Bug#934630: transition: octave

[Paul Gevers]

Control: block 934630 by 919641

Hi Sébastien,

On 02-10-2019 10:30, Sébastien Villemot wrote:
> However this time it failed to build on all arches, because of texinfo
> 6.7.0.dfsg.2-2 which was buggy. Since then, texinfo 6.7.0.dfsg.2-3 has
> been uploaded which should fix that. Can you please give octave back?
> (probably with a extra versioned dep on texinfo)

Octave has now been built everywhere. Will you take care of all the
failures in the reverse build depends? There are 16 packages that need
your attention before octave can migrate. I filed one FTBFS bug already,
but waiting for autoremoval isn't the way forward.

Paul



signature.asc
Description: OpenPGP digital signature

Processed: Re: Bug#934630: transition: octave

[Debian Bug Tracking System]

Processing control commands:

> block 934630 by 919641
Bug #934630 [release.debian.org] transition: octave
934630 was not blocked by any bugs.
934630 was not blocking any bugs.
Added blocking bug(s) of 934630: 919641

-- 
934630: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934630
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 917972, tagging 941078

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 917972 + pending
Bug #917972 [release.debian.org] transition: openexr
Added tag(s) pending.
> tags 941078 + pending
Bug #941078 [release.debian.org] transition: postgresql-12
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
917972: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917972
941078: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941078
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#933548: transition: gnome-desktop3

[Simon McVittie]

On Thu, 03 Oct 2019 at 08:48:35 +0200, Andreas Henriksson wrote:
> On Wed, Oct 02, 2019 at 08:46:50PM -0400, Jeremy Bicha wrote:
> > There are also several autopkgtest failures triggered by glib2.0 and
> > gobject-introspection.
> 
> I quickly looked over these and it seems they're all except one related
> to compiling stuff with -Werror. Mostly because of using GTime and/or
> GTimeVal which is deprecated.
> 
> The odd one out is libgtk2-perl which fails test 44:
...
> GdkPixbuf [ warning ] Inline XPM data is broken: Invalid XPM header
> not ok 44 - Don't crash on partial pixmap data

I think this might be caused by better error handling in gdk-pixbuf 2.38.2
(),
which I uploaded to make gdk-pixbuf silence the GTimeVal deprecation
warnings in its own animation API, so that it wouldn't trigger -Werror
in other packages if they don't actively use the animation API.

> The one not related to GTime / GTimeVal is dbus-test-runner:
> test-libdbustest-mock.c:392:13: error: g_main_context_pending [-Werror]
>   392 |  while (g_main_pending())
>   | ^   
> test-libdbustest-mock.c:393:13: error: g_main_context_iteration [-Werror]
>   393 |   g_main_iteration(TRUE);
>   | ^ 

These macros have been deprecated for 17 years (it's not often that I
get to say that!). I opened #941488, for which Iain did an NMU already.

smcv

Bug#933548: transition: gnome-desktop3

[intrigeri]

Hi,

Simon McVittie wrote:
> On Thu, 03 Oct 2019 at 08:48:35 +0200, Andreas Henriksson wrote:
>> The odd one out is libgtk2-perl which fails test 44:
> ...
>> GdkPixbuf [ warning ] Inline XPM data is broken: Invalid XPM header
>> not ok 44 - Don't crash on partial pixmap data

> I think this might be caused by better error handling in gdk-pixbuf 2.38.2
> (),
> which I uploaded to make gdk-pixbuf silence the GTimeVal deprecation
> warnings in its own animation API, so that it wouldn't trigger -Werror
> in other packages if they don't actively use the animation API.

FWIW, libgtk2-perl is going away in Bullseye; most of its
reverse-dependencies were either ported to GTK 3, or not shipped in
Buster thanks to RC bugs I had filed, or removed from the archive.
What's left is tracked there:

 - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912860
 - 
https://udd.debian.org/cgi-bin/bts-usertags.cgi?tag=gtk2-removal&user=debian-perl%40lists.debian.org

The only reason why this set of packages was not automatically removed
from testing yet is that libgtk2-perl is still on the list of key
packages, because it's installed on many machines ("popcon").
I believe this is explained by historical reasons that are invalid
nowadays: this package used to have major reverse dependencies.

So, if it helps make the GNOME 3.34 transitions smoother, IMO it would
be fine to remove libgtk2-perl and its reverse-dependencies from
testing. Some might see this as a heavy hammer approach, but this was
announced a year ago to all affected maintainers; either way, it will
happen during the Bullseye cycle, eventually.

Cheers,
-- 
intrigeri

Bug#933548: transition: gnome-desktop3

[Paul Gevers]

Hi,

On 03-10-2019 09:39, intrigeri wrote:
> FWIW, libgtk2-perl is going away in Bullseye; most of its
> reverse-dependencies were either ported to GTK 3, or not shipped in
> Buster thanks to RC bugs I had filed, or removed from the archive.
> What's left is tracked there:
> 
>  - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912860
>  - 
> https://udd.debian.org/cgi-bin/bts-usertags.cgi?tag=gtk2-removal&user=debian-perl%40lists.debian.org
> 
> The only reason why this set of packages was not automatically removed
> from testing yet is that libgtk2-perl is still on the list of key
> packages, because it's installed on many machines ("popcon").
> I believe this is explained by historical reasons that are invalid
> nowadays: this package used to have major reverse dependencies.
> 
> So, if it helps make the GNOME 3.34 transitions smoother, IMO it would
> be fine to remove libgtk2-perl and its reverse-dependencies from
> testing. Some might see this as a heavy hammer approach, but this was
> announced a year ago to all affected maintainers; either way, it will
> happen during the Bullseye cycle, eventually.

According to dak there are no reverse dependencies in testing, so I have
added a removal hint.

Paul



signature.asc
Description: OpenPGP digital signature

Processed: block 919641 with 941641

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> block 919641 with 941641
Bug #919641 [release.debian.org] transition: readline (7 -> 8)
919641 was not blocked by any bugs.
919641 was blocking: 934630
Added blocking bug(s) of 919641: 941641
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
919641: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919641
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: unblock 934630 with 919641, block 934630 with 941518 ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> unblock 934630 with 919641
Bug #934630 [release.debian.org] transition: octave
934630 was blocked by: 919641
934630 was not blocking any bugs.
Removed blocking bug(s) of 934630: 919641
> block 934630 with 941518
Bug #934630 [release.debian.org] transition: octave
934630 was not blocked by any bugs.
934630 was not blocking any bugs.
Added blocking bug(s) of 934630: 941518
> forwarded 919641 
> https://release.debian.org/transitions/html/auto-readline.html
Bug #919641 [release.debian.org] transition: readline (7 -> 8)
Set Bug forwarded-to-address to 
'https://release.debian.org/transitions/html/auto-readline.html'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
919641: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919641
934630: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934630
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#935737: transition: perl

[Paul Gevers]

Hi Niko, Dom,

On 25-08-2019 20:39, Niko Tyni wrote:
> Please let us know when we might get a transition slot.  Both of us
> are currently rather taken by real life stuff, so would appreciate an
> advance warning if possible.

As discussed on IRC, if you are ready to go in a couple of days (let
say, 5), we can start, otherwise please let us know and we can continue
with other transitions first.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#941482: marked as done (nmu: nwchem_6.8.1-5)

[Debian Bug Tracking System]

Your message dated Thu, 3 Oct 2019 15:10:33 +0200
with message-id <5678517e-9299-9fce-b95f-b2dc2ac0c...@debian.org>
and subject line Re: nmu: nwchem_6.8.1-5
has caused the Debian Bug report #941482,
regarding nmu: nwchem_6.8.1-5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
941482: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941482
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

Following binNMU #940866 for ga, nwchem now needs to be rebuilt
against armci-mpi 0.0~git20190412.643ea1a.

As discussed in #940866 both ga and nwchem link statically against
armci.

nmu nwchem_6.8.1-5 . ANY . unstable . -m "rebuild against armci-mpi 
0.0~git20190412.643ea1a"

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.2.0-2-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---

Hi Drew


Following binNMU #940866 for ga, nwchem now needs to be rebuilt
against armci-mpi 0.0~git20190412.643ea1a.

As discussed in #940866 both ga and nwchem link statically against
armci.

nmu nwchem_6.8.1-5 . ANY . unstable . -m "rebuild against armci-mpi 
0.0~git20190412.643ea1a"


Done.

Regards
Graham--- End Message ---

Bug#940995: marked as done (nmu: ntopng_3.8+dfsg1-2.1)

[Debian Bug Tracking System]

Your message dated Thu, 3 Oct 2019 15:37:59 +0200
with message-id 
and subject line Re: nmu: ntopng_3.8+dfsg1-2.1
has caused the Debian Bug report #940995,
regarding nmu: ntopng_3.8+dfsg1-2.1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
940995: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940995
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: binnmu
Severity: normal

nmu ntopng_3.8+dfsg1-2.1 . armhf . unstable . -m "no change rebuild with an 
higher version, to avoid same version as stable"

(current armhf package is getting rejected by dak because of this)

thanks

G.
--- End Message ---
--- Begin Message ---

Done.

jcristau@wuiet:~$ wb nmu 2 ntopng . armhf . -m 'Bump version number' -o--- End Message ---

Bug#872293: marked as done (nmu: loads of golang stuff)

[Debian Bug Tracking System]

Your message dated Thu, 3 Oct 2019 16:29:59 +0200
with message-id <28310b63-55d5-5881-65fd-c115703f0...@debian.org>
and subject line Re: Bug#872293: nmu: loads of golang stuff
has caused the Debian Bug report #872293,
regarding nmu: loads of golang stuff
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
872293: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872293
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: binnmu
Severity: normal
X-Debbugs-CC: pkg-go-maintain...@lists.alioth.debian.org
thanks

Howdy, release!

Due to the way that Go packages are built, I've started keeping an eye
on packages that were built using an out of date version of another
corner of the archive.

I've written a script that generates a list of things to binNMU, but
I've only just written it on the flight back from DebConf, and I am not
super sure of it yet.

So, here's a list of some things that look sensible by eye. I've got
a *lot* more, so if this turns out OK, I'll send another bug with more.

  nmu sia . any . -m 'out of date'
  nmu prometheus-node-exporter . any . -m 'out of date'
  nmu go-md2man . any . -m 'out of date'
  nmu webhook . any . -m 'out of date'
  nmu kcptun . any . -m 'out of date'
  nmu acbuild . any . -m 'out of date'
  nmu notary . any . -m 'out of date'
  nmu dh-make-golang . any . -m 'out of date'
  nmu robustirc-bridge . any . -m 'out of date'
  nmu runc . any . -m 'out of date'
  nmu prometheus . any . -m 'out of date'
  nmu skydns . any . -m 'out of date'
  nmu gb . any . -m 'out of date'
  nmu golang-golang-x-tools . any . -m 'out of date'
  nmu systemd-docker . any . -m 'out of date'
  nmu golang-github-xordataexchange-crypt . any . -m 'out of date'
  nmu abci . any . -m 'out of date'
  nmu prometheus-varnish-exporter . any . -m 'out of date'
  nmu gosu . any . -m 'out of date'
  nmu rclone . any . -m 'out of date'
  nmu docker-registry . any . -m 'out of date'
  nmu golang-petname . any . -m 'out of date'
  nmu prometheus-mongodb-exporter . any . -m 'out of date'
  nmu prometheus-mysqld-exporter . any . -m 'out of date'
  nmu consul . any . -m 'out of date'
  nmu minica . any . -m 'out of date'
  nmu gitlab-ci-multi-runner . any . -m 'out of date'
  nmu ratt . any . -m 'out of date'

Thank you!
  Paul
--- End Message ---
--- Begin Message ---
Hi Paul

On Sat, 6 Apr 2019 08:17:44 +0200 Paul Gevers  wrote:
> There was a second bug filed (916642) which has seen action. So is there
> anything missing from there with respect to this list? Also this bug is
> rather old to fix "out-of-date" issues, so I think it should be closed.
> 
> Also quoting from that bug:
> * We (the release team) generally try to rebuild packages with outdated
> built-using before the release.

No reply in half a year. I'm closing this bug as we did do the release
and as far as I'm aware, the rebuild happened.

Paul




signature.asc
Description: OpenPGP digital signature
--- End Message ---

Bug#904545: dw: irssi-plugin-otr_1.0.2-4 irssi-plugin-robustirc_0.6-4 irssi-plugin-xmpp_0.54-2

[Paul Gevers]

Hi Rhonda,

On Sat, 6 Apr 2019 14:55:52 +0200 Paul Gevers  wrote:
> On Wed, 25 Jul 2018 11:05:23 +0800 Rhonda D'Vine  wrote:
> >  please binNMU the irssi plugins for the last irssi upload.  I did a local 
> > test
> > build to confirm that they don't need any source change.

[...]

> > dw irssi-plugin-robustirc_0.6-4 . ANY . unstable . -m "irssi-dev (>= 
> > 1.1.1-1)"
> 
> I guess this one is still valid? Very stupid question from my side,
> maybe, but if this rebuild is needed for the package to function
> properly, why didn't you ping this request? And if it's not needed, why
> did you file this bug? I don't want to be harsh, I just don't understand.

Ping? And what is the status now in stable, since we shipped the package
without rebuilding it?

Paul



signature.asc
Description: OpenPGP digital signature

Bug#916642: marked as done (Long list of binNMUs for golang packages)

[Debian Bug Tracking System]

Your message dated Thu, 3 Oct 2019 16:42:58 +0200
with message-id 
and subject line Re: Long list of binNMUs for golang packages
has caused the Debian Bug report #916642,
regarding Long list of binNMUs for golang packages
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
916642: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916642
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: binnmu
Severity: normal

Dear release team,

in order to get rid of older copies of golang-1.10 and earlier, I'd like
to ask for several binNMUs. The binaries produced by golang are statically
linked, so that we have quite a few older versions in the archive, due
to Built-Using and Extra-Source-Only. Please find below the packages
which would need a rebuild with the current golang-1.10 version.

If this list is too long, I'd like to ask for binNMUs for really old
golang compiler versions. That list would be shorter, please tell me
if you'd like that list instead.

Regards,
Tobias


  nmu abci_0.0~git20170124.0.f94ae5e-2 . ANY . -m 'Rebuild with current 
golang-1.10'
  nmu acbuild_0.4.0+dfsg-3 . ANY . -m 'Rebuild with current golang-1.10'
  nmu ace_0.0.5-3 . ANY . -m 'Rebuild with current golang-1.10'
  nmu acmetool_0.0.62-3 . ANY . -m 'Rebuild with current golang-1.10'
  nmu amber_0.0~git20171010.cdade1c-1 . ANY . -m 'Rebuild with current 
golang-1.10'
  nmu appc-spec_0.8.11+dfsg-2 . ANY . -m 'Rebuild with current golang-1.10'
  nmu aptly_1.3.0+ds1-2 . ANY . -m 'Rebuild with current golang-1.10'
  nmu aptly-api_1.3.0+ds1-2 . ANY . -m 'Rebuild with current golang-1.10'
  nmu arduino-builder_1.3.25-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu autodeb-server_0.20.0-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu autodeb-worker_0.20.0-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu burrow_1.1.0-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu cadvisor_0.27.1+dfsg2-4 . ANY . -m 'Rebuild with current golang-1.10'
  nmu canid_0.0~git20180613.007c9af-2 . ANY . -m 'Rebuild with current 
golang-1.10'
  nmu certspotter_0.9-2 . ANY . -m 'Rebuild with current golang-1.10'
  nmu chasquid_0.06-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu chroma_0.5.0-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu cli-spinner_0.0~git20150423.610063b-4 . ANY . -m 'Rebuild with current 
golang-1.10'
  nmu cobra_0.0.3-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu codesearch_0.0~hg20120502-3 . ANY . -m 'Rebuild with current golang-1.10'
  nmu consul_1.0.7~dfsg1-5 . ANY . -m 'Rebuild with current golang-1.10'
  nmu consulfs_0.2-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu continuity_0.0~git20180216.d8fb858-1 . ANY . -m 'Rebuild with current 
golang-1.10'
  nmu coyim_0.3.8+ds-5 . ANY . -m 'Rebuild with current golang-1.10'
  nmu debiman_0.0~git20180905.9955035-1 . ANY . -m 'Rebuild with current 
golang-1.10'
  nmu debos_1.0.0+git20181105.b02e058-1 . ANY . -m 'Rebuild with current 
golang-1.10'
  nmu dh-make-golang_0.0~git20180827.d94f0cb-1 . ANY . -m 'Rebuild with current 
golang-1.10'
  nmu dnscrypt-proxy_2.0.19+ds1-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu dnss_0.0~git20180721.0.2de63ab0-1 . ANY . -m 'Rebuild with current 
golang-1.10'
  nmu docker2aci_0.17.2+dfsg-2 . ANY . -m 'Rebuild with current golang-1.10'
  nmu docker.io_18.06.1+dfsg1-2 . ANY . -m 'Rebuild with current golang-1.10'
  nmu docker-registry_2.6.2~ds1-2 . ANY . -m 'Rebuild with current golang-1.10'
  nmu ebnflint_0.0~git20181112.a3060d4-1 . ANY . -m 'Rebuild with current 
golang-1.10'
  nmu elvish_0.12+ds1-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu etcd-client_3.2.18+dfsg-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu etcd-fs_0.0+git20140621.0.395eacb-4 . ANY . -m 'Rebuild with current 
golang-1.10'
  nmu etcd-server_3.2.18+dfsg-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu ethflux_1.0-2 . ANY . -m 'Rebuild with current golang-1.10'
  nmu fakemachine_0.0~git20181105.9316584-1 . ANY . -m 'Rebuild with current 
golang-1.10'
  nmu fdroidcl_0.4.0-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu fscrypt_0.2.4-2 . ANY . -m 'Rebuild with current golang-1.10'
  nmu fzf_0.17.5-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu genxdr_2.0.1-5 . ANY . -m 'Rebuild with current golang-1.10'
  nmu gitaly_0.129.0+debian-3 . ANY . -m 'Rebuild with current golang-1.10'
  nmu git-sizer_1.2.0+dfsg-1 . ANY . -m 'Rebuild with current golang-1.10'
  nmu gobgpd_1.33-1 . ANY . -m 'Rebuild with current golang-1.10'
  n

Processed: jessie-pu: package publicsuffix/20190925.1705-0+deb8u1

[Debian Bug Tracking System]

Processing control commands:

> affects -1 src:publicsuffix
Bug #941673 [release.debian.org] jessie-pu: package 
publicsuffix/20190925.1705-0+deb8u1
Added indication that 941673 affects src:publicsuffix

-- 
941673: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941673
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#941673: jessie-pu: package publicsuffix/20190925.1705-0+deb8u1

[Daniel Kahn Gillmor]

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
Control: affects -1 src:publicsuffix

Please consider an update to publicsuffix in debian jessie.

This package reflects the state of the network, and keeping it current
is useful for all the packages that depend on it.

The debdiff from the previous version in jessie is attached.

This proposed release is also available at the
"publicsuffix_debian/20190925.1705-0+deb8u1" tag on the "debian/jessie" branch 
at the
git repo for publicsuffix packaging:

https://salsa.debian.org/debian/publicsuffix

Please followup on this ticket to confirm whether I should upload this
revision to jessie.



../publicsuffix_20171028.2055-0+deb8u1_20190925.1705-0+deb8u1.debdiff.gz
Description: Binary data

Bug#941093: transition: qtbase-opensource-src

[Boyuan Yang]

X-Debbugs-CC: mity...@debian.org



On Tue, 24 Sep 2019 19:32:28 +0300 Dmitry Shachnev  wrote:
> 
> Dear Release team,
> 
> Debian is currently shipping with Qt 5.11.3 which is quite outdated.
> 
> We would like to update to 5.12.5 release from the 5.12 LTS branch.
> [...]
> 
> The 5.12 release fixes build failure in qtwebengine (#939038) which blocks
the
> libvpx transition.
> 
> The only known package failing to build with Qt 5.12 is deepin-qt5dxcb-
plugin
> (#935105) which I can NMU if needed.

Just FYI: I've updated deepin-qt5dxcb-plugin to make it compatible with Qt
5.12.5 so It won't be a blocker for this transition. Let me know if there's
any other issues.

Best,
Boyuan Yang


signature.asc
Description: This is a digitally signed message part

Bug#934927: Status update request

[Pirate Praveen]

On Sun, Sep 29, 2019 at 21:53, Paul Gevers  wrote:

Could you please next time provide more context than only the bug
number. It's annoying to need to look it up if all you need to do is 
add

"libgit2 transition" somewhere.



ok.


That said, are you aware of any progress on the julia front?



I have pinged on the bug again.


Paul

Bug#941673: marked as done (jessie-pu: package publicsuffix/20190925.1705-0+deb8u1)

[Debian Bug Tracking System]

Your message dated Thu, 03 Oct 2019 19:00:12 +0100
with message-id 
<48b6bc0d1f619142a6189c114e8aefbfec04182a.ca...@adam-barratt.org.uk>
and subject line Re: Bug#941673: jessie-pu: package 
publicsuffix/20190925.1705-0+deb8u1
has caused the Debian Bug report #941673,
regarding jessie-pu: package publicsuffix/20190925.1705-0+deb8u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
941673: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941673
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
Control: affects -1 src:publicsuffix

Please consider an update to publicsuffix in debian jessie.

This package reflects the state of the network, and keeping it current
is useful for all the packages that depend on it.

The debdiff from the previous version in jessie is attached.

This proposed release is also available at the
"publicsuffix_debian/20190925.1705-0+deb8u1" tag on the "debian/jessie" branch 
at the
git repo for publicsuffix packaging:

https://salsa.debian.org/debian/publicsuffix

Please followup on this ticket to confirm whether I should upload this
revision to jessie.



../publicsuffix_20171028.2055-0+deb8u1_20190925.1705-0+deb8u1.debdiff.gz
Description: Binary data
--- End Message ---
--- Begin Message ---
On Thu, 2019-10-03 at 13:02 -0400, Daniel Kahn Gillmor wrote:
> Package: release.debian.org
> Severity: normal
> Tags: jessie
> User: release.debian@packages.debian.org
> Usertags: pu
> Control: affects -1 src:publicsuffix
> 
> Please consider an update to publicsuffix in debian jessie.
> 

The Release Team haven't handled jessie for some time now I'm afraid;
you'll need to talk to the LTS guys. Closing this request as they don't
use the BTS to track requests.

Regards,

Adam--- End Message ---

Bug#941093: transition: qtbase-opensource-src

[Dmitry Shachnev]

Version: 5.0.1-1

Hi Boyan,

On Thu, Oct 03, 2019 at 02:10:49PM -0400, Boyuan Yang wrote:
> Just FYI: I've updated deepin-qt5dxcb-plugin to make it compatible with Qt
> 5.12.5 so It won't be a blocker for this transition. Let me know if there's
> any other issues.

Thank you! I think we can close bug #935105 now.

--
Dmitry Shachnev


signature.asc
Description: PGP signature

Bug#941683: buster-pu: package node-yarnpkg/1.13.0-1+deb10u1

[Xavier Guimard]

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu

Hi,

node-yarnpkg is vulnerable: it exports auth data in http requests
(#941354, CVE-2019-5448). This patch imports upstream fix.

Cheers,
Xavier
diff --git a/debian/changelog b/debian/changelog
index 01fe7d70d..6c4b5fef1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+node-yarnpkg (1.13.0-1+deb10u1) buster; urgency=medium
+
+  * Team upload
+  * Add patch to force using https for the regular registries
+(Closes: #941354, CVE-2019-5448)
+
+ -- Xavier Guimard   Thu, 03 Oct 2019 18:23:54 +0200
+
 node-yarnpkg (1.13.0-1) unstable; urgency=low
 
   * Initial release (Closes: #843021)
diff --git a/debian/patches/CVE-2019-5448.diff 
b/debian/patches/CVE-2019-5448.diff
new file mode 100644
index 0..8bb7442c8
--- /dev/null
+++ b/debian/patches/CVE-2019-5448.diff
@@ -0,0 +1,75 @@
+Description: Forces using https for the regular registries
+Author: Maël Nison 
+Origin: upstream, https://github.com/yarnpkg/yarn/commit/2f08a740
+Bug: https://hackerone.com/reports/640904
+Bug-Debian: https://bugs.debian.org/941354
+Forwarded: not-needed
+Reviewed-By: Xavier Guimard 
+Last-Update: 2019-10-03
+
+--- a/__tests__/registries/npm-registry.js
 b/__tests__/registries/npm-registry.js
+@@ -750,6 +750,30 @@
+ 
+ expect(npmRegistry.getRequestUrl(registry, 
pathname)).toEqual('https://my.registry.co/registry/foo/bar/baz');
+   });
++
++  for (const host of [`registry.yarnpkg.com`, `registry.npmjs.org`, 
`registry.npmjs.com`]) {
++test(`enforces loading packages through https when they come from 
${host}`, () => {
++  const testCwd = '.';
++  const {mockRequestManager, mockRegistries, mockReporter} = 
createMocks();
++  const npmRegistry = new NpmRegistry(testCwd, mockRegistries, 
mockRequestManager, mockReporter, true, []);
++  const registry = `http://${host}/registry`;
++  const pathname = 'foo/bar/baz';
++
++  expect(npmRegistry.getRequestUrl(registry, 
pathname)).toEqual(`https://${host}/registry/foo/bar/baz`);
++});
++  }
++
++  test("doesn't change the protocol for packages from other registries", () 
=> {
++const testCwd = '.';
++const {mockRequestManager, mockRegistries, mockReporter} = createMocks();
++const npmRegistry = new NpmRegistry(testCwd, mockRegistries, 
mockRequestManager, mockReporter, true, []);
++const registry = 'http://registry.mylittlepony.org/registry';
++const pathname = 'foo/bar/baz';
++
++expect(npmRegistry.getRequestUrl(registry, pathname)).toEqual(
++  'http://registry.mylittlepony.org/registry/foo/bar/baz',
++);
++  });
+ });
+ 
+ describe('getScope functional test', () => {
+--- a/src/registries/npm-registry.js
 b/src/registries/npm-registry.js
+@@ -22,6 +22,7 @@
+ import ini from 'ini';
+ 
+ const DEFAULT_REGISTRY = 'https://registry.npmjs.org/';
++const REGEX_REGISTRY_ENFORCED_HTTPS = 
/^https?:\/\/([^\/]+\.)?(yarnpkg\.com|npmjs\.(org|com))(\/|$)/;
+ const REGEX_REGISTRY_HTTP_PROTOCOL = /^https?:/i;
+ const REGEX_REGISTRY_PREFIX = /^(https?:)?\/\//i;
+ const REGEX_REGISTRY_SUFFIX = /registry\/?$/;
+@@ -112,13 +113,17 @@
+   }
+ 
+   getRequestUrl(registry: string, pathname: string): string {
+-const isUrl = REGEX_REGISTRY_PREFIX.test(pathname);
++let resolved = pathname;
+ 
+-if (isUrl) {
+-  return pathname;
+-} else {
+-  return url.resolve(addSuffix(registry, '/'), pathname);
++if (!REGEX_REGISTRY_PREFIX.test(pathname)) {
++  resolved = url.resolve(addSuffix(registry, '/'), pathname);
+ }
++
++if (REGEX_REGISTRY_ENFORCED_HTTPS.test(resolved)) {
++  resolved = resolved.replace(/^http:\/\//, 'https://');
++}
++
++return resolved;
+   }
+ 
+   isRequestToRegistry(requestUrl: string, registryUrl: string): boolean {
diff --git a/debian/patches/series b/debian/patches/series
index f3c856f99..7c03222a8 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,3 +9,4 @@
 08-cli-table3.diff
 09-buffer_from.diff
 10-babel-plugin-inline-import.diff
+CVE-2019-5448.diff

Re: Bits from the Release Team: ride like the wind, Bullseye!

[Ben Hutchings]

On Sun, 2019-07-21 at 10:55 -0300, Ivo De Decker wrote:
> Hi Ben,
> 
> Sorry for not getting back to you about this earlier.
> 
> On 7/7/19 3:43 PM, Ben Hutchings wrote:
> > On Sun, 2019-07-07 at 02:47 +0100, Jonathan Wiltshire wrote:
> > [...]
> > > No binary maintainer uploads for bullseye
> > > =
> > > 
> > > The release of buster also means the bullseye release cycle is about to 
> > > begin.
> > >  From now on, we will no longer allow binaries uploaded by maintainers to
> > > migrate to testing. This means that you will need to do source-only 
> > > uploads if
> > > you want them to reach bullseye.
> > 
> > I support this move in principle, but:
> > 
> > >Q: I already did a binary upload, do I need to do a new (source-only) 
> > > upload?
> > >A: Yes (preferably with other changes, not just a version bump).
> > > 
> > >Q: I needed to do a binary upload because my upload went to the NEW 
> > > queue,
> > >   do I need to do a new (source-only) upload for it to reach bullseye?
> > >A: Yes. We also suggest going through NEW in experimental instead of 
> > > unstable
> > >   where possible, to avoid disruption in unstable.
> > [...]
> > 
> > This is not going to fly for src:linux.  We can't stage ABI bumps in
> > experimental as we typically have a different upstream versions in
> > unstable and experimental.  We even need to do ABI bumps in stable from
> > time to time.
> 
> We are aware that src:linux is a special case here. I added an exception 
> for the arch:all binaries from src:linux. When the next ABI bump in 
> unstable happens, feel free to let me know, so that I can check if it 
> works as expected.

linux version 5.2.17-1 was the first version that included an ABI bump
and did not have any regressions that blocked it from testing.  It has
transitioned to testing including the developer-built arch:all
packages, so I believe that this exception works.  Thank you!

Ben.

-- 
Ben Hutchings
Unix is many things to many people,
but it's never been everything to anybody.




signature.asc
Description: This is a digitally signed message part

Bug#934630: transition: octave

[Sébastien Villemot]

Le jeudi 03 octobre 2019 à 09:14 +0200, Paul Gevers a écrit :

> Octave has now been built everywhere. Will you take care of all the
> failures in the reverse build depends? There are 16 packages that need
> your attention before octave can migrate. I filed one FTBFS bug already,
> but waiting for autoremoval isn't the way forward.

I intend to work on the failures, beginning with the packages are not
maintained by the Debian Octave Group (since their maintainers are not
responsible for the situation). Clearly there are more failures than I
had anticipated, but that should still be manageable.

-- 
⢀⣴⠾⠻⢶⣦⠀  Sébastien Villemot
⣾⠁⢠⠒⠀⣿⡁  Debian Developer
⢿⡄⠘⠷⠚⠋⠀  http://sebastien.villemot.name
⠈⠳⣄  http://www.debian.org



signature.asc
Description: This is a digitally signed message part

Bug#935737: transition: perl

[Dominic Hargreaves]

On Thu, Oct 03, 2019 at 01:05:02PM +0200, Paul Gevers wrote:
> Hi Niko, Dom,
> 
> On 25-08-2019 20:39, Niko Tyni wrote:
> > Please let us know when we might get a transition slot.  Both of us
> > are currently rather taken by real life stuff, so would appreciate an
> > advance warning if possible.
> 
> As discussed on IRC, if you are ready to go in a couple of days (let
> say, 5), we can start, otherwise please let us know and we can continue
> with other transitions first.

Hello

Yes, I am able to cut a release and upload on Saturday (morning Europe
time).

Cheers
Dominic.

Bug#894663: Raising severity of wxwidgets3.0-gtk transition blockers

[Olly Betts]

severity 933407 serious
severity 933408 serious
severity 933411 serious
severity 933412 serious
severity 933415 serious
severity 933416 serious
severity 933419 serious
severity 933424 serious
severity 933425 serious
severity 933426 serious
severity 933427 serious
severity 933431 serious
severity 933433 serious
severity 933434 serious
severity 933435 serious
severity 933438 serious
severity 933440 serious
severity 933441 serious
severity 933442 serious
severity 933445 serious
severity 933451 serious
severity 933457 serious
severity 933459 serious
severity 933462 serious
severity 933463 serious
severity 933465 serious
severity 933466 serious
severity 933469 serious
severity 933473 serious
severity 933474 serious
severity 933475 serious
severity 933476 serious
severity 933478 serious
severity 933479 serious
severity 934096 serious
severity 934097 serious
severity 934098 serious
severity 933439 serious
severity 933458 serious
thanks

> We plan to remove the wxwidgets3.0 GTK2 packages before bullseye.  Please
> test *now* if you haven't already and report any problems you find.  If
> you don't find any problems, please upload your package.
>
> The severity of remaining bugs will be raised to "serious" once known
> blockers have been addressed.

All known blockers in wxwidgets3.0 have now been addressed, so I'm
raising the severity of remaining bugs.

Cheers,
Olly

Bug#939890: buster-pu: package rpcbind/1.2.5-0.3+deb10u1

[Josue Ortega]

Hi,

I've included the recommended changes for the fix:

rpcbind (1.2.5-0.3+deb10u1) buster; urgency=medium

  * Add 00-rmt-calls.patch (Closes: #939877):
+ Add command line option to enable remote calls at runtime
+ Refresh debian/patches
  * debian/control: Update maintainer information
  * Add debian/README.debian explaining remote calls activation for
Debian systems
  * Add debian/NEWS

$ debdiff rpcbind_1.2.5-0.3.dsc rpcbind_1.2.5-0.3+deb10u1.dsc | diffstat

 NEWS|   12 ++
 README.debian   |   11 ++
 changelog   |   12 ++
 control |2 
 patches/00-rmt-calls.patch  |  118

 patches/02-manpages.patch   |4 
 patches/03-563971-warmstart-error-msg.patch |   14 +-
 patches/04-610718-non-linux.patch   |2 
 patches/rpcinfo-Fix-stack-buffer-overflow.patch |4 
 patches/run-migration   |2 
 patches/series  |1 
 11 files changed, 167 insertions(+), 15 deletions(-)

The debdiff is attached.

Regards

--Josue


diff -Nru rpcbind-1.2.5/debian/NEWS rpcbind-1.2.5/debian/NEWS
--- rpcbind-1.2.5/debian/NEWS	1969-12-31 18:00:00.0 -0600
+++ rpcbind-1.2.5/debian/NEWS	2019-09-09 12:19:21.0 -0600
@@ -0,0 +1,12 @@
+rpcbind (1.2.5-0.3+deb10u1) buster; urgency=medium
+
+  Since version 1.2.5 upstream has turned off the remote calls functionality
+  in order to improve security. This can be turned on at build time.
+  This functionality caused rpcbind to open up random listening ports. This
+  change broke up broadcasts requests to rpcbind making systems depending
+  on this feature unusable, e.g. NIS systems.
+  
+  This release accepts the new command line parameter 'r' to turn on the
+  remote calls functionality when needed.
+
+ -- Josue Ortega   Tue, 17 Sep 2019 19:08:34 -0600
diff -Nru rpcbind-1.2.5/debian/README.debian rpcbind-1.2.5/debian/README.debian
--- rpcbind-1.2.5/debian/README.debian	1969-12-31 18:00:00.0 -0600
+++ rpcbind-1.2.5/debian/README.debian	2019-09-09 12:19:21.0 -0600
@@ -0,0 +1,11 @@
+rpcbind for Debian
+--
+Since version 1.2.5 due to security concerns upstream has turned off
+the remote calls functionality by default and added a configuration
+flag at build time to enable it.
+This functionality caused rpcbind to open up random listening ports.
+With remote calls turned off rpcbind stops to receive any broadcast query
+causing breakage on systems depending on this feature, e.g., NIS systems.
+
+On Debian systems the remote calls can be turned on at run-time using
+the command line argument 'r'. See rpcbind(8) for more details.
diff -Nru rpcbind-1.2.5/debian/changelog rpcbind-1.2.5/debian/changelog
--- rpcbind-1.2.5/debian/changelog	2018-10-22 04:54:11.0 -0600
+++ rpcbind-1.2.5/debian/changelog	2019-09-09 12:19:21.0 -0600
@@ -1,3 +1,15 @@
+rpcbind (1.2.5-0.3+deb10u1) buster; urgency=medium
+
+  * Add 00-rmt-calls.patch (Closes: #939877):
++ Add command line option to enable remote calls at runtime
++ Refresh debian/patches
+  * debian/control: Update maintainer information
+  * Add debian/README.debian explaining remote calls activation for
+Debian systems
+  * Add debian/NEWS
+
+ -- Josue Ortega   Mon, 09 Sep 2019 12:19:21 -0600
+
 rpcbind (1.2.5-0.3) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru rpcbind-1.2.5/debian/control rpcbind-1.2.5/debian/control
--- rpcbind-1.2.5/debian/control	2018-10-20 05:18:17.0 -0600
+++ rpcbind-1.2.5/debian/control	2019-09-09 12:19:21.0 -0600
@@ -1,7 +1,7 @@
 Source: rpcbind
 Section: net
 Priority: optional
-Maintainer: Anibal Monsalve Salazar 
+Maintainer: Josue Ortega 
 Build-Depends: debhelper (>= 11), pkg-config, libtirpc-dev (>= 1.0.2), libwrap0-dev, libsystemd-dev [linux-any]
 Standards-Version: 4.2.1
 Homepage: http://sourceforge.net/projects/rpcbind/
diff -Nru rpcbind-1.2.5/debian/patches/00-rmt-calls.patch rpcbind-1.2.5/debian/patches/00-rmt-calls.patch
--- rpcbind-1.2.5/debian/patches/00-rmt-calls.patch	1969-12-31 18:00:00.0 -0600
+++ rpcbind-1.2.5/debian/patches/00-rmt-calls.patch	2019-09-09 12:19:21.0 -0600
@@ -0,0 +1,118 @@
+Description: Add command line option to enable remote calls at runtime instead build time
+Author: Josue Ortega 
+Last-Update: 2019-09-17
+
+
+--- a/Makefile.am
 b/Makefile.am
+@@ -29,10 +29,6 @@
+ AM_CPPFLAGS +=	-DLIBWRAP
+ endif
+ 
+-if RMTCALLS
+-AM_CPPFLAGS +=	-DRMTCALLS
+-endif
+-
+ bin_PROGRAMS = rpcinfo
+ sbin_PROGRAMS = rpcbind
+ 
+--- a/src/rpcbind.c
 b/src/rpcbind.c
+@@ -88,6 +88,7 @@
+ int doabort = 0;	/* When debugging, do an abort on errors */
+ int dofork = 1;		/* fork? */
+ int createdsocket = 0;  /* Did I create the socket or systemd did it for me? */
++int rmtcalls = 0; /* 

Bug#941713: buster-pu: package ntpsec/1.1.3+dfsg1-2+deb10u1

[Richard Laager]

Subject: buster-pu: package ntpsec/1.1.3+dfsg1-2+deb10u1
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: pu
Tags: buster
Severity: normal

This is my first time with the Debian proposed update process (though I
have done my own Ubuntu SRU once), so please bear with me and let me
know if I've done anything wrong.

The debdiff from the current version in Buster is attached. All of these
fixes are in the version of ntpsec in Debian unstable.


This upload is to fix several things, most importantly the first two:

* Backport fix for slow DNS retries (Closes: 924192)

The user described this pretty well, "What seems to be happening is that
if DNS is not immediately available when ntpsec starts, it waits about
10 minutes before trying again. Ten minutes is too long."

This is fixed by backporting an upstream commit which has made it into
an upstream point release.


* Fix ntpdate -s (syslog) to fix the if-up hook (Closes: 931414)

Here, the if-up hook script failed to work at all. It did not trigger
the time to be synchronized. This was ultimately due to upstream's
ntpdate wrapper, which was converting -s (for "log to syslog") to
ntpdig -p.  This is wrong, as ntpdig -p is for the number of samples and
requires a parameter.  The ntpdig man page says, "This version does not
log to syslog. Pipe standard output and standard error to logger(1) if
you want this behavior.

This was fixed by me implementing the syslog (piping to logger) behavior
in the ntpdate wrapper script. I submitted the patch upstream, it was
accepted, has made it into an upstream point release, and I have pulled
it into this backport update.



It may be controversial that I'm including fixes for bugs in man pages,
including some without Debian bug numbers. The fixes below are trivial
and only affect two (related) man pages. I likely would not have made a
buster update for them alone, but since I'm making an update anyway, it
seemed reasonable to me to include those fixes.



* ntpdate.8: Remove -p option (Closes: 926877)

The ntpdate -p option (not to be confused with the above discussion of
ntpdig -p) no longer exists. This bug is not that critical, but the fix
is trivial and low risk (as it's just to a man page).

* ntpdate.8: Remove -e option

No bug was filed for this, but this was discovered while fixing the
other issue. The -e option is gone too. I removed it from the man pages.
Again, this fix is trivial and low risk (just a man pages change).

* ntpdate.8: Remove duplicated -o option

This was also discovered while reviewing the ntpdate man page. The -o
option was listed twice. This is another trivial (single character
removal, in this case) fix to the man pages.

* ntpdate.8: Remove inaccurate BUGS section

The ntpdate man page has a BUGS section that says its "slew adjustment
is actually 50% larger than the measured offset". This is completely
wrong, which I verified with upstream. The NTPsec implementation of
ntpdate is just a wrapper script around ntpdig, which does not have this
behavior. This is fixed by removing the inaccurate information from the
man page.

* Update ntpdate-debian.8 to match ntpdate.8

The Debian packaging of NTPsec has an ntpdate-debian utility that is
itself a wrapper around ntpdate. This approach is inherited from the
Debian "ntp" package (upstream ntpsec is a fork of upstream ntp). The
man pages were inconsistent. This fixes the ntpdate-debian man page by
adding the missing -4 and -6 flags, strips some EOL whitespace, and
updates the body text to match, including mentioning the server argument(s).


-- 
Richard
diff -Nru ntpsec-1.1.3+dfsg1/debian/changelog 
ntpsec-1.1.3+dfsg1/debian/changelog
--- ntpsec-1.1.3+dfsg1/debian/changelog 2019-02-04 01:38:48.0 -0600
+++ ntpsec-1.1.3+dfsg1/debian/changelog 2019-10-04 00:21:09.0 -0500
@@ -1,3 +1,15 @@
+ntpsec (1.1.3+dfsg1-2+deb10u1) buster; urgency=medium
+
+  * Backport fix for slow DNS retries (Closes: 924192)
+  * ntpdate.8: Remove duplicated -o option
+  * ntpdate.8: Remove -p option (Closes: 926877)
+  * ntpdate.8: Remove -e option
+  * ntpdate.8: Remove inaccurate BUGS section
+  * Update ntpdate-debian.8 to match ntpdate.8
+  * Fix ntpdate -s (syslog) to fix the if-up hook (Closes: 931414)
+
+ -- Richard Laager   Fri, 04 Oct 2019 00:21:09 -0500
+
 ntpsec (1.1.3+dfsg1-2) unstable; urgency=medium
 
   * Suppress lintian warning
diff -Nru ntpsec-1.1.3+dfsg1/debian/gbp.conf ntpsec-1.1.3+dfsg1/debian/gbp.conf
--- ntpsec-1.1.3+dfsg1/debian/gbp.conf  2019-02-04 01:38:48.0 -0600
+++ ntpsec-1.1.3+dfsg1/debian/gbp.conf  2019-10-04 00:19:41.0 -0500
@@ -1,5 +1,5 @@
 [DEFAULT]
-debian-branch = sid
+debian-branch = buster
 
 [buildpackage]
 sign-tags = True
diff -Nru ntpsec-1.1.3+dfsg1/debian/man/ntpdate.8 
ntpsec-1.1.3+dfsg1/debian/man/ntpdate.8
--- ntpsec-1.1.3+dfsg1/debian/man/ntpdate.8 2019-02-04 01:38:48.0 
-0600
+++ ntpsec-1.1.3+dfsg1/debian/man/ntpdate.8 2019-09-27 02:12:22.0 
-0

Bug#940685: buster-pu: libsixel/1.8.2-1+deb10u1

[Takatsugu Nokubi]

On Sat, 21 Sep 2019 20:47:25 +0100 "Adam D. Barratt"
 wrote:
> Control: tags -1 + moreinfo
> What environment were the amd64 packages that you uploaded built in?

Sorry, I had built on a stretch environment, so I rebuild it with
git-pbuilder environment,
tested with piuparts, and had uploaded.