is running postgresql + postgis?


Upgrades of postgis databases have never been supported on Debian, this 
affects all users and they are generally aware of this issue and 
reimport their databases into the new cluster after distribution 
upgrades.


Having postgis database upgrades work with pg_upgradecluster would be 
great, but this is not something the Debian package can provide, the 
upstream developers need to support this scenario, e.g by not including 
the version in the extension filename.


Kind Regards,

Bas

Bug#886817: x86info: Crashes with "readEntry: Bad address"

[Göran Weinholt]

Package: x86info
Version: 1.31~pre0.8052aabdd159bc9050e7dc264f33782c5acce05f-1+b1
Severity: important

When running x86info on my system it crashes. I don't know if it has
worked previously or not.

| industria:~# x86info 
| x86info v1.31pre  Dave Jones 2001-2011
| Feedback to .
| 
| readEntry: Bad address
| Found 4 identical CPUserror reading 1K from 0x9d800

Some information was logged in dmesg:

[ 2827.624561] memremap attempted on mixed range 0x0009d000 size: 0x1000
[ 2827.624565] [ cut here ]
[ 2827.624569] WARNING: CPU: 3 PID: 5180 at 
/build/linux-ryBv1B/linux-4.14.12/kernel/memremap.c:98 memremap+0x104/0x170
[ 2827.624570] Modules linked in: cpufreq_conservative cpufreq_powersave 
cpufreq_userspace binfmt_misc sp5100_tco loop cuse fuse amdgpu intel_rapl 
x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel iTCO_wdt 
iTCO_vendor_support mxm_wmi kvm snd_hda_codec_realtek snd_hda_codec_generic 
irqbypass amdkfd intel_cstate snd_hda_codec_hdmi intel_uncore joydev 
snd_hda_intel evdev radeon intel_rapl_perf snd_hda_codec ttm pcspkr 
drm_kms_helper snd_hda_core snd_hwdep drm snd_pcm snd_timer i2c_algo_bit snd 
lpc_ich mei_me soundcore mei mfd_core sg shpchp battery wmi tpm_infineon button 
video ext4 crc16 mbcache jbd2 fscrypto algif_skcipher af_alg hid_logitech_hidpp 
hid_logitech_dj uas usb_storage hid_microsoft hid_generic usbhid hid dm_crypt 
dm_mod sr_mod sd_mod cdrom crct10dif_pclmul crc32_pclmul crc32c_intel
[ 2827.624593]  ghash_clmulni_intel pcbc ahci aesni_intel libahci xhci_pci 
aes_x86_64 crypto_simd ehci_pci glue_helper libata cryptd xhci_hcd ehci_hcd 
scsi_mod r8169 i2c_i801 mii usbcore usb_common fan thermal
[ 2827.624600] CPU: 3 PID: 5180 Comm: x86info Not tainted 4.14.0-3-amd64 #1 
Debian 4.14.12-2
[ 2827.624601] Hardware name: MSI MS-7821/Z87-S02 (MS-7821), BIOS V10.1 
08/16/2013
[ 2827.624602] task: a0f693b1b0c0 task.stack: bc60c14c4000
[ 2827.624603] RIP: 0010:memremap+0x104/0x170
[ 2827.624604] RSP: 0018:bc60c14c7e68 EFLAGS: 00010286
[ 2827.624605] RAX: 0041 RBX: 0800 RCX: 
[ 2827.624606] RDX:  RSI: a0f69ed966f8 RDI: a0f69ed966f8
[ 2827.624606] RBP: 0001 R08: 03d5 R09: 0007
[ 2827.624607] R10:  R11: b7b87e6d R12: 1000
[ 2827.624608] R13: 7ffe7db70420 R14:  R15: 7ffe7db7040e
[ 2827.624608] FS:  7fcee1e6a740() GS:a0f69ed8() 
knlGS:
[ 2827.624609] CS:  0010 DS:  ES:  CR0: 80050033
[ 2827.624610] CR2: 7ffe7db70410 CR3: 00014cde2006 CR4: 001606e0
[ 2827.624611] Call Trace:
[ 2827.624615]  xlate_dev_mem_ptr+0x25/0x40
[ 2827.624619]  read_mem+0x69/0x150
[ 2827.624621]  vfs_read+0x89/0x130
[ 2827.624623]  SyS_read+0x52/0xc0
[ 2827.624625]  system_call_fast_compare_end+0xc/0x6f
[ 2827.624626] RIP: 0033:0x7fcee17918d1
[ 2827.624627] RSP: 002b:7ffe7db703d8 EFLAGS: 0246
[ 2827.624628] Code: 48 83 c4 08 5b 5d 41 5c c3 80 3d 86 20 f6 00 00 75 b7 4c 
89 e2 48 89 e6 48 c7 c7 e8 1e 42 b7 c6 05 70 20 f6 00 01 e8 87 48 f4 ff <0f> ff 
eb 9a 4c 89 e6 48 89 df e8 bd 32 ed ff 48 85 c0 74 99 48 
[ 2827.624642] ---[ end trace 8ea29ed3f2a0d04e ]---


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (800, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf, armel

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages x86info depends on:
ii  libc62.26-2
ii  libpci3  1:3.5.2-1
ii  makedev  2.3.1-93
ii  udev 236-2

x86info recommends no packages.

x86info suggests no packages.

-- no debconf information

Bug#886816: golang-go.uber-zap-dev,zap: duplicate packages

[Andreas Beckmann]

Package: golang-go.uber-zap-dev,zap
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: found -1 1.7.1+git20171031.f85c78b-3
Control: found -1 1.5.0+git20170802.3.e68420e-2

Hi,

during a test with piuparts I noticed your package failed to install
because it tries to overwrite other packages files ...

Both packages ship /usr/share/gocode/src/go.uber.org/zap/* and the
synopsis matches, so this seems to be independent packaging of the
same software. Please decide which one you want to keep.
There are no rdepends in both cases.


cheers,

Andreas

Bug#884707: apparmor breaks clamdscan

[intrigeri]

Control: tag -1 + patch

Hi!

Sebastian Andrzej Siewior:
> On 2018-01-07 14:59:54 [+0100], intrigeri wrote:
>> So with my AppArmor in Debian maintainer hat, I would find it
>> reasonable if the clamav-daemon maintainers decided to leave it as-is,
>> possibly improving a little bit the existing documentation in
>> README.Debian to provide better guidance to power-users whose use case
>> is not supported by the current AppArmor policy. I'm happy to help
>> with the latter part if needed.

> So looking at this I think it is just fine. clamd should only access
> specific files which includes files from postfix & exim spool
> directories. By allowing accessing everything it kind of defeats its
> purpose

ACK

> (however I am not sure how that $HOME rule works).

Understood, let me clarify :)

By default /etc/apparmor.d/tunables/home contains:

  @{HOME}=@{HOMEDIRS}/*/ /root/
  @{HOMEDIRS}=/home/

… that is the $HOME directories for *all* non-system users'.
I guess the idea is to allow users to run their own clamd as their
own user (as opposed to a system service).

Of course, DAC permissions still apply so /home/* with restricted
read access won't be readable by clamd: the MAC checks implemented by
any LSM come on top of DAC permissions, they don't override them.

> The rules file ends with
> | # Site-specific additions and overrides. See local/README for details.
> | #include 

> Maybe if you could provide some info how to add a local rule to enable
> clamd to read everything, that would be nice.

For such use cases, I think that disabling the clamd AppArmor profile
is a more adequate solution than allowing clamd to read everything.

Please see the attached patch series — generated with `git
format-patch origin/unstable' — that documents how to tweak or disable
the AppArmor profiles :)

Cheers,
-- 
intrigeri

>From 7324fb97a269ac5cbaece2546bec5e63b565392a Mon Sep 17 00:00:00 2001
From: intrigeri 
Date: Wed, 10 Jan 2018 09:16:42 +
Subject: [PATCH 1/3] Fix "apparmor" spelling typos in README.Debian.

---
 debian/README.Debian | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/debian/README.Debian b/debian/README.Debian
index de5729a..96aaa31 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -254,22 +254,22 @@ CLAMAV-MILTER
 
 APPARMOR PROFILES
   
-  If your system uses apparmor, please note that the shipped enforcing profile
+  If your system uses AppArmor, please note that the shipped enforcing profile
   works with the default installation, and changes in your configuration may
-  require changes to the installed apparmor profile. Please see
+  require changes to the installed AppArmor profile. Please see
   https://wiki.ubuntu.com/DebuggingApparmor before filing a bug against this
   software.
 
   In particular, clamav-daemon runs as it's own user and is confined from
   accessing all but a limited set of files.  These include the home directory
   of the user calling clamav-daemon, but not system files.  If you want to
-  scan files outside of your home directory, the apparmor profile will need to
+  scan files outside of your home directory, the AppArmor profile will need to
   be updated.
 
   The freshclam utility is also protected by an enforcing profile. If you
   want to add files to the /etc/clamav/onerrorexecute.d,
   /etc/clamav/onupdateexecute.d, or /etc/clamav/virusevent.d directories,
-  appropriate rules need to be added to the apparmor profile.
+  appropriate rules need to be added to the AppArmor profile.
 
   Please see https://wiki.debian.org/AppArmor for information and
-  documentation on modifying apparmor profiles.
+  documentation on modifying AppArmor profiles.
-- 
2.15.1

>From 788b78959fac6130369f8e818587d5260b98039b Mon Sep 17 00:00:00 2001
From: intrigeri 
Date: Wed, 10 Jan 2018 09:28:16 +
Subject: [PATCH 2/3] AppArmor: document in README.Debian how to grant
 clamav-daemon access to additional paths.

---
 debian/README.Debian | 13 -
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/debian/README.Debian b/debian/README.Debian
index 96aaa31..97eb499 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -264,7 +264,18 @@ APPARMOR PROFILES
   accessing all but a limited set of files.  These include the home directory
   of the user calling clamav-daemon, but not system files.  If you want to
   scan files outside of your home directory, the AppArmor profile will need to
-  be updated.
+  be updated:
+
+1. Edit /etc/apparmor.d/local/usr.sbin.clamd to add rules that
+   allow access to the additional paths you want clamav-daemon to
+   scan. For example:
+
+ /mnt/storage1/   r,
+ /mnt/storage1/** r,
+
+2. Reload the AppArmor profile:
+
+ apparmor_parser -r -K /etc/apparmor.d/usr.sbin.clamd
 
   The freshclam utility is also protected by an enforcing profile. If you
   want to add files to the /etc/clamav/onerrorexecute.d,
-- 
2.15.1

>From 1e7e78b3671c7fd3e8ae61

Bug#594175: openssh-server: support generation of ssh host keys in init script

[Guido Günther]

Hi,
On Wed, Jul 13, 2016 at 10:27:11AM +0200, Guido Günther wrote:
> On Tue, Aug 24, 2010 at 12:23:52PM +0200, Michael Prokop wrote:
> > Package: openssh-server
> > Version: 1:5.5p1-4
> > Severity: wishlist
> > 
> > 
> > I mentioned this issue in my talk "State of Debian (based) Linux
> > live systems in 2010" at Debconf10. Colin suggested to talk about
> > it later on, so I'm reporting this as a wishlist item.
> > 
> > It would be nice if the sshd init script would support generation of
> > ssh host keys - iff there aren't any keys present yet.
> > 
> > The (main) use case for this feature are live systems where you
> > usually don't want to ship pre-generated keys on one hand, on the
> > other hand not everyone wants to generate the host keys
> > automatically on each boot (consuming time and ressources).
> > 
> > Taking care of key generation as someone invokes '/etc/init.d/ssh
> > start' works fine for the Grml live systems and its users. What
> > we're doing is something as simple as:
> > 
> > , [ relevant snipped of Grml's ssh initscript ]
> > | RSA1_KEY=/etc/ssh/ssh_host_key
> > | RSA_KEY=/etc/ssh/ssh_host_rsa_key
> > | DSA_KEY=/etc/ssh/ssh_host_dsa_key
> > |
> > | case "$1" in
> > |  start)
> > | [...]
> > |   if ! test -f $RSA1_KEY ; then
> > |  log_action_msg "Generating SSH1 RSA host key..."
> > |  $KEYGEN -t rsa1 -f $RSA1_KEY -C '' -N '' || exit 1
> > |   fi
> > |
> > |   if ! test -f $RSA_KEY ; then
> > |  log_action_msg "Generating SSH RSA host key..."
> > |  $KEYGEN -t rsa -f $RSA_KEY -C '' -N '' || exit 1
> > |   fi
> > |
> > |   if ! test -f $DSA_KEY ; then
> > |  log_action_msg "Generating SSH2 DSA host key..."
> > |  $KEYGEN -t dsa -f $DSA_KEY -C '' -N '' || exit 1
> > |   fi
> > | [...]
> > `
> > 
> > Would be great if that feature would be available in Debian/Ubuntu
> > based (live) systems as well. :)
> 
> I wonder if we should just create a openssh-host-keys package that ships
> a systemd unit/init script to create the keys (as (I think it was
> Christian) suggested at debconf.
> 
> This just came up here as well
> 
> https://www.redhat.com/archives/libguestfs/2016-July/msg00090.html
> 

Michael is grml working around this somehow? If so can you attach a
link?

Cheers,
 -- Guido

Bug#886818: Controls to shut down the system are unavailable

[Wouter Verhelst]

Package: lightdm
Version: 1.18.3-5
Severity: normal

Hi,

Up to a week or so ago, lightdm would show controls on the login screen
to shut down and/or reboot the system. Currently, it does not do so
anymore. I'm not sure what changed.

I did notice #770885, but 
- that is about greyed out, not removed, controls
- that is about using sysvinit, whereas I use systemd

I use awesomewm as my user interface, no desktop manager; TTBOMK awesome
does not support shutting down the system at logoff time, and I haven't
tried installing XFCE or some such. If you need me to test that, do ask.
I suspect it wouldn't change the situation much, however.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unreleased'), (500, 'unstable'), 
(500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, m68k, arm64

Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_ZA.UTF-8, LC_CTYPE=en_ZA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_ZA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages lightdm depends on:
ii  adduser3.116
ii  consolekit 0.4.6-6
ii  dbus   1.12.2-1
ii  debconf [debconf-2.0]  1.5.65
ii  libaudit1  1:2.8.2-1
ii  libc6  2.26-2
ii  libgcrypt201.8.1-4
ii  libglib2.0-0   2.54.2-5
ii  libpam-systemd 236-2
ii  libpam0g   1.1.8-3.6
ii  libxcb11.12-1
ii  libxdmcp6  1:1.1.2-3
ii  lightdm-gtk-greeter [lightdm-greeter]  2.0.3-1
ii  lsb-base   9.20170808

Versions of packages lightdm recommends:
ii  xserver-xorg  1:7.7+19

Versions of packages lightdm suggests:
ii  accountsservice  0.6.45-1
ii  upower   0.99.7-1
ii  xserver-xephyr   2:1.19.5-1

-- Configuration Files:
/etc/lightdm/lightdm.conf changed:
[LightDM]
[Seat:*]
display-setup-script = /usr/local/bin/config-x-server
greeter-hide-users = false
[XDMCPServer]
[VNCServer]


-- debconf information:
  lightdm/daemon_name: /usr/sbin/lightdm
* shared/default-x-display-manager: lightdm

Bug#886819: ITP: aims-live -- Live media package for AIMS Desktop

[Jonathan Carter]

Package: wnpp
Severity: wishlist
Owner: Jonathan Carter 

* Package name: aims-live
  Version : 10.0.1
  Upstream Author : AIMS Desktop Team 
* URL : https://salsa.debian.org/aims-desktop-team/aims-live
* License : GPL-2
  Programming Lang: metapackage, shell
  Description : Live media package for AIMS Desktop

This package is part of AIMS Desktop.

It provides:

 - The dependencies in order to boot up a system from live media such
   as a DVD-RW disc or a USB disk.
 - Settings for Calamares, the installer framework used to install
   AIMS Desktop.
 - A list of conflicts that are used during the installation process
   in order to remove unwanted or very large packages.

For more information about AIMS Desktop, see: https://desktop.aims.ac.za

Bug#881449: imap3 service not defined

[Ronney Meier]

I've got exactly the same problem.
The problem is, that fail2ban tries to block the service imap3 which is
not defined.
In /etc/services only imap2 is defined...
So add the entry
imap3   143/tcp
to /etc/services and it will work.
I'm not sure if it's also necessary to fill a bug against netbase, or
only fail2ban...

Bug#879664: backupninja cron jobs does not behave nicely with systemd - resulting in lots of errors in the logs

[intrigeri]

Control: tag -1 + moreinfo

Hi,

Thomas D:
> I have been using backupninja for a long time and it is really helpful.
> After upgrading to Debian 9 I started seing a lot of errors such as
> these in my syslog:

> 2017-10-23T01:00:15.795982+02:00 fer systemd[1]: user@500.service: Start 
> request repeated too quickly.
> 2017-10-23T01:00:15.796132+02:00 fer systemd[1]: Failed to start User 
> Manager for UID 500.
> 2017-10-23T01:00:15.796271+02:00 fer systemd[1]: user@500.service: Unit 
> entered failed state.
> 2017-10-23T01:00:15.796409+02:00 fer systemd[1]: user@500.service: Failed 
> with result 'start-limit-hit'.
> 2017-10-23T01:00:15.796702+02:00 fer su[11455]: pam_systemd(su:session): 
> Failed to create session: Start job for unit user@500.service failed with 
> 'failed'
> 2017-10-23T01:00:21.594947+02:00 fer systemd[1]: user@500.service: Start 
> request repeated too quickly.
> 2017-10-23T01:00:21.595070+02:00 fer systemd[1]: Failed to start User 
> Manager for UID 500.
> 2017-10-23T01:00:21.595212+02:00 fer systemd[1]: user@500.service: Failed 
> with result 'start-limit-hit'.
> 2017-10-23T01:00:21.596172+02:00 fer su[11486]: pam_systemd(su:session): 
> Failed to create session: Start job for unit user@500.service failed with 
> 'failed'

> A bit of investigation with help from the IRC lead to the conclusion
> that this is caused by backupninja's postgresql jobs.

Can you please share the output of `backupninja --now --debug'?
(Make sure it does not contain any password :)

Cheers,
-- 
intrigeri

Bug#886064: [Debian-zh-dev] Bug#886064: iptux: Depends on gconf

[LI Daobing]

fixed in iptux 0.7.0 (switched to jsoncpp)

On Tue, Jan 2, 2018 at 7:49 AM, Jeremy Bicha  wrote:

> Source: iptux
> Version: 0.6.4-1
> Severity: important
> User: pkg-gnome-maintain...@lists.alioth.debian.org
> Usertags: oldlibs gconf
> Tags: sid buster
>
> Your package depends or build-depends on gconf, but gconf will be
> removed from Debian soon.
>
> gconf's last release was about 5 years ago. It has been replaced by
> gsettings (provided in Debian by source glib2.0 )
>
> References
> --
> https://developer.gnome.org/gio/stable/ch34.html
> https://developer.gnome.org/gio/stable/GSettings.html
>
> On behalf of the Debian GNOME team,
> Jeremy Bicha
>
> ___
> Chinese-developers mailing list
> chinese-develop...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/chinese-developers
>



-- 
Best Regards
LI Daobing

Bug#854439: also required for npm 5.x and yarnpkg

[Aarti Kashyap]

Hello

I will complete this by the end of the month,
However, if I do not end up completing, you may take the ownership then

Regards
Aarti

On Wed, Jan 10, 2018 at 1:01 PM, Paolo Greppi 
wrote:

> Hi, this ITP has been idle for some time, now this module would also be is
> also required for npm 5.x and yarnpkg:
> https://wiki.debian.org/Javascript/Nodejs/Tasks/npm
> https://wiki.debian.org/Javascript/Nodejs/Tasks/yarn
>
> I have seen you have already done some work on version 1.1.2 here:
> https://anonscm.debian.org/cgit/pkg-javascript/node-sort-keys.git
> but in the meantime upstream has release v 2.0.0
>
> Do you plan to complete this package in the near future ?
> Or should I take ownership of the ITP ?
>
> Many thanks, Paolo
>



-- 
This is my Footrr 

Bug#886672: [ddtp] aeolus - german localization

[Jaromír Mikeš]

2018-01-10 0:17 GMT+01:00 Martin Eberhard Schauer :

​Hi Martin,​


Package descriptions are translated by the DDTP volunteers. Mainly they
> use the web GUI at [1].
>
> I' ve pulled it in [2]. Now it needs a review to proceed to the database
> and finally to Translation-de.bz2 under [3].


​Great! But also consider IOhannes's suggestion please ...

quote:

i also doubt that "eine Stimme geben" is the best translation for "to
voice", as this appears to be a terminus technicus in the context of organs.

-​


> It will take up two weeks
> then. In total three reviews are needed. One review is equivalent to one
> week without change.
>

​Ok, but still ... how will I know the change has been really accepted and
uploaded?​


> 1: http://ddtp2.debian.net/ddtss/index.cgi/xx
> 2: http://ddtp2.debian.net/ddtss/index.cgi/de/forreview/aeolus?1515537014
> 3: http://ftp.debian.de/debian/dists/sid/main/i18n/


​best regards

​mira

Bug#886820: qtcreator: FTBFS on armhf: sed: can't read builddir/src/plugins/qmldesigner/Makefile.qmldesignerplugin: No such file or directory

[Emilio Pozuelo Monfort]

Source: qtcreator
Version: 4.5.0-1
Severity: serious

Hi,

qtcreator fails to build on armhf, as it can't find the file for the -O1 hack:

# Hack over a g++ problem while using -O2 on armhf.
# If you don't like this horrible hack please feel free to help me try to
# reproduce it in a minimal test case so as to be able to properly fill a
# bug against g++.
sed -i 's/O2/O1/g' builddir/src/plugins/qmldesigner/Makefile.qmldesignerplugin
sed: can't read builddir/src/plugins/qmldesigner/Makefile.qmldesignerplugin: No 
such file or directory
debian/rules:32: recipe for target 'override_dh_auto_configure' failed

Note that this was added quite a while back:

qtcreator (3.1.2+dfsg-2) unstable; urgency=medium
[...]
  [ Lisandro Damián Nicanor Pérez Meyer ]
  * Add a horrible hack in debian/rules for building a few files with -O1
instead of -O2 on armhf. If you don't like this please be sure to help
me to get a minimal test case in order to fill a proper bug against g++.

 -- Lisandro Damián Nicanor Pérez Meyer   Sun, 03 Aug 2014 
13:36:05 -0300

Maybe this is no longer needed due to the new qtcreator and/or new
compiler versions?

Cheers,
Emilio

Bug#886822: linux: KPTI backport lacks pti-related flags in /proc/cpuinfo

[Apollon Oikonomopoulos]

Source: linux
Version: 4.9.65-3+deb9u2
Severity: wishlist
Control: found -1 3.16.51-3+deb8u1

Dear Maintainer,

The backport of KPTI/KAISER to 4.9 and 3.16 lacks the pti CPU flag and 
the cpu_insecure bug found in /proc/cpuinfo in 4.14. While this does not 
affect core KPTI functionality, it makes it harder to determine whether 
a system is running with pti enabled without examining kernel logs.

Please consider backporting the relevant changes.

Regards,
Apollon

Bug#886821: ITP: aims-desktop -- AIMS Desktop main meta-package

[Jonathan Carter]

Package: wnpp
Severity: wishlist
Owner: Jonathan Carter 

* Package name: aims-desktop
  Version : 10.0.1
  Upstream Author : AIMS Desktop Team 
* URL : https://desktop.aims.ac.za
* License : GPL-2
  Programming Lang: metapackage, shell
  Description : AIMS Desktop main meta-package

This metapackage configures an AIMS Desktop system and installs
related artwork, a large ammount of utilities and scientific packages
including Jupyter, RStudio, Sagemath and Texmaker.

It will be team maintained in salsa.

Bug#886823: ITP: node-sellside-emitter -- Event emitter for node.js projects

[Pirate Praveen]

Package: wnpp
Severity: wishlist
Owner: Pirate Praveen 
X-Debbugs-CC: debian-de...@lists.debian.org

* Package name: node-sellside-emitter
  Version : 1.2.2
  Upstream Author : Jon Schlinkert
* URL : https://github.com/sellside/emitter
* License : Expat
  Programming Lang: JavaScript
  Description :  Event emitter for node.js projects

 This is based on component-emitter, with some changes and a couple of new
 methods. That project seems to no longer be maintained.
 .
 Node.js is an event-based server-side JavaScript engine.

New dependency for node-cache-base 2.0.2.



signature.asc
Description: OpenPGP digital signature

Bug#873468: CUDA 9.0 transition

[Samuel Thibault]

Hello,

Andreas Beckmann, on mer. 10 janv. 2018 05:19:29 +0100, wrote:
> I didn't test the other rdepends that are in sid only. But they will
> need sourceful uploads anyway for switching the compiler (to gcc-6/g++-6
> - not the default, but the best we can get and still better than clang-3.x).

starpu-contrib and eztrace-contrib seem to build fine with the switch to
gcc-6.

Samuel

Bug#886824: ITP: aims-artwork -- wallpapers, icons and other assets used in AIMS Desktop

[Jonathan Carter]

Package: wnpp
Severity: wishlist
Owner: Jonathan Carter 

* Package name: aims-artwork
  Version : 10.0.1
  Upstream Author : AIMS Desktop packages 
* URL : https://salsa.debian.org/aims-desktop-team/aims-artwork
* License : GPL-2
  Programming Lang: data
  Description : wallpapers, icons and other assets used in AIMS Desktop

Contains wallpaper, icons, theming and other assets used in AIMS Desktop.

This will be team maintained in salsa:
https://salsa.debian.org/aims-desktop-team/aims-artwork

Bug#886825: pcmanfm: Cut and paste does not work

[Sampo Sorsa]

Package: pcmanfm
Version: 1.2.5-3
Severity: normal

Dear Maintainer,

Cutting and trying to paste does not work. After cut, the right-click context 
menu contains a grayed out "Paste" entry. Menu entry Edit->Paste is not grayed 
out, but does nothing.

Surprisingly, copy and paste does work. And so does dragging the file to 
another tab.

I'm using gnome, and as far as I know, no clipboard manager is in use.

-- System Information:
Debian Release: 9.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pcmanfm depends on:
ii  libatk1.0-0  2.22.0-1
ii  libc62.24-11+deb9u1
ii  libcairo21.14.8-1
ii  libfm-gtk4   1.2.5-1
ii  libfm4   1.2.5-1
ii  libfontconfig1   2.11.0-6.7+b1
ii  libfreetype6 2.6.3-3.2
ii  libgdk-pixbuf2.0-0   2.36.5-2+deb9u1
ii  libglib2.0-0 2.50.3-2
ii  libgtk2.0-0  2.24.31-2
ii  libpango-1.0-0   1.40.5-1
ii  libpangocairo-1.0-0  1.40.5-1
ii  libpangoft2-1.0-01.40.5-1
ii  libx11-6 2:1.6.4-3
ii  shared-mime-info 1.8-1

Versions of packages pcmanfm recommends:
ii  gnome-flashback [polkit-1-auth-agent] 3.22.0-3
ii  gnome-icon-theme  3.12.0-2
ii  gnome-shell [polkit-1-auth-agent] 3.22.3-3
ii  gvfs-backends 1.30.4-1
ii  gvfs-fuse 1.30.4-1
ii  mate-polkit [polkit-1-auth-agent] 1.16.0-2
ii  oxygen-icon-theme 5:5.28.0-1
ii  policykit-1-gnome [polkit-1-auth-agent]   0.105-6
ii  polkit-kde-agent-1 [polkit-1-auth-agent]  4:5.8.4-1
ii  tango-icon-theme  0.8.90-6

pcmanfm suggests no packages.

-- no debconf information

Bug#886826: ITP: mwclient - MediaWiki API client in Python

[Hans-Christoph Steiner]

Package: wnpp
Severity: wishlist
Owner: "Hans-Christoph Steiner" 

* Package name: mwclient
  Version : git
  Upstream Author : Bryan Tong Minh, Dan Michael O. Heggø, and others
* URL : https://github.com/mwclient/mwclient
* License : EXPAT
  Programming Lang: Python
  Package source  :
https://anonscm.debian.org/cgit/python-modules/packages/mwclient.git
  Description: MediaWiki API client in Python

mwclient is a lightweight Python client library to the MediaWiki API
which provides access to most API functionality. It works with Python
2.7, 3.3 and above, and supports MediaWiki 1.16 and above. For functions
not available in the current MediaWiki, a MediaWikiVersionError is raised.

Most properties and generators accept the same parameters as the API,
without their two-letter prefix. Exceptions to this rule:

* Image.imageinfo is the imageinfo of the latest image. Earlier
  versions can be fetched using imagehistory()
* Site.all*: parameter  [ap]from renamed to start
* categorymembers is implemented as Category.members
* deletedrevs is deletedrevisions
* usercontribs is usercontributions
* First parameters of search and usercontributions are search and
  user respectively

Properties and generators are implemented as Python generators. Their
limit parameter is only an indication of the number of items in one
chunk. It is not the total limit. Doing list(generator(limit =
limit)) will return ALL items of generator, and not be limited by the
limit value. Default chunk size is generally the maximum chunk size.



signature.asc
Description: OpenPGP digital signature

Bug#886827: RFS: youtube-dl-gui/0.4-1

[Félix Sipma]

Package: sponsorship-requests
Severity: wishlist

Dear mentors,

I am looking for a sponsor for my package "youtube-dl-gui":

  youtube-dl-gui - Front-end GUI of the popular youtube-dl media downloader

Package: youtube-dl-gui
Version: 0.4-1
Upstream Author: Sotiris Papadopoulos 
Homepage: https://github.com/MrS0m30n3/youtube-dl-gui
License: public-domain
Section: utils


Download with dget:

dget -x 
https://mentors.debian.net/debian/pool/main/y/youtube-dl-gui/youtube-dl-gui_0.4-1.dsc

Or build it with gbp:

gbp clone --pristine-tar 
https://salsa.debian.org/felix-guest/youtube-dl-gui.git
cd youtube-dl-gui
gbp buildpackage --extra-package path-to-python-twodict_1.2-1_all.deb

Please note that building the package requires python-twodict, which is in the
new queue.

Thanks.


signature.asc
Description: PGP signature

Bug#783607: libpoppler: Some contents in some pdf documents seem to be ignored

[Michael Weghorn]

Hi,

the bug is still reproducible in current Debian stable (libpoppler64
0.48.0-2+deb9u1).

However, I can no longer reproduce it in current Debian unstable
(libpoppler72 0.61.1-2), so it seems to have been fixed in the meanwhile.

Regards,
  Michael

On 2018-01-09 21:53, Andreas Goesele wrote:
> This bug is still present in libpoppler46:amd64 0.26.5-2+deb8u1 and
> libpoppler46:amd64 0.26.5-2+deb8u2
> 

Bug#886828: New upstream version 4.1.1

[Nicholas D Steeves]

Source: lxml
Version: 4.1.0-1
Severity: normal

Hi Matthias,

Thank you for maintaining Debian's lxml package.  I'm in the process of 
checking prerequisites for a formal stretch-backport of Calibre and noticed 
that python-lxml was out of date.  Here is the changelog:

http://lxml.de/4.1/changes-4.1.1.html

Oh, and are you interested in maintaining a backport of lxml? ;-)

Sincerely,
Nicholas

Bug#886829: dput: Suggest use of --force if package has already been uploaded

[Chris Lamb]

Source: dput
Version: 1.0.1
Severity: wishlist
Tags: patch

Hi,

Please suggest the use of --force if package has already been
uploaded.

Patch attached.


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
diff --git a/dput/dput.py b/dput/dput.py
index d21a6f7..a407020 100755
--- a/dput/dput.py
+++ b/dput/dput.py
@@ -774,7 +774,8 @@ def check_upload_logfile(
 uploaded = 1
 if uploaded:
 sys.stdout.write(
-"Package has already been uploaded to %s on %s\n"
+"Package has already been uploaded to %s on %s"
+" (use --force to override)\n"
 % (host, fqdn))
 sys.stdout.write("Nothing more to do for %s\n" % changes_file)
 sys.exit(0)

Bug#886798: libpoppler46: displays empty pages after security update

[Michael Weghorn]

Just a note: #886733 seems to describe the same problem for Debian stable.

Regards,
  Michael

On 2018-01-09 23:37, Andreas Gösele wrote:
> Package: libpoppler46
> Version: 0.26.5-2+deb8u2
> Severity: important
> 
> Dear Maintainer,
> 
> after the security update from 0.26.5-2+deb8u1 to 0.26.5-2+deb8u2
> programs like okular, xpdf and zathura don't display correctly many
> pdf files, showing either blank pages, mostly blank pages or not
> displaying certain characters. This concerns files I created myself
> and files I downloaded from the internet like:
> 
> https://www.uni-heidelberg.de/md/awi/forschung/dp391.pdf
> 
> Okular gives many error messages of the type:
> 
> okular(18722) PDFGeneratorPopplerDebugFunction: [Poppler] "Error (180512): 
> Missing or bad Type3 CharProc entry"
> 
> Going back and forth between 0.26.5-2+deb8u1 and 0.26.5-2+deb8u2
> clearly show that the error is related to the new version of libpoppler46.
> 
> -- System Information:
> Debian Release: 8.10
>   APT prefers oldstable-updates
>   APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages libpoppler46 depends on:
> ii  libc6  2.19-18+deb8u10
> ii  libfontconfig1 2.11.0-6.3+deb8u1
> ii  libfreetype6   2.5.2-3+deb8u2
> ii  libjpeg62-turbo1:1.3.1-12
> ii  liblcms2-2 2.6-3+deb8u1
> ii  libopenjpeg5   1:1.5.2-3
> ii  libpng12-0 1.2.50-2+deb8u3
> ii  libstdc++6 4.9.2-10
> ii  libtiff5   4.0.3-12.3+deb8u4
> ii  multiarch-support  2.19-18+deb8u10
> 
> Versions of packages libpoppler46 recommends:
> ii  poppler-data  0.4.7-1
> 
> libpoppler46 suggests no packages.
> 
> -- no debconf information
> 

Bug#886798: libpoppler46: displays empty pages after security update

[Michael Weghorn]

Just a note: #886733 seems to describe the same problem for Debian stable.

Regards,
  Michael

On 2018-01-09 23:37, Andreas Gösele wrote:
> Package: libpoppler46
> Version: 0.26.5-2+deb8u2
> Severity: important
> 
> Dear Maintainer,
> 
> after the security update from 0.26.5-2+deb8u1 to 0.26.5-2+deb8u2
> programs like okular, xpdf and zathura don't display correctly many
> pdf files, showing either blank pages, mostly blank pages or not
> displaying certain characters. This concerns files I created myself
> and files I downloaded from the internet like:
> 
> https://www.uni-heidelberg.de/md/awi/forschung/dp391.pdf
> 
> Okular gives many error messages of the type:
> 
> okular(18722) PDFGeneratorPopplerDebugFunction: [Poppler] "Error (180512): 
> Missing or bad Type3 CharProc entry"
> 
> Going back and forth between 0.26.5-2+deb8u1 and 0.26.5-2+deb8u2
> clearly show that the error is related to the new version of libpoppler46.
> 
> -- System Information:
> Debian Release: 8.10
>   APT prefers oldstable-updates
>   APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages libpoppler46 depends on:
> ii  libc6  2.19-18+deb8u10
> ii  libfontconfig1 2.11.0-6.3+deb8u1
> ii  libfreetype6   2.5.2-3+deb8u2
> ii  libjpeg62-turbo1:1.3.1-12
> ii  liblcms2-2 2.6-3+deb8u1
> ii  libopenjpeg5   1:1.5.2-3
> ii  libpng12-0 1.2.50-2+deb8u3
> ii  libstdc++6 4.9.2-10
> ii  libtiff5   4.0.3-12.3+deb8u4
> ii  multiarch-support  2.19-18+deb8u10
> 
> Versions of packages libpoppler46 recommends:
> ii  poppler-data  0.4.7-1
> 
> libpoppler46 suggests no packages.
> 
> -- no debconf information
> 

Bug#886733: okular fails to render some text

[Michael Weghorn]

Just a note: #886798 seems to describe the same problem for oldstable.

Regards,
  Michael

On 2018-01-09 12:22, Semyon Glazyrin wrote:
> Package: okular
> Version: 4:16.08.2-1+b1
> Severity: normal
> 
> Dear Maintainer,
> 
> After latest upgrade of popper:
> 
> [UPGRADE] libpoppler-glib8:amd64 0.48.0-2 -> 0.48.0-2+deb9u1
> [UPGRADE] libpoppler-qt4-4:amd64 0.48.0-2 -> 0.48.0-2+deb9u1
> [UPGRADE] libpoppler-qt5-1:amd64 0.48.0-2 -> 0.48.0-2+deb9u1
> [UPGRADE] libpoppler64:amd64 0.48.0-2 -> 0.48.0-2+deb9u1
> 
> okular fails to render some text in documents.
> 
> Way to reproduce: generate pdf-file with pdflatex
> 
> \documentclass{article}
> \usepackage[utf8]{inputenc}
> \usepackage[russian]{babel}
> 
> \begin{document}
> test
> \end{document}
> 
> The text in the file compiled with pdflatex is not visible in okular, though 
> evince, gv open it well.
> 
> Thanks,
> Semyon Glazyrin
> 
> -- System Information:
> Debian Release: 9.3
>   APT prefers stable
>   APT policy: (500, 'stable')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 4.9.0-4-amd64 (SMP w/8 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
> LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages okular depends on:
> ii  kde-runtime 4:16.08.3-2
> ii  libc6   2.24-11+deb9u1
> ii  libfreetype62.6.3-3.2
> ii  libjpeg62-turbo 1:1.5.1-2
> ii  libkdecore5 4:4.14.26-2
> ii  libkdeui5   4:4.14.26-2
> ii  libkexiv2-114:15.04.3-1
> ii  libkio5 4:4.14.26-2
> ii  libkparts4  4:4.14.26-2
> ii  libkprintutils4 4:4.14.26-2
> ii  libkpty44:4.14.26-2
> ii  libokularcore7  4:16.08.2-1+b1
> ii  libphonon4  4:4.9.0-4
> ii  libpoppler-qt4-40.48.0-2+deb9u1
> ii  libqca2 2.1.1-4+b2
> ii  libqimageblitz4 1:0.0.6-4+b2
> ii  libqmobipocket1 4:16.08.0-1
> ii  libqt4-dbus 4:4.8.7+dfsg-11
> ii  libqt4-declarative  4:4.8.7+dfsg-11
> ii  libqt4-svg  4:4.8.7+dfsg-11
> ii  libqt4-xml  4:4.8.7+dfsg-11
> ii  libqtcore4  4:4.8.7+dfsg-11
> ii  libqtgui4   4:4.8.7+dfsg-11
> ii  libsolid4   4:4.14.26-2
> ii  libspectre1 0.2.8-1
> ii  libstdc++6  6.3.0-18
> ii  phonon  4:4.9.0-4
> ii  zlib1g  1:1.2.8.dfsg-5
> 
> Versions of packages okular recommends:
> ii  cups-bsd  2.2.1-8
> 
> Versions of packages okular suggests:
> ii  ghostscript9.20~dfsg-3.2+deb9u1
> pn  jovie  
> ii  okular-extra-backends  4:16.08.2-1+b1
> ii  poppler-data   0.4.7-8
> ii  texlive-binaries   2016.20160513.41080.dfsg-2
> pn  unrar  
> 
> -- debconf-show failed
> 

Bug#886831: phpmyadmin: Package postinst script database backup fails during Jessie to Stretch migration.

[Simon Byrnand]

Package: phpmyadmin
Version: 4:4.6.6-4
Severity: important

Dear Thijs Kinkhorst,

A problem has been noticed with the package upgrade process of phpmyadmin when 
migrating an OSMC (Debian) Jessie system to Stretch.

The postinst script appears to fail to back up the old database, this leads to 
the entire postinst script failing thus causing a partially failed dist-upgrade 
and inconsistent APT state. The following is logged:

Setting up phpmyadmin (4:4.6.6-4) ...
Installing new version of config file /etc/phpmyadmin/apache.conf ...
Installing new version of config file /etc/phpmyadmin/config.inc.php ...
Installing new version of config file /etc/phpmyadmin/lighttpd.conf ...
Determining localhost credentials from /etc/mysql/debian.cnf: succeeded.
dbconfig-common: writing config to /etc/dbconfig-common/phpmyadmin.conf
Replacing config file /etc/dbconfig-common/phpmyadmin.conf with new version
Replacing config file /etc/phpmyadmin/config-db.php with new version
creating database backup in 
/var/cache/dbconfig-common/backups/phpmyadmin_4:4.2.12-2+deb8u2.2018-01-10-10.30.29.
dumping database as user failed, retrying with administrator credentials.
error encountered backing up the old database:
mysqldump: Couldn't execute 'SHOW FUNCTION STATUS WHERE Db = 'phpmyadmin'': 
Cannot load from mysql.proc. The table is probably corrupted (1728)
dbconfig-common: phpmyadmin configure: aborted.
dbconfig-common: flushing administrative password
ESC[1mdpkg:ESC[0m error processing package phpmyadmin (--configure):
 subprocess installed post-installation script returned error exit status 1

As part of a migration to stretch, mysql is replaced with mariadb, but it's 
unclear if this triggers the issue.

To reproduce the problem:

1) Install OSMC October 2017 or earlier, or standard Debian Jessie.
2) Install mysql-server
3) Install phpmyadmin - choose to let phpmyadmin configure both apache2 and set 
up the database. Check phpmyadmin is working.
4) Upgrade to stretch - on OSMC simply update via My OSMC. On vanilla Debian 
modify /etc/apt/sources.list and update the sources from jessie to stretch, run 
apt-get update and apt-get dist-upgrade.
   My OSMC update in OSMC performs a dist-upgrade in "unattended" mode so will 
use default actions and suppress all package prompts. This could be simulated 
in Debian by executing 'DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade'.

The failure of the phpmyadmin postinst script will abort the dist-upgrade and 
leave some packages including phpmyadmin unconfigured. It's possible to 
manually recover from the situation by manually running 'dpkg --configure -a'
then manually following the prompts to set up the phpmyadmin database again.

Although it may not be the issue in this instance I'd also suggest that 
attempting to back up the database during the postinst script and fail the 
script if this does not succeed is fundamentally flawed as no assumption should 
be
made by the package script that mysql is running at the time the phpmyadmin 
postinst script. If both the mysql/mariadb package and phpmyadmin package are 
scheduled to be upgraded during the same dist-upgrade session there is a
strong chance that mysql has been stopped and not yet restarted at the point 
that the phpmyadmin postinst script runs. Instead this sort of processing that 
requires database accesss should be handled when the service is restarted
instead of during the package upgrade process. The order in which mysql and 
phpmyadmin postinst scripts run is to some degree non deterministic depending 
on what other packages are scheduled to be upgraded so may cause random failures
of this type.

Kind Regards,
Simon Byrnand


-- System Information:
Debian Release: 9.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: armhf (aarch64)
Foreign Architectures: arm64

Kernel: Linux 3.14.29-51-osmc (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C), 
LANGUAGE=C (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages phpmyadmin depends on:
ii  dbconfig-common 2.0.8
ii  dbconfig-mysql  2.0.8
ii  debconf [debconf-2.0]   1.5.61
ii  libjs-sphinxdoc 1.4.9-2
ii  perl5.24.1-3+deb9u2
ii  php 1:7.0+49
ii  php-cli 1:7.0+49
ii  php-gettext 1.0.12-0.1
ii  php-mbstring1:7.0+49
ii  php-mysql   1:7.0+49
ii  php-php-gettext 1.0.12-0.1
ii  php-phpseclib   2.0.4-1
ii  php-xml 1:7.0+49
ii  php7.0 [php]7.0.27-0+deb9u1
ii  php7.0-cli [php-cli]7.0.27-0+deb9u1
ii  php7.0-json [php-json]  7.0.27-0+deb9u1
ii  php7.0-mbstring [php-mbstring]  7.0.27-0+deb9u1
ii  php7.0-xml [php-xml

Bug#886830: PHP code still contains non-PHP 7 code elements (in parent constructor call)

[Mike Gabriel]

Package: gosa-plugins-pwreset
Version: 0.99.4-1
Severity: grave

We found a remaining PHP-7 incompatibility in addons/pwreset/tabs_pwreset.inc:

```
diff --git a/addons/pwreset/tabs_pwreset.inc b/addons/pwreset/tabs_pwreset.inc
index bd7f889..f01214c 100644
--- a/addons/pwreset/tabs_pwreset.inc
+++ b/addons/pwreset/tabs_pwreset.inc
@@ -24,7 +24,7 @@ class pwresettab extends tabs
 
   function __construct($config, $data, $dn)
   {
-tabs::tabs($config, $data, $dn);
+tabs::__construct($config, $data, $dn);
   }
 
   function save_object($save_current= FALSE)
```

The fix needs to be applied to the unstable and the stretch version.

Mike

-- System Information:
Debian Release: 9.3
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-updates')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#886729: atop: noisy service restarts every night

[Cristian Ionescu-Idbohrn]

On Wed, 10 Jan 2018, Marc Haber wrote:
> On Wed, Jan 10, 2018 at 09:19:51AM +0100, Cristian Ionescu-Idbohrn wrote:
> > On Tue, 9 Jan 2018, Marc Haber wrote:
> > > 
> > > I have never seen that. Are you running your systemd in some debug mode?
> > 
> > Not that I know of.  Pid 1 command line is:
> > 
> > /lib/systemd/systemd --system --deserialize 24
> > 
> > Is there anything else I can check or watch?
> 
> Nothing that is inside my systemd foo.

My systemd fu is limited too.

> All my systems just work, and
> your bug report is the first (and only) one about this issue.

Someone must be the first ;)  Do you have your `cron' mail sent to 
user root?  Do you read it?

I have local postfix smtp on this box which forwards root mails to my 
account on another box.

> Did the issue appear with atop 2.3.0, or are you having this with older
> versions as well?

See, this box recently came installed with stretch (init=systemd) and 
quickly upgraded (by me) to buster.  I have no previous experience 
with the systemd+atop combination.

Looking at /lib/systemd/system/atop.service, I see:

ExecStart=/usr/share/atop/atop.daily
KillSignal=SIGUSR2

and looking at /usr/share/atop/atop.daily I see:

kill -USR2 `cat $PIDFILE`   # final sample and terminate

and try to make sense of it.  What process is systemd sending SIGUSR2 
to?  atop.daily?  But atop.daily doesn't catch that signal, does 
it?  The script is obviously sending SIGUSR2 to the running atop 
daemon.

Also, this might also be relevant:

/var/log/syslog.1
-
Jan 10 00:00:01 debian CRON[30253]: (root) CMD (if [ -d "/run/systemd/system" 
]; then systemctl restart --quiet atop; else /usr/share/atop/atop.daily \& ; fi)
Jan 10 00:00:01 debian systemd[1]: atop.service: Trying to enqueue job 
atop.service/restart/replace
Jan 10 00:00:01 debian systemd[1]: atop.service: Installed new job 
atop.service/restart as 28664
Jan 10 00:00:01 debian systemd[1]: atop.service: Enqueued job 
atop.service/restart as 28664
Jan 10 00:00:01 debian systemd[1]: atop.service: Changed running -> stop-sigterm
Jan 10 00:00:01 debian systemd[1]: Received SIGCHLD from PID 3225 (atop).
Jan 10 00:00:01 debian systemd[1]: Child 3225 (atop) died (code=exited, 
status=0/SUCCESS)
Jan 10 00:00:01 debian systemd[1]: atop.service: Child 3225 belongs to 
atop.service
Jan 10 00:00:01 debian systemd[1]: atop.service: Main process exited, 
code=exited, status=0/SUCCESS
Jan 10 00:00:01 debian systemd[1]: atop.service: Changed stop-sigterm -> dead
Jan 10 00:00:01 debian systemd[1]: atop.service: Job atop.service/restart 
finished, result=done
Jan 10 00:00:01 debian systemd[1]: atop.service: Converting job 
atop.service/restart -> atop.service/start
Jan 10 00:00:01 debian systemd[1]: atop.service: Passing 0 fds to service
Jan 10 00:00:01 debian systemd[1]: atop.service: About to execute: 
/usr/share/atop/atop.daily
Jan 10 00:00:01 debian systemd[1]: atop.service: Forked 
/usr/share/atop/atop.daily as 30255
Jan 10 00:00:01 debian systemd[1]: atop.service: Changed dead -> running
Jan 10 00:00:01 debian systemd[1]: atop.service: Job atop.service/start 
finished, result=done
Jan 10 00:00:01 debian systemd[30255]: atop.service: Executing: 
/usr/share/atop/atop.daily
Jan 10 00:00:04 debian systemd[1]: Received SIGCHLD from PID 30263 (atop.daily).
Jan 10 00:00:04 debian systemd[1]: Child 30263 (atop.daily) died (code=exited, 
status=0/SUCCESS)
Jan 10 00:00:04 debian systemd[1]: atop.service: Child 30263 belongs to 
atop.service

/var/log/auth.log
-
Jan 10 00:00:01 debian systemd-logind[952]: Got message type=signal sender=:1.1 
destination=n/a object=/org/freedesktop/systemd1/unit/atop_2eservice 
interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=10511 
reply_cookie=0 error-name=n/a error-message=n/a
Jan 10 00:00:01 debian systemd-logind[952]: Got message type=signal sender=:1.1 
destination=n/a object=/org/freedesktop/systemd1/unit/atop_2eservice 
interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=10512 
reply_cookie=0 error-name=n/a error-message=n/a
Jan 10 00:00:01 debian systemd-logind[952]: Got message type=signal sender=:1.1 
destination=n/a object=/org/freedesktop/systemd1/unit/atop_2eservice 
interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=10514 
reply_cookie=0 error-name=n/a error-message=n/a
Jan 10 00:00:01 debian systemd-logind[952]: Got message type=signal sender=:1.1 
destination=n/a object=/org/freedesktop/systemd1/unit/atop_2eservice 
interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=10515 
reply_cookie=0 error-name=n/a error-message=n/a
Jan 10 00:00:01 debian systemd-logind[952]: Got message type=signal sender=:1.1 
destination=n/a object=/org/freedesktop/systemd1/unit/atop_2eservice 
interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=10518 
reply_cookie=0 error-name=n/a error-message=n/a
Jan 10 00:00:01 debian systemd-l

Bug#886224: printer-driver-cups-pdf: Virtual pdf printer error: no output and config problem

[Rudolf Polzer]

I deleted the symlink. Now,
# lpinfo -m | grep ^lsb
returns

lsb/usr/cupsfilters/Fuji_Xerox-DocuPrint_CM305_df-PDF.ppd Fuji Xerox
lsb/usr/MFC7360N.ppd Brother MFC7360N for CUPS
lsb/usr/cups-pdf/CUPS-PDF_noopt.ppd Generic CUPS-PDF Printer (no options)
lsb/usr/cups-pdf/CUPS-PDF_opt.ppd Generic CUPS-PDF Printer (w/ options)
lsb/usr/cupsfilters/Generic-PDF_Printer-PDF.ppd Generic PDF Printer
lsb/usr/cupsfilters/HP-Color_LaserJet_CM3530_MFP-PDF.ppd HP Color
LaserJet CM3530 MFP PDF
lsb/usr/cupsfilters/pxlcolor.ppd HP Color LaserJet Series PCL 6 CUPS
lsb/usr/cupsfilters/pxlmono.ppd HP LaserJet Series PCL 6 CUPS
lsb/usr/cupsfilters/Ricoh-PDF_Printer-PDF.ppd Ricoh PDF Printer

Bug#886224: printer-driver-cups-pdf: Virtual pdf printer error: no output and config problem

[Brian Potkin]

tags 886224 - moreinfo
thanks


Sorry for the delay. I missed seeing your mail.

On Tue 09 Jan 2018 at 10:49:43 +0100, Rudolf Polzer wrote:

> > Post the output of 'ls -l /usr/share/ppd' and say from where you got the
> > package containing the samsung files.
> 
> ls -l /usr/share/ppd returns
> 
> drwxr-xr-x 2 root root 4096 Jan  2 13:13 cupsfilters
> drwxr-xr-x 2 root root 4096 Jan  3 10:26 cups-pdf
> drwxrwsr-t 2 root lpadmin  4096 Jan  8 12:22 custom
> -rwxr-xr-x 1 root root10134 Apr 24  2015 MFC7360N.ppd
> lrwxrwxrwx 1 root root   29 Feb 23  2016 samsung ->
> /usr/share/cups/model/samsung
> 
> Years ago, I downloaded a linux driver for my Samsung CLP 315 printer
> directly from Samsung, for I had not found it in Debian. This is my main
> printer.

Delete the symlink. Or move it to somewhere else. How does

lpinfo -m | grep ^lsb

go now?

Regards,

Brian.

Bug#886799: openafs-modules-dkms: install fails with compile error "implicit declaration of function 'inode_change_ok'"

[Zdenek Salvet]

On Tue, Jan 09, 2018 at 11:08:18PM -0600, Benjamin Kaduk wrote:
> So the security update for meltdown/spectre changed the kernel ABI?
> That's kind of unfortunate; usually Ben tries pretty hard to avoid
> doing so.

Yes, it was probably necessary (other postponed fixes requiring new ABI
were added as well).
I managed to create working openafs-modules-dkms by adding attached patch
to openafs source package (works with both jessie and backport versions)...

-- 
Zdenek Salvet  sal...@ics.muni.cz 
Institute of Computer Science of Masaryk University, Brno, Czech Republic
and CESNET, z.s.p.o., Prague, Czech Republic
Phone: ++420-549 49 6534   Fax: ++420-541 212 747

  Teamwork is essential -- it allows you to blame someone else.

Index: openafs-1.6.18.2/src/afs/LINUX/osi_file.c
===
--- openafs-1.6.18.2.orig/src/afs/LINUX/osi_file.c
+++ openafs-1.6.18.2/src/afs/LINUX/osi_file.c
@@ -16,6 +16,8 @@
 #include "afsincludes.h"	/* Afs-based standard headers */
 #include "afs/afs_stats.h"	/* afs statistics */
 #include 
+#include 
+#include 
 
 #if defined(HAVE_LINUX_EXPORTFS_H)
 #include 
@@ -184,7 +186,14 @@ osi_UFSTruncate(struct osi_file *afile,
 newattrs.ia_ctime = CURRENT_TIME;
 
 /* avoid notify_change() since it wants to update dentry->d_parent */
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,16,51)
+{
+	struct dentry *dentry =  OSIFILE_DENTRY(afile);
+	code = setattr_prepare(dentry, &newattrs);
+}
+#else
 code = inode_change_ok(inode, &newattrs);
+#endif
 if (!code)
 	code = afs_inode_setattr(afile, &newattrs);
 if (!code)
Index: openafs-1.6.18.2/src/afs/LINUX/osi_machdep.h
===
--- openafs-1.6.18.2.orig/src/afs/LINUX/osi_machdep.h
+++ openafs-1.6.18.2/src/afs/LINUX/osi_machdep.h
@@ -292,6 +292,7 @@ struct uio {
 #define FILE_INODE(F) (F)->f_dentry->d_inode
 
 #define OSIFILE_INODE(a) FILE_INODE((a)->filp)
+#define OSIFILE_DENTRY(a) ((a)->filp)->f_dentry
 
 #if defined(AFS_LINUX_64BIT_KERNEL) && !defined(AFS_ALPHA_LINUX20_ENV) && !defined(AFS_IA64_LINUX20_ENV)
 # define NEED_IOCTL32

Bug#886832: kile: kinit dependency missing

[Tom Nicholls]

Package: kile
Version: 4:2.9.91-3
Severity: important

Since a recent upgrade, kile raises the following error message on start: 
"Unable to create io-slave. Cannot talk to klauncher: The name 
org.kde.klauncher5 was not provided by any .service files". Although it then is 
able to start, the "open file" dialog shows no files, rendering kile fairly 
useless.

I think this is analogous to bug #860423 in gwenview. Manually installing the 
kinit package fixes the problem here, so it should probably be added to the 
dependencies.

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages kile depends on:
ii  kio5.37.0-2
ii  konsole-kpart  4:17.08.3-1
ii  libc6  2.25-5
ii  libgcc11:7.2.0-18
ii  libkf5codecs5  5.37.0-2
ii  libkf5completion5  5.37.0-2
ii  libkf5configcore5  5.37.0-2
ii  libkf5configgui5   5.37.0-2
ii  libkf5configwidgets5   5.37.0-2
ii  libkf5coreaddons5  5.37.0-2
ii  libkf5dbusaddons5  5.37.0-2
ii  libkf5guiaddons5   5.37.0-2
ii  libkf5i18n55.37.0-2
ii  libkf5iconthemes5  5.37.0-2
ii  libkf5jobwidgets5  5.37.0-2
ii  libkf5khtml5   5.37.0-3
ii  libkf5kiocore5 5.37.0-2
ii  libkf5kiofilewidgets5  5.37.0-2
ii  libkf5kiowidgets5  5.37.0-2
ii  libkf5parts5   5.37.0-2
ii  libkf5service-bin  5.37.0-2
ii  libkf5service5 5.37.0-2
ii  libkf5texteditor5  5.37.0-2+b1
ii  libkf5textwidgets5 5.37.0-2
ii  libkf5widgetsaddons5   5.37.0-2
ii  libkf5windowsystem55.37.0-2
ii  libkf5xmlgui5  5.37.0-2
ii  libpoppler-qt5-1   0.61.1-2
ii  libqt5core5a   5.9.2+dfsg-6
ii  libqt5dbus55.9.2+dfsg-6
ii  libqt5gui5 5.9.2+dfsg-6
ii  libqt5script5  5.9.2+dfsg-2
ii  libqt5widgets5 5.9.2+dfsg-6
ii  libqt5xml5 5.9.2+dfsg-6
ii  libstdc++6 7.2.0-18
ii  perl   5.26.1-3
ii  texlive-latex-base 2017.20180103-1

Versions of packages kile recommends:
ii  dvipng   1.14-2+b3
ii  ghostscript  9.22~dfsg-1
ii  imagemagick  8:6.9.7.4+dfsg-16
ii  imagemagick-6.q16 [imagemagick]  8:6.9.7.4+dfsg-16
ii  psutils  1.17.dfsg-4
ii  texlive  2017.20180103-1

Versions of packages kile suggests:
ii  aspell  0.60.7~20110707-4
pn  asymptote   
pn  context 
pn  dblatex 
ii  ispell  3.4.00-6
pn  kbibtex 
pn  kile-doc
pn  kile-l10n   
pn  latex2html  
pn  lilypond
ii  texlive-plain-generic [tex4ht]  2017.20171128-1
ii  texlive-xetex   2017.20180103-1
ii  zip 3.0-11+b1

-- no debconf information

Bug#886812: service: start/stop tries to use invalid systemd units when using socket templates

[Michael Biebl]

Am 10.01.2018 um 09:57 schrieb Cyrill Troxler:
> Package: init-system-helpers
> Version: 1.48
> 
> I stumbled upon a issue with the start/stop triggers when using systemd
>  socket templates on Debian stretch. I started getting unrelated error
> messages when entering `service some_service start` on a system which
> has a systemd socket template defined. The issue is quite easy to
> replicate:
> 
> ```
> # touch /etc/systemd/system/test@.socket
> # service cron start
> Failed to get properties: Unit name test@.socket is not valid.
> ```
> 
> I have tracked down the issue to line 205 in /usr/sbin/service. (line
> 182 in 1.51)
> ```
> for unit in $(systemctl list-unit-files --full --type=socket
> 2>/dev/null | sed -ne 's/\.socket\s*[a-z]*\s*$/.socket/p'); do
> if [ "$(systemctl -p Triggers show $unit)"
> 
> ```
> Here it gets all unit files and then tries to show get the Triggers of
> that unit. This not only causes the error message shown above, it also
> causes not stopping the actual socket units like it is described in the
> comment above line 205. The issue could be solved by using `list-units` 
> instead of `list-unit-files` because `list-units` will only list actual
> socket units and not their templates.

Afaics the problem is that you created an invalid (empty) .socket
template file.
The problem with list-units afair was, that it only shows units which
are currently in memory.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#886833: [gweled] Not compatable with recent gtk

[David Baron]

Package: gweled
Version: 0.9.1-4
Severity: grave

--- Please enter the report below this line. ---
Can no longer use the program. Error from CLI:

~$ gweled 
*WARNING* **: Locale not supported by C library. 
*WARNING* **: GError set over the top of a previous GError or uninitializ



--- System information. ---
Architecture: 
Kernel:   Linux 4.14.0-2-amd64

Debian Release: buster/sid
  500 yakkety ppa.launchpad.net 
  500 unstableftp.us.debian.org 
  500 testing ftp.us.debian.org 
  500 sid linux.dropbox.com 
  500 lucid   ppa.launchpad.net 
  100 jessie-backports ftp.us.debian.org 
1 experimentalftp.us.debian.org 

--- Package information. ---
Depends   (Version) | Installed
===-+-
libatk1.0-0 (>= 1.12.4) | 
libc6 (>= 2.15) | 
libcairo2(>= 1.2.4) | 
libfontconfig1(>= 2.11) | 
libfreetype6 (>= 2.2.1) | 
libgdk-pixbuf2.0-0  (>= 2.22.0) | 
libglib2.0-0(>= 2.37.3) | 
libgtk2.0-0 (>= 2.20.0) | 
libmikmod3   (>= 3.3.3) | 
libpango-1.0-0  (>= 1.14.0) | 
libpangocairo-1.0-0 (>= 1.14.0) | 
libpangoft2-1.0-0   (>= 1.14.0) | 
librsvg2-2  (>= 2.14.4) | 


Package's Recommends field is empty.

Package's Suggests field is empty.

Bug#886809: [RESEND] WWW(Korean): /MailingLists/index.wml

[sebul]

수고하셨습니다.
https://alioth.debian.org/scm/viewvc.php/webwml/korean/MailingLists/index.wml?view=markup&revision=1.3&root=webwml
제가 몇 군데 다듬긴 했는데... 그러다가 병희 님께서 맞게 한 걸 제가 틀리게 고쳤을 수도 있으니 그런 것 발견하시면 알려주셔요.


2018-01-10 13:45 GMT+09:00 Byung-Hee HWANG (황병희, 黃炳熙) :

> Package: www.debian.org
> Severity: wishlist
> User: debian-l10n-kor...@lists.debian.org
> Usertags: www-l10n
> X-Debbugs-CC: debian-l10n-kor...@lists.debian.org
>
> Hello,
>
> I did re-write a www page into Korean.
> The part is /MailingLists/index.wml [1].
> If you are OK, please review and commit.
>
> Sincerely, Byung-Hee.
>
> [1]
> https://raw.githubusercontent.com/soyeomul/debian-www/
> master/MailingLists/index.wml
>
> --
> ^고맙습니다 _地平天成_ 감사합니다_^))//
>
>


-- 
세벌식 http://sebul.sarang.net 

Bug#886224: printer-driver-cups-pdf: Virtual pdf printer error: no output and config problem

[Brian Potkin]

reassign 886224 cups
retitle 886224 cups-driverd stops searching for PPDs due to a symlink in 
/usr/share/ppd/
notfound 886224 cups/1.75-11+deb8u2
found 886224 cups/2.2.1-8
thanks


On Wed 10 Jan 2018 at 11:57:29 +0100, Rudolf Polzer wrote:

> I deleted the symlink. Now,
> # lpinfo -m | grep ^lsb
> returns
> 
> lsb/usr/cupsfilters/Fuji_Xerox-DocuPrint_CM305_df-PDF.ppd Fuji Xerox
> lsb/usr/MFC7360N.ppd Brother MFC7360N for CUPS
> lsb/usr/cups-pdf/CUPS-PDF_noopt.ppd Generic CUPS-PDF Printer (no options)
> lsb/usr/cups-pdf/CUPS-PDF_opt.ppd Generic CUPS-PDF Printer (w/ options)
> lsb/usr/cupsfilters/Generic-PDF_Printer-PDF.ppd Generic PDF Printer
> lsb/usr/cupsfilters/HP-Color_LaserJet_CM3530_MFP-PDF.ppd HP Color
> LaserJet CM3530 MFP PDF
> lsb/usr/cupsfilters/pxlcolor.ppd HP Color LaserJet Series PCL 6 CUPS
> lsb/usr/cupsfilters/pxlmono.ppd HP LaserJet Series PCL 6 CUPS
> lsb/usr/cupsfilters/Ricoh-PDF_Printer-PDF.ppd Ricoh PDF Printer

Rudolf, we have the cause of your issue now. Thank you very much for
your willingness to test and for all your patience. You now have a
repaired system.

This is CUPS issue #3185

https://github.com/apple/cups/issues/3185

making a reappearance.

jessie doen't have it; stretch does. I'll not be disappointed if someone
pushes it upstream before I do.

Cheers,

Brian.

Bug#870700: backport a fix in stretch?

[David Douard]

Hi,

I'm also hit by this bug (my laptop do have a trouchscreen, so this
seems the pb there, as seen there
https://bugzilla.gnome.org/show_bug.cgi?id=785227#c12 )

Could it be possible to backport the fix in stretch?


Thx

David


-- 

David DOUARD LOGILAB
Directeur du département Outils & Systèmes

+33 1 45 32 03 12david.dou...@logilab.fr
 http://www.logilab.fr/id/david.douard

Formations - http://www.logilab.fr/formations
Développements - http://www.logilab.fr/services
Gestion de connaissances - http://www.cubicweb.org/




signature.asc
Description: OpenPGP digital signature

Bug#886224: printer-driver-cups-pdf: Virtual pdf printer error: no output and config problem

[Rudolf Polzer]

Hi Brian,

thank you very much for your assistance.

Rudolf

Bug#886732: [pkg-apparmor] Bug#886732: apparmor: @{pid} variable broken on systems with pid_max more than 6 digits

[intrigeri]

Control: tag + fixed-upstream
Control: tag + upstream

Hi,

thanks for the patch! :)

This commit is part of the upstream 2.12 release so personally I'd
rather focus on packaging it instead of backporting patches. But if
someone wants to upload this cherry-pick to sid earlier, please
go ahead (and label it "Team upload", no need to call it a NMU).

Cheers,
-- 
intrigeri

Bug#878018: [solved]linux-image-4.9.0-3-amd64: Sound broken with snd_fm801

[Michael Lange]

Hi,

On Fri, 5 Jan 2018 08:34:09 +0100 Salvatore Bonaccorso
 wrote:
> Source: linux
> Source-Version: 4.9.47-1

> Sorry for no repsonse.

I know, that bug report was rather poor, could not give you really
something to work with.

> Might it be this change?
> 
> https://git.kernel.org/linus/610e1ae9b533be82b3aa118b907e0a703256913d
> 
> which was backported to 4.9 for 4.9.41, and thus included
> since 4.9.47-1.

Actually, yes! I tried yesterday and compiled 4.9.47 once as it comes,
with that patch included, and then again with that patch "reversed". With
the first one sound worked, with the latter I got that same distorted
noise again. Good work :)
It's one of the great things about linux that there is still someone
who cares about such an old piece of hardware, no way to get that sound
card working with Redmond-10 :)

Thanks again, and a happy new year!

Michael 

Bug#886811: Can't do system-wide mounts/unmounts in a ssh sessions

[Martin Pitt]

Control: reassign -1 systemd 236-1
Control: forcemerge 885325 -1

Hello,

Marius Vollmer [2018-01-10 10:59 +0200]:
> Version: 1:7.6p1-2
> 
> Mounting or unmounting filesystems from within a ssh session used to
> affect all processes, but now it only affects ssh sessions (all of them,
> not just the one doing the mounts/unmounts).

This can be reproduced more easily with a bind mount:

  # mount -o bind /etc /mnt
  # grep /mnt /proc/1/mounts

Some more background: This is a very recent regression. Our debian-testing
image rebuild on Dec 18 was still fine, and the regression started on the image
rebuild on Dec 25.

  - openssh itself did not change in between

  - We found this regression through udisks2, but Marius showed it can be
reproduced without udisks. I also confirmed that upgrading udisks2 to 2.7.5
and rebooting does not change the behaviour.

  - The most obvious and likely change during that time period was systemd 263
which migrated into testing on Dec 23 [2]. And indeed upgrading just
systemd (and its dependencies) and rebooting introduces the bug. So it's
likely a regression in systemd itself, possibly related to changed
implementation of RuntimeDirectory= or so, to keep that private? But I
don't see any "magic" option in ssh.service that would warrant this
behaviour.

With that in mind, I looked for existing bug reports, and it turns out that
this was already reported as #885325 and fixed upstream [3]. So merging bugs.
Glad to see that this will be fixed soon!

Martin

[1] https://tracker.debian.org/news/893521
[2] https://tracker.debian.org/news/896130
[3] https://github.com/systemd/systemd/pull/7763


signature.asc
Description: PGP signature

Bug#880485: #880485: qemu: add mips64/mips64el host support

[Holger Levsen]

control: affects -1 src:debian-edu-config
thanks

hi,

ping on this #880485 "qemu: add mips64/mips64el host support" which
according to the submitter is now trivially possible by modifying
debian/control.

< h01ger> | i'm wondering, cause the latest debian-edu-config changed the 
dependency on cfengine2 to cfengine3, and the latter aint available on mips64el
< h01ger> | appearantly cfengine3 was never available on mips64el…
< pochu> excuses says it all
< pochu> debian-edu-config/mips64el unsatisfiable Depends:
cfengine3
<  h01ger> | buildd.logs for cfengine3 show this is because libvirt-dev is 
missing on mips64el, which is because qemu-system-common
is missing on mips64el, but then i look 
athttps://buildd.debian.org/status/package.php?p=qemu&suite=sid and it says it 
builds fine on mips64el
< pochu> it doesn't build all binaries
< pochu> see #880485
< aurel32> this bug has already been fixed in the git long time ago, but has 
been somehow not part of the lastest upload
< aurel32> iiuc mjt is preparing a qemu upload
< aurel32> it has even been fixed before the bug has been reported

It would be nice if you could upload this timely, so debian-edu-config
can migrate!


-- 
cheers,
Holger


signature.asc
Description: PGP signature

Bug#886834: RFS: cligh/0.3-3

[eamanu15 .]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "cligh"

* Package name: cligh
   Version : 0.3-3
   Upstream Author : Emmanuel Arias 
* URL : https://salsa.debian.org/debian/cligh
* License : BSD-3-clause

It builds those binary packages:

  cligh - Command-line interface to GitHub

To access further information about this package, please visit the
following URL:
https://mentors.debian.net/package/cligh


Alternatively, one can download the package with dget using this command:

  dget -x https://mentors.debian.net/debian/pool/main/c/cligh/cligh_0.3-3.dsc

More information about hello can be obtained from https://www.example.com.

Changes since the last upload:
  * Fix obsolete-field-in-dep5-copyright issue
  * Fix spelling-error-in-changelog issue
  * Update Vcs-Browser and Vcs-Git on control file

  Regards,
   Emmanuel Arias



-- 
Arias Emmanuel
https://www.linkedin.com/in/emmanuel-arias-437a6a8a
http://eamanu.com

Bug#796816: git-buildpackage - please fix #796816 and #814613

[Daniel Leidert]

Hello Guido,

Considering the current situation in Debian regarding the shutdown of
non-Git version control systems, I'd like to ask you, to fix #796816 and
#814613.

Two years ago I tested git-buildpackage and it didn't work for me. My
reported bug is still open. Considering #814613 there are more users
affected (I basically have the same layout Robert describes, so that is
another problem for me). The reason for these issues is, that variables
are treated differently, even if they contain commands. IMHO the logic
behind this is a bit arbitrary and the fix, to treat them the same way,
seems to be very simple. At the moment this issue is becoming a real show
stopper for me. Considering, that subversion services may be gone soon, I
hereby ask you to fix this issue soon. It might help more users to smootly
transition their package repositories to Git before subversion stops
running, which would be a great deal of help.

If I can help, please don't hesitate to ask.

Regards, Daniel

Bug#638322: [PATCH] Do not bind to reserved ports registered in /etc/services

[Guillem Jover]

Control: forwarded -1 
https://sourceforge.net/p/libtirpc/mailman/message/36184164/

Hi!

On Mon, 2011-08-22 at 04:32:58 +0100, Ben Hutchings wrote:
> This depends on eglibc being patched as in #638810.

TBH, I find having to use an additional registry of ports a bit
annoying, when /etc/services is already there. In any case rpc.statd
from upstream nfs-utils already honors /etc/services, so here's a
patch doing something similar for libtirpc users. Which I've also
submitted upstream because at least this can be supported everywhere,
compared with the local patch for the blacklist.

Ideally to have all implementations be consistent, libtirpc would
switch to the libc bindresvport() implementation, and that one would
honor /etc/services. Maybe glibc upstream is now more amenable to such
change. :/

Attached the patch we are using locally.

Thanks,
Guillem
From 92e293bdf1b940cfc6deb8a5475eaddb24612140 Mon Sep 17 00:00:00 2001
From: Guillem Jover 
Date: Fri, 5 Jan 2018 14:33:06 +0100
Subject: [PATCH] Do not bind to reserved ports registered in /etc/services

When using the bindresvport() function a privileged port will be looked
for and bound to a socket. The problem is that any service using a static
privileged port registered in the /etc/services file, can get its port
taken over by libtirpc users, making the other service fail to start.

Starting the other service before libtircp users is not an option as
this does not cover restart situations, for example during package
upgrades or HA switchovers and similar.

In addition honoring the /etc/services registry is already done for
example by rpc.statd, so it seems obvious to make libtirpc follow this
same pattern too.

Signed-off-by: Guillem Jover 
---
 src/bindresvport.c | 28 +++-
 1 file changed, 27 insertions(+), 1 deletion(-)

diff --git a/src/bindresvport.c b/src/bindresvport.c
index 2d8f2bc..98e5f40 100644
--- a/src/bindresvport.c
+++ b/src/bindresvport.c
@@ -40,6 +40,7 @@
 #include 
 
 #include 
+#include 
 #include 
 #include 
 
@@ -73,12 +74,15 @@ bindresvport_sa(sd, sa)
 int sd;
 struct sockaddr *sa;
 {
-int res, af;
+int res, af, so_proto;
+socklen_t so_proto_len;
 struct sockaddr_storage myaddr;
 	struct sockaddr_in *sin;
 #ifdef INET6
 	struct sockaddr_in6 *sin6;
 #endif
+	struct servent *se;
+	const char *se_proto;
 	u_int16_t *portp;
 	static u_int16_t port;
 	static short startport = STARTPORT;
@@ -125,6 +129,25 @@ bindresvport_sa(sd, sa)
 }
 sa->sa_family = af;
 
+so_proto_len = sizeof(so_proto);
+if (getsockopt(sd, SOL_SOCKET, SO_PROTOCOL, &so_proto, &so_proto_len) == -1) {
+mutex_unlock(&port_lock);
+return -1;  /* errno is correctly set */
+}
+switch (so_proto) {
+case IPPROTO_UDP:
+case IPPROTO_UDPLITE:
+se_proto = "udp";
+break;
+case IPPROTO_TCP:
+se_proto = "tcp";
+break;
+default:
+errno = ENOPROTOOPT;
+mutex_unlock(&port_lock);
+return -1;
+}
+
 if (port == 0) {
 port = (getpid() % NPORTS) + STARTPORT;
 }
@@ -135,6 +158,9 @@ bindresvport_sa(sd, sa)
 *portp = htons(port++);
  if (port > endport) 
 port = startport;
+se = getservbyport(*portp, se_proto);
+if (se != NULL)
+continue;
 res = bind(sd, sa, salen);
 		if (res >= 0 || errno != EADDRINUSE)
 	break;
-- 
2.15.1

Bug#851187: ITA: pygithub -- Access the full Github API v3 from Python3

[eamanu15 .]

Hello,

I am interested to adopt the pygithub package.

Regards!



-- 
Arias Emmanuel
https://www.linkedin.com/in/emmanuel-arias-437a6a8a
http://eamanu.com

Bug#886809: [RESEND] WWW(Korean): /MailingLists/index.wml

[Byung-Hee HWANG (황병희, 黃炳熙)]

Dear Sebul,

In Article 
,
 sebul  writes:

> 수고하셨습니다.
> https://alioth.debian.org/scm/viewvc.php/webwml/korean/MailingLists/index.wml?view=markup&revision=1.3&root=webwml
> 제가 몇 군데 다듬긴 했는데... 그러다가 병희 님께서 맞게 한 걸 제가
> 틀리게 고쳤을 수도 있으니 그런 것 발견하시면 알려주셔요.

Thanks for review and commit!

Sincerely, Byung-Hee. 

-- 
^고맙습니다 _白衣從軍_ 감사합니다_^))//

Bug#886729: atop: noisy service restarts every night

[Marc Haber]

Hi,

googling for the error message leads me to #857904 which has the same
error with apache2. This turned out that systemd.log_level=debug was set
in /etc/default/grub. That one should also show up in /proc/cmdline. And
you should get this blurb every time a systemctl call is executed, for
example when logrotate rotates a log and kicks the daemon later.

Atop is a likely culprit for that as it's restarted every night.

If this is the case then my first assessment that you're running in some
debug mode is true.

The systemd log level can also be set in the [Manager] section of
/etc/systemd/system.conf

Greetings
Marc

-- 
-
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany|  lose things."Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421

Bug#886822: linux: KPTI backport lacks pti-related flags in /proc/cpuinfo

[Apollon Oikonomopoulos]

On 12:06 Wed 10 Jan , Apollon Oikonomopoulos wrote:
> The backport of KPTI/KAISER to 4.9 and 3.16 lacks the pti CPU flag and 
> the cpu_insecure bug found in /proc/cpuinfo in 4.14. While this does 
> not affect core KPTI functionality, it makes it harder to determine 
> whether a system is running with pti enabled without examining kernel 
> logs.

Correcting myself:

The flag is there, but it's called "kaiser" and not "pti". This seems to 
be the same throughout upstream backports of the patchset.

Feel free to close this bug report if you wish!

Regards,
Apollon

Bug#886835: sitplus fails to start because GTK+ 2.x and GTK+ 3 in the same process is not supported

[Jochen Sprickerhof]

Package: sitplus
Version: 1.0.3-5.1+b3
Severity: grave
Justification: renders package unusable

Hi,

running sitplus results in:

$ sitplus

(sitplus:4537): Gtk-ERROR **: GTK+ 2.x symbols detected. Using GTK+ 2.x and 
GTK+ 3 in the same process is not supported
fish: 'sitplus' terminated by signal SIGTRAP (Trace or breakpoint trap)

which seems to be correct:

$ ldd /usr/bin/sitplus  | grep gtk
libwx_gtk2u_core-3.0.so.0 => 
/usr/lib/x86_64-linux-gnu/libwx_gtk2u_core-3.0.so.0 (0x7f735596c000)
libwx_gtk2u_html-3.0.so.0 => 
/usr/lib/x86_64-linux-gnu/libwx_gtk2u_html-3.0.so.0 (0x7f73551f9000)
libgtk-3.so.0 => /usr/lib/x86_64-linux-gnu/libgtk-3.so.0 
(0x7f7351d74000)
libgtk-x11-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0 
(0x7f734ece1000)

this makes the package unusable, hence the severity.

Cheers Jochen

P.S.: I'm not really using the software, just found this during tests of
a security upload of libpoco. Installing from wheezy works.

-- System Information:
Debian Release: buster/sid
  APT prefers oldoldstable
  APT policy: (500, 'oldoldstable'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages sitplus depends on:
ii  libbluetooth3   5.47-1+b1
ii  libboost-filesystem1.62.0   1.62.0+dfsg-5
ii  libboost-program-options1.62.0  1.62.0+dfsg-5
ii  libboost-system1.62.0   1.62.0+dfsg-5
ii  libboost-thread1.62.0   1.62.0+dfsg-5
ii  libc6   2.26-2
ii  libconfig9  1.5-0.4
ii  libgcc1 1:7.2.0-19
ii  libopencv-calib3d3.23.2.0+dfsg-4+b3
ii  libopencv-contrib3.23.2.0+dfsg-4+b3
ii  libopencv-core3.2   3.2.0+dfsg-4+b3
ii  libopencv-features2d3.2 3.2.0+dfsg-4+b3
ii  libopencv-flann3.2  3.2.0+dfsg-4+b3
ii  libopencv-highgui3.23.2.0+dfsg-4+b3
ii  libopencv-imgcodecs3.2  3.2.0+dfsg-4+b3
ii  libopencv-imgproc3.23.2.0+dfsg-4+b3
ii  libopencv-ml3.2 3.2.0+dfsg-4+b3
ii  libopencv-objdetect3.2  3.2.0+dfsg-4+b3
ii  libopencv-photo3.2  3.2.0+dfsg-4+b3
ii  libopencv-shape3.2  3.2.0+dfsg-4+b3
ii  libopencv-stitching3.2  3.2.0+dfsg-4+b3
ii  libopencv-superres3.2   3.2.0+dfsg-4+b3
ii  libopencv-video3.2  3.2.0+dfsg-4+b3
ii  libopencv-videoio3.23.2.0+dfsg-4+b3
ii  libopencv-videostab3.2  3.2.0+dfsg-4+b3
ii  libopencv-viz3.23.2.0+dfsg-4+b3
ii  libpocofoundation50 1.8.0.1-1
ii  libpocoxml501.8.0.1-1
ii  libportmidi01:217-6
ii  libsdl-gfx1.2-5 2.0.25-9
ii  libsdl-image1.2 1.2.12-7
ii  libsdl1.2debian 1.2.15+dfsg2-0.1
ii  libstdc++6  7.2.0-19
ii  libv4l-01.14.1-1
ii  libwxbase3.0-0v53.0.3.1+dfsg2-1
ii  libwxgtk3.0-0v5 3.0.3.1+dfsg2-1
ii  libx11-62:1.6.4-3
ii  libxtst62:1.2.3-1
ii  pd-cyclone  0.2~beta3-2
ii  pd-freeverb 1.2-3
ii  pd-iemnet   0.2.1-1
ii  pd-libdir   1.11-1
ii  pd-list-abs 0.1-2
ii  puredata0.48.1-1
ii  sitplus-data1.0.3-5.1

sitplus recommends no packages.

sitplus suggests no packages.

-- no debconf information

Bug#886812: service: start/stop tries to use invalid systemd units when using socket templates

[Cyrill Troxler]

On Wed, 2018-01-10 at 12:23 +0100, Michael Biebl wrote:
> Am 10.01.2018 um 09:57 schrieb Cyrill Troxler:
> > Package: init-system-helpers
> > Version: 1.48
> > 
> > I stumbled upon a issue with the start/stop triggers when using
> > systemd
> >  socket templates on Debian stretch. I started getting unrelated
> > error
> > messages when entering `service some_service start` on a system
> > which
> > has a systemd socket template defined. The issue is quite easy to
> > replicate:
> > 
> > ```
> > # touch /etc/systemd/system/test@.socket
> > # service cron start
> > Failed to get properties: Unit name test@.socket is not valid.
> > ```
> > 
> > I have tracked down the issue to line 205 in /usr/sbin/service.
> > (line
> > 182 in 1.51)
> > ```
> > for unit in $(systemctl list-unit-files --full --type=socket
> > 2>/dev/null | sed -ne 's/\.socket\s*[a-z]*\s*$/.socket/p'); do
> > if [ "$(systemctl -p Triggers show $unit)"
> > 
> > ```
> > Here it gets all unit files and then tries to show get the Triggers
> > of
> > that unit. This not only causes the error message shown above, it
> > also
> > causes not stopping the actual socket units like it is described in
> > the
> > comment above line 205. The issue could be solved by using `list-
> > units` 
> > instead of `list-unit-files` because `list-units` will only list
> > actual
> > socket units and not their templates.
> 
> Afaics the problem is that you created an invalid (empty) .socket
> template file.
> The problem with list-units afair was, that it only shows units which
> are currently in memory.
> 
> 

I stumbled onto this with a valid .socket template. The issue is that
`systemctl -p Triggers show $unit` happens with the name of the
template because `list-unit-files` does not show any of the instances
spawned by templates. For reference, here's a valid template that I've
tried:

```
# /etc/systemd/system/test@.socket
[Unit]
Description=Test Socket %i

[Socket]
ListenStream=127.0.0.1:1234

[Install]
WantedBy=sockets.target
```

If `list-units` only shows units which are in memory, is that not what
we want anyway? Or is it possible to start/stop units which are not in
memory? With `list-units` and `--all` it would also show inactive ones.

Cyrill

Bug#771792: [Pkg-mozext-maintainers] Bug#771792: xul-ext-gcontactsync: gContactSync fails with "Please login before trying to sync contacts"

[Michael Meskes]

Hi,

do you still see this problem with the latest versions?

Michael

-- 
Michael Meskes
Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org)
Meskes at (Debian|Postgresql) dot Org
Jabber: michael at xmpp dot meskes dot org
VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL

Bug#879454: dianara: Wrong dependency on Qt4-based QCA2 plugins, pulls Qt4 core

[Mònica Ramírez Arceda]

Hi,

While updating to dianara 1.4.1, I am trying to fix this bug.

> I've noticed that Dianara, as of 1.4.0-1 still depends on libqca2-plugin-ossl,
> which is a dummy package depending on libqca2-plugins, which are qt4-based, 
> and
> cause libqtcore4 to be installed.
> 
> This is a remnant of the Qt4 days of this package and should be removed.
> The package already depends on libqca-qt5-2, which is the correct version.
 
+1 
This dependency will be removed.

> *However*, it probably *should* depend on libqca-qt5-2-plugins, which is 
> recommended
> by libqca-qt5-2, but not a hard dependency, and so it might not get installed 
> for
> some people, leading to a crash on startup.

dianara depends on libqoauth2 and libqoauth2 depends on libqca-qt5-2-plugins, 
so this explicit dependency is not needed.

> Also, as an aside that probably doesn't merit its own bugreport, I see this 
> package
> still build-depends on libmagic-dev, which I guess should not be there.
> When building with Qt 5 (the only option nowadays), libmagic is not directly 
> used
> anymore, using Qt5 MIME methods instead. This is not a real issue, but I 
> thought I'd
> mention it, maybe saves some time to the build system? =)

+1
This dependency will be removed.

> As usual, thanks for maintaining Dianara ;)

Thanks to you for developing Dianara!

Bug#682347: mark 'editor' virtual package name as obsolete

[Jordi Mallach]

Hey there,

Sorry, I was on offline vacation until now. :)

El dt 26 de 12 de 2017 a les 15:24 +, en/na Holger Levsen va
escriure:
> On Mon, Dec 25, 2017 at 05:02:01PM -0800, Russ Allbery wrote:
> > I think there are three options, and I'd love to get feedback on
> > which of
> > those three options we should take.
> > 
> > 1. Status quo: there is an undocumented editor virtual package,
> > Policy
> >says that nothing has to provide or depend on it, and some
> > random
> >collection of editors provide it.  I think this is a bad place
> > to be,
> >so I would hope we can rule out sticking with that status quo.
> > 
> > 2. Document editor and recommend everyone implement it
> > properly.  Since
> >we're going to allow packages to depend on editor, I think
> > providing it
> >would need to be a should, so that's going to be a lot of buggy
> > (but
> >not RC-buggy) editor packages.  But it would get us to a clean
> >dependency system. 
> > 
> > 3. Mark editor obsolete.
> 
> looking at these three options for "for doing the best solution" I
> think we should go for 2 or maybe 3, but then I think it's a sensible
> thing to depend on, so I would say we should go with option 2.

I personally would go with 2 as well, even if there's some trivial work
to do to get all editors to adapt. I think the editor virtual package
adds some value and completing coverage of all package should be easy
and completion can be encouraged via a release goal or something
similar.

Let me know what the outcome is and I'll adapt nano right away.

Jordi
-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/

signature.asc
Description: This is a digitally signed message part

Bug#886836: libgtkmm-2.4-dev,libgtkmm-2.4-doc: both ship usr/share/doc/libgtkmm-2.4-dev/examples/*

[Andreas Beckmann]

Package: libgtkmm-2.4-dev,libgtkmm-2.4-doc
Version: 1:2.24.5-2
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your packages failed to install
together because both ship /usr/share/doc/libgtkmm-2.4-dev/examples/*


cheers,

Andreas

Bug#886835: Should sitplus package be droped from Debian (Was: Bug#886835: sitplus fails to start because GTK+ 2.x and GTK+ 3 in the same process is not supported)

[Andreas Tille]

Hi,

just a note for sitplus:  This package definitely needs more love.
Upstream has released a new version a long time ago but it has split a
separate library which needs to be packaged separately.

I'm personally lacking the time resources to care for this package.

Any volunteer or is it possibly better to drop the package at all
if it is not running?

Kind regards

 Andreas.

On Wed, Jan 10, 2018 at 01:35:02PM +0100, Jochen Sprickerhof wrote:
> Package: sitplus
> Version: 1.0.3-5.1+b3
> Severity: grave
> Justification: renders package unusable
> 
> Hi,
> 
> running sitplus results in:
> 
> $ sitplus
> 
> (sitplus:4537): Gtk-ERROR **: GTK+ 2.x symbols detected. Using GTK+ 2.x and 
> GTK+ 3 in the same process is not supported
> fish: 'sitplus' terminated by signal SIGTRAP (Trace or breakpoint trap)
> 
> which seems to be correct:
> 
> $ ldd /usr/bin/sitplus  | grep gtk
> libwx_gtk2u_core-3.0.so.0 => 
> /usr/lib/x86_64-linux-gnu/libwx_gtk2u_core-3.0.so.0 (0x7f735596c000)
> libwx_gtk2u_html-3.0.so.0 => 
> /usr/lib/x86_64-linux-gnu/libwx_gtk2u_html-3.0.so.0 (0x7f73551f9000)
> libgtk-3.so.0 => /usr/lib/x86_64-linux-gnu/libgtk-3.so.0 
> (0x7f7351d74000)
> libgtk-x11-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0 
> (0x7f734ece1000)
> 
> this makes the package unusable, hence the severity.
> 
> Cheers Jochen
> 
> P.S.: I'm not really using the software, just found this during tests of
> a security upload of libpoco. Installing from wheezy works.
> 
> -- System Information:
> Debian Release: buster/sid
>   APT prefers oldoldstable
>   APT policy: (500, 'oldoldstable'), (500, 'unstable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
> LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages sitplus depends on:
> ii  libbluetooth3   5.47-1+b1
> ii  libboost-filesystem1.62.0   1.62.0+dfsg-5
> ii  libboost-program-options1.62.0  1.62.0+dfsg-5
> ii  libboost-system1.62.0   1.62.0+dfsg-5
> ii  libboost-thread1.62.0   1.62.0+dfsg-5
> ii  libc6   2.26-2
> ii  libconfig9  1.5-0.4
> ii  libgcc1 1:7.2.0-19
> ii  libopencv-calib3d3.23.2.0+dfsg-4+b3
> ii  libopencv-contrib3.23.2.0+dfsg-4+b3
> ii  libopencv-core3.2   3.2.0+dfsg-4+b3
> ii  libopencv-features2d3.2 3.2.0+dfsg-4+b3
> ii  libopencv-flann3.2  3.2.0+dfsg-4+b3
> ii  libopencv-highgui3.23.2.0+dfsg-4+b3
> ii  libopencv-imgcodecs3.2  3.2.0+dfsg-4+b3
> ii  libopencv-imgproc3.23.2.0+dfsg-4+b3
> ii  libopencv-ml3.2 3.2.0+dfsg-4+b3
> ii  libopencv-objdetect3.2  3.2.0+dfsg-4+b3
> ii  libopencv-photo3.2  3.2.0+dfsg-4+b3
> ii  libopencv-shape3.2  3.2.0+dfsg-4+b3
> ii  libopencv-stitching3.2  3.2.0+dfsg-4+b3
> ii  libopencv-superres3.2   3.2.0+dfsg-4+b3
> ii  libopencv-video3.2  3.2.0+dfsg-4+b3
> ii  libopencv-videoio3.23.2.0+dfsg-4+b3
> ii  libopencv-videostab3.2  3.2.0+dfsg-4+b3
> ii  libopencv-viz3.23.2.0+dfsg-4+b3
> ii  libpocofoundation50 1.8.0.1-1
> ii  libpocoxml501.8.0.1-1
> ii  libportmidi01:217-6
> ii  libsdl-gfx1.2-5 2.0.25-9
> ii  libsdl-image1.2 1.2.12-7
> ii  libsdl1.2debian 1.2.15+dfsg2-0.1
> ii  libstdc++6  7.2.0-19
> ii  libv4l-01.14.1-1
> ii  libwxbase3.0-0v53.0.3.1+dfsg2-1
> ii  libwxgtk3.0-0v5 3.0.3.1+dfsg2-1
> ii  libx11-62:1.6.4-3
> ii  libxtst62:1.2.3-1
> ii  pd-cyclone  0.2~beta3-2
> ii  pd-freeverb 1.2-3
> ii  pd-iemnet   0.2.1-1
> ii  pd-libdir   1.11-1
> ii  pd-list-abs 0.1-2
> ii  puredata0.48.1-1
> ii  sitplus-data1.0.3-5.1
> 
> sitplus recommends no packages.
> 
> sitplus suggests no packages.
> 
> -- no debconf information
> 
> ___
> Debian-med-packaging mailing list
> debian-med-packag...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debian-med-packaging
> 

-- 
http://fam-tille.de

Bug#886767: ITP: go-flags -- go command line option parser

[Geert Stappers]

On Wed, Jan 10, 2018 at 07:47:20AM +1300, Michael Hudson-Doyle wrote:
> On 10/01/2018 7:08 AM, "Hector Oron"  wrote:
> > 
> > Package: wnpp
> > Severity: wishlist
> > Owner: Héctor Orón Martínez 
> > 
> > * Package name: go-flags
> >   Version : 1.3.0+git20170926.f88afde-1
> >   Upstream Author : Jesse van den Kieboom
> > * URL : https://github.com/jessevdk/go-flags
> > * License : BSD-3-clause
> >   Programming Lang: Go
> >   Description : go command line option parser
> > 
> >  go-flags: Go library for parsing command line arguments
> >
> This is already packaged, as golang-go-flags-dev or something like that.

https://tracker.debian.org/pkg/golang-go-flags

and there is also

https://tracker.debian.org/pkg/golang-github-svent-go-flags

both originate from https://github.com/jessevdk/go-flags

both packages are maintaint by pkg-go-maintain...@lists.alioth.debian.org


Closing this ITP  could be an option.



Groeten
Geert Stappers
-- 
Leven en laten leven

Bug#886117: FTBFS: most of testsuite

[Alexander Zangerl]

tags 886117 + unreproducible moreinfo
severity 886117 normal
thanks

On Wed, 03 Jan 2018 16:24:57 +0100, Adam Borowski writes:
>Working hypothesis so far is that the testsuite fails on btrfs; I won't be
>able to confirm until the evening.

sorry, but i can't reproduce your problem.

duplicity builds and tests fine on stretch with ext4 and and with btrfs,
kernel 4.9.69; on sid with ext4 and btrfs (same kernel), and on the
build daemons as per 
https://buildd.debian.org/status/package.php?p=duplicity&suite=sid.

i've removed the output-silencing for the tar invocation that fails
in your environment (see the attached updated patch), but all that
changed is that i get a number of 'implausibly old timestamp' warnings;
these are legit as the test files do contain time stamps near 1.1.1970.

regards
az

Author: Michael Terry 
Subject: Disable some tests for being flaky

--- a/testing/functional/test_restart.py
+++ b/testing/functional/test_restart.py
@@ -111,6 +111,7 @@ class RestartTest(FunctionalTestCase):
 # there should be 2 differences found, one missing file, one mtime change
 # self.verify("testfiles/largefiles")
 
+@unittest.skip("Flaky test because it relies on knowing how many volumes the source files will be split into")
 def test_last_file_missing_at_end(self):
 """
 Test restart when the last file being backed up is missing on restart.
--- a/testing/unit/test_gpg.py
+++ b/testing/unit/test_gpg.py
@@ -129,6 +129,7 @@ class GPGTest(UnitTestCase):
 sig = decrypted_file.get_signature()
 assert sig == self.sign_key, sig[-8:]
 
+@unittest.skip("Flaky test because it relies on compressed size of random bytes")
 def test_GPGWriteFile(self):
 """Test GPGWriteFile"""
 size = 400 * 1000
@@ -144,6 +145,7 @@ class GPGTest(UnitTestCase):
  profile, size=size)
 # print os.stat("testfiles/output/gpgwrite.gpg").st_size
 
+@unittest.skip("Flaky test because it relies on compressed size of random bytes")
 def test_GzipWriteFile(self):
 """Test GzipWriteFile"""
 size = 400 * 1000
--- a/testing/unit/test_selection.py
+++ b/testing/unit/test_selection.py
@@ -173,6 +173,7 @@ class MatchingTest(UnitTestCase):
 assert select.glob_get_sf("**", 0)(root) == 0
 assert select.glob_get_sf("/foo/*", 0)(root) is None
 
+@unittest.skip("unreliable ass-U-me wrt / and /usr on one fs")
 def test_other_filesystems(self):
 """Test to see if --exclude-other-filesystems works correctly"""
 root = Path("/")
--- a/testing/unit/test_statistics.py
+++ b/testing/unit/test_statistics.py
@@ -59,12 +59,13 @@ class StatsObjTest(UnitTestCase):
 s1 = StatsDeltaProcess()
 assert s1.get_stat('SourceFiles') == 0
 
+@unittest.skip("TZ setting seems to fail under sbuild, #880251")
 def test_get_stats_string(self):
 """Test conversion of stat object into string"""
 s = StatsObj()
 stats_string = s.get_stats_string()
 assert stats_string == "", stats_string
-
+   
 self.set_obj(s)
 stats_string = s.get_stats_string()
 assert stats_string == """\
--- a/testing/__init__.py
+++ b/testing/__init__.py
@@ -85,7 +85,7 @@ class DuplicityTestCase(unittest.TestCas
 
 def unpack_testfiles(self):
 assert not os.system("rm -rf testfiles")
-assert not os.system("tar xzf testfiles.tar.gz > /dev/null 2>&1")
+assert not os.system("tar xzf testfiles.tar.gz")
 assert not os.system("mkdir testfiles/output testfiles/cache")
 
 def _update_env(self, key, value):
-- 
Alexander Zangerl + GPG Key 2FCCF66BB963BD5F + http://snafu.priv.at/
"I can't see any data coming out of this Tolkien Ring card."
"Well of course not, it confers invisibility." -- Anthony de Boer


signature.asc
Description: Digital Signature

Bug#865588: [Python-modules-team] Bug#865588: Bug#865588: djangorestframework FTBFS with Django 1.11: ERROR collecting tests/test_fields.py

[Antonio Terceiro]

On Wed, Jan 10, 2018 at 05:38:02PM +1100, Brian May wrote:
> Thijs Kinkhorst  writes:
> 
> > We're half a year on, so has this now changed? (I tried to check out the
> > git repo and build it, but that had several problems so I might be missing
> > one or two pieces to quickly verify it).
> 
> I believe Antonio has been looking at fixing the dependancies. I CCed him.

Yes. I fixed python-mkdocs, but then we need a new upstream version of
DRF that is fixed to build against that, which dependends on new
upstream version of django-filters but also on coreapi which is not
packaged yet. coreapi and has its own dependency chain that needs to go
through NEW as well (coreschema, itypes). I have all that packaged
locally, pending the proper metadata (debian/copyright mainly).

But then itypes is missing a proper license, so I am waiting on that to
get solved as it's at the base of the dependency chain.

https://github.com/tomchristie/itypes/pull/10

So yes, I am on it, but it will still take a few trips through NEW.


signature.asc
Description: PGP signature

Bug#886767: two packages of https://github.com/jessevdk/go-flags

[Geert Stappers]

Control: retitle -1  two packages of https://github.com/jessevdk/go-flags

On Wed, Jan 10, 2018 at 01:47:06PM +0100, Geert Stappers wrote:
> On Wed, Jan 10, 2018 at 07:47:20AM +1300, Michael Hudson-Doyle wrote:
> > On 10/01/2018 7:08 AM, "Hector Oron"  wrote:
> > > Package: wnpp
> > > 
> > > * Package name: go-flags
> > >   Upstream Author : Jesse van den Kieboom
> > > * URL : https://github.com/jessevdk/go-flags
> > > * License : BSD-3-clause
> > >   Programming Lang: Go
> > >   Description : go command line option parser
> > > 
> > >  go-flags: Go library for parsing command line arguments
> > >
> > This is already packaged, as golang-go-flags-dev or something like that.
> 
> https://tracker.debian.org/pkg/golang-go-flags
> 
> and there is also
> 
> https://tracker.debian.org/pkg/golang-github-svent-go-flags
> 
> both originate from https://github.com/jessevdk/go-flags
> 
> both packages are maintaint by pkg-go-maintain...@lists.alioth.debian.org
> 
> 
> Closing this ITP  could be an option.

Using this bugreport for discussion what to do with
the "duplicate" is another option.


Groeten
Geert Stappers
-- 
Leven en laten leven

Bug#886837: scilab: impossible to plot anything

[Cedric.Flageul]

Package: scilab
Version: 6.0.0-1
Severity: important

Dear Maintainer,

Scilab can perform usual operations but fails to plot anything. After the 
instruction "scf()", a figure does pop-up but nothing can be plotted there. For 
instance, the instruction "plot()" should give a plot, but nothing appears. I 
paste below the error message obtained in the terminal following the command 
"scf()".

Exception in thread "AWT-EventQueue-1" com.jogamp.opengl.GLException: Caught
GLException: AWT-EventQueue-1: createImpl ARB n/a but required, profile > GL2
requested (OpenGL >= 3.1). Requested: GLProfile[GL3bc/GL3bc.sw], current: 3.0
(Compat profile, compat[ES2], FBO, software) - 3.0 Mesa 17.2.5
at
com.jogamp.opengl.awt.GLJPanel$OffscreenBackend.initialize(GLJPanel.java:1795)
at
com.jogamp.opengl.awt.GLJPanel.initializeBackendImpl(GLJPanel.java:1377)
at com.jogamp.opengl.awt.GLJPanel.paintComponent(GLJPanel.java:549)
at javax.swing.JComponent.paint(JComponent.java:1056)
at javax.swing.JComponent.paintChildren(JComponent.java:889)
at javax.swing.JComponent.paint(JComponent.java:1065)
at javax.swing.JComponent.paintChildren(JComponent.java:889)
at javax.swing.JComponent.paint(JComponent.java:1065)
at javax.swing.JLayeredPane.paint(JLayeredPane.java:586)
at javax.swing.JComponent.paintChildren(JComponent.java:889)
at javax.swing.JComponent.paint(JComponent.java:1065)
at javax.swing.JViewport.paint(JViewport.java:728)
at javax.swing.JComponent.paintChildren(JComponent.java:889)
at javax.swing.JComponent.paint(JComponent.java:1065)
at javax.swing.JComponent.paintToOffscreen(JComponent.java:5210)
at
javax.swing.BufferStrategyPaintManager.paint(BufferStrategyPaintManager.java:290)
at javax.swing.RepaintManager.paint(RepaintManager.java:1272)
at javax.swing.JComponent._paintImmediately(JComponent.java:5158)
at javax.swing.JComponent.paintImmediately(JComponent.java:4969)
at javax.swing.RepaintManager$4.run(RepaintManager.java:831)
at javax.swing.RepaintManager$4.run(RepaintManager.java:814)
at java.security.AccessController.doPrivileged(Native Method)
at
java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:80)
at
javax.swing.RepaintManager.paintDirtyRegions(RepaintManager.java:814)
at
javax.swing.RepaintManager.paintDirtyRegions(RepaintManager.java:789)
at
javax.swing.RepaintManager.prePaintDirtyRegions(RepaintManager.java:738)
at javax.swing.RepaintManager.access$1200(RepaintManager.java:64)
at
javax.swing.RepaintManager$ProcessingRunnable.run(RepaintManager.java:1732)
at java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:311)
at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:756)
at java.awt.EventQueue.access$500(EventQueue.java:97)
at java.awt.EventQueue$3.run(EventQueue.java:709)
at java.awt.EventQueue$3.run(EventQueue.java:703)
at java.security.AccessController.doPrivileged(Native Method)
at
java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:80)
at java.awt.EventQueue.dispatchEvent(EventQueue.java:726)
at
org.GNOME.Accessibility.AtkWrapper$5.dispatchEvent(AtkWrapper.java:700)
at
java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:201)
at
java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116)
at
java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105)
at
java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
at java.awt.EventDispatchThread.run(EventDispatchThread.java:82)
Caused by: com.jogamp.opengl.GLException: AWT-EventQueue-1: createImpl ARB n/a
but required, profile > GL2 requested (OpenGL >= 3.1). Requested:
GLProfile[GL3bc/GL3bc.sw], current: 3.0 (Compat profile, compat[ES2], FBO,
software) - 3.0 Mesa 17.2.5
at
jogamp.opengl.x11.glx.X11GLXContext.createImpl(X11GLXContext.java:440)
at
jogamp.opengl.GLContextImpl.makeCurrentWithinLock(GLContextImpl.java:765)
at jogamp.opengl.GLContextImpl.makeCurrent(GLContextImpl.java:648)
at jogamp.opengl.GLContextImpl.makeCurrent(GLContextImpl.java:586)
at
com.jogamp.opengl.awt.GLJPanel$OffscreenBackend.initialize(GLJPanel.java:1731)
... 42 more
Exception in thread "Thread-6" com.jogamp.opengl.GLException:
java.lang.reflect.InvocationTargetException
at com.jogamp.opengl.awt.GLJPanel.display(GLJPanel.java:465)
at
org.scilab.modules.gui.bridge.canvas.SwingScilabCanvasImpl$SafeGLJPanel.display(Unknown
Source)
at
org.scilab.forge.scirenderer.implementation.jogl.JoGLCanvas$CanvasAnimator.run(Unknown
Source)
   

Bug#886806: intel-microcode: New version 20180108 published

[Henrique de Moraes Holschuh]

found 886806 intel-microcode/3.20140913.1
fixed 886806 intel-microcode/3.20180108.1
thanks

On Wed, 10 Jan 2018, Karl Kornel wrote:
> Well, it looks like there has been a release!  The data file version is 
> 20180108.

Due to timing, I missed this bug report when I readied the 3.20180108.1
package, so it was not closed automatically by the upload.

For the record: currently the plan is for updated packages for stable to
be provided as usual (first through backports, then stable updates) as
per documented in the relevant Debian wiki pages[1].

Users are urged to look for firmware updates, Intel has issued
mitigation microcode updates only for a subset of processors thus far
(including the 20180108 release).

[1] https://wiki.debian.org/Microcode

-- 
  Henrique Holschuh

Bug#886838: ITP: python-pygerrit2 -- Python library to interact with Gerrit Code Review via the REST API

[Filip Pytloun]

Package: wnpp
Severity: wishlist
Owner: Filip Pytloun 

* Package name: python-pygerrit2
  Version : 2.0.4
  Upstream Author : David Pursehouse 
* URL : https://github.com/dpursehouse/pygerrit2
* License : Expat
  Programming Lang: Python
  Description : Client library to interact with Gerrit Code Review via the 
REST API

pygerrit2 is simple Python library to provide interface to interact with
Gerrit Code Review via it's REST API.


signature.asc
Description: PGP signature

Bug#886839: upgrade-reports: USB WiFi dongle support lost after security kernel upgrade

[michael]

Package: upgrade-reports
Severity: important

Dear Maintainer,
   * What led up to the situation?
 Vulnerabilty in the kernel to Spectre/Meltdown
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
Kernel upgrade to 3.16.51-3+deb8u1 and support for USB wifi 
dongle using RTL8192EU chip stopped. Re-installed drivers from 
existing driver package 
   * What was the outcome of this action?
USB WiFi dongle support restored.
   * What outcome did you expect instead?


-- System Information:
Debian Release: 8.10 (8.9.0)
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#884288: simplesnap: diff for NMU version 1.0.4+nmu1

[Adrian Bunk]

Control: tags 884288 + patch
Control: tags 884288 + pending

Dear maintainer,

I've prepared an NMU for simplesnap (versioned as 1.0.4+nmu1) and 
uploaded it to DELAYED/10. Please feel free to tell me if I should 
cancel it.

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

diff -Nru simplesnap-1.0.4/debian/changelog simplesnap-1.0.4+nmu1/debian/changelog
--- simplesnap-1.0.4/debian/changelog	2017-10-10 16:45:11.0 +0300
+++ simplesnap-1.0.4+nmu1/debian/changelog	2018-01-10 15:09:28.0 +0200
@@ -1,3 +1,11 @@
+simplesnap (1.0.4+nmu1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Correct the order of dependencies to list
+zfs-fuse (in main) first. (Closes: #884288)
+
+ -- Adrian Bunk   Wed, 10 Jan 2018 15:09:28 +0200
+
 simplesnap (1.0.4) unstable; urgency=low
 
   [ John Goerzen ]
diff -Nru simplesnap-1.0.4/debian/control simplesnap-1.0.4+nmu1/debian/control
--- simplesnap-1.0.4/debian/control	2017-10-10 16:42:57.0 +0300
+++ simplesnap-1.0.4+nmu1/debian/control	2018-01-10 15:09:24.0 +0200
@@ -10,7 +10,7 @@
 
 Package: simplesnap
 Architecture: all
-Depends: ${misc:Depends}, zfsutils | zfsutils-linux | zfs-fuse, liblockfile-bin
+Depends: ${misc:Depends}, zfs-fuse | zfsutils-linux | zfsutils, liblockfile-bin
 Suggests: zfsnap
 Description: Simple and powerful network transmission of ZFS snapshots
  simplesnap is a simple way to send ZFS snapshots across a net‐

Bug#886840: glibc ia64 memchr bug causes testsuite failures in m4 and diffutils

[Jason Duerstock]

Source: glibc
Severity: normal
Tags: patch

Dear Maintainer,

glibc 2.26 has an ia64 bug as detailed here:
https://sourceware.org/bugzilla/show_bug.cgi?id=22603

The patch as scheduled to be merged into the next version of glibc is available 
here:
https://sourceware.org/git/?p=glibc.git;a=commit;h=3bb1ef58b989012f8199b82af6ec136da2f9fda3

Please include it in the next src:glibc release.

Thank you,

Jason


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: ia64

Kernel: Linux 3.14-0.bpo.2-mckinley (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Bug#886841: linux-image-4.9.0-5-amd64: bluetooth list corruption bt_sock_poll

[Florian Lohoff]

Package: src:linux
Version: 4.9.65-3+deb9u2
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

I had a Kernel crash today while i was in the lunch break. The kernel
crashdump stored dmesg and a kernel crash file. The only connection
should have been a bluetooth laser mouse as seen from the dmesg

[...]
[82522.702593] IPv6: ADDRCONF(NETDEV_CHANGE): wlp3s0: link becomes ready
[82530.496658] NMI watchdog: enabled on all CPUs, permanently consumes one 
hw-PMU counter.
[82530.525398] EXT4-fs (dm-1): re-mounted. Opts: 
errors=remount-ro,data=ordered,commit=0
[82530.562043] EXT4-fs (sda1): re-mounted. Opts: 
block_validity,barrier,user_xattr,acl
[82530.892480] thinkpad_acpi: EC reports that Thermal Table has changed
[83042.675249] hid-generic 0005:17EF:6038.0006: unknown main item tag 0x0
[83042.675381] input: ThinkPad Bluetooth Laser Mouse as 
/devices/pci:00/:00:14.0/usb2/2-7/2-7:1.0/bluetooth/hci0/hci0:256/0005:17EF:6038.0006/input/input26
[83042.675583] hid-generic 0005:17EF:6038.0006: input,hidraw0: BLUETOOTH HID 
v2.00 Mouse [ThinkPad Bluetooth Laser Mouse] on e8:2a:ea:bd:d9:c6
[84211.260744] wlp3s0: deauthenticated from 68:86:a7:46:02:f7 (Reason: 
7=CLASS3_FRAME_FROM_NONASSOC_STA)
[84211.397297] wlp3s0: authenticate with 68:86:a7:46:02:f7
[84211.401487] wlp3s0: send auth to 68:86:a7:46:02:f7 (try 1/3)
[84211.403346] wlp3s0: authenticated
[84211.404983] wlp3s0: associate with 68:86:a7:46:02:f7 (try 1/3)
[84211.410687] wlp3s0: RX AssocResp from 68:86:a7:46:02:f7 (capab=0x431 
status=0 aid=9)
[84211.423651] wlp3s0: associated
[89431.623000] wlp3s0: deauthenticated from 68:86:a7:46:02:f7 (Reason: 
7=CLASS3_FRAME_FROM_NONASSOC_STA)
[89431.794147] wlp3s0: authenticate with 68:86:a7:46:02:f7
[89431.798752] wlp3s0: send auth to 68:86:a7:46:02:f7 (try 1/3)
[89431.802228] wlp3s0: authenticated
[89431.809405] wlp3s0: associate with 68:86:a7:46:02:f7 (try 1/3)
[89431.814844] wlp3s0: RX AssocResp from 68:86:a7:46:02:f7 (capab=0x431 
status=0 aid=9)
[89431.819516] wlp3s0: associated
[90333.333991] wlp3s0: deauthenticated from 68:86:a7:46:02:f7 (Reason: 
7=CLASS3_FRAME_FROM_NONASSOC_STA)
[90333.505311] wlp3s0: authenticate with 68:86:a7:46:02:f7
[90333.510330] wlp3s0: send auth to 68:86:a7:46:02:f7 (try 1/3)
[90333.513557] wlp3s0: authenticated
[90333.517836] wlp3s0: associate with 68:86:a7:46:02:f7 (try 1/3)
[90333.522549] wlp3s0: RX AssocResp from 68:86:a7:46:02:f7 (capab=0x431 
status=0 aid=9)
[90333.532009] wlp3s0: associated
[90351.166507] wlp3s0: deauthenticated from 68:86:a7:46:02:f7 (Reason: 
7=CLASS3_FRAME_FROM_NONASSOC_STA)
[90351.286284] wlp3s0: authenticate with 68:86:a7:46:02:f7
[90351.294327] wlp3s0: send auth to 68:86:a7:46:02:f7 (try 1/3)
[90351.296183] wlp3s0: authenticated
[90351.301644] wlp3s0: associate with 68:86:a7:46:02:f7 (try 1/3)
[90351.307191] wlp3s0: RX AssocResp from 68:86:a7:46:02:f7 (capab=0x431 
status=0 aid=9)
[90351.312550] wlp3s0: associated
[92074.465810] [ cut here ]
[92074.465820] WARNING: CPU: 3 PID: 3064 at 
/build/linux-4.9.65/lib/list_debug.c:29 __list_add+0x5c/0xb0
[92074.465823] list_add corruption. next->prev should be prev 
(978802b93288), but was dead0200. (next=a71748e8fe78).
[92074.465825] Modules linked in: uinput tun hid_generic hidp hid ctr ccm 
rpcsec_gss_krb5 auth_rpcgss oid_registry nfsv4 dns_resolver nfs lockd grace 
fscache rfcomm fuse ebtable_filter ebtables ip6table_filter ip6_tables pci_stub 
vboxpci(O) vboxnetadp(O) vboxnetflt(O) vboxdrv(O) cpufreq_conservative 
cpufreq_powersave cpufreq_userspace cmac bnep binfmt_misc uvcvideo 
videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_core videodev media 
btusb btrtl btbcm btintel bluetooth arc4 iTCO_wdt iTCO_vendor_support 
intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel iwlmvm 
mac80211 snd_hda_codec_hdmi kvm snd_hda_codec_realtek iwlwifi irqbypass 
snd_hda_codec_generic rtsx_pci_ms intel_cstate intel_uncore joydev 
intel_rapl_perf memstick pcspkr serio_raw cfg80211 snd_hda_intel snd_hda_codec
[92074.465885]  snd_hda_core snd_hwdep mei_me snd_pcm_oss sg snd_mixer_oss mei 
shpchp snd_pcm snd_timer lpc_ich thinkpad_acpi nvram snd soundcore ac rfkill 
battery evdev xt_tcpudp nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack 
nf_conntrack iptable_filter parport_pc ppdev lp parport sunrpc ip_tables 
x_tables autofs4 ext4 crc16 jbd2 fscrypto ecb mbcache btrfs algif_skcipher 
af_alg dm_crypt dm_mod raid10 raid456 async_raid6_recov async_memcpy async_pq 
async_xor async_tx xor raid6_pq libcrc32c crc32c_generic raid1 raid0 multipath 
linear md_mod sd_mod crct10dif_pclmul crc32_pclmul crc32c_intel 
ghash_clmulni_intel rtsx_pci_sdmmc mmc_core ahci libahci libata scsi_mod 
aesni_intel i2c_i801 i2c_smbus aes_x86_64 lrw gf128mul glue_helper ablk_helper 
cryptd xhci_pci xhci_hcd ehci_pci ehci_hcd psmouse i915 i2c_algo_bit
[92074.465953]  rtsx_pci mfd_core drm_kms_helper usbcore e1000e usb_common ptp 
pps_core drm thermal wmi video button
[920

Bug#886842: libreswan,strongswan-libcharon: both ship /usr/lib/ipsec/_updown

[Andreas Beckmann]

Package: libreswan,strongswan-libcharon
Severity: serious
User: trei...@debian.org
Usertags: edos-file-overwrite
Control: found -1 5.6.1-3
Control: found -1 3.22-3

Hi,

automatic installation tests of packages that share a file and at the
same time do not conflict by their package dependency relationships has
detected the following problem:

  Selecting previously unselected package strongswan-libcharon.
  Preparing to unpack .../strongswan-libcharon_5.6.1-3_amd64.deb ...
  Unpacking strongswan-libcharon (5.6.1-3) ...
  dpkg: error processing archive 
/var/cache/apt/archives/strongswan-libcharon_5.6.1-3_amd64.deb (--unpack):
   trying to overwrite '/usr/lib/ipsec/_updown', which is also in package 
libreswan 3.22-3
  dpkg-deb: error: paste subprocess was killed by signal (Broken pipe)
  Errors were encountered while processing:
   /var/cache/apt/archives/strongswan-libcharon_5.6.1-3_amd64.deb


This is a serious bug as it makes installation fail, and violates
sections 7.6.1 and 10.1 of the policy. An optimal solution would
consist in only one of the packages installing that file, and renaming
or removing the file in the other package. Depending on the
circumstances you might also consider Replace relations or file
diversions. If the conflicting situation cannot be resolved then, as a
last resort, the two packages have to declare a mutual
Conflict. Please take into account that Replaces, Conflicts and
diversions should only be used when packages provide different
implementations for the same functionality.

Here is a list of files that are known to be shared by both packages
(according to the Contents file for sid/amd64, which may be
slightly out of sync):

  usr/lib/ipsec/_updown

This bug is assigned to both packages. If you, the maintainers of
the two packages in question, have agreed on which of the packages will
resolve the problem please reassign the bug to that package. You may
also register in the BTS that the other package is affected by the bug.


Cheers,

Andreas

PS: for more information about the detection of file overwrite errors
of this kind see https://qa.debian.org/dose/file-overwrites.html


libreswan=3.22-3_strongswan-libcharon=5.6.1-3.log.gz
Description: application/gzip

Bug#886837: scilab: impossible to plot anything

[Cedric.Flageul]

Debian is running inside a Virtual Machine (VirtualBox Version 5.2.2 r119230 
(Qt5.6.2)) with no 2D / 3D graphic acceleration.

Bug#886844: ITP: node-babel-plugin-transform-inline-imports-commonjs

[Paolo Greppi]

Package: wnpp
Severity: wishlist
Owner: Paolo Greppi 

* Package name: node-babel-plugin-transform-inline-imports-commonjs
  Version : 1.2.0
  Upstream Author : Andres Suarez 
* URL : 
https://github.com/zertosh/babel-plugin-transform-inline-imports-commonjs#readme
* License : Expat
  Programming Lang: JavaScript
  Description : Babel plugin that lazily transforms ES2015 modules to 
CommonJS

 This babel plugin transforms ES2015 modules to CommonJS and can be used
 instead of node-babel-plugin-transform-es2015-modules-commonjs; it uses lazy
 module loading i.e. your modules are not really imported before you accessxi
 their exports.
 Lazy module import skips all modules besides those which are really needed,
 it is faster and works nicer with circular dependencies between modules.
 .
 Babel is a JavaScript compiler to use next generation JavaScript, today.
 .
 Node.js is an event-based server-side JavaScript engine.

This is required to build node-yarnpkg, see ITP:
https://bugs.debian.org/843021

My intention is to package it within the JavaScript maintainers team.

The repo will be on salsa:
https://salsa.debian.org/js-team/node-babel-plugin-transform-inline-imports-commonjs

Paolo

Bug#886843: ITP: node-yn -- Parse yes/no like values - Node.js module

[Paolo Greppi]

Package: wnpp
Severity: wishlist
Owner: Paolo Greppi 

* Package name: node-yn
  Version : 2.0.0
  Upstream Author : Sindre Sorhus  (sindresorhus.com)
* URL : https://github.com/sindresorhus/yn#readme
* License : Expat
  Programming Lang: JavaScript
  Description : Parse yes/no like values - Node.js module

 This Node.js module parses strings with yes/no like values and returns a bool
 or undefined. It has options to return a default instead of undefined and
 a lenient mode to gracefully handle typos.
 .
 It can useful for validating answers of a CLI prompt.
 .
 Node.js is an event-based server-side JavaScript engine.

This is required for node-yarnpkg, see ITP:
https://bugs.debian.org/843021

My intention is to package it within the JavaScript maintainers team.

The repo will be on salsa:
https://salsa.debian.org/js-team/node-yn

Paolo

Bug#886845: golang-github-cloudfoundry-gosigar-dev: /usr/bin/stress is already shipped by the 'stress' package

[Andreas Beckmann]

Package: golang-github-cloudfoundry-gosigar-dev
Version: 0.0~git20171121.dcb1afc-1
Severity: serious
User: trei...@debian.org
Usertags: edos-file-overwrite

Hi,

automatic installation tests of packages that share a file and at the
same time do not conflict by their package dependency relationships has
detected the following problem:

  Selecting previously unselected package 
golang-github-cloudfoundry-gosigar-dev.
  Preparing to unpack 
.../18-golang-github-cloudfoundry-gosigar-dev_0.0~git20171121.dcb1afc-1_all.deb 
...
  Unpacking golang-github-cloudfoundry-gosigar-dev (0.0~git20171121.dcb1afc-1) 
...
  dpkg: error processing archive 
/tmp/apt-dpkg-install-ZEB1BA/18-golang-github-cloudfoundry-gosigar-dev_0.0~git20171121.dcb1afc-1_all.deb
 (--unpack):
   trying to overwrite '/usr/bin/stress', which is also in package stress 
1.0.4-2
  dpkg-deb: error: paste subprocess was killed by signal (Broken pipe)
  Errors were encountered while processing:
   
/tmp/apt-dpkg-install-ZEB1BA/18-golang-github-cloudfoundry-gosigar-dev_0.0~git20171121.dcb1afc-1_all.deb


This is a serious bug as it makes installation fail, and violates
sections 7.6.1 and 10.1 of the policy. An optimal solution would
consist in only one of the packages installing that file, and renaming
or removing the file in the other package. Depending on the
circumstances you might also consider Replace relations or file
diversions. If the conflicting situation cannot be resolved then, as a
last resort, the two packages have to declare a mutual
Conflict. Please take into account that Replaces, Conflicts and
diversions should only be used when packages provide different
implementations for the same functionality.

Cheers,

Andreas

PS: for more information about the detection of file overwrite errors
of this kind see https://qa.debian.org/dose/file-overwrites.html


stress=1.0.4-2_golang-github-cloudfoundry-gosigar-dev=0.0~git20171121.dcb1afc-1.log.gz
Description: application/gzip

Bug#859543: Fix build with openssl-1.1

[Chris West]

Control: tags -1 + patch

The attached patch disables the faulty detection of MD2, causing the
build to proceed to completion. MD2 authentication will be disabled, as
I understand it, but this is probably okay?

MD2 is supported by openssl-1.1, but it has been disabled at configure
time in Debian, as is the default.
MD2 is a very old, very broken hash algorithm (even worse than MD5).

Cheers,
Chris.

>From 4bf11095b29a8f9490b0e093c8fb2659dcea8894 Mon Sep 17 00:00:00 2001
From: "Chris West (Faux)" 
Date: Wed, 10 Jan 2018 13:25:45 +
Subject: [PATCH] eliminate faulty check for md2

---
 openhpi-3.6.1/configure.ac   | 2 +-
 openhpi-3.6.1/debian/control | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/openhpi-3.6.1/configure.ac b/openhpi-3.6.1/configure.ac
index 02b5786..cb9bc01 100644
--- a/openhpi-3.6.1/configure.ac
+++ b/openhpi-3.6.1/configure.ac
@@ -179,7 +179,7 @@ AC_CHECK_LIB([crypto],[MD5_Init],[CRYPTO_LIB=-lcrypto],[CRYPTO_LIB=])
 AC_SUBST(CRYPTO_LIB)
 AC_CHECK_LIB([ssl],[SSL_library_init],[SSL_LIB=-lssl],[SSL_LIB=])
 AC_SUBST(SSL_LIB)
-AC_CHECK_HEADERS([openssl/md2.h openssl/md5.h openssl/bio.h openssl/ssl.h openssl/err.h],[have_openssl=yes],[have_openssl=no])
+AC_CHECK_HEADERS([openssl/md5.h openssl/bio.h openssl/ssl.h openssl/err.h],[have_openssl=yes],[have_openssl=no])
 
 dnl xml is used for XML-based communication in ilo2_ribcl and oa_soap
 AC_CHECK_LIB([xml2],[xmlParseMemory],[XML2_LIB=-lxml2],[XML2_LIB=])
diff --git a/openhpi-3.6.1/debian/control b/openhpi-3.6.1/debian/control
index 57402a8..fde4ce2 100644
--- a/openhpi-3.6.1/debian/control
+++ b/openhpi-3.6.1/debian/control
@@ -4,7 +4,7 @@ Priority: optional
 Maintainer: Mohan Devarajulu 
 Uploaders: Khalid Aziz 
 Homepage: http://openhpi.org
-Build-Depends: debhelper (>= 9), dpkg-dev (>= 1.16.1~), autotools-dev, autoconf (>= 2.57), dh-autoreconf, automake(>= 1.9), uuid-dev, libglib2.0-dev (>= 2.2), pkg-config, libltdl-dev, openipmi (>= 2.0.7), libopenipmi-dev (>=2.0.7), libsnmp-dev, libssl1.0-dev | libssl-dev (<< 1.1.0~), libsysfs-dev (>= 0.3), libncurses5-dev, libxml2-dev
+Build-Depends: debhelper (>= 9), dpkg-dev (>= 1.16.1~), autotools-dev, autoconf (>= 2.57), dh-autoreconf, automake(>= 1.9), uuid-dev, libglib2.0-dev (>= 2.2), pkg-config, libltdl-dev, openipmi (>= 2.0.7), libopenipmi-dev (>=2.0.7), libsnmp-dev, libssl-dev, libsysfs-dev (>= 0.3), libncurses5-dev, libxml2-dev
 Standards-Version: 4.0.0
 
 Package: libopenhpi3
-- 
2.15.1

Bug#886837: scilab: impossible to plot anything

[Sylvestre Ledru]

On 10/01/2018 14:13, cedric.flag...@ijs.si wrote:
> Debian is running inside a Virtual Machine (VirtualBox Version 5.2.2 r119230 
> (Qt5.6.2)) with no 2D / 3D graphic acceleration.
> 

This is probably the reason. jogl (the opengl lib that Scilab uses) needs good 
opengl driver support.

S

Bug#886846: please create debian-common-lisp mailing list

[Sébastien Villemot]

Package: lists.debian.org
Severity: wishlist

Dear listmasters,

With the upcoming shutdown of alioth, the Debian Common Lisp Team¹ needs a
dedicated mailing lists for discussions about the packaging effort (we do not
use iRC).

Common Lisp is a general purpose programming language, standardized via an ANSI
document.² The team maintains several Common Lisp implementations, several
libraries (either C dependencies of the aforementioned implementations, or
libraries written in Common Lisp) and related software.

The list would mainly be for human traffic. But if we are allowed to do so, we
would also be happy to use it for the Maintainer field of our packages; please
let us know if the latter is acceptable for you.

Also, we would be happy to import the archives and subscribers list from our
previous list: pkg-common-lisp-de...@lists.alioth.debian.org


Name: debian-common-lisp
Short description: Maintenance of Common Lisp packages in Debian
Long description: Discussions about the packaging in Debian of Common Lisp
  implementations, libraries, tools and other related software.
Category: Developers
Subscription policy: open
Post policy: open
Web archive: yes


Thanks!


¹ https://wiki.debian.org/Teams/DebianCommonLisp
² https://wiki.debian.org/CommonLisp

-- 
⢀⣴⠾⠻⢶⣦⠀  Sébastien Villemot
⣾⠁⢠⠒⠀⣿⡁  Debian Developer
⢿⡄⠘⠷⠚⠋⠀  http://sebastien.villemot.name
⠈⠳⣄  http://www.debian.org


signature.asc
Description: PGP signature

Bug#886847: python3-ldap,python3-pyldap: error when trying to install together

[Andreas Beckmann]

Package: python3-ldap,python3-pyldap
Severity: serious
User: trei...@debian.org
Usertags: edos-file-overwrite
Control: found -1 3.0.0~b3-1
Control: found -1 2.4.25.1-2

Hi,

automatic installation tests of packages that share a file and at the
same time do not conflict by their package dependency relationships has
detected the following problem:

  Selecting previously unselected package python3-pyldap.
  Preparing to unpack .../python3-pyldap_2.4.25.1-2+b1_amd64.deb ...
  Unpacking python3-pyldap (2.4.25.1-2+b1) ...
  dpkg: error processing archive 
/var/cache/apt/archives/python3-pyldap_2.4.25.1-2+b1_amd64.deb (--unpack):
   trying to overwrite 
'/usr/lib/python3/dist-packages/_ldap.cpython-36m-x86_64-linux-gnu.so', which 
is also in package python3-ldap 3.0.0~b3-1
  Errors were encountered while processing:
   /var/cache/apt/archives/python3-pyldap_2.4.25.1-2+b1_amd64.deb


This is a serious bug as it makes installation fail, and violates
sections 7.6.1 and 10.1 of the policy. An optimal solution would
consist in only one of the packages installing that file, and renaming
or removing the file in the other package. Depending on the
circumstances you might also consider Replace relations or file
diversions. If the conflicting situation cannot be resolved then, as a
last resort, the two packages have to declare a mutual
Conflict. Please take into account that Replaces, Conflicts and
diversions should only be used when packages provide different
implementations for the same functionality.

Here is a list of files that are known to be shared by both packages
(according to the Contents file for sid/amd64, which may be
slightly out of sync):

usr/lib/python3/dist-packages/_ldap.cpython-36m-x86_64-linux-gnu.so
usr/lib/python3/dist-packages/ldap/__init__.py
usr/lib/python3/dist-packages/ldap/async.py
usr/lib/python3/dist-packages/ldap/cidict.py
usr/lib/python3/dist-packages/ldap/compat.py
usr/lib/python3/dist-packages/ldap/controls/__init__.py
usr/lib/python3/dist-packages/ldap/controls/deref.py
usr/lib/python3/dist-packages/ldap/controls/libldap.py
usr/lib/python3/dist-packages/ldap/controls/openldap.py
usr/lib/python3/dist-packages/ldap/controls/ppolicy.py
usr/lib/python3/dist-packages/ldap/controls/psearch.py
usr/lib/python3/dist-packages/ldap/controls/pwdpolicy.py
usr/lib/python3/dist-packages/ldap/controls/readentry.py
usr/lib/python3/dist-packages/ldap/controls/sessiontrack.py
usr/lib/python3/dist-packages/ldap/controls/simple.py
usr/lib/python3/dist-packages/ldap/dn.py
usr/lib/python3/dist-packages/ldap/extop/__init__.py
usr/lib/python3/dist-packages/ldap/extop/dds.py
usr/lib/python3/dist-packages/ldap/filter.py
usr/lib/python3/dist-packages/ldap/functions.py
usr/lib/python3/dist-packages/ldap/ldapobject.py
usr/lib/python3/dist-packages/ldap/logger.py
usr/lib/python3/dist-packages/ldap/modlist.py
usr/lib/python3/dist-packages/ldap/resiter.py
usr/lib/python3/dist-packages/ldap/sasl.py
usr/lib/python3/dist-packages/ldap/schema/__init__.py
usr/lib/python3/dist-packages/ldap/schema/models.py
usr/lib/python3/dist-packages/ldap/schema/subentry.py
usr/lib/python3/dist-packages/ldap/schema/tokenizer.py
usr/lib/python3/dist-packages/ldap/syncrepl.py
usr/lib/python3/dist-packages/ldapurl.py
usr/lib/python3/dist-packages/ldif.py


This bug is assigned to both packages. If you, the maintainers of
the two packages in question, have agreed on which of the packages will
resolve the problem please reassign the bug to that package. You may
also register in the BTS that the other package is affected by the bug.

Cheers,

Andreas

PS: for more information about the detection of file overwrite errors
of this kind see https://qa.debian.org/dose/file-overwrites.html


python3-ldap=3.0.0~b3-1_python3-pyldap=2.4.25.1-2+b1.log.gz
Description: application/gzip

Bug#886848: gosa-plugin-pwreset: fails to provide the promised web interface

[Wolfgang Schweer]

Package: gosa-plugin-pwreset
Version: 0.99-4
Severity: important

Hi Mike,

while testing the pwreset plugin with Debian Edu Buster, it failed.

I've got it working w/ this patch applied:

--- a/tabs_pwreset.inc  2017-01-11 20:44:03.0 +0100
+++ b/tabs_pwreset.inc  2018-01-10 13:58:05.556759356 +0100
@@ -24,7 +24,7 @@

   function __construct($config, $data, $dn)
   {
-tabs::tabs($config, $data, $dn);
+tabs::__construct($config, $data, $dn);
   }

   function save_object($save_current= FALSE)

Please check and upload a fixed gosa-plugin-pwreset package.

Wolfgang


signature.asc
Description: PGP signature

Bug#886837: scilab: impossible to plot anything

[Cedric.Flageul]

In stretch, scilab 5.5.2 required libjogl2-java >= 2.3.2 and was working fine. 
In buster, scilab 6.0.0 also requires libjogl2-java >= 2.3.2 so I was expecting 
it would still work. Activation of 3D acceleration in VirtualBox does not solve 
the issue and brings another error message:

When starting scilab:
OpenGL Warning: glXChooseVisual: ignoring attribute 0x23

When typing "scf()":
OpenGL Warning: vboxCall failed with VBox status code 
VERR_BUFFER_OVERFLOW
OpenGL Warning: SHCRGL_GUEST_FN_WRITE_READ (72) failed with ffd7 
ffd7

Thx,
CF

Bug#886851: icinga: FTBFS twice in a row due to icinga-dbg cruft commands

[Andreas Beckmann]

Source: icinga
Version: 1.14.2+ds-1~exp1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

icinga/experimental has dropped the icinga-dbg package, but some
commands in debian/rules still reference it (override_dh_install-arch),
creating cruft that is not cleaned up by debian/rules clean
(debian/icinga-dbg/usr/bin/mini_epn_icinga), failing to build the
package a second time:


 dpkg-source -b icinga-1.14.2+ds
dpkg-source: info: using source format '3.0 (quilt)'
dpkg-source: error: unwanted binary file: 
debian/icinga-dbg/usr/bin/mini_epn_icinga
dpkg-source: error: detected 1 unwanted binary file (add it in 
debian/source/include-binaries to allow its inclusion).
dpkg-buildpackage: error: dpkg-source -b icinga-1.14.2+ds subprocess returned 
exit status 29


(This was dpkg-source being called after the first build of the
package succeeded.)


Andreas


icinga_1.14.2+ds-1~exp1_twice.log.gz
Description: application/gzip

Bug#886850: rsync: Enable --times by default

[Olaf van der Spek]

Package: rsync
Version: 3.1.1-3+deb8u1
Severity: wishlist

Dear Maintainer,

Could --times be enabled by default?
An important optimization depends on it. Preserving modification times would be 
nice anyway.

> -t, --times
This tells rsync to transfer modification times along with the files and update 
them on the remote system. Note that if this option is not used, the 
optimization that excludes files that have not been modified cannot be 
effective; in other words, a missing -t or -a will cause the next transfer to 
behave as if it used -I, causing all files to be updated (though rsync's 
delta-transfer algorithm will make the update fairly efficient if the files 
haven't actually changed, you're much better off using -t)

Gr,

Olaf

-- System Information:
Debian Release: 8.10
  APT prefers oldstable
  APT policy: (500, 'oldstable'), (1, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages rsync depends on:
ii  base-files  8+deb8u10
ii  libacl1 2.2.52-2
ii  libattr11:2.4.47-2
ii  libc6   2.19-18+deb8u10
ii  libpopt01.16-10
ii  lsb-base4.1+Debian13+nmu1

rsync recommends no packages.

Versions of packages rsync suggests:
ii  openssh-client  1:6.7p1-5+deb8u4
ii  openssh-server  1:6.7p1-5+deb8u4

-- no debconf information

Bug#886849: ITP: node-puka -- Safely pass strings through shells - Node.js module

[Paolo Greppi]

Package: wnpp
Severity: wishlist
Owner: Paolo Greppi 

* Package name: node-puka
  Version : 1.0.0
  Upstream Author : Ryan Hendrickson 
* URL : https://gitlab.com/rhendric/puka
* License : Expat
  Programming Lang: JavaScript
  Description : Safely pass strings through shells - Node.js module

 A Node.js module that provides a simple and platform-agnostic way
 to build shell commands with arguments that pass through your shell
 unaltered and with no unsafe side effects, whether you are running
 on Windows or a Unix-based OS.
 .
 It is useful when launching a child process from Node.js using a shell
 (as with child_process.exec); in that case you have to construct your
 command as a single string instead of using an array of arguments.
 And doing that can be buggy (if not dangerous) if you don't take care
 to quote any arguments correctly for the shell you're targeting, and
 the quoting has to be done differently on Windows and non-Windows shells.
 .
 Node.js is an event-based server-side JavaScript engine.

This is required for node-yarnpkg, see ITP:
https://bugs.debian.org/843021

My intention is to package it within the JavaScript maintainers team.

It will be built with rollup, and requires:
- rollup-plugin-babel, ITP: http://bugs.debian.org/886404
- rollup-plugin-cleanup

The repo will be on salsa:
https://salsa.debian.org/js-team/node-puka

Paolo

Bug#886847: python3-ldap,python3-pyldap: error when trying to install together

[Willem van den Akker]

On Wed, 2018-01-10 at 14:37 +0100, Andreas Beckmann wrote:
> Package: python3-ldap,python3-pyldap
> Severity: serious
> User: trei...@debian.org
> Usertags: edos-file-overwrite
> Control: found -1 3.0.0~b3-1
> Control: found -1 2.4.25.1-2
> 
> Hi,
> 
> automatic installation tests of packages that share a file and at the
> same time do not conflict by their package dependency relationships has
> detected the following problem:
> 
>   Selecting previously unselected package python3-pyldap.
>   Preparing to unpack .../python3-pyldap_2.4.25.1-2+b1_amd64.deb ...
>   Unpacking python3-pyldap (2.4.25.1-2+b1) ...
>   dpkg: error processing archive 
> /var/cache/apt/archives/python3-pyldap_2.4.25.1-2+b1_amd64.deb (--unpack):
>trying to overwrite 
> '/usr/lib/python3/dist-packages/_ldap.cpython-36m-x86_64-linux-gnu.so', which 
> is also in package python3-ldap 3.0.0~b3-1
>   Errors were encountered while processing:
>/var/cache/apt/archives/python3-pyldap_2.4.25.1-2+b1_amd64.deb
> 
> 
> This is a serious bug as it makes installation fail, and violates
> sections 7.6.1 and 10.1 of the policy. An optimal solution would
> consist in only one of the packages installing that file, and renaming
> or removing the file in the other package. Depending on the
> circumstances you might also consider Replace relations or file
> diversions. If the conflicting situation cannot be resolved then, as a
> last resort, the two packages have to declare a mutual
> Conflict. Please take into account that Replaces, Conflicts and
> diversions should only be used when packages provide different
> implementations for the same functionality.
> 
> Here is a list of files that are known to be shared by both packages
> (according to the Contents file for sid/amd64, which may be
> slightly out of sync):
> 
> usr/lib/python3/dist-packages/_ldap.cpython-36m-x86_64-linux-gnu.so
> usr/lib/python3/dist-packages/ldap/__init__.py
> usr/lib/python3/dist-packages/ldap/async.py
> usr/lib/python3/dist-packages/ldap/cidict.py
> usr/lib/python3/dist-packages/ldap/compat.py
> usr/lib/python3/dist-packages/ldap/controls/__init__.py
> usr/lib/python3/dist-packages/ldap/controls/deref.py
> usr/lib/python3/dist-packages/ldap/controls/libldap.py
> usr/lib/python3/dist-packages/ldap/controls/openldap.py
> usr/lib/python3/dist-packages/ldap/controls/ppolicy.py
> usr/lib/python3/dist-packages/ldap/controls/psearch.py
> usr/lib/python3/dist-packages/ldap/controls/pwdpolicy.py
> usr/lib/python3/dist-packages/ldap/controls/readentry.py
> usr/lib/python3/dist-packages/ldap/controls/sessiontrack.py
> usr/lib/python3/dist-packages/ldap/controls/simple.py
> usr/lib/python3/dist-packages/ldap/dn.py
> usr/lib/python3/dist-packages/ldap/extop/__init__.py
> usr/lib/python3/dist-packages/ldap/extop/dds.py
> usr/lib/python3/dist-packages/ldap/filter.py
> usr/lib/python3/dist-packages/ldap/functions.py
> usr/lib/python3/dist-packages/ldap/ldapobject.py
> usr/lib/python3/dist-packages/ldap/logger.py
> usr/lib/python3/dist-packages/ldap/modlist.py
> usr/lib/python3/dist-packages/ldap/resiter.py
> usr/lib/python3/dist-packages/ldap/sasl.py
> usr/lib/python3/dist-packages/ldap/schema/__init__.py
> usr/lib/python3/dist-packages/ldap/schema/models.py
> usr/lib/python3/dist-packages/ldap/schema/subentry.py
> usr/lib/python3/dist-packages/ldap/schema/tokenizer.py
> usr/lib/python3/dist-packages/ldap/syncrepl.py
> usr/lib/python3/dist-packages/ldapurl.py
> usr/lib/python3/dist-packages/ldif.py
> 
> 
> This bug is assigned to both packages. If you, the maintainers of
> the two packages in question, have agreed on which of the packages will
> resolve the problem please reassign the bug to that package. You may
> also register in the BTS that the other package is affected by the bug.
> 
> Cheers,
> 
> Andreas
> 
> PS: for more information about the detection of file overwrite errors
> of this kind see https://qa.debian.org/dose/file-overwrites.html

It looks like the fork python3-pyldap is decprecated and merged back
into python-ldap [1].
My suggestion is to make a transitional package for python3-pyldap
which installs python-ldap.

/Willem

[1] https://github.com/pyldap/pyldap/

Bug#886729: atop: noisy service restarts every night

[Cristian Ionescu-Idbohrn]

On Wed, 10 Jan 2018, Marc Haber wrote:
> 
> googling for the error message leads me to #857904 which has the same
> error with apache2.

I see.  Definitely similar.

> This turned out that systemd.log_level=debug was set
> in /etc/default/grub. That one should also show up in /proc/cmdline.

Brilliant!  That checks out (sort of).

I do have this 'debug netconsole=...' in /proc/cmdline (but no 
systemd.log_level=debug though) as I'm chasing some misterious reboots 
which leave no traces in the logs, using netconsole.  But 'debug' is a 
kernel directive, isn't it?  Why should systemd inherit that?

> And
> you should get this blurb every time a systemctl call is executed, for
> example when logrotate rotates a log and kicks the daemon later.
> 
> Atop is a likely culprit for that as it's restarted every night.
> 
> If this is the case then my first assessment that you're running in some
> debug mode is true.

Yes, see above.  And I do confirm /var/log/auth.log is full of these:

systemd-logind[952]: Got message type=signal sender=:1.1 destination=n/a 
object=/org/freedesktop/systemd1/unit/atop_2e*

messages, growing rapidly (tens of thousends of messages in just one 
day).

Another observation. If I run:

# systemctl restart --quiet atop

from command line, nothing comes out on stdout/stderr.

> The systemd log level can also be set in the [Manager] section of
> /etc/systemd/system.conf

This smells like a systemd bug (inheriting the kernel 'debug'  
directive), long way.  For now, I modified /etc/systemd/system.conf 
and did:

# systemctl daemon-reload

hoping it would do what it promices:

Reload the systemd manager configuration.

But it doesn't :(  'daemon-reexec' doesn't change anything either.
Restarting the systemd-logind service doesn't help either.  I'm not 
jumping to restart the computer as I think all points to leading to 
anything different, unless someone confirms that it will.

My opinion is that bug belongs to systemd.  What do you think?


Cheers,

-- 
Cristian

Bug#886852: NVidia driver : upgrade to version 384.111

[Julien Aubin]

Package: nvidia-driver
Version: 375.82-1~deb9u1
Severity: critical

Hi,

NVidia upgraded their blob to version 384.111 in order to fix Spectre /
Meltdown vulnerability. It turns out that the 375.xx branch is no longer
supported, so we cannot expect getting driver patches for the current
stretch drivers.

More details on this bulletin :
https://nvidia.custhelp.com/app/answers/detail/a_id/4611

What I suggest is first to put the 384.111 driver in BPO, and then once
we've checked it is good enough put it in the next p-u so that users are no
longer vulnerable.

What do you think of it ?

Rgds,