Bug#940350: transition: libgweather
Hi Andreas, On Sun, Sep 15, 2019 at 11:39:16PM +0200, Andreas Henriksson wrote: > Dear release team, > > I'm requesting a transition slot for libgweather on behalf of the > Debian GNOME Team. Thanks for requesting this. > From libgweather NEWS: > > > This version of the library bumps the soname after an ABI break in 3.28.0 > > that went unnoticed. If you see strange crashes, make sure to bump the > > required version of libgweather to 3.28.0 or newer. > > In other words we should already be affected by the "new" ABI/API > and no issues should arise. Upstream NEWS is incorrect. The ABI break happened in 3.31.91, so it has not reached Debian unstable (fortunately). See https://gitlab.gnome.org/GNOME/libgweather/issues/17#note_546778. I believe that still there will be no issues. According to codesearch no package is using the GWEATHER_LOCATION_ADM2 enum item that was removed. -- Dmitry Shachnev signature.asc Description: PGP signature
Bug#940476: buster-pu: package tmpreaper/1.6.14+deb10u1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Hi,
tmpreaper will clean up PrivateTmp dirs of processes that systemd
started, leading to those services periodically crashing (and it's
usually hard to diagnose that tmpreaper was the culprit here).
This update adds those dirs to tmpreapers' whitelist.
The problem has existed for a longer time but seems aggravated since
buster, likely because more services have started to use PrivateTmp.
Kind regards,
Thijs
-- System Information:
Debian Release: 9.11
APT prefers oldstable
APT policy: (500, 'oldstable')
Architecture: i386 (i686)
Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8),
LANGUAGE=nl_NL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: sysvinit (via /sbin/init)
diff -Nru tmpreaper-1.6.14/ChangeLog tmpreaper-1.6.14+deb10u1/ChangeLog
--- tmpreaper-1.6.14/ChangeLog 2019-01-11 13:27:15.0 +0100
+++ tmpreaper-1.6.14+deb10u1/ChangeLog 2019-09-16 09:15:24.0 +0200
@@ -1,3 +1,11 @@
+tmpreaper (1.6.14+deb10u1) buster; urgency=medium
+
+ * Non-maintainer upload with maintainer approval.
+ * Add `--protect '/tmp/systemd-private*/*'` to cron job to prevent
+breaking systemd services that have PrivateTmp=true (closes: #881725).
+
+ -- Thijs Kinkhorst Mon, 16 Sep 2019 07:15:24 +
+
tmpreaper (1.6.14) unstable; urgency=medium
* Upload to unstable to fix the race condition described in CVE-2019-3461:
diff -Nru tmpreaper-1.6.14/debian/changelog
tmpreaper-1.6.14+deb10u1/debian/changelog
--- tmpreaper-1.6.14/debian/changelog 2019-01-11 13:27:15.0 +0100
+++ tmpreaper-1.6.14+deb10u1/debian/changelog 2019-09-16 09:15:24.0
+0200
@@ -1,3 +1,11 @@
+tmpreaper (1.6.14+deb10u1) buster; urgency=medium
+
+ * Non-maintainer upload with maintainer approval.
+ * Add `--protect '/tmp/systemd-private*/*'` to cron job to prevent
+breaking systemd services that have PrivateTmp=true (closes: #881725).
+
+ -- Thijs Kinkhorst Mon, 16 Sep 2019 07:15:24 +
+
tmpreaper (1.6.14) unstable; urgency=medium
* Upload to unstable to fix the race condition described in CVE-2019-3461:
diff -Nru tmpreaper-1.6.14/debian/cron.daily
tmpreaper-1.6.14+deb10u1/debian/cron.daily
--- tmpreaper-1.6.14/debian/cron.daily 2008-05-19 19:10:16.0 +0200
+++ tmpreaper-1.6.14+deb10u1/debian/cron.daily 2019-09-16 09:15:24.0
+0200
@@ -105,5 +105,6 @@
--protect '/tmp/lost+found' \
--protect '/tmp/journal.dat' \
--protect '/tmp/quota.{user,group}' \
+ --protect '/tmp/systemd-private*/*' \
`for i in $TMPREAPER_PROTECT_EXTRA; do echo --protect "$i"; done` \
$TMPREAPER_DIRS
Bug#940477: stretch-pu: package tmpreaper/1.6.13+nmu1+deb9u2
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Hi,
tmpreaper will clean up PrivateTmp dirs of processes that systemd
started, leading to those services periodically crashing (and it's
usually hard to diagnose that tmpreaper was the culprit here).
This update adds those dirs to tmpreapers' whitelist.
Kind regards,
Thijs
-- System Information:
Debian Release: 9.11
APT prefers oldstable
APT policy: (500, 'oldstable')
Architecture: i386 (i686)
Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8),
LANGUAGE=nl_NL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: sysvinit (via /sbin/init)
diff -Nru tmpreaper-1.6.13+nmu1+deb9u1/ChangeLog
tmpreaper-1.6.13+nmu1+deb9u2/ChangeLog
--- tmpreaper-1.6.13+nmu1+deb9u1/ChangeLog 2019-01-05 16:25:06.0
+0100
+++ tmpreaper-1.6.13+nmu1+deb9u2/ChangeLog 2019-09-16 09:39:51.0
+0200
@@ -1,3 +1,11 @@
+tmpreaper (1.6.13+nmu1+deb9u2) stretch; urgency=medium
+
+ * Non-maintainer upload with maintainer approval.
+ * Add `--protect '/tmp/systemd-private*/*'` to cron job to prevent
+breaking systemd services that have PrivateTmp=true (closes: #881725).
+
+ -- Thijs Kinkhorst Mon, 16 Sep 2019 09:39:51 +0200
+
tmpreaper (1.6.13+nmu1+deb9u1) stretch-security; urgency=high
* Non-maintainer upload by the Security Team.
diff -Nru tmpreaper-1.6.13+nmu1+deb9u1/debian/changelog
tmpreaper-1.6.13+nmu1+deb9u2/debian/changelog
--- tmpreaper-1.6.13+nmu1+deb9u1/debian/changelog 2019-01-05
16:25:06.0 +0100
+++ tmpreaper-1.6.13+nmu1+deb9u2/debian/changelog 2019-09-16
09:39:51.0 +0200
@@ -1,3 +1,11 @@
+tmpreaper (1.6.13+nmu1+deb9u2) stretch; urgency=medium
+
+ * Non-maintainer upload with maintainer approval.
+ * Add `--protect '/tmp/systemd-private*/*'` to cron job to prevent
+breaking systemd services that have PrivateTmp=true (closes: #881725).
+
+ -- Thijs Kinkhorst Mon, 16 Sep 2019 09:39:51 +0200
+
tmpreaper (1.6.13+nmu1+deb9u1) stretch-security; urgency=high
* Non-maintainer upload by the Security Team.
diff -Nru tmpreaper-1.6.13+nmu1+deb9u1/debian/cron.daily
tmpreaper-1.6.13+nmu1+deb9u2/debian/cron.daily
--- tmpreaper-1.6.13+nmu1+deb9u1/debian/cron.daily 2008-05-19
19:10:16.0 +0200
+++ tmpreaper-1.6.13+nmu1+deb9u2/debian/cron.daily 2019-09-16
09:39:51.0 +0200
@@ -105,5 +105,6 @@
--protect '/tmp/lost+found' \
--protect '/tmp/journal.dat' \
--protect '/tmp/quota.{user,group}' \
+ --protect '/tmp/systemd-private*/*' \
`for i in $TMPREAPER_PROTECT_EXTRA; do echo --protect "$i"; done` \
$TMPREAPER_DIRS
Re: [debian-mysql] Bug#939866: Bug#939866: mariadb-server-10.1: replication hangs in state "Slave_IO_Running: Preparing" after upgrade from 10.1.38 to 10.1.41
la 14. syysk. 2019 klo 16.57 Adam D. Barratt (a...@adam-barratt.org.uk) kirjoitti: > > On Fri, 2019-09-13 at 21:10 +0300, Otto Kekäläinen wrote: > > To clarify, 10.3.18 has been uploaded to Debian unstable. Issue is > > still open for Buster and Stretch. > > Is there a likely ETA for when this might be resolvable? > > If you could prepare (preferably targeted) updates via the usual p-u > path then we can look at releasing them via stable-updates so that > affected users don't have to wait for the next point release. Thanks Adam for the pre-approval/guidance on how to solve this non-security stable update that is urgent. I will target p-u then and prepare it soon.
Bug#894663: transition: wxwidgets3.0
On Mon, 16 Sep 2019, Gunter Königsmann wrote: * Scroll Wheels and Two-Finger scroll are broken in this combination, if Wayland is used (934386) and Is two finger scrolling really a high priority issue? It seems like a nice to have rather than a must-have IMHO. * If a horizontal scrollbar is visible all custom controls (e.G. wxMaxima's worksheet) flicker badly (934386) On this issue, I'm not convinced that upstream can reproduce it, based on the comments in the ticket. I don't think that I've reproduced it either. Since you claim that it doesn't occur with wx 3.1, can you do a bisection between wx 3.0 and 3.1 to determine which commit fixed it? If we can figure that out, we can backport the patches. Vadim (who is one of the maintainers) can reproduce it. I cannot guarantee, though, if the right graphics card/GTK version/something else needs to be used in order to trigger the bug. Or if this is one of the esoteric bugs that only affect a handful of users. You are right, he did say that. He also said he didn't know if he would have time in the near future to look into it. So, what you say about trying to bisect the issue? If wxMaxima otherwise would be dropped from debian I am willing to switch to a flickering version that uses GTK3. But if I don't occur this risk I would rather stay at GTK3 until wxGTK 3.2 is released - which will fix this issue. The wxWidgets maintainers told me that wxGTK 3.2 will be released "soon". But the same was true a year ago - which I normally would be fine with: wxGTK 3.1 works fine, the combination of wxGTK 3.0 and GTK2 works fine, too - and it is wise to release a library when it is ready, not according to an arbitrary schedule. Well, there is still time to fix the issues - Bullseye release is still a long way off. And yes, upstream wx claims that wx 3.2 will be "soon" but we have heard that for a long time. :) So I don't think we can depend on that. That only partially answers my question. Currently I am playing with the thought if the right idea would be uploading a wxMaxima version that uses GTK3 to debian testing and looking if anyone except Vadim and me is affected by the bug. Well, the only thing we can control is that the GTK2 build of wx will be gone in Bullseye, barring any unforseen circumstances. Whether that will be with wx 3.0 or wx 3.2, remains to be seen. Scott
Bug#939738: buster-pu: package aegisub/3.2.2+dfsg-4+deb10u1
I've just realized that before uploading to pu the bug has to be fixed in unstable. I'll do it soon, hopefully this week. I'll send a new reply after the upload. Aniol
Bug#894663: transition: wxwidgets3.0
I can try to bisect wxWidgets. But as building wxWidgets drains my battery in minutes I will be able to do at maximum one step per week. Kind regards, Gunter. On 14.09.19 21:31, Scott Talbert wrote: > On Sat, 14 Sep 2019, Gunter Königsmann wrote: > >> * Scroll Wheels and Two-Finger scroll are broken in this >> combination, if >> Wayland is used (934386) and > > Is two finger scrolling really a high priority issue? It seems like a > nice to have rather than a must-have IMHO. > >> * If a horizontal scrollbar is visible all custom controls (e.G. >> wxMaxima's worksheet) flicker badly (934386) > > On this issue, I'm not convinced that upstream can reproduce it, based > on the comments in the ticket. I don't think that I've reproduced it > either. Since you claim that it doesn't occur with wx 3.1, can you do > a bisection between wx 3.0 and 3.1 to determine which commit fixed > it? If we can figure that out, we can backport the patches. > >> If wxMaxima otherwise would be dropped from debian I am willing to >> switch >> to a flickering version that uses GTK3. But if I don't occur this risk I >> would rather stay at GTK3 until wxGTK 3.2 is released - which will >> fix this >> issue. The wxWidgets maintainers told me that wxGTK 3.2 will be released >> "soon". But the same was true a year ago - which I normally would be >> fine >> with: wxGTK 3.1 works fine, the combination of wxGTK 3.0 and GTK2 works >> fine, too - and it is wise to release a library when it is ready, not >> according to an arbitrary schedule. > > Well, there is still time to fix the issues - Bullseye release is > still a long way off. > > And yes, upstream wx claims that wx 3.2 will be "soon" but we have > heard that for a long time. :) So I don't think we can depend on that. > > Scott
Bug#894663: transition: wxwidgets3.0
On Mon, 16 Sep 2019, Gunter Königsmann wrote: I can try to bisect wxWidgets. But as building wxWidgets drains my battery in minutes I will be able to do at maximum one step per week. You can only charge your battery once a week? If you're really strapped for compile resources, you can probably use some of the debian porter boxes? Scott
Bug#894663: transition: wxwidgets3.0
On Mon, Sep 16, 2019 at 09:25:54AM -0400, Scott Talbert wrote: > On Mon, 16 Sep 2019, Gunter Königsmann wrote: > > That only partially answers my question. Currently I am playing with the > > thought if the right idea would be uploading a wxMaxima version that > > uses GTK3 to debian testing and looking if anyone except Vadim and me is > > affected by the bug. Note you don't upload to testing - you upload to unstable, and then the package migrates to testing. I think this is probably a good idea. It seems there's something system dependent here since wxmaxima rebuilt to use GTK3 doesn't seem to flicker when scrolling horizontally or vertically to me, and so allowing easy wider testing would be helpful in trying to work out what's going on. > Well, the only thing we can control is that the GTK2 build of wx will be > gone in Bullseye, barring any unforseen circumstances. Whether that will be > with wx 3.0 or wx 3.2, remains to be seen. At this point the wxwidgets3.0-gtk3 transition is reporting 54% done: https://release.debian.org/transitions/ There's also one bug tagged "pending" and two packages uploaded to "experimental", so effectively 57% if you include stuff that's in progress (there are about 100 packages involved in all). I think even if wx 3.2 does come out soon we'd really want to get the current transition completed first. Having to deal with 3 wx variants at once sounds like more pain than necessary, and if we get the GTK2->GTK3 issues dealt with now then that's less to deal with in the second transition. Cheers, Olly
Bug#939446: buster-pu: package emacs/1:26.1+1-3.2
Rob Browning writes: > Package: release.debian.org > User: release.debian@packages.debian.org > Usertags: pu > Tags: buster > Severity: normal > > emacs (1:26.1+1-3.2+deb10u1) buster; urgency=medium > > * Update the EPLA packaging key (previous key expires 2019-09-23) via > the upstream commit f16785d361097df9fddfcc0b60ae6f0d92e7e911. Add the > old and new keyrings to debian/ and debian/source/include-binaries > since debian/patches/ can't handle git binary diffs. Thanks to Stefan > Monnier for reporting the problem and providing the patch. Just a ping -- if we want the packages be available in at least proposed-updates before the certificate expires, I imagine I might need to upload soon. Unstable and testing should now be OK as the same keyring (more or less the same patch) is in 1:26.1+1-4 which has migrated to bullseye. Thanks -- Rob Browning rlb @defaultvalue.org and @debian.org GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4
