Bug#1034640: unblock: spirv-llvm-translator-15/15.0.0-2

[Andreas Beckmann]

On 27/04/2023 07.53, Paul Gevers wrote:

Control: tags -1 moreinfo

Hi Andreas,

On 20-04-2023 19:16, Andreas Beckmann wrote:

Looks like I forgot to merge the -fvisibility=hidden changes from
src:spirv-llvm-translator-14 (and the corresponding removal of 4500+
useless C++ symbols from the .symbols file) into
src:spirv-llvm-translator-15. Just noticed while preparing -16 for
experimental.


I'm a bit paranoid and not very well versed on C++ symbols. Can you 
please summarize (or point to a short explanation elsewhere on the 
internet) why they are useless and can be safely *removed*? In other 
words, why is it not possible that something already uses those symbols? 
(I recall rra had a good explanation why symbol files were rather 
useless for C++, but from memory that feels not exactly the same)


The symbols I want to get rid of with -fvisibiity=hidden mostly stem 
from template instantiations of the standard template library and llvm.
Some parts of them usually change between compiler versions since 
internal implementation details of the template libraries change - this 
symbol disappearance is ignored and does not result in bumped sonames or 
package names. Even different optimization levels can influence the 
generated symbols (by (not) inlining some bits).
Also all potential users of these symbols should already have them on 
their own since the templates get instantiated during compilation 
(unless they do very special stuff), so the "external" ones won't be 
considered.


Some further reading on hidden visibility:
https://gcc.gnu.org/wiki/Visibility

Andreas

PS: for pocl I managed to get visibility=hidden support upstream and 
enabled by default

Bug#1035606: live-build fails because firmware-nvidia-gsp and firmware-nvidia-tesla-gsp conflict with each other

[renbag]

Package: live-build
Version: 1:20230131
Severity: normal
X-Debbugs-Cc: ren...@gmail.com

Dear Maintainer,

live-build tries to install both the packages: firmware-nvidia-gsp
(525.105.17.1) and firmware-nvidia-tesla-gsp (525.105.17.1), but these new
versions conflict with each other and the build fails.


-- Package-specific info:

-- System Information:
Debian Release: 12.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-7-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages live-build depends on:
ii  debootstrap  1.0.128+nmu2

Versions of packages live-build recommends:
ii  apt-utils   2.6.0
ii  bzip2   1.0.8-5+b1
ii  cpio2.13+dfsg-7.1
ii  cryptsetup  2:2.6.1-4~deb12u1
ii  file1:5.44-3
ii  live-boot-doc   1:20230131
ii  live-config-doc 11.0.3+nmu1
ii  live-manual-html [live-manual]  2:20151217.2
ii  rsync   3.2.7-1
ii  systemd-container   252.6-1
ii  wget1.21.3-1+b2
ii  xz-utils5.4.1-0.2

Versions of packages live-build suggests:
ii  e2fsprogs  1.47.0-2
pn  mtd-utils  
ii  parted 3.5-3

-- no debconf information

Bug#1035607: libheif: CVE-2023-29659

[Salvatore Bonaccorso]

Source: libheif
Version: 1.15.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/strukturag/libheif/issues/794
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for libheif.

CVE-2023-29659[0]:
| A Segmentation fault caused by a floating point exception exists in
| libheif 1.15.1 using crafted heif images via the
| heif::Fraction::round() function in box.cc, which causes a denial of
| service.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-29659
https://www.cve.org/CVERecord?id=CVE-2023-29659
[1] https://github.com/strukturag/libheif/issues/794
[2] 
https://github.com/strukturag/libheif/commit/e05e15b57a38ec411cb9acb38512a1c36ff62991

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#798012: #798012 doc-debian: unmarked rationale

[Joost van Baal-Ilić]

Hi Jakub,

Sorry for taking 8 years to reply on this useful suggestion... And thanks
for it!

On Fri, 4 Sep 2015 14:39:17 +0200 Jakub Wilk  wrote:
>
> /usr/share/doc/debian/constitution.txt.gz reads:
> "Text marked as a citation, such as this, is rationale and does not form
> part of the constitution."
>
> But in this text document, rationale is not marked in any way. It's
> therefore impossible to tell which parts are rationale and which are
> proper parts of the constitution without looking at the WML source.

It would be best / pragmatic to ship not just .txt copies, but also .html
typesetted stuff in the package; .html is created during build time, see
doc/Makefile.  As we say: patches welcome.

Bye,

Joost

Bug#1035608: mkdebmirror still uses bullseye

[Thomas Lange]

Package: fai-doc
Severity: normal

The script mkdebmirror still uses the bullseye release. Please upgrade
to bookworm.

-- 
regards Thomas

Bug#1035603: mpdscribble: prompting due to modified conffiles which were not modified by the user: /etc/mpdscribble.conf

[Geoffroy Youri Berret]

Hi Andreas

On 5/6/23 07:41, Andreas Beckmann wrote:

[…]
during a test with piuparts I noticed your package failed the piuparts
upgrade test because dpkg detected a conffile as being modified and then
prompted the user for an action. As there is no user input, this fails.
But this is not the real problem, the real problem is that this prompt
shows up in the first place, as there was nobody modifying this conffile
at all, the package has just been installed and upgraded...


I just set a salsa-ci pipeline to try to reproduce the issue, but I 
believe it's only testing against packages in testing and latest commit.
Anyway I did not reproduced the issue. I did not find a way to run 
puiparts myself yet.


In the mean time I made a fix [0], can you tell me if this looks good, 
at least if I going in the right direction :)


[0] https://salsa.debian.org/mpd-team/mpdscribble/-/commit/7b9f344ef0114

Cheers
k

Bug#1000029: PCRE to PCRE2 migration

[Abhijith PA]

Hello Daniel,

As you might know, pcre project is obselete now[1]. pcre will not fix 
any bugs or do release in future. projects are moved to pcre2[2].

I was wondering mboxgrep have any plans to port migrate to pcre2.

Regards
Abhijith

[1] - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=129
[2] - https://php.watch/versions/7.3/pcre2

Bug#1034996: [Debian-on-mobile-maintainers] Bug#1034996: libomemo0: missing Breaks+Replaces for libomemo-dev when upgrading from bullseye

[Arnaud Ferraris]

Hi,

Le 04/05/2023 à 17:40, Pirate Praveen via Debian-on-mobile-maintainers a 
écrit :


I could add the Breaks and Replaces, but looks like moving .so link out 
of -dev package is wrong as per lintian warning.


W: libomemo0: lacks-unversioned-link-to-shared-library example: 
usr/lib/x86_64-linux-gnu/libomemo.so 
[usr/lib/x86_64-linux-gnu/libomemo.so.0.8.1]
W: libomemo0: link-to-shared-library-in-wrong-package 
usr/lib/x86_64-linux-gnu/libomemo.so.0.8.1 
[usr/lib/x86_64-linux-gnu/libomemo.so]


This was moved to libomemo-dev in commit 
6ebca2f07eed072226503432b6149e671341f2c4 Should we move back libomemo.so 
to libomemo-dev ?


Indeed, my opinion is that we should partly revert those changes so 
libomemo.so is still part of the -dev package. I'll get to it and upload 
a new version during the weekend (unless Evangelos beats me to it).


Cheers,
Arnaud

Bug#918774: fixed in lasi 1.1.3-1

[Nilesh Patra]

On Thu, 27 Apr 2023 00:37:06 +0530 Nilesh Patra  wrote:
> On Sun, 23 Apr 2023 06:18:58 + Debian FTP Masters 
>  wrote:
> > Source: lasi
> > Source-Version: 1.1.3-1
> > Done: Nilesh Patra 
> 
> Sending BTS mail to help reset the autorm counter.


Another mail to reset the counter again. It needs a week more to get through.

Nilesh

Bug#1035609: wpa_supplicant: Policy is installed in /etc instead of /usr

[Gioele Barabucci]

Package: wpa_supplicant
Version: 2:2.10-12
Tags: patch

Dear wpa_supplicant maintainers,

wpa_supplicant installs the `wpa_supplicant.conf` policy in 
`/etc/dbus-1`. Since Debian 9 the standard directory for 
package-installed dbus policies is `/usr/share/dbus-1`.


See: https://bugs.debian.org/1006631

Lintian complains with `dbus-policy-in-etc`.

A patch to fix this issue is available at

https://salsa.debian.org/debian/wpa/-/merge_requests/12

Regards,

--
Gioele Barabucci

Bug#1035603: mpdscribble: prompting due to modified conffiles which were not modified by the user: /etc/mpdscribble.conf

[Andreas Beckmann]

Hi,

I had a quick look ...

You should be able to reproduce this upgrade path by using a throwaway 
minimal bullseye chroot (e.g. a pbuilder chroot), install mpdscribble 
there, then install the bookworm version (or a proposed fix) over it.


in bullseye you used ucf to manage the file (to insert 
username/password), in bookworm you ship it as a conffile.

AND manage it with ucf. That is seriously broken.


Andreas

Bug#1029097: pam: FTBFS on hurd-i386

[Samuel Thibault]

Hello,

Svante Signell, le mar. 17 janv. 2023 23:15:32 +0100, a ecrit:
> On Tue, 2023-01-17 at 18:49 +, Sam Hartman wrote:
> > > > > > > "Svante" == Svante Signell 
> > > > > > > writes:
> >     Svante> modules_pam_nologin_tst-pam_nologin-retval.c.diff
> > disabling
> >     Svante> two subtests failing on GNU/Hurd.  -
> > 
> > Why do these subtests fail?
> > 
> tst-pam_nologin-retval.c:185: Assertion failed: PAM_SYSTEM_ERR (0x4) ==
> pam_authenticate(pamh, 0) (0x6)
> tst-pam_nologin-retval.c:189: Assertion failed: PAM_SYSTEM_ERR (0x4) ==
> pam_acct_mgmt(pamh, 0) (0x6)

He didn't ask how they failed, but why, i.e. investigate what that
PAM_PERM_DENIED (6) value is coming from, to determine whether
it's actually expected to be that error instead of PAM_SYSTEM_ERR
(4). Possibly it just is (the test is apparently about nologin), but
then the test should be set to check for PAM_PERM_DENIED instead of
PAM_SYSTEM_ERR.

> >     Svante> 
> >     Svante> debian_libpam-modules-bin.install.hurd-i386.patch
> > creating
> >     Svante> an install file for Hurd excluding two systemd-specific
> >     Svante> files not needed.
> > 
> > Why is installing these files harmful?
> > I'm reluctant to take  this patch unless it actually breaks something
> > and there's no other way to do it.
> > If I take this patch, then I'll have to remember to update the hurd
> > install list every time something changes.
> 
> I did not say they are harmful. They just weren't built/available in
> the build tree during the installation of libpam-modules-bin,

Which is not really surprising since it's about namespaces, which are
linux-only.

> (I've tried to add stuff like (arch=!hurd-any) ... to the .install
> file. It seems like that such attempts does not work, as they for e.g.
> .symbol files.)

That's not how that works indeed, one has to use dh-exec instead. See
the attached patch, plus one has to run

chmod +x debian/libpam-modules-bin.install

Thanks for the patches,
Samuel
--- debian/control.original 2023-05-06 09:56:31.0 +
+++ debian/control  2023-05-06 09:56:33.0 +
@@ -4,7 +4,7 @@
 Uploaders: Sam Hartman 
 Maintainer: Steve Langasek 
 Standards-Version: 4.6.0
-Build-Depends: debhelper-compat (= 13), dh-exec, quilt, flex, libdb-dev, 
libcrypt-dev, libselinux1-dev [linux-any], po-debconf, dh-autoreconf, 
autopoint, libaudit-dev [linux-any] , pkg-config, libfl-dev, 
libfl-dev:native, docbook-xsl, docbook-xml, xsltproc, libxml2-utils, w3m
+Build-Depends: debhelper-compat (= 13), dh-exec, quilt, flex, libdb-dev, 
libcrypt-dev, libselinux1-dev [linux-any], po-debconf, dh-autoreconf, 
autopoint, libaudit-dev [linux-any] , pkg-config, libfl-dev, 
libfl-dev:native, docbook-xsl, docbook-xml, xsltproc, libxml2-utils, w3m, 
dh-exec
 Build-Conflicts-Indep: fop
 Build-Conflicts: libdb4.2-dev, libxcrypt-dev
 Vcs-Browser: https://salsa.debian.org/vorlon/pam
--- debian/libpam-modules-bin.install.original  2023-05-06 09:56:45.0 
+
+++ debian/libpam-modules-bin.install   2023-05-06 09:57:00.0 +
@@ -1,9 +1,10 @@
+#!/usr/bin/dh-exec
 sbin/unix_chkpwd   sbin
 sbin/unix_update   sbin
 sbin/mkhomedir_helper  sbin
-sbin/pam_namespace_helper
+[linux-any] sbin/pam_namespace_helper
 sbin/pwhistory_helper
 sbin/pam_timestamp_check   usr/sbin
 sbin/faillock usr/sbin
 modules/pam_faillock/faillock.8 usr/share/man/man8
-usr/lib/systemd/system/pam_namespace.service
+[linux-any] usr/lib/systemd/system/pam_namespace.service

Bug#1035503: [Debian-iot-maintainers] Bug#1035503: glewlwyd-common: prompting due to modified conffiles which were not modified by the user: /etc/glewlwyd/config.json

[Andreas Beckmann]

Did I get this right:
in bullseye, glewlwyd created /etc/glewlwyd/config.json by copying 
/usr/share/glewlwyd/templates/config.json without modifying it

in bookworm glewlwyd-common ships it as a conffile (with different content).

So glewlwyd-common needs a versioned Breaks against the last glewlwyd 
version that managed that file.


In the -common preinst if upgrading (or on initial install) check the 
exisiting (not yet owned by us) file for a known hash and move it aside 
if it matches.



Andreas

Bug#1034443: python3-brial: uninstallable on arcitectures where sagemath is unavailable

[Tobias Hansen]

On 5/2/23 14:20, plugwash wrote:


I've prepared a NMU, and intend to open a pre-approval
request with the release team. If you have any objections
to the NMU please tell me ASAP (I do not intend to upload
it until I receive a response from the release team, if you
would preffer to make the upload yourself that is fine too).


Hi,

thanks for taking care of the NMU.

Note that we could also just remove python3-sage and the autopkgtest. Nothing 
in Debian depends on it and the upstream maintainer of brial pointed out that 
it is not needed anymore:

https://alioth-lists.debian.net/pipermail/debian-science-sagemath/2023-May/001809.html

Best,

Tobias

Bug#958959: vice desktop file is missing the (additional) category 'Game' and 'Emulator''

[Brad Rogers]

I can confirm that 'odd' placement happens as a result of this (all
emulators are placed in 'Lost & Found' in KDE/Plasma.

A little surprised that this seems to have been forgotten, despite there
being a trivial fix.

-- 
 Regards  _   "Valid sig separator is {dash}{dash}{space}"
 / )  "The blindingly obvious is never immediately apparent"
/ _)rad   "Is it only me that has a working delete key?"
Please don't ask me
Ask Mr Waverley - The Cortinas


pgpYP1xkV1E3H.pgp
Description: OpenPGP digital signature

Bug#1035603: mpdscribble: prompting due to modified conffiles which were not modified by the user: /etc/mpdscribble.conf

[Geoffroy Youri Berret]

On 5/6/23 11:50, Andreas Beckmann wrote:

[…]
You should be able to reproduce this upgrade path by using a throwaway 
minimal bullseye chroot (e.g. a pbuilder chroot), install mpdscribble 
there, then install the bookworm version (or a proposed fix) over it.


in bullseye you used ucf to manage the file (to insert 
username/password), in bookworm you ship it as a conffile.

AND manage it with ucf. That is seriously broken.


I managed to run piuparts and reproduce.
Thanks for the review Andreas
k.

Bug#1035596: coreutils: pr: --number-lines= yields "extra characters or invalid number in the argument: ‘SHELL=/bin/bash’: ERANGE"

[Pádraig Brady]

On 06/05/2023 01:19, наб wrote:

Package: coreutils
Version: 8.32-4+b1
Version: 9.1-1
Severity: normal

Dear Maintainer,

:v


Fixed upstream with the attached.

cheers,
Pádraig
From fae65623a92a3f150fd35cfef58dcb3d8533f94c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A1draig=20Brady?= 
Date: Sat, 6 May 2023 11:22:22 +0100
Subject: [PATCH] pr: fix parsing of empty arguments
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Before:
  $ pr --expand-tabs=
  pr: '-e' extra characters or invalid number in the argument:
   ‘SHELL=/bin/bash’: Value too large for defined data type

After:
  $ pr --expand-tabs=
  pr: '-e': Invalid argument: ‘’

* src/pr.c (getoptarg): Ensure we don't parse beyond the
end of an empty argument, thus outputting arbitrary stack
info in subsequent error messages.

Addresses https://bugs.debian.org/1035596
---
 src/pr.c | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/src/pr.c b/src/pr.c
index 14a368b6c..1c32e8c81 100644
--- a/src/pr.c
+++ b/src/pr.c
@@ -1168,6 +1168,12 @@ getoptnum (char const *n_str, int min, int *num, char const *err)
 static void
 getoptarg (char *arg, char switch_char, char *character, int *number)
 {
+  if (!*arg)
+{
+  error (0, 0, _("'-%c': Invalid argument: %s"), switch_char, quote (arg));
+  usage (EXIT_FAILURE);
+}
+
   if (!ISDIGIT (*arg))
 *character = *arg++;
   if (*arg)
-- 
2.26.2

Bug#1035503: [Debian-iot-maintainers] Bug#1035503: glewlwyd-common: prompting due to modified conffiles which were not modified by the user: /etc/glewlwyd/config.json

[Thorsten Alteholz]

Hi Nicolas,

this bug is about upgrading from glewlwyd 2.5.2 to 2.7.5.
In 2.5.2 the file config.json is created in glewlwyd.postinst. So this 
file does not belong to any package but appears out of the blue for dpkg.
In rm_conffile from dpkg-maintscript-helper a function 
prepare_rm_conffile() is called which does a call to 
ensure_package_owns_file() at one of the first steps.
But config.json does not belong to glewlwyd  much less to 
glewlwyd-common, so I am afraid these official mechanism won't work.


I am not sure whether any admin needs to modify config.json, but 
probably yes, so simply removing the file might anger somebody.


Maybe introducing a new filename and adding an entry to the news file 
could be an option.


  Thorsten

Bug#896460: Please package ipywidgets 7

[Tobias Hansen]

5 years on, can we please start being more pragmatic about it and just ship the 
provided js files? Aren't other big packages like Firefox or Chromium also 
doing that? Or are they rebuilding all their js files from source?

The Debian Javascript policy uses soft words like should and could for this:
https://wiki.debian.org/Javascript/Policy

This little package is basically holding sagemath and others hostage. It is the 
reason we have sagemath 9.5 in bookworm instead of 9.7 or 9.8. See #1010735.

Best,
Tobias


On Sat, 21 Apr 2018 10:55:29 +0200 Tobias Hansen  wrote:

Source: ipywidgets
Severity: wishlist

Sagemath 8.2 uses ipywidgets 7 [1] and using version 6 causes about 80 doctests 
to fail.

Best,
Tobias

[1] https://trac.sagemath.org/ticket/23177

Bug#1024167: ITP: ruby-arr-pm -- RPM reader and writer library

[Gürkan Myczko]

Hi Ajayi

I'm so glad you want to package this, as I'd need it to package this:
http://sid.ethz.ch/debian/fpm/

I'm aware packages.debian.org/src:fpm is already used, but before I 
write RFP or ITP,
I'd like to see (first ruby package) how it works, if it works, how well 
it works, if it works at all, etc...


Are you progressing with the packaging? Stuck somewhere? Will it land on 
salsa.debian.org?
(https://salsa.debian.org/search?search=ruby-arr-pm&nav_source=navbar 
zero results)


Best,

Bug#1035610: RM: golang-github-hashicorp-terraform-plugin-test -- ROM; no longer needed

[Thorsten Alteholz]

Package: ftp.debian.org
Severity: normal

This package is merged into terraform-plugin-sdk and the repository is archived 
upstream.
As it is no longer needed, it can go as well.

  Thorsten

Bug#1035611: RM: golang-github-uber-go-atomic -- ROM; no longer needed

[Thorsten Alteholz]

Package: ftp.debian.org
Severity: normal

This package is a duplicate of golang-go.uber-atomic and might disappear again.

  Thorsten

Bug#1035461: texlive-binaries: Allow install of TeXlive without SSE2

[Preuße]

On 06.05.2023 08:15, Norbert Preining wrote:

On Wed, 03 May 2023, =?UTF-8?Q?Preu=C3=9...@buxtehude.debian.org wrote:


Hi Stefan, hi Norbert,


code that uses SSE2 instructions, so `texlive-binaries` was changed to
require `sse2-support`.


Hmm, so SSE2 is not a requirement on Debian?


Not sure. If that would a requirement the priority of that issue would
be probably higher than wishlist.


As I understood the situation it is not luatex, which does not work on
your computer, but just the luajit... variants. So I could split them
out into a new package, which is only needed by texlive-extra-utils, b/c
this package tries to build luajit... formats.


Or you could drop building luaJIT completely. fmtutil already ignores
errors from missing luajit* engines, so that would be an easy way.
And if Debian requires halfway decent machines, the it can be
reactived.


For post-bookworm I'll do the split, commit has been done. For bookworm
itself I could think about removing the luajit binaries in a point
release, if they are not needed in all cases. I'll test that later on.

Hilmar
--
sigfault

Bug#1035106: RFS: grimripper/3.0.0-1 [ITP 1035103] -- Graphical audio CD ripper and encoder

[Peter B]

On Fri, 5 May 2023 17:59:01 +0200 Bastian Germann  wrote:
> On Sat, 29 Apr 2023 20:10:02 +0100 Peter Blackman wrote:
> > cdreaper is the Gtk3 fork of asunder
> > https://tracker.debian.org/pkg/asunder
> >
> > I would like to set up a packaging VCS on Salsa under the debian group,
> > but don't have the privilege to create an empty repository there myself.
>
> Why not put this under the Multimedia Team's umbrella?
>
>

I don't have any particular view where it should go, its just that I noticed 
asunder is in the debian group.

Bug#1034428: unblock: vmdb2/0.27-1

[Helmut Grohne]

On Fri, May 05, 2023 at 07:00:16PM +0200, Cyril Brulebois wrote:
> Gunnar Wolf  (2023-04-14):
> > vmdb2 is a leaf package. The code changes are quite minor. While there
> > are several alternatives to vmdb2 in Debian, switching from one image
> > generating system to another might be quite heavy for the users.
> 
> Spotted by Helmut (cc-ed): that's not true (in either stable or unstable),
> since autopkgtest depends on it… and it seems that update would break it.

To be precise, Helmut Grohne rather than Helmut Geyer. ;)

> I'll let Helmut expand, and possibly formulate a plan.

autopkgtest-build-qemu uses vmdb2. In particular, when you pass a
non-native architecture, it uses vmdb2 with qemu-debootstrap. You can
trigger that using i386 on amd64 already. So you definitely need to
declare Breaks for the current version of autopkgtest in bookworm and
unstable until it is fixed to not use qemu-debootstrap.

Also sbuild-qemu is a direct reverse dependency of vmdb2. I haven't
looked deep there.

I think both should be tested before proceeding here and autopkgtest
definitely needs an upload to make it work.

So much for a leaf package... There is a reason for why the release team
tends to say "no": Experience.

Helmut

Bug#1035612: unblock: birdfont/2.32.3-2

[Hideki Yamane]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: birdf...@packages.debian.org
Control: affects -1 + src:birdfont

Please unblock package birdfont

[ Reason ]
Ensure smooth upgrade birdfont package from bullseye

[ Impact ]
Upgrade failure from bullseye to bookworm

[ Tests ]
piuparts shows no error with this upgrade 
(as  $ sudo piuparts -e /var/cache/pbuilder/bullseye.cow/ -d stable -d sid 
--apt birdfont=2.32.3-2 -l piuparts.log)

[ Risks ]
Well, I have not found it yet :)

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing


unblock birdfont/2.32.3-1
diff -Nru birdfont-2.32.3/debian/changelog birdfont-2.32.3/debian/changelog
--- birdfont-2.32.3/debian/changelog2022-09-25 21:02:39.0 +0900
+++ birdfont-2.32.3/debian/changelog2023-05-06 13:39:25.0 +0900
@@ -1,3 +1,11 @@
+birdfont (2.32.3-2) unstable; urgency=medium
+
+  * debian/control
+- Declare Repalces: to avoid upgrade problem (Closes: #1034968)
+  Thanks to Helmut Grohne  for the report
+
+ -- Hideki Yamane   Sat, 06 May 2023 13:39:25 +0900
+
 birdfont (2.32.3-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru birdfont-2.32.3/debian/control birdfont-2.32.3/debian/control
--- birdfont-2.32.3/debian/control  2022-09-25 21:02:39.0 +0900
+++ birdfont-2.32.3/debian/control  2023-05-06 13:39:25.0 +0900
@@ -27,6 +27,7 @@
 Depends: ${misc:Depends},
  fonts-roboto-unhinted,
 Breaks: birdfont (<< 2.29.4-1)
+Replaces: birdfont (<< 2.29.4-1)
 Description: arch-independent data for birdfont package
  Birdfont is a free, open source font editor that lets you create outline
  vector graphics and export ttf, eot & svg fonts.

Bug#1035503: [Debian-iot-maintainers] Bug#1035503: glewlwyd-common: prompting due to modified conffiles which were not modified by the user: /etc/glewlwyd/config.json

[Nicolas Mora]

Hello,

Le 2023-05-06 à 06 h 31, Thorsten Alteholz a écrit :


Maybe introducing a new filename and adding an entry to the news file 
could be an option.


Indeed, config.json is installed by glewlwyd-common [1], and since 
bullseye, the file has changed to add new properties.


I guess a better solution would be to install config.json as 
/etc/glewlwyd/config-2.7.5.json and provide documentation in the NEWS file.


would that be correct?

[1] 
https://salsa.debian.org/debian-iot-team/oauth2/glewlwyd/-/blob/master/debian/glewlwyd-common.install

Bug#1035461: texlive-binaries: Allow install of TeXlive without SSE2

[Stefan Monnier]

 code that uses SSE2 instructions, so `texlive-binaries` was changed to
 require `sse2-support`.
>> Hmm, so SSE2 is not a requirement on Debian?

No, indeed.  And the `sse2-support` package is the embodiment of this fact.

There's a fairly good reason why SSE2 is not a requirement:
The Debian i386 port's /raison d'être/ is to support those i386 CPUs which
don't also support x86-64, so it's focused on supporting old CPUs.

Further info at: https://wiki.debian.org/ArchitectureSpecificsMemo#i386-1

> For post-bookworm I'll do the split, commit has been done.

Thanks.

> For bookworm itself I could think about removing the luajit binaries
> in a point release, if they are not needed in all cases. I'll test
> that later on.

That would be even better :-)


Stefan

Bug#1035351: [pre-approval] unblock: ncurses/6.4-3

[Sebastian Ramacher]

Control: tags -1 moreinfo confirmed

On 2023-05-01 18:32:20 +0200, Sven Joachim wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> Tags: d-i
> X-Debbugs-Cc: ncur...@packages.debian.org, debian-b...@lists.debian.org
> Control: affects -1 + src:ncurses
> 
> I would like to address CVE-2023-29491[1] aka bug #1034372[2] in
> Bookworm.

Please go ahead and remove the moreinfo tag once the version is
available in unstable.

Cheers

> 
> [ Reason ]
> Various memory corruption bugs exist when loading specifically crafted
> terminfo database files.  This is a security problem in programs running
> with elevated privileges, as users are allowed to provide their own
> terminfo files under ${HOME}/.terminfo or via the TERMINFO or
> TERMINFO_DIRS environment variables.
> 
> Backporting the upstream fixes seems to be too risky this late in the
> release process, but via a configure option it is possible to prevent
> setuid/setgid programs from loading custom terminfo files supplied by
> the user, after which the bugs are no longer security relevant.
> 
> [ Impact ]
> Local users could try privilege escalations in setuid/setgid programs
> linked to the tinfo library.  How easily those can be achieved probably
> depends on the program.
> 
> [ Tests ]
> No automatic tests exist.  I have manually verified that programs can no
> longer use custom terminfo files if their effective UID or GID differs
> from the real one.  Also I have verified that the terminfo database in
> the ncurses-{base,term} packages is unchanged from 6.4-2.
> 
> [ Risks ]
> Users who are relying on their own terminfo files under
> ${HOME}/.terminfo can no longer use them in setuid/setgid programs and
> will have to work around that, e.g. by changing their TERM variable,
> using a different terminal emulator or asking their sysadmin for help.
> 
> On my systems I did not find any setuid binaries linked to the tinfo
> library, but some setgid games in the bsdgames package.
> 
> [ Checklist ]
>   [x] all changes are documented in the d/changelog
>   [x] I reviewed all changes and I approve them
>   [x] attach debdiff against the package in testing
> 
> I have slightly edited the debdiff to exclude spurious changes to the
> debian/lib{32,64}tinfo6.symbols files, as these are just symlinks to
> libtinfo6.symbols.  See devscripts bug #773762[3].
> 
> [ Other info ]
> Since ncurses produces udebs, I have CC'ed debian-boot and tagged the
> bug accordingly.  There should be no effect on the installer, as I would
> expect it to run all programs as root.
> 
> Thanks for consideration.
> 
> Cheers,
>Sven
> 
> 
> 1. https://security-tracker.debian.org/tracker/CVE-2023-29491
> 2. https://bugs.debian.org/1034372
> 3. https://bugs.debian.org/773762
> 

> diff -Nru ncurses-6.4/debian/changelog ncurses-6.4/debian/changelog
> --- ncurses-6.4/debian/changelog  2023-01-25 21:21:49.0 +0100
> +++ ncurses-6.4/debian/changelog  2023-05-01 17:57:51.0 +0200
> @@ -1,3 +1,21 @@
> +ncurses (6.4-3) unstable; urgency=medium
> +
> +  * Configure with "--disable-root-environ" to disallow loading of
> +custom terminfo entries in setuid/setgid programs, mitigating the
> +impact of CVE-2023-29491 (see #1034372).
> +- Update the symbols files for the newly exported symbol
> +  _nc_env_access.
> +- New patch fix-configure-root-args-option.diff cherry-picked from
> +  the 20230415 patchlevel, fixing a copy/paste error which caused
> +  the "--disable-root-environ" configure option to pick up code
> +  meant to be used by the "--disable-root-args" option instead.
> +- New patch debian-env-access.diff, changing the behavior of the
> +  "--disable-root-environ" configure option to not restrict programs
> +  run by the superuser, equivalent to the "--disable-setuid-environ"
> +  option introduced in the 20230423 patchlevel.
> +
> + -- Sven Joachim   Mon, 01 May 2023 17:57:51 +0200
> +
>  ncurses (6.4-2) unstable; urgency=medium
> 
>* Add Breaks against vim-common (<< 2:9.0.1000-2) to ncurses-base
> diff -Nru ncurses-6.4/debian/libtinfo5.symbols 
> ncurses-6.4/debian/libtinfo5.symbols
> --- ncurses-6.4/debian/libtinfo5.symbols  2023-01-22 17:54:52.0 
> +0100
> +++ ncurses-6.4/debian/libtinfo5.symbols  2023-05-01 11:36:38.0 
> +0200
> @@ -95,6 +95,7 @@
>   _nc_curr_col@NCURSES_TINFO_5.0.19991023 6
>   _nc_curr_line@NCURSES_TINFO_5.0.19991023 6
>   _nc_doalloc@NCURSES_TINFO_5.0.19991023 6
> + _nc_env_access@NCURSES_TINFO_5.2.20001021 6.4-3~
>   _nc_err_abort@NCURSES_TINFO_5.0.19991023 6
>   _nc_fallback@NCURSES_TINFO_5.0.19991023 6
>   _nc_find_entry@NCURSES_TINFO_5.0.19991023 6
> diff -Nru ncurses-6.4/debian/libtinfo6.symbols 
> ncurses-6.4/debian/libtinfo6.symbols
> --- ncurses-6.4/debian/libtinfo6.symbols  2023-01-22 17:54:52.0 
> +0100
> +++ ncurses-6.4/debian/libtinfo6.symbols  2023-05-01 11:36:38.00

Bug#1020509: doc-debian: Constitution text is outdated

[Joost van Baal-Ilić]

tags 1020509 +pending
thanks


On Thu, Sep 22, 2022 at 03:24:18PM +0200, Joost van Baal-Ilić wrote:
> On Thu, Sep 22, 2022 at 09:58:15AM -0300, Raúl Benencia wrote:
> > Package: doc-debian
> > Version: 6.5
> > Severity: normal
> > X-Debbugs-Cc: none, Raúl Benencia 
> > 
> > Dear Maintainer,
> > 
> > The current version of the Constitution for the Debian Project is
> > 1.8. The package contains v1.7. Please, consider updating the text.
> 
> I'm aware of this issue and it has been on my radar.  Anyway, thanks
> for reporting it here.
> 
> I'll get to it soonishlish.  (As always, patches/NMU's welcome.)

Fixed in git now.

Bye,

Joost

Bug#1031294: doc-debian: misspelled "Control: forwarded"

[Joost van Baal-Ilić]

tags 1031294 +pending
thanks

On Tue, Feb 14, 2023 at 07:09:24PM +0100, Jakub Wilk wrote:
> Package: doc-debian
> Version: 6.5
> 
> bug-reporting.txt gives the following example:
> 
> Control: forward -1 https://bugs.debian.org/nnn
> 
> This should be "forwarded", not "forward".
> 
> It's been already fixed on the website: #863069

Fixed in git, thanks.

Bye,

Joost

Bug#1035613: release-notes: Maybe typo? "`arch`-based" in 5.3.3

[Hideki Yamane]

Package: release-notes
Severity: normal

Dear Maintainer,

 In 5.3.3, en/issues.dbk says


  No-longer-supported hardware
  
For a number of `arch`-based devices that were supported in
&oldreleasename;, it is no longer viable for Debian to build the
required Linux kernel, due to hardware
limitations. The unsupported devices are:
  

 `arch`-based? It may be something other like $arch (and would be limited
 to its architecture's release notes).

Bug#1035614: gcc-13: hurd-amd64 support

[Samuel Thibault]

Package: gcc-13
Version: 13.1.0-1
Severity: important
Tags: patch

Hello,

We're starting the hurd-amd64 port :)

Here is a patch to add support to the gcc package (here against the
master branch).

Samuel

-- System Information:
Debian Release: 12.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500, 
'proposed-updates-debug'), (500, 'proposed-updates'), (500, 
'oldstable-proposed-updates'), (500, 'oldoldstable'), (500, 'buildd-unstable'), 
(500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 
'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 6.2.0 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gcc-13 depends on:
ii  binutils   2.40-2
ii  cpp-13 13.1.0-1
ii  gcc-13-base13.1.0-1
ii  libc6  2.36-9
ii  libcc1-0   13.1.0-1
ii  libgcc-13-dev  13.1.0-1
ii  libgcc-s1  13.1.0-1
ii  libgmp10   2:6.2.1+dfsg1-1.1
ii  libisl23   0.25-1
ii  libmpc31.3.1-1
ii  libmpfr6   4.2.0-1
ii  libstdc++6 13.1.0-1
ii  libzstd1   1.5.4+dfsg2-5
ii  zlib1g 1:1.2.13.dfsg-1

Versions of packages gcc-13 recommends:
ii  libc6-dev  2.36-9

Versions of packages gcc-13 suggests:
pn  gcc-13-doc   
pn  gcc-13-locales   
pn  gcc-13-multilib  

-- no debconf information

-- 
Samuel
---
Pour une évaluation indépendante, transparente et rigoureuse !
Je soutiens la Commission d'Évaluation de l'Inria.
diff --git a/debian/control b/debian/control
index 0555ad8..f131d68 100644
--- a/debian/control
+++ b/debian/control
@@ -5,7 +5,7 @@ Maintainer: Debian GCC Maintainers 
 Uploaders: Matthias Klose 
 Standards-Version: 4.6.2
 Build-Depends: debhelper (>= 9.20141010), dpkg-dev (>= 1.17.14), g++-multilib 
[amd64 i386 kfreebsd-amd64 mips mips64 mips64el mips64r6 mips64r6el mipsel 
mipsn32 mipsn32el mipsn32r6 mipsn32r6el mipsr6 mipsr6el powerpc ppc64 s390 
s390x sparc sparc64 x32] , 
-  libc6.1-dev (>= 2.23-1~) [alpha ia64] | libc0.3-dev (>= 2.23-1~) [hurd-i386] 
| libc0.1-dev (>= 2.25) [kfreebsd-i386 kfreebsd-amd64] | libc6-dev (>= 
2.23-1~), libc6-dev-amd64 [i386 x32], libc6-dev-sparc64 [sparc], 
libc6-dev-sparc [sparc64], libc6-dev-s390 [s390x], libc6-dev-s390x [s390], 
libc6-dev-i386 [amd64 x32], libc6-dev-powerpc [ppc64], libc6-dev-ppc64 
[powerpc], libc0.1-dev-i386 [kfreebsd-amd64], lib32gcc-s1 [amd64 ppc64 
kfreebsd-amd64 mipsn32 mipsn32el mips64 mips64el mipsn32r6 mipsn32r6el mips64r6 
mips64r6el s390x sparc64 x32], libn32gcc-s1 [mips mipsel mips64 mips64el mipsr6 
mipsr6el mips64r6 mips64r6el], lib64gcc-s1 [i386 mips mipsel mipsn32 mipsn32el 
mipsr6 mipsr6el mipsn32r6 mipsn32r6el powerpc sparc s390 x32], libc6-dev-mips64 
[mips mipsel mipsn32 mipsn32el mipsr6 mipsr6el mipsn32r6 mipsn32r6el], 
libc6-dev-mipsn32 [mips mipsel mips64 mips64el mipsr6 mipsr6el mips64r6 
mips64r6el], libc6-dev-mips32 [mipsn32 mipsn32el mips64 mips64el mipsn32r6 
mipsn32r6el mips64r6 mips64r6el], libc6-dev-x32 [amd64 i386], libx32gcc-s1 
[amd64 i386], libc6.1-dbg [alpha ia64] | libc0.3-dbg [hurd-i386] | libc0.1-dbg 
[kfreebsd-i386 kfreebsd-amd64] | libc6-dbg, 
+  libc6.1-dev (>= 2.23-1~) [alpha ia64] | libc0.3-dev (>= 2.23-1~) [hurd-amd64 
hurd-i386] | libc0.1-dev (>= 2.25) [kfreebsd-i386 kfreebsd-amd64] | libc6-dev 
(>= 2.23-1~), libc6-dev-amd64 [i386 x32], libc6-dev-sparc64 [sparc], 
libc6-dev-sparc [sparc64], libc6-dev-s390 [s390x], libc6-dev-s390x [s390], 
libc6-dev-i386 [amd64 x32], libc6-dev-powerpc [ppc64], libc6-dev-ppc64 
[powerpc], libc0.1-dev-i386 [kfreebsd-amd64], lib32gcc-s1 [amd64 ppc64 
kfreebsd-amd64 mipsn32 mipsn32el mips64 mips64el mipsn32r6 mipsn32r6el mips64r6 
mips64r6el s390x sparc64 x32], libn32gcc-s1 [mips mipsel mips64 mips64el mipsr6 
mipsr6el mips64r6 mips64r6el], lib64gcc-s1 [i386 mips mipsel mipsn32 mipsn32el 
mipsr6 mipsr6el mipsn32r6 mipsn32r6el powerpc sparc s390 x32], libc6-dev-mips64 
[mips mipsel mipsn32 mipsn32el mipsr6 mipsr6el mipsn32r6 mipsn32r6el], 
libc6-dev-mipsn32 [mips mipsel mips64 mips64el mipsr6 mipsr6el mips64r6 
mips64r6el], libc6-dev-mips32 [mipsn32 mipsn32el mips64 mips64el mipsn32r6 
mipsn32r6el mips64r6 mips64r6el], libc6-dev-x32 [amd64 i386], libx32gcc-s1 
[amd64 i386], libc6.1-dbg [alpha ia64] | libc0.3-dbg [hurd-amd64 hurd-i386] | 
libc0.1-dbg [kfreebsd-i386 kfreebsd-amd64] | libc6-dbg, 
   kfreebsd-kernel-headers (>= 0.84) [kfreebsd-any], linux-libc-dev [m68k], 
   m4, libtool, autoconf2.69, 
   dwz, libunwind8-dev [ia64], libatomic-ops-dev [ia64], 
diff --git a/debian/rules.conf b/debian/rules.conf
index 78fb501..bdde0eb 100644
--- a/debian/rules.conf
+++ b/debian/rules.conf
@@ -110,7 +110,7

Bug#1035615: xz-utils: Fix hurd-amd64 build

[Samuel Thibault]

Package: xz-utils
Version: 5.4.1-0.2
Severity: important
Tags: patch

Hello,

debian/rules is passing --enable-assembler=x86_64 to configure, but that
case was removed, see ChangeLog:

commit ac10b1b3622e70881595586edfb8a3ebdcd76bb6
Author: Lasse Collin 
Date:   2022-11-14 17:58:07 +0200

Build: Omit x86_64 from --enable-assembler.

It didn't do anything. There are only 32-bit x86 assembly files
and it feels likely that new files won't be added as intrinsics
in C are more portable across toolchains and OSes.

The attached patch fixes that by dropping that option, since it's not
useful for amd64 ports anyway.

Samuel

-- System Information:
Debian Release: 12.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500, 
'proposed-updates-debug'), (500, 'proposed-updates'), (500, 
'oldstable-proposed-updates'), (500, 'oldoldstable'), (500, 'buildd-unstable'), 
(500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 
'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 6.2.0 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages xz-utils depends on:
ii  libc6 2.36-9
ii  liblzma5  5.4.1-0.2

xz-utils recommends no packages.

xz-utils suggests no packages.

-- no debconf information

-- 
Samuel
---
Pour une évaluation indépendante, transparente et rigoureuse !
Je soutiens la Commission d'Évaluation de l'Inria.
--- debian/rules.original   2023-05-05 20:24:10.897225010 +0200
+++ debian/rules2023-05-05 20:24:12.997235137 +0200
@@ -91,10 +91,6 @@
 opt_optimize += --enable-assembler=x86
 opt_optimize_small += --enable-assembler=x86
 endif
-ifeq (amd64,$(cputype))
-opt_optimize += --enable-assembler=x86_64
-opt_optimize_small += --enable-assembler=x86_64
-endif
 endif
 
 ifneq (,$(filter noopt,$(DEB_BUILD_OPTIONS)))

Bug#1034875: kitty: Should not handle application/x-sh mime type by executing the script

[Gabriel Corona]

Hi,


In the mean time, it's probably a good idea to drop
"application/x-sh;application/x-shellscript" from the list of supported
mime type to limit the risk. (I assume that even with "text/plain" and a
.sh file extension or a shebang, kitty might still decide to execute the 
script... so the issue is not entirely fixed, but it reduces the number of

cases where "kitty +open" is invoked on shell scripts)


Indeed, you can use a file with MIME type such as text/ascii or 
x-scheme-handler/kitty and a .tool file extension and it will be 
executed through kitty.


Affected software include: mail clients (mutt, Thunderbird [3,4]), 
browsers (Firefox [1,2]), PDF viewers (Okular [5]).


[1] https://www.gabriel.urdhr.fr/img/kitty-firefox1.png
[2] https://www.gabriel.urdhr.fr/img/kitty-firefox2.png
[3] https://www.gabriel.urdhr.fr/img/kitty-thunderbird1.png
[4] https://www.gabriel.urdhr.fr/img/kitty-thunderbird2.png
[5] https://www.gabriel.urdhr.fr/img/kitty-okular.png


And yet having shell scripts opened in the shell is a perfectly
reasonable thing to do, for example when browsing shell scripts in your
file manager.


This kind of things should probably only happen if the file is marked as 
executable.


File and MIME type associations which can trigger arbitrary code 
execution without user confirmation are very dangerous. They might be be 
triggered through unexpected ways. The user might be tricked into 
believing he is opening a "safe" file. These associations should 
probably not be enabled by default.



In this case, mutt should be modified to have a separate view vs open
action.


It is not only mutt (see above for other examples).


Or it's the users responsibility to configure their system to
view shell files rather than execute them, if they are in the habit of
clicking exe's attached to emails or otherwise clicking untrusted shell
scripts.


Or it is our responsibility to ship with a secure by default configuration?

The user might not be aware that he is opening a shell script either 
because he has been tricked (using different MIME type and file 
extension) or because he is not especially skilled in computer/security.


Even if he is aware that he is opening a shell script (which might 
trigger arbitrary code execution and take control of his computer) he 
might not be aware that "opening" means "executing" in this context.


Regards,

Gabriel


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1034650: debian-installer: bookworm d-i rc1: apt-get clean breaks bash-completion

[Askar Safin]

I did some experiments and wrote a patch!

Okay, so, I spend some more time thinking about this. And I think the
bug is in apt's completion scripts. Because that *.bin files are
simply cache. And lack of caches should not break program! This
follows from my interpretation of FHS 3.0 5.5 (
https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch05s05.html ). And
that *.bin files are located in /var/cache. And debian policy refers
to FHS 3.0 ( 
https://www.debian.org/doc/debian-policy/ch-opersys.html#file-system-hierarchy
). So, the bug is in apt's completion scripts and we should simply
remove "--no-generate" from them. And hence I attach a patch, which
does exactly that.

This will cause completion scripts to regenerate caches as needed.
This will work even if *.bin files are not present. And this will work
even if we are in unprivileged bash, I tested this.

Okay, so you can ask: what are speed implications of this? Well, I
tested this on my main system (Intel Core i7) and I feel that even
full cache regeneration takes zero time, i. e. it is absolutely
instant.

So I started qemu-system-x86_64 without -enable-kvm and tested there.

Results are this: if caches are not present, then bash-completion is
slow, it takes something like 10 seconds (in qemu in emulation
mode!!!). But if caches are present, then bash-completion feels fast.
So, it seems that apt is smart, it regenerates cache only if needed.
So, there is no need to insert special "if" in completion scripts to
check whether we should regenerate caches, apt already does this.

Also, I found that file /usr/share/bash-completion/completions/apt is
owned by apt, but file /usr/share/bash-completion/completions/apt-get
is owned by bash-completion . So, I apply patch to "apt" only. Needed
patch for "apt-get" is essentially the same.

Also, I think "apt-get" (and similar) scripts should be transferred
from "bash-completion" package to "apt".

This patch is for current apt's "main",
9da15d149f97e0f26cf5b7e32405512a5e63523c .

diff --git a/completions/bash/apt b/completions/bash/apt
index 59a8eaa94..ff3d7bd24 100644
--- a/completions/bash/apt
+++ b/completions/bash/apt
@@ -173,6 +173,7 @@ _apt()
 fi

 # specific command arguments
+# we don't pass "--no-generate" to "apt-cache" because we want
completion to work even if caches are not present (#1034650)
 if [[ -v command ]]; then
 case $command in
 remove|purge|autoremove|autopurge)
@@ -187,7 +188,7 @@ _apt()
 return 0
 ;;
 show|list|download|changelog|depends|rdepends)
-COMPREPLY=( $( apt-cache --no-generate pkgnames "$cur" \
+COMPREPLY=( $( apt-cache pkgnames "$cur" \
 2> /dev/null ) )
 return 0
 ;;
@@ -195,7 +196,7 @@ _apt()
 if [[ "$cur" == .* || "$cur" == /* || "$cur" == ~* ]]; then
 _filedir "deb"
 else
-COMPREPLY=( $( apt-cache --no-generate pkgnames "$cur" \
+COMPREPLY=( $( apt-cache pkgnames "$cur" \
 2> /dev/null ) )
 fi
 return 0
@@ -204,7 +205,7 @@ _apt()
 if [[ "$command" == build-dep && ( "$cur" == .* ||
"$cur" == /* || "$cur" == ~* ) ]]; then
 _filedir "dsc"
 else
-COMPREPLY=( $( apt-cache --no-generate pkgnames "$cur" \
+COMPREPLY=( $( apt-cache pkgnames "$cur" \
 2> /dev/null ) $( apt-cache dumpavail | \
 command grep "^Source: $cur" | sort -u | cut
-f2 -d" " ) )
 fi

Bug#1035616: release-notes: Duplicate paragraph

[Hideki Yamane]

Package: release-notes
Severity: normal

Dear Maintainer,

 In en/issues.dbk, below paragraphs seem to be duplicated.
 Not all the same, but mostly.


  Things to do post upgrade before rebooting
  
  
When apt full-upgrade has finished, the
formal upgrade is complete.  For the upgrade to
&releasename;, there are no special actions needed before
performing a reboot.
  
  
  
When apt full-upgrade has finished, the 
formal upgrade
is complete, but there are some other things that should be taken care 
of
before the next reboot.
  

Bug#1035603: mpdscribble: prompting due to modified conffiles which were not modified by the user: /etc/mpdscribble.conf

[Geoffroy Youri Berret]

On 5/6/23 11:50, Andreas Beckmann wrote:
[…] 
in bullseye you used ucf to manage the file (to insert 
username/password), in bookworm you ship it as a conffile.

AND manage it with ucf. That is seriously broken.


Indeed, a previous commit introduced a conffile by mistake.

Fixing this [0] (debdiff attached), makes the package upgrade properly 
on bullseye from bullseye pkg version to bookworm version built for 
bullseye.


But testing this fix on puiparts fails with the same error, I ran :

   piuparts -d bullseye -d bookworm mpdscribble_0.24-3_amd64.deb

I'm not sure how to proceed, do I ask for an unblock anyway?

[0] https://salsa.debian.org/mpd-team/mpdscribble/-/commit/3252ec1bccediff -Nru mpdscribble-0.24/debian/changelog mpdscribble-0.24/debian/changelog
--- mpdscribble-0.24/debian/changelog   2022-07-31 18:28:30.0 +0200
+++ mpdscribble-0.24/debian/changelog   2023-05-06 16:09:19.0 +0200
@@ -1,3 +1,9 @@
+mpdscribble (0.24-3) UNRELEASED; urgency=medium
+
+  * Avoid prompting the user if not needed on upgrade (Closes: #1035603)
+
+ -- Geoffroy Youri Berret   Sat, 06 May 2023 16:09:19 +0200
+
 mpdscribble (0.24-2) unstable; urgency=medium
 
   * Fixed FTBS (porting to gcc12) (Closes: #1016284)
diff -Nru mpdscribble-0.24/debian/rules mpdscribble-0.24/debian/rules
--- mpdscribble-0.24/debian/rules   2022-07-31 18:28:30.0 +0200
+++ mpdscribble-0.24/debian/rules   2023-05-06 16:02:29.0 +0200
@@ -16,6 +16,7 @@
 
 override_dh_auto_install:
dh_auto_install
+   rm debian/mpdscribble/etc/mpdscribble.conf
rm debian/mpdscribble/usr/share/doc/mpdscribble/COPYING
 
 override_dh_clean:

Bug#1035617: libunistring: Add hurd-amd64 support

[Samuel Thibault]

Source: libunistring
Version: 1.0-2
Severity: important
Tags: patch
User: debian-h...@lists.debian.org
Usertags: hurd

Hello,

The attached patch adds support for hurd-amd64 by generalizing the
symbols conditions. I have also factorized the libunistring2.symbols and
libunistring2.symbols.hurd-i386 to make maintenance easier thanks to
conditions.

Samuel

-- System Information:
Debian Release: 12.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500, 
'proposed-updates-debug'), (500, 'proposed-updates'), (500, 
'oldstable-proposed-updates'), (500, 'oldoldstable'), (500, 'buildd-unstable'), 
(500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 
'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 6.2.0 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- a/debian/libunistring2.symbols
+++ b/debian/libunistring2.symbols
@@ -162,10 +162,15 @@ libunistring.so.2 libunistring2 #MINVER#
  libunistring_gl_uninorm_decomp_chars_table@Base 0.9.7
  libunistring_gl_uninorm_decomp_index_table@Base 0.9.7
  libunistring_gl_uninorm_decompose_merge_sort_inplace@Base 0.9.7
- libunistring_glthread_once_multithreaded@Base 1.0
+ (arch=!hurd-any)libunistring_glthread_once_multithreaded@Base 1.0
  libunistring_glthread_once_singlethreaded@Base 0.9.7
  libunistring_glthread_recursive_lock_init_multithreaded@Base 0.9.7
- (arch=gnu-any-any)libunistring_glthread_rwlock_init_for_glibc@Base 0.9.8
+ (arch=gnu-linux-any)libunistring_glthread_rwlock_init_for_glibc@Base 0.9.8
+ (arch=hurd-any)libunistring_glthread_rwlock_destroy_multithreaded@Base 0.9.8
+ (arch=hurd-any)libunistring_glthread_rwlock_init_multithreaded@Base 0.9.8
+ (arch=hurd-any)libunistring_glthread_rwlock_rdlock_multithreaded@Base 0.9.8
+ (arch=hurd-any)libunistring_glthread_rwlock_unlock_multithreaded@Base 0.9.8
+ (arch=hurd-any)libunistring_glthread_rwlock_wrlock_multithreaded@Base 0.9.8
  libunistring_hard_locale@Base 0.9.7
  libunistring_iconveh_close@Base 0.9.7
  libunistring_iconveh_open@Base 0.9.7
@@ -227,10 +232,14 @@ libunistring.so.2 libunistring2 #MINVER#
  u16_casecoll@Base 0.9.7
  u16_casefold@Base 0.9.7
  u16_casexfrm@Base 0.9.7
- u16_casing_prefix_context@Base 0.9.10
- u16_casing_prefixes_context@Base 0.9.10
- u16_casing_suffix_context@Base 0.9.10
- u16_casing_suffixes_context@Base 0.9.10
+ (arch=!hurd-any)u16_casing_prefix_context@Base 0.9.10
+ (arch=!hurd-any)u16_casing_prefixes_context@Base 0.9.10
+ (arch=!hurd-any)u16_casing_suffix_context@Base 0.9.10
+ (arch=!hurd-any)u16_casing_suffixes_context@Base 0.9.10
+ (arch=hurd-any)u16_casing_prefix_context@Base 1.0
+ (arch=hurd-any)u16_casing_prefixes_context@Base 1.0
+ (arch=hurd-any)u16_casing_suffix_context@Base 1.0
+ (arch=hurd-any)u16_casing_suffixes_context@Base 1.0
  u16_check@Base 0.9.7
  u16_chr@Base 0.9.7
  u16_cmp2@Base 0.9.7
@@ -327,10 +336,14 @@ libunistring.so.2 libunistring2 #MINVER#
  u32_casecoll@Base 0.9.7
  u32_casefold@Base 0.9.7
  u32_casexfrm@Base 0.9.7
- u32_casing_prefix_context@Base 0.9.10
- u32_casing_prefixes_context@Base 0.9.10
- u32_casing_suffix_context@Base 0.9.10
- u32_casing_suffixes_context@Base 0.9.10
+ (arch=!hurd-any)u32_casing_prefix_context@Base 0.9.10
+ (arch=!hurd-any)u32_casing_prefixes_context@Base 0.9.10
+ (arch=!hurd-any)u32_casing_suffix_context@Base 0.9.10
+ (arch=!hurd-any)u32_casing_suffixes_context@Base 0.9.10
+ (arch=hurd-any)u32_casing_prefix_context@Base 1.0
+ (arch=hurd-any)u32_casing_prefixes_context@Base 1.0
+ (arch=hurd-any)u32_casing_suffix_context@Base 1.0
+ (arch=hurd-any)u32_casing_suffixes_context@Base 1.0
  u32_check@Base 0.9.7
  u32_chr@Base 0.9.7
  u32_cmp2@Base 0.9.7
@@ -424,10 +437,14 @@ libunistring.so.2 libunistring2 #MINVER#
  u8_casecoll@Base 0.9.7
  u8_casefold@Base 0.9.7
  u8_casexfrm@Base 0.9.7
- u8_casing_prefix_context@Base 0.9.10
- u8_casing_prefixes_context@Base 0.9.10
- u8_casing_suffix_context@Base 0.9.10
- u8_casing_suffixes_context@Base 0.9.10
+ (arch=!hurd-any)u8_casing_prefix_context@Base 0.9.10
+ (arch=!hurd-any)u8_casing_prefixes_context@Base 0.9.10
+ (arch=!hurd-any)u8_casing_suffix_context@Base 0.9.10
+ (arch=!hurd-any)u8_casing_suffixes_context@Base 0.9.10
+ (arch=hurd-any)u8_casing_prefix_context@Base 1.0
+ (arch=hurd-any)u8_casing_prefixes_context@Base 1.0
+ (arch=hurd-any)u8_casing_suffix_context@Base 1.0
+ (arch=hurd-any)u8_casing_suffixes_context@Base 1.0
  u8_check@Base 0.9.7
  u8_chr@Base 0.9.7
  u8_cmp2@Base 0.9.7
--- a/debian/libunistring2.symbols.hurd-i386
+++ /dev/null
@@ -1,718 +0,0 @@
-libunistring.so.2 libunistring2 #MINVER#
-* Build-Depends-Package: libunistring-dev
- UC_CATEGORY_C

Bug#1035618: dreamchess: please remove artificial limit (15) on number of save slots

[Lucio Crusca]

Package: dreamchess
Version: 0.3.0-2
Severity: wishlist
X-Debbugs-Cc: lu...@sulweb.org

Dear Maintainer,

I often find myself copying savegames in a new folder only to have
~/.dreamchess empty to be able to save new games. I can't see any
compelling reason to limit the number of savegams to 15, so assuming
there actually isn't any, please remove the limit or at least raise it
to 100 or something way larger than 15.

-- System Information:
Debian Release: 12.0
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'stable'), (700, 'unstable'), (500, 
'stable-updates'), (500, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-7-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dreamchess depends on:
ii  dreamchess-data 0.3.0-2
ii  libc6   2.36-9
ii  libexpat1   2.5.0-1
ii  libgl1  1.6.0-1
ii  libglew2.2  2.2.0-4+b1
ii  libglu1-mesa [libglu1]  9.0.2-1.1
ii  libsdl2-2.0-0   2.26.4+dfsg-1
ii  libsdl2-image-2.0-0 2.6.3+dfsg-1
ii  libsdl2-mixer-2.0-0 2.6.2+dfsg-2

dreamchess recommends no packages.

dreamchess suggests no packages.

-- no debconf information

Bug#1035461: texlive-binaries: Allow install of TeXlive without SSE2

[Preuße]

On 06.05.2023 08:15, Norbert Preining wrote:

Hi Norbert,


Or you could drop building luaJIT completely. fmtutil already ignores
errors from missing luajit* engines, so that would be an easy way.
And if Debian requires halfway decent machines, the it can be
reactived.



This is for fmtutil from TL 2022.

fmtutil [INFO]: log file copied to:
/var/lib/texmf/web2c/xetex/pdfcsplain.log
fmtutil [INFO]: /var/lib/texmf/web2c/xetex/pdfcsplain.fmt installed.
fmtutil [ERROR]: not building luajithbtex due to missing engine: luajithbtex
fmtutil [ERROR]: not building luajittex due to missing engine: luajittex
fmtutil [INFO]: disabled formats: 2
fmtutil [INFO]: successfully rebuilt formats: 53
fmtutil [INFO]: failed to build: 2 (luajithbtex/luajithbtex
luajittex/luajittex)
fmtutil [INFO]: total formats: 57
fmtutil [INFO]: exiting with status 2

Exit status != 0 is not really good. Maybe this changed in TL 2023.

We need *luajit* for texlive-extra-utils.

H.
--
sigfault

Bug#1035619: paperwork-gtk: paper got stuck in scanner and paperwork threw a traceback

[Martin Dosch]

Package: paperwork-gtk
Version: 2.1.2-1
Severity: normal

Dear Maintainer,

a paper got stuck in the scanner while scanning and paperwork threw a 
traceback:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/openpaperwork_gtk/mainloop/glib.py", 
line 160, in decorator
func(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/paperwork_backend/docscan/scan2doc.py", 
line 122, in cancel
raise exc
  File "/usr/lib/python3/dist-packages/openpaperwork_core/promise.py", line 
235, in _threaded_do
our_r = self.func(*args, **self.kwargs)
^^^
  File "/usr/lib/python3/dist-packages/paperwork_backend/docscan/scan2doc.py", 
line 92, in add_scans_to_doc
for img in imgs:
  File "/usr/lib/python3/dist-packages/paperwork_backend/docscan/libinsane.py", 
line 235, in _scan
session = self.source.scan_start()
  
gi.repository.GLib.GError: libinsane-quark: Libinsane item->scan_start() error: 
0x4006, I/O Error (7)

Best regards,
Martin

-- System Information:
Debian Release: 12.0
  APT prefers testing-security
  APT policy: (900, 'testing-security'), (900, 'testing'), (600, 'unstable'), 
(500, 'unstable-debug'), (500, 'testing-debug'), (500, 'experimental'), (1, 
'experimental-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-7-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages paperwork-gtk depends on:
ii  adwaita-icon-theme [gnome-icon-theme-symbolic]  43-1
ii  aspell  0.60.8-4+b1
ii  gnome-icon-theme3.12.0-5
ii  openpaperwork-core  2.1.2-1
ii  openpaperwork-gtk   2.1.2-1
ii  paperwork-backend   2.1.2-1
ii  python3 3.11.2-1+b1
ii  python3-distro  1.8.0-1
ii  python3-levenshtein 0.12.2-2+b4
ii  python3-pycountry   22.3.5+ds1-1
ii  python3-pyocr   0.8.3-1
ii  python3-xdg 0.28-2
ii  tesseract-ocr   5.3.0-2

paperwork-gtk recommends no packages.

paperwork-gtk suggests no packages.

-- no debconf information


signature.asc
Description: PGP signature

Bug#1035620: picocom: New upstream and new release

[Wolfram Sang]

Package: picocom
Version: 3.1-2+b1
Severity: normal

Dear Maintainer,

after 5 years of silence, I took over maintainership for picocom,
collected bugfixes and pull requests and released a new version. Please
find more information here:

https://gitlab.com/wsakernel/picocom/-/releases

I hope this can be added to Debian as-is. If not, please let me know and
we can work it out.

Happy hacking,

   Wolfram

-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.18.0-2-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages picocom depends on:
ii  libc6  2.36-6

picocom recommends no packages.

picocom suggests no packages.

-- no debconf information

Bug#1034959: libwmf: diff for NMU version 0.2.12-5.1

[Andreas Metzler]

Control: tags 1034959 + patch
Control: tags 1034959 + pending

Dear maintainer,

I've prepared an NMU for libwmf (versioned as 0.2.12-5.1) and
uploaded it to DELAYED/10. Please feel free to tell me if I
should delay it longer.

Kind regards

Andreas
diff -Nru libwmf-0.2.12/debian/changelog libwmf-0.2.12/debian/changelog
--- libwmf-0.2.12/debian/changelog	2022-01-25 09:16:35.0 +0100
+++ libwmf-0.2.12/debian/changelog	2023-05-06 18:19:26.0 +0200
@@ -1,3 +1,11 @@
+libwmf (0.2.12-5.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add missing Breaks/Replaces on libwmf0.2-7-gtk to libwmf-0.2-7-gtk.
+Closes: #1034959
+
+ -- Andreas Metzler   Sat, 06 May 2023 18:19:26 +0200
+
 libwmf (0.2.12-5) unstable; urgency=medium
 
   * Upload to unstable
diff -Nru libwmf-0.2.12/debian/control libwmf-0.2.12/debian/control
--- libwmf-0.2.12/debian/control	2022-01-25 09:16:35.0 +0100
+++ libwmf-0.2.12/debian/control	2023-05-06 18:17:54.0 +0200
@@ -53,8 +53,8 @@
 Architecture: any
 Pre-Depends: ${misc:Pre-Depends}
 Depends: ${misc:Depends}, ${shlibs:Depends}, libwmf-0.2-7 (= ${binary:Version})
-Breaks: libwmf0.2-7 (<< 0.2.8.4-12)
-Replaces: libwmf0.2-7 (<< 0.2.8.4-12)
+Breaks: libwmf0.2-7 (<< 0.2.8.4-12), libwmf0.2-7-gtk (<< 0.2.12-1)
+Replaces: libwmf0.2-7 (<< 0.2.8.4-12), libwmf0.2-7-gtk (<< 0.2.12-1)
 Description: Windows metafile conversion GTK pixbuf plugin
  Windows metafile (WMF) is a picture format used by many Windows
  programs, e.g. Microsoft Word.  libwmf is a library for interpreting


signature.asc
Description: PGP signature

Bug#1035615: xz-utils: Fix hurd-amd64 build

[Samuel Thibault]

Jeffrey Walton, le sam. 06 mai 2023 13:01:06 -0400, a ecrit:
> On Sat, May 6, 2023 at 10:41 AM Samuel Thibault  wrote:
> > debian/rules is passing --enable-assembler=x86_64 to configure, but that
> > case was removed, see ChangeLog:
> >
> > commit ac10b1b3622e70881595586edfb8a3ebdcd76bb6
> > Author: Lasse Collin 
> > Date:   2022-11-14 17:58:07 +0200
> >
> > Build: Omit x86_64 from --enable-assembler.
> >
> > It didn't do anything. There are only 32-bit x86 assembly files
> > and it feels likely that new files won't be added as intrinsics
> > in C are more portable across toolchains and OSes.
> >
> > The attached patch fixes that by dropping that option, since it's not
> > useful for amd64 ports anyway.
> 
> I think it is a bad idea to rely solely on intrinsics.

Well, that's to be discussed with upstream, not here.

Samuel

Bug#1035615: xz-utils: Fix hurd-amd64 build

[Jeffrey Walton]

On Sat, May 6, 2023 at 10:41 AM Samuel Thibault  wrote:
>
> Package: xz-utils
> Version: 5.4.1-0.2
> Severity: important
> Tags: patch
>
> debian/rules is passing --enable-assembler=x86_64 to configure, but that
> case was removed, see ChangeLog:
>
> commit ac10b1b3622e70881595586edfb8a3ebdcd76bb6
> Author: Lasse Collin 
> Date:   2022-11-14 17:58:07 +0200
>
> Build: Omit x86_64 from --enable-assembler.
>
> It didn't do anything. There are only 32-bit x86 assembly files
> and it feels likely that new files won't be added as intrinsics
> in C are more portable across toolchains and OSes.
>
> The attached patch fixes that by dropping that option, since it's not
> useful for amd64 ports anyway.

I think it is a bad idea to rely solely on intrinsics. Intrinsics have
their own problems. For example, suppose you have a function that is
implemented in C, SSE4 and AVX. Your project would be setup with:

* my_func.c compiled with base ISA options
* my_func_sse4.c compiled with -march=sse_41
* my_func_avx.c compiled with -march=avx
* a function pointer to select a C, SSE4 or AVX implementation
* an initializer that sets the function pointer at startup.

If you run on a SSE4 machine (or below), then you could segfault in
my_func_avx translation unit _if_ the compiler uses AVX instructions
in the TU.

I've had the exact situation happen to me with both GCC and Clang. My
code was guarded behind a feature test, but the GCC and Clang code was
not guarded. The unguarded compiler code caused a SIGILL. I had it
happen to me with both GCC and Clang on PowerPC, i686, and x86_64.
See, for example,
https://lists.llvm.org/pipermail/llvm-dev/2018-December/128159.html .

The fix is to have the compiler _stop_ hijacking my ISA. We are forced
to use an option like -march=avx. That does not mean the compiler
should assume it can use it. But the GCC and Clang compilers got it
wrong.

Microsoft compilers got it right. You can use any intrinsic the
compiler supports without an option. If you supply an option, like
/arch:avx, then Microsoft compilers take that as a signal they can
generate code for AVX. Otherwise, Microsoft compilers just use the
base ISA.

So be careful about using those intrinsics.

> -- System Information:
> Debian Release: 12.0
>   APT prefers testing
>   APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
> 'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500, 
> 'proposed-updates-debug'), (500, 'proposed-updates'), (500, 
> 'oldstable-proposed-updates'), (500, 'oldoldstable'), (500, 
> 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), 
> (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386, arm64
>
> Kernel: Linux 6.2.0 (SMP w/8 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
> Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not 
> set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
>
> Versions of packages xz-utils depends on:
> ii  libc6 2.36-9
> ii  liblzma5  5.4.1-0.2
>
> xz-utils recommends no packages.
>
> xz-utils suggests no packages.
>
> -- no debconf information

Bug#1035621: ncurses: FTBFS: dh_autoreconf error on various architectures

[Sven Joachim]

Source: ncurses
Version: 6.4-3
Severity: important
Tags: ftbfs

On at least three architectures (hurd-i386, powerpc and x32) ncurses
FTBFS with the following error:

,
| dh_autoreconf autoreconf-dickey -- -f -i
| aclocal: warning: autoconf input should be named 'configure.ac', not 
'configure.in'
| configure.in:910: warning: macro 'AM_LANGINFO_CODESET' not found in library
| configure.in:941: error: possibly undefined macro: AM_LANGINFO_CODESET
| mv: cannot move '/tmp/aruX6IKF/ahKAGeTw/config.hin' to 
'include/ncurses_cfg.hin': No such file or directory
| touch: cannot touch 'include/stamp-h.in': No such file or directory
| dh_autoreconf: error: autoreconf-dickey -f -i returned exit code 1
`

Compare with a successful build on amd64:

,
| dh_autoreconf autoreconf-dickey -- -f -i
| aclocal: warning: autoconf input should be named 'configure.ac', not 
'configure.in'
| configure.in:910: warning: macro 'AM_LANGINFO_CODESET' not found in library
| configure.in:941: error: possibly undefined macro: AM_LANGINFO_CODESET
| mv: cannot move '/tmp/ardz33hA/ahzccjnH/config.hin' to 
'include/ncurses_cfg.hin': No such file or directory
| touch: cannot touch 'include/stamp-h.in': No such file or directory
| touch config.guess-stamp
`

This raises at least two questions:

- Why does dh_autoreconf error out on some architectures, but not on
  others?

- Why is AM_LANGINFO_CODESET not found, despite being defined in
  aclocal.m4?

Needs to be investigated, at the moment I have no clue. :-(

Bug#1023884: vtun: patch for libssl3

[Christoph Lechleitner]

On Wed, 23 Nov 2022 14:08:58 +0100 Sylvain Rochet  wrote:
Attached patch is a better approach to fix that by loading providers in 
main instead of crypto module. That way it also works for legacy VTun 
crypto module (VTun <= 2.6) if there are any users left and is future 
proof for auth module.


Thanks Sylvain, your patch made my day!

Ever since updating to bookworm a few weeks ago I had segfaults instead of 
tunnel connections from vtun 3.0.4-2+b1, amd64 architecture.

Adding 13-libssl-use-legacy-provider.patch solved that for my bookworm-based 
server and client, and I can finally use vtun it again - to remotely maintain a 
bullseye-based laptop of a relative (sigh), and as 2nd VPN into our company's 
HQ.

Best regards, Christoph

Bug#1035612: Acknowledgement (unblock: birdfont/2.32.3-2)

[Hideki Yamane]

 Oh, reportbug ;)

> unblock birdfont/2.32.3-1

 It should be

unblock birdfont/2.32.3-2

Bug#1035621: ncurses uses its own autoconf

[Adam Borowski]

> - Why does dh_autoreconf error out on some architectures, but not on
>   others?
> - Why is AM_LANGINFO_CODESET not found, despite being defined in
>   aclocal.m4?

ncurses uses its own fork of autoconf, autoconf-dickey, that's peculiar to
ncurses' upstream.  Not surprisingly, it lacks improvements and fixes from
mainline.


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Imagine there are bandits in your house, your kid is bleeding out,
⢿⡄⠘⠷⠚⠋⠀ the house is on fire, and seven giant trumpets are playing in the
⠈⠳⣄ sky.  Your cat demands food.  The priority should be obvious...

Bug#1035621: ncurses: FTBFS: dh_autoreconf error on various architectures

[Sven Joachim]

On 2023-05-06 19:15 +0200, Sven Joachim wrote:

> Source: ncurses
> Version: 6.4-3
> Severity: important
> Tags: ftbfs
>
> On at least three architectures (hurd-i386, powerpc and x32) ncurses
> FTBFS with the following error:
>
> ,
> | dh_autoreconf autoreconf-dickey -- -f -i
> | aclocal: warning: autoconf input should be named 'configure.ac', not 
> 'configure.in'
> | configure.in:910: warning: macro 'AM_LANGINFO_CODESET' not found in library
> | configure.in:941: error: possibly undefined macro: AM_LANGINFO_CODESET
> | mv: cannot move '/tmp/aruX6IKF/ahKAGeTw/config.hin' to 
> 'include/ncurses_cfg.hin': No such file or directory
> | touch: cannot touch 'include/stamp-h.in': No such file or directory
> | dh_autoreconf: error: autoreconf-dickey -f -i returned exit code 1
> `
>
> Compare with a successful build on amd64:
>
> ,
> | dh_autoreconf autoreconf-dickey -- -f -i
> | aclocal: warning: autoconf input should be named 'configure.ac', not 
> 'configure.in'
> | configure.in:910: warning: macro 'AM_LANGINFO_CODESET' not found in library
> | configure.in:941: error: possibly undefined macro: AM_LANGINFO_CODESET
> | mv: cannot move '/tmp/ardz33hA/ahzccjnH/config.hin' to 
> 'include/ncurses_cfg.hin': No such file or directory
> | touch: cannot touch 'include/stamp-h.in': No such file or directory
> | touch config.guess-stamp
> `
>
> This raises at least two questions:
>
> - Why does dh_autoreconf error out on some architectures, but not on
>   others?
>
> - Why is AM_LANGINFO_CODESET not found, despite being defined in
>   aclocal.m4?
>
> Needs to be investigated, at the moment I have no clue. :-(

With the -v option, autoreconf-dickey gives some useful hints:

,
| autoreconf-dickey -f -i -v
| autoreconf-dickey: using autoconf 2.52.20230114: /usr/bin//autoconf-dickey
| autoreconf-dickey: using autoheader 2.52.20230114: /usr/bin//autoheader-dickey
| autoreconf-dickey: using automake 1.16.5: automake
| autoreconf-dickey: using aclocal 1.16.5: aclocal
| autoreconf-dickey: running aclocal --verbose --output=./aclocal.m4 in 
.pc/fix-configure-root-args-option.diff
| aclocal: warning: autoconf input should be named 'configure.ac', not 
'configure.in'
| aclocal: found macro AC_PATH_XTRA in configure.in: 45
`

So autoreconf-dickey picks up the backup of configure.in below the .pc/
directory and runs aclocal.  As there is no aclocal.m4 in that
directory, the above warning and error about AM_LANGINFO_CODESET ensue,
answering the second question.  That still leaves the first one open,
though.

Sven

Bug#1035622: libpciaccess: Add hurd-amd64 symbols

[Samuel Thibault]

Source: libpciaccess
Version: 0.17-2
Severity: important
Tags: patch
User: debian-h...@lists.debian.org
Usertags: hurd

Hello,

The attached patch fixes the symbol list for hurd-amd64.

Samuel

-- System Information:
Debian Release: 12.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500, 
'proposed-updates-debug'), (500, 'proposed-updates'), (500, 
'oldstable-proposed-updates'), (500, 'oldoldstable'), (500, 'buildd-unstable'), 
(500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 
'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 6.2.0 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- debian/libpciaccess0.symbols.original   2023-05-06 18:31:42.923396000 
+
+++ debian/libpciaccess0.symbols2023-05-06 18:31:54.219239521 +
@@ -44,14 +44,14 @@
  pci_device_vgaarb_set_target@Base 0.10.7
  pci_device_vgaarb_trylock@Base 0.10.7
  pci_device_vgaarb_unlock@Base 0.10.7
- (arch=hurd-i386)pci_device_x86_close_io@Base 0.16
- (arch=hurd-i386)pci_device_x86_open_legacy_io@Base 0.16
- (arch=hurd-i386)pci_device_x86_read16@Base 0.16
- (arch=hurd-i386)pci_device_x86_read32@Base 0.16
- (arch=hurd-i386)pci_device_x86_read8@Base 0.16
- (arch=hurd-i386)pci_device_x86_write16@Base 0.16
- (arch=hurd-i386)pci_device_x86_write32@Base 0.16
- (arch=hurd-i386)pci_device_x86_write8@Base 0.16
+ (arch=hurd-any)pci_device_x86_close_io@Base 0.16
+ (arch=hurd-any)pci_device_x86_open_legacy_io@Base 0.16
+ (arch=hurd-any)pci_device_x86_read16@Base 0.16
+ (arch=hurd-any)pci_device_x86_read32@Base 0.16
+ (arch=hurd-any)pci_device_x86_read8@Base 0.16
+ (arch=hurd-any)pci_device_x86_write16@Base 0.16
+ (arch=hurd-any)pci_device_x86_write32@Base 0.16
+ (arch=hurd-any)pci_device_x86_write8@Base 0.16
  pci_get_strings@Base 0
  pci_id_match_iterator_create@Base 0
  pci_io_read16@Base 0.11.0
@@ -67,7 +67,7 @@
  (arch=kfreebsd-any)pci_system_freebsd_init_dev_mem@Base 0.16
  pci_system_init@Base 0
  pci_system_init_dev_mem@Base 0.10.2
- (arch=hurd-i386)pci_system_x86_destroy@Base 0.16
- (arch=hurd-i386)pci_system_x86_map_dev_mem@Base 0.17
- (arch=hurd-i386)x86_disable_io@Base 0.16
- (arch=hurd-i386)x86_enable_io@Base 0.16
+ (arch=hurd-any)pci_system_x86_destroy@Base 0.16
+ (arch=hurd-any)pci_system_x86_map_dev_mem@Base 0.17
+ (arch=hurd-any)x86_disable_io@Base 0.16
+ (arch=hurd-any)x86_enable_io@Base 0.16

Bug#1035623: openssl: version of experimental breaks system

[eric]

Package: openssl
Version: 3.1.0-1
Severity: important


After install, restarting services failed. rebooting led to sddm restarting
after entering password.

Downgrading to unstable version (3.0.8-1) fixes the problem. However you have to
start wifi via nmcli from command line if you use Network-Manager.


-- System Information:
Debian Release: 12.0
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-8-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE
Locale: LANG=fr_FR.UTF8, LC_CTYPE=fr_FR.UTF8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages openssl depends on:
ii  libc62.36-9
ii  libssl3  3.0.8-1

openssl recommends no packages.

Versions of packages openssl suggests:
ii  ca-certificates  20230311

-- no debconf information

Bug#1035621: ncurses: FTBFS: dh_autoreconf error on various architectures

[Sven Joachim]

On 2023-05-06 20:01 +0200, Sven Joachim wrote:

> On 2023-05-06 19:15 +0200, Sven Joachim wrote:
>
>> Source: ncurses
>> Version: 6.4-3
>> Severity: important
>> Tags: ftbfs
>>
>> On at least three architectures (hurd-i386, powerpc and x32) ncurses
>> FTBFS with the following error:
>>
>> ,
>> | dh_autoreconf autoreconf-dickey -- -f -i
>> | aclocal: warning: autoconf input should be named 'configure.ac', not 
>> 'configure.in'
>> | configure.in:910: warning: macro 'AM_LANGINFO_CODESET' not found in library
>> | configure.in:941: error: possibly undefined macro: AM_LANGINFO_CODESET
>> | mv: cannot move '/tmp/aruX6IKF/ahKAGeTw/config.hin' to 
>> 'include/ncurses_cfg.hin': No such file or directory
>> | touch: cannot touch 'include/stamp-h.in': No such file or directory
>> | dh_autoreconf: error: autoreconf-dickey -f -i returned exit code 1
>> `
>>
>> Compare with a successful build on amd64:
>>
>> ,
>> | dh_autoreconf autoreconf-dickey -- -f -i
>> | aclocal: warning: autoconf input should be named 'configure.ac', not 
>> 'configure.in'
>> | configure.in:910: warning: macro 'AM_LANGINFO_CODESET' not found in library
>> | configure.in:941: error: possibly undefined macro: AM_LANGINFO_CODESET
>> | mv: cannot move '/tmp/ardz33hA/ahzccjnH/config.hin' to 
>> 'include/ncurses_cfg.hin': No such file or directory
>> | touch: cannot touch 'include/stamp-h.in': No such file or directory
>> | touch config.guess-stamp
>> `
>>
>> This raises at least two questions:
>>
>> - Why does dh_autoreconf error out on some architectures, but not on
>>   others?
>>
>> - Why is AM_LANGINFO_CODESET not found, despite being defined in
>>   aclocal.m4?
>>
>> Needs to be investigated, at the moment I have no clue. :-(
>
> With the -v option, autoreconf-dickey gives some useful hints:
>
> ,
> | autoreconf-dickey -f -i -v
> | autoreconf-dickey: using autoconf 2.52.20230114: /usr/bin//autoconf-dickey
> | autoreconf-dickey: using autoheader 2.52.20230114: 
> /usr/bin//autoheader-dickey
> | autoreconf-dickey: using automake 1.16.5: automake
> | autoreconf-dickey: using aclocal 1.16.5: aclocal
> | autoreconf-dickey: running aclocal --verbose --output=./aclocal.m4 in 
> .pc/fix-configure-root-args-option.diff
> | aclocal: warning: autoconf input should be named 'configure.ac', not 
> 'configure.in'
> | aclocal: found macro AC_PATH_XTRA in configure.in: 45
> `
>
> So autoreconf-dickey picks up the backup of configure.in below the .pc/
> directory and runs aclocal.  As there is no aclocal.m4 in that
> directory, the above warning and error about AM_LANGINFO_CODESET ensue,
> answering the second question.  That still leaves the first one open,
> though.

Including the one below the .pc directory, there are four configure.in
files in the source tree, and apparently autoreconf-dickey processes
them in somewhat random order, depending on the filesystem.  I was not
able to reproduce the error in a freshly unpacked source tree on my
system, but the attached little script triggered it for me on a tmpfs.
The .pc directory has the lowest inode number of all files after moving
the others aside and copying them back, and autoreconf-dickey processed
it last.

Sven

#!/bin/sh
set -e

TEMP_DIR=$(mktemp -d)
# apt source -d ncurses
rm -rf ncurses-6.4
dpkg-source -x ncurses_6.4-3.dsc
cd ncurses-6.4
mv * ${TEMP_DIR}
cp -a ${TEMP_DIR}/* .
rm -rf ${TEMP_DIR}
autoreconf-dickey -f -i

Bug#1035621: ncurses: FTBFS: dh_autoreconf error on various architectures

[Thomas Dickey]

On Sat, May 06, 2023 at 08:01:22PM +0200, Sven Joachim wrote:
> On 2023-05-06 19:15 +0200, Sven Joachim wrote:
> 
> > Source: ncurses
> > Version: 6.4-3
> > Severity: important
> > Tags: ftbfs
> >
> > On at least three architectures (hurd-i386, powerpc and x32) ncurses
> > FTBFS with the following error:
> >
> > ,
> > | dh_autoreconf autoreconf-dickey -- -f -i

autoreconf calls automake, which doesn't do any good.

At most, it would be replacing config.sub and config.guess with
whatever version it happens to have available -- sometimes that's
a downgrade, sometimes not - but _very_ rarely would an upgrade of
those files benefit Debian.

> > | aclocal: warning: autoconf input should be named 'configure.ac', not 
> > 'configure.in'
> > | configure.in:910: warning: macro 'AM_LANGINFO_CODESET' not found in 
> > library
> > | configure.in:941: error: possibly undefined macro: AM_LANGINFO_CODESET
> > | mv: cannot move '/tmp/aruX6IKF/ahKAGeTw/config.hin' to 
> > 'include/ncurses_cfg.hin': No such file or directory
> > | touch: cannot touch 'include/stamp-h.in': No such file or directory
> > | dh_autoreconf: error: autoreconf-dickey -f -i returned exit code 1
> > `
> >
> > Compare with a successful build on amd64:
> >
> > ,
> > | dh_autoreconf autoreconf-dickey -- -f -i
> > | aclocal: warning: autoconf input should be named 'configure.ac', not 
> > 'configure.in'
> > | configure.in:910: warning: macro 'AM_LANGINFO_CODESET' not found in 
> > library
> > | configure.in:941: error: possibly undefined macro: AM_LANGINFO_CODESET
> > | mv: cannot move '/tmp/ardz33hA/ahzccjnH/config.hin' to 
> > 'include/ncurses_cfg.hin': No such file or directory
> > | touch: cannot touch 'include/stamp-h.in': No such file or directory
> > | touch config.guess-stamp
> > `
> >
> > This raises at least two questions:
> >
> > - Why does dh_autoreconf error out on some architectures, but not on
> >   others?
> >
> > - Why is AM_LANGINFO_CODESET not found, despite being defined in
> >   aclocal.m4?
> >
> > Needs to be investigated, at the moment I have no clue. :-(
> 
> With the -v option, autoreconf-dickey gives some useful hints:
> 
> ,
> | autoreconf-dickey -f -i -v
> | autoreconf-dickey: using autoconf 2.52.20230114: /usr/bin//autoconf-dickey
> | autoreconf-dickey: using autoheader 2.52.20230114: 
> /usr/bin//autoheader-dickey
> | autoreconf-dickey: using automake 1.16.5: automake
> | autoreconf-dickey: using aclocal 1.16.5: aclocal
> | autoreconf-dickey: running aclocal --verbose --output=./aclocal.m4 in 
> .pc/fix-configure-root-args-option.diff
> | aclocal: warning: autoconf input should be named 'configure.ac', not 
> 'configure.in'
> | aclocal: found macro AC_PATH_XTRA in configure.in: 45
> `
> 
> So autoreconf-dickey picks up the backup of configure.in below the .pc/
> directory and runs aclocal.  As there is no aclocal.m4 in that
> directory, the above warning and error about AM_LANGINFO_CODESET ensue,
> answering the second question.  That still leaves the first one open,
> though.

yes - I expect that something in the externals has changed.

-- 
Thomas E. Dickey 
https://invisible-island.net


signature.asc
Description: PGP signature

Bug#1035624: RFS: xfishtank/3.2.0~pre01-1 -- turns your X root into an aquarium

[Marius Gavrilescu]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "xfishtank":

 * Package name : xfishtank
   Version  : 3.2.0~pre01-1
   Upstream contact : Willem Vermin 
 * URL  : 
https://ratrabbit.nl/ratrabbit/software/xfishtank/index.html
 * License  : main-license
 * Vcs  : https://git.ieval.ro/?p=xfishtank.git;a=summary
   Section  : games

The source builds the following binary packages:

  xfishtank - turns your X root into an aquarium

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/xfishtank/

Alternatively, you can download the package with 'dget' using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/x/xfishtank/xfishtank_3.2.0~pre01-1.dsc

Changes since the last upload:

 xfishtank (3.2.0~pre01-1) unstable; urgency=medium
 .
   * Changed upstream to RatrabbiT-xfishtank
   * New implementation which works on modern desktop environments
 (Closes: #1032174)

Regards,
-- 
Marius Gavrilescu

Bug#1034428: Fwd: Bug#1034428: unblock: vmdb2/0.27-1

[Christian Kastner]

(re-sending to bug which I forgot to CC)

Hi,

On 2023-05-05 20:05, Helmut Grohne wrote:
> Also sbuild-qemu is a direct reverse dependency of vmdb2. I haven't
> looked deep there.

sbuild-qemu is just a simple wrapper around autopkgtest-build-qemu that
simplifies the image customziation process.

sbuild-qemu doesn't need vmdb2 itself; it only depends on it because
autopkgtest only suggest vmdb2. This makes sense, are there are many
backends other than qemu for autopkgtest.

I haven't looked at the code changes in vmdb2 but I'm confident that if
autopkgtest gets updated accordingly, everything should be fine for
sbuild-qemu. Either way, I'm happy to help.

Best,
Christian

Bug#1035625: unblock: node-yaml/2.1.3-2

[Yadd]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: node-y...@packages.debian.org
Control: affects -1 + src:node-yaml

Please unblock package node-yaml

[ Reason ]
node-yaml is vulnerable to Denial-of-Service (#1035580, CVE-2023-2251)

[ Impact ]
Medium security issue

[ Tests ]
New tests added:
 - by upstream in the CVE-2023-2251.patch file
 - by myself in autopkgtest using code provided to prove the issue

You can verify using
https://salsa.debian.org/js-team/node-yaml/-/pipelines that the CVE is
fixed by this patch.

[ Risks ]
Low risk, patch is trivial (just fix line characters count)

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

[ Others ]
This debdiff includes also:
 * little things from lintian-brush
 * a little test paths fix because test failed on platforms where the
   "debian" word was in the build root path (especially salsa)

Cheers,
Yadd

unblock node-yaml/2.1.3-2
diff --git a/debian/changelog b/debian/changelog
index 3265e73..5d44f16 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,14 @@
+node-yaml (2.1.3-2) unstable; urgency=medium
+
+  * Team upload
+  * Update lintian override info format in
+d/source/lintian-overrides on line 2-7
+  * Update standards version to 4.6.2, no changes needed
+  * Fix corner case failure in error pretty-printer
+(Closes: #1035580, CVE-2023-2251)
+
+ -- Yadd   Sun, 07 May 2023 00:10:19 +0400
+
 node-yaml (2.1.3-1) unstable; urgency=medium
 
   * Team upload
diff --git a/debian/control b/debian/control
index 0a7fe7e..e221de8 100644
--- a/debian/control
+++ b/debian/control
@@ -15,7 +15,7 @@ Build-Depends:
  , node-tslib 
  , node-typescript 
  , rollup
-Standards-Version: 4.6.1
+Standards-Version: 4.6.2
 Homepage: https://eemeli.org/yaml/
 Vcs-Git: https://salsa.debian.org/js-team/node-yaml.git
 Vcs-Browser: https://salsa.debian.org/js-team/node-yaml
diff --git a/debian/patches/CVE-2023-2251.patch 
b/debian/patches/CVE-2023-2251.patch
new file mode 100644
index 000..0d8b1d4
--- /dev/null
+++ b/debian/patches/CVE-2023-2251.patch
@@ -0,0 +1,36 @@
+Description: fix: Corner case failure in error pretty-printer
+Author: Eemeli Aro 
+Origin: upstream, https://github.com/eemeli/yaml/commit/984f5781
+Bug: https://github.com/advisories/GHSA-f9xv-q969-pqx4
+Bug-Debian: https://bugs.debian.org/1035580
+Forwarded: not-needed
+Applied-Upstream: 2.2.2, commit:984f5781
+Reviewed-By: Yadd 
+Last-Update: 2023-05-06
+
+--- a/src/errors.ts
 b/src/errors.ts
+@@ -91,7 +91,7 @@
+   let count = 1
+   const end = error.linePos[1]
+   if (end && end.line === line && end.col > col) {
+-count = Math.min(end.col - col, 80 - ci)
++count = Math.max(1, Math.min(end.col - col, 80 - ci))
+   }
+   const pointer = ' '.repeat(ci) + '^'.repeat(count)
+   error.message += `:\n\n${lineStr}\n${pointer}\n`
+--- a/tests/doc/errors.js
 b/tests/doc/errors.js
+@@ -341,6 +341,12 @@
+ const doc = YAML.parseDocument(src, { prettyErrors: true })
+ expect(doc.warnings).toMatchObject([{ name: 'YAMLWarning' }])
+   })
++
++  test('repeated CR', () => {
++const src = '[' + '\r'.repeat(80)
++const doc = YAML.parseDocument(src, { prettyErrors: true })
++expect(doc.errors[0]).not.toHaveProperty('source')
++  })
+ })
+ 
+ describe('tags on invalid nodes', () => {
diff --git a/debian/patches/series b/debian/patches/series
index 053c2da..e2d7781 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
 fix-test.patch
 fix-for-rollup-3.patch
+CVE-2023-2251.patch
diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides
index 7c118d4..b78412d 100644
--- a/debian/source/lintian-overrides
+++ b/debian/source/lintian-overrides
@@ -1,10 +1,10 @@
 # False positive: test data
-source-is-missing *tests/doc/YAML-1.2.spec.js*
-source-is-missing *tests/doc/foldFlowLines.js*
-source-contains-prebuilt-javascript-object *tests/doc/YAML-1.2.spec.js*
-source-contains-prebuilt-javascript-object *tests/doc/foldFlowLines.js*
-source-is-missing *debian/tests/test_modules/*
-source-contains-prebuilt-javascript-object *debian/tests/test_modules/*
+source-is-missing [*tests/doc/YAML-1.2.spec.js*]
+source-is-missing [*tests/doc/foldFlowLines.js*]
+source-contains-prebuilt-javascript-object [*tests/doc/YAML-1.2.spec.js*]
+source-contains-prebuilt-javascript-object [*tests/doc/foldFlowLines.js*]
+source-is-missing [*debian/tests/test_modules/*]
+source-contains-prebuilt-javascript-object [*debian/tests/test_modules/*]
 very-long-line-length-in-source-file *tests/doc/YAML-1.2.spec.js*
 very-long-line-length-in-source-file *tests/doc/foldFlowLines.js*
 very-long-line-length-in-source-file *debian/tests/test_modules/*
diff --git a/debian/tests/CVE-2023-2251 b/debian/tests/CVE-2023-2251
new file mode 100755
index 000..819

Bug#1035621: ncurses: FTBFS: dh_autoreconf error on various architectures

[Sven Joachim]

On 2023-05-06 15:11 -0400, Thomas Dickey wrote:

> On Sat, May 06, 2023 at 08:01:22PM +0200, Sven Joachim wrote:
>> On 2023-05-06 19:15 +0200, Sven Joachim wrote:
>> 
>> > Source: ncurses
>> > Version: 6.4-3
>> > Severity: important
>> > Tags: ftbfs
>> >
>> > On at least three architectures (hurd-i386, powerpc and x32) ncurses
>> > FTBFS with the following error:
>> >
>> > ,
>> > | dh_autoreconf autoreconf-dickey -- -f -i
>
> autoreconf calls automake, which doesn't do any good.
>
> At most, it would be replacing config.sub and config.guess with
> whatever version it happens to have available -- sometimes that's
> a downgrade, sometimes not - but _very_ rarely would an upgrade of
> those files benefit Debian.

Not that it matters, but the config.sub and config.guess files are
already replaced by the ones in the autotools-dev package, as per Debian
Policy § 4.3[1].

And while automake and aclocal are not useful, bypassing them (e.g. via
"AUTOMAKE=true ACLOCAL=true autoreconf-dickey -f -i") does not help
either, unfortunately.

>> So autoreconf-dickey picks up the backup of configure.in below the .pc/
>> directory and runs aclocal.  As there is no aclocal.m4 in that
>> directory, the above warning and error about AM_LANGINFO_CODESET ensue,
>> answering the second question.  That still leaves the first one open,
>> though.
>
> yes - I expect that something in the externals has changed.

What really has changed is that I am patching ncurses' configure.in for
the first time in the package's history.  Now the quilt patchsystem
creates a backup file with the same name below the .pc directory, and I
do not know how to tell autoreconf to ignore it.

Since Autoconf 2.53 subdirectories are only processed if they are in
AC_CONFIG_SUBDIRS or explicitly given on the command line[2], but at
least for now I have to make do with Autoconf 2.52.20230114.

Cheers,
   Sven


1. 
https://www.debian.org/doc/debian-policy/ch-source.html#changes-to-the-upstream-sources
2. 
https://git.savannah.gnu.org/gitweb/?p=autoconf.git;a=blob;f=NEWS;h=a48a0085800208dcd66142f410ac04c9dac42134;hb=9c0183724614517a67d0955065171465bab7154a#l1948

Bug#1035618: dreamchess: please remove artificial limit (15) on number of save slots

[Markus Koschany]

Control: forwarded -1 https://github.com/dreamchess/dreamchess/issues/58

Hello,

On Sat, 06 May 2023 17:14:08 +0200 Lucio Crusca  wrote:
> Package: dreamchess
> Version: 0.3.0-2
> Severity: wishlist
> X-Debbugs-Cc: lu...@sulweb.org
> 
> Dear Maintainer,
> 
> I often find myself copying savegames in a new folder only to have
> ~/.dreamchess empty to be able to save new games. I can't see any
> compelling reason to limit the number of savegams to 15, so assuming
> there actually isn't any, please remove the limit or at least raise it
> to 100 or something way larger than 15.

I agree that 15 appears to be a bit low. I have forwarded your request
upstream. Since this request is not strictly related to Debian, it is better to
discuss game play changes with the upstream developer of dreamchess.

 



signature.asc
Description: This is a digitally signed message part

Bug#1035603: mpdscribble: prompting due to modified conffiles which were not modified by the user: /etc/mpdscribble.conf

[Andreas Beckmann]

On 06/05/2023 16.39, Geoffroy Youri Berret wrote:

On 5/6/23 11:50, Andreas Beckmann wrote:
[…] in bullseye you used ucf to manage the file (to insert 
username/password), in bookworm you ship it as a conffile.

AND manage it with ucf. That is seriously broken.


Indeed, a previous commit introduced a conffile by mistake.

Fixing this [0] (debdiff attached), makes the package upgrade properly 
on bullseye from bullseye pkg version to bookworm version built for 
bullseye.


But testing this fix on puiparts fails with the same error, I ran :

    piuparts -d bullseye -d bookworm mpdscribble_0.24-3_amd64.deb


You want to test upgrading from bullseye to bookworm + your new package,
skipping the buggy version currently in bookworm. IIRC your command 
first upgrades to to the current bookworm version, thereafter to the new 
.deb


Maybe already a --distupgrade-to-testdebs helps, but I have never tried 
it this way.


If that doesn't work, try this:

put mpdscribble_0.24-3_amd64.deb into /tmp/testdebs
(cd /tmp/testdebs && dpkg-scanpackages . > Packages)

piuparts -d bullseye -d bookworm --bindmount /tmp/testdebs \
  --testdebs-repo /tmp/testdebs --distupgrade-to-testdebs \
  --apt mpdscribble

(/tmp/testdebs can be replaced by any other location)

(options from my memory, I haven't tried it)

If I were to review the current debdiff (without further context), it 
would rise questions, because dropping a conffile to avoid dkpg 
prompting sounds like fixing one bug by introducing a new bug.


Therefore for the changelog I'd suggest something like
"Do not ship /etc/mpdscribble.conf as a conffile. This is already 
managed with ucf."

(This is the fixed bug. The debconf prompting was just a symptom.)

Andreas

PS: feel free to improve piuparts documentation (from a user 
perspective, I only have a developer view ;-) ). I think piuparts can do 
what you wanted

Bug#1035621: ncurses: FTBFS: dh_autoreconf error on various architectures

[Thomas Dickey]

On Sat, May 06, 2023 at 10:27:54PM +0200, Sven Joachim wrote:
> On 2023-05-06 15:11 -0400, Thomas Dickey wrote:
> 
> > On Sat, May 06, 2023 at 08:01:22PM +0200, Sven Joachim wrote:
> >> On 2023-05-06 19:15 +0200, Sven Joachim wrote:
> >> 
> >> > Source: ncurses
> >> > Version: 6.4-3
> >> > Severity: important
> >> > Tags: ftbfs
> >> >
> >> > On at least three architectures (hurd-i386, powerpc and x32) ncurses
> >> > FTBFS with the following error:
> >> >
> >> > ,
> >> > | dh_autoreconf autoreconf-dickey -- -f -i
> >
> > autoreconf calls automake, which doesn't do any good.
> >
> > At most, it would be replacing config.sub and config.guess with
> > whatever version it happens to have available -- sometimes that's
> > a downgrade, sometimes not - but _very_ rarely would an upgrade of
> > those files benefit Debian.
> 
> Not that it matters, but the config.sub and config.guess files are
> already replaced by the ones in the autotools-dev package, as per Debian
> Policy § 4.3[1].
> 
> And while automake and aclocal are not useful, bypassing them (e.g. via
> "AUTOMAKE=true ACLOCAL=true autoreconf-dickey -f -i") does not help
> either, unfortunately.
> 
> >> So autoreconf-dickey picks up the backup of configure.in below the .pc/
> >> directory and runs aclocal.  As there is no aclocal.m4 in that
> >> directory, the above warning and error about AM_LANGINFO_CODESET ensue,
> >> answering the second question.  That still leaves the first one open,
> >> though.
> >
> > yes - I expect that something in the externals has changed.
> 
> What really has changed is that I am patching ncurses' configure.in for
> the first time in the package's history.  Now the quilt patchsystem
> creates a backup file with the same name below the .pc directory, and I
> do not know how to tell autoreconf to ignore it.
> 
> Since Autoconf 2.53 subdirectories are only processed if they are in
> AC_CONFIG_SUBDIRS or explicitly given on the command line[2], but at
> least for now I have to make do with Autoconf 2.52.20230114.

hmm - incorporating that change isn't what I had in mind.

I'd just use autoconf-dickey (rather than autoreconf-dickey, in any case),
since only the first part of this is useful:

   Run  `autoconf'  (and  `autoheader', `aclocal', `automake', `autopoint'
   (formerly `gettextize'), and `libtoolize' where appropriate) repeatedly
   to remake the GNU Build System files in specified DIRECTORIES and their
   subdirectories (defaulting to `.').

-- 
Thomas E. Dickey 
https://invisible-island.net


signature.asc
Description: PGP signature

Bug#1035542: libreswan: CVE-2023-30570: Incorrect aggressive mode interaction causes the pluto daemon to crash

[Salvatore Bonaccorso]

Hi Daniel,

On Fri, May 05, 2023 at 10:17:59AM +0200, Salvatore Bonaccorso wrote:
> Source: libreswan
> Version: 4.10-2
> Severity: important
> Tags: security upstream
> Forwarded: https://github.com/libreswan/libreswan/issues/1039
> X-Debbugs-Cc: car...@debian.org, Debian Security Team 
> 
> 
> Hi,
> 
> The following vulnerability was published for libreswan.
> 
> CVE-2023-30570[0]:
> | Incorrect aggressive mode interaction causes the pluto daemon to
> | crash
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2023-30570
> https://www.cve.org/CVERecord?id=CVE-2023-30570
> [1] https://github.com/libreswan/libreswan/issues/1039
> 
> Please adjust the affected versions in the BTS as needed.

Proposed changes at https://salsa.debian.org/debian/libreswan/-/merge_requests/3

The primary goal here is to make sure the changes land in bookworm,
not evaluated yet for bullseye, but at first glance it might warrant a
DSA.

Regards,
Salvatore

Bug#1035626: ITP: 3d-ascii-viewer-c -- Viewer of 3D models in ASCII

[Gürkan Myczko]

Package: wnpp
Severity: wishlist
Owner: Gürkan Myczko 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: 3d-ascii-viewer-c
  Version : 1.1.0
  Upstream Authors: Francisco Javier Andrés Casas Barrientos
  URL : https://github.com/autopawn/3d-ascii-viewer-c
* License : MIT
  Description : Viewer of 3D models in ASCII
 This is a 3d object file viewer for the console/terminal.
 Wavefront OBJ file format is supported.

Bug#1035627: libpcsclite-dev: Multiarch doesn't work for libpcsclite-dev (needed by current wine git)

[Patrick Hibbs]

Package: libpcsclite-dev
Version: 1.9.1-1
Severity: normal
X-Debbugs-Cc: hibbsncc1...@gmail.com

Dear Maintainer,

Attempting to install the i386 version of the libpcsclite-dev package causes
apt to try and remove most of the installed desktop managers and
python3-minimal on x86_64.
As of this bugreport, Wine's git master branch has a new dependancy on this
package for smartcard support. Without multiarch working, smartcard support in
32bit wine is disabled.
It would be nice to have this working in Debian.

wine git (222d20a585c454cb591e3dc539f3bd52427ea30c) configure output:
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking whether make sets $(MAKE)... yes
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether the compiler supports GNU C... yes
checking whether gcc accepts -g... yes
checking for gcc option to enable C11 features... none needed
checking for g++... g++
checking whether the compiler supports GNU C++... yes
checking whether g++ accepts -g... yes
checking for g++ option to enable C++11 features... none needed
checking for cpp... cpp
checking for ld... ld
checking whether gcc -m32 works... yes
checking for the directory containing the Wine tools...
/local_data/BUILDAREA/codebase/wine/wine32-tools
checking for flex... flex
checking whether flex is recent enough... yes
checking for bison... bison
checking whether bison is recent enough... yes
checking for ar... ar
checking for strip... strip
checking for ranlib... ranlib
checking whether ln -s works... yes
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for ldconfig... /sbin/ldconfig
checking for msgfmt... msgfmt
checking for pkg-config... pkg-config
checking whether msgfmt supports contexts... yes
checking for i386_set_ldt in -li386... no
checking for special C compiler options needed for large files... no
checking for _FILE_OFFSET_BITS value needed for large files... 64
checking for stdio.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for strings.h... yes
checking for sys/stat.h... yes
checking for sys/types.h... yes
checking for unistd.h... yes
checking for CL/cl.h... yes
checking for EGL/egl.h... yes
checking for OpenCL/opencl.h... no
checking for arpa/inet.h... yes
checking for arpa/nameser.h... yes
checking for asm/types.h... yes
checking for asm/user.h... no
checking for elf.h... yes
checking for float.h... yes
checking for gettext-po.h... yes
checking for libproc.h... no
checking for link.h... yes
checking for linux/cdrom.h... yes
checking for linux/filter.h... yes
checking for linux/hdreg.h... yes
checking for linux/hidraw.h... yes
checking for linux/input.h... yes
checking for linux/ioctl.h... yes
checking for linux/major.h... yes
checking for linux/param.h... yes
checking for linux/serial.h... yes
checking for linux/types.h... yes
checking for linux/ucdrom.h... no
checking for lwp.h... no
checking for mach-o/loader.h... no
checking for mach/mach.h... no
checking for machine/cpu.h... no
checking for machine/sysarch.h... no
checking for mntent.h... yes
checking for netdb.h... yes
checking for netinet/in.h... yes
checking for netinet/in_systm.h... yes
checking for netinet/tcp.h... yes
checking for netinet/tcp_fsm.h... no
checking for pcap/pcap.h... yes
checking for port.h... no
checking for pthread.h... yes
checking for pwd.h... yes
checking for sched.h... yes
checking for scsi/scsi.h... yes
checking for scsi/scsi_ioctl.h... yes
checking for scsi/sg.h... yes
checking for stdint.h... (cached) yes
checking for sys/attr.h... no
checking for sys/auxv.h... yes
checking for sys/cdio.h... no
checking for sys/epoll.h... yes
checking for sys/event.h... no
checking for sys/extattr.h... no
checking for sys/filio.h... no
checking for sys/ipc.h... yes
checking for sys/link.h... no
checking for sys/modem.h... no
checking for sys/mtio.h... yes
checking for sys/param.h... yes
checking for sys/prctl.h... yes
checking for sys/ptrace.h... yes
checking for sys/queue.h... yes
checking for sys/random.h... yes
checking for sys/resource.h... yes
checking for sys/scsiio.h... no
checking for sys/shm.h... yes
checking for sys/signal.h... yes
checking for sys/socketvar.h... yes
checking for sys/sockio.h... no
checking for sys/statvfs.h... yes
checking for sys/strtio.h... no
checking for sys/syscall.h... yes
checking for sys/sysinfo.h... yes
checking for sys/times.h... yes
checking for sys/uio.h... yes
checking for sys/user.h... yes
checking for sys/utsname.h... yes
checking for sys/vnode.h... no
checking for sys/xattr.h... yes
checking for syscall.h... yes
checking for utime.h... yes
checking for valgrind/memcheck.h... yes
checking for valgrind/va

Bug#1035628: unblock: java-atk-wrapper/0.40.0-3

[Samuel Thibault]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: java-atk-wrap...@packages.debian.org
Control: affects -1 + src:java-atk-wrapper

Hello,

I have uploaded java-atk-wrapper_0.40.0-3 for inclusion in bookworm.

[ Reason ]
There was a mistake in the upstream code in the test for presence of the
ATK_STATE_COLLAPSED feature in atk, fixed by this upload.

[ Impact ]
In the current bookworm, the treeviews of java applications are
currently inaccessible to blind users. For instance in mediathekview, in
the preference dialog box, the treeview on the left to browse between
panels of the box is inaccessible: users don't know which panel is
currently active, making such dialog box very tedious to work with,
one has to guess what panel is on. This is so for all treeviews, so
most preference dialog boxes of java applications, and treeviews in the
designs of java applications.

[ Tests ]
This was tested manually.

[ Risks ]
The code is very trivial, and comes from upstream
(well, I am upstream :) )

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

Thanks!

unblock java-atk-wrapper/0.40.0-3
diff -Nru java-atk-wrapper-0.40.0/debian/changelog 
java-atk-wrapper-0.40.0/debian/changelog
--- java-atk-wrapper-0.40.0/debian/changelog2022-04-04 20:36:56.0 
+0200
+++ java-atk-wrapper-0.40.0/debian/changelog2023-05-06 21:25:54.0 
+0200
@@ -1,3 +1,10 @@
+java-atk-wrapper (0.40.0-3) unstable; urgency=medium
+
+  * patches/ATK_STATE_COLLAPSED: Fix checking for ATK_STATE_COLLAPSED
+availability.
+
+ -- Samuel Thibault   Sat, 06 May 2023 21:25:54 +0200
+
 java-atk-wrapper (0.40.0-2) unstable; urgency=medium
 
   * control: Bump atk1.0 build-dep to get ATK_STATE_COLLAPSED.
diff -Nru java-atk-wrapper-0.40.0/debian/patches/ATK_STATE_COLLAPSED 
java-atk-wrapper-0.40.0/debian/patches/ATK_STATE_COLLAPSED
--- java-atk-wrapper-0.40.0/debian/patches/ATK_STATE_COLLAPSED  1970-01-01 
01:00:00.0 +0100
+++ java-atk-wrapper-0.40.0/debian/patches/ATK_STATE_COLLAPSED  2023-05-06 
21:25:19.0 +0200
@@ -0,0 +1,22 @@
+commit 5e90b12a7703e108d0183c86c2cf577271865afe
+Author: Samuel Thibault 
+Date:   Sat May 6 21:23:56 2023 +0200
+
+Fix checking for ATK_STATE_COLLAPSED
+
+ATK_STATE_COLLAPSED is not actually a macro, so replace #ifdef with a
+version check, since we know it appeared in atk 2.38.
+
+diff --git a/jni/src/jawutil.c b/jni/src/jawutil.c
+index a6c894c..8b2a16d 100644
+--- a/jni/src/jawutil.c
 b/jni/src/jawutil.c
+@@ -589,7 +589,7 @@ jaw_util_get_atk_state_type_from_java_state (JNIEnv 
*jniEnv, jobject jobj)
+ return ATK_STATE_CHECKED;
+ 
+   if (is_same_java_state( jniEnv, jobj, "COLLAPSED" ))
+-#ifdef ATK_STATE_COLLAPSED
++#if ATK_CHECK_VERSION (2,38,0)
+ return ATK_STATE_COLLAPSED;
+ #else
+ return ATK_STATE_INVALID;
diff -Nru java-atk-wrapper-0.40.0/debian/patches/series 
java-atk-wrapper-0.40.0/debian/patches/series
--- java-atk-wrapper-0.40.0/debian/patches/series   2022-03-29 
22:41:41.0 +0200
+++ java-atk-wrapper-0.40.0/debian/patches/series   2023-05-06 
21:25:54.0 +0200
@@ -1,3 +1,4 @@
 java-1.7
 
 atk-dep
+ATK_STATE_COLLAPSED
diff -Nru java-atk-wrapper-0.40.0/debian/salsa-ci.yml 
java-atk-wrapper-0.40.0/debian/salsa-ci.yml
--- java-atk-wrapper-0.40.0/debian/salsa-ci.yml 2021-09-26 10:00:44.0 
+0200
+++ java-atk-wrapper-0.40.0/debian/salsa-ci.yml 2022-05-27 00:53:20.0 
+0200
@@ -6,4 +6,7 @@
 test-crossbuild-arm64:
   allow_failure: false
 
+variables:
+  SALSA_CI_REPROTEST_ENABLE_DIFFOSCOPE: 1
+
 # vim: ts=2 sw=2 et sts=2 ft=yaml

Bug#1035629: libnlopt-dev: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

[Andreas Beckmann]

Package: libnlopt-dev
Version: 2.7.1-4
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

an upgrade test with piuparts revealed that your package installs files
over existing symlinks and possibly overwrites files owned by other
packages. This usually means an old version of the package shipped a
symlink but that was later replaced by a real (and non-empty)
directory. This kind of overwriting another package's files cannot be
detected by dpkg.

This was observed on the following upgrade paths:

  bullseye -> bookworm

For /usr/share/doc/PACKAGE this may not be problematic as long as both
packages are installed, ship byte-for-byte identical files and are
upgraded in lockstep. But once one of the involved packages gets
removed, the other one will lose its documentation files, too,
including the copyright file, which is a violation of Policy 12.5:
https://www.debian.org/doc/debian-policy/ch-docs.html#copyright-information

For other overwritten locations anything interesting may happen.

Note that dpkg intentionally does not replace directories with symlinks
and vice versa, you need the maintainer scripts to do this.
See in particular the end of point 4 in
https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#details-of-unpack-phase-of-installation-or-upgrade

It is recommended to use the dpkg-maintscript-helper commands
'dir_to_symlink' and 'symlink_to_dir' (available since dpkg 1.17.14)
to perform the conversion, ideally using d/$PACKAGE.maintscript.
See dpkg-maintscript-helper(1) and dh_installdeb(1) for details.


>From the attached log (scroll to the bottom...):

0m39.3s ERROR: FAIL: silently overwrites files via directory symlinks:
  /usr/share/doc/libnlopt-dev/changelog.Debian.amd64.gz (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/changelog.Debian.amd64.gz (libnlopt0:amd64)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/changelog.Debian.gz (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/changelog.Debian.gz (libnlopt0:amd64)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/changelog.gz (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/changelog.gz (libnlopt0:amd64)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/copyright (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/copyright (libnlopt0:amd64)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/CMakeLists.txt (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/CMakeLists.txt (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/box.c (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/box.c (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/lorentzfit.c (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/lorentzfit.c (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/myconstraint.m (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/myconstraint.m (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/myfunc.m (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/myfunc.m (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/t_fortran.f90 (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/t_fortran.f90 (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/t_guile.scm (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/t_guile.scm (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/t_matlab.m (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/t_matlab.m (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/t_octave.m (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/t_octave.m (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/t_python.py (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/t_python.py (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/t_tutorial.cxx (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/t_tutorial.cxx (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/testfuncs.c (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/testfuncs.c (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/testfuncs.h (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/testfuncs.h (?)
/usr/share/doc/libnlopt-dev -> libnlopt0
  /usr/share/doc/libnlopt-dev/examples/testopt.c (libnlopt-dev:amd64) != 
/usr/share/doc/libnlopt0/examples/testopt.c (?)
/usr/share/doc/libnlopt-dev -> libnlopt0


cheers,

Andreas


libnlopt-dev_2.7.1-4+b4.log

Bug#1035556: expat: Generalize libbsd-dev build-dep on freebsd & hurd

[GCS]

Control: tags -1 +confirmed

Hi,

On Fri, May 5, 2023 at 1:39 PM Samuel Thibault  wrote:
> debian/rules is passing --with-libbsd for all kfreebsd & hurd ports,
> debian/control should thus enable the build-dep for all of them, as the
> attached patch does. This fixes building on hurd-amd64.
 Patch is correct, thanks for it. How soon do you need it? Current
release is in freeze and hurd-amd64 is not even a port architecture
for Debian. As such I don't think it will be allowed for Bookworm.

Regards,
Laszlo/GCS

Bug#1035630: clc-intercal: Update packaging to dh and new upstream version (fixes reproducibility issues!)

[Vagrant Cascadian]

Package: clc-intercal
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

I baited myself into testing upstream claims that the new clc-intercal
builds reproducibly... and it indeed fixes the timestamps issues!

In order to test it, this required making some changes to the debian
packaging, and it seemed easier to just update to a more recent style...
So, attached is a patch updating to the new upstream version, as well as
updating to dh style debian/rules.

I have not tested that this actually works, only that it builds (there
may be an unresolved test suite failure...) and any changes to the
resulting .deb appear roughly reasonable, addressed a few lintian
issues, and that it builds reproducibly (at least with my local
testing)!

There might be a few other rough edges, but this is a start and figured
I would share what I had so far...

live well,
  vagrant
diff --git a/debian/README.debian b/debian/README.debian
index dbef811..9bebdde 100644
--- a/debian/README.debian
+++ b/debian/README.debian
@@ -2,7 +2,7 @@ clc-intercal for Debian
 ---
 
 Some sample programs have been included in the package.  Further
-reference material and more sample INTERCAL programs are avalible with
+reference material and more sample INTERCAL programs are available with
 the C-INTERCAL compiler in the intercal package.
 
  -- Mark Brown , Fri,  5 Nov 1999 16:18:20 +
diff --git a/debian/build-fix b/debian/build-fix
deleted file mode 100644
index a7cf9b0..000
--- a/debian/build-fix
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -up 
CLC-INTERCAL-1.-94.-2/CLC-INTERCAL-Base-1.-94.-2/INTERCAL/Sick.pm.orig 
CLC-INTERCAL-1.-94.-2/CLC-INTERCAL-Base-1.-94.-2/INTERCAL/Sick.pm
 CLC-INTERCAL-1.-94.-2/CLC-INTERCAL-Base-1.-94.-2/INTERCAL/Sick.pm.orig 
2008-03-29 11:09:06.0 -0600
-+++ CLC-INTERCAL-1.-94.-2/CLC-INTERCAL-Base-1.-94.-2/INTERCAL/Sick.pm 
2013-08-02 13:55:41.952276530 -0600
-@@ -709,7 +709,7 @@ sub _guess_charset {
-   my $count = 0;
-   while ((my $line = $fh->write_binary(4096)) ne '') {
-   my $cl = &$cnv($line);
--  $count++ while $line =~ /DO|PLEASE/ig;
-+  $count++ while $cl =~ /DO|PLEASE/ig;
-   }
-   $counts{$name} = $count;
-   };
diff --git a/debian/changelog b/debian/changelog
index c905658..eb20b8c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+clc-intercal (1:1.-94.-2.1-1~0) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * 1.-94.-2.1
+
+ -- Vagrant Cascadian   Sat, 06 May 2023 12:19:54 -0700
+
 clc-intercal (1:1.0~4pre1.-94.-2-5.1) unstable; urgency=medium
 
   * Non maintainer upload by the Reproducible Builds team.
@@ -133,8 +140,8 @@ clc-intercal (0.05-3) unstable; urgency=low
 clc-intercal (0.05-2) unstable; urgency=low
 
   * Don't install oo, ick man page.  This means oo, ick is undocumented,
-but works around the fact that the cache building in man-db dies 
-horribly when confronted with a man page with a space in the name, 
+but works around the fact that the cache building in man-db dies
+horribly when confronted with a man page with a space in the name,
 rendering man-db useless (fixes: #50455).
 
  -- Mark Brown   Thu, 18 Nov 1999 19:32:18 +
diff --git a/debian/clc-intercal.dirs b/debian/clc-intercal.dirs
deleted file mode 100644
index de8a730..000
--- a/debian/clc-intercal.dirs
+++ /dev/null
@@ -1,2 +0,0 @@
-usr/bin
-usr/share/doc/clc-intercal/examples
diff --git a/debian/clc-intercal.docs b/debian/clc-intercal.docs
index cf935a6..9184aa6 100644
--- a/debian/clc-intercal.docs
+++ b/debian/clc-intercal.docs
@@ -1,4 +1,4 @@
-README 
-CLC-INTERCAL-Base-1.-94.-2/MISSING
-CLC-INTERCAL-Docs-1.-94.-2/doc/html
-CLC-INTERCAL-Docs-1.-94.-2/doc/INTERNET
+README.md
+CLC-INTERCAL-Base/MISSING
+CLC-INTERCAL-Docs/doc/html
+CLC-INTERCAL-Docs/doc/INTERNET
diff --git a/debian/clc-intercal.examples b/debian/clc-intercal.examples
index ed410a6..def9c9a 100644
--- a/debian/clc-intercal.examples
+++ b/debian/clc-intercal.examples
@@ -1,30 +1,30 @@
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/gcd.i
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/hello.i
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/threads.ti
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/syscall3.si
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/http-get.si
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/quantum
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/quantum/retrieve.i
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/quantum/reinstate-gerund.i
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/quantum/come-from.i
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/quantum/remember.i
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/quantum/forget.ni
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/quantum/write-in.i
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/quantum/give-up.i
-CLC-INTERCAL-Docs-1.-94.-2/doc/examples/quantum/learn.i
-CLC-INTERCAL-Docs-1.-94.-2

Bug#1035631: libcurlpp-dev: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

[Andreas Beckmann]

Package: libcurlpp-dev
Version: 0.8.1-5
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

an upgrade test with piuparts revealed that your package installs files
over existing symlinks and possibly overwrites files owned by other
packages. This usually means an old version of the package shipped a
symlink but that was later replaced by a real (and non-empty)
directory. This kind of overwriting another package's files cannot be
detected by dpkg.

This was observed on the following upgrade paths:

  bulseye -> bookworm

For /usr/share/doc/PACKAGE this may not be problematic as long as both
packages are installed, ship byte-for-byte identical files and are
upgraded in lockstep. But once one of the involved packages gets
removed, the other one will lose its documentation files, too,
including the copyright file, which is a violation of Policy 12.5:
https://www.debian.org/doc/debian-policy/ch-docs.html#copyright-information

For other overwritten locations anything interesting may happen.

Note that dpkg intentionally does not replace directories with symlinks
and vice versa, you need the maintainer scripts to do this.
See in particular the end of point 4 in
https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#details-of-unpack-phase-of-installation-or-upgrade

It is recommended to use the dpkg-maintscript-helper commands
'dir_to_symlink' and 'symlink_to_dir' (available since dpkg 1.17.14)
to perform the conversion, ideally using d/$PACKAGE.maintscript.
See dpkg-maintscript-helper(1) and dh_installdeb(1) for details.


>From the attached log (scroll to the bottom...):

0m41.4s ERROR: FAIL: silently overwrites files via directory symlinks:
  /usr/share/doc/libcurlpp-dev/Readme.md (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/Readme.md (libcurlpp0:amd64)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/changelog.Debian.gz (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/changelog.Debian.gz (libcurlpp0:amd64)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/copyright (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/copyright (libcurlpp0:amd64)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/CMakeLists.txt (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/CMakeLists.txt (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/README (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/README (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example00.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/example00.cpp (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example01.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/example01.cpp (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example02.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/example02.cpp (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example03.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/example03.cpp (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example04.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/example04.cpp (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example05.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/example05.cpp (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example06.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/example06.cpp (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example07.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/example07.cpp (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example08.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/example08.cpp (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example09.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/example09.cpp (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example10.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/example10.cpp (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example11.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/examples/example11.cpp (?)
/usr/share/doc/libcurlpp-dev -> libcurlpp0
  /usr/share/doc/libcurlpp-dev/examples/example12.cpp (libcurlpp-dev:amd64) != 
/usr/share/doc/libcurlpp0/exam

Bug#1035632: noiz2sa: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

[Andreas Beckmann]

Package: noiz2sa
Version: 0.51a-12
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

an upgrade test with piuparts revealed that your package installs files
over existing symlinks and possibly overwrites files owned by other
packages. This usually means an old version of the package shipped a
symlink but that was later replaced by a real (and non-empty)
directory. This kind of overwriting another package's files cannot be
detected by dpkg.

This was observed on the following upgrade paths:

  bullseye -> bookworm

For /usr/share/doc/PACKAGE this may not be problematic as long as both
packages are installed, ship byte-for-byte identical files and are
upgraded in lockstep. But once one of the involved packages gets
removed, the other one will lose its documentation files, too,
including the copyright file, which is a violation of Policy 12.5:
https://www.debian.org/doc/debian-policy/ch-docs.html#copyright-information

For other overwritten locations anything interesting may happen.

Note that dpkg intentionally does not replace directories with symlinks
and vice versa, you need the maintainer scripts to do this.
See in particular the end of point 4 in
https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#details-of-unpack-phase-of-installation-or-upgrade

It is recommended to use the dpkg-maintscript-helper commands
'dir_to_symlink' and 'symlink_to_dir' (available since dpkg 1.17.14)
to perform the conversion, ideally using d/$PACKAGE.maintscript.
See dpkg-maintscript-helper(1) and dh_installdeb(1) for details.


>From the attached log (scroll to the bottom...):

0m50.6s ERROR: FAIL: silently overwrites files via directory symlinks:
  /usr/share/doc/noiz2sa/changelog.Debian.amd64.gz (noiz2sa) != 
/usr/share/doc/noiz2sa-data/changelog.Debian.amd64.gz (?)
/usr/share/doc/noiz2sa -> noiz2sa-data
  /usr/share/doc/noiz2sa/changelog.Debian.gz (noiz2sa) != 
/usr/share/doc/noiz2sa-data/changelog.Debian.gz (noiz2sa-data)
/usr/share/doc/noiz2sa -> noiz2sa-data
  /usr/share/doc/noiz2sa/copyright (noiz2sa) != 
/usr/share/doc/noiz2sa-data/copyright (noiz2sa-data)
/usr/share/doc/noiz2sa -> noiz2sa-data


cheers,

Andreas


noiz2sa_0.51a-12+b1.log.gz
Description: application/gzip

Bug#1035633: ITP: node-license-webpack-plugin -- node-webpack plugin to manage third-party license

[Yadd]

Package: wnpp
Severity: wishlist
Owner: Yadd 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: node-license-webpack-plugin
  Version : 4.0.2
  Upstream Contact: https://github.com/xz64/license-webpack-plugin/issues
* URL : https://github.com/xz64/license-webpack-plugin
* License : ISC
  Programming Lang: JavaScript
  Description : node-webpack plugin to manage third-party license

node-license-webpack-plugin provides a node-webpack plugin to manage
third-party license compliance in webpack builds.

This package is a build dependency of JupyterLab. It'll be maintained
under JS Team umbrella

Bug#1035556: expat: Generalize libbsd-dev build-dep on freebsd & hurd

[Samuel Thibault]

László Böszörményi (GCS), le sam. 06 mai 2023 23:23:40 +0200, a ecrit:
> On Fri, May 5, 2023 at 1:39 PM Samuel Thibault  wrote:
> > debian/rules is passing --with-libbsd for all kfreebsd & hurd ports,
> > debian/control should thus enable the build-dep for all of them, as the
> > attached patch does. This fixes building on hurd-amd64.
>  Patch is correct, thanks for it. How soon do you need it?

That can wait after bookworm, we can carry patched packages in the
unreleased distribution for now.

Samuel

Bug#1004844: games-finest: Consider adding endless-sky

[Markus Koschany]

Hi,

thanks for the suggestion!

On Wed, 02 Feb 2022 03:58:43 -0500 Dave Vasilevsky  wrote:
> Package: games-finest
> Version: 4
> Severity: wishlist
> X-Debbugs-Cc: d...@vasilevsky.ca
> 
> Hi,
> 
> Thanks for all your work maintaining debian-games.
> 
> It's been a few years since we've added anything new to games-finest, and I
> think endless-sky would be a great choice.

[...]

endless-sky looks really good and seems to be a fun game. However there haven't
been any Debian uploads from the maintainer in almost six years and several new
versions of endless-sky have been released since then. If we can fix this
situation, then I would include it in games-finest. At the moment that would be
premature. 

Regards,

Markus


signature.asc
Description: This is a digitally signed message part

Bug#1035634: unblock: qt6-scxml/6.4.2-2

[Patrick Franz]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: delta...@debian.org

Please unblock package qt6-scxml

[ Reason ]
One of the cmake-files in qt6-scxml-dev references a plugin.
However, this plugin was not installed even though the plugin
might be needed to build other packages.
This fix installs the missing plugin.

[ Impact ]
Certain packages cannot be built. So far, the only known package
is pyside 6.5, but there might be more.

[ Tests ]
The plugin (libqscxmlecmascriptdatamodel.so) is now installed, see
https://packages.debian.org/sid/amd64/libqt6scxml6/filelist

[ Risks ]
Risk is low, the only change is installing one additional file.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]

unblock qt6-scxml/6.4.2-2
diffstat for qt6-scxml-6.4.2 qt6-scxml-6.4.2

 changelog|7 +++
 libqt6scxml6.install |1 +
 not-installed|1 -
 3 files changed, 8 insertions(+), 1 deletion(-)

diff -Nru qt6-scxml-6.4.2/debian/changelog qt6-scxml-6.4.2/debian/changelog
--- qt6-scxml-6.4.2/debian/changelog2023-01-24 12:46:29.0 +0100
+++ qt6-scxml-6.4.2/debian/changelog2023-05-01 01:53:51.0 +0200
@@ -1,3 +1,10 @@
+qt6-scxml (6.4.2-2) unstable; urgency=medium
+
+  [ Patrick Franz ]
+  * Install the ECMAScript Data Model plugin (Closes: #1035066).
+
+ -- Patrick Franz   Mon, 01 May 2023 01:53:51 +0200
+
 qt6-scxml (6.4.2-1) unstable; urgency=medium
 
   [ Patrick Franz ]
diff -Nru qt6-scxml-6.4.2/debian/libqt6scxml6.install 
qt6-scxml-6.4.2/debian/libqt6scxml6.install
--- qt6-scxml-6.4.2/debian/libqt6scxml6.install 2021-12-07 10:44:16.0 
+0100
+++ qt6-scxml-6.4.2/debian/libqt6scxml6.install 2023-05-01 01:25:45.0 
+0200
@@ -1 +1,2 @@
 usr/lib/${DEB_HOST_MULTIARCH}/libQt6Scxml.so.*
+usr/lib/${DEB_HOST_MULTIARCH}/qt6/plugins/scxmldatamodel/libqscxmlecmascriptdatamodel.so
diff -Nru qt6-scxml-6.4.2/debian/not-installed 
qt6-scxml-6.4.2/debian/not-installed
--- qt6-scxml-6.4.2/debian/not-installed2021-12-07 10:44:16.0 
+0100
+++ qt6-scxml-6.4.2/debian/not-installed2023-05-01 01:25:46.0 
+0200
@@ -18,4 +18,3 @@
 usr/lib/${DEB_HOST_MULTIARCH}/qt6/mkspecs/modules/qt_lib_scxmlqml_private.pri
 
usr/lib/${DEB_HOST_MULTIARCH}/qt6/mkspecs/modules/qt_lib_statemachine_private.pri
 
usr/lib/${DEB_HOST_MULTIARCH}/qt6/mkspecs/modules/qt_lib_statemachineqml_private.pri
-usr/lib/${DEB_HOST_MULTIARCH}/qt6/plugins/scxmldatamodel/libqscxmlecmascriptdatamodel.so

Bug#1035635: tox: Upgrading to tox 4

[Stefano Rivera]

Source: tox
Version: 4.4.6-1
Severity: normal

I took a look at what it would take to transition to tox 4 in Debian (as
I have a package depending on it).

There are some big changes in tox 4.
https://tox.wiki/en/latest/changelog.html

pybuild needs support for pyproject-based tox configuration, workarounds
I used so far:
https://salsa.debian.org/python-team/packages/wheel/-/commit/78476071835f43e862e5e3c2063e233ac16de720

tox now does isolated builds by default. Those are never going to fly in
Debian's environment, so the only option I could figure out was to use
--installpkg to install our built wheel.

e.g. of a workaround:
https://salsa.debian.org/python-team/packages/wheel/-/commit/4b7a325fdfc0743c905419239648bba1e5a04120

I did a rebuild test of "reverse-depends -b tox":

with tox 3, everything built:
baseline/ceph_amd64.build:Status: failed
baseline/sagemath_amd64.build:Status: attempted

ceph and sagemath I killed, because they stalled.

with tox from experimental:
experimental/ceph_amd64.build:Status: failed
experimental/diskcache_amd64.build:Status: attempted
experimental/enlighten_amd64.build:Status: attempted
experimental/git-imerge_amd64.build:Status: attempted
experimental/python-magic_amd64.build:Status: attempted
experimental/python-nox_amd64.build:Status: attempted
experimental/python-prettylog_amd64.build:Status: attempted
experimental/python-pyvmomi_amd64.build:Status: attempted
experimental/reprotest_amd64.build:Status: attempted
experimental/sagemath_amd64.build:Status: attempted
experimental/tox-delay_amd64.build:Status: attempted

diskcache appears to be a dependency syntax issue.

enlighten, python-prettylog, and python-pyvmomi are trying to install
things from PyPI in tox.

git-imerge and python-magic needs need to migrate from
whitelist_externals to allowlist_externals.

nox needs upstream work:
https://github.com/wntrblm/nox/issues/673
which seems to be done?:
https://github.com/wntrblm/nox/pull/687

tox-delay needs upstream work too.

reprotest needs to change its pass_env syntax, no whitespace allowed.

I'll file blocking bugs for these with logs.

Stefano

Bug#1035636: diskcache: FTBFS with tox 4

[Stefano Rivera]

Source: diskcache
Version: 5.4.0-1
Severity: normal
Control: block 1035635 with -1

tox 4 is now available in experimental, but it causes diskcache to
FTBFS. See bug 1035635 for a discussion of the general issues around tox
4.

Log snippet:

I: pybuild pybuild:307: cp -a docs 
/<>/.pybuild/cpython3_3.11_diskcache/build
I: pybuild base:240: cd 
/<>/.pybuild/cpython3_3.11_diskcache/build; tox -c /<>/tox.ini --sitepackages -e py311
py311: install_deps .pybuild/cpython3_3.11_diskcache/build> python -I -m pip 
install pytest py
test-cov pytest-django pytest-xdist './django>=3.2.*'
ESC[31mERROR: Invalid requirement: './django>=3.2.*'
Hint: It looks like a path. File './django>=3.2.*' does not exist.
py311: exit 1 (0.88 seconds) /<>> python -I -m pip install pytest 
pytest-cov pyte
st-django pytest-xdist './django>=3.2.*' pid=5549
  py311: FAIL code 1 (1.12 seconds)
  evaluation failed :( (1.18 seconds)
ESC[39mE: pybuild pybuild:388: test: plugin distutils failed with: exit code=1: 
cd /<>/.pybuild/cpython3_3.11_diskcache/build; tox -c 
/<>/tox.ini --sitepackages -e py311
dh_auto_test: error: pybuild --test --test-tox -i python{version} -p 3.11 
returned exit code 13
make: *** [debian/rules:7: binary] Error 25

Full build log attached.

Stefano
sbuild (Debian sbuild) 0.85.0 (04 January 2023) on haydn.kardiogramm.net

+==+
| diskcache (amd64)Sat, 06 May 2023 18:42:14 + |
+==+

Package: diskcache
Distribution: unstable
Machine Architecture: amd64
Host Architecture: amd64
Build Architecture: amd64
Build Type: binary

I: NOTICE: Log filtering will replace 'autopkgtest-virt-dummy-location' with 
'<>'
I: NOTICE: Log filtering will replace 'build/diskcache-gapCqe/resolver-rCa2P8' 
with '<>'

+--+
| Update chroot|
+--+

Get:1 http://deb.debian.org/debian unstable InRelease [188 kB]
Get:2 http://deb.debian.org/debian experimental InRelease [101 kB]
Get:3 http://deb.debian.org/debian unstable/main Sources.diff/Index [63.6 kB]
Get:4 http://deb.debian.org/debian unstable/contrib amd64 Packages.diff/Index 
[63.3 kB]
Get:5 http://deb.debian.org/debian unstable/main amd64 Packages.diff/Index 
[63.6 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:8 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:8 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:9 http://deb.debian.org/debian experimental/main amd64 Packages [870 kB]
Fetched 1461 kB in 2s (740 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
The following packages were automatically installed and are no longer required:
  dbus-user-session isc-dhcp-common krb5-locales libatm1 libgpm2
  libnss-systemd libpam-cap libpam-systemd libx11-6 libx11-data libxau6
  libxcb1 libxdmcp6 libxext6 libxmuu1 psmisc xauth
Use 'apt autoremove' to remove them.
The following packages will be upgraded:
  isc-dhcp-client isc-dhcp-common
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 1213 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://deb.debian.org/debian unstable/main amd64 isc-dhcp-client amd64 
4.4.3-P1-2 [1096 kB]
Get:2 http://deb.debian.org/debian unstable/main amd64 isc-dhcp-common amd64 
4.4.3-P1-2 [117 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 1213 kB in 0s (78.5 MB/s)
(Reading database ... 
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 12897 files and directories currently installed.)
Preparing to unpack .../isc-dhcp-client_4.4.3-P1-2_amd

Bug#1035637: unblock: qt6-multimedia/6.4.2-5

[Patrick Franz]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: delta...@debian.org

Please unblock package qt6-multimedia

[ Reason ]
qt6-multimedia-dev ships a broken symlink to a shared library.
The shared library is a private library though for the package
qml6-module-qtquick3d-spatialaudio and not needed for
development.
The fix removes all references to the shared library.

[ Impact ]
Unknown.

[ Tests ]
I manually inspected the built package and all relevant files
have been removed.

[ Risks ]
Changes are trivial.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]

unblock qt6-multimedia/6.4.2-5
diffstat for qt6-multimedia-6.4.2 qt6-multimedia-6.4.2

 changelog  |8 
 not-installed  |   28 ++--
 qt6-multimedia-dev.install |   24 
 3 files changed, 34 insertions(+), 26 deletions(-)

diff -Nru qt6-multimedia-6.4.2/debian/changelog 
qt6-multimedia-6.4.2/debian/changelog
--- qt6-multimedia-6.4.2/debian/changelog   2023-01-27 19:48:31.0 
+0100
+++ qt6-multimedia-6.4.2/debian/changelog   2023-05-06 17:40:13.0 
+0200
@@ -1,3 +1,11 @@
+qt6-multimedia (6.4.2-5) unstable; urgency=medium
+
+  [ Patrick Franz ]
+  * Remove references of libqt6quick3dspatialaudio6 in qt6-multimedia-
+dev (Closes: #1035457).
+
+ -- Patrick Franz   Sat, 06 May 2023 17:40:13 +0200
+
 qt6-multimedia (6.4.2-4) unstable; urgency=medium
 
   * Team upload to unstable.
diff -Nru qt6-multimedia-6.4.2/debian/not-installed 
qt6-multimedia-6.4.2/debian/not-installed
--- qt6-multimedia-6.4.2/debian/not-installed   2023-01-27 19:48:31.0 
+0100
+++ qt6-multimedia-6.4.2/debian/not-installed   2023-05-06 17:32:02.0 
+0200
@@ -2,6 +2,11 @@
 usr/include/${DEB_HOST_MULTIARCH}/qt6/QtMultimediaQuick/6.*
 usr/include/${DEB_HOST_MULTIARCH}/qt6/QtMultimediaWidgets/6.*
 usr/include/${DEB_HOST_MULTIARCH}/qt6/QtQuick3DSpatialAudio/6.*
+usr/include/${DEB_HOST_MULTIARCH}/qt6/QtQuick3DSpatialAudio/QtQuick3DSpatialAudio
+usr/include/${DEB_HOST_MULTIARCH}/qt6/QtQuick3DSpatialAudio/QtQuick3DSpatialAudioDepends
+usr/include/${DEB_HOST_MULTIARCH}/qt6/QtQuick3DSpatialAudio/qtquick3dspatialaudioexports.h
+usr/include/${DEB_HOST_MULTIARCH}/qt6/QtQuick3DSpatialAudio/QtQuick3DSpatialAudioVersion
+usr/include/${DEB_HOST_MULTIARCH}/qt6/QtQuick3DSpatialAudio/qtquick3dspatialaudioversion.h
 usr/include/${DEB_HOST_MULTIARCH}/qt6/QtSpatialAudio/6.*
 usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Multimedia/Qt6QFFmpegMediaPlugin*
 
usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6MultimediaQuickPrivate/Qt6MultimediaQuickPrivateAdditionalTargetInfo.cmake
@@ -9,17 +14,36 @@
 
usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6MultimediaQuickPrivate/Qt6MultimediaQuickPrivateConfigVersion.cmake
 
usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6MultimediaQuickPrivate/Qt6MultimediaQuickPrivateConfigVersionImpl.cmake
 
usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6MultimediaQuickPrivate/Qt6MultimediaQuickPrivateDependencies.cmake
-usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6MultimediaQuickPrivate/Qt6MultimediaQuickPrivateTargets-none.cmake
 
usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6MultimediaQuickPrivate/Qt6MultimediaQuickPrivateTargets.cmake
+usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6MultimediaQuickPrivate/Qt6MultimediaQuickPrivateTargets-none.cmake
 
usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6MultimediaQuickPrivate/Qt6MultimediaQuickPrivateVersionlessTargets.cmake
+usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quick3dspatialaudioAdditionalTargetInfo.cmake
+usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quick3dspatialaudioConfig.cmake
+usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quick3dspatialaudioConfigVersion.cmake
+usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quick3dspatialaudioConfigVersionImpl.cmake
+usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quick3dspatialaudioTargets.cmake
+usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quick3dspatialaudioTargets-none.cmake
 
usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quickmultimediaAdditionalTargetInfo.cmake
 
usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quickmultimediaConfig.cmake
 
usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quickmultimediaConfigVersion.cmake
 
usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quickmultimediaConfigVersionImpl.cmake
-usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quickmultimediaTargets-none.cmake
 
usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quickmultimediaTargets.cmake
+usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Qml/QmlPlugins/Qt6quickmultimediaTargets-none.cmake
+usr/lib/${DEB_HOST_MULTIARCH}/cmake/Qt6Quick3DSpatialAudioPrivate/Qt6Quick3DSpatialAudioPrivateAdditionalTargetInfo.cmake
+usr/lib/${DEB_HOST_MULTIARCH}/cm

Bug#1035638: enlighten: FTBFS with tox 4

[Stefano Rivera]

Source: enlighten
Version: 1.11.2-1
Severity: normal
Control: block 1035635 with -1

tox 4 is now available in experimental, but it causes diskcache to
FTBFS. See bug 1035635 for a discussion of the general issues around tox
4.

Log snippet:

   dh_auto_test -O--buildsystem=pybuild
I: pybuild base:240: cd /<>/.pybuild/cpython3_3.11/build; tox -c 
/<>
/tox.ini --sitepackages -e py311
py311: install_deps .pybuild/cpython3_3.11/build> python -I -m pip install 
blessed prefixed
ESC[31mWARNING: Retrying (Retry(total=4, connect=None, read=None, 
redirect=None, status=None))
 after connection broken by 'ProxyError('Cannot connect to proxy.', 
NewConnectionError(': Failed to 
establish a new
 connection: [Errno 111] Connection refused'))': /simple/blessed/
WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, 
status=None)) after
connection broken by 'ProxyError('Cannot connect to proxy.', 
NewConnectionError(': Failed to 
establish a new connec
tion: [Errno 111] Connection refused'))': /simple/blessed/
WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, 
status=None)) after
connection broken by 'ProxyError('Cannot connect to proxy.', 
NewConnectionError(': Failed to 
establish a new connec
tion: [Errno 111] Connection refused'))': /simple/blessed/
WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, 
status=None)) after
connection broken by 'ProxyError('Cannot connect to proxy.', 
NewConnectionError(': Failed to 
establish a new connec
tion: [Errno 111] Connection refused'))': /simple/blessed/
WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, 
status=None)) after
connection broken by 'ProxyError('Cannot connect to proxy.', 
NewConnectionError(': Failed to 
establish a new connec
tion: [Errno 111] Connection refused'))': /simple/blessed/
ERROR: Could not find a version that satisfies the requirement blessed (from 
versions: none)
ERROR: No matching distribution found for blessed
py311: exit 1 (8.42 seconds) /<>> python -I -m pip install blessed 
prefixed pid=6
025
ESC[39m  py311: FAIL code 1 (8.58 seconds)
  evaluation failed :( (8.75 seconds)
E: pybuild pybuild:388: test: plugin distutils failed with: exit code=1: cd 
/<>/.pybuild/cpython3_3.11/build; tox -c /<>/tox.ini 
--sitepackages -e py311

Full log attached.

Stefano
sbuild (Debian sbuild) 0.85.0 (04 January 2023) on haydn.kardiogramm.net

+==+
| enlighten (amd64)Sat, 06 May 2023 18:45:54 + |
+==+

Package: enlighten
Distribution: unstable
Machine Architecture: amd64
Host Architecture: amd64
Build Architecture: amd64
Build Type: binary

I: NOTICE: Log filtering will replace 'autopkgtest-virt-dummy-location' with 
'<>'
I: NOTICE: Log filtering will replace 'build/enlighten-VLdVqD/resolver-Hwv2VC' 
with '<>'

+--+
| Update chroot|
+--+

Get:1 http://deb.debian.org/debian unstable InRelease [188 kB]
Get:2 http://deb.debian.org/debian experimental InRelease [101 kB]
Get:3 http://deb.debian.org/debian unstable/main Sources.diff/Index [63.6 kB]
Get:4 http://deb.debian.org/debian unstable/main amd64 Packages.diff/Index 
[63.6 kB]
Get:5 http://deb.debian.org/debian unstable/contrib amd64 Packages.diff/Index 
[63.3 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:8 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:8 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:9 http://deb.debian.org/debian experimental/main amd64 Packages [870 kB]
Fetched 1461 kB in 2s (784 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
The following packages were automatically installed and are no longer required:
  dbus-user-session isc-dhcp-common krb5-locales libatm1 libgpm2
  libnss-systemd libpam-cap libpam-systemd libx11-6 libx11-data libxau6
  libxcb1 libxdmcp6 libxext6 libxmuu1 psmisc xauth
Use 'apt autoremove' to remove them.
The following packages will be upgraded:
  isc-dhcp-client isc-dhcp-common
2 upgraded, 0 newly installed, 0 to remove and 0 n

Bug#1035639: git-imerge: FTBFS with tox 4

[Stefano Rivera]

Source: git-imerge
Version: 1.2.0-3
Severity: normal

tox 4 is now available in experimental, but it causes git-imerge to
FTBFS. See bug 1035635 for a discussion of the general issues around tox
4.

Log snippet:

   dh_auto_test -O--buildsystem=pybuild
I: pybuild base:240: cd /<>/.pybuild/cpython3_3.11/build; tox -c 
/<>
/tox.ini --sitepackages -e py311
.pkg: install_requires .pybuild/cpython3_3.11/build> python -I -m pip install 
'setuptools>=40.
8.0' wheel
.pkg: _optional_hooks .pybuild/cpython3_3.11/build> python 
/usr/lib/python3/dist-packages/pypr
oject_api/_backend.py True setuptools.build_meta __legacy__
.pkg: get_requires_for_build_sdist .pybuild/cpython3_3.11/build> python 
/usr/lib/python3/dist-
packages/pyproject_api/_backend.py True setuptools.build_meta __legacy__
.pkg: prepare_metadata_for_build_wheel .pybuild/cpython3_3.11/build> python 
/usr/lib/python3/d
ist-packages/pyproject_api/_backend.py True setuptools.build_meta __legacy__
.pkg: build_sdist .pybuild/cpython3_3.11/build> python 
/usr/lib/python3/dist-packages/pyprojec
t_api/_backend.py True setuptools.build_meta __legacy__
py311: install_package .pybuild/cpython3_3.11/build> python -I -m pip install 
--force-reinstal
l --no-deps /<>/.tox/.tmp/package/1/git-imerge-1.2.0.tar.gz
py311: commands[0] .pybuild/cpython3_3.11/build> /bin/sh t/test-unconflicted
py311: failed with /bin/sh (resolves to /bin/sh) is not allowed, use 
allowlist_externals to al
low it
.pkg: _exit .pybuild/cpython3_3.11/build> python 
/usr/lib/python3/dist-packages/pyproject_api/
_backend.py True setuptools.build_meta __legacy__
  py311: FAIL code 1 (3.44 seconds)
  evaluation failed :( (3.49 seconds)
E: pybuild pybuild:388: test: plugin distutils failed with: exit code=1: cd 
/<>/.pybuild/cpython3_3.11/build; tox -c /<>/tox.ini 
--sitepackages -e py311
dh_auto_test: error: pybuild --test -i python{version} -p 3.11 returned exit 
code 13

Full log attached.

Stefano
sbuild (Debian sbuild) 0.85.0 (04 January 2023) on haydn.kardiogramm.net

+==+
| git-imerge (amd64)   Sat, 06 May 2023 18:51:41 + |
+==+

Package: git-imerge
Distribution: unstable
Machine Architecture: amd64
Host Architecture: amd64
Build Architecture: amd64
Build Type: binary

I: NOTICE: Log filtering will replace 'autopkgtest-virt-dummy-location' with 
'<>'
I: NOTICE: Log filtering will replace 'build/git-imerge-fTmA7y/resolver-jnQhPV' 
with '<>'

+--+
| Update chroot|
+--+

Get:1 http://deb.debian.org/debian unstable InRelease [188 kB]
Get:2 http://deb.debian.org/debian experimental InRelease [101 kB]
Get:3 http://deb.debian.org/debian unstable/main Sources.diff/Index [63.6 kB]
Get:4 http://deb.debian.org/debian unstable/main amd64 Packages.diff/Index 
[63.6 kB]
Get:5 http://deb.debian.org/debian unstable/contrib amd64 Packages.diff/Index 
[63.3 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:8 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:8 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:9 http://deb.debian.org/debian experimental/main amd64 Packages [870 kB]
Fetched 1461 kB in 2s (782 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
The following packages were automatically installed and are no longer required:
  dbus-user-session isc-dhcp-common krb5-locales libatm1 libgpm2
  libnss-systemd libpam-cap libpam-systemd libx11-6 libx11-data libxau6
  libxcb1 libxdmcp6 libxext6 libxmuu1 psmisc xauth
Use 'apt autoremove' to remove them.
The following packages will be upgraded:
  isc-dhcp-client isc-dhcp-common
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 1213 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://deb.debian.org/debian unstable/main amd64 isc-dhcp-client amd64 
4.4.3-P1-2 [1096 kB]
Get:2 http://deb.debian.org/debian unstable/main amd64 isc-dhcp-common amd64 
4.4.3-P1-2 [117 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 1213 kB in 0

Bug#1035640: python-magic: FTBFS with tox 4

[Stefano Rivera]

Source: python-magic
Version: 2:0.4.26-3
Severity: normal

tox 4 is now available in experimental, but it causes git-magic to
FTBFS. See bug 1035635 for a discussion of the general issues around tox
4.

This appears to be caused by the whitelist_externals ->
allowlist_externals rename:
https://tox.wiki/en/latest/changelog.html#deprecations-and-removals-4-0-0rc4

Log snippet:

   dh_auto_test -O--buildsystem=pybuild -O--test-tox
I: pybuild base:240: cd /<>/.pybuild/cpython3_3.11/build; tox -c 
/<>
/tox.ini --sitepackages -e py311
py311: install_deps .pybuild/cpython3_3.11/build> python -I -m pip install 
coverage pytest '.[
test]'
.pkg: install_requires .pybuild/cpython3_3.11/build> python -I -m pip install 
'setuptools>=40.
8.0' wheel
.pkg: _optional_hooks .pybuild/cpython3_3.11/build> python 
/usr/lib/python3/dist-packages/pypr
oject_api/_backend.py True setuptools.build_meta __legacy__
.pkg: get_requires_for_build_sdist .pybuild/cpython3_3.11/build> python 
/usr/lib/python3/dist-
packages/pyproject_api/_backend.py True setuptools.build_meta __legacy__
.pkg: prepare_metadata_for_build_wheel .pybuild/cpython3_3.11/build> python 
/usr/lib/python3/d
ist-packages/pyproject_api/_backend.py True setuptools.build_meta __legacy__
.pkg: build_sdist .pybuild/cpython3_3.11/build> python 
/usr/lib/python3/dist-packages/pyprojec
t_api/_backend.py True setuptools.build_meta __legacy__
py311: install_package .pybuild/cpython3_3.11/build> python -I -m pip install 
--force-reinstal
l --no-deps /<>/.tox/.tmp/package/1/python-magic-0.4.26.tar.gz
py311: commands[0] .pybuild/cpython3_3.11/build> python3-coverage run -m pytest
py311: failed with python3-coverage is not allowed, use allowlist_externals to 
allow it
.pkg: _exit .pybuild/cpython3_3.11/build> python 
/usr/lib/python3/dist-packages/pyproject_api/
_backend.py True setuptools.build_meta __legacy__
  py311: FAIL code 1 (4.34 seconds)
  evaluation failed :( (4.42 seconds)
E: pybuild pybuild:388: test: plugin distutils failed with: exit code=1: cd 
/<>/.pybuild/cpython3_3.11/build; tox -c /<>/tox.ini 
--sitepackages -e py311
dh_auto_test: error: pybuild --test --test-tox -i python{version} -p 3.11 
returned exit code 13

Full log attached.

Stefano
sbuild (Debian sbuild) 0.85.0 (04 January 2023) on haydn.kardiogramm.net

+==+
| python-magic (amd64) Sat, 06 May 2023 19:14:24 + |
+==+

Package: python-magic
Distribution: unstable
Machine Architecture: amd64
Host Architecture: amd64
Build Architecture: amd64
Build Type: binary

I: NOTICE: Log filtering will replace 'autopkgtest-virt-dummy-location' with 
'<>'
I: NOTICE: Log filtering will replace 
'build/python-magic-fDhHNg/resolver-2kn04n' with '<>'

+--+
| Update chroot|
+--+

Get:1 http://deb.debian.org/debian unstable InRelease [188 kB]
Get:2 http://deb.debian.org/debian experimental InRelease [101 kB]
Get:3 http://deb.debian.org/debian unstable/main Sources.diff/Index [63.6 kB]
Get:4 http://deb.debian.org/debian unstable/main amd64 Packages.diff/Index 
[63.6 kB]
Get:5 http://deb.debian.org/debian unstable/contrib amd64 Packages.diff/Index 
[63.3 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:8 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:8 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:9 http://deb.debian.org/debian experimental/main amd64 Packages [870 kB]
Fetched 1461 kB in 2s (656 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
The following packages were automatically installed and are no longer required:
  dbus-user-session isc-dhcp-common krb5-locales libatm1 libgpm2
  libnss-systemd libpam-cap libpam-systemd libx11-6 libx11-data libxau6
  libxcb1 libxdmcp6 libxext6 libxmuu1 psmisc xauth
Use 'apt autoremove' to remove them.
The following packages will be upgraded:
  isc-dhcp-client isc-dhcp-common
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 1213 kB of archives.
After this operation, 0 B of additional disk space will be used.
Ge

Bug#1035642: unblock: qt6-quick3dphysics/6.4.2-2

[Patrick Franz]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: delta...@debian.org

Please unblock package qt6-quick3dphysics

[ Reason ]
The package qt6-quick3dphysics-dev ships 2 broken symlinks
to 2 shared libraries (libqt6quick3dphysics6 and
libqt6quick3dphysicshelpers6).
The fix adds the 2 shared libraries as dependencies and thus
ensures that the symlinks always point to existing libraries.

[ Impact ]
When using qt6-quick3dphysics-dev as a build dependency, the
build could fail as the needed shared libaries are potentially
not installed.

[ Tests ]
The shared libraries have been added as dependencies as per
https://packages.debian.org/unstable/qt6-quick3dphysics-dev

[ Risks ]
Risk is very low.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]

unblock qt6-quick3dphysics/6.4.2-2
diffstat for qt6-quick3dphysics-6.4.2 qt6-quick3dphysics-6.4.2

 changelog |8 
 control   |   14 --
 2 files changed, 16 insertions(+), 6 deletions(-)

diff -Nru qt6-quick3dphysics-6.4.2/debian/changelog 
qt6-quick3dphysics-6.4.2/debian/changelog
--- qt6-quick3dphysics-6.4.2/debian/changelog   2023-01-28 18:19:25.0 
+0100
+++ qt6-quick3dphysics-6.4.2/debian/changelog   2023-05-06 14:24:43.0 
+0200
@@ -1,3 +1,11 @@
+qt6-quick3dphysics (6.4.2-2) unstable; urgency=medium
+
+  [ Patrick Franz ]
+  * Add libqt6quick3dphysics6 and libqt6quick3dphysicshelpers6 as
+dependencies to qt6-quick3dphysics-dev (Closes: #1035459).
+
+ -- Patrick Franz   Sat, 06 May 2023 14:24:43 +0200
+
 qt6-quick3dphysics (6.4.2-1) unstable; urgency=medium
 
   [ Patrick Franz ]
diff -Nru qt6-quick3dphysics-6.4.2/debian/control 
qt6-quick3dphysics-6.4.2/debian/control
--- qt6-quick3dphysics-6.4.2/debian/control 2022-12-30 16:46:01.0 
+0100
+++ qt6-quick3dphysics-6.4.2/debian/control 2023-05-06 14:17:36.0 
+0200
@@ -2,7 +2,7 @@
 Section: libs
 Priority: optional
 Maintainer: Debian Qt/KDE Maintainers 
-Uploaders: Patrick Franz 
+Uploaders: Patrick Franz ,
 Build-Depends: cmake (>= 3.24~),
debhelper-compat (= 13),
ninja-build,
@@ -30,7 +30,7 @@
 Package: libqt6quick3dphysics6
 Architecture: amd64 arm64 armel armhf mips64el
 Multi-Arch: same
-Depends: ${misc:Depends}, ${shlibs:Depends}
+Depends: ${misc:Depends}, ${shlibs:Depends},
 Description: Qt 6 Quick 3D Physics library
  Qt is a cross-platform C++ application framework. Qt's primary feature
  is its rich set of widgets that provide standard GUI functionality.
@@ -40,7 +40,7 @@
 Package: libqt6quick3dphysicshelpers6
 Architecture: amd64 arm64 armel armhf mips64el
 Multi-Arch: same
-Depends: ${misc:Depends}, ${shlibs:Depends}
+Depends: ${misc:Depends}, ${shlibs:Depends},
 Description: Qt 6 Quick 3D Physics Helpers library
  Qt is a cross-platform C++ application framework. Qt's primary feature
  is its rich set of widgets that provide standard GUI functionality.
@@ -50,7 +50,7 @@
 Package: qml6-module-qtquick3d-physics
 Architecture: amd64 arm64 armel armhf mips64el
 Multi-Arch: same
-Depends: ${misc:Depends}, ${shlibs:Depends}
+Depends: ${misc:Depends}, ${shlibs:Depends},
 Description: Qt 6 Quick 3D Physics QML module
  Qt is a cross-platform C++ application framework. Qt's primary feature
  is its rich set of widgets that provide standard GUI functionality.
@@ -61,7 +61,9 @@
 Section: libdevel
 Architecture: amd64 arm64 armel armhf mips64el
 Multi-Arch: same
-Depends: ${misc:Depends}
+Depends: libqt6quick3dphysics6 (= ${binary:Version}),
+ libqt6quick3dphysicshelpers6 (= ${binary:Version}),
+ ${misc:Depends},
 Description: Qt 6 Quick 3D Physics - development files
  Qt is a cross-platform C++ application framework. Qt's primary feature
  is its rich set of widgets that provide standard GUI functionality.
@@ -73,7 +75,7 @@
 Architecture: amd64 arm64 armel armhf mips64el
 Multi-Arch: foreign
 Section: devel
-Depends: ${misc:Depends}, ${shlibs:Depends}
+Depends: ${misc:Depends}, ${shlibs:Depends},
 Description: Qt 6 Quick 3D Physics development programs
  Qt is a cross-platform C++ application framework. Qt's primary feature
  is its rich set of widgets that provide standard GUI functionality.

Bug#1035641: python-nox: FTBFS with nox 4

[Stefano Rivera]

Source: python-nox
Version: 2022.11.21-1
Severity: normal
Control: block 1035635 with -1
Forwarded: https://github.com/wntrblm/nox/issues/673

tox 4 is now available in experimental, but it causes python-nox to
FTBFS. See bug 1035635 for a discussion of the general issues around tox
4.

Looks like upstream is making progress in 
https://github.com/wntrblm/nox/pull/687

Log snippet:
/<>/.pybuild/cpython3_3.11/build/nox/tox_to_nox.py:52: 
AttributeError
=== short test summary info 
SKIPPED [1] tests/test_command.py:62: Needs git
SKIPPED [1] tests/test_command.py:361: Only run this test on Windows.
SKIPPED [1] tests/test_command.py:383: Only run this test on Windows.
SKIPPED [1] tests/test_virtualenv.py:133: Missing conda command.
SKIPPED [1] tests/test_virtualenv.py:162: Missing conda command.
SKIPPED [1] tests/test_virtualenv.py:174: Missing conda command.
SKIPPED [1] tests/test_virtualenv.py:188: Missing conda command.
SKIPPED [1] tests/test_virtualenv.py:218: Missing conda command.
SKIPPED [1] tests/test_virtualenv.py:224: Missing conda command.
SKIPPED [1] tests/test_virtualenv.py:482: Requires Python 2.7 installation.
XPASS tests/test_logger.py::test_no_color_timestamp[color]
FAILED tests/test_tox_to_nox.py::test_trivial - AttributeError: module 'tox.c...
FAILED tests/test_tox_to_nox.py::test_skipinstall - AttributeError: module 't...
FAILED tests/test_tox_to_nox.py::test_usedevelop - AttributeError: module 'to...
FAILED tests/test_tox_to_nox.py::test_commands - AttributeError: module 'tox
FAILED tests/test_tox_to_nox.py::test_deps - AttributeError: module 'tox.conf...
FAILED tests/test_tox_to_nox.py::test_env - AttributeError: module 'tox.confi...
FAILED tests/test_tox_to_nox.py::test_chdir - AttributeError: module 'tox.con...
FAILED tests/test_tox_to_nox.py::test_dash_in_envname - AttributeError: modul...
FAILED tests/test_tox_to_nox.py::test_non_identifier_in_envname - AttributeEr...
FAILED tests/test_tox_to_nox.py::test_descriptions_into_docstrings - Attribut...
= 10 failed, 403 passed, 10 skipped, 3 deselected, 1 xpassed in 7.62s ==
E: pybuild pybuild:388: test: plugin pyproject failed with: exit code=1: cd 
/<>/.pybuild/cpython3_3.11/build; python3.11 -m pytest --ignore 
tests/test_action_helper.py -k "not 
test_create_reuse_stale_virtualenv_environment and not 
test_create_reuse_venv_environment and not test_create_venv_backend"
dh_auto_test: error: pybuild --test -i python{version} -p 3.11 returned exit 
code 13

Full log attached.

Stefano
sbuild (Debian sbuild) 0.85.0 (04 January 2023) on haydn.kardiogramm.net

+==+
| python-nox (amd64)   Sat, 06 May 2023 19:18:14 + |
+==+

Package: python-nox
Distribution: unstable
Machine Architecture: amd64
Host Architecture: amd64
Build Architecture: amd64
Build Type: binary

I: NOTICE: Log filtering will replace 'autopkgtest-virt-dummy-location' with 
'<>'
I: NOTICE: Log filtering will replace 'build/python-nox-vo5Fv9/resolver-eSyb3k' 
with '<>'

+--+
| Update chroot|
+--+

Get:1 http://deb.debian.org/debian unstable InRelease [188 kB]
Get:2 http://deb.debian.org/debian experimental InRelease [101 kB]
Get:3 http://deb.debian.org/debian unstable/main Sources.diff/Index [63.6 kB]
Get:4 http://deb.debian.org/debian unstable/contrib amd64 Packages.diff/Index 
[63.3 kB]
Get:5 http://deb.debian.org/debian unstable/main amd64 Packages.diff/Index 
[63.6 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:8 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:8 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:9 http://deb.debian.org/debian experimental/main amd64 Packages [870 kB]
Fetched 1461 kB in 2s (784 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
The following packages were automatically installed and are no longer required:
  dbus-user-session isc-dhcp-common krb5-locales libatm1 libgpm2
  libnss-systemd libpam-cap libpam-systemd libx11-6 libx11-data li

Bug#1035643: python-prettylog: FTBFS with nox 4

[Stefano Rivera]

Source: python-prettylog
Version: 0.1.0-3
Severity: normal
Control: block 1035635 with -1

tox 4 is now available in experimental, but it causes python-prettylog to
FTBFS. See bug 1035635 for a discussion of the general issues around tox
4.

Log snippet:
WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, 
status=None)) after
connection broken by 'ProxyError('Cannot connect to proxy.', 
NewConnectionError(': Failed to 
establish a new connec
tion: [Errno 111] Connection refused'))': /simple/coverage/
ERROR: Could not find a version that satisfies the requirement coverage!=4.3 
(from versions: n
one)
ERROR: No matching distribution found for coverage!=4.3
Requirement already satisfied: colorlog in /usr/lib/python3/dist-packages 
(6.7.0)
py311: exit 1 (8.36 seconds) /<>> python -m pip install --no-deps 
colorlog 'coverage!=4.3' pylama pytest pytest-cov timeout-decorator 'tox>=2.4' 
'ujson<1.40' pid=5359
.pkg: _exit .pybuild/cpython3_3.11_prettylog/build> python 
/usr/lib/python3/dist-packages/pyproject_api/_backend.py True 
setuptools.build_meta __legacy__
ESC[39m  py311: FAIL code 1 (10.03 seconds)
  evaluation failed :( (10.09 seconds)
E: pybuild pybuild:388: test: plugin distutils failed with: exit code=1: cd 
/<>/.pybuild/cpython3_3.11_prettylog/build; tox -c 
/<>/tox.ini --sitepackages -e py311

Full log attached.

Stefano
sbuild (Debian sbuild) 0.85.0 (04 January 2023) on haydn.kardiogramm.net

+==+
| python-prettylog (amd64) Sat, 06 May 2023 19:19:32 + |
+==+

Package: python-prettylog
Distribution: unstable
Machine Architecture: amd64
Host Architecture: amd64
Build Architecture: amd64
Build Type: binary

I: NOTICE: Log filtering will replace 'autopkgtest-virt-dummy-location' with 
'<>'
I: NOTICE: Log filtering will replace 
'build/python-prettylog-RpBqhy/resolver-TEuGX3' with '<>'

+--+
| Update chroot|
+--+

Get:1 http://deb.debian.org/debian unstable InRelease [188 kB]
Get:2 http://deb.debian.org/debian experimental InRelease [101 kB]
Get:3 http://deb.debian.org/debian unstable/main Sources.diff/Index [63.6 kB]
Get:4 http://deb.debian.org/debian unstable/contrib amd64 Packages.diff/Index 
[63.3 kB]
Get:5 http://deb.debian.org/debian unstable/main amd64 Packages.diff/Index 
[63.6 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:8 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:8 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:9 http://deb.debian.org/debian experimental/main amd64 Packages [870 kB]
Fetched 1461 kB in 2s (647 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
The following packages were automatically installed and are no longer required:
  dbus-user-session isc-dhcp-common krb5-locales libatm1 libgpm2
  libnss-systemd libpam-cap libpam-systemd libx11-6 libx11-data libxau6
  libxcb1 libxdmcp6 libxext6 libxmuu1 psmisc xauth
Use 'apt autoremove' to remove them.
The following packages will be upgraded:
  isc-dhcp-client isc-dhcp-common
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 1213 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://deb.debian.org/debian unstable/main amd64 isc-dhcp-client amd64 
4.4.3-P1-2 [1096 kB]
Get:2 http://deb.debian.org/debian unstable/main amd64 isc-dhcp-common amd64 
4.4.3-P1-2 [117 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 1213 kB in 0s (88.3 MB/s)
(Reading database ... 
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%

Bug#1035644: python-pyvmomi: FTBFS with tox 4

[Stefano Rivera]

Source: python-pyvmomi
Version: 6.7.1-4
Severity: normal
Control: block 1035635 with -1

tox 4 is now available in experimental, but it causes diskcache to
FTBFS. See bug 1035635 for a discussion of the general issues around tox
4.

Log snippet:

WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, 
status=None)) after
connection broken by 'ProxyError('Cannot connect to proxy.', 
NewConnectionError(': Failed to 
establish a new connec
tion: [Errno 111] Connection refused'))': /simple/tox/
ERROR: Could not find a version that satisfies the requirement cachetools>=5.3 
(from tox) (fro
m versions: none)
ERROR: No matching distribution found for cachetools>=5.3
Requirement already satisfied: tox in /usr/lib/python3/dist-packages (from -r 
test-requirement
s.txt (line 1)) (4.4.6)
Requirement already satisfied: testtools>=0.9.34 in 
/usr/lib/python3/dist-packages (from -r te
st-requirements.txt (line 2)) (2.5.0)
Requirement already satisfied: vcrpy in /usr/lib/python3/dist-packages (from -r 
test-requireme
nts.txt (line 3)) (4.2.1)
py311: exit 1 (15.88 seconds) /<>> python -I -m pip install -r 
test-requirements.
txt pid=5504
  py311: FAIL code 1 (16.12 seconds)
  evaluation failed :( (16.18 seconds)
ESC[39mE: pybuild pybuild:388: test: plugin distutils failed with: exit code=1: 
cd /<>/.pybuild/cpython3_3.11/build; tox -c 
/<>/tox.ini --sitepackages -e py311
dh_auto_test: error: pybuild --test --test-tox -i python{version} -p 3.11 
returned exit code 13

Full log attached.

Stefano
sbuild (Debian sbuild) 0.85.0 (04 January 2023) on haydn.kardiogramm.net

+==+
| python-pyvmomi (amd64)   Sat, 06 May 2023 19:20:56 + |
+==+

Package: python-pyvmomi
Distribution: unstable
Machine Architecture: amd64
Host Architecture: amd64
Build Architecture: amd64
Build Type: binary

I: NOTICE: Log filtering will replace 'autopkgtest-virt-dummy-location' with 
'<>'
I: NOTICE: Log filtering will replace 
'build/python-pyvmomi-u5lpnM/resolver-JwqlcH' with '<>'

+--+
| Update chroot|
+--+

Get:1 http://deb.debian.org/debian unstable InRelease [188 kB]
Get:2 http://deb.debian.org/debian experimental InRelease [101 kB]
Get:3 http://deb.debian.org/debian unstable/main Sources.diff/Index [63.6 kB]
Get:4 http://deb.debian.org/debian unstable/main amd64 Packages.diff/Index 
[63.6 kB]
Get:5 http://deb.debian.org/debian unstable/contrib amd64 Packages.diff/Index 
[63.3 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:8 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:8 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:9 http://deb.debian.org/debian experimental/main amd64 Packages [870 kB]
Fetched 1461 kB in 2s (637 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
The following packages were automatically installed and are no longer required:
  dbus-user-session isc-dhcp-common krb5-locales libatm1 libgpm2
  libnss-systemd libpam-cap libpam-systemd libx11-6 libx11-data libxau6
  libxcb1 libxdmcp6 libxext6 libxmuu1 psmisc xauth
Use 'apt autoremove' to remove them.
The following packages will be upgraded:
  isc-dhcp-client isc-dhcp-common
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 1213 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://deb.debian.org/debian unstable/main amd64 isc-dhcp-client amd64 
4.4.3-P1-2 [1096 kB]
Get:2 http://deb.debian.org/debian unstable/main amd64 isc-dhcp-common amd64 
4.4.3-P1-2 [117 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 1213 kB in 0s (62.9 MB/s)
(Reading database ... 
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading

Bug#1035645: reprotest: FTBFS with tox 4

[Stefano Rivera]

Source: reprotest
Version: 0.7.23
Severity: normal
Control: block 1035635 with -1

tox 4 is now available in experimental, but it causes reprotest to
FTBFS. See bug 1035635 for a discussion of the general issues around tox
4.

Log snippet:
dh_auto_test -- --test-tox
I: pybuild base:240: cd 
/<>/.pybuild/cpython3_3.11_reprotest/build; tox -c /<>/tox.ini --sitepackages -e py311
py311: failed with pass_env values cannot contain whitespace, use comma to have 
multiple value
s in a single line, invalid values found 'REPROTEST_TEST_* VIRTUALENV_DOWNLOAD 
*_proxy TERM'
  py311: FAIL code 1 (0.00 seconds)
  evaluation failed :( (0.06 seconds)
E: pybuild pybuild:388: test: plugin distutils failed with: exit code=1: cd 
/<>/.
pybuild/cpython3_3.11_reprotest/build; tox -c /<>/tox.ini 
--sitepackages -e py311
dh_auto_test: error: pybuild --test --test-tox -i python{version} -p 3.11 
--test-tox returned exit code 13

Full log attached.

Stefano
sbuild (Debian sbuild) 0.85.0 (04 January 2023) on haydn.kardiogramm.net

+==+
| reprotest (amd64)Sat, 06 May 2023 19:24:29 + |
+==+

Package: reprotest
Distribution: unstable
Machine Architecture: amd64
Host Architecture: amd64
Build Architecture: amd64
Build Type: binary

I: NOTICE: Log filtering will replace 'autopkgtest-virt-dummy-location' with 
'<>'
I: NOTICE: Log filtering will replace 'build/reprotest-mxoGJh/resolver-zu9at2' 
with '<>'

+--+
| Update chroot|
+--+

Get:1 http://deb.debian.org/debian unstable InRelease [188 kB]
Get:2 http://deb.debian.org/debian experimental InRelease [101 kB]
Get:3 http://deb.debian.org/debian unstable/main Sources.diff/Index [63.6 kB]
Get:4 http://deb.debian.org/debian unstable/main amd64 Packages.diff/Index 
[63.6 kB]
Get:5 http://deb.debian.org/debian unstable/contrib amd64 Packages.diff/Index 
[63.3 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:7 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [44.0 kB]
Get:8 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:7 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-1402.39-F-2023-04-30-2005.36.pdiff [67.4 kB]
Get:8 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:9 http://deb.debian.org/debian experimental/main amd64 Packages [870 kB]
Fetched 1461 kB in 2s (765 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
The following packages were automatically installed and are no longer required:
  dbus-user-session isc-dhcp-common krb5-locales libatm1 libgpm2
  libnss-systemd libpam-cap libpam-systemd libx11-6 libx11-data libxau6
  libxcb1 libxdmcp6 libxext6 libxmuu1 psmisc xauth
Use 'apt autoremove' to remove them.
The following packages will be upgraded:
  isc-dhcp-client isc-dhcp-common
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 1213 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://deb.debian.org/debian unstable/main amd64 isc-dhcp-client amd64 
4.4.3-P1-2 [1096 kB]
Get:2 http://deb.debian.org/debian unstable/main amd64 isc-dhcp-common amd64 
4.4.3-P1-2 [117 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 1213 kB in 0s (63.0 MB/s)
(Reading database ... 
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 12897 files and directories currently installed.)
Preparing to unpack .../isc-dhcp-client_4.4.3-P1-2_amd64.deb ...
Unpacking isc-dhcp-client (4.4.3-P1-2) over (4.4.3-P1-1.1) ...
Preparing to unpack .../isc-dhcp-common_4.4.3-P1-2_amd64.deb ...
Unpacking isc-dhcp-common (4.4.3-P1-2) over (4.4.3-P1-1.1) ...
Setting up isc-dhcp-client (4.4.3-P1-2) ...
Setting up isc-dhcp-common (4.4.3-P1-2) ...

+

Bug#1035647: tox-delay: FTBFS with tox 4

[Stefano Rivera]

Source: tox-delay
Version: 0.1.2-1
Severity: normal
Control: block 1035635 with -1

tox 4 is now available in experimental, but it causes tox-delay to
FTBFS. See bug 1035635 for a discussion of the general issues around tox
4.

Log snippet:

Making sure Tox itself works

Running tox for fou$rth.,second,first,third without output capturing

main()
  File "/<>/tests/functional.py", line 338, in main
test_real_tox(cfg, tempd)
  File "/<>/tests/functional.py", line 275, in test_real_tox
check_tox_output(cfg, tempd, "tox", TOX_ENVLIST)
  File "/<>/tests/functional.py", line 255, in check_tox_output
subprocess.run(
  File "/usr/lib/python3.11/subprocess.py", line 571, in run
raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['/usr/bin/python3', '-m', 'tox', '-e', 
'fou$rth.,second,first,third']' returned non-zero exit status 1.
make[1]: *** [debian/rules:7: override_dh_auto_test] Error 1

Full log attached.

Stefano
sbuild (Debian sbuild) 0.85.0 (04 January 2023) on haydn.kardiogramm.net

+==+
| tox-delay (amd64)Sat, 06 May 2023 22:20:27 + |
+==+

Package: tox-delay
Distribution: unstable
Machine Architecture: amd64
Host Architecture: amd64
Build Architecture: amd64
Build Type: binary

I: NOTICE: Log filtering will replace 'autopkgtest-virt-dummy-location' with 
'<>'
I: NOTICE: Log filtering will replace 'build/tox-delay-SROI4t/resolver-RwVr9X' 
with '<>'

+--+
| Update chroot|
+--+

Get:1 http://deb.debian.org/debian unstable InRelease [188 kB]
Get:2 http://deb.debian.org/debian experimental InRelease [101 kB]
Get:3 http://deb.debian.org/debian unstable/main Sources.diff/Index [63.6 kB]
Get:4 http://deb.debian.org/debian unstable/contrib amd64 Packages.diff/Index 
[63.3 kB]
Get:5 http://deb.debian.org/debian unstable/main amd64 Packages.diff/Index 
[63.6 kB]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-2002.46-F-2023-04-30-2005.36.pdiff [50.8 kB]
Get:7 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:6 http://deb.debian.org/debian unstable/main Sources 
T-2023-05-06-2002.46-F-2023-04-30-2005.36.pdiff [50.8 kB]
Get:7 http://deb.debian.org/debian unstable/contrib amd64 Packages 
T-2023-05-05-0202.38-F-2023-04-30-2005.36.pdiff [581 B]
Get:8 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-2002.46-F-2023-04-30-2005.36.pdiff [75.0 kB]
Get:8 http://deb.debian.org/debian unstable/main amd64 Packages 
T-2023-05-06-2002.46-F-2023-04-30-2005.36.pdiff [75.0 kB]
Get:9 http://deb.debian.org/debian experimental/main amd64 Packages [869 kB]
Fetched 1475 kB in 3s (442 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
The following packages were automatically installed and are no longer required:
  dbus-user-session isc-dhcp-common krb5-locales libatm1 libgpm2
  libnss-systemd libpam-cap libpam-systemd libx11-6 libx11-data libxau6
  libxcb1 libxdmcp6 libxext6 libxmuu1 psmisc xauth
Use 'apt autoremove' to remove them.
The following packages will be upgraded:
  isc-dhcp-client isc-dhcp-common libncursesw6 libtinfo6 ncurses-base
  ncurses-bin
6 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 2361 kB of archives.
After this operation, 7168 B of additional disk space will be used.
Get:1 http://deb.debian.org/debian unstable/main amd64 ncurses-bin amd64 6.4-3 
[421 kB]
Get:2 http://deb.debian.org/debian unstable/main amd64 ncurses-base all 6.4-3 
[261 kB]
Get:3 http://deb.debian.org/debian unstable/main amd64 libncursesw6 amd64 6.4-3 
[134 kB]
Get:4 http://deb.debian.org/debian unstable/main amd64 libtinfo6 amd64 6.4-3 
[332 kB]
Get:5 http://deb.debian.org/debian unstable/main amd64 isc-dhcp-client amd64 
4.4.3-P1-2 [1096 kB]
Get:6 http://deb.debian.org/debian unstable/main amd64 isc-dhcp-common amd64 
4.4.3-P1-2 [117 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 2361 kB in 0s (164 MB/s)
(Reading database ... 
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 1

Bug#1035645: reprotest: FTBFS with tox 4

[Vagrant Cascadian]

Control: tags 1035645 patch

On 2023-05-06, Stefano Rivera wrote:
> Log snippet:
> dh_auto_test -- --test-tox
> I: pybuild base:240: cd 
> /<>/.pybuild/cpython3_3.11_reprotest/build; tox -c /< BUILDDIR>>/tox.ini --sitepackages -e py311
> py311: failed with pass_env values cannot contain whitespace, use comma to 
> have multiple value
> s in a single line, invalid values found 'REPROTEST_TEST_* 
> VIRTUALENV_DOWNLOAD *_proxy TERM'
>   py311: FAIL code 1 (0.00 seconds)
>   evaluation failed :( (0.06 seconds)
> E: pybuild pybuild:388: test: plugin distutils failed with: exit code=1: cd 
> /<>/.
> pybuild/cpython3_3.11_reprotest/build; tox -c /<>/tox.ini 
> --sitepackages -e py311
> dh_auto_test: error: pybuild --test --test-tox -i python{version} -p 3.11 
> --test-tox returned exit code 13

This patch is trivial and fixes building with tox 4, but unfortunately
breaks building with tox 3:

From 8ee881b36a3578e652cc1693fd047692b1fa3fa9 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian 
Date: Sat, 6 May 2023 16:48:39 -0700
Subject: [PATCH] tox.ini: Fix build with tox 4 by using comma-separated
 values. (Closes: #1035645)

---
 tox.ini | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tox.ini b/tox.ini
index 1c3488d..0e76251 100644
--- a/tox.ini
+++ b/tox.ini
@@ -10,7 +10,7 @@ commands =
   {envpython} -m coverage html
 
 [testenv]
-passenv = REPROTEST_TEST_* VIRTUALENV_DOWNLOAD *_proxy TERM
+passenv = REPROTEST_TEST_*,VIRTUALENV_DOWNLOAD,*_proxy,TERM
 # usedevelop = True
 deps =
   coverage
-- 
2.39.2


I am not terribly familiar with tox; is it plausible to create a patch
that works with both of them? Maybe a conditional in tox.ini?


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#1035648: unblock: lios/2.7.2-6

[Samuel Thibault]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: l...@packages.debian.org
Control: affects -1 + src:lios

Hello,

I have uploaded lios_2.7.2-6 for inclusion in bookworm.

[ Reason ]
As reported on Bug#1035379, upstream lios looks for available tesseract
languages by looking inside /usr/share/tesseract-ocr/tessdata, but on
Debian the data is stored in /usr/share/tesseract-ocr/5/tessdata.

The problem was already there in bullseye, in which we had a patch
to make it look in /usr/share/tesseract-ocr/4.00/tessdata, but when
tesseract was bumped to version 5, updating that patch was missed.

Of course, I had reported the issue upstream 5 years ago on
https://github.com/zendalona/lios/issues/6
but without answer so far.

[ Impact ]
Without this fix, the Optical Character Recognition (OCR) feature of
lios does not work, which makes it rather useless, since its purpose is
not only to scan, but particularly to run OCR.

[ Tests ]
This was tested by hand.

[ Risks ]
The code is very trivial.

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

unblock lios/2.7.2-6
diff -Nru lios-2.7.2/debian/changelog lios-2.7.2/debian/changelog
--- lios-2.7.2/debian/changelog 2023-04-03 23:22:12.0 +0200
+++ lios-2.7.2/debian/changelog 2023-05-07 02:13:46.0 +0200
@@ -1,3 +1,10 @@
+lios (2.7.2-6) unstable; urgency=medium
+
+  * patches/tesseract_langpath: Bump tesseract version to 5
+(Closes: Bug#1035379).
+
+ -- Samuel Thibault   Sun, 07 May 2023 02:13:46 +0200
+
 lios (2.7.2-5) unstable; urgency=medium
 
   * patches/preference-voice-list: Fix general preferences loading delay.
diff -Nru lios-2.7.2/debian/patches/tesseract_langpath 
lios-2.7.2/debian/patches/tesseract_langpath
--- lios-2.7.2/debian/patches/tesseract_langpath2023-04-03 
23:18:31.0 +0200
+++ lios-2.7.2/debian/patches/tesseract_langpath2023-05-07 
02:13:14.0 +0200
@@ -8,7 +8,7 @@
  
  TESSDATA_POSSIBLE_PATHS = [
"/usr/share/tesseract-ocr/tessdata",
-+  "/usr/share/tesseract-ocr/4.00/tessdata",
++  "/usr/share/tesseract-ocr/5/tessdata",
"/usr/share/tesseract/tessdata",
"/usr/share/tessdata",
"/usr/local/share/tesseract-ocr/tessdata",

Bug#1034428: unblock: vmdb2/0.27-1

[Gunnar Wolf]

Paul Gevers dijo [Sat, May 06, 2023 at 08:22:26AM +0200]:
> On 06-05-2023 08:01, Gunnar Wolf wrote:
> > What I plan to do (but please, others are welcome to do so 😇) is to
> > wait for a month, until bookworm is released, and upload to
> > stable-proposed-uploads a 0.26-2+1 or somesuch, including the
> > following, minimal diff thas has been accpted upstream:
> 
> Just for my understanding and avoidance of doubt, why wait for a point
> release? In my opinion it's much better to shape things out now than going
> for a point release. Is time just the issue? E.g. having 0.27+really.0.26-1
> is perfectly fine for the purpose.

Ugh, I quite hate that versioning scheme :-( But I'll do it.

Bug#1035649: procps fails to sanitize process names

[Guldrelokk]

Package: procps
Version: 3.3.17-5

Prior to version 4.0.0, procps did not escape process names it wrote to
standard output.  This affects both top and pgrep.

Needless to say, this is dangerous.  Under Linux, the process name is
an arbitrary sequence of non-zero bytes, which can include control
characters.  Any user can mess with another user's terminal as soon as the
latter attempts to inspect running processes by setting a malicious name.
Even though the name is truncated, there is still enough room to cause 
trouble.


To illustrate a few possibilities of abuse:

$ # Hide a misbehaving process from view.
$ printf '\033[A' >/proc/$$/comm
$ # Spoof the PID displayed by pgrep -l.  This can be used to trick a user
$ # into killing the wrong process.
$ printf '\r123 sh' >/proc/$$/comm
$ # Same for top.
$ printf '\0337\033[5G123\0338sh' >/proc/$$/comm

This was fixed upstream in commit 91897e7d2c161e8819d1dd27b1c50c1fb93a4708.

Note that I am running a non-Debian kernel.

Bug#1034428: unblock: vmdb2/0.27+really+0.26-1

[Gunnar Wolf]

Hi,

Following Paul's advice, I have uploaded vmdb2
0.27+really+0.26-1. Debdiff reports no differences (?!)

$ debdiff ../build-area/vmdb2_0.26-2_source.changes 
../build-area/vmdb2_0.27+really.0.26-1_source.changes
File lists identical (after any substitutions)

Although I did check for the (following) patch to be present and
applied. The only difference between version 0.26-2 (currently in
testing) and the just uploaded version follows; once this version is
accepted in testing, I'll apply the rolled-back changes again:

diff --git a/debian/changelog b/debian/changelog
index f8661c6..cfa5dbe 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,33 @@
+vmdb2 (0.27+really.0.26-1) unstable; urgency=medium
+
+  * Rolling back the import of 0.27 due to the request of the Debian
+release managers; applying only the targetted patch
+  * Specify ^large_dir, ^metadata_csum_seed parameters to e2fsprogs to fix
+the creation of unbootable systems when older GRUB versions are used
+(Closes: #1031364)
+
+ -- Gunnar Wolf   Sat, 06 May 2023 19:06:53 -0600
+
+vmdb2 (0.27-1) unstable; urgency=medium
+
+  [ Gunnar Wolf ]
+  * New upstream release
+  * Specify ^large_dir, ^metadata_csum_seed parameters to e2fsprogs to fix
+the creation of unbootable systems when older GRUB versions are used
+(Closes: #1031364)
+
+  [ Debian Janitor ]
+  * Bump debhelper from old 12 to 13.
+  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse.
+  * Update standards version to 4.6.1, no changes needed.
+  * Set upstream metadata fields: Repository.
+
+  [ Gunnar Wolf ]
+  * Drop 001_set_architecture_for_later_stages patch (no longer needed,
+incorporated upstream)
+
+ -- Gunnar Wolf   Mon, 24 Oct 2022 14:48:46 -
+
 vmdb2 (0.26-2) unstable; urgency=medium
 
   * Fix debootstrap plugin: Set architecture for later stages (Closes:
diff --git a/debian/patches/omit_new_ext4_flags 
b/debian/patches/omit_new_ext4_flags
new file mode 100644
index 000..3046e68
--- /dev/null
+++ b/debian/patches/omit_new_ext4_flags
@@ -0,0 +1,27 @@
+Origin: 
https://gitlab.com/larswirzenius/vmdb2/-/merge_requests/106/diffs?commit_id=5b91eb58673d43e27523877816169b14e1ab6dfc
+Forwarded: not-needed
+From: Gunnar Wolf 
+Date: Sat May 6 19:21:30 GMT-6 2023
+Subject: When initializing an ext4 filesystem, omit flags incompatible with 
old GRUBs
+
+Index: vmdb2/vmdb/plugins/mkfs_plugin.py
+===
+--- vmdb2.orig/vmdb/plugins/mkfs_plugin.py
 vmdb2/vmdb/plugins/mkfs_plugin.py
+@@ -51,6 +51,16 @@ class MkfsStepRunner(vmdb.StepRunnerInte
+ cmd.append("-L")
+ cmd.append(label)
+ 
++# Ext4 filesystem features large_dir and metadta_csum_seed
++# are known to make versions of GRUB older than 2.06-8 unable
++# to boot. Keep this round at least until it is no longer
++# likely enough(?) users will try to build older target systems
++if fstype == "ext4":
++cmd.append("-O")
++cmd.append("^large_dir")
++cmd.append("-O")
++cmd.append("^metadata_csum_seed")
++
+ options = values["options"] or None
+ if options:
+ for opt in options.split(" "):
diff --git a/debian/patches/series b/debian/patches/series
index 40b31a7..4f56886 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 001_set_architecture_for_later_stages
+omit_new_ext4_flags


signature.asc
Description: PGP signature

Bug#1035461: texlive-binaries: Allow install of TeXlive without SSE2

[Norbert Preining]

Hi Hilmar,

On Sat, 06 May 2023, =?UTF-8?Q?Preu=C3=9...@buxtehude.debian.org wrote:
> fmtutil [ERROR]: not building luajithbtex due to missing engine: luajithbtex
> fmtutil [ERROR]: not building luajittex due to missing engine: luajittex
> fmtutil [INFO]: disabled formats: 2

Hmm, is fmtutil run with
--no-error-if-no-engine=luajithbtex,luajittex,mfluajit
? That *should* give exit status 0 even if the engines are not
available.
This is what we do in TL, and that works since long, since many of the
archs we support don't have the jit variants.

Best

Norbert

--
PREINING Norbert  https://www.preining.info
Mercari Inc. + IFMGA Guide + TU Wien + TeX Live
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Bug#1035461: texlive-binaries: Allow install of TeXlive without SSE2

[Norbert Preining]

On Sat, 06 May 2023, =?UTF-8?Q?Preu=C3=9...@buxtehude.debian.org wrote:
> fmtutil [ERROR]: not building luajithbtex due to missing engine: luajithbtex
> fmtutil [ERROR]: not building luajittex due to missing engine: luajittex

Ah, you probably did run it manually, right?

But the tex-common postinst contains that:

# fmtutil program and common arguments
# --sys we are running in fmtutil-sys mode
# --strict  error out if a format is not build
# --no-error-...luajittex is not available on all archs
FMTUTIL="fmtutil --sys --strict 
--no-error-if-no-engine=luajittex,mfluajit,luajithbtex"

That should do it.

Best

Norbert

--
PREINING Norbert  https://www.preining.info
Mercari Inc. + IFMGA Guide + TU Wien + TeX Live
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Bug#1035649: (no subject)

[Guldrelokk]

Note that this bug affects a very wide range of current systems:
https://repology.org/project/procps-ng/badges

IMO this is really bad and deserves a CVE or something else that will
prompt them to catch up, but you may disagree.

Bug#1034428: unblock: vmdb2/0.27+really.0.26-1

[Cyril Brulebois]

Control: reopen -1
Control: retitle -1 unblock: vmdb2/0.27+really.0.26-1

Hi,

Since it seems we're apparently reusing the unblock bug I closed earlier,
reopening and retitling accordingly. I'm also adjusting the Subject of this
mail, since the version number doesn't exactly match the version available
in the archive or listed in the source debdiff (0.27+really.0.26-1, and not
0.27+really+0.26-1).

Gunnar Wolf  (2023-05-06):
> Debdiff reports no differences (?!)
> 
> $ debdiff ../build-area/vmdb2_0.26-2_source.changes 
> ../build-area/vmdb2_0.27+really.0.26-1_source.changes
> File lists identical (after any substitutions)
> 
> Although I did check for the (following) patch to be present and
> applied. The only difference between version 0.26-2 (currently in
> testing) and the just uploaded version follows; once this version is
> accepted in testing, I'll apply the rolled-back changes again:

Sure, debdiff focuses on differences in the list of files/symlinks getting
shipped, and metadata differences (possibly maintainer scripts too, if given
--controlfiles=ALL); it doesn't actually diff files shipped in binary
packages.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1035649: (no subject)

[Guldrelokk]

By the way, I was wrong.  This was only fixed in 
649e45482fa11d6a4d94230eea07277181cd9ae0.

Bug#1035650: elpa-org version older than built-in Org in bookworm

[Maxim Nikulin]

Package: elpa-org
Version: 9.5.2+dfsh-4
Severity: serious

Installing elpa-org package to current Debian testing (bookworm) results 
in older Org version than Org shipped with Emacs. I consider it as a 
really bad surprise for people who will upgrade from bullseye when 
bookworm becomes stable.


elpa-org:
emacs -q --batch -l org -f org-version
Loading /etc/emacs/site-start.d/00debian.el (source)...
Loading /etc/emacs/site-start.d/50dictionaries-common.el (source)...
Loading debian-ispell (native compiled elisp)...
Loading /var/cache/dictionaries-common/emacsen-ispell-default.el (source)...
Loading /var/cache/dictionaries-common/emacsen-ispell-dicts.el (source)...
Org mode version 9.5.2 (9.5.2 @ /usr/share/emacs/site-lisp/elpa/org-9.5.2/)

Built-in Org is newer:
emacs -Q --batch -l org -f org-version
Org mode version 9.5.5 (release_9.5.5 @ /usr/share/emacs/28.2/lisp/org/)

It would be preferable to provide Org-9.6 version by the elpa-org Debian 
package, but it is too late for frozen testing.


I suggest to ship *empty* elpa-org package instead expecting that it 
should provide better experience during upgrade from bullseye to 
bookworm and later if real elpa-org will be provided.


An alternative is changing emacs-el metadata to replace elpa-org < 
9.5.5. and to provide elpa-org. However it is undesirable from the 
standpoint of further upgrades to up to date elpa-org.


I beg you pardon if I overestimated severity of the issue.

Please, provide a stub as elpa-org instead of outdated Org mode version.

Bug#1035651: ITP: node-jupyterlab-nbformat -- Node.js modules for JupyterLab

[Yadd]

Package: wnpp
Severity: wishlist
Owner: Yadd 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: node-jupyterlab-nbformat
  Version : 4.0.0~rc1
  Upstream Contact: https://github.com/jupyterlab/jupyterlab/issues
* URL : https://github.com/jupyterlab/jupyterlab
* License : BSD-3-Clause
  Programming Lang: JavaScript, Python
  Description : Node.js modules for JupyterLab

JupyterLab is the next-generation user interface for Project Jupyter
offering all the familiar building blocks of the classic Jupyter Notebook
(notebook, terminal, text editor, file browser, rich outputs, etc.) in a
flexible and powerful user interface.

This packages will provides Node.js modules for JupyterLab.

Bug#1035639: git-imerge: FTBFS with tox 4

[Paul Wise]

Control: forwarded -1 https://github.com/mhagger/git-imerge/pull/204
Control: tags -1 + patch confirmed

On Sat, 2023-05-06 at 19:07 -0400, Stefano Rivera wrote:

> tox 4 is now available in experimental, but it causes git-imerge to
> FTBFS. See bug 1035635 for a discussion of the general issues around
> tox 4.

I have confirmed this issue and that the fix is to use the config
option allowlist_externals to allow tox to use /bin/sh.

I have sent upstream the patch at the URL above.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part