Processed: tagging 1026325

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 1026325 + fixed
Bug #1026325 {Done: Andrius Merkys } [src:smiles-scripts] 
libchemistry-opensmiles-perl breaks smiles-scripts autopkgtest: output changed
Added tag(s) fixed.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1026325: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026325
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1028976: marked as done (php-imagick: autopkgtest needs update for new version of php-defaults)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 09:47:09 +0100
with message-id <8c50545e-6329-42cf-8db3-c4e398b32...@sury.org>
and subject line Re: Bug#1028976: php-imagick: autopkgtest needs update for new 
version of php-defaults
has caused the Debian Bug report #1028976,
regarding php-imagick: autopkgtest needs update for new version of php-defaults
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1028976: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028976
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Source: php-imagick
Version: 3.7.0-3
Severity: serious
X-Debbugs-CC: php-defau...@packages.debian.org
Tags: sid bookworm
User: debian...@lists.debian.org
Usertags: needs-update
Control: affects -1 src:php-defaults

Dear maintainer(s),

With a recent upload of php-defaults the autopkgtest of php-imagick 
fails in testing when that autopkgtest is run with the binary packages 
of php-defaults from unstable. It passes when run with only packages 
from testing. In tabular form:


   passfail
php-defaults   from testing93
php-imagickfrom testing3.7.0-3
all others from testingfrom testing

I copied some of the output at the bottom of this report.

Currently this regression is blocking the migration of php-defaults to 
testing [1]. Of course, php-defaults shouldn't just break your 
autopkgtest (or even worse, your package), but it seems to me that the 
change in php-defaults was intended and your package needs to update to 
the new situation.


If this is a real problem in your package (and not only in your 
autopkgtest), the right binary package(s) from php-defaults should 
really add a versioned Breaks on the unfixed version of (one of your) 
package(s). Note: the Breaks is nice even if the issue is only in the 
autopkgtest as it helps the migration software to figure out the right 
versions to combine in the tests.


More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[1] https://qa.debian.org/excuses.php?package=php-defaults

https://ci.debian.net/data/autopkgtest/testing/amd64/p/php-imagick/30392957/log.gz

There was 1 failure:

1) 
/tmp/autopkgtest-lxc.0guk5e6e/downtmp/build.IKf/src/imagick-3.7.0/tests/243_Tutorial_svgExample_basic.phpt

Failed asserting that string matches format description.
--- Expected
+++ Actual
@@ @@
-Ok
+Fatal error: Uncaught ImagickException: no decode delegate for this 
image format `SVG' @ error/blob.c/BlobToImage/363 in Standard input code:43

+Stack trace:
+#0 Standard input code(43): Imagick->readImageBlob()
+#1 Standard input code(49): svgExample()
+#2 {main}
+  thrown in Standard input code on line 43

/tmp/autopkgtest-lxc.0guk5e6e/downtmp/build.IKf/src/imagick-3.7.0/tests/243_Tutorial_svgExample_basic.phpt:58



OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Version: 3.7.0-3

I retested the autopkgtests both in sid and bookworm schroots and everything 
looks good now,
so it must have been dependencies not tight enough during the transition as you 
suggested elsewhere:

autopkgtest [09:45:20]: test command1: cd imagick-$(xml2 < package.xml | sed 
-ne "s,/package/version/release=\(.*\),\1,p")/tests && phpunit --verbose .
autopkgtest [09:45:20]: test command1: [---
[...snip...]
OK, but incomplete, skipped, or risky tests!
Tests: 332, Assertions: 332, Skipped: 66, Incomplete: 1.
autopkgtest [09:45:55]: test command1: ---]
autopkgtest [09:45:55]: test command1:  - - - - - - - - - - results - - - - - - 
- - - -
command1 PASS
autopkgtest [09:45:55]:  summary
command1 PASS

Ondrej
--
Ondřej Surý (He/Him)
ond...@sury.org


> On 15. 1. 2023, at 17:29, Paul Gevers  wrote:
> 
> Source: php-imagick
> Version: 3.7.0-3
> Severity: serious
> X-Debbugs-CC: php-defau...@packages.debian.org
> Tags: sid bookworm
> User: debian...@lists.debian.org
> Usertags: needs-update
> Control: affects -1 src:php-defaults
> 
> Dear maintainer(s),
> 
> With a recent upload of php-defaults the autopkgtest of php-imagick fails in 
> testing when that autopkgtest is run with the binary packages of php-defaults 
> from unstable. It passes when run with only packages from testing. In tabular 
> form:
> 
>   passfail
> php-defaults   from testing93
> php-imagickfrom testing3.7.0-3
> all others from testingfrom t

Bug#1025227: marked as done (agenda.app: flaky autopkgtest: seems to mix up dates with large timezone offsets)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 09:08:59 +
with message-id 
and subject line Bug#1025227: fixed in agenda.app 0.46-3
has caused the Debian Bug report #1025227,
regarding agenda.app: flaky autopkgtest: seems to mix up dates with large 
timezone offsets
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1025227: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025227
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Source: agenda.app
Version: 0.46-2
Severity: serious
User: debian...@lists.debian.org
Usertags: flaky

Dear maintainer(s),

I looked at the results of the autopkgtest of your package. I noticed 
that it regularly fails. It seems that the DateTime test fails if the 
date from date/time + timezone yields a different date than date/time 
alone. (But I could be misinterpreting the logs).


Because the unstable-to-testing migration software now blocks on
regressions in testing, flaky tests, i.e. tests that flip between
passing and failing without changes to the list of installed packages,
are causing people unrelated to your package to spend time on these
tests.

Don't hesitate to reach out if you need help and some more information
from our infrastructure.

Paul

https://ci.debian.net/data/autopkgtest/testing/armhf/a/agenda.app/28801138/log.gz

Failed test: (2022-11-29 23:30:52.885 -0600) DateTest.m:25 ... 
comparing with date only we have equality



https://ci.debian.net/data/autopkgtest/testing/arm64/a/agenda.app/28486849/log.gz

Failed test: (2022-11-20 07:23:21.228 +0800) DateTest.m:25 ... 
comparing with date only we have equality



https://ci.debian.net/data/autopkgtest/testing/armel/a/agenda.app/28101939/log.gz

Failed test: (2022-11-10 22:10:37.391 -0600) DateTest.m:25 ... 
comparing with date only we have equality



https://ci.debian.net/data/autopkgtest/testing/s390x/a/agenda.app/28776884/log.gz

Failed test: (2022-11-28 22:52:25.440 -0500) DateTest.m:25 ... 
comparing with date only we have equality


OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: agenda.app
Source-Version: 0.46-3
Done: Yavor Doganov 

We believe that the bug you reported is fixed in the latest version of
agenda.app, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1025...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Yavor Doganov  (supplier of updated agenda.app package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 21 Jan 2023 10:29:01 +0200
Source: agenda.app
Architecture: source
Version: 0.46-3
Distribution: unstable
Urgency: medium
Maintainer: Debian GNUstep maintainers 

Changed-By: Yavor Doganov 
Closes: 1025227
Changes:
 agenda.app (0.46-3) unstable; urgency=medium
 .
   * debian/patches/flaky-test.patch: New; mark a flaky test as hopeful
 (Closes: #1025227).
   * debian/patches/series: New file.
   * debian/control (Standards-Version): Bump to 4.6.2; no changes needed.
   * debian/copyright: Update copyright years.
Checksums-Sha1:
 3daa085f89d80a4a0eea9f5eff53b5fe846c30d8 2099 agenda.app_0.46-3.dsc
 9fd6d21fbacaf0428a9243bab70b50520ba4ab1a 5488 agenda.app_0.46-3.debian.tar.xz
 74b171d694554aca22b225d2c11663bc926b2d65 10212 
agenda.app_0.46-3_source.buildinfo
Checksums-Sha256:
 309f168373b452cef7dac660710d11b605cafac24a68e0de8e6897c3d3a8fd5c 2099 
agenda.app_0.46-3.dsc
 dfbbaecab7311d6274658ca36ab55b536ddc6a43e2e85d7f6c81115cd35f830d 5488 
agenda.app_0.46-3.debian.tar.xz
 479bb1c14ddefba95c6553aa4a2c6a4dfcf1ae3114b4a4fdc1199db1805dbb18 10212 
agenda.app_0.46-3_source.buildinfo
Files:
 92c427302cc50205f5dae6a713bd9644 2099 gnustep optional agenda.app_0.46-3.dsc
 fbc0f8c527178c95cb55d79c4674cc9d 5488 gnustep optional 
agenda.app_0.46-3.debian.tar.xz
 eae1eea17e16b9a2c6957772e234 10212 gnustep optional 
agenda.app_0.46-3_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEtgob82PcExn/Co6JEWhSvN91FcAFAmPPnJ0ACgkQEWhSvN91
FcCxUQ/9HQ90RhkNUklzOw2/WogqsSDaEm1baWqvReQE0y8ldc0nlspNQ0GXyGNl
irlLqdkUHquWI0sgM5Dc0a2cvtfK1DPYggfXXojBNPJ7AHqqiPn4XU0Adrc/hoXC
XBLUZONGmAR0bAgU8A2YJGKAgq7NR5GqNS1QReBKKLFvboRMHa3tR

Processed: Fw

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forwarded 1028976 
> https://github.com/Imagick/imagick/issues/575#issuecomment-1401630623
Bug #1028976 {Done: Ondřej Surý } [src:php-imagick] 
php-imagick: autopkgtest needs update for new version of php-defaults
Set Bug forwarded-to-address to 
'https://github.com/Imagick/imagick/issues/575#issuecomment-1401630623'.
> stop
Stopping processing here.

Please contact me if you need assistance.
-- 
1028976: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028976
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1028976: SVG support

[William Desportes]

Upstream said it was missing SVG support, but it's now fixed.
Ref: https://github.com/Imagick/imagick/issues/575#issuecomment-1401630623

Bug#1029550: scipy: (s390x autopkgtest) needs update for NumPy 1.24

[Graham Inggs]

Source: scipy
Version: 1.8.1-21
Severity: serious
User: debian...@lists.debian.org
Usertags: needs-update

Hi Maintainer

The autopkgtests of scipy fail with NumPy 1.24 on s390x [1].  I've
copied what I hope is the relevant part of the log below.

Regards
Graham


[1] https://ci.debian.net/packages/s/scipy/testing/s390x/


=== FAILURES ===
___ test_atol[bicg] 
/usr/lib/python3/dist-packages/scipy/sparse/linalg/_isolve/tests/test_iterative.py:422:
in test_atol
assert_(err <= max(atol, atol2))
E   AssertionError
A  = array([[14.31948217,  3.3445992 ,  3.22423163,
3.66544887,  2.50463135,
 4.00888703,  2.25486222,  2.03568917...3162,  2.82956812,
3.1425076 ,  2.17335779,
 3.2446288 ,  2.1821021 ,  2.22427957,  3.32031818, 13.42463446]])
M  = array([[ 4.28038557e-06, -1.74616643e-06, -1.99641947e-06,
-1.90276202e-06,  1.64630749e-06,  5.72226274e-07,
... 3.21342987e-06, -2.58609835e-06,
 5.90349817e-06, -3.87886046e-06, -3.52856621e-06,
 8.23227307e-06]])
M0 = array([[ 4.28038557, -1.74616643, -1.99641947,
-1.90276202,  1.64630749,
 0.57222627,  2.76279583, -1.83101351...4479, -0.1760489 ,
-3.53709722,  3.21342987,
-2.58609835,  5.90349817, -3.87886046, -3.52856621,  8.23227307]])
Ms = [None, array([[ 4.28038557e-06, -1.74616643e-06,
-1.99641947e-06,
-1.90276202e-06,  1.64630749e-06,  5.7222627...0526, -2586098.34883972,
 5903498.16585825, -3878860.45678975, -3528566.20527011,
 8232273.07488767]])]
atol   = 1e-10
atol2  = 0.0
b  = array([767.11662838, 708.11536198, 796.86718373,
557.76082843,
   965.83653199, 147.15689989,  29.64700054, 593.89349262,
   114.06569874, 950.80985008])
b_norm = 2064.248986245918
err= 1.0001923322085594e-10
info   = 0
residual   = array([ 5.61612978e-11,  3.16049409e-11,
3.50155460e-11, -5.11590770e-12,
2.50111043e-12,  1.06581410e-11, -8.84625706e-13, -3.93356459e-11,
   -1.50635060e-12, -5.41149348e-11])
solver = 
tol= 0.0
tols   = array([0.e+00, 1.e-10, 1.e-08, 1.e-06, 1.e-04,
1.e-02, 1.e+00, 1.e+02,
  inf])
x  = array([ 28.6604403 ,  29.98361995,  37.7931594 ,
 9.81468974,
63.06966912, -30.30519745, -21.60229055,  28.36084453,
   -30.2321986 ,  50.7269506 ])

Bug#1027198: marked as done (einsteinpy: autopkgtest fail with numpy/1.24.1)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 10:49:33 +
with message-id 
and subject line Bug#1027198: fixed in einsteinpy 0.4.0-1
has caused the Debian Bug report #1027198,
regarding einsteinpy: autopkgtest fail with numpy/1.24.1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1027198: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027198
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: einsteinpy
Severity: important
User: debian-pyt...@lists.debian.org
Usertags: numpy1.24

Hello,
recently numpy/1.24.1 has been uploaded to experimental, and this package
autopkgtest fail when running against it.

An overview of the upstream changes in the 1.24.x series is available at:

  https://numpy.org/doc/stable/release/1.24.0-notes.html

Several of the errors are in the form of:

AttributeError: module 'numpy' has no attribute 'X'

with X in [float, int, bool, object, ...]. This is because, numpy upstream in
1.24.0, finally decided to expire

  
https://numpy.org/doc/stable/release/1.24.0-notes.html#:~:text=The%20deprecation%20for%20the%20aliases

some deprecations introduced in 1.20.0

  
https://numpy.org/doc/stable/release/1.20.0-notes.html#using-the-aliases-of-builtin-types-like-np-int-is-deprecated

(released almost 2 years ago).

All of those are quite straightforward to fix, since often it's just necessary
to stop importing them from numpy and use the python native types.

Other changes may requires a bit more rework to be addressed.

Currently numpy/1.24.x is in experimental, but given the possible longer support
that it'll receive from upstream, we're hopeful to include this in bookworm, so
your help is necessary to address this bug ASAP.

Regards,
Sandro
--- End Message ---
--- Begin Message ---
Source: einsteinpy
Source-Version: 0.4.0-1
Done: Ole Streicher 

We believe that the bug you reported is fixed in the latest version of
einsteinpy, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1027...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ole Streicher  (supplier of updated einsteinpy package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Jan 2023 10:14:43 +0100
Source: einsteinpy
Architecture: source
Version: 0.4.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Astronomy Team 

Changed-By: Ole Streicher 
Closes: 1027198
Changes:
 einsteinpy (0.4.0-1) unstable; urgency=medium
 .
   * Team upload
 .
   [ Debian Janitor ]
   * Bump debhelper from old 12 to 13.
   * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
 Repository-Browse.
   * Remove constraints unnecessary since buster:
 + Build-Depends: Drop versioned constraint on python3-astropy and
   python3-matplotlib.
 .
   [ Ole Streicher ]
   * Switch upstream to guthub
   * New upstream version 0.4.0
   * Remove patch that was applied upstream
   * Push Standards-Version to 4.6.2. No changes
   * Fix numpy 1.24 compatibility (Closes: #1027198)
   * Fix NameError for numpy in tensor_lambdify
Checksums-Sha1:
 764e7db755ce7fcd00439a9eee6111be965d32ac 2226 einsteinpy_0.4.0-1.dsc
 613963ecca5aa3f7b21f36a24c19a6dd12a2420a 30266763 einsteinpy_0.4.0.orig.tar.gz
 23066ae0d153e79652ad76b2547d72ca7c418cc7 3480 einsteinpy_0.4.0-1.debian.tar.xz
Checksums-Sha256:
 1f371a7644b7a9f94a81b41c78d3d8637e0f872a1665503509593fa7422613f7 2226 
einsteinpy_0.4.0-1.dsc
 e26128e769d0971f490aea00477d6303bfea13dc8b4069eaa3f9d2bd5979bda2 30266763 
einsteinpy_0.4.0.orig.tar.gz
 3fd1378047a287678df93adfba4dd0c024b7298e785e16486e53cc75d2cbd03a 3480 
einsteinpy_0.4.0-1.debian.tar.xz
Files:
 b124452d73aa4125b3f90b40bb180446 2226 python optional einsteinpy_0.4.0-1.dsc
 30735c784e73232683df217140556cd4 30266763 python optional 
einsteinpy_0.4.0.orig.tar.gz
 3783fbaf318410b5417122626e643ebc 3480 python optional 
einsteinpy_0.4.0-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEE7/BpV0Ra2/h0L3qtmk9WvbkOGL0FAmPPskgACgkQmk9WvbkO
GL2SiRAAj5pjZrgzo23iEI2HLk5zDoBHhFY995l5qP6fKUVrdYlLWgAC0zt9Wko9
AscWJGjU+oBh9JWZQ/r23zWzGOz5VMu7FW1IhlofgoC/7s5LySP5/AiRixw8WCjB
J1PeRjnJEpWE5KvoXBE/21aewa/0016yyvDXYTg3UCfM4calUHZCyP

Bug#1028421: Salt not available in bookworm

[cebe.cloud - Carsten Brandt]

Hi,

I just found that salt-minion and other salt packages are not included 
in bookworm right now. What is the reason for this and what needs to be 
done to get it back?


best regards,
Carsten Brandt

Bug#1028421: Salt not available in bookworm

[Carsten Brandt]

Hi,

I just found that salt-minion and other salt packages are not included 
in bookworm right now. What is the reason for this and what needs to be 
done to get it back?


best regards,
Carsten

Bug#1023766: android-platform-build-kati: autopkgtest regression on armel: undefined reference to `std::__atomic_futex_unsigned_base

[Adrian Bunk]

On Wed, Nov 09, 2022 at 09:58:22PM +0100, Paul Gevers wrote:
> Source: android-platform-build-kati
> Version: 10.0.0+r32+git20220314.09dfa26c4e59-3
> Severity: serious
> User: debian...@lists.debian.org
> Usertags: regression
> 
> Dear maintainer(s),
> 
> With a recent upload of android-platform-build-kati the autopkgtest of
> android-platform-build-kati fails in testing when that autopkgtest is run
> with the binary packages of android-platform-build-kati from unstable. It
> passes when run with only packages from testing. In tabular form:
> 
>passfail
> android-platform-build-kati
>from testing
>10.0.0+r32+git20220314.09dfa26c4e59-3
> all others from testingfrom testing
> 
> I copied some of the output at the bottom of this report.
> 
> Currently this regression is blocking the migration to testing [1]. Can you
> please investigate the situation and fix it?
>...
> g++ -c -std=c++17 -g -W -Wall -MMD -MP -O -DNOLOG -march=native -o
> out/affinity.o src/affinity.cc
>...

I was wondering why this works for me on the porterbox, but the 
autopkgtest fails on armel (and on ppc64el and riscv64).

The relevant difference is likely the hardware, and the fact that 
-march=native is editied out during the build[1] but not patched
out, so still used during the autopkgtest.

cu
Adrian

[1] 
https://sources.debian.org/src/android-platform-build-kati/10.0.0%2Br32%2Bgit20220314.09dfa26c4e59-3/debian/rules/#L15

Processed: block 1017573 with 1011225

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> block 1017573 with 1011225
Bug #1017573 [python3-ulmo] python3-ulmo: autopkgtest fail with pandas 1.4
1017573 was not blocked by any bugs.
1017573 was blocking: 1017809
Added blocking bug(s) of 1017573: 1011225
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1017573: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017573
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1017236: marked as done (golang-github-containers-toolbox: FTBFS: dh_auto_test: error: cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=8 meson test returned exit code 1)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 13:06:10 +
with message-id 
and subject line Bug#1017236: fixed in golang-github-containers-toolbox 
0.0.99.3+git20230118+446d7bfdef6a-1
has caused the Debian Bug report #1017236,
regarding golang-github-containers-toolbox: FTBFS: dh_auto_test: error: cd 
obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=8 meson test returned 
exit code 1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1017236: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017236
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: golang-github-containers-toolbox
Version: 0.0.99.3-1
Severity: serious
Justification: FTBFS
Tags: bookworm sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20220813 ftbfs-bookworm

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
> make[1]: Entering directory '/<>'
> dh_auto_test
>   cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=8 meson test
> ninja: Entering directory `/<>/obj-x86_64-linux-gnu'
> ninja: no work to do.
> 1/3 shellcheck go-build-wrapper OK  0.04s
> 2/3 shellcheck profile.dFAIL0.07s   exit status 1
> >>> MALLOC_PERTURB_=218 /usr/bin/shellcheck --shell=sh 
> >>> /<>/obj-x86_64-linux-gnu/../profile.d/toolbox.sh
> 
> 3/3 toolbox go unit tests   OK  5.02s
> 
> Ok: 2   
> Expected Fail:  0   
> Fail:   1   
> Unexpected Pass:0   
> Skipped:0   
> Timeout:0   
> 
> Full log written to 
> /<>/obj-x86_64-linux-gnu/meson-logs/testlog.txt
>   cd obj-x86_64-linux-gnu && tail -v -n \+0 meson-logs/testlog.txt
> ==> meson-logs/testlog.txt <==
> Log of Meson test suite run on 2022-08-14T03:15:59.817487
> 
> Inherited environment: GO111MODULE=off SCHROOT_GID=1001 
> DEB_HOST_MULTIARCH=x86_64-linux-gnu LC_ALL=C.UTF-8 
> DEB_HOST_GNU_SYSTEM=linux-gnu DEB_BUILD_GNU_TYPE=x86_64-linux-gnu 
> DEB_TARGET_ARCH_LIBC=gnu FFLAGS='-g -O2 -ffile-prefix-map=/<>=. 
> -fstack-protector-strong' DEB_BUILD_ARCH_ENDIAN=little 
> DEB_BUILD_GNU_SYSTEM=linux-gnu DEB_BUILD_ARCH_BITS=64 
> DEB_BUILD_OPTIONS=parallel=8 
> GOPATH=/<>:/<>/debian/tmp:/<>/debian/gocode:/usr/share/gocode
>  DEB_HOST_ARCH=amd64 DEB_TARGET_ARCH_ENDIAN=little 
> SOURCE_DATE_EPOCH=1654780763 GOCACHE=/<>/debian/tmp/go-build 
> OBJCXXFLAGS='-g -O2 -ffile-prefix-map=/<>=. 
> -fstack-protector-strong -Wformat -Werror=format-security' 
> DEB_HOST_ARCH_BITS=64 LANG=C.UTF-8 MAKEFLAGS=w SCHROOT_GROUP=user42 
> DEB_TARGET_ARCH=amd64 DH_INTERNAL_OPTIONS=-O--buildsystem=meson 
> DEB_HOST_GNU_CPU=x86_64 DEB_BUILD_ARCH_LIBC=gnu MFLAGS=-w 
> DEB_TARGET_ARCH_BITS=64 ASFLAGS='' DEB_BUILD_ARCH_CPU=amd64 
> LC_COLLATE=C.UTF-8 SCHROOT_ALIAS_NAME=unstable DEB_HOST_ARCH_OS=linux 
> SHELL=/bin/sh FCFLAGS='-g -O2 -ffile-prefix-map=/<>=. 
> -fstack-protector-strong' DEB_HOST_ARCH_CPU=amd64 SCHROOT_USER=user42 
> PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games 
> DEB_BUILD_ARCH_ABI=base DEB_BUILD_ARCH=amd64 DEB_HOST_ARCH_LIBC=gnu 
> SCHROOT_SESSION_ID=sid-amd64-sbuild-41feb787-f865-4cb4-9f4f-2223f12641ea 
> GCJFLAGS='-g -O2 -ffile-prefix-map=/<>=. 
> -fstack-protector-strong' DEB_TARGET_ARCH_CPU=amd64 
> DEB_HOST_GNU_TYPE=x86_64-linux-gnu DEB_BUILD_ARCH_OS=linux LOGNAME=user42 
> CPPFLAGS='-Wdate-time -D_FORTIFY_SOURCE=2' 
> DEB_TARGET_MULTIARCH=x86_64-linux-gnu DEB_BUILD_GNU_CPU=x86_64 
> DEB_TARGET_ARCH_OS=linux USER=user42 DEB_HOST_ARCH_ABI=base 
> DEB_BUILD_MULTIARCH=x86_64-linux-gnu LDFLAGS=-Wl,-z,relro 
> DEB_TARGET_GNU_TYPE=x86_64-linux-gnu DEB_TARGET_ARCH_ABI=base CFLAGS='-g -O2 
> -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat 
> -Werror=format-security' SCHROOT_UID=1001 SCHROOT_COMMAND='dpkg-buildpackage 
> --sanitize-env -us -uc -rfakeroot -sa' DFLAGS=-frelease 
> DEB_TARGET_GNU_CPU=x86_64 APT_CONFIG=/var/lib/sbuild/apt.conf 
> HOME=/<>/debian/.debhelper/generated/_source/home 
> DEB_RULES_REQUIRES_ROOT=no DEB_TARGET_GNU_SYSTEM=linux-gnu 
> DEB_HOST_ARCH_ENDIAN=little OBJCFLAGS='-g -O2 
> -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat 
> -Werror=format-security' SCHROOT_CHROOT_NAME=sid-amd64-sbuild 
> DH_INTERNAL_BUILDFLAGS=1 CXXFLAGS='-g -O2 
> -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat 
> -Werror=format-security' DH_INTERNAL_OVERRIDE=dh_auto_test MAKELEVEL=2 
> XDG_RUNTIME_DIR=/tmp/dh-xdg-rundir-D8KrgYg3 MESON_TESTTHREADS=8 
> 
>  1/3 =
> test: shellcheck go-build-wr

Processed: notfixed 1028976 in 3.7.0-3, found 1029523 in 3.1.0-2, tagging 1029523, reassign 1028045 to php-solr ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> notfixed 1028976 3.7.0-3
Bug #1028976 {Done: Ondřej Surý } [src:php-imagick] 
php-imagick: autopkgtest needs update for new version of php-defaults
No longer marked as fixed in versions 3.7.0-3.
> found 1029523 3.1.0-2
Bug #1029523 [ruby-net-http-persistent] ruby-net-http-persistent want  Ruby (~> 
2.1)
Marked as found in versions ruby-net-http-persistent/3.1.0-2.
> tags 1029523 + sid bookworm
Bug #1029523 [ruby-net-http-persistent] ruby-net-http-persistent want  Ruby (~> 
2.1)
Added tag(s) sid and bookworm.
> reassign 1028045 php-solr 2.5.1+2.4.0-15
Bug #1028045 [php8.1-solr] php-8.1-solr and php-solr and missing in testing 
(hard package freeze in 2 months)
Warning: Unknown package 'php8.1-solr'
Bug reassigned from package 'php8.1-solr' to 'php-solr'.
No longer marked as found in versions php-solr/2.5.1+2.4.0-15.
Ignoring request to alter fixed versions of bug #1028045 to the same values 
previously set
Bug #1028045 [php-solr] php-8.1-solr and php-solr and missing in testing (hard 
package freeze in 2 months)
Marked as found in versions php-solr/2.5.1+2.4.0-15.
> close 1028045 2.6.0+2.4.0-3
Bug #1028045 [php-solr] php-8.1-solr and php-solr and missing in testing (hard 
package freeze in 2 months)
Marked as fixed in versions php-solr/2.6.0+2.4.0-3.
Bug #1028045 [php-solr] php-8.1-solr and php-solr and missing in testing (hard 
package freeze in 2 months)
Marked Bug as done
> fixed 1028614 8.1.12-1+rm
Bug #1028614 {Done: Ondřej Surý } [php8.1-common] 
php8.1-common is not installable on Debian Bookworm
Warning: Unknown package 'php8.1-common'
There is no source info for the package 'php8.1-common' at version 
'8.1.12-1+rm' with architecture ''
Unable to make a source version for version '8.1.12-1+rm'
Marked as fixed in versions 8.1.12-1+rm.
Warning: Unknown package 'php8.1-common'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1028045: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028045
1028614: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028614
1028976: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028976
1029523: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029523
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1022843: Bug#1029352: Bug#1022843: ifupdown: network down after systemctl restart

[Santiago Ruano Rincón]

Hi!

El 23/01/23 a las 16:19, Cyril Brulebois escribió:
> Hi Santiago,
> 
> Santiago Ruano Rincón  (2023-01-23):
> > Thanks everybody for the inputs. I've applied Paul's solution, and the
> > generated .deb can be downloaded from here:
> > 
> > https://salsa.debian.org/debian/ifupdown/-/jobs/3841392/artifacts/raw/debian/output/ifupdown_0.8.41~1.gbp3a6fae+salsaci+20230123+42_amd64.deb
> > 
> > Would it be possible for you (Oleg, Paul, Jeff, kibi et al.) to give it
> > a try?
> 
> (Reading your mail with s/Paul/Pascal/g in mind.)

Oups, sorry! Thanks for patching that too.

> 
> Tests yesterday seem to indicate successful results, but again I've only
> tested a few combinations in a VM (to keep the feedback loop short).
> 
> From the installer team point of view, I'd welcome a swift upload with
> this patch, possibly with urgency=high so that the fix reaches testing
> soon. This will another blocker out of the way for the next D-I release!

Just uploaded with your patched patch.

Cheers,

 -- S


signature.asc
Description: PGP signature

Bug#1022843: marked as done (ifupdown: network down after systemctl restart)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 13:37:06 +
with message-id 
and subject line Bug#1022843: fixed in ifupdown 0.8.41
has caused the Debian Bug report #1022843,
regarding ifupdown: network down after systemctl restart
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1022843: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022843
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: ifupdown
Version: 0.8.36
Severity: important
X-Debbugs-Cc: syso...@yandex.ru

Hello!

(Not sure why such rather important issue is not filled yet, but anyway. Sorry 
if I'm creating duplicate.)

My network is down after running `systemctl restart networking` on fresh 
installed Debian 11.5 (but the same issue is on Debian 10). There is no way to 
start it with `systemctl start networking`. Not sure if this relevant but I'm 
using static IPv4 config, no DHCP. The installation is very minimal without any 
systemd-networkd or NetworkManager stuff.

The reason for this is that systemd unit file networking.service using `ifdown 
-a` to stop network and then `ifup -a` to start it. According to the manual, 
the first command unconditionally deconfigure _all_ interfaces defined in 
/etc/network/interfaces, but the second one configure only interfaces which is 
defined as "auto" in the configuraton and not as "allow-hotplug".

During the installation all interfaces (fixed PCI NICs too, because udev events 
generated for PCI devices too [1]) in /etc/network/interfaces is created with 
"allow-hotplug", so restarting networking with systemd leads to non-functional 
network.

When using old-school `/etc/init.d/networking restart` (don't forget to set 
SYSTEMCTL_SKIP_REDIRECT=1) the issue is not present. This is because of special 
treatment for "allow-hotplug" interfaces in /etc/init.d/networking. See 
ifup_hotplug () function. The functionality is lacking in systemd unit file.

Forgot to mention that the network starting normally during the system startup. 
This is because of ifup@.service template unit which is started from udev rule 
via /lib/udev/ifupdown-hotplug script which runs unit for specific interface. 
This leads to running `ifup eth0`. When you run ifup this way, there is no need 
to define interface as "auto".

Yes, everything can be fixed using "auto" instead of "allow-hotplug", but 
"allow-hotplug" is set by Debian Installer [2]. This leads to the issue just 
"by default".

Should we sync systemd unit file behaviour with old SysV script by implementing 
something like ifup_hotplug() logic in unit file? Network must not be broken 
after silly systemctl restart.

[1] 
https://salsa.debian.org/installer-team/hw-detect/-/blob/master/net-hotplug.sh
[2] 
https://salsa.debian.org/installer-team/netcfg/-/blob/master/write_interface.c


-- Package-specific info:
--- /etc/network/interfaces:
# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
source /etc/network/interfaces.d/*

allow-hotplug eth0
iface eth0 inet static
address 172.17.0.3
netmask 255.255.0.0
gateway 172.17.0.1

--- /etc/network/interfaces.d/*:
cat: '/etc/network/interfaces.d/*': No such file or directory

--- up and down scripts installed:
/etc/network/if-down.d:
total 0

/etc/network/if-post-down.d:
total 0

/etc/network/if-pre-up.d:
total 0

/etc/network/if-up.d:
total 0


-- System Information:
Debian Release: 11.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.12.2 (SMP w/1 CPU thread)
Kernel taint flags: TAINT_FORCED_MODULE, TAINT_WARN, TAINT_UNSIGNED_MODULE
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ifupdown depends on:
ii  adduser   3.118
ii  iproute2  5.10.0-4
ii  libc6 2.31-13+deb11u5
ii  lsb-base  11.1.0

Versions of packages ifupdown recommends:
ii  isc-dhcp-client [dhcp-client]  4.4.1-2.3+deb11u1

Versions of packages ifupdown suggests:
pn  ppp 
pn  rdnssd  

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: ifupdown
Source-Version: 0.8.41
Done: Santiago Ruano Rincón 

We believe that the bug you reported is fixed in the latest version of
ifupdown, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1022...@bugs.debi

Bug#1029556: espeak-ng: autopkgtest regression

[Gianfranco Costamagna]

Source: espeak-ng
Version: 1.51+dfsg-9
Severity: serious
tags: patch

Hello, autopkgtests started to fail I presume since llvm-default change.
To fix, you need to depend on clang-rt when you use fsanitize=fuzzer)

clang++ -DHAVE_CONFIG_H -I.   -Wdate-time -D_FORTIFY_SOURCE=2  -g -O2 
-ffile-prefix-map=/tmp/autopkgtest-lxc.4x6n726o/downtmp/build.8AY/src=. 
-fstack-protector-strong -Wformat -Werror=format-security -c -o tests/dummy.o 
tests/dummy.cpp
/bin/bash ./libtool  --tag=CXX   --mode=link clang++  -g -O2 
-ffile-prefix-map=/tmp/autopkgtest-lxc.4x6n726o/downtmp/build.8AY/src=. 
-fstack-protector-strong -Wformat -Werror=format-security -fsanitize=fuzzer 
-Wl,-z,relro -o tests/ssml-fuzzer.test tests/ssml_fuzzer_test-ssml-fuzzer.o 
tests/dummy.o -lespeak-ng  -lsonic
libtool: link: clang++ -g -O2 
-ffile-prefix-map=/tmp/autopkgtest-lxc.4x6n726o/downtmp/build.8AY/src=. 
-fstack-protector-strong -Wformat -Werror=format-security -fsanitize=fuzzer 
-Wl,-z -Wl,relro -o tests/ssml-fuzzer.test tests/ssml_fuzzer_test-ssml-fuzzer.o 
tests/dummy.o  -lespeak-ng -lsonic
/usr/bin/ld: cannot find 
/usr/lib/llvm-14/lib/clang/14.0.6/lib/linux/libclang_rt.fuzzer-x86_64.a: No 
such file or directory
/usr/bin/ld: cannot find 
/usr/lib/llvm-14/lib/clang/14.0.6/lib/linux/libclang_rt.fuzzer_interceptors-x86_64.a:
 No such file or directory
/usr/bin/ld: cannot find 
/usr/lib/llvm-14/lib/clang/14.0.6/lib/linux/libclang_rt.ubsan_standalone-x86_64.a:
 No such file or directory
/usr/bin/ld: cannot find 
/usr/lib/llvm-14/lib/clang/14.0.6/lib/linux/libclang_rt.ubsan_standalone_cxx-x86_64.a:
 No such file or directory

This untested patch should do the trick:
 Tests: fuzz
 Architecture: amd64 arm64 i386
-Depends: @builddeps@, clang, libespeak-ng-dev
+Depends: @builddeps@, clang, clang-rt, libespeak-ng-dev

thanks

Gianfranco


OpenPGP_signature
Description: OpenPGP digital signature

Processed: severity of 1023267 is serious

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 1023267 serious
Bug #1023267 [sc-im] sc-im: scopen fails with gvim not found (if it is not 
installed)
Severity set to 'serious' from 'normal'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1023267: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023267
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1029558: libahp-xc FTBFS: missing symbols

[Adrian Bunk]

Source: libahp-xc
Version: 1.3.3-1
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/fetch.php?pkg=libahp-xc&arch=amd64&ver=1.3.3-1%2Bb1&stamp=1674505043&raw=0

...
   dh_makeshlibs -a
dpkg-gensymbols: error: some symbols or patterns disappeared in the symbols 
file: see diff output below
dpkg-gensymbols: warning: debian/libahp-xc1/DEBIAN/symbols doesn't match 
completely debian/libahp-xc1.symbols
--- debian/libahp-xc1.symbols (libahp-xc1_1.3.3-1+b1_amd64)
+++ dpkg-gensymbolsmoIKwy   2023-01-23 20:17:16.748366045 +
...
+#MISSING: 1.3.3-1+b1# urj_vhdl_set_lineno@Base 1.3.3
+#MISSING: 1.3.3-1+b1# urj_vhdl_set_lval@Base 1.3.3
+#MISSING: 1.3.3-1+b1# urj_vhdl_set_out@Base 1.3.3
+#MISSING: 1.3.3-1+b1# urj_vhdl_wrap@Base 1.3.3
  wait_no_threads@Base 1.3.3
  wait_threads@Base 1.3.3
- xlx_bitstream_alloc@Base 1.3.3
- xlx_bitstream_free@Base 1.3.3
- xlx_bitstream_load_bit@Base 1.3.3
+#MISSING: 1.3.3-1+b1# xlx_bitstream_alloc@Base 1.3.3
+#MISSING: 1.3.3-1+b1# xlx_bitstream_free@Base 1.3.3
+#MISSING: 1.3.3-1+b1# xlx_bitstream_load_bit@Base 1.3.3
dh_makeshlibs: error: failing due to earlier errors
make: *** [debian/rules:7: binary-arch] Error 25



I don't know about the last 3 ones, but the rest looks as if libahp-xc
was listing symbols from liburjtag.

Bug#1029559: sc-im FTBFS: link error

[Adrian Bunk]

Source: sc-im
Version: 0.8.3+ds-1
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/logs.php?pkg=sc-im&ver=0.8.3%2Bds-1

...
/usr/bin/ld: tui.o: warning: relocation against `COLORS' in read-only section 
`.text'
/usr/bin/ld: main.o: in function `sig_tstp':
./src/./src/main.c:633: undefined reference to `def_prog_mode'
/usr/bin/ld: ./src/./src/main.c:634: undefined reference to `endwin'
/usr/bin/ld: main.o: in function `sig_cont':
./src/./src/main.c:647: undefined reference to `reset_prog_mode'
/usr/bin/ld: ./src/./src/main.c:648: undefined reference to `stdscr'
/usr/bin/ld: ./src/./src/main.c:648: undefined reference to `wrefresh'
/usr/bin/ld: color.o: in function `redefine_color':
./src/./src/color.c:586: undefined reference to `has_colors'
/usr/bin/ld: ./src/./src/color.c:586: undefined reference to `can_change_color'
/usr/bin/ld: ./src/./src/color.c:594: undefined reference to 
`init_extended_color'
/usr/bin/ld: color.o: in function `define_color':
./src/./src/color.c:627: undefined reference to `has_colors'
/usr/bin/ld: ./src/./src/color.c:627: undefined reference to `can_change_color'
/usr/bin/ld: ./src/./src/color.c:627: undefined reference to `COLORS'
/usr/bin/ld: ./src/./src/color.c:661: undefined reference to 
`init_extended_color'
...
collect2: error: ld returned 1 exit status
make[2]: *** [Makefile:194: sc-im] Error 1

Bug#1029561: CVE-2022-47951: vulnerability in VMDK image processing

[Thomas Goirand]

Package: nova-compute
Version: 2:26.0.0-5
Severity: grave
Tags: patch

This is an advance warning of a vulnerability discovered in
OpenStack, to give you, as downstream stakeholders, a chance to
coordinate the release of fixes and reduce the vulnerability window.
Please treat the following information as confidential until the
proposed public disclosure date.

Title: Arbitrary file access through custom VMDK flat descriptor
Reporter: Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien
  Rannou (OVH)
Products: Cinder, Glance, Nova
Affects: Cinder <19.1.2, >=20.0.0 <20.0.2, ==21.0.0;
 Glance <23.0.1, >=24.0.0 <24.1.1, ==25.0.0;
 Nova <24.1.2, >=25.0.0 <25.0.2, ==26.0.0

Description:
Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou
(OVH) reported a vulnerability in VMDK image processing for Cinder,
Glance and Nova. By supplying a specially created VMDK flat image
which references a specific backing file path, an authenticated user
may convince systems to return a copy of that file's contents from
the server resulting in unauthorized access to potentially sensitive
data. All Cinder deployments are affected; only Glance deployments
with image conversion enabled are affected; all Nova deployments are
affected.

Proposed patch:
See attached patches. Unless a flaw is discovered in them, these
patches will be merged to their corresponding branches on the public
disclosure date. Note that stable/wallaby and older branches are
under extended maintenance and will receive no new point releases,
but patches for some of them are provided as a courtesy.

CVE: CVE-2022-47951

Proposed public disclosure date/time:
2023-01-24, 1500UTC
Please do not make the issue public (or release public patches)
before this coordinated embargo date.

Original private report:
https://launchpad.net/bugs/1996188
For access to read and comment on this report, please reply to me
with your Launchpad username and I will subscribe you.
-- 
Jeremy Stanley
OpenStack Vulnerability Management Team

Bug#1029562: CVE-2022-47951: vulnerability in VMDK image processing

[Thomas Goirand]

Package: python3-cinder
Version: 2:21.0.0-2
Severity: grave
Tags: patch

This is an advance warning of a vulnerability discovered in
OpenStack, to give you, as downstream stakeholders, a chance to
coordinate the release of fixes and reduce the vulnerability window.
Please treat the following information as confidential until the
proposed public disclosure date.

Title: Arbitrary file access through custom VMDK flat descriptor
Reporter: Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien
  Rannou (OVH)
Products: Cinder, Glance, Nova
Affects: Cinder <19.1.2, >=20.0.0 <20.0.2, ==21.0.0;
 Glance <23.0.1, >=24.0.0 <24.1.1, ==25.0.0;
 Nova <24.1.2, >=25.0.0 <25.0.2, ==26.0.0

Description:
Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou
(OVH) reported a vulnerability in VMDK image processing for Cinder,
Glance and Nova. By supplying a specially created VMDK flat image
which references a specific backing file path, an authenticated user
may convince systems to return a copy of that file's contents from
the server resulting in unauthorized access to potentially sensitive
data. All Cinder deployments are affected; only Glance deployments
with image conversion enabled are affected; all Nova deployments are
affected.

Proposed patch:
See attached patches. Unless a flaw is discovered in them, these
patches will be merged to their corresponding branches on the public
disclosure date. Note that stable/wallaby and older branches are
under extended maintenance and will receive no new point releases,
but patches for some of them are provided as a courtesy.

CVE: CVE-2022-47951

Proposed public disclosure date/time:
2023-01-24, 1500UTC
Please do not make the issue public (or release public patches)
before this coordinated embargo date.

Original private report:
https://launchpad.net/bugs/1996188
For access to read and comment on this report, please reply to me
with your Launchpad username and I will subscribe you.
-- 
Jeremy Stanley
OpenStack Vulnerability Management Team

Bug#1029563: CVE-2022-47951: vulnerability in VMDK image processing

[Thomas Goirand]

Package: glance-api
Version: 2:25.0.0-1.1
Severity: grave
Tags: patch

This is an advance warning of a vulnerability discovered in
OpenStack, to give you, as downstream stakeholders, a chance to
coordinate the release of fixes and reduce the vulnerability window.
Please treat the following information as confidential until the
proposed public disclosure date.

Title: Arbitrary file access through custom VMDK flat descriptor
Reporter: Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien
  Rannou (OVH)
Products: Cinder, Glance, Nova
Affects: Cinder <19.1.2, >=20.0.0 <20.0.2, ==21.0.0;
 Glance <23.0.1, >=24.0.0 <24.1.1, ==25.0.0;
 Nova <24.1.2, >=25.0.0 <25.0.2, ==26.0.0

Description:
Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou
(OVH) reported a vulnerability in VMDK image processing for Cinder,
Glance and Nova. By supplying a specially created VMDK flat image
which references a specific backing file path, an authenticated user
may convince systems to return a copy of that file's contents from
the server resulting in unauthorized access to potentially sensitive
data. All Cinder deployments are affected; only Glance deployments
with image conversion enabled are affected; all Nova deployments are
affected.

Proposed patch:
See attached patches. Unless a flaw is discovered in them, these
patches will be merged to their corresponding branches on the public
disclosure date. Note that stable/wallaby and older branches are
under extended maintenance and will receive no new point releases,
but patches for some of them are provided as a courtesy.

CVE: CVE-2022-47951

Proposed public disclosure date/time:
2023-01-24, 1500UTC
Please do not make the issue public (or release public patches)
before this coordinated embargo date.

Original private report:
https://launchpad.net/bugs/1996188
For access to read and comment on this report, please reply to me
with your Launchpad username and I will subscribe you.
-- 
Jeremy Stanley
OpenStack Vulnerability Management Team

Bug#1028634: tiledarray: FTBFS: Could not find a package configuration file provided by "blaspp"

[Adrian Bunk]

Control: reassign -1 libbtas-dev 0.0+git20221014.147bf4d4-1
Control: retitle -1 libbtas-dev requires blaspp
Control: affects -1 src:tiledarray

On Fri, Jan 13, 2023 at 11:59:48PM +0100, Sebastian Ramacher wrote:
> Source: tiledarray
> Version: 1.0.0-1
> Severity: serious
> Tags: ftbfs
>...
> blasppConfig.cmake
> blaspp-config.cmake
> 
>   Add the installation prefix of "blaspp" to CMAKE_PREFIX_PATH or set
>   "blaspp_DIR" to a directory containing one of the above files.  If "blaspp"
>   provides a separate development package or SDK, be sure it has been
>   installed.
> Call Stack (most recent call first):
>   /usr/lib/cmake/BTAS/btas-config.cmake:104 (find_dependency)
>   cmake/modules/FindOrFetchBTAS.cmake:1 (find_package)
>   CMakeLists.txt:279 (include)

This looks like a problem in libbtas-dev (unpackaged dependency blaspp?).

> Cheers

cu
Adrian

Processed: Re: Bug#1028634: tiledarray: FTBFS: Could not find a package configuration file provided by "blaspp"

[Debian Bug Tracking System]

Processing control commands:

> reassign -1 libbtas-dev 0.0+git20221014.147bf4d4-1
Bug #1028634 [src:tiledarray] tiledarray: FTBFS: Could not find a package 
configuration file provided by "blaspp"
Bug reassigned from package 'src:tiledarray' to 'libbtas-dev'.
No longer marked as found in versions tiledarray/1.0.0-1.
Ignoring request to alter fixed versions of bug #1028634 to the same values 
previously set
Bug #1028634 [libbtas-dev] tiledarray: FTBFS: Could not find a package 
configuration file provided by "blaspp"
Marked as found in versions btas/0.0+git20221014.147bf4d4-1.
> retitle -1 libbtas-dev requires blaspp
Bug #1028634 [libbtas-dev] tiledarray: FTBFS: Could not find a package 
configuration file provided by "blaspp"
Changed Bug title to 'libbtas-dev requires blaspp' from 'tiledarray: FTBFS: 
Could not find a package configuration file provided by "blaspp"'.
> affects -1 src:tiledarray
Bug #1028634 [libbtas-dev] libbtas-dev requires blaspp
Added indication that 1028634 affects src:tiledarray

-- 
1028634: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028634
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Bug#1029563 marked as pending in glance

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #1029563 [glance-api] CVE-2022-47951: vulnerability in VMDK image processing
Added tag(s) pending.

-- 
1029563: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029563
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1029563: marked as pending in glance

[Thomas Goirand]

Control: tag -1 pending

Hello,

Bug #1029563 in glance reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/openstack-team/services/glance/-/commit/4cc1d20d6a74b855fda0c73892533b0613ecac36


* CVE-2022-47951: vulnerability in VMDK image processing. By supplying a
specially created VMDK flat image which references a specific backing file
path, an authenticated user may convince systems to return a copy of that
file's contents from the server resulting in unauthorized access to
potentially sensitive data. Added upstream patch:
CVE-2022-47951-Enforce_image_safety_during_image_conversion.patch
(Closes: #1029563).


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1029563

Processed: Forwarding upstream

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 1027952 help confirmed upstream
Bug #1027952 [libpcre2-8-0] pcre2 causes crashes in link-grammar
Added tag(s) help, confirmed, and upstream.
> forwarded 1027952 https://github.com/PCRE2Project/pcre2/issues/197
Bug #1027952 [libpcre2-8-0] pcre2 causes crashes in link-grammar
Set Bug forwarded-to-address to 
'https://github.com/PCRE2Project/pcre2/issues/197'.
> quit
Stopping processing here.

Please contact me if you need assistance.
-- 
1027952: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027952
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1008220: Help needed to finalise the oneTBB migration of flexbar

[Andreas Tille]

Control: tags -1 help

Hi,

I made some progress[1] in converting flexbar (which seems to be
orphaned upstream[2] so we are on our own with the migration - but the
program ist interesting anyway) but finally have hit a blocker which
you can see in the build in Salsa CI[3].

It would be great if someone could help me over this blocker.

Kind regards
   Andreas.


[1] 
https://salsa.debian.org/med-team/flexbar/-/blob/master/debian/patches/onetbb.patch
[2] https://github.com/seqan/flexbar/issues/38
[3] https://salsa.debian.org/med-team/flexbar/-/jobs/3820125

-- 
http://fam-tille.de

Processed: Help needed to finalise the oneTBB migration of flexbar

[Debian Bug Tracking System]

Processing control commands:

> tags -1 help
Bug #1008220 [src:flexbar] flexbar 3.5.0-4 FTBFS against libtbb-dev 2021.5.0-7
Bug #1012127 [src:flexbar] flexbar: FTBFS with onetbb/2021.5.0-8 in experimental
Added tag(s) help.
Added tag(s) help.

-- 
1008220: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008220
1012127: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012127
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Help needed to finalise the oneTBB migration of flexbar

[Debian Bug Tracking System]

Processing control commands:

> tags -1 help
Bug #1011656 [src:flexbar] flexbar ftbfs: cannot find tbb header
Ignoring request to alter tags of bug #1011656 to the same tags previously set

-- 
1011656: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011656
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Bug#1029562 marked as pending in cinder

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #1029562 [python3-cinder] CVE-2022-47951: vulnerability in VMDK image 
processing
Added tag(s) pending.

-- 
1029562: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1029562: marked as pending in cinder

[Thomas Goirand]

Control: tag -1 pending

Hello,

Bug #1029562 in cinder reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/openstack-team/services/cinder/-/commit/3797e3c3123ddfc6c126f971e27f294a91d877ac


* CVE-2022-47951: By supplying a specially created VMDK flat image which
references a specific backing file path, an authenticated user may convince
systems to return a copy of that file's contents from the server resulting
in unauthorized access to potentially sensitive data. Add upstream patch
CVE-2022-47951_Check_VMDK_subformat_against_an_allowed_list.patch
(Closes: #1029562).


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1029562

Bug#1029563: marked as done (CVE-2022-47951: vulnerability in VMDK image processing)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 16:39:58 +
with message-id 
and subject line Bug#1029563: fixed in glance 2:25.0.0-2
has caused the Debian Bug report #1029563,
regarding CVE-2022-47951: vulnerability in VMDK image processing
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1029563: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029563
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: glance-api
Version: 2:25.0.0-1.1
Severity: grave
Tags: patch

This is an advance warning of a vulnerability discovered in
OpenStack, to give you, as downstream stakeholders, a chance to
coordinate the release of fixes and reduce the vulnerability window.
Please treat the following information as confidential until the
proposed public disclosure date.

Title: Arbitrary file access through custom VMDK flat descriptor
Reporter: Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien
  Rannou (OVH)
Products: Cinder, Glance, Nova
Affects: Cinder <19.1.2, >=20.0.0 <20.0.2, ==21.0.0;
 Glance <23.0.1, >=24.0.0 <24.1.1, ==25.0.0;
 Nova <24.1.2, >=25.0.0 <25.0.2, ==26.0.0

Description:
Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou
(OVH) reported a vulnerability in VMDK image processing for Cinder,
Glance and Nova. By supplying a specially created VMDK flat image
which references a specific backing file path, an authenticated user
may convince systems to return a copy of that file's contents from
the server resulting in unauthorized access to potentially sensitive
data. All Cinder deployments are affected; only Glance deployments
with image conversion enabled are affected; all Nova deployments are
affected.

Proposed patch:
See attached patches. Unless a flaw is discovered in them, these
patches will be merged to their corresponding branches on the public
disclosure date. Note that stable/wallaby and older branches are
under extended maintenance and will receive no new point releases,
but patches for some of them are provided as a courtesy.

CVE: CVE-2022-47951

Proposed public disclosure date/time:
2023-01-24, 1500UTC
Please do not make the issue public (or release public patches)
before this coordinated embargo date.

Original private report:
https://launchpad.net/bugs/1996188
For access to read and comment on this report, please reply to me
with your Launchpad username and I will subscribe you.
-- 
Jeremy Stanley
OpenStack Vulnerability Management Team
--- End Message ---
--- Begin Message ---
Source: glance
Source-Version: 2:25.0.0-2
Done: Thomas Goirand 

We believe that the bug you reported is fixed in the latest version of
glance, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1029...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thomas Goirand  (supplier of updated glance package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Jan 2023 16:51:31 +0100
Source: glance
Architecture: source
Version: 2:25.0.0-2
Distribution: unstable
Urgency: high
Maintainer: Debian OpenStack 
Changed-By: Thomas Goirand 
Closes: 1029563
Changes:
 glance (2:25.0.0-2) unstable; urgency=high
 .
   * CVE-2022-47951: vulnerability in VMDK image processing. By supplying a
 specially created VMDK flat image which references a specific backing file
 path, an authenticated user may convince systems to return a copy of that
 file's contents from the server resulting in unauthorized access to
 potentially sensitive data. Added upstream patch:
 CVE-2022-47951-Enforce_image_safety_during_image_conversion.patch
 (Closes: #1029563).
Checksums-Sha1:
 f56b459a74f546285379f0e7c50dc75d8928fc1f 3787 glance_25.0.0-2.dsc
 4dd37858906bebc273d42bd33b00c893e9259cbc 19280 glance_25.0.0-2.debian.tar.xz
 9f6ae9809d8b67164125a61e0cfecd0ded251e40 18496 glance_25.0.0-2_amd64.buildinfo
Checksums-Sha256:
 ee752adbf1e940c39e96db847d2bc4efd9b8c7d6f96a810106e1e64f4102e6f5 3787 
glance_25.0.0-2.dsc
 c7acfc24801e95673f1f26eb3ea913c2be5f713bfe073d86bfffd8adaf87437a 19280 
glance_25.0.0-2.debian.tar.xz
 c377e2c1f8a23e116b12e28b7e8e96a3cb04fe0c39886880b8fa55849ac75bf4 18496 
glance_25.0.0-2

Bug#981886: marked as done (intellij-community-idea build depends on openjdk-8-jdk-headless that will not be in bullseye)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 16:43:17 +
with message-id 
and subject line Bug#981886: fixed in intellij-community-idea 183.5153.4-3
has caused the Debian Bug report #981886,
regarding intellij-community-idea build depends on openjdk-8-jdk-headless that 
will not be in bullseye
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
981886: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981886
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: intellij-community-idea
Version: 183.5153.4-2
Severity: serious
Tags: ftbfs

Migration status: Blocked. Can't migrate due to a non-migratable dependency. 
Check status below.
Build-Depends(-Arch): intellij-community-idea openjdk-8 (not considered)
Invalidated by build-dependency
--- End Message ---
--- Begin Message ---
Source: intellij-community-idea
Source-Version: 183.5153.4-3
Done: Emmanuel Bourg 

We believe that the bug you reported is fixed in the latest version of
intellij-community-idea, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 981...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Emmanuel Bourg  (supplier of updated intellij-community-idea 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Jan 2023 16:10:00 +0100
Source: intellij-community-idea
Architecture: source
Version: 183.5153.4-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers 

Changed-By: Emmanuel Bourg 
Closes: 981886
Changes:
 intellij-community-idea (183.5153.4-3) unstable; urgency=medium
 .
   * Team upload.
   * Build with Java 17 (Closes: #981886)
   * Standards-Version updated to 4.6.2
   * Switch to debhelper level 13
Checksums-Sha1:
 3a7d09e3ede9664459183318f409d9ca57d5cdac 3191 
intellij-community-idea_183.5153.4-3.dsc
 d56f8e8ec4ff5af6c65148746fa569d2e0e76bb7 17276 
intellij-community-idea_183.5153.4-3.debian.tar.xz
 96e8043fc142318c2d0b9f74b9203eff2ef5d8b2 15558 
intellij-community-idea_183.5153.4-3_source.buildinfo
Checksums-Sha256:
 0c3f156dad54afb4a12cf198c02189cc0190a7029e1e154f6bac877e8a4fe7b1 3191 
intellij-community-idea_183.5153.4-3.dsc
 d99cad1773554c76f0b36d3df785407c99152c97f15234b7ca4bb5eb48f96fce 17276 
intellij-community-idea_183.5153.4-3.debian.tar.xz
 5e49457f5b2caf0ef936ed9c7b35d11d63fff93d73cdc5e99ee6c402d462d7cb 15558 
intellij-community-idea_183.5153.4-3_source.buildinfo
Files:
 3d8d4adfde43cf89c74be8adde5e8876 3191 java optional 
intellij-community-idea_183.5153.4-3.dsc
 77c45416ad794dd2c11a7adcd02567f1 17276 java optional 
intellij-community-idea_183.5153.4-3.debian.tar.xz
 f620ffac82ee2f39f97718e53e1fb127 15558 java optional 
intellij-community-idea_183.5153.4-3_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEuM5N4hCA3PkD4WxA9RPEGeS50KwFAmPP9Q8SHGVib3VyZ0Bh
cGFjaGUub3JnAAoJEPUTxBnkudCsCUIQALMQ6CWi+ojEYnKbeQjib8PlHPGUW/pQ
7gXL/f/05aZxRmkJl549y2tYzWfx0p76T8pyzP28ZnHnnGRgViNy48cokTMJXujw
cIxuH0tM/ONCb5/sduopcf3OWETumNVPm4r/GTqbaiBpEQQwFVNZyIDNDqpLInbD
I/rNuV/kMvdVxQMSYUys3PUFIRSggevbRR6Xk28ngqx6T2KW8pjWGVwewEU6mMv1
/jy/13f8JaK8mh3gZ46ZYp9TvUzp8dRvgtCuwFET3UWrRWa1JIhv9Q0An9CJQq+p
mN5LRZ2VuNck9Nn6SCUhZsfx8UIK0q+wCEevoBOgrjLOn1XPvEjdGJ8vGzkMgpFo
nr0XdSOZ99KP00ViR9BsM/nAkKajzbqYShstPOTb/laAuJcbVn2YhHZ7xT+XlKy9
BLauLna9Rra2rzPhRaA87eSuVp8HOuzjKPqlwNBolA+MaE7tPmHDOgYU980wfi0q
7VXIppdkqziLv8iwTWzd6yV0b/MsEwQgHCm5QB4VnwEAFFzVaEMHA7drnB0dx6HU
3096ijnFmYlI/vpUvehDQE543IcvPlYrfAKUGQ/hmuiTmiCSZRFSgs277T5A14sq
5eRLWIbKUZe4ywbQOcokmiGI2GNQyB9gB8VGwo7clIGTEQrPEw+JahtW1Irh1pW4
8eFpOH8xQ7Xg
=4tdR
-END PGP SIGNATURE End Message ---

Bug#1028976: marked as done (php-imagick: autopkgtest needs update for new version of php-defaults)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 16:45:46 +
with message-id 
and subject line Bug#1028976: fixed in php-imagick 3.7.0-4
has caused the Debian Bug report #1028976,
regarding php-imagick: autopkgtest needs update for new version of php-defaults
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1028976: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028976
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Source: php-imagick
Version: 3.7.0-3
Severity: serious
X-Debbugs-CC: php-defau...@packages.debian.org
Tags: sid bookworm
User: debian...@lists.debian.org
Usertags: needs-update
Control: affects -1 src:php-defaults

Dear maintainer(s),

With a recent upload of php-defaults the autopkgtest of php-imagick 
fails in testing when that autopkgtest is run with the binary packages 
of php-defaults from unstable. It passes when run with only packages 
from testing. In tabular form:


   passfail
php-defaults   from testing93
php-imagickfrom testing3.7.0-3
all others from testingfrom testing

I copied some of the output at the bottom of this report.

Currently this regression is blocking the migration of php-defaults to 
testing [1]. Of course, php-defaults shouldn't just break your 
autopkgtest (or even worse, your package), but it seems to me that the 
change in php-defaults was intended and your package needs to update to 
the new situation.


If this is a real problem in your package (and not only in your 
autopkgtest), the right binary package(s) from php-defaults should 
really add a versioned Breaks on the unfixed version of (one of your) 
package(s). Note: the Breaks is nice even if the issue is only in the 
autopkgtest as it helps the migration software to figure out the right 
versions to combine in the tests.


More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[1] https://qa.debian.org/excuses.php?package=php-defaults

https://ci.debian.net/data/autopkgtest/testing/amd64/p/php-imagick/30392957/log.gz

There was 1 failure:

1) 
/tmp/autopkgtest-lxc.0guk5e6e/downtmp/build.IKf/src/imagick-3.7.0/tests/243_Tutorial_svgExample_basic.phpt

Failed asserting that string matches format description.
--- Expected
+++ Actual
@@ @@
-Ok
+Fatal error: Uncaught ImagickException: no decode delegate for this 
image format `SVG' @ error/blob.c/BlobToImage/363 in Standard input code:43

+Stack trace:
+#0 Standard input code(43): Imagick->readImageBlob()
+#1 Standard input code(49): svgExample()
+#2 {main}
+  thrown in Standard input code on line 43

/tmp/autopkgtest-lxc.0guk5e6e/downtmp/build.IKf/src/imagick-3.7.0/tests/243_Tutorial_svgExample_basic.phpt:58



OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: php-imagick
Source-Version: 3.7.0-4
Done: Ondřej Surý 

We believe that the bug you reported is fixed in the latest version of
php-imagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1028...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ondřej Surý  (supplier of updated php-imagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Jan 2023 16:10:05 +0100
Source: php-imagick
Architecture: source
Version: 3.7.0-4
Distribution: unstable
Urgency: medium
Maintainer: Debian PHP PECL Maintainers 
Changed-By: Ondřej Surý 
Closes: 1028976
Changes:
 php-imagick (3.7.0-4) unstable; urgency=medium
 .
   * Install the extra ImageMagick codes for SVG support in autopkgtests
 (Closes: #1028976)
Checksums-Sha1:
 4e02fea8a29276dfb0aaf1bae0db00286d8ad59f 2432 php-imagick_3.7.0-4.dsc
 9eed67c684aa229a5df77fd8e9e7af9abf00a245 360138 php-imagick_3.7.0.orig.tar.gz
 6b31f6dc292fe8d5a64b6fb81a71fb965f3cf1a5 15256 
php-imagick_3.7.0-4.debian.tar.xz
 67082981a7bf9c1e714a613ee630441454783da9 13123 
php-imagick_3.7.0-4_amd64.buildinfo
Checksums-Sha256:
 12db6a204ddba96b2af5634de3a209898fbe01d58e6dc91067d0b028e6ebc597 2432 
php-imagick_3.7.0-4.dsc
 5a364354109029d224bcbb2e82e15

Bug#1029561: marked as done (CVE-2022-47951: vulnerability in VMDK image processing)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 16:45:10 +
with message-id 
and subject line Bug#1029561: fixed in nova 2:26.0.0-6
has caused the Debian Bug report #1029561,
regarding CVE-2022-47951: vulnerability in VMDK image processing
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1029561: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029561
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: nova-compute
Version: 2:26.0.0-5
Severity: grave
Tags: patch

This is an advance warning of a vulnerability discovered in
OpenStack, to give you, as downstream stakeholders, a chance to
coordinate the release of fixes and reduce the vulnerability window.
Please treat the following information as confidential until the
proposed public disclosure date.

Title: Arbitrary file access through custom VMDK flat descriptor
Reporter: Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien
  Rannou (OVH)
Products: Cinder, Glance, Nova
Affects: Cinder <19.1.2, >=20.0.0 <20.0.2, ==21.0.0;
 Glance <23.0.1, >=24.0.0 <24.1.1, ==25.0.0;
 Nova <24.1.2, >=25.0.0 <25.0.2, ==26.0.0

Description:
Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou
(OVH) reported a vulnerability in VMDK image processing for Cinder,
Glance and Nova. By supplying a specially created VMDK flat image
which references a specific backing file path, an authenticated user
may convince systems to return a copy of that file's contents from
the server resulting in unauthorized access to potentially sensitive
data. All Cinder deployments are affected; only Glance deployments
with image conversion enabled are affected; all Nova deployments are
affected.

Proposed patch:
See attached patches. Unless a flaw is discovered in them, these
patches will be merged to their corresponding branches on the public
disclosure date. Note that stable/wallaby and older branches are
under extended maintenance and will receive no new point releases,
but patches for some of them are provided as a courtesy.

CVE: CVE-2022-47951

Proposed public disclosure date/time:
2023-01-24, 1500UTC
Please do not make the issue public (or release public patches)
before this coordinated embargo date.

Original private report:
https://launchpad.net/bugs/1996188
For access to read and comment on this report, please reply to me
with your Launchpad username and I will subscribe you.
-- 
Jeremy Stanley
OpenStack Vulnerability Management Team
--- End Message ---
--- Begin Message ---
Source: nova
Source-Version: 2:26.0.0-6
Done: Thomas Goirand 

We believe that the bug you reported is fixed in the latest version of
nova, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1029...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thomas Goirand  (supplier of updated nova package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Jan 2023 14:11:46 +0100
Source: nova
Architecture: source
Version: 2:26.0.0-6
Distribution: unstable
Urgency: high
Maintainer: Debian OpenStack 
Changed-By: Thomas Goirand 
Closes: 1029561
Changes:
 nova (2:26.0.0-6) unstable; urgency=high
 .
   * CVE-2022-47951: By supplying a specially created VMDK flat image which
 references a specific backing file path, an authenticated user may convince
 systems to return a copy of that file's contents from the server resulting
 in unauthorized access to potentially sensitive data. Add upstream patch
 cve-2022-47951-glance-stable-zed.patch (Closes: #1029561).
Checksums-Sha1:
 505c29ba929e249cf22955e1c7edd7702c21f482 5042 nova_26.0.0-6.dsc
 3daa1f3524316bb60961ee7c617770fda2f84dff 62696 nova_26.0.0-6.debian.tar.xz
 32cadc362c6f3f009c1b37e3399d1c90989045be 22202 nova_26.0.0-6_amd64.buildinfo
Checksums-Sha256:
 4ed40c6cf1e2f069f881418341692fa9d42a4c5b79d8680f044cfedf907ca146 5042 
nova_26.0.0-6.dsc
 a010170a561579be0b5e75d4cea48654a1939b3ae8c58a16b47433db99d67d8c 62696 
nova_26.0.0-6.debian.tar.xz
 5db77128c47f971774d6ba4ebd26bfe5fc11fa3f47199a86053138d51d140fbb 22202 
nova_26.0.0-6_amd64.buildinfo
Files:
 06fb71f148e5e26e2f3c5225a13487ba 5042 net optional nova_26.0.0-6.dsc
 9b5cb17a1

Processed: Bug#1029562 marked as pending in cinder

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #1029562 [python3-cinder] CVE-2022-47951: vulnerability in VMDK image 
processing
Ignoring request to alter tags of bug #1029562 to the same tags previously set

-- 
1029562: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1029562: marked as pending in cinder

[Thomas Goirand]

Control: tag -1 pending

Hello,

Bug #1029562 in cinder reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/openstack-team/services/cinder/-/commit/4eff24a4831640b09a25f31cfa1f09164ebc0842


* CVE-2022-47951: vulnerability in VMDK image processing. By supplying a
specially created VMDK flat image which references a specific backing file
path, an authenticated user may convince systems to return a copy of that
file's contents from the server resulting in unauthorized access to
potentially sensitive data. Added upstream patch:
CVE-2022-47951_Check_VMDK_subformat_against_an_allowed_list.patch
(Closes: #1029562)


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1029562

Bug#1028976: SVG support

[Ondřej Surý]

Thanks for the hint. I’ve realized that there might be SVG support external (as 
a plug-in) and that’s exactly the case. I’ve added -extra to autopkgtest 
control file as it does contain the dynamically loaded plugin for SVG files.

Ondrej
--
Ondřej Surý  (He/Him)

> On 24. 1. 2023, at 10:48, William Desportes  wrote:
> 
> Upstream said it was missing SVG support, but it's now fixed.
> Ref: https://github.com/Imagick/imagick/issues/575#issuecomment-1401630623
> 

Bug#1029523: marked as done (ruby-net-http-persistent want Ruby (~> 2.1))

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 17:06:45 +
with message-id 
and subject line Bug#1029523: fixed in ruby-net-http-persistent 4.0.1-1
has caused the Debian Bug report #1029523,
regarding ruby-net-http-persistent want  Ruby (~> 2.1)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1029523: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029523
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: ruby-net-http-persistent
Severity: grave
Justification: unable to install gitlab or use with bundler

Just add this to Gemfile.
gem "telesign"

and run,
bundle install --local
Don't run Bundler as root. Bundler can ask for sudo if it is needed, 
and installing your bundle as root will

break this application for all non-root users on this machine.
[DEPRECATED] This Gemfile does not include an explicit global source. 
Not using an explicit global source may result in a different lockfile 
being generated depending on the gems you have installed locally before 
bundler is run. Instead, define a global source in your Gemfile like 
this: source "https://rubygems.org";.

Resolving dependencies...
Bundler found conflicting requirements for the Ruby version:
 In Gemfile:
   Ruby

   telesign was resolved to 2.2.3, which depends on
 net-http-persistent (~> 3.0, >= 3.0.0) was resolved to 3.1.0, 
which depends on

   Ruby (~> 2.1)


This comes from the gemspec
https://salsa.debian.org/ruby-team/ruby-net-http-persistent/-/blob/master/net-http-persistent.gemspec#L23
--- End Message ---
--- Begin Message ---
Source: ruby-net-http-persistent
Source-Version: 4.0.1-1
Done: Mohammed Bilal 

We believe that the bug you reported is fixed in the latest version of
ruby-net-http-persistent, which is due to be installed in the Debian FTP 
archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1029...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mohammed Bilal  (supplier of updated 
ruby-net-http-persistent package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Jan 2023 21:42:27 +0530
Source: ruby-net-http-persistent
Architecture: source
Version: 4.0.1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Ruby Team 

Changed-By: Mohammed Bilal 
Closes: 1029523
Changes:
 ruby-net-http-persistent (4.0.1-1) experimental; urgency=medium
 .
   [ Gunnar Wolf ]
   * Removing myself from uploaders, acknowledging reality
 .
   [ Debian Janitor ]
   * Update standards version to 4.6.1, no changes needed.
   * Remove constraints unnecessary since buster (oldstable)
 .
   [ Mohammed Bilal ]
   * New upstream version 4.0.1 (Closes: #1029523)
   * Switch to {ruby:Depends} for deps
   * Bump Standards-Ver to 4.6.2, no changes needed
   * Add myself to uploaders
Checksums-Sha1:
 d307e43fc990068349cb88b5e61e39cd79afcbe4 2223 
ruby-net-http-persistent_4.0.1-1.dsc
 1748dad90f4690635a3860054773faa3ac5c548e 23736 
ruby-net-http-persistent_4.0.1.orig.tar.gz
 06f02e429b070064c834815586326bca6bddfcc0 3996 
ruby-net-http-persistent_4.0.1-1.debian.tar.xz
 c57933711a69b546ea1c049aba405fe265bec2dd 9586 
ruby-net-http-persistent_4.0.1-1_amd64.buildinfo
Checksums-Sha256:
 bc52b7339a523f2cfb91782db3aee78ff67b74bc313a3f5646d09f7a784dd31f 2223 
ruby-net-http-persistent_4.0.1-1.dsc
 0a10d92ea6ae9b47b6fadca0fe3a825ef0201fa4f02330db8f3ae3558f1503c7 23736 
ruby-net-http-persistent_4.0.1.orig.tar.gz
 6a11573e7ce7cebc3de2a4168902513ee570c289d01cef8c841a1d047cbb66c9 3996 
ruby-net-http-persistent_4.0.1-1.debian.tar.xz
 235e1910bfed0029c11327950faceaf804b4752ecb46d910f2814ace4493c711 9586 
ruby-net-http-persistent_4.0.1-1_amd64.buildinfo
Files:
 786ba8eb4608a00cdd4f29a636f638da 2223 ruby optional 
ruby-net-http-persistent_4.0.1-1.dsc
 aa2d680434ce17978292ee5b0cfb4998 23736 ruby optional 
ruby-net-http-persistent_4.0.1.orig.tar.gz
 bd861fbebe35846cda11e029ae4adfe1 3996 ruby optional 
ruby-net-http-persistent_4.0.1-1.debian.tar.xz
 da5be4334c3dd1a0bfa9485a2a289de6 9586 ruby optional 
ruby-net-http-persistent_4.0.1-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJIBAEBCgAyFiEELWW8HrlmWm6X+XMKs/WUUoUhnh8FAmPQDBkUHG1kYmlsYWxA
ZGlzcm9vdC5vcmcACgkQs/WUUoUhnh8kMw//b8ntRa/SwoT+COsDAh2F8Nap

Bug#1029562: marked as done (CVE-2022-47951: vulnerability in VMDK image processing)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 17:05:54 +
with message-id 
and subject line Bug#1029562: fixed in cinder 2:21.0.0-3
has caused the Debian Bug report #1029562,
regarding CVE-2022-47951: vulnerability in VMDK image processing
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1029562: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: python3-cinder
Version: 2:21.0.0-2
Severity: grave
Tags: patch

This is an advance warning of a vulnerability discovered in
OpenStack, to give you, as downstream stakeholders, a chance to
coordinate the release of fixes and reduce the vulnerability window.
Please treat the following information as confidential until the
proposed public disclosure date.

Title: Arbitrary file access through custom VMDK flat descriptor
Reporter: Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien
  Rannou (OVH)
Products: Cinder, Glance, Nova
Affects: Cinder <19.1.2, >=20.0.0 <20.0.2, ==21.0.0;
 Glance <23.0.1, >=24.0.0 <24.1.1, ==25.0.0;
 Nova <24.1.2, >=25.0.0 <25.0.2, ==26.0.0

Description:
Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou
(OVH) reported a vulnerability in VMDK image processing for Cinder,
Glance and Nova. By supplying a specially created VMDK flat image
which references a specific backing file path, an authenticated user
may convince systems to return a copy of that file's contents from
the server resulting in unauthorized access to potentially sensitive
data. All Cinder deployments are affected; only Glance deployments
with image conversion enabled are affected; all Nova deployments are
affected.

Proposed patch:
See attached patches. Unless a flaw is discovered in them, these
patches will be merged to their corresponding branches on the public
disclosure date. Note that stable/wallaby and older branches are
under extended maintenance and will receive no new point releases,
but patches for some of them are provided as a courtesy.

CVE: CVE-2022-47951

Proposed public disclosure date/time:
2023-01-24, 1500UTC
Please do not make the issue public (or release public patches)
before this coordinated embargo date.

Original private report:
https://launchpad.net/bugs/1996188
For access to read and comment on this report, please reply to me
with your Launchpad username and I will subscribe you.
-- 
Jeremy Stanley
OpenStack Vulnerability Management Team
--- End Message ---
--- Begin Message ---
Source: cinder
Source-Version: 2:21.0.0-3
Done: Thomas Goirand 

We believe that the bug you reported is fixed in the latest version of
cinder, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1029...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thomas Goirand  (supplier of updated cinder package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 24 Jan 2023 17:19:39 +0100
Source: cinder
Architecture: source
Version: 2:21.0.0-3
Distribution: unstable
Urgency: high
Maintainer: Debian OpenStack 
Changed-By: Thomas Goirand 
Closes: 1029562
Changes:
 cinder (2:21.0.0-3) unstable; urgency=high
 .
   * CVE-2022-47951: By supplying a specially created VMDK flat image which
 references a specific backing file path, an authenticated user may convince
 systems to return a copy of that file's contents from the server resulting
 in unauthorized access to potentially sensitive data. Add upstream patch
 CVE-2022-47951_Check_VMDK_subformat_against_an_allowed_list.patch
 (Closes: #1029562).
Checksums-Sha1:
 ff9fae0e04f0f99aa8d88f627b2022b4fb3ddf32 4396 cinder_21.0.0-3.dsc
 d9db718bc3602928f27dcb8c834476547914b876 55472 cinder_21.0.0-3.debian.tar.xz
 2a9de52658f4bd89432024a6ac6cb61b170c12d9 19923 cinder_21.0.0-3_amd64.buildinfo
Checksums-Sha256:
 ce11d02c81c3c4b719516709e726c52a30eb97e30fb9b39a0f9614a1b67a54c3 4396 
cinder_21.0.0-3.dsc
 bb8effedcaddb3a9dc041800e8ac50da9332a49212996d51a4c0ec24bbffbe92 55472 
cinder_21.0.0-3.debian.tar.xz
 340b8ebdcdece6fb23e2a86ff91d7fa1b4dbace8c0b043a082754f6ab7f73cea 19923 
cinder_21.0.0-3_amd64.buildinfo
Files:
 bab02674d7045d2422acd

Bug#1029562: marked as pending in cinder

[Thomas Goirand]

Control: tag -1 pending

Hello,

Bug #1029562 in cinder reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/openstack-team/services/cinder/-/commit/60152bafa2261f97b34e437877a2d8db4c58560c


* CVE-2022-47951: By supplying a specially created VMDK flat image which
references a specific backing file path, an authenticated user may convince
systems to return a copy of that file's contents from the server resulting
in unauthorized access to potentially sensitive data. Add upstream patch
CVE-2022-47951_Check_VMDK_subformat_against_an_allowed_list.patch
(Closes: #1029562)


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1029562

Processed: Bug#1029562 marked as pending in cinder

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #1029562 {Done: Thomas Goirand } [python3-cinder] 
CVE-2022-47951: vulnerability in VMDK image processing
Added tag(s) pending.

-- 
1029562: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1029570: sc-im: debian/copyright file seems to be inaccurate

[Francesco Poli (wintermute)]

Package: sc-im
Version: 0.8.3+ds-1
Severity: serious
Justification: Policy 4.5

Hello!
Thanks for packaging this interesting program.

I noticed that the [debian/copyright] file seems to be inaccurate
with respect to the [upstream license].

The [debian/copyright] file states:

  [...]
  Files: *
  Copyright: 2013-2021, Andrés Martinelli 
  License: BSD-4-Clause
  [...]

which looks accurate, but then the documented license text
is not a verbatim copy of the [upstream license].

Most notably, clause 3 (out of 4) is missing.
Other minor differences are present.

Please fix the debian/copyright file by including the
correct verbatim copy of the upstream license text.

[debian/copyright]: 

[upstream license]: 


Please note that clause 3 is the infamous "obnoxious advertising
clause" [OAC], which, unfortunately, makes the 4-clause BSD license
GPL-incompatible.

[OAC]: 

As a consequence, I would also recommend to not license
debian/* files under GPL-2+, since having two incompatible
licenses in the same package is risky (it could lead to
a legally undistributable package, unless much care is
taken to never mix the two parts up...).
Maybe debian/* files could be relicensed under the terms
of some non-copyleft permissive license (such as
the Expat license or maybe the 3-clause BSD license...),
if the copyright holder (Joshua Peisach) agrees.


In the meanwhile, it would be really nice, if upstream could
be persuaded to drop the [OAC], thus relicensing the program
under the terms of the 3-clause BSD license.
Why? Because the 4-clause BSD license is a deprecated license,
which causes many GPL-compatibility troubles in the rare cases
where it is still used.
Since the upstream program copyright is currently held by one
sole person, it is still pretty easy to switch to a better
license: only one guy to be persuaded!   :-)

Please try and get in touch with upstream about this.

Thanks for your time and dedication!
Bye.

Processed: Bug#1017941 marked as pending in greenbone-security-assistant

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #1017941 [src:greenbone-security-assistant] greenbone-security-assistant 
downloads source from the network
Added tag(s) pending.

-- 
1017941: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017941
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1017941: marked as pending in greenbone-security-assistant

[Sophie Brun]

Control: tag -1 pending

Hello,

Bug #1017941 in greenbone-security-assistant reported by you has been fixed in 
the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/pkg-security-team/greenbone-security-assistant/-/commit/af4b78186278e438d23d8c745b2c4a6b605e96dd


Move package to non-free and mark it as not autobuildable (Closes: #1017941)


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1017941

Bug#1029573: gnuserv: hangs while installing if xemacs21 is installed

[Andreas Beckmann]

Package: gnuserv
Version: 3.12.8-10
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package failed to install. As
per definition of the release team this makes the package too buggy for
a release, thus the severity.

This is an automated install test with DEBIAN_FRONENT=noninteractive and 
stdin coming from /dev/null which got killed after reaching a timeout,
 so there is no log output :-(


0m52.2s DEBUG: Starting command: ['chroot', 
'/tmp/piupartss/dose/tmpvFoO9h/chroot', 'apt-get', '-y', 'install', 
'gnuserv=3.12.8-10']
89m52.2s ERROR: Terminating command due to excessive runtime
89m52.7s DUMP: 
  
  
  * Command was terminated after exceeding runtime limit (5340 s) *


gnuserv installs fine if emacs is already installed, but xemacs21 causes
(reproducibly) problems.


cheers,

Andreas

Bug#1017941: marked as pending in greenbone-security-assistant

[Steve Langasek]

On Tue, Jan 24, 2023 at 05:31:46PM +, Sophie Brun wrote:
> Move package to non-free and mark it as not autobuildable (Closes: #1017941)

Why are you proposing to do this instead of including the actual source in
the source tarball?  This may fix the build failure, but it doesn't sound
like a good solution to me.  (I'm not sure if it's technically within the
bounds of what's allowed in the Debian archive, but IMHO it shouldn't be.)

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1027952: marked as done (pcre2 causes crashes in link-grammar)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 19:13:01 +0100
with message-id <167458398134.589692.6319217007403693...@auryn.jones.dk>
and subject line Re: pcre2 causes crashes in link-grammar
has caused the Debian Bug report #1027952,
regarding pcre2 causes crashes in link-grammar
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1027952: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027952
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libpcre2-8-0
Version: 10.42-1
Severity: serious
Tags: ftbfs
Control: affects -1 src:link-grammar

https://tracker.debian.org/pkg/pcre2
Issues preventing migration:
∙ ∙ autopkgtest for link-grammar/5.11.0~dfsg-1: amd64: Pass, arm64: Regression 
♻ (reference ♻), armel: Regression ♻ (reference ♻), armhf: Regression ♻ 
(reference ♻), i386: Pass, ppc64el: Regression ♻ (reference ♻), s390x: Pass

https://buildd.debian.org/status/logs.php?pkg=link-grammar&ver=5.11.0~dfsg-1%2Bb1

...
make  check-TESTS
make[4]: Entering directory '/<>/tests'
make[5]: Entering directory '/<>/tests'
PASS: mem-leak
PASS: multi-java
../test-driver: line 112: 3264343 Segmentation fault  "$@" >> "$log_file" 
2>&1
FAIL: multi-thread
PASS: multi-dict
PASS: dict-reopen
===
   link-grammar 5.11.0: tests/test-suite.log
===

# TOTAL: 5
# PASS:  4
# SKIP:  0
# XFAIL: 0
# FAIL:  1
# XPASS: 0
# ERROR: 0

.. contents:: :depth: 2

FAIL: multi-thread
==

FAIL multi-thread (exit status: 139)


Testsuite summary for link-grammar 5.11.0

# TOTAL: 5
# PASS:  4
# SKIP:  0
# XFAIL: 0
# FAIL:  1
# XPASS: 0
# ERROR: 0

See tests/test-suite.log
Please report to https://github.com/opencog/link-grammar

make[5]: *** [Makefile:806: test-suite.log] Error 1



A backtrace from a coredump of a local build of link-grammar
also suggests that pcre might be the problem:

Core was generated by `/tmp/link-grammar-5.11.0~dfsg/tests/.libs/multi-thread'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x7f46a39011b1 in ?? () from /lib/x86_64-linux-gnu/libpcre2-8.so.0
[Current thread is 1 (Thread 0x7f469e5546c0 (LWP 17344))]
(gdb) bt
#0  0x7f46a39011b1 in ?? () from /lib/x86_64-linux-gnu/libpcre2-8.so.0
#1  0x7f46a38ebb85 in ?? () from /lib/x86_64-linux-gnu/libpcre2-8.so.0
#2  0x7f46a38fa10f in pcre2_match_8 ()
   from /lib/x86_64-linux-gnu/libpcre2-8.so.0
#3  0x7f46a3da9a86 in reg_match (rn=0x562bf27ace00, 
s=0x7f467b5b2100 "Bill") at dict-common/regex-morph.c:219
#4  match_regex (rn=0x562bf27ace00, s=s@entry=0x7f467b5b2100 "Bill")
at dict-common/regex-morph.c:405
#5  0x7f46a3ddff63 in regex_guess (gword=0x7f467b59b3b0, 
word=, dict=0x562bf27a8a00) at tokenize/tokenize.c:413
#6  separate_word (sent=sent@entry=0x7f467b5b59e0, 
unsplit_word=unsplit_word@entry=0x7f467b59b3b0, 
opts=opts@entry=0x562bf547ae60) at tokenize/tokenize.c:2709
#7  0x7f46a3de155a in separate_sentence (sent=sent@entry=0x7f467b5b59e0, 
opts=opts@entry=0x562bf547ae60) at tokenize/tokenize.c:3116
#8  0x7f46a3d9b1ec in sentence_split (sent=0x7f467b5b59e0, 
opts=0x562bf547ae60) at ./link-grammar/api.c:494
#9  0x562bf0419670 in parse_one_sent (dict=, 
opts=0x562bf547ae60, sent_str=)
at ./tests/multi-thread.cc:34
#10 0x562bf04199aa in parse_sents (dict=0x562bf27a8a00, 
opts=0x562bf547ae60, thread_id=, niter=500)
at ./tests/multi-thread.cc:119
#11 0x7f46a3c044a3 in ?? () from /lib/x86_64-linux-gnu/libstdc++.so.6
#12 0x7f46a39b7fd4 in start_thread (arg=)
at ./nptl/pthread_create.c:442
#13 0x7f46a3a378d0 in clone ()
at ../sysdeps/unix/sysv/linux/x86_64/clone.S:100
(gdb) 
--- End Message ---
--- Begin Message ---
Version: src:link-grammar/5.12.0~dfsg-2

Seems this issue was a bug in link-grammar, now fixed.

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature
--- End Message ---

Bug#1029233: marked as done (link-grammar fails tests on 32bit architectures)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 19:15:09 +0100
with message-id <167458410959.589692.10763978747096618...@auryn.jones.dk>
and subject line Re: Bug#1029233: link-grammar fails tests on 32bit 
architectures
has caused the Debian Bug report #1029233,
regarding link-grammar fails tests on 32bit architectures
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1029233: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029233
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: src:link-grammar
Version: 5.12.0~dfsg-1
Severity: serious
Tags: sid bookworm
X-Debbugs-CC: 1027...@bugs.debian.org

link-grammar fails tests on 32bit architectures,
see https://buildd.debian.org/status/package.php?p=link-grammar


I am aware of issue #1027952, but here the tests fail on all 32bit builds 
already during the build.


Also there is a typo trying to cat a non-existing test log.


[...]
PASS: dict-reopen
../test-driver: line 112: 1288815 Segmentation fault  "$@" >> "$log_file" 
2>&1
FAIL: multi-thread
===
   link-grammar 5.12.0: tests/test-suite.log
===

# TOTAL: 5
# PASS:  4
# SKIP:  0
# XFAIL: 0
# FAIL:  1
# XPASS: 0
# ERROR: 0

.. contents:: :depth: 2

FAIL: multi-thread
==

FAIL multi-thread (exit status: 139)


Testsuite summary for link-grammar 5.12.0

# TOTAL: 5
# PASS:  4
# SKIP:  0
# XFAIL: 0
# FAIL:  1
# XPASS: 0
# ERROR: 0

See tests/test-suite.log
Please report to https://github.com/opencog/link-grammar

make[5]: *** [Makefile:806: test-suite.log] Error 1
make[5]: Leaving directory '/<>/tests'
make[4]: *** [Makefile:914: check-TESTS] Error 2
make[4]: Leaving directory '/<>/tests'
make[3]: *** [Makefile:1015: check-am] Error 2
make[3]: Leaving directory '/<>/tests'
make[2]: *** [Makefile:575: check-recursive] Error 1
make[2]: Leaving directory '/<>'
dh_auto_test: error: make -j8 check "TESTSUITEFLAGS=-j8 --verbose" VERBOSE=1 
returned exit code 2

cat: test/test-suite.log: No such file or directory
--- End Message ---
--- Begin Message ---
Version: 5.12.0~dfsg-2

Quoting Matthias Klose (2023-01-20 09:31:23)
> link-grammar fails tests on 32bit architectures,
> see https://buildd.debian.org/status/package.php?p=link-grammar
> 
> 
> I am aware of issue #1027952, but here the tests fail on all 32bit builds 
> already during the build.

Thanks, also for the reference to bug#1027952 (I was unaware of that).

This issue is evidently solved now, by cherry-picking an upstream fix.

> Also there is a typo trying to cat a non-existing test log.

Thanks for this as well :-)

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature
--- End Message ---

Bug#1029352: marked as done (netcfg: broken ifupdown support for wireless interfaces)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 18:21:00 +
with message-id 
and subject line Bug#1029352: fixed in netcfg 1.182
has caused the Debian Bug report #1029352,
regarding netcfg: broken ifupdown support for wireless interfaces
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1029352: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029352
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: netcfg
Severity: serious
Tags: patch
Justification: no networking after installation
X-Debbugs-Cc: ifupd...@packages.debian.org, w...@packages.debian.org

Hi,

I'm putting both ifupdown and wpa maintainers in the loop since I'd like
to get some feedback of the proposed resolution for this major issue
that's been annoying us for several releases:
 - wpa maintainers, you can jump to the second issue.
 - ifupdown maintainers, you can jump to the second and third issues.

I know we have a few open bug reports about this already, but I thought
I'd start a fresh bug, cutting to the chase.

I've pushed three commits in the pu/ifupdown+wireless branch:
  https://salsa.debian.org/installer-team/netcfg/-/commits/pu/ifupdown+wireless

Commit links:
 1. 
https://salsa.debian.org/installer-team/netcfg/-/commit/9494d7ec02b32538db842d88c105db1ab2a6201b
 2. 
https://salsa.debian.org/installer-team/netcfg/-/commit/247056dbb22e6eacbea6348c5c9a6951eab948bd
 3. 
https://salsa.debian.org/installer-team/netcfg/-/commit/5ca665c6c26346e3c9c37c2df6366e8e5d718238


# First issue

The first one explains why this could never work: we have a
netcfg/target_network_config template that's preseedable, without a
default value. The finish-install.d/55netcfg-copy-config script checks
whether a value is preseeded, and sets it if it isn't:
 - if NM is installed, we use NM;
 - otherwise, if the connection is wired, we use ifupdown;
 - otherwise, the connection is wireless, and we use… loopback?!

That means that at this point, /etc/network/interfaces contains entries
for the wireless interface, but it's getting emptied to only contain the
lo entry.

The proposed fix is to stick to ifupdown for wired and wireless
connections, with a small variation: if the connection is wireless and
secured (WPA or WEP with a non-empty passphrase), we chmod 400 /e/n/i
(in /target = the installed system); that used to be done a long while
ago, in the early days of the patch series but that got scratched along
the way.


# Second issue

Once that's fixed, if one gets both DHCP+SLAAC, the generated /e/n/i
looks like this (± comments/newlines):

allow-hotplug wlXXX

iface wlXXX inet dhcp

iface wlXXX inet6 auto
  wpa-ssid my-home-network
  wpa-psk  my-very-secret-passphrase

At best, we get SLAAC to work (IPv6 via RAs) but not DHCP: the first
iface stanza is missing wpa-* parameters, and we get a huge delay at
boot-up until dhclient finally times out.

My first instinct was to replicate wpa-* settings in both stanzas:

allow-hotplug wlXXX

iface wlXXX inet dhcp
  wpa-ssid my-home-network
  wpa-psk  my-very-secret-passphrase

iface wlXXX inet6 auto
  wpa-ssid my-home-network
  wpa-psk  my-very-secret-passphrase

But that doesn't work either: when the DHCP is brought up, wpa-* are
used by wpa_supplicant to do the authentication/association dance, DHCP
works. But right afterwards, when the SLAAC entry is processed, the
kernel and wpa_supplicant complain about being already associated, many
errors are logged and deassociation ultimately happens. This leaves us
with: an IPv4 address, no IPv6 address, and a DOWN interface.

What seems to work in the DHCP+SLAAC case is writing just the DHCP
entry, and let RAs bring up IPv6 connectivity on their own. I'm tempted
to go with this solution for bookworm, as that cannot be worse than the
current situation, but I'd be happy to get feedback from ifupdown and
wpa maintainers about the best way to write /e/n/i for DHCP + SLAAC.
As far as I can tell, ifupdown's interfaces manpage points at the many
packages that can deal with extra options, and wpasupplicant's
README.Debian is only about inet entries, inet6 is never mentioned.

→ ifupdown & wpa maintainers, comments welcome!


# Third issue

netcfg has some hotplug detection, which was last touched in 2005; it
tries to identify interfaces that are hotpluggable, and lists them under
/etc/network/devhotplug (in the installer's context), which is then used
to determine whether interfaces should be declared “auto” or
“allow-hotplug”. My rtl8192cu-based Wi-Fi USB dongle (shared from the
host via libvirt) ends up as “allow-hotp

Bug#1029578: src:shunit2: fails to migrate to testing for too long

[Paul Gevers]

Source: shunit2
Version: 2.1.6-1.2
Severity: serious
Control: close -1 2.1.8-3
Tags: sid bookworm
User: release.debian@packages.debian.org
Usertags: out-of-sync

Dear maintainer(s),

The Release Team considers packages that are out-of-sync between testing 
and unstable for more than 60 days as having a Release Critical bug in 
testing [1]. Your package src:shunit2 has been trying to migrate for 61 
days [2]. Hence, I am filing this bug. We've been communicating in 
private about the autopkgtest regressions, which points at behavior 
changes, that's causing the migration to being blocked.


If a package is out of sync between unstable and testing for a longer 
period, this usually means that bugs in the package in testing cannot be 
fixed via unstable. Additionally, blocked packages can have impact on 
other packages, which makes preparing for the release more difficult. 
Finally, it often exposes issues with the package and/or
its (reverse-)dependencies. We expect maintainers to fix issues that 
hamper the migration of their package in a timely manner.


This bug will trigger auto-removal when appropriate. As with all new 
bugs, there will be at least 30 days before the package is auto-removed.


I have immediately closed this bug with the version in unstable, so if 
that version or a later version migrates, this bug will no longer affect 
testing. I have also tagged this bug to only affect sid and bookworm, so 
it doesn't affect (old-)stable.


If you believe your package is unable to migrate to testing due to 
issues beyond your control, don't hesitate to contact the Release Team.


Paul

[1] https://lists.debian.org/debian-devel-announce/2020/02/msg5.html
[2] https://qa.debian.org/excuses.php?package=shunit2



OpenPGP_signature
Description: OpenPGP digital signature

Processed: src:shunit2: fails to migrate to testing for too long

[Debian Bug Tracking System]

Processing control commands:

> close -1 2.1.8-3
Bug #1029578 [src:shunit2] src:shunit2: fails to migrate to testing for too long
Marked as fixed in versions shunit2/2.1.8-3.
Bug #1029578 [src:shunit2] src:shunit2: fails to migrate to testing for too long
Marked Bug as done

-- 
1029578: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029578
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#999322: Intent to NMU

[Andreas Henriksson]

Hello,

I intend to NMU changes to fix the outstanding RC bugs as well as some
related changes for bonnie++ in Debian.

The changes was made against the git repo and are available as a salsa
MR at: https://salsa.debian.org/etbe/bonnie/-/merge_requests/2

Since these bugs seems to have been around for a long time (some
including patches) and that we're getting really close to
freeze I'm uploading directly into unstable without any delay to
have a chance for bonnie++ to make it back into testing.
Please feel free to do a maintainer upload to override my
upload if there's anything in here that is controversial or wrong, but
hopefully there isn't.

Regards,
Andreas Henriksson

Bug#983999: marked as done (bonnie++: ftbfs with GCC-11)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 19:19:34 +
with message-id 
and subject line Bug#983999: fixed in bonnie++ 2.00a+nmu1
has caused the Debian Bug report #983999,
regarding bonnie++: ftbfs with GCC-11
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
983999: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983999
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:bonnie++
Version: 2.00a
Severity: normal
Tags: sid bookworm
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-11

[This bug is not targeted to the upcoming bullseye release]

Please keep this issue open in the bug tracker for the package it
was filed for.  If a fix in another package is required, please
file a bug for the other package (or clone), and add a block in this
package. Please keep the issue open until the package can be built in
a follow-up test rebuild.

The package fails to build in a test rebuild on at least amd64 with
gcc-11/g++-11, but succeeds to build with gcc-10/g++-10. The
severity of this report will be raised before the bookworm release,
so nothing has to be done for the bullseye release.

The full build log can be found at:
http://people.debian.org/~doko/logs/20210228/filtered/gcc11/bonnie++_2.00a_unstable_gcc11.log
The last lines of the build log are at the end of this report.

To build with GCC 11, either set CC=gcc-11 CXX=g++-11 explicitly,
or install the gcc, g++, gfortran, ... packages from experimental.

  apt-get -t=experimental install g++ 

Common build failures are new warnings resulting in build failures with
-Werror turned on, or new/dropped symbols in Debian symbols files.
For other C/C++ related build failures see the porting guide at
http://gcc.gnu.org/gcc-11/porting_to.html

GCC 11 defaults to the GNU++17 standard.  If your package installs
header files in /usr/include, please don't work around C++17 issues
by choosing a lower C++ standard for the package build, but fix these
issues to build with the C++17 standard.

[...]
In file included from /usr/include/c++/11/vector:69,
 from bon_csv2html.cpp:4:
/usr/include/c++/11/bits/range_access.h:318:5: note: candidates are: 
‘template constexpr const _Tp* std::data(std::initializer_list<_Tp>)’
  318 | data(initializer_list<_Tp> __il) noexcept
  | ^~~~
/usr/include/c++/11/bits/range_access.h:309:5: note: 
‘template constexpr _Tp* std::data(_Tp 
(&)[_Nm])’
  309 | data(_Tp (&__array)[_Nm]) noexcept
  | ^~~~
/usr/include/c++/11/bits/range_access.h:299:5: note: 
‘template constexpr decltype (__cont.data()) std::data(const 
_Container&)’
  299 | data(const _Container& __cont) noexcept(noexcept(__cont.data()))
  | ^~~~
/usr/include/c++/11/bits/range_access.h:289:5: note: 
‘template constexpr decltype (__cont.data()) 
std::data(_Container&)’
  289 | data(_Container& __cont) noexcept(noexcept(__cont.data()))
  | ^~~~
bon_csv2html.cpp:13:17: note: ‘std::vector > data’
   13 | vector data;
  | ^~~~
bon_csv2html.cpp: In function ‘void read_in(CPCCHAR)’:
bon_csv2html.cpp:484:3: error: reference to ‘data’ is ambiguous
  484 |   data.push_back(arr);
  |   ^~~~
In file included from /usr/include/c++/11/vector:69,
 from bon_csv2html.cpp:4:
/usr/include/c++/11/bits/range_access.h:318:5: note: candidates are: 
‘template constexpr const _Tp* std::data(std::initializer_list<_Tp>)’
  318 | data(initializer_list<_Tp> __il) noexcept
  | ^~~~
/usr/include/c++/11/bits/range_access.h:309:5: note: 
‘template constexpr _Tp* std::data(_Tp 
(&)[_Nm])’
  309 | data(_Tp (&__array)[_Nm]) noexcept
  | ^~~~
/usr/include/c++/11/bits/range_access.h:299:5: note: 
‘template constexpr decltype (__cont.data()) std::data(const 
_Container&)’
  299 | data(const _Container& __cont) noexcept(noexcept(__cont.data()))
  | ^~~~
/usr/include/c++/11/bits/range_access.h:289:5: note: 
‘template constexpr decltype (__cont.data()) 
std::data(_Container&)’
  289 | data(_Container& __cont) noexcept(noexcept(__cont.data()))
  | ^~~~
bon_csv2html.cpp:13:17: note: ‘std::vector > data’
   13 | vector data;
  | ^~~~
bon_csv2html.cpp: In function ‘void print_item(int, int, CPCCHAR)’:
bon_csv2html.cpp:491:6: error: expected primary-expression before ‘int’
  491 |   if(int(data[num].size()) > item)
  |  ^~~
bon_csv2html.cpp:491:6: error: expected ‘)’ before ‘int’
  491 |   if(int(data[nu

Bug#999322: marked as done (bonnie++: missing required debian/rules targets build-arch and/or build-indep)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 19:19:34 +
with message-id 
and subject line Bug#999322: fixed in bonnie++ 2.00a+nmu1
has caused the Debian Bug report #999322,
regarding bonnie++: missing required debian/rules targets build-arch and/or 
build-indep
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
999322: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999322
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: bonnie++
Version: 2.00a
Severity: important
Justification: Debian Policy section 4.9
Tags: bookworm sid
User: debian...@lists.debian.org
Usertags: missing-build-arch-indep

Dear maintainer,

Your package does not include build-arch and/or build-indep targets in
debian/rules. This is required by Debian Policy section 4.9, since 2012.
https://www.debian.org/doc/debian-policy/ch-source.html#main-building-script-debian-rules

Please note that this is also a sign that the packaging of this software
could benefit from a refresh. For example, packages using 'dh' cannot be
affected by this issue.

This mass bug filing was discussed on debian-devel@ in
https://lists.debian.org/debian-devel/2021/11/msg00052.html .
The severity of this bug will be changed to 'serious' after a month.

Best,

Lucas
--- End Message ---
--- Begin Message ---
Source: bonnie++
Source-Version: 2.00a+nmu1
Done: Andreas Henriksson 

We believe that the bug you reported is fixed in the latest version of
bonnie++, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 999...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Henriksson  (supplier of updated bonnie++ package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Jan 2023 19:45:45 +0100
Source: bonnie++
Architecture: source
Version: 2.00a+nmu1
Distribution: unstable
Urgency: medium
Maintainer: Russell Coker 
Changed-By: Andreas Henriksson 
Closes: 876245 983999 999322
Changes:
 bonnie++ (2.00a+nmu1) unstable; urgency=medium
 .
   * Non-maintainer upload.
 .
   [ Andreas Henriksson ]
   * Convert to dh and compat 13 (Closes: #999322)
   * Use std c++11 to fix FTBFS.
 Thanks to Steve Langasek (Closes: #983999)
 .
   [ Helmut Grohne ]
   * Fix FTCBFS (Closes: #876245)
 * Turn AC_TRY_RUN into AC_TRY_COMPILE: Compiling will fail when
   off64_t is unavailable.
 * Pass --disable-stripping to configure.
 .
   [ Andreas Henriksson ]
   * Add DESTDIR to Makefile.in
   * Add missing ${misc:Depends} to Depends for bonnie++.
   * Build with -g in CFLAGS for debug symbols
Checksums-Sha1:
 f3cc951f3539d0e8381c33ea5ba852ca534eaf52 1617 bonnie++_2.00a+nmu1.dsc
 f166551577326eb1e615d5942be0e5516dcdab28 100814 bonnie++_2.00a+nmu1.tar.gz
 e6dfd900b39a241c7dc351c4aacd64e9f2c2a7a5 6196 
bonnie++_2.00a+nmu1_amd64.buildinfo
Checksums-Sha256:
 3cdca73e08be458cb7aaeae2fd24164c46864143ed1c42f4f66473d22775faf9 1617 
bonnie++_2.00a+nmu1.dsc
 0b5e4969a7aa1e895cdd6f8db54279da2e942a3264393d12441f8211eaea0414 100814 
bonnie++_2.00a+nmu1.tar.gz
 c65e0600278cd2ba21428ebff848e4a1f285dee4aa1144ee2e2610bdb2ab5922 6196 
bonnie++_2.00a+nmu1_amd64.buildinfo
Files:
 bfd7a3196c10efae4e9e6f99a1ff2b1f 1617 utils optional bonnie++_2.00a+nmu1.dsc
 587abb9a8daa6e0543dfe04559772a41 100814 utils optional 
bonnie++_2.00a+nmu1.tar.gz
 a035c4bc9901ceaa7fc0da0dbbe59e70 6196 utils optional 
bonnie++_2.00a+nmu1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJFBAEBCgAvFiEE+uHltkZSvnmOJ4zCC8R9xk0TUwYFAmPQKrcRHGFuZHJlYXNA
ZmF0YWwuc2UACgkQC8R9xk0TUwY67Q/+KYlfEcSSSCW07Mdrst0hwCyjmgJCCmd8
q1eloFE9LX/JO1ewHhNWRLvD2Nfa4Nl7E2f+gzwjV+ep0Wu54CpE2m9QMKV5ps+J
9pnbS3KoZuUY0we5Uyha+ham40t+ZT2TTFjJSiRf6DTvdNTe7OuuFSH0070w00X3
Rv1vywCe8yX188Y+hmOXaFsCMXuiMJQ12fz1tH+CkSICE19serMN9OS0Cq2mnY5o
a76fP/CBZfzwqV+CBckCAArdW2fls+Bro08TW2pcBl5Zf0PeqUaxRWqwQZSz0l9J
K0zTRshS+voZEMm5LGbbIh9XMv10X5e7eavtAVAXP0jW0GvkPDx8+GEEZIA2O5nB
zp1EPgWZNkj2W/SoZwqJegn69AjSDwoAV9wBTc00QdkpNUzCuUr4ERIiOkrgQCb9
vARIR4JVEZVjdowwmIvsQu9rFH1glBJKTBpvNSZltFJHqFEdqxEt5hDBKiNYc1Ot
9cg0+3mnV7Q1pKfXyEaiG/hKAz0bAsybfjclujMa1OiYInbkpwhCOtZc/I3WjRyR
NB9cowrBcspmYe/BqLHgyMjl6NAKZZL7KiPM89PeWNqilcPIwvqzykTIr2Obep1s
VQRh4OfFV9McGnPJRLnKnJdzSVOD5s+Jxq1/

Bug#1026725: Comment

[Dominik Stadler]

The next minor version 20.2.0 has this test removed as part of removing
support for Python2 and 3.5, see commit
https://github.com/hynek/structlog/commit/f65309d4f66fbd44c09288a485107d725c3da1d4#diff-673441c4b6dbee451d8130f1e9bb48f3dbc44d5d3acf1c21d52d0904002342d5

So it might be justified to simply remove or disable this test until the
next version-upgrade is done for the package.

Bug#1028598: marked as pending in pathological

[Reiner Herrmann]

Control: tag -1 pending

Hello,

Bug #1028598 in pathological reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/games-team/pathological/-/commit/32a899e6ef52d883e9efca4806338b0f5c0a1a10


Fix Python3 compatibility

Closes: #958463, #1028598
Thanks: Ionen Wolkens for the patch


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1028598

Processed: Bug#1028598 marked as pending in pathological

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #1028598 [pathological] pathological: Unplayable game
Added tag(s) pending.

-- 
1028598: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028598
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1026503: libembperl-perl: FTBFS: Expected 6 more error(s) in logfile, tagging 1026503

[gregor herrmann]

On Sun, 22 Jan 2023 23:30:53 +0100, Axel Beckert wrote:

> This took me quite a few hours to figure out. Not sure what exactly
> changed in Debian Sid/Bookworm, but it might be even kernel or gcc
> related.
> The cause was intercepting STDERR into a file and reading from it
> while the writing file handle is still open for the purpose analyzing
> STDERR's content.

Very nice work, congratulations :)
 

Cheers,
gregor

-- 
 .''`.  https://info.comodo.priv.at -- Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
   `-   


signature.asc
Description: Digital Signature

Bug#1028885: marked as done (thunderbird: FTBFS: ValueError: invalid mode: 'rU')

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 19:57:16 +
with message-id 
and subject line Bug#1028885: fixed in thunderbird 1:102.7.1-1
has caused the Debian Bug report #1028885,
regarding thunderbird: FTBFS: ValueError: invalid mode: 'rU'
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1028885: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028885
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: thunderbird
Version: 1:102.6.0-1
Severity: serious
Justification: FTBFS
Tags: bookworm sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20230113 ftbfs-bookworm

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
> make[2]: Entering directory '/<>'
> # run autoconf for all configure files
> if [ "Z2.13" != Z ] || [ ! -e /<>/configure ]; then \
>   cd /<> && `which autoconf2.13 || which autoconf`; fi
> if [ "Z2.13" != Z ] || [ ! -e /<>/js/src/configure ]; then \
>   cd /<>/js/src && `which autoconf2.13 || which autoconf`; fi
> # copy the mozconfig files
> cp debian/mozconfig.* .
> # Disable debug symbols when building on 32-bits machines, because
> # a) the rust compiler can't deal with it in the available address
> # space, and b) the linker can't deal with it in the available address
> # space either.
> echo 'mk_add_options MOZ_OBJDIR=/<>/obj-thunderbird' >> 
> mozconfig.thunderbird
> echo 'ac_add_options --prefix=/<>/debian/tmp/usr' >> 
> mozconfig.default
> # configure the various build settings for thunderbird
> DIST= python3 ./mach -v configure
> WARNING: The directory '/sbuild-nonexistent/.cache/pip' or its parent 
> directory is not owned or is not writable by the current user. The cache has 
> been disabled. Check the permissions and owner of that directory. If 
> executing pip with sudo, you should use sudo's -H flag.
> WARNING: The directory '/sbuild-nonexistent/.cache/pip' or its parent 
> directory is not owned or is not writable by the current user. The cache has 
> been disabled. Check the permissions and owner of that directory. If 
> executing pip with sudo, you should use sudo's -H flag.
> created virtual environment CPython3.11.1.final.0-64 in 23ms
>   creator 
> CPython3Posix(dest=/<>/obj-thunderbird/_virtualenvs/build, 
> clear=False, no_vcs_ignore=False, global=False)
>   activators 
> BashActivator,CShellActivator,FishActivator,PowerShellActivator,PythonActivator
> Creating global state directory from environment variable: 
> /<>/debian/.mozbuild
> Running "pip check" to verify compatibility between the system Python and the 
> "mach" site.
> Running "pip check" to verify compatibility between the system Python and the 
> "build" site.
> Error running mach:
> 
> ['-v', 'configure']
> 
> The error occurred in code that was called by the mach command. This is either
> a bug in the called code itself or in the way that mach is calling it.
> You can invoke |./mach busted| to check if this issue is already on file. If 
> it
> isn't, please use |./mach busted file configure| to report it. If |./mach 
> busted| is
> misbehaving, you can also inspect the dependencies of bug 1543241.
> 
> If filing a bug, please include the full output of mach, including this error
> message.
> 
> The details of the failure are as follows:
> 
> ValueError: invalid mode: 'rU'
> 
>   File "/<>/python/mozbuild/mozbuild/build_commands.py", line 
> 255, in configure
> return driver.configure(
>^
>   File "/<>/python/mozbuild/mozbuild/controller/building.py", 
> line 1650, in configure
> self._write_mozconfig_json()
>   File "/<>/python/mozbuild/mozbuild/controller/building.py", 
> line 1769, in _write_mozconfig_json
> with FileAvoidWrite(mozconfig_json) as fh:
>   File "/<>/python/mozbuild/mozbuild/util.py", line 353, in 
> __exit__
> self.close()
>   File "/<>/python/mozbuild/mozbuild/util.py", line 277, in close
> existing = _open(self.name, self.mode)
>^^^
>   File "/<>/python/mozbuild/mozbuild/util.py", line 63, in _open
> return io.open(path, mode, encoding="utf-8", newline="\n")
>^^^
> make[2]: *** [debian/rules:111: override_dh_auto_configure] Error 1


The full build log is available from:
http://qa-logs.debian.net/2023/01/13/thunderbird_102.6.0-1_unstable.log

All bugs filed during this archive rebuild are listed at:
https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20230113;users=lu...@debian.org
or:
https://udd.debian.org/bugs/?release=na&merged=ign&fnewerva

Bug#1029580: sepp fails with python3.11: "invalid mode rU"

[Steve Langasek]

Package: sepp
Version: 4.5.1+really4.5.1+dfsg-4
Severity: grave
Tags: patch
Justification: renders package unusable
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu lunar ubuntu-patch

Dear maintainers,

sepp fails its autopkgtests with python3.11, revealing a bug in the
software, because it uses a mode flag to open() which has been deprecated
since python 3 and is now obsolete in python 3.11:

[...]
[06:42:37] checkpointing.py (line 68): INFO: Checkpoint Saved to: 
/tmp/sepp/output.lmge6vob/checkpoints/dumpl7z66ff0 and linked in 
/tmp/tmpae0xbm2t.
/usr/lib/python3/dist-packages/sepp/checkpointing.py:75: DeprecationWarning: 
setDaemon() is deprecated, set the daemon attribute instead
  checkpoint_manager.timer.setDaemon(True)
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/sepp/scheduler.py", line 321, in 
call_back
join._tick(job_in)
  File "/usr/lib/python3/dist-packages/sepp/scheduler.py", line 244, in _tick
self.perform()
  File "/usr/lib/python3/dist-packages/sepp/exhaustive.py", line 196, in perform
fullExtendedAlignments = self.merge_subalignments()
 ^^
  File "/usr/lib/python3/dist-packages/sepp/exhaustive.py", line 181, in 
merge_subalignments
ap_alg = ap.read_extendend_alignment_and_relabel_columns(
 
  File "/usr/lib/python3/dist-packages/sepp/problem.py", line 253, in 
read_extendend_alignment_and_relabel_columns
ap_alg.build_extended_alignment(
  File "/usr/lib/python3/dist-packages/sepp/alignment.py", line 555, in 
build_extended_alignment
self.read_filepath(base_alignment, "FASTA")
  File "/usr/lib/python3/dist-packages/sepp/alignment.py", line 294, in 
read_filepath
file_obj = open(filename, 'rU')
   
ValueError: invalid mode: 'rU'
ERROR
[...]

  (https://ci.debian.net/data/autopkgtest/unstable/amd64/s/sepp/30285435/log.gz)

This also impacts invocations of sepp in other autopkgtests
(q2-fragment-insertion; q2-sample-classifier) so I'm confident is reporting
this as 'grave'.

I've applied the attached straightforward patch in Ubuntu to fix the
regression there.

Thanks for considering,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru sepp-4.5.1+really4.5.1+dfsg/debian/patches/open-U-obsolete.patch 
sepp-4.5.1+really4.5.1+dfsg/debian/patches/open-U-obsolete.patch
--- sepp-4.5.1+really4.5.1+dfsg/debian/patches/open-U-obsolete.patch
1969-12-31 16:00:00.0 -0800
+++ sepp-4.5.1+really4.5.1+dfsg/debian/patches/open-U-obsolete.patch
2023-01-24 12:07:06.0 -0800
@@ -0,0 +1,52 @@
+Description: Drop obsolete "U" mode passed to open()
+ The "U" mode has been deprecated in python since python3 and has had no
+ effect.  In python 3.11, it is now disallowed.  Drop this mode flag that
+ causes runtime failures.
+Author: Steve Langasek 
+Last-Update: 2023-01-24
+Forwarded: no
+
+Index: sepp-4.5.1+really4.5.1+dfsg/sepp/alignment.py
+===
+--- sepp-4.5.1+really4.5.1+dfsg.orig/sepp/alignment.py
 sepp-4.5.1+really4.5.1+dfsg/sepp/alignment.py
+@@ -108,7 +108,7 @@
+ file_obj = None
+ if isinstance(src, str):
+ try:
+-file_obj = open(src, "rU")
++file_obj = open(src, "r")
+ except IOError:
+ print(("The file `%s` does not exist, exiting gracefully" % src))
+ elif isinstance(src, filetypes):
+@@ -291,7 +291,7 @@
+ If duplicate sequence names are encountered then the old name will
+ be replaced.
+ """
+-file_obj = open(filename, 'rU')
++file_obj = open(filename, 'r')
+ return self.read_file_object(file_obj, file_format=file_format)
+ 
+ def read_file_object(self, file_obj, file_format='FASTA'):
+@@ -582,7 +582,7 @@
+ columns. Labels insertion columns with special labels and labels the
+ rest of columns (i.e. original columns) sequentially.
+ """
+-handle = open(path, 'rU')
++handle = open(path, 'r')
+ insertions = None
+ if aformat.lower() == "stockholm":
+ insertions = self._read_sto(handle)
+Index: sepp-4.5.1+really4.5.1+dfsg/sepp/tree.py
+===
+--- sepp-4.5.1+really4.5.1+dfsg.orig/sepp/tree.py
 sepp-4.5.1+really4.5.1+dfsg/sepp/tree.py
+@@ -314,7 +314,7 @@
+ 
+ def read_tree_from_file(self, treefile, file_format):
+ dataset = Dataset()
+-dataset.read(open(treefile, 'rU'), schema=file_format)
++dataset.read(open(treefile, 'r'), schema=file_format)
+ dendropy_tree = dataset.tre

Bug#1028862: xorg-gtest: FTBFS: dh_auto_test: error: make -j1 check "TESTSUITEFLAGS=-j1 --verbose" VERBOSE=1 returned exit code 2

[Santiago Vila]

Hello.

I can also reproduce this build failure.

My build environment is made of virtual machines in the cloud
with either 1 CPU or 2 CPUs.

This bug happens randomly, but the failure rate seems to depend on the machine.

On systems with 2 CPUs, the failure rate I get is around 50%.
On systems with 1 CPU, the failure rate I get is 100%.

Therefore I suggest using GRUB_CMDLINE_LINUX="nr_cpus=1" in /etc/default/grub
to reproduce it.

Thanks.

Bug#1029573: gnuserv: hangs while installing if xemacs21 is installed

[Alexander Zangerl]

On Tue, 24 Jan 2023 18:42:07 +0100, Andreas Beckmann writes:
>during a test with piuparts I noticed your package failed to install.

*agh*

>This is an automated install test with DEBIAN_FRONENT=noninteractive and 
>stdin coming from /dev/null which got killed after reaching a timeout,
> so there is no log output :-(

no problem, i'm relatively certain i know roughly where the gotcha is;
should get fixed tonight or tomorrow.


-- 
Alexander Zangerl + GPG Key 2FCCF66BB963BD5F + https://snafu.priv.at/
Fachbegriffe der Informatik, Updateitis: Softwarebulemie -- Frank Klemm


signature.asc
Description: Digital Signature

Processed: fixed 1004963 in 1.0.3-1+deb10u1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> fixed 1004963 1.0.3-1+deb10u1
Bug #1004963 [src:libde265] CVE-2020-21598 CVE-2020-21600 CVE-2020-21602
The source 'libde265' and version '1.0.3-1+deb10u1' do not appear to match any 
binary packages
Marked as fixed in versions libde265/1.0.3-1+deb10u1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1004963: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004963
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 1028084

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 1028084 + fixed-upstream
Bug #1028084 [src:guidata] guidata FTBFS with Python 3.11 as default version
Added tag(s) fixed-upstream.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1028084: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028084
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 1029561

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 1029561 + security upstream
Bug #1029561 {Done: Thomas Goirand } [nova-compute] 
CVE-2022-47951: vulnerability in VMDK image processing
Added tag(s) security and upstream.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1029561: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029561
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1028952: marked as done (php-horde-util: autopkgtest needs update for new version of php-defaults)

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 21:07:47 +
with message-id 
and subject line Bug#1028952: fixed in php-horde-util 2.5.12-2
has caused the Debian Bug report #1028952,
regarding php-horde-util: autopkgtest needs update for new version of 
php-defaults
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1028952: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028952
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Source: php-horde-util
Version: 2.5.12-1
Severity: serious
X-Debbugs-CC: php-defau...@packages.debian.org
Tags: sid bookworm
User: debian...@lists.debian.org
Usertags: needs-update
Control: affects -1 src:php-defaults

[Warning in the flood my other bugs: failure in test]

Dear maintainer(s),

With a recent upload of php-defaults the autopkgtest of php-horde-util 
fails in testing when that autopkgtest is run with the binary packages 
of php-defaults from unstable. It passes when run with only packages 
from testing. In tabular form:


   passfail
php-defaults   from testing93
php-horde-util from testing2.5.12-1
all others from testingfrom testing

I copied some of the output at the bottom of this report.

Currently this regression is blocking the migration of php-defaults to 
testing [1]. Of course, php-defaults shouldn't just break your 
autopkgtest (or even worse, your package), but it seems to me that the 
change in php-defaults was intended and your package needs to update to 
the new situation.


If this is a real problem in your package (and not only in your 
autopkgtest), the right binary package(s) from php-defaults should 
really add a versioned Breaks on the unfixed version of (one of your) 
package(s). Note: the Breaks is nice even if the issue is only in the 
autopkgtest as it helps the migration software to figure out the right 
versions to combine in the tests.


More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[1] https://qa.debian.org/excuses.php?package=php-defaults

https://ci.debian.net/data/autopkgtest/testing/amd64/p/php-horde-util/30356872/log.gz

There were 3 failures:

1) Horde_Util_StringTest::testUpperTurkish
Failed asserting that two strings are equal.
--- Expected
+++ Actual
@@ @@
-'ABCDEFGHİI'
+'ABCDEFGHII'

/tmp/autopkgtest-lxc.gj_ux5tg/downtmp/build.g2n/src/Horde_Util-2.5.12/test/Horde/Util/StringTest.php:43
/usr/bin/phpunit:73

2) Horde_Util_StringTest::testLowerTurkish
Failed asserting that two strings are equal.
--- Expected
+++ Actual
@@ @@
-'abcdefghiı'
+'abcdefghii'

/tmp/autopkgtest-lxc.gj_ux5tg/downtmp/build.g2n/src/Horde_Util-2.5.12/test/Horde/Util/StringTest.php:74
/usr/bin/phpunit:73

3) Horde_Util_StringTest::testUcfirstTurkish
Failed asserting that two strings are equal.
--- Expected
+++ Actual
@@ @@
-'İnteger'
+'Integer'

/tmp/autopkgtest-lxc.gj_ux5tg/downtmp/build.g2n/src/Horde_Util-2.5.12/test/Horde/Util/StringTest.php:123
/usr/bin/phpunit:73

FAILURES!
Tests: 87, Assertions: 207, Failures: 3.
autopkgtest [06:17:53]: test phpunit



OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: php-horde-util
Source-Version: 2.5.12-2
Done: Anton Gladky 

We believe that the bug you reported is fixed in the latest version of
php-horde-util, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1028...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anton Gladky  (supplier of updated php-horde-util package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 24 Jan 2023 20:27:42 +0100
Source: php-horde-util
Architecture: source
Version: 2.5.12-2
Distribution: unstable
Urgency: medium
Maintainer: Horde Maintainers 
Changed-By: Anton Gladky 
Closes: 1028952
Changes:
 php-horde-util (2.5.12-2) unstable; urgency=medium
 .
   * Team upload.
 .
   [ Mike Gabriel ]
   * d/control: Bump Standards-Version: to 4.6.2. No changes needed.
 .
   [ Anton Gladky ]
   * d/patches: Fix many warnings due to PHP8.2. (Closes: #1028952)
   * d/patch

Processed: tagging 1029563

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 1029563 + upstream security
Bug #1029563 {Done: Thomas Goirand } [glance-api] 
CVE-2022-47951: vulnerability in VMDK image processing
Added tag(s) security and upstream.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1029563: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029563
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 1029562

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 1029562 + upstream security
Bug #1029562 {Done: Thomas Goirand } [python3-cinder] 
CVE-2022-47951: vulnerability in VMDK image processing
Added tag(s) upstream and security.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1029562: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029562
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1028345:

[Jorge Moraleda]

Dear maintainer,

The package is also uninstallable in bookworm with:

The following packages have unmet dependencies:
 python3-sage : Depends: libgap7 (>= 4.11.0-1) but it is not installable
Depends: libpari-gmp-tls7 but it is not installable
Depends: libsingular4m2n1 (>= 1:4.2.1-p3+ds) but it is not
installable
Recommends: cysignals-tools but it is not going to be
installed
Recommends: maxima-sage-doc (>= 5.42.2) but it is not going
to be installed
Recommends: python3-sagenb-export (>= 3.2) but it is not
going to be installed
Recommends: singular-doc (>= 1:4.2.1-p2+ds-3) but it is not
going to be installed

With respect to the missing dependencies, I remark that bookworm contains
the following packages:
** libgap8* instead of *libgap7*
** libpari-gmp-tls8* instead of *libpari-gmp-tls7*
** libsingular4m3n0 *instead of

*libsingular4m2n1*
Potentially, fixing installability might be as simple as updating the
dependencies.

Bug#1027506: Status of mozillavpn in Debian

[Sylvestre Ledru]

Le 24/01/2023 à 23:31, rbk a écrit :

On 22.01.2023 12:01, Sylvestre Ledru wrote:

Have you been able to try again?


Sorry, no. (I'm traveling with restricted network access.)
All I can say is that I was using dpkg-buildpackage on a sid host,
not pbuilder. Hope this helps.
  -richard.


Not really ;) but thanks

Bug#1027506: Status of mozillavpn in Debian

[rbk]

On 22.01.2023 12:01, Sylvestre Ledru wrote:

Have you been able to try again?


Sorry, no. (I'm traveling with restricted network access.)
All I can say is that I was using dpkg-buildpackage on a sid host,
not pbuilder. Hope this helps.
  -richard.

Bug#1028192: libproxy1v5: Gajim 1.6.0-1 crashes in libproxy call

[Martin]

Hi Sebastian,

I wonder, if I should upload libproxy with your github patch¹ to
experimental. Then people affected (or not affected) by the bug can test
easily. Or you may upload, of course! :-)

Cheers

¹ https://github.com/libproxy/libproxy/issues/199#issuecomment-1401124997

Processed: pending xscreensaver 6.06+dfsg1-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 1028029 pending
Bug #1028029 [xscreensaver] xscreensaver: contains non-free fonts
Added tag(s) pending.
> tags 1019516 pending
Bug #1019516 [xscreensaver] xscreensaver: New version available upstream
Added tag(s) pending.
> tags 1007724 pending
Bug #1007724 [xscreensaver] xscreensaver: xscreensaver-auth says it should be 
installed setuid root
Added tag(s) pending.
> tags 1020369 pending
Bug #1020369 [xscreensaver] xscreensaver: transition gsfonts/gsfonts-x11 --> 
fonts-urw-base35
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1007724: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007724
1019516: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019516
1020369: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020369
1028029: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028029
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1029151: marked as done (mysql-8.0: CVE-2023-21863 CVE-2023-21867 CVE-2023-21868 CVE-2023-21869 CVE-2023-21870 CVE-2023-21871 CVE-2023-21873 CVE-2023-21875 CVE-2023-21876 CVE-2023-21877 CVE-2023-2

[Debian Bug Tracking System]

Your message dated Tue, 24 Jan 2023 23:25:16 +
with message-id 
and subject line Bug#1029151: fixed in mysql-8.0 8.0.32-1
has caused the Debian Bug report #1029151,
regarding mysql-8.0: CVE-2023-21863 CVE-2023-21867 CVE-2023-21868 
CVE-2023-21869 CVE-2023-21870 CVE-2023-21871 CVE-2023-21873 CVE-2023-21875 
CVE-2023-21876 CVE-2023-21877 CVE-2023-21878 CVE-2023-21879 CVE-2023-21880 
CVE-2023-21881 CVE-2023-21882 CVE-2023-21883 CVE-2023-21887
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1029151: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029151
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mysql-8.0
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerabilities were published for mysql-8.0.

All fixed in 8.0.32.

CVE-2023-21863[0]:
| Vulnerability in the MySQL Server product of Oracle MySQL (component:
| Server: Optimizer). Supported versions that are affected are 8.0.31
| and prior. Easily exploitable vulnerability allows high privileged
| attacker with network access via multiple protocols to compromise
| MySQL Server. Successful attacks of this vulnerability can result in
| unauthorized ability to cause a hang or frequently repeatable crash
| (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability
| impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).


CVE-2023-21867[1]:
| Vulnerability in the MySQL Server product of Oracle MySQL (component:
| Server: Optimizer). Supported versions that are affected are 8.0.31
| and prior. Easily exploitable vulnerability allows high privileged
| attacker with network access via multiple protocols to compromise
| MySQL Server. Successful attacks of this vulnerability can result in
| unauthorized ability to cause a hang or frequently repeatable crash
| (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability
| impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).


CVE-2023-21868[2]:
| Vulnerability in the MySQL Server product of Oracle MySQL (component:
| Server: Optimizer). Supported versions that are affected are 8.0.31
| and prior. Easily exploitable vulnerability allows low privileged
| attacker with network access via multiple protocols to compromise
| MySQL Server. Successful attacks of this vulnerability can result in
| unauthorized ability to cause a hang or frequently repeatable crash
| (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability
| impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).


CVE-2023-21869[3]:
| Vulnerability in the MySQL Server product of Oracle MySQL (component:
| InnoDB). Supported versions that are affected are 8.0.31 and prior.
| Easily exploitable vulnerability allows high privileged attacker with
| network access via multiple protocols to compromise MySQL Server.
| Successful attacks of this vulnerability can result in unauthorized
| ability to cause a hang or frequently repeatable crash (complete DOS)
| of MySQL Server as well as unauthorized update, insert or delete
| access to some of MySQL Server accessible data. CVSS 3.1 Base Score
| 5.5 (Integrity and Availability impacts). CVSS Vector:
| (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).


CVE-2023-21870[4]:
| Vulnerability in the MySQL Server product of Oracle MySQL (component:
| Server: Optimizer). Supported versions that are affected are 8.0.31
| and prior. Easily exploitable vulnerability allows high privileged
| attacker with network access via multiple protocols to compromise
| MySQL Server. Successful attacks of this vulnerability can result in
| unauthorized ability to cause a hang or frequently repeatable crash
| (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability
| impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).


CVE-2023-21871[5]:
| Vulnerability in the MySQL Server product of Oracle MySQL (component:
| InnoDB). Supported versions that are affected are 8.0.31 and prior.
| Easily exploitable vulnerability allows high privileged attacker with
| network access via multiple protocols to compromise MySQL Server.
| Successful attacks of this vulnerability can result in unauthorized
| ability to cause a hang or frequently repeatable crash (complete DOS)
| of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS
| Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).


CVE-2023-21873[6]:
| Vulnerability in the MySQL Server product of Oracle MySQL (component:
| Server: Optimizer). Supported versions that are affected are 8.0.31
| and prior. E

Bug#1022843: Bug#1029352: Bug#1022843: ifupdown: network down after systemctl restart

[Jeff King]

On Tue, Jan 24, 2023 at 02:32:07PM +0100, Santiago Ruano Rincón wrote:

> > Tests yesterday seem to indicate successful results, but again I've only
> > tested a few combinations in a VM (to keep the feedback loop short).
> > 
> > From the installer team point of view, I'd welcome a swift upload with
> > this patch, possibly with urgency=high so that the fix reaches testing
> > soon. This will another blocker out of the way for the next D-I release!
> 
> Just uploaded with your patched patch.

Thanks, I just booted with 0.8.41, and the result looks good to me!

-Peff

Bug#1028877: marked as done (flask-dance: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.11" returned exit code 13)

[Debian Bug Tracking System]

Your message dated Wed, 25 Jan 2023 00:49:04 +
with message-id 
and subject line Bug#1028877: fixed in flask-dance 6.2.0-2.1
has caused the Debian Bug report #1028877,
regarding flask-dance: FTBFS: dh_auto_test: error: pybuild --test --test-pytest 
-i python{version} -p "3.10 3.11" returned exit code 13
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1028877: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028877
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: flask-dance
Version: 6.2.0-2
Severity: serious
Justification: FTBFS
Tags: bookworm sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20230113 ftbfs-bookworm

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
> make[1]: Entering directory '/<>'
> PYBUILD_SYSTEM=custom \
> PYBUILD_TEST_ARGS="python3-coverage run -m pytest -m \"not 
> install_required\"" \
> dh_auto_test
> I: pybuild base:240: python3-coverage run -m pytest -m "not install_required"
> = test session starts 
> ==
> platform linux -- Python 3.11.1, pytest-7.2.0, pluggy-1.0.0+repack
> rootdir: /<>, configfile: pyproject.toml
> plugins: Flask-Dance-6.2.0, mock-3.8.2, betamax-0.8.1
> collected 196 items / 1 deselected / 195 selected
> 
> tests/test_utils.py ..   [  
> 1%]
> tests/consumer/test_oauth1.py    [ 
> 11%]
> tests/consumer/test_oauth2.py F...F...   [ 
> 23%]
> tests/consumer/test_requests.py ..   [ 
> 28%]
> tests/consumer/storage/test_sqla.py  [ 
> 34%]
> tests/contrib/test_atlassian.py ..   [ 
> 37%]
> tests/contrib/test_authentiq.py  [ 
> 40%]
> tests/contrib/test_azure.py ...  [ 
> 43%]
> tests/contrib/test_digitalocean.py . [ 
> 46%]
> tests/contrib/test_discord.py    [ 
> 48%]
> tests/contrib/test_dropbox.py    [ 
> 52%]
> tests/contrib/test_facebook.py . [ 
> 54%]
> tests/contrib/test_fitbit.py ... [ 
> 56%]
> tests/contrib/test_github.py ... [ 
> 57%]
> tests/contrib/test_gitlab.py ..  [ 
> 61%]
> tests/contrib/test_google.py .   [ 
> 67%]
> tests/contrib/test_heroku.py ... [ 
> 69%]
> tests/contrib/test_jira.py ...   [ 
> 72%]
> tests/contrib/test_linkedin.py ...   [ 
> 74%]
> tests/contrib/test_meetup.py [ 
> 76%]
> tests/contrib/test_nylas.py ...  [ 
> 77%]
> tests/contrib/test_orcid.py  [ 
> 80%]
> tests/contrib/test_osm.py ...[ 
> 81%]
> tests/contrib/test_reddit.py [ 
> 83%]
> tests/contrib/test_salesforce.py [ 
> 87%]
> tests/contrib/test_slack.py .[ 
> 92%]
> tests/contrib/test_spotify.py ...[ 
> 93%]
> tests/contrib/test_strava.py ... [ 
> 95%]
> tests/contrib/test_twitch.py ... [ 
> 96%]
> tests/contrib/test_twitter.py ...[ 
> 98%]
> tests/contrib/test_zoho.py ...   
> [100%]
> 
> === FAILURES 
> ===
> _ test_authorized_url 
> __
> 
> @responses.activate
> def test_authorized_url():
> responses.add(
> responses.POST,
> "https://example.com/oauth/access_token";,
> 
> body='{"access_token":"foobar","token_type":"bearer","scope":"admin"}',
> )
> app, _ = make_app()
> with app.test_client() as client:
> # reset the session before the request
> with client.session_transaction() as sess

Bug#1026048: marked as done (redmine: CVE-2022-44030 CVE-2022-44637 CVE-2022-44031)

[Debian Bug Tracking System]

Your message dated Wed, 25 Jan 2023 01:19:51 +
with message-id 
and subject line Bug#1026048: fixed in redmine 5.0.4-1
has caused the Debian Bug report #1026048,
regarding redmine: CVE-2022-44030 CVE-2022-44637 CVE-2022-44031
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1026048: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026048
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: redmine
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerabilities were published for redmine.

CVE-2022-44030[0]:
| Redmine 5.x before 5.0.4 allows downloading of file attachments of any
| Issue or any Wiki page due to insufficient permission checks.
| Depending on the configuration, this may require login as a registered
| user.

https://www.redmine.org/projects/redmine/wiki/Security_Advisories

CVE-2022-44637[1]:
| Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in
| its Textile formatter due to improper sanitization in Redcloth3
| Textile-formatted fields. Depending on the configuration, this may
| require login as a registered user.

https://www.redmine.org/projects/redmine/wiki/Security_Advisories

CVE-2022-44031[2]:
| Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in
| its Textile formatter due to improper sanitization of the blockquote
| syntax in Textile-formatted fields.

https://www.redmine.org/projects/redmine/wiki/Security_Advisories

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-44030
https://www.cve.org/CVERecord?id=CVE-2022-44030
[1] https://security-tracker.debian.org/tracker/CVE-2022-44637
https://www.cve.org/CVERecord?id=CVE-2022-44637
[2] https://security-tracker.debian.org/tracker/CVE-2022-44031
https://www.cve.org/CVERecord?id=CVE-2022-44031

Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---
Source: redmine
Source-Version: 5.0.4-1
Done: Utkarsh Gupta 

We believe that the bug you reported is fixed in the latest version of
redmine, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1026...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Utkarsh Gupta  (supplier of updated redmine package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 16 Jan 2023 17:56:19 +0530
Source: redmine
Architecture: source
Version: 5.0.4-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Team 

Changed-By: Utkarsh Gupta 
Closes: 1022818 1026048 1027340
Changes:
 redmine (5.0.4-1) unstable; urgency=medium
 .
   * New upstream version 5.0.4. (Closes: #1022818)
 - Fixes CVE-2022-44030, CVE-2022-44031, and CVE-2022-44637.
   (Closes: #1026048)
   * Refresh d/patches.
 - Keep mocha in Gemfile. (Closes: #1027340)
Checksums-Sha1:
 0152b93987b7a0041bccd752e4bb092ba53c7443 3332 redmine_5.0.4-1.dsc
 2cacdad65c92107403dc7825285a01af50193200 1882896 redmine_5.0.4.orig.tar.xz
 e458064ffd2bc776c05cedcbd543c44aff5ceedb 177588 redmine_5.0.4-1.debian.tar.xz
 ccdc33bae13e2141ecf6b9340d922e5eece842bd 14744 redmine_5.0.4-1_source.buildinfo
Checksums-Sha256:
 6991ec63107d539ab8c74bc55f27e22c2226450ba6b12d79f8fb0d211c5396f4 3332 
redmine_5.0.4-1.dsc
 6fccf53629e8beaa6b0c5020a24f5c66acbb7b546d4e6f3fb62974d5e9274ec6 1882896 
redmine_5.0.4.orig.tar.xz
 f7040db061abe1d6fb605656684b85d0de3f72a6e4fae2449818d492b0c77fb7 177588 
redmine_5.0.4-1.debian.tar.xz
 71421f247fc45398b70e4d67f61e1896859512b70a7c0fe430a4a1a6d7e7a961 14744 
redmine_5.0.4-1_source.buildinfo
Files:
 38267d0837057fb68a0b0b10a10ae1a5 3332 web optional redmine_5.0.4-1.dsc
 b260593aa05fd253f7742b856e061cde 1882896 web optional redmine_5.0.4.orig.tar.xz
 e85fdd7fe4524c542ced5a5ff041944f 177588 web optional 
redmine_5.0.4-1.debian.tar.xz
 6fe31958ee9d3f9972514397c9f4e416 14744 web optional 
redmine_5.0.4-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmPQf3cTHHV0a2Fyc2hA
ZGViaWFuLm9

Bug#1027340: marked as done (redmine: FTBFS: LoadError: cannot load such file -- mocha/minitest)

[Debian Bug Tracking System]

Your message dated Wed, 25 Jan 2023 01:19:51 +
with message-id 
and subject line Bug#1027340: fixed in redmine 5.0.4-1
has caused the Debian Bug report #1027340,
regarding redmine: FTBFS: LoadError: cannot load such file -- mocha/minitest
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1027340: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027340
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: redmine
Version: 5.0.2-2
Severity: serious
Justification: FTBFS
Tags: bookworm sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20221230 ftbfs-bookworm

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.

This is likely due to the upgrade of mocha. See 
https://lists.debian.org/debian-ruby/2022/12/msg00064.html


Relevant part (hopefully):
> make[1]: Entering directory '/<>'
> mkdir -p instances/default/config/
> cp debian/Gemfile.test.local Gemfile.local
> cp debian/database.test.yml instances/default/config/database.yml
> bin/rake db:migrate RAILS_ENV=test
> == 1 Setup: migrating 
> =
> -- create_table("attachments", {:force=>true, :id=>:integer})
>-> 0.0016s
> -- create_table("auth_sources", {:force=>true, :id=>:integer})
>-> 0.0009s
> -- create_table("custom_fields", {:force=>true, :id=>:integer})
>-> 0.0007s
> -- create_table("custom_fields_projects", {:id=>false, :force=>true})
>-> 0.0004s
> -- create_table("custom_fields_trackers", {:id=>false, :force=>true})
>-> 0.0004s
> -- create_table("custom_values", {:force=>true, :id=>:integer})
>-> 0.0005s
> -- create_table("documents", {:force=>true, :id=>:integer})
>-> 0.0006s
> -- add_index("documents", ["project_id"], {:name=>"documents_project_id"})
>-> 0.0003s
> -- create_table("enumerations", {:force=>true, :id=>:integer})
>-> 0.0006s
> -- create_table("issue_categories", {:force=>true, :id=>:integer})
>-> 0.0005s
> -- add_index("issue_categories", ["project_id"], 
> {:name=>"issue_categories_project_id"})
>-> 0.0002s
> -- create_table("issue_histories", {:force=>true, :id=>:integer})
>-> 0.0005s
> -- add_index("issue_histories", ["issue_id"], 
> {:name=>"issue_histories_issue_id"})
>-> 0.0002s
> -- create_table("issue_statuses", {:force=>true, :id=>:integer})
>-> 0.0006s
> -- create_table("issues", {:force=>true, :id=>:integer})
>-> 0.0006s
> -- add_index("issues", ["project_id"], {:name=>"issues_project_id"})
>-> 0.0003s
> -- create_table("members", {:force=>true, :id=>:integer})
>-> 0.0006s
> -- create_table("news", {:force=>true, :id=>:integer})
>-> 0.0006s
> -- add_index("news", ["project_id"], {:name=>"news_project_id"})
>-> 0.0002s
> -- create_table("permissions", {:force=>true, :id=>:integer})
>-> 0.0006s
> -- create_table("permissions_roles", {:id=>false, :force=>true})
>-> 0.0004s
> -- add_index("permissions_roles", ["role_id"], 
> {:name=>"permissions_roles_role_id"})
>-> 0.0002s
> -- create_table("projects", {:force=>true, :id=>:integer})
>-> 0.0006s
> -- create_table("roles", {:force=>true, :id=>:integer})
>-> 0.0006s
> -- create_table("tokens", {:force=>true, :id=>:integer})
>-> 0.0005s
> -- create_table("trackers", {:force=>true, :id=>:integer})
>-> 0.0005s
> -- create_table("users", {:force=>true, :id=>:integer})
>-> 0.0007s
> -- create_table("versions", {:force=>true, :id=>:integer})
>-> 0.0005s
> -- add_index("versions", ["project_id"], {:name=>"versions_project_id"})
>-> 0.0002s
> -- create_table("workflows", {:force=>true, :id=>:integer})
>-> 0.0005s
> == 1 Setup: migrated (0.0520s) 
> 
> 
> == 2 IssueMove: migrating 
> =
> == 2 IssueMove: migrated (0.0058s) 
> 
> 
> == 3 IssueAddNote: migrating 
> ==
> == 3 IssueAddNote: migrated (0.0057s) 
> =
> 
> == 4 ExportPdf: migrating 
> =
> == 4 ExportPdf: migrated (0.0062s) 
> 
> 
> == 5 IssueStartDate: migrating 
> 
> -- add_column(:issues, :start_date, :date)
>-> 0.0012s
> -- add_column(:issues, :done_ratio, :integer, {:default=>0, :null=>false})
>-> 0.0007s
> == 5 IssueStartDate: migrated (0.0020s) 
> ===
> 
> == 6 CalendarAndActivity: migra

Processed: affects 1019665

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # #1026427 fixed that
> affects 1019665 - src:jekyll
Bug #1019665 [src:ruby-safe-yaml] ruby-safe-yaml: FTBFS with ruby3.1: ERROR: 
Test "ruby3.1" failed:   ArgumentError:
Removed indication that 1019665 affects src:jekyll
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1019665: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019665
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: affects 1019665

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # #1026427 fixed that
> affects 1019665 - src:jekyll
Bug #1019665 [src:ruby-safe-yaml] ruby-safe-yaml: FTBFS with ruby3.1: ERROR: 
Test "ruby3.1" failed:   ArgumentError:
Removed indication that 1019665 affects 
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1019665: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019665
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: affects 1019665

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # #1026427 fixed that
> affects 1019665 - src:jekyll
Bug #1019665 [src:ruby-safe-yaml] ruby-safe-yaml: FTBFS with ruby3.1: ERROR: 
Test "ruby3.1" failed:   ArgumentError:
Removed indication that 1019665 affects 
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1019665: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019665
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: affects 1019665

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # #1026427 fixed that
> affects 1019665 - src:jekyll
Bug #1019665 [src:ruby-safe-yaml] ruby-safe-yaml: FTBFS with ruby3.1: ERROR: 
Test "ruby3.1" failed:   ArgumentError:
Removed indication that 1019665 affects 
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1019665: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019665
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1027943: marked as done (regina-normal FTBFS with Python 3.11 as default version)

[Debian Bug Tracking System]

Your message dated Wed, 25 Jan 2023 02:42:17 +
with message-id 
and subject line Bug#1027943: fixed in regina-normal 7.2-3
has caused the Debian Bug report #1027943,
regarding regina-normal FTBFS with Python 3.11 as default version
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1027943: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027943
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: regina-normal
Version: 7.2-2
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/fetch.php?pkg=regina-normal&arch=amd64&ver=7.2-2%2Bb1&stamp=1672843144&raw=0

...
3: Test command: 
/<>/obj-x86_64-linux-gnu/python/testsuite/testbasic
3: Working Directory: /<>/obj-x86_64-linux-gnu/python/testsuite
3: Test timeout computed to be: 1000
3: 
3: Test suite for python bindings with a basic embedded interpreter
3: 
3: 
3: Running alltypes.test ... FAILED (exit code 2)
3: Output was:
3: ...
3: ModuleNotFoundError: No module named 'regina'
3: ERROR: Could not import reginaRunning angles.test ... FAILED (exit 
code 2)
...
75% tests passed, 1 tests failed out of 4

Total Test time (real) = 277.26 sec

The following tests FAILED:
  3 - python-basic (Failed)
Errors while running CTest
make[2]: *** [Makefile:94: test] Error 8
--- End Message ---
--- Begin Message ---
Source: regina-normal
Source-Version: 7.2-3
Done: Ben Burton 

We believe that the bug you reported is fixed in the latest version of
regina-normal, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1027...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ben Burton  (supplier of updated regina-normal package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 17 Jan 2023 00:02:27 +1000
Source: regina-normal
Architecture: source
Version: 7.2-3
Distribution: unstable
Urgency: low
Maintainer: Ben Burton 
Changed-By: Ben Burton 
Closes: 1027943
Changes:
 regina-normal (7.2-3) unstable; urgency=low
 .
   * Now builds and runs the test suite correctly under Python 3.11
 (closes: #1027943).
Checksums-Sha1:
 b34b8a5a4535623977036ccfcf3f296a9ef40794 2249 regina-normal_7.2-3.dsc
 185a963d7f67f96131a9226c395797d87a936567 15468 
regina-normal_7.2-3.debian.tar.xz
 9b0ce34391615ae68d52f843da9494b8d2a22385 13385 
regina-normal_7.2-3_source.buildinfo
Checksums-Sha256:
 fa3cc58f0dc879243ada1940563305b711dc0a4150be4cc7d93982db4062b919 2249 
regina-normal_7.2-3.dsc
 2731278b6a915c517da63b44e7ed54be5df312034fc3307ec813e12cd2d78599 15468 
regina-normal_7.2-3.debian.tar.xz
 2354a1277d60c6f179cc023a104e73aa06f0011e5309e448d21bca2aa1880af8 13385 
regina-normal_7.2-3_source.buildinfo
Files:
 a7e0decb1e179ed1159cf80239b666d8 2249 math optional regina-normal_7.2-3.dsc
 e2b9269c280e9f48719df34987a32b75 15468 math optional 
regina-normal_7.2-3.debian.tar.xz
 a0bf4cc7b4606e7471bb5c459cb0eef3 13385 math optional 
regina-normal_7.2-3_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEUZoACftQJV3bToiScKa+31QtONkFAmPQi64ACgkQcKa+31Qt
ONm3JhAAkv71r4az9x86svaTmKnbQPuSUCPoZ47XxizDTqVw7RA0abfnQJB3klB6
HwH8H0oD1IQzgk13lPP9xTT01HOdnReHi0q1XSWj2e4VER1bRaag2rf4xfiwFBik
OAFn07f0hrEgVBukhBxMEFH4lheQ21K9zvMpfvXc2C+X9Fu2wsxoTMsnfLXL2RjJ
MJuJ3KRRZA8ON/ZJCDQ5yJ3JXEaDO55uGw2o0oWkQe8HGdiDONw3MiM38vQL5v74
JET2psxhMhnpGiiXwimrxArBizfjE1CTu6xXqqC0supjWvPVahVcTJIdtZLoT+qc
it+/ho1sj1m/GqoFNObTsHUARqXTASvqFgDq/PN8Ydu9IvjGC9wHnKTZrc8+yMyP
z9lq1ofG1sp+38aFkv2HiUS1JRq/gyktfjZfqxskV52fzOmfa9hixBFdqZT0EVDM
pvVw8flEhlYCjl/zOZhtDEL2o40+o2Km0de7HDFre+7OgInf72RmByr5k0UinY2y
+gJIt+Vj7DTd+a39T5ZsjS6AJhC5gVy6jL8dC7xJm069Zyv2qrUCGPJYK6I7DIdZ
kRk96WstfblPSiMdeRfzSBdhLH98bhA0NgH7zPdTM+xv+DwxGNsG09L7LVtqBVLE
ps5rlqLuT+iw97ZAnNm2Lm4S8Vry1CVMVXTk5VZh4rFCmW8Jf3w=
=hSK2
-END PGP SIGNATURE End Message ---

Processed: affects 1019665

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # #1026427 fixed that
> affects 1019665 - src:jekyll
Bug #1019665 [src:ruby-safe-yaml] ruby-safe-yaml: FTBFS with ruby3.1: ERROR: 
Test "ruby3.1" failed:   ArgumentError:
Removed indication that 1019665 affects 
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1019665: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019665
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed (with 2 errors): forcibly merging 1026480 1027351, affects 1026480

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forcemerge 1026480 1027351
Bug #1026480 {Done: Antonio Terceiro } [src:jekyll] 
jekyll: FTBFS: ERROR: Test "ruby3.1" failed: 
/usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1413:in `rescue in block in 
activate_dependencies': Could not find 'liquid' (~> 4.0) among 156 total gem(s) 
(Gem::MissingSpecError)
Unable to merge bugs because:
package of #1027351 is 'src:jekyll-theme-minima' not 'src:jekyll'
Failed to forcibly merge 1026480: Did not alter merged bugs.

> affects 1026480 + jekyll-theme-minima
Failed to mark 1026480 as affecting package(s): failed to get lock on 
/srv/bugs.debian.org/spool/lock/1026480 -- Unable to lock 
/srv/bugs.debian.org/spool/lock/1026480 Resource temporarily unavailable.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
 at /usr/local/lib/site_perl/Debbugs/Common.pm line 650.

> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1026480: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026480
1027351: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027351
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed (with 2 errors): forcibly merging 1026480 1024177, affects 1026480

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forcemerge 1026480 1024177
Bug #1026480 {Done: Antonio Terceiro } [src:jekyll] 
jekyll: FTBFS: ERROR: Test "ruby3.1" failed: 
/usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1413:in `rescue in block in 
activate_dependencies': Could not find 'liquid' (~> 4.0) among 156 total gem(s) 
(Gem::MissingSpecError)
Unable to merge bugs because:
package of #1024177 is 'ruby-jekyll-feed' not 'src:jekyll'
Failed to forcibly merge 1026480: Did not alter merged bugs.

> affects 1026480 + ruby-jekyll-feed
Failed to mark 1026480 as affecting package(s): failed to get lock on 
/srv/bugs.debian.org/spool/lock/1026480 -- Unable to lock 
/srv/bugs.debian.org/spool/lock/1026480 Resource temporarily unavailable.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
Unable to lock /srv/bugs.debian.org/spool/lock/1026480 Resource temporarily 
unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692.
 at /usr/local/lib/site_perl/Debbugs/Common.pm line 650.

> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1024177: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024177
1026480: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026480
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: reassign 1027351 to src:jekyll, affects 1027351, forcibly merging 1026480 1027351

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 1027351 src:jekyll
Bug #1027351 [src:jekyll-theme-minima] jekyll-theme-minima: FTBFS: ERROR: Test 
"ruby3.1" failed: /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1413:in 
`rescue in block in activate_dependencies': Could not find 'liquid' (~> 4.0) 
among 128 total gem(s) (Gem::MissingSpecError)
Bug reassigned from package 'src:jekyll-theme-minima' to 'src:jekyll'.
No longer marked as found in versions jekyll-theme-minima/2.5.1-2.
Ignoring request to alter fixed versions of bug #1027351 to the same values 
previously set
> affects 1027351 src:jekyll-theme-minima
Bug #1027351 [src:jekyll] jekyll-theme-minima: FTBFS: ERROR: Test "ruby3.1" 
failed: /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1413:in `rescue in 
block in activate_dependencies': Could not find 'liquid' (~> 4.0) among 128 
total gem(s) (Gem::MissingSpecError)
Added indication that 1027351 affects src:jekyll-theme-minima
> forcemerge 1026480 1027351
Bug #1026480 {Done: Antonio Terceiro } [src:jekyll] 
jekyll: FTBFS: ERROR: Test "ruby3.1" failed: 
/usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1413:in `rescue in block in 
activate_dependencies': Could not find 'liquid' (~> 4.0) among 156 total gem(s) 
(Gem::MissingSpecError)
Bug #1027351 [src:jekyll] jekyll-theme-minima: FTBFS: ERROR: Test "ruby3.1" 
failed: /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1413:in `rescue in 
block in activate_dependencies': Could not find 'liquid' (~> 4.0) among 128 
total gem(s) (Gem::MissingSpecError)
Marked Bug as done
Removed indication that 1027351 affects src:jekyll-theme-minima
Marked as fixed in versions jekyll/4.3.1+dfsg-1.
Marked as found in versions jekyll/3.9.0+dfsg-5.
Merged 1026480 1027351
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1026480: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026480
1027351: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027351
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: reassign 1024177 to src:jekyll, affects 1024177, forcibly merging 1026480 1024177

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 1024177 src:jekyll
Bug #1024177 [ruby-jekyll-feed] cannot use plugin due to incompatibility?
Bug reassigned from package 'ruby-jekyll-feed' to 'src:jekyll'.
No longer marked as found in versions ruby-jekyll-feed/0.15.1-2.
Ignoring request to alter fixed versions of bug #1024177 to the same values 
previously set
> affects 1024177 ruby-jekyll-feed
Bug #1024177 [src:jekyll] cannot use plugin due to incompatibility?
Added indication that 1024177 affects ruby-jekyll-feed
> forcemerge 1026480 1024177
Bug #1026480 {Done: Antonio Terceiro } [src:jekyll] 
jekyll: FTBFS: ERROR: Test "ruby3.1" failed: 
/usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1413:in `rescue in block in 
activate_dependencies': Could not find 'liquid' (~> 4.0) among 156 total gem(s) 
(Gem::MissingSpecError)
Bug #1027351 {Done: Antonio Terceiro } [src:jekyll] 
jekyll-theme-minima: FTBFS: ERROR: Test "ruby3.1" failed: 
/usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1413:in `rescue in block in 
activate_dependencies': Could not find 'liquid' (~> 4.0) among 128 total gem(s) 
(Gem::MissingSpecError)
Bug #1024177 [src:jekyll] cannot use plugin due to incompatibility?
Severity set to 'serious' from 'normal'
Marked Bug as done
Removed indication that 1024177 affects ruby-jekyll-toc, ruby-jekyll-seo-tag, 
and ruby-jekyll-feed
Marked as fixed in versions jekyll/4.3.1+dfsg-1.
Marked as found in versions jekyll/3.9.0+dfsg-5.
Added tag(s) bookworm, ftbfs, and sid.
Bug #1027351 {Done: Antonio Terceiro } [src:jekyll] 
jekyll-theme-minima: FTBFS: ERROR: Test "ruby3.1" failed: 
/usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1413:in `rescue in block in 
activate_dependencies': Could not find 'liquid' (~> 4.0) among 128 total gem(s) 
(Gem::MissingSpecError)
Merged 1024177 1026480 1027351
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1024177: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024177
1026480: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026480
1027351: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027351
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1029063: anbox-binder issues reported to src:linux/src:dkms

[Aron Xu]

Control: severity -1 normal

dkms never risks creating an unbootable environment by exiting with an
error during the configuration of the corresponding linux-image-*
package when a module fails to build. Even though it looks annoying
when the failing dkms packages are not-so-critical to booting the
system, dkms has no knowledge about which package is critical and
which is less harmful.

I'm downgrading the issue to normal severity to allow more discussion
on possible better handling of such cases in the future.

For anbox-binder users who are reporting this issue to
src:linux/src:dkms on sid/testing, please look for updating the source
if it's very useful to you and hold the linux-image-* package for a
while, or remove it to allow upgrading to newer version of linux
packages for the moment.

Regards,
Aron

Processed: anbox-binder issues reported to src:linux/src:dkms

[Debian Bug Tracking System]

Processing control commands:

> severity -1 normal
Bug #1029063 [dkms] dkms: linux-image-* remains unconfigured after dkms module 
build failure
Bug #1029388 [dkms] linux-image-6.1.0-2-amd64: system does not boot up when 
swap partion is a file
Bug #1029507 [dkms] linux-image-6.1.0-1-amd64 isn't installable
Severity set to 'normal' from 'grave'
Severity set to 'normal' from 'grave'
Severity set to 'normal' from 'grave'

-- 
1029063: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029063
1029388: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029388
1029507: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029507
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1009926: marked as done (ruby-git: CVE-2022-25648)

[Debian Bug Tracking System]

Your message dated Wed, 25 Jan 2023 05:05:08 +
with message-id 
and subject line Bug#1009926: fixed in ruby-git 1.13.1-1
has caused the Debian Bug report #1009926,
regarding ruby-git: CVE-2022-25648
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1009926: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ruby-git
Version: 1.9.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/ruby-git/ruby-git/pull/569
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for ruby-git.

CVE-2022-25648[0]:
| The package git before 1.11.0 are vulnerable to Command Injection via
| git argument injection. When calling the fetch(remote = 'origin', opts
| = {}) function, the remote parameter is passed to the git fetch
| subcommand in a way that additional flags can be set. The additional
| flags can be used to perform a command injection.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-25648
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25648
[1] https://github.com/ruby-git/ruby-git/pull/569
[2] https://security.snyk.io/vuln/SNYK-RUBY-GIT-2421270
[3] 
https://github.com/ruby-git/ruby-git/commit/291ca0946bec7164b90ad5c572ac147f512c7159

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: ruby-git
Source-Version: 1.13.1-1
Done: Daniel Leidert 

We believe that the bug you reported is fixed in the latest version of
ruby-git, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1009...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Daniel Leidert  (supplier of updated ruby-git package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 25 Jan 2023 05:32:52 +0100
Source: ruby-git
Architecture: source
Version: 1.13.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers 

Changed-By: Daniel Leidert 
Closes: 1009926
Changes:
 ruby-git (1.13.1-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream release.
 - Fixes CVE-2022-25648 (closes: #1009926).
 - Fixes CVE-2022-46648.
 - Fixes CVE-2022-47318.
 .
   [ Debian Janitor ]
   * Bump debhelper from old 12 to 13.
 .
   [ Daniel Leidert ]
   * d/control (Build-Depends): Add ruby-addressable.
 (Standards-Version): Bump to 4.6.2.
   * d/copyright (Copyright): Update years.
   * d/watch: Get tarballs from tags page to fix downloads.
   * d/patches/fix-test.patch: Drop patch (applied upstream).
   * d/upstream/metadata: Fix URLs and use HTTPS.
Checksums-Sha1:
 6e1f0f878ec09b33561714d5169115c91674312c 2117 ruby-git_1.13.1-1.dsc
 a68b7634000396f1027d0e58dfe16c50d192b738 219640 ruby-git_1.13.1.orig.tar.gz
 7d5d16e096e389316b1eb0a81f072e49ae2e669c 4424 ruby-git_1.13.1-1.debian.tar.xz
 8976c9509bdb293b6de04140c350ce8a33967083 9750 ruby-git_1.13.1-1_amd64.buildinfo
Checksums-Sha256:
 5df55eedb59a2eb4a73ecee4628b58cb8c66136cf5352e789b2776fe9953f12b 2117 
ruby-git_1.13.1-1.dsc
 20981b8ec938a50280a9fe4cca55b2d59b58e46a7b80430a65579ae6c94c33cc 219640 
ruby-git_1.13.1.orig.tar.gz
 c52df2da21035a72492c2fab048936e110a852ef0682302f41d3c7da55defb39 4424 
ruby-git_1.13.1-1.debian.tar.xz
 b0ca323f3792bda2edde89456707783cbb18dffd2d9c8acf8bb8b18bb507a98b 9750 
ruby-git_1.13.1-1_amd64.buildinfo
Files:
 f9b8c94a1abc93029d1da5a5d9be5ea0 2117 ruby optional ruby-git_1.13.1-1.dsc
 f39ff78ee85dd3fdfe134f27d1292b9e 219640 ruby optional 
ruby-git_1.13.1.orig.tar.gz
 e000436b9de866845dd3dc4465763f0c 4424 ruby optional 
ruby-git_1.13.1-1.debian.tar.xz
 343a6156c6e1ad7e2503cdb9977b8429 9750 ruby optional 
ruby-git_1.13.1-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEvu1N7VVEpMA+KD3HS80FZ8KW0F0FAmPQsk4ACgkQS80FZ8KW
0F1/Uw//brjYmthDws9ySofXS8hPXGSoXl+ETkuppHSiKovhs72dZ2FT21b64pfz
/zSw4ANOOMukfJOlU5KGvq+4qezptH2WJxie4KDOqGk8tx58cRfkY1lHyLOpbVm2

Bug#1027552: marked as done (sphinx-gallery: FTBFS: build-dependency not installable: python-matplotlib-doc)

[Debian Bug Tracking System]

Your message dated Wed, 25 Jan 2023 06:20:35 +
with message-id 
and subject line Bug#1027552: fixed in sphinx-gallery 0.10.1-3
has caused the Debian Bug report #1027552,
regarding sphinx-gallery: FTBFS: build-dependency not installable: 
python-matplotlib-doc
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1027552: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027552
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: sphinx-gallery
Version: 0.10.1-2
Severity: serious
Justification: FTBFS
Tags: bookworm sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20230101 ftbfs-bookworm

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
> +--+
> | Install package build dependencies  
>  |
> +--+
> 
> 
> Setup apt archive
> -
> 
> Merged Build-Depends: debhelper-compat (= 9), dh-python, optipng, 
> python-matplotlib-doc, python-numpy-doc, python-pandas-doc, 
> python-sklearn-doc, python3-all, python3-doc, python3-ipython, 
> python3-joblib, python3-matplotlib (>= 3.2.2), python3-memory-profiler, 
> python3-pil, python3-plotly, python3-pytest, python3-pytest-cov, 
> python3-pytest-runner, python3-seaborn, python3-setuptools, python3-sphinx, 
> python3-sphinx-rtd-theme, python3-statsmodels, sphinx-doc, build-essential, 
> fakeroot
> Filtered Build-Depends: debhelper-compat (= 9), dh-python, optipng, 
> python-matplotlib-doc, python-numpy-doc, python-pandas-doc, 
> python-sklearn-doc, python3-all, python3-doc, python3-ipython, 
> python3-joblib, python3-matplotlib (>= 3.2.2), python3-memory-profiler, 
> python3-pil, python3-plotly, python3-pytest, python3-pytest-cov, 
> python3-pytest-runner, python3-seaborn, python3-setuptools, python3-sphinx, 
> python3-sphinx-rtd-theme, python3-statsmodels, sphinx-doc, build-essential, 
> fakeroot
> dpkg-deb: building package 'sbuild-build-depends-main-dummy' in 
> '/<>/apt_archive/sbuild-build-depends-main-dummy.deb'.
> Ign:1 copy:/<>/apt_archive ./ InRelease
> Get:2 copy:/<>/apt_archive ./ Release [963 B]
> Ign:3 copy:/<>/apt_archive ./ Release.gpg
> Get:4 copy:/<>/apt_archive ./ Sources [542 B]
> Get:5 copy:/<>/apt_archive ./ Packages [609 B]
> Fetched 2114 B in 0s (164 kB/s)
> Reading package lists...
> Reading package lists...
> 
> Install main build dependencies (apt-based resolver)
> 
> 
> Installing build dependencies
> Reading package lists...
> Building dependency tree...
> Reading state information...
> Some packages could not be installed. This may mean that you have
> requested an impossible situation or if you are using the unstable
> distribution that some required packages have not yet been created
> or been moved out of Incoming.
> The following information may help to resolve the situation:
> 
> The following packages have unmet dependencies:
>  sbuild-build-depends-main-dummy : Depends: python-matplotlib-doc but it is 
> not installable
> E: Unable to correct problems, you have held broken packages.
> apt-get failed.


The full build log is available from:
http://qa-logs.debian.net/2023/01/01/sphinx-gallery_0.10.1-2_unstable.log

All bugs filed during this archive rebuild are listed at:
https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20230101;users=lu...@debian.org
or:
https://udd.debian.org/bugs/?release=na&merged=ign&fnewerval=7&flastmodval=7&fusertag=only&fusertagtag=ftbfs-20230101&fusertaguser=lu...@debian.org&allbugs=1&cseverity=1&ctags=1&caffected=1#results

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

If you reassign this bug to another package, please mark it as 'affects'-ing
this package. See https://www.debian.org/Bugs/server-control#affects

If you fail to reproduce this, please provide a build log and diff it with mine
so that we can identify if something relevant changed in the meantime.
--- End Message ---
--- Begin Message ---
Source: sphinx-gallery
Source-Version: 0.10.1-3
Done: Sandro Tosi 

We believe that the bug you reported is fixed in the latest version of
sphinx-gallery, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have furthe

Processed: Bug#1028926 marked as pending in php-horde-auth

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #1028926 [src:php-horde-auth] php-horde-auth: (autopkgtest) needs update 
for php8.2: deprecation warnings on stderr
Added tag(s) pending.

-- 
1028926: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1028926: marked as pending in php-horde-auth

[Mike Gabriel]

Control: tag -1 pending

Hello,

Bug #1028926 in php-horde-auth reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/horde-team/php-horde-auth/-/commit/046ebf44f9484305f0385539f0d0adc67e876b6f


d/patches: Add 1012_php8.2.patch. Fix PHP 8.2 deprecation warnings. (Closes: 
#1028926).


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1028926

Bug#1016937: marked as done (atop: autopkgtest regression on arm64 and armhf and times out on s390x)

[Debian Bug Tracking System]

Your message dated Wed, 25 Jan 2023 07:52:01 +0100
with message-id 
and subject line Re: Bug#1016937: atop: autopkgtest regression on arm64 and 
armhf and times out on s390x
has caused the Debian Bug report #1016937,
regarding atop: autopkgtest regression on arm64 and armhf and times out on s390x
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1016937: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016937
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Source: atop
Version: 2.7.1-1
Severity: serious
X-Debbugs-CC: debian...@lists.debian.org
User: debian...@lists.debian.org
Usertags: timeout regression

Dear maintainer(s),

I looked at the results of the autopkgtest of you package because it was 
showing up on our page for long running tests on s390x. I noticed that 
the test always fails on s390x with an autopkgtest timeout. Your package 
regressed on armhf and arm64 around April 2022.


Regressions in testing on amd64 and arm64 are considered RC by the 
release team [1]. Tests that time out and fail while normally running 
quickly are a serious burden on our infrastructure, please try to 
prevent the apparent hang.


Don't hesitate to reach out if you need help and some more information
from our infrastructure.

Paul

https://ci.debian.net/packages/m/mercurial/testing/amd64/

[1] https://release.debian.org/testing/rc_policy.txt (section 6.a)


OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Version: 2.8.1-1

A measure against the indefinete lockup was added upstream in 2.8.1,
which seems to be working (autopkgtest on s390x working now).

Also, the (only) autopkgtest was marked as superficial. It was added to
get familiar with autopkgtst and I didnt notice the superficial
restrictio back then.

Greetings
Marc--- End Message ---

Bug#1028927: marked as pending in php-horde-autoloader

[Mike Gabriel]

Control: tag -1 pending

Hello,

Bug #1028927 in php-horde-autoloader reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/horde-team/php-horde-autoloader/-/commit/af288d7d3f69c9a39a72604ae528b88b893b37f4


d/patches: Add 1012_php8.2.patch. Fix PHP 8.2 deprecation warnings. (Closes: 
#1028927).


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1028927

Processed: Bug#1028927 marked as pending in php-horde-autoloader

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #1028927 [src:php-horde-autoloader] php-horde-autoloader: (autopkgtest) 
needs update for php8.2: deprecation warnings on stderr
Added tag(s) pending.

-- 
1028927: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028927
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1028926: marked as done (php-horde-auth: (autopkgtest) needs update for php8.2: deprecation warnings on stderr)

[Debian Bug Tracking System]

Your message dated Wed, 25 Jan 2023 07:05:41 +
with message-id 
and subject line Bug#1028926: fixed in php-horde-auth 2.2.2-10
has caused the Debian Bug report #1028926,
regarding php-horde-auth: (autopkgtest) needs update for php8.2: deprecation 
warnings on stderr
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1028926: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Source: php-horde-auth
Version: 2.2.2-9
Severity: serious
Tags: sid bookworm
User: debian...@lists.debian.org
Usertags: needs-update
Control: affects -1 src:php-defaults

Dear maintainer(s),

We are in the transition of replacing php8.1 with php8.2 [0]. With a 
recent upload of php-defaults the autopkgtest of php-horde-auth fails in 
testing when that autopkgtest is run with the binary packages of 
php-defaults from unstable. It passes when run with only packages from 
testing. In tabular form:


   passfail
php-defaults   from testing93
php-horde-auth from testing2.2.2-9
all others from testingfrom testing

I copied some of the output at the bottom of this report.

Currently this regression is blocking the migration of php-defaults to 
testing [1]. https://www.php.net/ChangeLog-8.php lists the changes since 
7.4 and may help to identify what needs to be updated.


The test itself passes, but the autopkgtest fails because of deprecation 
warnings on stderr. Output on stderr makes autopkgtest fail by default, 
unless `allow-stderr` is added to the set of restrictions. As a flood of 
deprecation warnings in server logs may be very unwanted, I'm not saying 
that adding the restriction to autopkgtest is the right answer to this 
issue, but because of the php transition, it needs to be resolved one 
way or the other.


More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[0] https://bugs.debian.org/1014460
[1] https://qa.debian.org/excuses.php?package=php-defaults

https://ci.debian.net/data/autopkgtest/testing/amd64/p/php-horde-auth/30356847/log.gz

PHP Deprecated:  Creation of dynamic property 
Horde_Db_Migration_Migrator::$_inflector is deprecated in 
/usr/share/php/Horde/Db/Migration/Migrator.php on line 76
PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187
PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187
PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187
PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187
PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187
PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187
PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187
PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187
PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187
PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187
PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187
PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187
.PHP Deprecated:  Callables of the form ["Horde_Db_Adapter_Pdo_Sqlite", 
"parent::execute"] are deprecated in 
/usr/share/php/Horde/Db/Adapter/Pdo/Sqlite.php on line 187

. 65 / 69 ( 94%)
PHP Dep