Bug#1110489: bookworm-pu: package openssl/3.0.17-1~deb12u2

On 2025-08-08 18:55:22 [+0100], Adam D. Barratt wrote: > Thanks for the quick response, and for preparing the update. > > I released it as SUA 271 earlier today. Thank you Adam. > Regards, > > Adam Sebastian

Bug#1110489: bookworm-pu: package openssl/3.0.17-1~deb12u2

ethod to open the given URI early") +- a468bdb02531e ("Add test_verify tests") +Closes: #1110254 + + -- Sebastian Andrzej Siewior Tue, 05 Aug 2025 09:09:41 +0200 + openssl (3.0.17-1~deb12u1) bookworm; urgency=medium * Import 3.0.17 diff -Nru openssl-3.0.17/debian/patches/Re

Bug#1110254: [Pkg-openssl-devel] Bug#1110254:

control: forwarded -1 https://github.com/openssl/openssl/issues/28171 On 2025-08-05 11:00:52 [+1000], Daniel Black wrote: > upstream lodged: https://github.com/openssl/openssl/issues/28171 Thank you. Sebastian

Bug#1109207: bookworm-pu: package openssl/3.0.17-1~deb12u1

On 2025-08-05 07:51:28 [+0200], To Jonathan Wiltshire wrote: > > > On 3 August 2025 13:06:25 CEST, Jonathan Wiltshire wrote: > >Hi, > Hi, > > >There are reports of the updated libssl3 causing segfaults in linked > >applications; please see #1110254. > > I prepared a revert of three commits and

Bug#1109207: bookworm-pu: package openssl/3.0.17-1~deb12u1

On 3 August 2025 13:06:25 CEST, Jonathan Wiltshire wrote: >Hi, Hi, >There are reports of the updated libssl3 causing segfaults in linked >applications; please see #1110254. I prepared a revert of three commits and it has been confirmed that it solves the reported segfaults. Do you prefer th

Bug#1110254: [Pkg-openssl-devel] Bug#1110254: libssl3: segfault in libcrypto.so.3

On 2025-08-04 08:37:42 [+0800], Jim Barber wrote: > > Jim, can you confirm this? > > Hi Sebastian. Hi Jim, > I'm happy to give it a go, but will need a bit of guidance since I'm > not a Debian developer. Don't worry, I prepared an update at https://breakpoint.cc/openssl-3.0.17-1~deb12u2.tar Ca

Bug#1110254: [Pkg-openssl-devel] Bug#1110254: libssl3: segfault in libcrypto.so.3

On 2 August 2025 17:24:36 CEST, Stefan Ehmann wrote: >If I revert > >(and also 7141330fb98ceab643729f2d0f445f79f26addce), ebook-convert works fine >again. Jim, can you confirm this? > >According to the commen

Bug#1109207: bookworm-pu: package openssl/3.0.17-1~deb12u1

On 3 August 2025 13:06:25 CEST, Jonathan Wiltshire wrote: >Hi, Hi, >There are reports of the updated libssl3 causing segfaults in linked >applications; please see #1110254. I've seen it. Kurt poked upstream. The referenced bug report mentioned a commit which has been reverted by the reporter

Bug#1109207: bookworm-pu: package openssl/3.0.17-1~deb12u1

On 30 July 2025 20:56:40 CEST, Jonathan Wiltshire wrote: >Hi, Hi, >Time is of the essence though. Would you be happy with the following? > >| This routine update to OpenSSL fixes a number of miscellaneous minor >| bugs. An expedited release of this update is necessary to enable updates >| in

Bug#1108504: bookworm-pu: package clamav/1.0.9+dfsg-1~deb12u1

On 2025-07-19 19:14:28 [+0100], Adam D. Barratt wrote: > On Sun, 2025-06-29 at 23:32 +0200, Sebastian Andrzej Siewior wrote: > > ClamAV upstream released 1.0.9 which is their LTS version matching > > the release in Bookworm. It addresses two CVEs: > > > > - CVE-2025-201

Bug#1088320: libdpkg-perl: Enable generation of sframes.

On 2024-12-20 22:10:15 [+0100], To Guillem Jover wrote: > Hi, Hi, just wanted to add there is an article on lwn https://lwn.net/Articles/1029189/ about work in the linux kernel to get this support into perf. It also mentions that V3 the Sframe format is in the work with the goal of deploy

Bug#1109207: bookworm-pu: package openssl/3.0.17-1~deb12u1

On 2025-07-13 15:10:50 [+0200], Simon Josefsson wrote: > Sebastian Andrzej Siewior writes: > > > --- openssl-3.0.16/CHANGES.md 2025-02-11 15:47:41.0 +0100 > > +++ openssl-3.0.17/CHANGES.md 2025-07-01 14:11:11.0 +0200 > ... > > + * SSLv3 is b

Bug#1108958: unblock: openssl

Control: tags -1 -moreinfo On 2025-07-13 11:34:49 [+0200], Paul Gevers wrote: > > Hi, Hi, > Please go ahead and please removed the moreinfo tag when the package has > been uploaded. Uploaded to ssh-upload. Thank you. > Paul > Sebastian

Bug#1107854: unblock: git/1:2.49.0-2.1

On 2025-06-22 17:53:05 [+0200], Paul Gevers wrote: > Please go ahead. quick question: Is this bug obsolete and can be closed now that this goes to testing via pu? > Paul Sebastian

Bug#1107854: unblock: git/1:2.49.0-2.1

Lv2 text (thx +Santiago Vila; closes: #1106311). + + -- Sebastian Andrzej Siewior Sun, 22 Jun 2025 12:23:29 +0200 + git (1:2.47.2-0.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru git-2.47.2/debian/git.links git-2.47.2/debian/git.links --- git-2.47.2/debian/git.links 2025-01

Bug#1107854: unblock: git/1:2.49.0-2.1

On 2025-06-22 17:53:05 [+0200], Paul Gevers wrote: > On 22-06-2025 13:47, Sebastian Andrzej Siewior wrote: > > > Please find attached the diff addressing just this single bug. > > > > again, now with proper suite. > > > Please go ahead. Thanks, done. > Paul Sebastian

Bug#1107854: unblock: git/1:2.49.0-2.1

. + * debian/rules: remove overly strict check for license file +content matching base-files. This unbreaks the build on +builders with an updated copy of the GPLv2 text (thx +Santiago Vila; closes: #1106311). + + -- Sebastian Andrzej Siewior Sun, 22 Jun 2025 13:21:11 +0200 + git (1:

Bug#1107854: unblock: git/1:2.49.0-2.1

On 2025-06-19 22:02:00 [+0200], Paul Gevers wrote: > Control: tags -1 moreinfo > > Hi, Hi, > On 16-06-2025 00:16, Sebastian Andrzej Siewior wrote: > > The version in testing is 2.47.2 while unstable had 2.49.0 for a while. > > This makes diff rather huge (15MiB) therefore

Bug#1095913: ca-certificates: missing mozilla/Sectigo_Public_Server_Authentication_Root_R46.crt in bookworm and earlier

On 2025-06-16 14:39:42 [+0200], Julien Cristau wrote: > Hi Sebastian, Hi Julien, > On Sat, Jun 14, 2025 at 20:55:43 +0200, Sebastian Andrzej Siewior wrote: > > > I don't object this change in any way. I just want to point that if > > connections errors are observed b

Bug#1107854: unblock: git/1:2.49.0-2.1

mand line parsing patches for proper handling on big +endian machines. (Closes: #1106786). + + -- Sebastian Andrzej Siewior Fri, 06 Jun 2025 18:07:16 +0200 + +git (1:2.49.0-2) unstable; urgency=medium + + * debian/rules: remove overly strict check for license file +content matching base-fil

Bug#1107854: unblock: git/1:2.49.0-2.1

Package: release.debian.org Control: affects -1 + src:git X-Debbugs-Cc: g...@packages.debian.org User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: jrnie...@gmail.com Severity: normal Please unblock package git This is a preliminary unblock request for the git package. T

Bug#1095913: ca-certificates: missing mozilla/Sectigo_Public_Server_Authentication_Root_R46.crt in bookworm and earlier

On 2025-06-12 19:40:45 [+0200], Julien Cristau wrote: > > CA vendor Entrust has started selling server certificates with a chain that > > ends in > > > > mozilla/Sectigo_Public_Server_Authentication_Root_R46.crt > > > > This selfsigned CA root does not exist in ca-certificates currently present >

Bug#1106786: git ftbfs on s390x (test failures)

On 2025-06-07 11:31:07 [+0200], Jonathan Nieder wrote: > New uploads coming later today. :) I don't want to rush or anything but… If you want me to prepare an unblock request before the upload happens or so, just say so ;) > For the future: in general if you prepare a "git format-patch" format >

Bug#1106786: git ftbfs on s390x (test failures)

On 2025-06-07 10:38:12 [+0200], Jonathan Nieder wrote: > Hi Sebastian, Hi Jonathan, > Sebastian Andrzej Siewior wrote: > > >> Even after the fix from https://bugs.debian.org/1102106, git ftbfs on > >> s390x. Filing as a separate bug because this is a different failure.

Bug#1106786: git ftbfs on s390x (test failures)

106786). + + -- Sebastian Andrzej Siewior Fri, 06 Jun 2025 18:07:16 +0200 + git (1:2.49.0-2) unstable; urgency=medium * debian/rules: remove overly strict check for license file diff -Nru git-2.49.0/debian/patches/0001-parse-fix-off-by-one-for-minimum-signed-values.patch git-2.49.0/debian/p

Bug#1104813: Not trivial to fix

On 2025-05-29 13:31:40 [+0200], Jordi Mallach wrote: > Hi! Hi, > I attempted getting rid of the embbeded libs in the past, and the > result was quite a disaster for several reasons. The biggest offender, > ckeditor, was not compatible with the one distributed by Debian, but I > will revisit this n

Bug#1106738: unblock: openssl/3.5.0-2

1,3 +1,11 @@ +openssl (3.5.0-2) unstable; urgency=medium + + * Fix P-384 curve on lower-than-P9 PPC64 targets Closes: #1106516). + * CVE-2025-4575 ("The x509 application adds trusted use instead of +rejected use") (Closes: #1106322). + + -- Sebastian Andrzej Siewior Wed, 28 May

Bug#1106516: [Pkg-openssl-devel] Bug#1106516: Bug#1106516: libssl3t64: illegal instruction in ppc64el

control: tags -1 serious On 2025-05-25 20:45:06 [+0200], Kurt Roeckx wrote: > I agree with the serious severity. > > Upstream planned to release 3.5.1 a month after 3.5.0, but that didn't > happen yet. I've asked them about the plans. Okay. I plan to prepare an upload tomorrow. Please let me kn

Bug#1106516: [Pkg-openssl-devel] Bug#1106516: Bug#1106516: libssl3t64: illegal instruction in ppc64el

On 2025-05-25 15:17:24 [+0200], Kurt Roeckx wrote: > I think this has been fixed upstream in > https://github.com/openssl/openssl/pull/27429 > > There has not been an upstream release since the fix. I would upgrade the severity to serious because ppc64el is a release atch and the CPU is support

Bug#1102957: geventhttpclient: diff for NMU version 2.3.3-1.1

* Non-maintainer upload. + * Add patch to fix the testuite with OpenSSL 3.5 (Closes: #1102957). + + -- Sebastian Andrzej Siewior Fri, 23 May 2025 21:06:15 +0200 + geventhttpclient (2.3.3-1) unstable; urgency=medium * New upstream release diff -Nru geventhttpclient-2.3.3/debian/patches/s

Bug#1102957: [Pkg-openssl-devel] Bug#1102957: Bug#1102957: geventhttpclient: FTBFS in testing: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p 3.13 returned exit code 13

> > Unsurprisingly this is caused by libssl. debbisect points to: > > I'm pretty busy the upcomming week so I won't be able to take a look. So > far this is the only bug reported against openssl 3.5 vs 3.4… turns out openssl is innocent. A patch is attached. > > Chris

Bug#1102957: [Pkg-openssl-devel] Bug#1102957: geventhttpclient: FTBFS in testing: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p 3.13 returned exit code 13

On 2025-04-30 15:26:54 [+0200], Chris Hofstaedtler wrote: > Control: reassign -1 libssl3t64 > Control: affects -1 src:geventhttpclient … > Unsurprisingly this is caused by libssl. debbisect points to: > > bisection finished successfully > last good timestamp: 20250408T205804Z > first bad times

Bug#1102453: [Pkg-openssl-devel] Bug#1102453: libssl-doc: error when regenerating man pages

On 2025-04-09 10:18:05 [+0200], Eric Valette wrote: > Package: libssl-doc > Version: 3.5.0-1 > Severity: normal > > Processing triggers for man-db (2.13.0-1) ... > /usr/bin/mandb: warning: whatis for X509_CINF_new.3ssl.gz exceeds 8192 bytes, > truncating. > /usr/bin/mandb: warning: whatis for i2d

Bug#1102132: RFP: anubis -- Weigh the soul of incoming HTTP requests using proof-of-work to stop AI crawlers

Package: wnpp Severity: wishlist * Package name: anubis Version : v1.15.2 Upstream Contact: Xe Iaso * URL : https://anubis.techaro.lol/ * License : MIT License Programming Lang: GO, js. Description : Weigh the soul of incoming HTTP requests using proof

Bug#1101074: nodejs: FTBFS with OpenSSL 3.5

On 2025-03-22 22:38:32 [+0100], Jérémy Lal wrote: > Can this wait until nodejs 20.19.0 migrates to testing ? It should happen > in ~ two days. Could you please upload the fixed nodejs soonish? The final openssl 3.5 release is aimed for the 8th April. If nodejs could migrate before that, then opens

Bug#1101074: nodejs: FTBFS with OpenSSL 3.5

On 2025-03-22 22:38:32 [+0100], Jérémy Lal wrote: > Thank you. > Can this wait until nodejs 20.19.0 migrates to testing ? It should happen > in ~ two days. Sure. OpenSSL is at alpha1, it will take a while until there is a final release. > Jérémy Sebastian

Bug#1101074: nodejs: FTBFS with OpenSSL 3.5

Package: nodejs Version: 20.19.0+dfsg-1 Severity: important Tags: sid patch control: affects -1 src:openssl User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-3.5 The testsuite fails with OpenSSL 3.5 (currently in experimental) due to changed syntax in the openssl binary. This is fi

Bug#1101045: m2crypto: FTBFS with OpenSSL 3.5

increased with the new vrsion, isn't consumed by the testsuite. The patch attached fixes the issue. Sebastian From: Sebastian Andrzej Siewior Date: Sat, 22 Mar 2025 12:36:18 +0100 Subject: [PATCH] tests: Don't pass `-debug' to openssl. The HttpslibSSLSNIClientTestCase test starts &q

Bug#1101008: [Pkg-openssl-devel] Bug#1101008: openssl-ciphers.1ssl: Some remarks about this man page

On 2025-03-21 17:53:28 [+], Bjarni Ingi Gislason wrote: >* What led up to the situation? > > Checking for defects with a new version … Would you mind sending a patch? Sebastian

Bug#1096245: libnet-ssleay-perl: FTBFS: dh_auto_test: error: make -j8 test TEST_VERBOSE=1 returned exit code 2

control: tags -1 patch > Hi, > > During a rebuild of all packages in sid, your package failed to build > on amd64. I was working on it but then got distracted and now here is the patch. Sebastian From: Sebastian Andrzej Siewior Date: Tue, 18 Feb 2025 18:57:15 +0100 Subject: [

Bug#1094436: xz.1: Some remarks and a patch with editorial changes for this man page

On 2025-01-28 06:52:30 [+], Bjarni Ingi Gislason wrote: > General remarks and further material, if a diff-file exist, are in the > attachments. I would consider to apply the patch attached to fix the table thingy and be done with it. Do you intend to submit a patch for the other issues? Coul

Bug#1094245: New upstream version xxx

"New upstream > version" >2e006444Sebastian Andrzej Siewior Sun Oct 6 10:46:41 2024 > +0200 New upstream version 5.6.3 … This is the import of the orig tarball into git. > I note the upstream maintainer is now signing release archives, but we still > hav

Bug#1092307: [Pkg-openssl-devel] Bug#1092307: Bug#1092307: openssl: relocation R_LARCH_PCALA_HI20 against `OPENSSL_loongarch_hwcap_P` can not be used when making a shared object

On 2025-01-14 13:50:33 [+0100], Kurt Roeckx wrote: > This was fixed upstream with pr #26336 okay, thanks. I will will probably wait until new upstream release gets out. The current 3.4 upload is almost in testing ;) Sebastian

Bug#1091505: ruby3.3: diff for NMU version 3.3.6-1.1

ccess internet (Closes: #1091505). + + -- Sebastian Andrzej Siewior Fri, 10 Jan 2025 21:56:50 +0100 + ruby3.3 (3.3.6-1) unstable; urgency=medium [ Sylvain Beucler ] diff -Nru ruby3.3-3.3.6/debian/patches/ruby3.3-ruby-openssl-Only-CSR-version-1-encoded-as-0-is-allo.patch ruby3.3-3.3.6/debian/pa

Bug#1091505: ruby3.3: will FTBFS during trixie support period

On 2025-01-10 20:12:01 [+0100], Santiago Vila wrote: > Hi. Hi, > Note that for the purposes of fixing the bug it would be enough > if you refactor the test to assume that the internet connection > would never succeed, i.e. you can save the connection > altogether and do as if it always failed. If

Bug#1091505: ruby3.3: will FTBFS during trixie support period

On 2025-01-10 18:49:44 [+0100], Santiago Vila wrote: > You are absolutely right. This is not a "will fail to build in the future" > type of bug but a "tries to access Internet during build" bug. > > Such bugs are already RC, and have been for a long time, so I'm adjusting > the metadata accordingl

Bug#1091505: ruby3.3: will FTBFS during trixie support period

On 2024-12-27 18:52:20 [+], Santiago Vila wrote: > 1) Failure: > TestGemBundledCA#test_accessing_rubygems > [/<>/test/rubygems/test_bundled_ca.rb:47]: > rubygems.org is not verifiable using the included certificates. Error was: > SSL_connect returned=1 errno=0 peeraddr=[2a04:4e42:400::483]:

Bug#1087954: ruby3.3: diff for NMU version 3.3.6-1.1

L 3.4 (Closes: #1087954). + + -- Sebastian Andrzej Siewior Fri, 10 Jan 2025 17:22:05 +0100 + ruby3.3 (3.3.6-1) unstable; urgency=medium [ Sylvain Beucler ] diff -Nru ruby3.3-3.3.6/debian/patches/ruby3.3-ruby-openssl-Only-CSR-version-1-encoded-as-0-is-allo.patch ruby3.3-3.3.6/debian/patches/ruby3.3

Bug#1092669: ruby3.1: diff for NMU version 3.1.2-8.5

with OpenSSL 3.4 (Closes: #1087960). + * CVE-2024-27282 ("Arbitrary memory address read vulnerability with Regex +search") (Closes: #1069969). + + -- Sebastian Andrzej Siewior Fri, 10 Jan 2025 15:56:56 +0100 + ruby3.1 (3.1.2-8.4) unstable; urgency=medium * Non-maintainer upload. di

Bug#1092650: m2crypto: diff for NMU version 0.42.0-2.1

valid test for X509_REQ_set_version() (Closes: #1085588). + * Raise proper error if load_key_bio() fails (Closes: #1091133). + * swig workaround: Shadow sys/types.h, discussed in #1091133. + + -- Sebastian Andrzej Siewior Fri, 10 Jan 2025 12:47:19 +0100 + m2crypto (0.42.0-2) unstable; urgency

Bug#1092307: [Pkg-openssl-devel] Bug#1092307: openssl: relocation R_LARCH_PCALA_HI20 against `OPENSSL_loongarch_hwcap_P` can not be used when making a shared object

On 2025-01-07 18:16:50 [+0800], zhangdandan wrote: > Compiling the openssl failed for loong64 in the Debian Package Auto-Building > environment. … > The full build log can be found at > https://buildd.debian.org/status/logs.php?pkg=openssl&ver=3.4.0-2&arch=loong64. > The version of the toolchain i

Bug#1091807: nodejs: FTBFS against OpenSSL 3.4

rom 2cbcd876e05864d6c81227cc22171e6f6b97a1d2 Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior Date: Tue, 31 Dec 2024 16:44:17 +0100 Subject: [PATCH 1/2] test: update error code in tls-psk-circuit for for OpenSSL 3.4 Update parallel/test-tls-psk-circuit.js to account for error code changes in OpenSSL 3.4 and probably la

Bug#1089455: [Pkg-clamav-devel] Bug#1089455: tomsfastmath: Supporting rootless builds by default

On 2024-12-30 11:23:08 [+0100], Niels Thykier wrote: > It would help me if you either uploaded this soon or approved the NMU > (enabling me to skip the delay). Thanks in advance. I uploaded it but I am not sure atm if it was accepted. I will check later today and make sure it has. > Best regards,

Bug#1088320: libdpkg-perl: Enable generation of sframes.

Control: tag -1 - moreinfo On 2024-12-17 02:19:30 [+0100], Guillem Jover wrote: > > Hi! Hi, > Thanks for the patch! This would involve the usual procedure to add > flags to the default set, as mentioned here: > > > https://wiki.debian.org/Teams/Dpkg/FAQ#Q:_Can_we_add_support_for_new_default_

Bug#1089242: guile-zlib: FTBFS with zlib-ng.

he test. This is my understanding and I just learned that guile exists. The patch attached increases the number of written bytes so that zlib-ng als writes immediately to the fd and throws the error. Sebastian From: Sebastian Andrzej Siewior Date: Sat, 7 Dec 2024 17:15:26 +0100 Subject: [PATCH] test:

Bug#1089059: visualboyadvance: FTBFS with zlib-ng

project. Sebastian >From 219b51a6b4733c0077c51f5a9f91bf1471057259 Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior Date: Wed, 4 Dec 2024 17:28:25 +0100 Subject: [PATCH] memgzio: Avoid using zutil.h The zutil.h file is part of zlib's internal headers. Certain declarations in that

Bug#1088778: ffmpeg: FTBFS with zlib-ng

Package: ffmpeg Version: 7:7.1-3 Severity: important Tags: sid patch control: affects -1 src:zlib-ng User: zlib...@tracker.debian.org Usertags: zlib-ng-ftbfs The testsuite of ffmpeg fails if compilied with zlib-ng because some of the created videos/ images use zlib compression which is different a

Bug#1088683: lighttpd: FTBFS with zlib-ng

On 2024-11-29 11:22:26 [-0500], Glenn Strauss wrote: > > lighttpd's testsuite fails if zlib-ng is used because it compares > > against the exact size of the compressed content. The patch attached > > updates it to ensure the compressed content is at least half of the > > input. > > Thank you for t

Bug#1088748: git-filter-repo: FTBFS with zlib-ng

against the compressed file size which changes with zlib-ng. The patch attached solves the situation and has been forwarded upstream. Sebastian From: Sebastian Andrzej Siewior Date: Sat, 30 Nov 2024 13:18:36 +0100 Subject: [PATCH] t9394: Mask compressed size for comparison. Instead of trying to

Bug#1088683: lighttpd: FTBFS with zlib-ng

ached updates it to ensure the compressed content is at least half of the input. Sebastian From: Sebastian Andrzej Siewior Date: Fri, 29 Nov 2024 15:55:13 +0100 Subject: [PATCH] tests: Don't test for exact compress zlib size. If zlibg-ng instead of zlib is used then the testsuite fails b

Bug#1002056: [Summary]: Supporting alternative zlib implementations

On 2024-11-25 22:03:32 [+0100], To debian-de...@lists.debian.org wrote: > On 2024-11-24 21:36:25 [+0100], To debian-de...@lists.debian.org wrote: > … > > I've been looking at cdebootstrap. It is one of the failing. This > happens in the rules files: > | ( echo -n "misc:Built-Using="; dpkg-query -

Bug#1088403: libreoffice: FTBFS with zlib-ng.

the tests creates a png file on the fly and its size is different due the zlib compression. The patch attached works around the issue by comparing a less-than value instead of exact size. Sebastian From: Sebastian Andrzej Siewior Date: Tue, 26 Nov 2024 22:57:38 +0100 Subject: [PATCH] vcl/qa

Bug#1088320: libdpkg-perl: Enable generation of sframes.

/all/cover.1726268190.git.jpoim...@kernel.org/ It would be nice if the compiled binaries could create the additional sframe so it is there and can be used to generate backtraces. This can coexist with the eh_frame. Sebastian From: Sebastian Andrzej Siewior Date: Tue, 26 Nov 2024 23:22:58 +0100

Bug#1002056: [Summary]: Supporting alternative zlib implementations

On 2024-11-24 21:36:25 [+0100], To debian-de...@lists.debian.org wrote: … I've been looking at cdebootstrap. It is one of the failing. This happens in the rules files: | ( echo -n "misc:Built-Using="; dpkg-query -f='${source:Package} (= | ${source:Version}), ' -W libc6-dev libdebian-installer4-de

Bug#1002056: [Summary]: Supporting alternative zlib implementations

On 2024-11-23 00:05:48 [+0100], To debian-de...@lists.debian.org wrote: > On 2024-11-22 12:29:51 [+0100], Guillem Jover wrote: > > Hi! > Hi, Hi, > > WIP package at . > > just built that. … One thing I didn't debug and it might be expecte

Bug#1088193: cpp-httplib: FTBFS with zlib-ng

Package: cpp-httplib Version: 0.16.3+ds-2 Severity: important Tags: sid patch control: affects -1 src:zlib-ng User: zlib...@tracker.debian.org Usertags: zlib-ng-ftbfs cpp-httplib FTBFS if build against zlib-ng instead of zlib. Sebastian From: Sebastian Andrzej Siewior Date: Sun, 24 Nov 2024 20

Bug#1002056: [Summary]: Supporting alternative zlib implementations

On 2024-11-22 12:29:51 [+0100], Guillem Jover wrote: > Hi! Hi, … > WIP package at . just built that. … > * To consider a switch we'd need to do a mass rebuild of the > archive. Ideally running autopkgtests and similar to exercise th

Bug#1087960: ruby3.1: Fix FTBFS against openssl 3.4

Package: ruby3.1 Version: 3.1.2-8.4 Severity: important Tags: sid patch control: affects -1 src:openssl User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-3.4 ruby3.1's testsuite fails against openssl 3.4. The problem is that the testuite tries a CSR version which was never defined

Bug#1087954: ruby3.3: Fix FTBFS against openssl 3.4

Package: ruby3.3 Version: 3.3.5-2 Severity: important Tags: sid patch control: affects -1 src:openssl User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-3.4 ruby3.3's testsuite fails against openssl 3.4. The problem is that the testuite tries a CSR version which was never defined an

Bug#1068024: Fwd: Accepted xz-utils 5.6.3-1 (source) into unstable

On 2024-10-24 23:38:31 [+0200], Thorsten Glaser wrote: > Do we trust these newer versions now? Yes. We started with 5.6.2 which was audited by upstream after the malicious party left. Sebastian

Bug#1085597: [Pkg-openssl-devel] Bug#1085597: Imported target "OpenSSL::Crypto" includes non-existent (still not fixed)

On 2024-10-20 17:20:50 [-0700], VDRU VDRU wrote: > I previously reported this for openssl 3.3.1-2 and it was incorrectly > marked as done/fixed in 3.3.1-6. This is *not* the case and the bug > still persists. The following is a copy of my original bug report, > which still applies: > > After updat

Bug#1085589: m2crypto: FTBFS on arm*

Package: m2crypto Version: 0.42.0-1 Severity: serious Tags: sid The package FTBFS on armel and armhf but used to build in the previous version. Sebastian

Bug#1085588: m2crypto: Remove invalid test for X509_REQ_set_version().

. Sebastian From: Sebastian Andrzej Siewior Date: Sun, 20 Oct 2024 21:14:11 +0200 Subject: [PATCH] test_x509: Use only X509_VERSION_1 (0) as version for CSR. RFC 2986 only defines a single version for CSRs: X509_VERSION_1 (0). OpenSSL starting with 3.4 rejects everything else. Remove the tests where

Bug#1085434: sscg: Fix csr issue with openssl 3.4

() resulting in a failure. Patch attached fixes the issue. Sebastian From: Sebastian Andrzej Siewior Date: Sat, 19 Oct 2024 15:43:20 +0200 Subject: [PATCH] x509: Use proper version for CSR. RFC 2986 only defines a single version for CSRs: X509_VERSION_1 (0). OpenSSL starting with 3.4 rejects

Bug#1085222: libnet-ssleay-perl: Update test for openssl 3.4.0+

othername, used via X509V3_EXT_print has been removed. This is exposed in the test. The patch attached updates the testsuite. Sebastian From: Sebastian Andrzej Siewior Date: Wed, 16 Oct 2024 21:48:51 +0200 Subject: [PATCH] test: 32_x509_get_cert_info allow single colon. Starting with 3.4.0 the doubl

Bug#1002056: Supporting alternative zlib implementations

On 2024-09-26 01:35:45 [+0200], Fay Stegerman wrote: > For example, ZIP files or Android APKs built on a Debian system will have a > different compressed stream, like the test files you mention. Which will > likely > break Reproducible Builds tooling like apksigcopier [1] and > reproducible-apk-t

Bug#1078937: [Pkg-javascript-devel] bookworm-pu: package openssl/3.0.14-1~deb12u1

On 2024-08-24 23:14:46 [+0200], Jérémy Lal wrote: > Le sam. 24 août 2024 à 13:52, Paul Gevers a écrit : > > Indeed, it is harmless. > Upstream nodejs has fixed this in the 20.x branch by allowing both error > codes in the failing test. Is it still the case and if so should I prepare an update or

Bug#1081018: firefox: Uses an embedded copy of zstd & brotli.

Source: firefox Version: 130.0-1 Severity: important If I see this right in the build log, then firefox uses an embedded copy of zstd & brotli. The package does not depend on any of those libraries (or libnss3). According to the build log it is compiled and about:config shows certificate_compressi

Bug#1078274: clamav: FTBFS: clamscan/assorted_test.py::TC::test_pe_cert_trust FAILED

On 2024-09-01 22:02:27 [+0200], Santiago Vila wrote: > Could we please fix it in bookworm as well? > (packages in stable must build in stable) I plan to prepare 1.0.7 as pu this weekend. > Thanks. Sebastian

Bug#1074487: [Pkg-openssl-devel] Bug#1074487: CVE-2024-5535

On 2024-09-03 10:54:40 [+0100], Sean Whitton wrote: > Hello openssl maintainers, Hi, > I'm updating openssl in bullseye as part of the LTS effort. > > Is there anyone working on uploading a fix for CVE-2024-5535 to sid? > Could I be of help? No, thank you. That CVE is of minor severity, requires

Bug#1078020: [Pkg-openssl-devel] Bug#1078020: Unfortunately 3.3.1-6 didn't fix the bug

On 2024-08-21 10:01:36 [-0700], VDRU VDRU wrote: > Hi, > I'm not really a coder so the requested project is a bit beyond my > ability. But, I did notice a patch in 3.3.1-7 that sounds like it may > fix the cause of this problem. If you get a moment, would you mind > looking at: > https://sources.d

Bug#1078020: [Pkg-openssl-devel] Bug#1078020: Unfortunately 3.3.1-6 didn't fix the bug

On 2024-08-17 08:20:52 [-0700], VDRU VDRU wrote: > Hi, Hi, > I've just updated my openssl + libssl-dev to 3.3.1-6, which was > thought to have fixed the bug I reported. Unfortunately that's not the > case however. I once again deleted OpenSSLConfig.cmake and the problem > was fixed so I guess that

Bug#965041: [Pkg-openssl-devel] Bug#965041: Bug#965041: closed by Debian FTP Masters (reply to Sebastian Andrzej Siewior ) (Bug#965041: fixed

On 2024-08-18 10:45:08 [+0200], Paul Gevers wrote: > Hi, Hi, > On Wed, 14 Aug 2024 19:57:25 +0200 Sebastian Andrzej Siewior > wrote: > > I'm sorry if this is causing trouble. I splitted the legacy provider out > > and added a Recommends: assuming that it is pulled in

Bug#965041: [Pkg-openssl-devel] Bug#965041: closed by Debian FTP Masters (reply to Sebastian Andrzej Siewior ) (Bug#965041: fixed in openssl

On 2024-08-18 20:29:44 [+0100], Colin Watson wrote: > On Wed, Aug 14, 2024 at 07:11:08PM +0100, Colin Watson wrote: > > Maybe it's worth you filing an issue on > > https://github.com/pyca/cryptography/issues to let cryptography upstream > > know about the problem? That way you could explain the ch

Bug#1075828: bookworm-pu: package openssl/3.0.13-1~deb12u2

On 2024-08-14 21:05:28 [+0100], Adam D. Barratt wrote: > Sorry for the delay. No worries, thank you for handling it. > I've just flagged the bugfix upload for acceptance into p-u. If you'd > like to look at 3.0.14 as well, please open a new bug for that. If it > makes any difference, the window f

Bug#965041: [Pkg-openssl-devel] Bug#965041: closed by Debian FTP Masters (reply to Sebastian Andrzej Siewior ) (Bug#965041: fixed in openssl

On 2024-08-14 14:20:08 [+0100], Colin Watson wrote: > On Fri, Aug 09, 2024 at 09:15:20AM +, Debian Bug Tracking System wrote: > >* Split the legacy provider into its own package (Closes: #965041). > > By default, this breaks anything that uses python3-cryptography: > > https://github.co

Bug#766052: [Pkg-openssl-devel] Bug#766052: closed by Joachim Bauch (Re: openssl: verify does not support single dash parameter)

control: found -1 1.0.1f-1 (the previous in unstable at the time for the timeline)

Bug#766052: closed by Joachim Bauch (Re: openssl: verify does not support single dash parameter)

control: reopen -1 control: found -1 3.3.1-2 On 2024-08-13 23:21:04 [+], Debian Bug Tracking System wrote: > This is an automatic notification regarding your Bug report > which was filed against the openssl package: > > #766052: openssl: verify does not support single dash parameter > > It h

Bug#1078509: [Pkg-openssl-devel] Bug#1078509: libcrypto.pc is missing libdir

On 2024-08-11 18:38:10 [+0200], Chris Hofstaedtler wrote: > openssl 3.3(.1) has a known issue with the installed pkg-config > files, causing build failures of depdendent packages like > pdns(-recursor). Basically, detection of the prefix used for > libssl.so is broken. Thank you for reporting. Str

Bug#1078020: [Pkg-openssl-devel] Bug#1078020: Imported target "OpenSSL::Crypto" includes non-existent path

On 2024-08-07 06:57:51 [-0700], VDRU VDRU wrote: > Hi, Hi, > Thanks for replying. I'm not sure what test you want me to try but I > deleted the OpenSSLConfig.cmake you mentioned and the problem went > away so I guess your suspicion is correct that there's a problem with > that file? can you give

Bug#1078020: [Pkg-openssl-devel] Bug#1078020: Imported target "OpenSSL::Crypto" includes non-existent path

On 2024-08-05 23:16:38 [-0700], VDRU VDRU wrote: > After updating from openssl 3.2.2-1, which didn't have this problem, I > now get the following when compiling with cmake: > > Imported target "OpenSSL::Crypto" includes non-existent path > > "/include" > > in its INTERFACE_INCLUDE_DIRECT

Bug#1074764: 3.0.14 released with fix

On 2024-07-31 12:23:24 [+0200], Anton Lundin wrote: > OpenSSL 3.0.14 is now released containing a cherry-pick of > 39ea78379826fa98e8dc8c0d2b07e2c17cd68380 as > https://github.com/openssl/openssl/commit/ad6cbe4b7f57a783a66a7ae883ea0d35ef5f82b6 > > I'd love to see a fix for this bug rolled out in D

Bug#1077066: openssl: Regression in OpenSSL 3.0.12 caused SoftHSM to crash on exit

On 2024-07-25 19:51:31 [+0200], Ondřej Surý wrote: > Can we get 3.0.14 in stable, please? I did open #1075828 to fix exactly this issue. I just pinged the report/ request asking if we should update 3.0.14 right away given that there is a point release by the of the month. > Ondrej Sebastian

Bug#1075828: bookworm-pu: package openssl/3.0.13-1~deb12u2

On 2024-07-05 23:32:13 [+0200], To sub...@bugs.debian.org wrote: > In the meantime the patch, that broke it, was reverted and this change > is part of 3.0.14. I didn't propose 3.0.14 for Bookworm because it was > close to the point release. (This change is also part of 3.2.2 release > in unstable.)

Bug#1077763: gcc-14: An alignment request might be added before endbr on function entry.

Package: gcc-14 Version: 14.1.0-5 Severity: important Control: forwarded -1 https://gcc.gnu.org/PR116174 gcc-14 may add an alignment requesst before endbr with -fcf-protection=branch -O2. Upstream report has a testcase. This is just for tracking. Sebastian

Bug#1075924: ruby3.3: FTBFS with openssl 3.3

Package: src:ruby3.3 Version: 3.3.1-6 Severity: important Tags: sid patch control: affects -1 src:openssl User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-3.3 control: forwarded -1 https://github.com/ruby/openssl/pull/728 Ruby fails the CI-testsuite against openssl 3.3 in experime

Bug#1075923: ruby3.2: FTBFS with openssl 3.3

Package: src:ruby3.2 Version: 3.2.3-1 Severity: important Tags: sid patch control: affects -1 src:openssl User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-3.3 control: forwarded -1 https://github.com/ruby/openssl/pull/728 Ruby fails the CI-testsuite against openssl 3.3 in experime

Bug#1075922: ruby3.1: FTBFS with openssl 3.3

Package: src:ruby3.1 Version: 3.1.2-8.3 Severity: important Tags: sid patch control: affects -1 src:openssl User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-3.3 control: forwarded -1 https://github.com/ruby/openssl/pull/728 Ruby fails the CI-testsuite against openssl 3.3 in exper

Bug#1075828: bookworm-pu: package openssl/3.0.13-1~deb12u2

ed private "classic" +keys" (Closes: #1074764). + + -- Sebastian Andrzej Siewior Fri, 05 Jul 2024 23:04:47 +0200 + openssl (3.0.13-1~deb12u1) bookworm; urgency=medium * Import 3.0.13 diff -Nru openssl-3.0.13/debian/patches/Revert-Improved-detection-of-engine-provided-private-

Bug#1074764: [Pkg-openssl-devel] Bug#1074764: signing with osslsigncode fails with a segmentation fault since latest stable update

On 2024-07-02 16:23:58 [+0200], Sébastien Villemot wrote: > Dear Maintainers, > > Since the last upgrade of openssl on bookworm (version 3.0.13-1~deb12u1), code > signing using osslsigncode (and my Yubikey) now fails with a segmentation > fault. It was working properly with version 3.0.11-1~deb12u

  1   2   3   4   5   6   7   8   9   10   >