Bug#988562: broadcom-sta: diff for NMU version 6.30.223.271-16.1
Hi Roger, On Mon, 17 May 2021 18:58:37 +0900 Roger Shimizu wrote: > However I find this package cannot be source upload, due to non-free. > I'll upload with binary again with version -17 later. > After that, I'll amend your unblock request. Just for future reference, you don't need to upload a new source, just the binaries build from that source would be fine. Small advantage: the migration timer isn't reset. Paul OpenPGP_signature Description: OpenPGP digital signature
Bug#989163: RDP broken under Wayland
Package: remmina-plugin-rdp Version: 1.4.11+dfsg-2 Severity: serious Hi, it appears, the current version of remmina / RDP support in remmina is completely broken under Wayland. I've created a screencast, which illustrates the issue. See https://people.debian.org/~biebl/2021-05-27_1035152873.mp4 Since remmina has newer versions in experimental, I've tested all of them via snapshots.debian.org. That's the result 1.4.11+dfsg-2 bad 1.4.12+dfsg-1 bad 1.4.13+dfsg-1 bad 1.4.16+dfsg-1 good 1.4.17+dfsg-1 good So the issue was fixed between 1.4.13 and 1.4.16. The settings for the RDP connection are pretty much default. I also tried to change the color depth but that didn't help. The connection is to a Windows 10 machine. Given that GNOME is the default desktop and it defaults Wayland, I think this issue should be fixed for bullseye, thus marking this RC. Regards, Michael -- System Information: Debian Release: 11.0 APT prefers unstable APT policy: (500, 'unstable'), (200, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-7-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages remmina-plugin-rdp depends on: ii libc6 2.31-12 ii libcairo2 1.16.0-5 ii libcups2 2.3.3op2-3 ii libfreerdp-client2-2 2.3.0+dfsg1-2 ii libfreerdp2-2 2.3.0+dfsg1-2 ii libgdk-pixbuf-2.0-0 2.42.2+dfsg-1 ii libglib2.0-0 2.66.8-1 ii libgtk-3-03.24.24-4 ii libwinpr2-2 2.3.0+dfsg1-2 ii libx11-6 2:1.7.1-1 ii remmina 1.4.11+dfsg-2 remmina-plugin-rdp recommends no packages. remmina-plugin-rdp suggests no packages. -- no debconf information
Processed: fixed 989163 in 1.4.16+dfsg-1
Processing commands for cont...@bugs.debian.org: > fixed 989163 1.4.16+dfsg-1 Bug #989163 [remmina-plugin-rdp] RDP broken under Wayland Marked as fixed in versions remmina/1.4.16+dfsg-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 989163: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989163 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#989166: Error: package or namespace load failed for ‘gtools’
Package: r-cran-gtools Version: 3.8.1-1 Severity: grave Justification: renders package unusable Hi, $ R -e 'library(gtools)' R version 3.5.2 (2018-12-20) -- "Eggshell Igloo" Copyright (C) 2018 The R Foundation for Statistical Computing Platform: x86_64-pc-linux-gnu (64-bit) R is free software and comes with ABSOLUTELY NO WARRANTY. You are welcome to redistribute it under certain conditions. Type 'license()' or 'licence()' for distribution details. Natural language support but running in an English locale R is a collaborative project with many contributors. Type 'contributors()' for more information and 'citation()' on how to cite R or R packages in publications. Type 'demo()' for some demos, 'help()' for on-line help, or 'help.start()' for an HTML browser interface to help. Type 'q()' to quit R. > library(gtools) Error: package or namespace load failed for ‘gtools’: package ‘gtools’ was installed by an R version with different internals; it needs to be reinstalled for use with this R version Execution halted Note: This is only happening on stable. The version in testing and unstable is fine. Kind regards Andreas. -- System Information: Debian Release: 10.9 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable'), (50, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-13-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_WARN Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages r-cran-gtools depends on: ii libc62.28-10 ii r-base-core [r-api-3.5] 3.5.2-1 r-cran-gtools recommends no packages. r-cran-gtools suggests no packages. -- no debconf information
Bug#988888: marked as pending in ceph
Control: tag -1 pending Hello, Bug #98 in ceph reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/ceph-team/ceph/-/commit/e9f55977b1e20cb2fb7d75ff4c3206db820bc0cc * New upstream release, resolving these: - CVE-2021-3509: Cross Site Scripting via token Cookie (Closes: #98). - CVE-2021-3524: injection of HTTP headers via a CORS ExposeHeader tag in the Ceph Storage RadosGW (Closes: #99). - CVE-2021-3531: RadosGW denial of service (crash) (Closes: #988890). (this message was generated automatically) -- Greetings https://bugs.debian.org/98
Processed: Bug#988888 marked as pending in ceph
Processing control commands: > tag -1 pending Bug #98 [src:ceph] ceph: CVE-2021-3509 Added tag(s) pending. -- 98: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=98 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#988889: marked as pending in ceph
Control: tag -1 pending Hello, Bug #99 in ceph reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/ceph-team/ceph/-/commit/e9f55977b1e20cb2fb7d75ff4c3206db820bc0cc * New upstream release, resolving these: - CVE-2021-3509: Cross Site Scripting via token Cookie (Closes: #98). - CVE-2021-3524: injection of HTTP headers via a CORS ExposeHeader tag in the Ceph Storage RadosGW (Closes: #99). - CVE-2021-3531: RadosGW denial of service (crash) (Closes: #988890). (this message was generated automatically) -- Greetings https://bugs.debian.org/99
Processed: Bug#988889 marked as pending in ceph
Processing control commands: > tag -1 pending Bug #99 [src:ceph] ceph: CVE-2021-3524 Added tag(s) pending. -- 99: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=99 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#988890: marked as pending in ceph
Control: tag -1 pending Hello, Bug #988890 in ceph reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/ceph-team/ceph/-/commit/e9f55977b1e20cb2fb7d75ff4c3206db820bc0cc * New upstream release, resolving these: - CVE-2021-3509: Cross Site Scripting via token Cookie (Closes: #98). - CVE-2021-3524: injection of HTTP headers via a CORS ExposeHeader tag in the Ceph Storage RadosGW (Closes: #99). - CVE-2021-3531: RadosGW denial of service (crash) (Closes: #988890). (this message was generated automatically) -- Greetings https://bugs.debian.org/988890
Processed: Bug#988890 marked as pending in ceph
Processing control commands: > tag -1 pending Bug #988890 [src:ceph] ceph: CVE-2021-3531 Added tag(s) pending. -- 988890: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988890 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#989054: marked as done (puma: CVE-2021-29509: Keepalive Connections Causing Denial Of Service in puma)
Your message dated Thu, 27 May 2021 11:18:35 + with message-id and subject line Bug#989054: fixed in puma 4.3.8-1 has caused the Debian Bug report #989054, regarding puma: CVE-2021-29509: Keepalive Connections Causing Denial Of Service in puma to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 989054: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989054 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: puma Version: 4.3.6-1 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for puma, it is caused due to an incomplete fix for CVE-2019-16770. CVE-2021-29509[0]: | Puma is a concurrent HTTP 1.1 server for Ruby/Rack applications. The | fix for CVE-2019-16770 was incomplete. The original fix only protected | existing connections that had already been accepted from having their | requests starved by greedy persistent-connections saturating all | threads in the same process. However, new connections may still be | starved by greedy persistent-connections saturating all threads in all | processes in the cluster. A `puma` server which received more | concurrent `keep-alive` connections than the server had threads in its | threadpool would service only a subset of connections, denying service | to the unserved connections. This problem has been fixed in `puma` | 4.3.8 and 5.3.1. Setting `queue_requests false` also fixes the issue. | This is not advised when using `puma` without a reverse proxy, such as | `nginx` or `apache`, because you will open yourself to slow client | attacks (e.g. slowloris). The fix is very small and a git patch is | available for those using unsupported versions of Puma. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-29509 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29509 [1] https://github.com/puma/puma/security/advisories/GHSA-q28m-8xjw-8vr5 [2] https://gist.github.com/nateberkopec/4b3ea5676c0d70cbb37c82d54be25837 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: puma Source-Version: 4.3.8-1 Done: Pirate Praveen We believe that the bug you reported is fixed in the latest version of puma, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 989...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Pirate Praveen (supplier of updated puma package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 26 May 2021 10:24:19 +0530 Source: puma Architecture: source Version: 4.3.8-1 Distribution: unstable Urgency: medium Maintainer: Debian Ruby Team Changed-By: Pirate Praveen Closes: 989054 Changes: puma (4.3.8-1) unstable; urgency=medium . * New upstream version 4.3.8 (Closes: #989054) (Fixes: CVE-2021-29509) Checksums-Sha1: a0c757f3451955928f5a98f9384ab3e91ea8e102 2036 puma_4.3.8-1.dsc c8c3f468bb6df47280426d6e3b5ffb62233f5cf2 243000 puma_4.3.8.orig.tar.gz 2b6dbc8d662a5cc3e4479f2514ef7b27633b59d0 9548 puma_4.3.8-1.debian.tar.xz e9404b225e89dc3c6d1a00046902329a0805d4c6 9477 puma_4.3.8-1_amd64.buildinfo Checksums-Sha256: d9d0428d6d04001b0af326ff29025f61fc7277e66bb7b66b98e2b9b64127b50e 2036 puma_4.3.8-1.dsc f05b7273afd9ae633ff94a208ef58f2c82657d0042d6e33a03683fdfead70c75 243000 puma_4.3.8.orig.tar.gz e389c74911af98f20112c2c2afa97124031bd4ee7feb2101c94585241484 9548 puma_4.3.8-1.debian.tar.xz 058e37ee8980056b3ae079bdd5b46396aecfc31e50e756a53ea23043ecf650c9 9477 puma_4.3.8-1_amd64.buildinfo Files: a4743657e7d56b7fe2c9c00ef3515197 2036 web optional puma_4.3.8-1.dsc d3a98ae10c73e14819525cbff4094ce2 243000 web optional puma_4.3.8.orig.tar.gz dbac34123a35e1bac01ed9c8baa3349c 9548 web optional puma_4.3.8-1.debian.tar.xz b9ce347c6c3bb9d06d1c71e0ef4cc1b7 9477 web optional puma_4.3.8-1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE0whj4mAg5UP0cZqDj1PgGTspS3UFAmC
Bug#988888: marked as done (ceph: CVE-2021-3509)
Your message dated Thu, 27 May 2021 11:33:37 + with message-id and subject line Bug#98: fixed in ceph 14.2.21-1 has caused the Debian Bug report #98, regarding ceph: CVE-2021-3509 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 98: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=98 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: ceph Version: 14.2.20-2 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for ceph. CVE-2021-3509[0]: | Cross Site Scripting via token Cookie If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-3509 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3509 [1] https://github.com/ceph/ceph/commit/adda853e64bdba1288d46bc7d462d23d8f2f10ca Regards, Salvatore --- End Message --- --- Begin Message --- Source: ceph Source-Version: 14.2.21-1 Done: Thomas Goirand We believe that the bug you reported is fixed in the latest version of ceph, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thomas Goirand (supplier of updated ceph package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 27 May 2021 12:04:21 +0200 Source: ceph Architecture: source Version: 14.2.21-1 Distribution: unstable Urgency: high Maintainer: Ceph Packaging Team Changed-By: Thomas Goirand Closes: 98 99 988890 Changes: ceph (14.2.21-1) unstable; urgency=high . * New upstream release, resolving these: - CVE-2021-3509: Cross Site Scripting via token Cookie (Closes: #98). - CVE-2021-3524: injection of HTTP headers via a CORS ExposeHeader tag in the Ceph Storage RadosGW (Closes: #99). - CVE-2021-3531: RadosGW denial of service (crash) (Closes: #988890). Checksums-Sha1: fec4210b9364ca0f6ed36b7dd0814334ded0c919 5896 ceph_14.2.21-1.dsc fa9070f10c96b7eee086509ac443b84392a55a65 129272778 ceph_14.2.21.orig.tar.gz 0112d8ae23a32d3ac8b16da2cd957912bda705d7 112220 ceph_14.2.21-1.debian.tar.xz ef02f592d5d86ffb4f6e67a736fa722a6d89f65a 34303 ceph_14.2.21-1_amd64.buildinfo Checksums-Sha256: c4b7c100dbc5ed59d77dcf814cb72c50acdab65e05ce6849becb184f966bb4c6 5896 ceph_14.2.21-1.dsc bcedc6a89dd660728b61299e8e12556e3782565c44a75e270016a9736bee0dc2 129272778 ceph_14.2.21.orig.tar.gz 417270dd57a6a4168c9d45e8e66d1d9889abd88dedf48ab53d6b01b80f512140 112220 ceph_14.2.21-1.debian.tar.xz d4251304b8eb33aed7a581c71de3c334eb1a5dc5dc9466e3d4a0541b71e8d9f4 34303 ceph_14.2.21-1_amd64.buildinfo Files: 937146d8d8601997e56685f2672210f5 5896 admin optional ceph_14.2.21-1.dsc 80c75b5421665fd1e412d29ce74313a2 129272778 admin optional ceph_14.2.21.orig.tar.gz 24f0be4481df558524a2ace8d29994a0 112220 admin optional ceph_14.2.21-1.debian.tar.xz 13047b94f0ac89cbeba8b0e087a55890 34303 admin optional ceph_14.2.21-1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmCvf1cACgkQ1BatFaxr Q/6XABAAoBy8R5V4Q8cBDEGlNs21UPvIgoAili3Z21Zx8KdAThB0aNx2vLDPNke8 JmmhLFNH0jVU42FlRSVfRj4dPCGu/rVQyv9DCs/+XMXBBfDbFAqaBvVp258UvnkL A/uKPG+oG71DVKdS+5nnWWDXpYFjhZjD3XhoRsh7UxSqdWGjx6rZ6zjtsA19IPL2 WTYraGZUBEUoc8fw//GkKjOGaIr6J0Lenm6hUG1fB7JcKFNtc1iiaYKCKVFGoOLZ uayJUAu0be5KI/7o4DIXrZctWcXxrGdRUBWV7Go/dv9gVZ7GjTFCywrwA289PS4Y /dY3u00c91Cyg42B2At8Z9LF8tvSORVWayYhfp1j/L3+NvVOgMRgAAwHj2PyaoZX CBCuDhK8EMTudRmI8IJ4/ZY1llZPadigwmFgTrxtWFPQK98+ir1nHFm7go5LP9aE n9Xb1syvGX78sMyQkIuZuI8PR7eLJhrpfXGORUvwf7AhvIXhOCAJh3C4MzOd5I9D Z9R9r+4cQIudtYHXFO/2EGpVMNj5Rzkh6Eu+lVaocQsoVqqCEvCTdAIHGqzkleuM m6pjWgo47H+37cgTP0VOr36MI7VAKtDnlrNJaSyAE5zSFMo8Lffu5diWrWo4bP5H DlPTJLmGvM3QBqp83AlRzzXGFAFpZw5tPeeDyQy38CBfDOaLNbs= =x9Rx -END PGP SIGNATURE End Message ---
Bug#988889: marked as done (ceph: CVE-2021-3524)
Your message dated Thu, 27 May 2021 11:33:37 + with message-id and subject line Bug#99: fixed in ceph 14.2.21-1 has caused the Debian Bug report #99, regarding ceph: CVE-2021-3524 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 99: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=99 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: ceph Version: 14.2.20-2 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for ceph. CVE-2021-3524[0]: | A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object | Gateway) in versions before 14.2.21. The vulnerability is related to | the injection of HTTP headers via a CORS ExposeHeader tag. The newline | character in the ExposeHeader tag in the CORS configuration file | generates a header injection in the response when the CORS request is | made. In addition, the prior bug fix for CVE-2020-10753 did not | account for the use of \r as a header separator, thus a new flaw has | been created. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-3524 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3524 [1] https://bugzilla.redhat.com/show_bug.cgi?id=1951674 [2] https://github.com/ceph/ceph/commit/763aebb94678018f89427137ffbc0c5205b1edc1 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: ceph Source-Version: 14.2.21-1 Done: Thomas Goirand We believe that the bug you reported is fixed in the latest version of ceph, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thomas Goirand (supplier of updated ceph package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 27 May 2021 12:04:21 +0200 Source: ceph Architecture: source Version: 14.2.21-1 Distribution: unstable Urgency: high Maintainer: Ceph Packaging Team Changed-By: Thomas Goirand Closes: 98 99 988890 Changes: ceph (14.2.21-1) unstable; urgency=high . * New upstream release, resolving these: - CVE-2021-3509: Cross Site Scripting via token Cookie (Closes: #98). - CVE-2021-3524: injection of HTTP headers via a CORS ExposeHeader tag in the Ceph Storage RadosGW (Closes: #99). - CVE-2021-3531: RadosGW denial of service (crash) (Closes: #988890). Checksums-Sha1: fec4210b9364ca0f6ed36b7dd0814334ded0c919 5896 ceph_14.2.21-1.dsc fa9070f10c96b7eee086509ac443b84392a55a65 129272778 ceph_14.2.21.orig.tar.gz 0112d8ae23a32d3ac8b16da2cd957912bda705d7 112220 ceph_14.2.21-1.debian.tar.xz ef02f592d5d86ffb4f6e67a736fa722a6d89f65a 34303 ceph_14.2.21-1_amd64.buildinfo Checksums-Sha256: c4b7c100dbc5ed59d77dcf814cb72c50acdab65e05ce6849becb184f966bb4c6 5896 ceph_14.2.21-1.dsc bcedc6a89dd660728b61299e8e12556e3782565c44a75e270016a9736bee0dc2 129272778 ceph_14.2.21.orig.tar.gz 417270dd57a6a4168c9d45e8e66d1d9889abd88dedf48ab53d6b01b80f512140 112220 ceph_14.2.21-1.debian.tar.xz d4251304b8eb33aed7a581c71de3c334eb1a5dc5dc9466e3d4a0541b71e8d9f4 34303 ceph_14.2.21-1_amd64.buildinfo Files: 937146d8d8601997e56685f2672210f5 5896 admin optional ceph_14.2.21-1.dsc 80c75b5421665fd1e412d29ce74313a2 129272778 admin optional ceph_14.2.21.orig.tar.gz 24f0be4481df558524a2ace8d29994a0 112220 admin optional ceph_14.2.21-1.debian.tar.xz 13047b94f0ac89cbeba8b0e087a55890 34303 admin optional ceph_14.2.21-1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmCvf1cACgkQ1BatFaxr Q/6XABAAoBy8R5V4Q8cBDEGlNs21UPvIgoAili3Z21Zx8KdAThB0aNx2vLDPNke8 JmmhLFNH0jVU42FlRSVfRj4dPCGu/rVQyv9DCs/+XMXBBfDbFAqaBvVp258UvnkL A/uKPG+oG71DVKdS+5nnWWDXpYFjhZjD3XhoRsh7UxSqdWGjx6rZ6zjtsA19IPL2 WTYraGZUBEUoc8fw//GkKjOGaIr6J0Lenm6hUG1fB7JcKFNtc1iiaYKCKVFGoOLZ uayJUAu0be5KI/7o4DIXrZctWcXxrGdRUBWV7Go/dv9gVZ7GjTFCywrwA289PS4Y
Bug#988890: marked as done (ceph: CVE-2021-3531)
Your message dated Thu, 27 May 2021 11:33:37 + with message-id and subject line Bug#988890: fixed in ceph 14.2.21-1 has caused the Debian Bug report #988890, regarding ceph: CVE-2021-3531 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988890: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988890 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: ceph Version: 14.2.20-2 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for ceph. CVE-2021-3531[0]: | A flaw was found in the Red Hat Ceph Storage RGW in versions before | 14.2.21. When processing a GET Request for a swift URL that ends with | two slashes it can cause the rgw to crash, resulting in a denial of | service. The greatest threat to the system is of availability. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-3531 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3531 [1] https://www.openwall.com/lists/oss-security/2021/05/14/5 [2] https://github.com/ceph/ceph/commit/f44a8ae8aa27ecef69528db9aec220f12492810e Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: ceph Source-Version: 14.2.21-1 Done: Thomas Goirand We believe that the bug you reported is fixed in the latest version of ceph, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thomas Goirand (supplier of updated ceph package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 27 May 2021 12:04:21 +0200 Source: ceph Architecture: source Version: 14.2.21-1 Distribution: unstable Urgency: high Maintainer: Ceph Packaging Team Changed-By: Thomas Goirand Closes: 98 99 988890 Changes: ceph (14.2.21-1) unstable; urgency=high . * New upstream release, resolving these: - CVE-2021-3509: Cross Site Scripting via token Cookie (Closes: #98). - CVE-2021-3524: injection of HTTP headers via a CORS ExposeHeader tag in the Ceph Storage RadosGW (Closes: #99). - CVE-2021-3531: RadosGW denial of service (crash) (Closes: #988890). Checksums-Sha1: fec4210b9364ca0f6ed36b7dd0814334ded0c919 5896 ceph_14.2.21-1.dsc fa9070f10c96b7eee086509ac443b84392a55a65 129272778 ceph_14.2.21.orig.tar.gz 0112d8ae23a32d3ac8b16da2cd957912bda705d7 112220 ceph_14.2.21-1.debian.tar.xz ef02f592d5d86ffb4f6e67a736fa722a6d89f65a 34303 ceph_14.2.21-1_amd64.buildinfo Checksums-Sha256: c4b7c100dbc5ed59d77dcf814cb72c50acdab65e05ce6849becb184f966bb4c6 5896 ceph_14.2.21-1.dsc bcedc6a89dd660728b61299e8e12556e3782565c44a75e270016a9736bee0dc2 129272778 ceph_14.2.21.orig.tar.gz 417270dd57a6a4168c9d45e8e66d1d9889abd88dedf48ab53d6b01b80f512140 112220 ceph_14.2.21-1.debian.tar.xz d4251304b8eb33aed7a581c71de3c334eb1a5dc5dc9466e3d4a0541b71e8d9f4 34303 ceph_14.2.21-1_amd64.buildinfo Files: 937146d8d8601997e56685f2672210f5 5896 admin optional ceph_14.2.21-1.dsc 80c75b5421665fd1e412d29ce74313a2 129272778 admin optional ceph_14.2.21.orig.tar.gz 24f0be4481df558524a2ace8d29994a0 112220 admin optional ceph_14.2.21-1.debian.tar.xz 13047b94f0ac89cbeba8b0e087a55890 34303 admin optional ceph_14.2.21-1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmCvf1cACgkQ1BatFaxr Q/6XABAAoBy8R5V4Q8cBDEGlNs21UPvIgoAili3Z21Zx8KdAThB0aNx2vLDPNke8 JmmhLFNH0jVU42FlRSVfRj4dPCGu/rVQyv9DCs/+XMXBBfDbFAqaBvVp258UvnkL A/uKPG+oG71DVKdS+5nnWWDXpYFjhZjD3XhoRsh7UxSqdWGjx6rZ6zjtsA19IPL2 WTYraGZUBEUoc8fw//GkKjOGaIr6J0Lenm6hUG1fB7JcKFNtc1iiaYKCKVFGoOLZ uayJUAu0be5KI/7o4DIXrZctWcXxrGdRUBWV7Go/dv9gVZ7GjTFCywrwA289PS4Y /dY3u00c91Cyg42B2At8Z9LF8tvSORVWayYhfp1j/L3+NvVOgMRgAAwHj2PyaoZX CBCuDhK8EMTudRmI8IJ4/ZY1llZPadigwmFgTrxtWFPQK98+ir1nHFm7go5LP9aE n9Xb1syvGX78sMyQkIuZuI8PR7eLJhrpfXGORUvwf7AhvIXhOCAJh3C4MzOd5I9D Z9R9r+4cQIudtYHXFO/2EGpVMN
Bug#989166: Fixed in 3.8.2-1
fixed -1 3.8.2-1 tags -1 buster
Bug#989166: Fixed in 3.8.2-1
Control: fixed -1 3.8.2-1 Control: tags -1 buster
Processed: Fixed in 3.8.2-1
Processing control commands: > fixed -1 3.8.2-1 Bug #989166 [r-cran-gtools] Error: package or namespace load failed for ‘gtools’ Marked as fixed in versions gtools/3.8.2-1. > tags -1 buster Bug #989166 [r-cran-gtools] Error: package or namespace load failed for ‘gtools’ Added tag(s) buster. -- 989166: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989166 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#988639: marked as done (ruby-font-awesome-rails: broken symlinks: /usr/share/ruby-font-awesome-rails/app/assets/fonts/fontawesome-webfont.*)
Your message dated Thu, 27 May 2021 12:48:25 + with message-id and subject line Bug#988639: fixed in ruby-font-awesome-rails 4.7.0.7-1 has caused the Debian Bug report #988639, regarding ruby-font-awesome-rails: broken symlinks: /usr/share/ruby-font-awesome-rails/app/assets/fonts/fontawesome-webfont.* to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988639: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988639 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: ruby-font-awesome-rails Version: 4.7.0.5-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package ships (or creates) a broken symlink. >From the attached log (scroll to the bottom...): 0m44.3s ERROR: FAIL: Broken symlinks: /usr/share/ruby-font-awesome-rails/app/assets/fonts/fontawesome-webfont.woff2 -> ../../../../fonts/woff/font-awesome/fontawesome-webfont.woff2 (ruby-font-awesome-rails) /usr/share/ruby-font-awesome-rails/app/assets/fonts/fontawesome-webfont.woff -> ../../../../fonts/woff/font-awesome/fontawesome-webfont.woff (ruby-font-awesome-rails) /usr/share/ruby-font-awesome-rails/app/assets/fonts/fontawesome-webfont.svg -> ../../../../fonts/svg/font-awesome/fontawesome-webfont.svg (ruby-font-awesome-rails) /usr/share/ruby-font-awesome-rails/app/assets/fonts/fontawesome-webfont.eot -> ../../../../fonts/eot/font-awesome/fontawesome-webfont.eot (ruby-font-awesome-rails) The targets are now located at /usr/share/fonts-font-awesome/fonts/fontawesome-webfont.* cheers, Andreas ruby-font-awesome-rails_4.7.0.5-1.log.gz Description: application/gzip --- End Message --- --- Begin Message --- Source: ruby-font-awesome-rails Source-Version: 4.7.0.7-1 Done: Pirate Praveen We believe that the bug you reported is fixed in the latest version of ruby-font-awesome-rails, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Pirate Praveen (supplier of updated ruby-font-awesome-rails package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 27 May 2021 17:57:42 +0530 Source: ruby-font-awesome-rails Architecture: source Version: 4.7.0.7-1 Distribution: unstable Urgency: medium Maintainer: Debian Ruby Team Changed-By: Pirate Praveen Closes: 988639 Changes: ruby-font-awesome-rails (4.7.0.7-1) unstable; urgency=medium . [ Debian Janitor ] * Trim trailing whitespace. * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse. . [ Cédric Boutillier ] * Update team name * Add .gitattributes to keep unwanted files out of the source package . [ Pirate Praveen ] * Fix symbolic links for fonts (Closes: #988639) * Add a smoke test as autopkgtest * New upstream version 4.7.0.7 (support for ruby 3.0 and rails 6.1) * Bump Standards-Version to 4.5.1 (no changes needed) Checksums-Sha1: 6bfb2c63a45fc02c1cc791df66a28700c3aaa1bc 2239 ruby-font-awesome-rails_4.7.0.7-1.dsc c1c9f9c525b88faea74e71f058129e1ff5ee4669 637956 ruby-font-awesome-rails_4.7.0.7.orig.tar.gz 83d055eb1f90db1a5d347ab8c6c980c3721dde3b 5504 ruby-font-awesome-rails_4.7.0.7-1.debian.tar.xz 0eed64839b0d827b951b93dc276243e21dbd76c9 9132 ruby-font-awesome-rails_4.7.0.7-1_amd64.buildinfo Checksums-Sha256: 4a8b926ce075580d9015444363b0693ee1dbc115e96bf2b3a6177cc2deb96f8c 2239 ruby-font-awesome-rails_4.7.0.7-1.dsc e8bea3786af7a2ebbad0b434078d6d2f3270d4f9c280922b710241bca9d1c8de 637956 ruby-font-awesome-rails_4.7.0.7.orig.tar.gz 9cfe70715792b8feddd308b9f2d850076d775388557634dcf248aefcaf925126 5504 ruby-font-awesome-rails_4.7.0.7-1.debian.tar.xz e0241027a312dae2ae5fc7508e93f755a7c833cccb2d1351d00c6de28f45c0ab 9132 ruby-font-awesome-rails_4.7.0.7-1_amd64.buildinfo Files: 6cc09988205c9fb8617dfc628e26b6ee 2239 ruby optional ruby-font-awesome-rails_4.7.0.7-1.dsc 533f87123be94260dad8cf818ca270ac 637956 ruby optional ruby-font-awesome-rails_4.7.0.7.orig.tar.gz 335f54f7ae365d17f78c14082b90 5504 ruby optional ruby-font-awesome-rails_4.7.0.7-1.debian.tar.xz 0f62465df9
Bug#984956: Pmix issues with openmpi-4.1.0
Ok, openmpi, redone ucx (to avoid 1.10.1~rc1 ) uploaded and unblock sent. Alastair On 16/05/2021, 06:39, "Lucas Nussbaum" wrote: Hi Alaitair, Thanks a lot for fixing this. Unfortunately, I noticed that the upload to unstable was built against ucx 1.10.1~rc1-1, so both need to migrate to testing. Did you already engage discussions with the release team? I did not find an unblock request. Lucas
Bug#892275: redshift: Unable to connect to GeoClue
> * Paul Gevers [210526 21:49]: > > On Thu, 4 Feb 2021 14:29:55 +0100 Laurent Bigonville > > wrote: > > > IMVHO, you should remove the redshift systemd file and let redshift > > > start via de xdg autostart mechanism. The geoclue agent should then be > > > started before redshift as I think it start the process using the > > > alphabetical order. > Maybe someone can come up with a patch that works on both, systemd and > non-systemd systems? If thats even relevant in the first place... As there's no non-systemd specific code in redshift at all, yet it works fine for me, why would that systemd support be needed either? Meow. -- ⢀⣴⠾⠻⢶⣦⠀ The oldest dated printed book includes the following license grant: ⣾⠁⢠⠒⠀⣿⡁ Reverently made for universal free distribution by Wang Jie ⢿⡄⠘⠷⠚⠋⠀ on behalf of his two parents on the 15th of the 4th moon of ⠈⠳⣄ the 9th year of Xiantong [11 May 868].
Bug#988562: broadcom-sta: diff for NMU version 6.30.223.271-16.1
Dear Paul, On Thu, May 27, 2021 at 5:36 PM Paul Gevers wrote: > > Hi Roger, > > On Mon, 17 May 2021 18:58:37 +0900 Roger Shimizu > wrote: > > However I find this package cannot be source upload, due to non-free. > > I'll upload with binary again with version -17 later. > > After that, I'll amend your unblock request. > > Just for future reference, you don't need to upload a new source, just > the binaries build from that source would be fine. Small advantage: the > migration timer isn't reset. Thanks for your information! I'll try to upload in binary next time in such case. Cheers, -- Roger Shimizu, GMT +9 Tokyo PGP/GPG: 4096R/6C6ACD6417B3ACB1
Processed: [bts-link] source package src:google-oauth-client-java
Processing commands for cont...@bugs.debian.org: > # > # bts-link upstream status pull for source package > src:google-oauth-client-java > # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html > # https://bts-link-team.pages.debian.net/bts-link/ > # > user debian-bts-l...@lists.debian.org Setting user to debian-bts-l...@lists.debian.org (was debian-bts-l...@lists.debian.org). > # remote status report for #988944 (http://bugs.debian.org/988944) > # Bug title: CVE-2020-7692 > # * https://github.com/googleapis/google-oauth-java-client/issues/469 > # * remote status changed: (?) -> closed > # * closed upstream > tags 988944 + fixed-upstream Bug #988944 [src:google-oauth-client-java] CVE-2020-7692 Added tag(s) fixed-upstream. > usertags 988944 + status-closed There were no usertags set. Usertags are now: status-closed. > thanks Stopping processing here. Please contact me if you need assistance. -- 988944: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988944 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#989183: CVE-2021-33038
Source: hyperkitty Severity: grave Tags: security X-Debbugs-Cc: Debian Security Team This was assigned CVE-2021-33038: https://gitlab.com/mailman/hyperkitty/-/issues/380 Patch is here: https://gitlab.com/mailman/hyperkitty/-/commit/9025324597d60b2dff740e49b70b15589d6804fa Cheers, Moritz
Processed: found 989183 in 1.3.4-3
Processing commands for cont...@bugs.debian.org: > found 989183 1.3.4-3 Bug #989183 [src:hyperkitty] CVE-2021-33038 Marked as found in versions hyperkitty/1.3.4-3. > thanks Stopping processing here. Please contact me if you need assistance. -- 989183: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989183 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: tagging 989183, bug 989183 is forwarded to https://gitlab.com/mailman/hyperkitty/-/issues/380
Processing commands for cont...@bugs.debian.org: > tags 989183 + upstream Bug #989183 [src:hyperkitty] CVE-2021-33038 Added tag(s) upstream. > forwarded 989183 https://gitlab.com/mailman/hyperkitty/-/issues/380 Bug #989183 [src:hyperkitty] CVE-2021-33038 Set Bug forwarded-to-address to 'https://gitlab.com/mailman/hyperkitty/-/issues/380'. > thanks Stopping processing here. Please contact me if you need assistance. -- 989183: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989183 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#988214: fixed in rails 2:6.0.3.7+dfsg-1
tag 989037 moreinfo thanks Hi, On 24-05-2021 11:35, Utkarsh Gupta wrote: > On Wed, 19 May 2021 22:12:59 +0200 Paul Gevers wrote: >> This new rails version renewed its versioned dependency on ruby-marcel. >> The new ruby-marcel version doesn't look like a targeted fix, so it >> doesn't fit the freeze policy. If I read the changelog correctly, this >> dependency is there to give rails a more relaxed license. I think such a >> change is not really needed at this stage of the freeze, does rails >> still work with the old version of ruby-marcel and can the version bump >> be reverted? > > Apologies, I missed (naturally because it wasn't copied) the conversation > on this bug prior to opening an unblock request for both. > > Whilst I agree that ruby-marcel isn't really a targeted fix, I believe the > bump was necessary to maintain sanity with future bug-fix releases of rails. > I've been trying to maintain rails from sid (back to jessie), ensuring that > the > CVEs are at least timely fixed. During that course, I've hit a lot of bumps > because of the version gaps, et al, so in this release I wanted rails to be > at par with its supported bug-fix only release (that is, the 6.0.3.x branch). > > 6.0.3.6 brings in an unusual change by bumping ruby-marcel to 1.0.0. But > after a lot of testing, sanity checking, et al, I found that the changes in > marcel are a no-op, that is, it doesn't really affect how marcel was before > and it is now. Marcel wanted to drop mimemagic dependency and so they > introduced a Magic class (Marcel::Magic) for mime type detection. > > I know that it doesn't go along with the freeze policy atm, but I also believe > that it's not really something that'd actually cause problems. IIUC, the > bump doesn't really affect much but just does things differently internally. > So is this edge case worth giving an exception along those lines? > > The bump shall yield nothing but (really) help in providing support to rails > for the next couple of years in/for bullseye (at least while it's > still supported). > Let me know what you think? Thanks! You haven't answered my question: "does rails still work with the old version of ruby-marcel and can the version bump be reverted" Paul OpenPGP_signature Description: OpenPGP digital signature
Bug#988893: squid: CVE-2021-28651
Hello, Please consider merging this fix: https://salsa.debian.org/squid-team/squid/-/merge_requests/17 diff -Nru squid-4.13/debian/changelog squid-4.13/debian/changelog --- squid-4.13/debian/changelog 2021-03-22 23:18:11.0 + +++ squid-4.13/debian/changelog 2021-05-27 22:53:36.0 + @@ -1,3 +1,11 @@ +squid (4.13-10) unstable; urgency=medium + + * Team upload. + * Add debian/patches/0007-CVE-2021-28651.patch to fix a Denial +of Service in URN processing. (Closes: #988893, CVE-2021-28651) + + -- Francisco Vilmar Cardoso Ruviaro Thu, 27 May 2021 22:53:36 + + squid (4.13-9) unstable; urgency=medium * Clarify on NEWS and scripts that we no longer remove logs on purge. diff -Nru squid-4.13/debian/patches/0007-CVE-2021-28651.patch squid-4.13/debian/patches/0007-CVE-2021-28651.patch --- squid-4.13/debian/patches/0007-CVE-2021-28651.patch 1970-01-01 00:00:00.0 + +++ squid-4.13/debian/patches/0007-CVE-2021-28651.patch 2021-05-27 22:43:32.0 + @@ -0,0 +1,23 @@ +Description: Fix CVE-2021-28651. + Due to a buffer-management bug, it allows + a denial of service in URN processing. + When resolving a request with the urn: scheme, + the parser leaks a small amount of memory. +Author: Amos Jeffries +Origin: upstream, http://www.squid-cache.org/Versions/v4/changesets/squid-4-a975fd5aedc866629214aaaccb38376855351899.patch +Bug: https://github.com/squid-cache/squid/pull/778 +Bug-Debian: https://bugs.debian.org/988893 +Forwarded: not-needed +Reviewed-By: Francisco Vilmar Cardoso Ruviaro +Last-Update: 2021-05-27 + +--- squid-4.13.orig/src/urn.cc squid-4.13/src/urn.cc +@@ -412,6 +412,7 @@ urnParseReply(const char *inbuf, const H + } + + debugs(52, 3, "urnParseReply: Found " << i << " URLs"); ++xfree(buf); + return list; + } + diff -Nru squid-4.13/debian/patches/series squid-4.13/debian/patches/series --- squid-4.13/debian/patches/series2021-03-22 23:18:11.0 + +++ squid-4.13/debian/patches/series2021-05-27 22:13:37.0 + @@ -4,3 +4,4 @@ #0004-upstream-bug5041.patch 0005-Use-RuntimeDirectory-to-create-run-squid.patch 0006-SQUID-2020_11.patch +0007-CVE-2021-28651.patch Best regards, -- Francisco Vilmar Cardoso Ruviaro 4096R: 1B8C F656 EF3B 8447 2F48 F0E7 82FB F706 0B2F 7D00 OpenPGP_signature Description: OpenPGP digital signature
Bug#989191: Drop macros not supported in PHP 8
Source: uwsgi
Severity: serious
Tags: patch upstream ftbfs
Justification: fails to build from source (but built successfully in the past)
TSRMLS_* was deprecated in PHP 7 and I believe the macro resolves to
null there. The macro is removed for PHP 8, so uwsgi fails to build
from source when built with that PHP.
-- System Information:
Debian Release: bullseye/sid
APT prefers focal-updates
APT policy: (500, 'focal-updates'), (500, 'focal-security'), (500,
'focal-proposed'), (500, 'focal'), (100, 'focal-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.4.0-70-generic (SMP w/12 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=C, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to
en_US.UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) (ignored: LC_ALL set to
en_US.UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Description: Drop TSRMLS_* now obsolete in PHP 8 to fix FTBFS
These C macros were nulled in PHP 7 and removed in PHP 8.
Author: Bryce Harrington
Origin: vendor
Bug:
Bug-:
Forwarded:
Last-Update: 2021-05-28
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/plugins/php/php_plugin.c
+++ b/plugins/php/php_plugin.c
@@ -82,9 +82,9 @@
#ifdef UWSGI_PHP7
-static size_t sapi_uwsgi_ub_write(const char *str, size_t str_length TSRMLS_DC)
+static size_t sapi_uwsgi_ub_write(const char *str, size_t str_length)
#else
-static int sapi_uwsgi_ub_write(const char *str, uint str_length TSRMLS_DC)
+static int sapi_uwsgi_ub_write(const char *str, uint str_length)
#endif
{
struct wsgi_request *wsgi_req = (struct wsgi_request *) SG(server_context);
@@ -97,7 +97,7 @@
return str_length;
}
-static int sapi_uwsgi_send_headers(sapi_headers_struct *sapi_headers TSRMLS_DC)
+static int sapi_uwsgi_send_headers(sapi_headers_struct *sapi_headers)
{
sapi_header_struct *h;
zend_llist_position pos;
@@ -132,9 +132,9 @@
}
#ifdef UWSGI_PHP7
-static size_t sapi_uwsgi_read_post(char *buffer, size_t count_bytes TSRMLS_DC)
+static size_t sapi_uwsgi_read_post(char *buffer, size_t count_bytes)
#else
-static int sapi_uwsgi_read_post(char *buffer, uint count_bytes TSRMLS_DC)
+static int sapi_uwsgi_read_post(char *buffer, uint count_bytes)
#endif
{
uint read_bytes = 0;
@@ -159,7 +159,7 @@
}
-static char *sapi_uwsgi_read_cookies(TSRMLS_D)
+static char *sapi_uwsgi_read_cookies()
{
uint16_t len = 0;
struct wsgi_request *wsgi_req = (struct wsgi_request *) SG(server_context);
@@ -172,55 +172,55 @@
return NULL;
}
-static void sapi_uwsgi_register_variables(zval *track_vars_array TSRMLS_DC)
+static void sapi_uwsgi_register_variables(zval *track_vars_array)
{
int i;
struct wsgi_request *wsgi_req = (struct wsgi_request *) SG(server_context);
- php_import_environment_variables(track_vars_array TSRMLS_CC);
+ php_import_environment_variables(track_vars_array);
if (uphp.server_software) {
if (!uphp.server_software_len) uphp.server_software_len = strlen(uphp.server_software);
- php_register_variable_safe("SERVER_SOFTWARE", uphp.server_software, uphp.server_software_len, track_vars_array TSRMLS_CC);
+ php_register_variable_safe("SERVER_SOFTWARE", uphp.server_software, uphp.server_software_len, track_vars_array);
}
else {
- php_register_variable_safe("SERVER_SOFTWARE", "uWSGI", 5, track_vars_array TSRMLS_CC);
+ php_register_variable_safe("SERVER_SOFTWARE", "uWSGI", 5, track_vars_array);
}
for (i = 0; i < wsgi_req->var_cnt; i += 2) {
php_register_variable_safe( estrndup(wsgi_req->hvec[i].iov_base, wsgi_req->hvec[i].iov_len),
wsgi_req->hvec[i + 1].iov_base, wsgi_req->hvec[i + 1].iov_len,
- track_vars_array TSRMLS_CC);
+ track_vars_array);
}
- php_register_variable_safe("PATH_INFO", wsgi_req->path_info, wsgi_req->path_info_len, track_vars_array TSRMLS_CC);
+ php_register_variable_safe("PATH_INFO", wsgi_req->path_info, wsgi_req->path_info_len, track_vars_array);
if (wsgi_req->query_string_len > 0) {
- php_register_variable_safe("QUERY_STRING", wsgi_req->query_string, wsgi_req->query_string_len, track_vars_array TSRMLS_CC);
+ php_register_variable_safe("QUERY_STRING", wsgi_req->query_string, wsgi_req->query_string_len, track_vars_array);
}
- php_register_variable_safe("SCRIPT_NAME", wsgi_req->script_name, wsgi_req->script_name_len, track_vars_array TSRMLS_CC);
- php_register_variable_safe("SCRIPT_FILENAME", wsgi_req->file, wsgi_req->file_len, track_vars_array TSRMLS_CC);
+ php_register_variable_safe("SCRIPT_NAME", wsgi_req->script_name, wsgi_req->script_name_len, track_vars_array);
+ php_register_variable_safe("SCRIPT_FILENAME", wsgi_req->file, wsgi_req->file_len, track_vars_array);
- php_register_variable_safe("DOCUMENT_ROOT", wsgi_req->document_root, wsgi_req->document_root_len, track_vars_array TSRMLS_CC);
+ php_register_variable_safe("DOCUMENT_ROOT", wsgi_req->document_root, wsgi_req->document_root_len, trac
Bug#988089: MariaDB upgrade issues from Debian 10 to Debian 11
Hello! There is an updated Galera-4 in Debian unstable now. If you want to contribute to the effort, you could now do testing and verify that the fix delivered works. On Sun, May 9, 2021 at 8:41 PM Otto Kekäläinen wrote: > > Thanks for running the debug commands. Would you like to also read and > analyze them and try to find out what is going on and thus what the > solution would be? > > And maybe submit a Merge Request on what should be changed in the > debian/control file maybe? > > In this message I describe how I tested a new debian/control file > without having to rebuild the whole package: > https://lists.debian.org/debian-devel/2021/03/msg00206.html > > > On Sun, May 9, 2021 at 1:30 AM Olaf van der Spek wrote: > > > > Op zo 9 mei 2021 om 08:40 schreef Otto Kekäläinen : > > > Here is a debian-devel thread where I learnt new ways to run apt in > > > debug mode to better see why it chooses to upgrade/remove certain > > > packages, it might be helpful here too: > > > https://lists.debian.org/debian-devel/2021/03/msg00139.html > > > https://lists.debian.org/debian-devel/2021/03/msg00131.html > > > > # apt upgrade -o Debug::pkgDepCache::AutoInstall=1 -o > > Debug::pkgDepCache::Marker=1 -o Debug::pkgProblemResolver=1 > > Reading package lists... Done > > Building dependency tree... Done > > Reading state information... Done > > MarkInstall mariadb-server:amd64 < 1:10.3.27-0+deb10u1 -> 1:10.5.9-1 > > @ii umU Ib > FU=0 ...
Bug#989193: breaks apt-cacher-ng by blocking link operation
Package: apparmor-profiles-extra
Version: 1.33
Severity: serious
Tags: patch
Hi,
see attachment, your config which doesn't allow link calls, which
sporadically breaks operation of apt-cacher-ng in unexpected ways.
The suggested change should probably be improved, I am no apparmor
expert.
[ 1451.927739] audit: type=1400 audit(1622048089.493:85): apparmor="ALLOWED"
operation="link" profile="apt-cacher-ng"
name="/var/cache/apt-cacher-ng/debrep/dists/unstable/InRelease.1622048089"
pid=36785 comm="apt-cacher-ng" requested_mask="l" denied_mask="l" fsuid=121
ouid=121 target="/var/cache/apt-cacher-ng/debrep/dists/unstable/InRelease"
Eduard.
-- System Information:
Debian Release: 11.0
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'),
(500, 'stable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.12.0+ (SMP w/12 CPU threads)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages apparmor-profiles-extra depends on:
ii apparmor 2.13.6-10
apparmor-profiles-extra recommends no packages.
apparmor-profiles-extra suggests no packages.
-- Configuration Files:
/etc/apparmor.d/usr.sbin.apt-cacher-ng changed:
@{APT_CACHER_NG_CACHE_DIR}=/var/cache/apt-cacher-ng
profile apt-cacher-ng /usr/sbin/apt-cacher-ng {
#include
#include
#include
#include
/etc/apt-cacher-ng/ r,
/etc/apt-cacher-ng/** r,
/etc/hosts.{deny,allow} r,
/usr/sbin/apt-cacher-ng mr,
/var/lib/apt-cacher-ng/** r,
/{,var/}run/apt-cacher-ng/* rw,
@{APT_CACHER_NG_CACHE_DIR}/ r,
@{APT_CACHER_NG_CACHE_DIR}/** rwl,
/var/log/apt-cacher-ng/ r,
/var/log/apt-cacher-ng/* rw,
/{,var/}run/systemd/notify w,
/{usr/,}bin/dash ixr,
/{usr/,}bin/ed ixr,
/{usr/,}bin/red ixr,
/{usr/,}bin/sed ixr,
/usr/lib/apt-cacher-ng/acngtool ixr,
# Allow serving local documentation
/etc/mime.types r,
/usr/share/doc/apt-cacher-ng/html/** r,
# used by libevent
@{PROC}/sys/kernel/random/uuid r,
# Site-specific additions and overrides. See local/README for details.
#include
}
-- no debconf information
From 5eeca40ec3c93dc0d91ce3db0d9f652310087a12 Mon Sep 17 00:00:00 2001
From: Eduard Bloch
Date: Fri, 28 May 2021 07:11:52 +0200
Subject: [PATCH] Stop breaking latest apt-cacher-ng by blocking link
operations
---
profiles/usr.sbin.apt-cacher-ng | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/profiles/usr.sbin.apt-cacher-ng b/profiles/usr.sbin.apt-cacher-ng
index 6d2f5ff..c24c2c5 100644
--- a/profiles/usr.sbin.apt-cacher-ng
+++ b/profiles/usr.sbin.apt-cacher-ng
@@ -18,7 +18,7 @@ profile apt-cacher-ng /usr/sbin/apt-cacher-ng {
/var/lib/apt-cacher-ng/** r,
/{,var/}run/apt-cacher-ng/* rw,
@{APT_CACHER_NG_CACHE_DIR}/ r,
- @{APT_CACHER_NG_CACHE_DIR}/** rw,
+ @{APT_CACHER_NG_CACHE_DIR}/** rwl,
/var/log/apt-cacher-ng/ r,
/var/log/apt-cacher-ng/* rw,
/{,var/}run/systemd/notify w,
--
2.32.0.rc0
Processed: affects 986709
Processing commands for cont...@bugs.debian.org: > affects 986709 src:rsnapshot Bug #986709 [src:rsnapshot] rsnapshot: not suitable for stable release Added indication that 986709 affects src:rsnapshot > thanks Stopping processing here. Please contact me if you need assistance. -- 986709: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986709 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#986709: #986479 RM rsnapshot -- RoM; RoQA; no longer maintained by upstream
Please don't remove rsnapshot - it is a far too important package to lose. IMHO the issue is really minor: rsnapshot is a stable software which had very few changes over last several years. Even if unmaintained upstream it will remain usable for years to come. As a project we are perfectly capable to apply patches here and there, as required even without upstream support. Also I'm not aware of any conceptual alternatives to rsnapshot. In a sense it is a unique software implementing a special (and extraordinary useful) approach to backups. Thanks. -- All the best, Dmitry Smirnov GPG key : 4096R/52B6BBD953968D1B --- A man who knows a subject thoroughly, a man so soaked in it that he eats it, sleeps it and dreams it - this man can always teach it with success, no matter how little he knows of technical pedagogy. -- H. L. Mencken --- ZERO flu deaths reported during 2020-2021 season. Never in medical history has an annual disease completely disappeared to be replaced by another one with the exact same symptoms. signature.asc Description: This is a digitally signed message part.
