Bug#1073247: transition: openturns

Package: release.debian.org Severity: normal X-Debbugs-Cc: opentu...@packages.debian.org Control: affects -1 + src:openturns User: release.debian@packages.debian.org Usertags: transition Dear Release team, I would like to request a transition slot for openturns. It has been accepted to experi

Bug#1073248: ntfs-3g: CVE-2023-52890

Source: ntfs-3g Version: 1:2022.10.3-2 Severity: important Tags: security upstream Forwarded: https://github.com/tuxera/ntfs-3g/issues/84 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for ntfs-3g. CVE-2023-52890[0]: | NTFS-3G before 75dcdc2

Bug#1073249: booth: CVE-2024-3049

Source: booth Version: 1.1-1 Severity: grave Tags: security upstream Justification: user security hole Forwarded: https://github.com/ClusterLabs/booth/pull/142 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for booth. CVE-2024-3049[0]: | A fl

Bug#1073250: liboqs: CVE-2024-36405

Source: liboqs Version: 0.8.0-1 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for liboqs. CVE-2024-36405[0]: | liboqs is a C-language cryptographic library that provid

Bug#1073247: transition: openturns

Control: tags -1 confirmed On 2024-06-15 08:59:50 +0200, Pierre Gruet wrote: > Package: release.debian.org > Severity: normal > X-Debbugs-Cc: opentu...@packages.debian.org > Control: affects -1 + src:openturns > User: release.debian@packages.debian.org > Usertags: transition > > Dear Release

Bug#1073251: rpy2: please add support for loong64

Source: rpy2 Version: 3.5.16-2 Severity: normal Tags: patch X-Debbugs-Cc: wuruil...@loongson.cn User: debian-loonga...@lists.debian.org Usertags: loong64 Dear Maintainer, rpy2 compiled incorrectly on loongarch, the attachment has resolved the issue. Please merge patches. wuruilong -- System In

Bug#576520: cdbackup: CRC checks fail on DVD images

Control: tags -1 + patch [Phil Reynolds 2010-04-05] > When writing virtual images for later burning to DVDs, if the -C switch > to cdbackup is not used, the tracks in the images cannot be restored > using cdrestore as the CRC check fails. This applies whether the images > are on DVD or have bee

Bug#1073252: samba: INTERNAL ERROR: Signal 11: Segmentation fault in smbd

Package: samba Version: 2:4.20.1+dfsg-5 Severity: important Dear Maintainer, Since the end of March, smbd sporadically crashes with the following error: INTERNAL ERROR: Signal 11: Segmentation fault in smbd I´m not sure what causes this. It was working stable before and my Samba configuration h

Bug#1073253: rust-fastrand: please update to v1.9.0

Source: rust-fastrand Version: 1.8.0-1+b1 Severity: normal Tags: upstream -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Please update to v1.9.0. I am aware that v2 is already pending in experimental, but given the pace of transitioning to a new branch, it is helpful to have the rng.fill() func

Bug#1073254: geary: please add support for loong64

Source: geary Version: 46.0-2 Severity: normal Tags: patch X-Debbugs-Cc: wuruil...@loongson.cn User: debian-loonga...@lists.debian.org Usertags: loong64 Dear Maintainer, geary compiled incorrectly on loongarch, the attachment has resolved the issue. Please merge patches. wuruilong -- System In

Bug#1073255: Qt 6 bindings for gpgme

Package: gpgme1.0 Severity: wishlist X-Debbugs-Cc: delta...@debian.org Dear Maintainer, we are in the process of packaging the Plasma 6 desktop. The KDE stack is using gpgme in some components, but for Plasma 6 everything switched to Qt 6. Currently, gpgme offers Qt 5 bindings, but for Plasma 6

Bug#1050805: dhcpcd-base: DoS: zero-length packet cause eventual lease expiration

On Tue, 29 Aug 2023 13:17:51 +0200 Nicolas Cavallari wrote: > Package: dhcpcd-base > Version: 9.4.1-22 > Severity: critical > Tags: security > Justification: breaks unrelated software > X-Debbugs-Cc: Debian Security Team > > When the dhcpcd DHCPv4 client receives a zero-length UDP packet on port

Bug#1073252: samba: INTERNAL ERROR: Signal 11: Segmentation fault in smbd

After skimming through many other samba-related bug reports, I finally found another one that seems very similar: https://bugzilla.redhat.com/show_bug.cgi?id=2282238 It's also tracked here: https://bugzilla.samba.org/show_bug.cgi?id=15659 Assuming this is indeed the same issue, then it's somet

Bug#1073256: bind9: master --> primary (master, etc. deprecated synonym)

Package: bind9 Version: 1:9.19.21-1+b1 Severity: minor Dear Maintainer, * What led up to the situation? Black Lives Matter, ISC and other updates with the times, etc., some older Debian specific files that haven't quite caught up yet. * What outcome did you expect instead? Ho

Bug#1073257: O: gobi-loader -- Firmware loader for Qualcomm Gobi USB chipsets.

Package: wnpp Severity: normal X-Debbugs-Cc: gobi-loa...@packages.debian.org Control: affects -1 + src:gobi-loader I intend to orphan the gobi-loader package as I no longer have any hardware which uses this chipset. I will upload with QA as the maintainer later today. The package description is:

Bug#1073258: docbook-dsssl: Directly use debhelper instead of abandoned cdbs

Package: docbook-dsssl Version: 1.79-10 Tags: patch Dear maintainers of docbook-dsssl, CDBS has been deprecated by the upstream authors in 2021 and has been orphaned in 2022, See The current packaging already relies on debhelper, so converting the packaging to

Bug#1073259: libyojson-ocaml-dev should depend on yojson-tools

Package: libyojson-ocaml-dev Version: 2.2.1-1 Severity: serious Tags: ftbfs Control: affects -1 src:botch https://buildd.debian.org/status/fetch.php?pkg=botch&arch=ppc64el&ver=0.24-3%2Bb1&stamp=1718448612&raw=0 ... + ydump ./tools/native.sh: 512: ydump: not found ... Packages (build) depending

Bug#1073260: systemd-tmpfiles can nuke /home and /srv

> The users who would want to avoid this risk for data loss can disable > this behaviour locally with the following command: > /etc/tmpfiles.d/home.conf Oops, what I meant is that the described behaviour can be disabled with the following command: touch /etc/tmpfiles.d/home.conf

Bug#1073261: bookworm-pu: package dhcpcd5/9.4.1-24~deb12u4

Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: dhcp...@packages.debian.org Control: affects -1 + src:dhcpcd5 -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 [ Reason ] RC bug #1050805 was fixed in Testing with sr

Bug#1073262: bookworm-pu: package gnutls28/3.7.9-2+deb12u3

Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: gnutl...@packages.debian.org Control: affects -1 + src:gnutls28 User: release.debian@packages.debian.org Usertags: pu Hello, I would like to essentially (i.e. sans version number bump) upgrade gnutls28 to 3.7.11. All ch

Bug#1073259: libyojson-ocaml-dev should depend on yojson-tools

Control: merge -1 1073199 Hi, Quoting Adrian Bunk (2024-06-15 12:58:19) > Package: libyojson-ocaml-dev > Version: 2.2.1-1 > Severity: serious > Tags: ftbfs > Control: affects -1 src:botch > > https://buildd.debian.org/status/fetch.php?pkg=botch&arch=ppc64el&ver=0.24-3%2Bb1&stamp=1718448612&raw=0

Bug#1073259: libyojson-ocaml-dev should depend on yojson-tools

Quoting Johannes Schauer Marin Rodrigues (2024-06-15 13:49:49) > Control: merge -1 1073199 Sorry, I mixed this up (and luckily the bts stopped me from merging). So the reason for why there is no a tools package is, that I argued that it would be nice if the tools found in /usr/bin would not be pa

Bug#1073263: buildd.debian.org: Please show who requested the latest action

Package: buildd.debian.org Severity: wishlist X-Debbugs-Cc: ni...@thykier.net Hi Had a chat today with Johannes in #debian-devel, who asked about their package's state and the related Dep-Wait action. While trying to figure this out, I realized that it is not possible to see who scheduled the

Bug#1073239: bb: either no sound frozen text output while using pulseaudio as default on more recent debian

Control: severity -1 important Control: forcemerge 123150 -1 Hi, t...@treaki.tk wrote: > Severity: grave > Justification: renders package unusable No, it doesn't. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=123150#189 for an easy workaround. Hence severity important is more fitting—the

Bug#1073173: patch

David Bremner writes: > I wanted to unstick a couple of entwined transitions, so I took a guess > at the appropriate change. Someone (TM) should confirm this is the right > fix before uploading to unstable. Also, it would be nice to have an > upstreamable version that builds with the older API as

Bug#1073264: scapy: hardcoded dependencies on libpcap0.8

Source: scapy Version: 2.5.0+git20240324.2b58b51+dfsg-1 Severity: serious Tags: patch Hi Maintainer Scapy has hardcoded dependencies on libpcap0.8, but since the time_t transition, this library is now named libpcap0.8t64. This can be seen in the failing autopkgtests of scapy on armel [1] and arm

Bug#1072718: [Pkg-pascal-devel] Bug#1072718: lazarus: Lazarus fails to compile itself

Hi Peter, sorry if I did anything wrong. However the way I see it is that: on a clean Debian system, Lazarus does NOT compile.. It does on my ARch and Fedora machines, so it is very Debian specific All the best Bas Sent with Proton Mail secure email. On Friday, June 14th, 2024 at 15:11, Pete

Bug#1073265: wsdd: Please install the firewalld service files

Package: wsdd Version: 2:0.8-1 Severity: wishlist Hello, Upstream is shipping firewalld service files but these are not installed, I guess these should be shipped in one of the packages (the main one?) They should more than probably be installed in /usr/lib/firewalld/services/ (and not in /etc)

Bug#1073212: marked as done (RM: mozjs102 -- RoM; superseded by mozjs115)

Control: reopen 1073212 On Sat, 15 Jun 2024 at 12:54:03 +, Debian Bug Tracking System forwarded: > Subject: Bug#1073212: fixed in geary 46.0-3 I think geary_46.0-3 was not meant to close this particular bug. smcv

Bug#1073266: ITP: radicle -- P2P code platform Radicle

Package: wnpp Severity: wishlist Owner: Jonas Smedegaard X-Debbugs-Cc: debian-de...@lists.debian.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: radicle Version : 1.0.0-rc.10 Upstream Contact: The Radicle Foundation * URL : https://radicle.xyz/ *

Bug#1073267: RFS: gpp/2.28-2 [QA] -- general-purpose preprocessor with customizable syntax

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "gpp": * Package name : gpp Version : 2.28-2 Upstream contact : Tristan Miller * URL : https://logological.org/gpp * License : LGPL-3 * Vcs

Bug#1073268: exim4-config: Update section "2.10. Putting Exim 4 and UUCP together" in README.Debian

Package: exim4-config Version: 4.96-15+deb12u4 Severity: minor Dear Maintainer, I set up a system sending mail via UUCP. In doing so, I read through section 2.10 of the README.Debian provided. The problem with the example given is that Exim has a taint check and the example uses $sender_address

Bug#1073258: [xml/sgml-pkgs] Bug#1073258: docbook-dsssl: Directly use debhelper instead of abandoned cdbs

[Gioele Barabucci] > https://salsa.debian.org/xml-sgml-team/docbook-dsssl/-/merge_requests/2 I am not a team member, just a subscriber on the mailing list, but had a look at the change and it look good to me. It seem to overlap slightly with the other open merge request on salsa, thought. I'm no

Bug#1073269: FTBFS in unstable with Error: Unbound type constructor Result.result

Source: coq-serapi Version: 8.19.0+0.19.3-2 Severity: serious Tags: ftbfs Justification: fails to build from source (but built successfully in the past) Hi, coq-serapi FTBFS in unstable with the following error: /usr/bin/make build make[2]: Entering directory '/<>' dune build --root . --only-pac

Bug#1060774: bullseye-pu: netatalk/3.1.12~ds-8+deb11u2

On Thursday, June 13th, 2024 at 6:33 AM, Jonathan Wiltshire wrote: > > > On Sat, Feb 24, 2024 at 11:16:47AM +, Daniel Markstedt wrote: > > > If it looks good, I will arrange for this to get uploaded. > > > Yes, you can go ahead with that. > > Thanks, > Cheers. I personally don't ha

Bug#1073270: mercurial: FTBFS on hppa - test-bundle.t output changed

Source: mercurial Version: 6.7.4-1 Severity: normal Tags: ftbfs Dear Maintainer, test-bundle.t fails: test-bundle.t test-bundle.t ... # Test test-bundle.t # Running sh "/tmp/hgtests.dnrnpeia/child163/test-bundle.t.sh" # Timout reached for process 2680 # Ret was: 0 (test-persistent-nodemap.t)

Bug#1073272: gpgv-from-sq: prevent 0.9.0-1 from entering testing

package: gpgv-sq, gpgv-from-sq severity: serious version: 0.9.0-1 hi, latest apt in unstable fails to 'apt update' with gpgv-from-sq 0.9.0-1, while the issue has been addressed in sequoia-chameleon-gnupg 0.10.0, so filing this bug to prevent migration of 0.9.0-1 to trixie (which else would happen

Bug#1072556: RFS: elpa-rust-mode/1.0.5+git20240520.d00d83d-1 [ITA] [RC] -- Major Emacs mode for editing Rust source code

Hello, just add the previous changelog entry, at least we know that something was in the archive? G. Il venerdì 14 giugno 2024 alle ore 10:45:26 CEST, Xiyue Deng ha scritto: Hi Gianfranco, On Sun, 9 Jun 2024 23:58:29 +0200 Gianfranco Costamagna wrote: > control: tags -1 moreinfo

Bug#1073271: RFS: doclifter/2.21-3 [QA] -- Convert troff to DocBook

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "doclifter": * Package name : doclifter Version : 2.21-3 Upstream contact : Eric S. Raymond * URL : http://www.catb.org/~esr/doclifter * License : B

Bug#1050805: dhcpcd-base: DoS: zero-length packet cause eventual lease expiration

On 15/06/2024 11:33, Martin-Éric Racine wrote: On Tue, 29 Aug 2023 13:17:51 +0200 Nicolas Cavallari wrote: Package: dhcpcd-base Version: 9.4.1-22 Severity: critical Tags: security Justification: breaks unrelated software X-Debbugs-Cc: Debian Security Team When the dhcpcd DHCPv4 client receive

Bug#939756: mercurial: FTBFS on hppa - test-hghave.t timed out

I'm not seeing this time out with 6.7.4-1. Regards, Dave Anglin -- John David Anglin dave.ang...@bell.net

Bug#1073273: Exception: ../../src/ui.cc:1549: void auto_fix_broken(): Assertion failed.

Package: aptitude Version: 0.8.13-6 Severity: important Dear Maintainer, For a few days now, I can not use aptitude to keep up-to-date my sid on my old desktop computers. It works perfectly on my others sid computers (laptop, VMs). 1) Using the TUI, after the selection process, when trying to up

Bug#1073274: libnginx-mod-js: FTBFS on ppc64el with -O3 and lto enabled

Source: libnginx-mod-js Version: 0.8.4-1 tags: patch Hello, I found the package to FTBFS when more optimizations are enabled in gcc/dpkg. The patch is trivial, just a matter of initializing two variables. I proposed a patch upstream and sending it for your convenience diff -Nru libnginx-mod-js

Bug#1073275: FTBFS in unstable due to make test

Source: elpi Version: 1.18.2-2 Severity: serious Tags: ftbfs Justification: fails to build from source (but built successfully in the past) Hi, during running of the tests, the package build fails, specifically: KO trace-browser-elab (trace elaboration) elpi-trace-elaborator KO

Bug#1073205: docker-compose: new python3-requests dependency brokes docker-compose

This appears to be a duplicate of bug #1073196 in python3-docker. I was able to reproduce this problem with version 6.1.3-0.1 of that package but can no longer reproduce after updating that package to 6.1.3-0.2.

Bug#1073276: pygopherd: please package new version 3.0.1

Source: pygopherd Version: 3.0.0~git20221126.02c65d60-5 Severity: normal Dear Maintainer, Please package v3.0.1 and add a debian/watch file to this package. Greetings https://github.com/michael-lazar/pygopherd/releases/tag/v3.0.1

Bug#1073262: bookworm-pu: package gnutls28/3.7.9-2+deb12u3

Control: tags -1 + confirmed On Sat, 2024-06-15 at 13:44 +0200, Andreas Metzler wrote: > I would like to essentially (i.e. sans version number bump) upgrade > gnutls28 to 3.7.11. All changes are cherry-picked from 3.8.x and are > already included in the sid/testing version. Please go ahead. Rega

Bug#1073259: libyojson-ocaml-dev should depend on yojson-tools

Hi, Quoting Johannes Schauer Marin Rodrigues (2024-06-15 14:03:34) > So the reason for why there is no a tools package is, that I argued that it > would be nice if the tools found in /usr/bin would not be part of the -dev > package but in its own package to decrease the number of dependencies. >

Bug#1073263: buildd.debian.org: Please show who requested the latest action

On 15.06.24 14:06, Niels Thykier wrote: Had a chat today with Johannes in #debian-devel, who asked about their package's state and the related Dep-Wait action. While trying to figure this out, I realized that it is not possible to see who scheduled the action at all when looking the buildd stat

Bug#1073261: bookworm-pu: package dhcpcd5/9.4.1-24~deb12u4

Control: tags -1 + confirmed On Sat, 2024-06-15 at 14:38 +0300, Martin-Éric Racine wrote: > RC bug #1050805 was fixed in Testing with src:dhcpcd 10.0.2, but > upstream only got around back-porting the fix to Stable src:dhcpcd5 > 9.x.x today. Please go ahead. Regards, Adam

Bug#1073273: Exception: ../../src/ui.cc:1549: void auto_fix_broken(): Assertion failed.

Package: aptitude Followup-For: Bug #1073273 Dear Maintainer, Some bugs evaporate when you look at them... After my today's "apt full-upgrade", the errors vanished. May be a transient error related to a failed or incomplete upgrade state ? Anyway, I guess you may close this bug as, thus, it loo

Bug#894906: linux-cpupower: provide a systemd service and a default config file

On Wed, 12 Jun 2024 22:09:10 +0200 Francesco Poli wrote: [...] > Is there room for improvement? > Yes, I think there is. > For instance, the script /usr/libexec/cpupower could be translated to > POSIX shell, getting rid of its bashisms. Here we go, I modified the script by translating it to POSIX

Bug#1072984: bookworm-pu: package crowdsec-firewall-bouncer/0.0.25-4~deb12u1

Control: tags -1 + confirmed On Tue, 2024-06-11 at 11:29 +0200, Cyril Brulebois wrote: > I'd like to fix the #1071247/#1071248 pair in bookworm, which results > in > crowdsec-firewall-bouncer's being broken on little-endian > architectures > (addresses are getting logged just fine, but they're not

Bug#1072983: bookworm-pu: package golang-github-google-nftables/0.1.0-4~deb12u1

Control: tags -1 + confirmed On Tue, 2024-06-11 at 11:29 +0200, Cyril Brulebois wrote: > I'd like to fix the #1071247/#1071248 pair in bookworm, which results > in > crowdsec-firewall-bouncer's being broken on little-endian > architectures > (addresses are getting logged just fine, but they're not

Bug#1069281: bookworm-pu: package what-is-python/13+deb12u1

Control: tags -1 + confirmed On Fri, 2024-04-19 at 11:44 +0200, Andreas Beckmann wrote: > A missing Breaks+Replaces relationship can cause a file conflict on > /usr/bin/pydoc on upgrades from bullseye to bookworm. #1034995 Please go ahead. Regards, Adam

Bug#1069284: bookworm-pu: package libmail-dkim-perl/1.20230212-2~deb12u1

Control: tags -1 + confirmed On Fri, 2024-04-19 at 12:06 +0200, Andreas Beckmann wrote: > A missing dependency causes dkimproxy-verify to fail upon execution. Please go ahead. Regards, Adam

Bug#1069291: bookworm-pu: package comitup/1.38-2~deb12u1

Control: tags -1 + confirmed On Fri, 2024-04-19 at 15:14 +0200, Andreas Beckmann wrote: > On certain upgrade paths installation/upgrade will fail if a masked > service file from a previous installation is still present. > Please go ahead. Regards, Adam

Bug#1069295: bookworm-pu: package python-asdf/2.14.3-1+deb12u1

Control: tags -1 + confirmed On Fri, 2024-04-19 at 15:41 +0200, Andreas Beckmann wrote: > python3-asdf has an internal dependency on asdf-unit-schemas which is > neither mapped to a package dependency nor does it exist in the > archive. > This internal dependency (which only exists for backward >

Bug#1069690: bookworm-pu: package libkf5ksieve/4:22.12.3-1+deb12u1

Control: tags -1 + confirmed On Mon, 2024-04-22 at 21:36 +0200, Patrick Franz wrote: > There is a bug in libkf5sieve where the password instead of the > username is sent when using managesieve and could therefore be > logged on a server as the login will fail. Please go ahead. Regards, Adam

Bug#1070153: bookworm-pu: qtbase-opensource-src/5.15.8+dfsg-11+deb12u2

Control: tags -1 + confirmed On Tue, 2024-04-30 at 23:26 +, Thorsten Alteholz wrote: > The attached debdiff for qtbase-opensource-src fixes several CVEs in > Bookworm. All CVEs are marked as no-dsa by the security team. Please go ahead. Regards, Adam

Bug#1070249: bookworm-pu: package python-jwcrypto/1.1.0-1+deb12u1

Control: tags -1 + confirmed On Thu, 2024-05-02 at 18:53 +0100, Steve McIntyre wrote: > I've backported the upstream fix for CVE-2024-28102 (#1065688) to > bookworm. It's not considered critical as a security fix by the > security team, but would still be good to have in bookworm. Please go ahead

Bug#1073261: bookworm-pu: package dhcpcd5/9.4.1-24~deb12u4

la 15. kesäk. 2024 klo 17.48 Adam D. Barratt (a...@adam-barratt.org.uk) kirjoitti: > > Control: tags -1 + confirmed > > On Sat, 2024-06-15 at 14:38 +0300, Martin-Éric Racine wrote: > > RC bug #1050805 was fixed in Testing with src:dhcpcd 10.0.2, but > > upstream only got around back-porting the fix

Bug#1070425: bookworm-pu: package numpy/1:1.24.2-1+deb12u1

Control: tags -1 + confirmed On Sun, 2024-05-05 at 10:30 +0200, Timo Röhling wrote: > python3-numpy has an undeclared file conflict on /usr/bin/f2py with > python-numpy. Even though python-numpy is gone, it is possible to > have that > package linger on systems, which will affect the upgrade to

Bug#1073277: RM: ramond -- RoQA; unmaintained, dead upstream, unused

Package: ftp.debian.org Severity: normal X-Debbugs-Cc: ram...@packages.debian.org Control: affects -1 + src:ramond User: ftp.debian@packages.debian.org Usertags: remove Please remove ramond. It's dead upstream, the last maintainer upload was in 2012 without a new adopter and it's basically non

Bug#1070431: bookworm-pu: package php-composer-pcre/3.1.0-1+deb12u1

Control: tags -1 + confirmed On Sun, 2024-05-05 at 11:25 +0200, David Prévot wrote: > While fixing CVE-2024-24821 in composer in the recent DSA-5632-1, > code > from php-composer-pcre has been backported in the Bullseye version of > composer. Because of that, php-composer-pcre now needs a > Breaks

Bug#1070466: bookworm-pu: package dm-writeboost/2.2.17-0.2~deb12u1

Control: tags -1 + confirmed On Sun, 2024-05-05 at 21:07 +0200, Andreas Beckmann wrote: > A change from Linux v6.9-rc1 got backported to v6.1.83 and breaks > building the dm-writeboost module (dm_io() got an extra parameter). > > I'd like to update dm-writeboost to a new upstream release, the onl

Bug#1070478: bookworm-pu: package tryton-server/tryton-server_6.0.29-2+deb12u2

Control: tags -1 + confirmed On Mon, 2024-05-06 at 10:35 +0200, Mathias Behrle wrote: > Backport the patch to fix the vulnerabilty to zip bomb > attacks via decoded gzip content from unauthenticated users. > https://discuss.tryton.org/t/security-release-for-issue-13142/7196 Please go ahead. Rega

Bug#1070484: bookworm-pu: package tryton-client/tryton-client_6.0.26-1+deb12u1

Control: tags -1 + confirmed On Mon, 2024-05-06 at 11:19 +0200, Mathias Behrle wrote: > Backport the patch to send only compressed content from > authenticated sessions. > https://foss.heptapod.net/tryton/tryton/-/commit/96ccd17bd4db4be46bb42eb4217ba5c7dcb7de82 Please go ahead. Regards, Adam

Bug#1070739: bookworm-pu: package python-glance-store/4.1.0-4

Control: tags -1 + moreinfo On Wed, 2024-05-08 at 17:59 +0200, Salvatore Bonaccorso wrote: > Hi, > > On Wed, May 08, 2024 at 09:52:01AM +0200, Thomas Goirand wrote: > [...] > > I would like to update python-glance-store/4.1.0-4 to > > python-glance-store/4.1.1-1+deb12u1 to address CVE-2024-1141

Bug#1071564: bookworm-pu: package aide/0.18.3-1+deb12u3

Control: tags -1 + confirmed On Tue, 2024-05-21 at 12:00 +0200, Marc Haber wrote: > aide 0.18 has introduced some concurrency in processing. There is a > bug > that makes fail to concurrently read extended attributes (xattrs) due > to > variables shared between worker threads. Please go ahead. R

Bug#1071826: bookworm-pu: package libreoffice/4:7.4.7-1+deb12u3

Control: tags -1 + moreinfo On Sat, 2024-05-25 at 10:35 +0200, Rene Engelhard wrote: > I'd like to fix 2 libreoffice bugs in stable. Most important is > the SMB fix (which - for kf5 - also needs a kio stable update, but > those > can be done in parallel or kio later as there's no updated > (build)

Bug#1073278: RFP: amber-lang -- A programming language that compiles to Bash

Package: wnpp Severity: wishlist * Package name: amber-lang Version : 0.3.2 Upstream Contact: Pawel "Phoenix" Karas * URL : https://amber-lang.com/ * License : GPL-3.0 Programming Lang: Rust Description : A programming language that compiles to Bash Hi

Bug#1071826: bookworm-pu: package libreoffice/4:7.4.7-1+deb12u3

Hi, Am 15.06.24 um 17:28 schrieb Adam D. Barratt: Control: tags -1 + moreinfo On Sat, 2024-05-25 at 10:35 +0200, Rene Engelhard wrote: I'd like to fix 2 libreoffice bugs in stable. Most important is the SMB fix (which - for kf5 - also needs a kio stable update, but those can be done in paralle

Bug#1071920: bookworm-pu: package libseccomp/2.5.4-1+deb12u1

Control: tags -1 + confirmed On Sat, 2024-05-25 at 23:33 +0200, Felix Geyer wrote: > libseccomp 2.5.4 only knows about syscall up to Linux 6.4. > The proposed changes add the syscalls up to Linux 6.7. Please go ahead. Regards, Adam

Bug#1072476: bookworm-pu: package lua5.4/5.4.4-3+deb12u1

Control: tags -1 + confirmed On Sun, 2024-06-02 at 11:34 -0400, Boyuan Yang wrote: > As described in https://bugs.debian.org/1072460 , the current lua5.4 > in Debian Stable (Bookworm) misses several symbols that were supposed > to be exported while they still present in the lua headers. This > cau

Bug#1073116: bookworm-pu: package python-idna/3.3-1+deb12u1

Control: tags -1 + confirmed On Thu, 2024-06-13 at 00:38 +0200, Guilhem Moulin wrote: > Fix CVE-2024-3651: Specially crafted inputs to idna.encode() can > consume > significant resources, which may lead to denial of service. Please go ahead. Regards, Adam

Bug#1073263: buildd.debian.org: Please show who requested the latest action

Philipp Kern: On 15.06.24 14:06, Niels Thykier wrote: Had a chat today with Johannes in #debian-devel, who asked about their package's state and the related Dep-Wait action. While trying to figure this out, I realized that it is not possible to see who scheduled the action at all when looking

Bug#1072857: dput: Incorrect delayed argument: ValueError: delayed days value must be a decimal integer:

Dear Ben, Am 15.06.2024 08:44, schrieb Ben Finney: Before merging, I need confirmation from someone experiencing this bug, that the resulting package does indeed fix the bug. You don't experience this bug if you temporarily move your user config and fall back to the upstream /etc/dput.cf? I g

Bug#1073279: nwg-displays: binary package depend on development headers libgtk-layer-shell-dev

Package: nwg-displays Version: 0.3.20-1 Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 The binary package depends on the development headers in package libgtk-layer-shell-dev. That looks odd - perhaps a mistake? - Jonas -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEn+Ppw2aR

Bug#1072857: Update

Dear Ben, seems I did something wrong. I started new, applied the patch and rebuilt dput and now it works: dput --force --simulate golang-github-cloudflare-circl_1.3.9-1_source.changes Trying to upload package to ftp-master (ftp.upload.debian.org) Checking signature on .changes Checking sign

Bug#1061686: (no subject)

severity 1061686 serious thanks I use Debian 12 with kernel 6.1.0-21-amd64. I installed kmscon 9.0.0-4 and tried it out. Well, unicode on some console worked after reboot, but otherwise there were too many bugs to even bother filing them. So I uninstalled kmscon and rebooted. After that, I no lo

Bug#1073280: RM: Ok to remove project ? dead upstream, depends on nose, no rdeps left

Source: python-lockfile Version: 1:0.12.2-3 Severity: normal Dear Maintainer, >From my stats I see that lockfile is the most popular remaining package that still depends on nose that itselfs depends on 2to3 that will be removed in python 3.13. Nothing depends on it anymore. Would you be OK to r

Bug#1071427: RFS: rumur/2024.05.07-1 -- model checker for the Murphi language

On Sat, 2024-06-15 at 09:39 +1000, Matthew Fernandez wrote: > Control: tags -1 - moreinfo > > On 6/14/24 19:47, Phil Wyett wrote: > > Control: tags -1 + moreinfo > > > > Hi Matthew, > > > > 'rumur' is an extensive package with a lot going on at build time. Some of > > the > > build time tests a

Bug#1071562: nfsd blocks indefinitely in nfsd4_destroy_session

metoo. I am not sure if a modern kernel on the clients is involved (most clients are running 6.1.90), but I have seen a blocking nfsd twice as well, last time this morning. The kern.log on the server says 2024-06-10T15:54:23.722921+02:00 nasl006b kernel: [1298984.543582] receive_cb_reply: Got u

Bug#1073115: bullseye-pu: package python-idna/2.10-1+deb11u1

Control: tag -1 confirmed On Thu, Jun 13, 2024 at 12:38:03AM +0200, Guilhem Moulin wrote: > Fix CVE-2024-3651: Specially crafted inputs to idna.encode() can consume > significant resources, which may lead to denial of service. Please go ahead. Thanks, -- Jonathan Wiltshire

Bug#1070739: bookworm-pu: package python-glance-store/4.1.0-4

Control: tags -1 -moreinfo +confirmed On Sat, 2024-06-15 at 16:21 +0100, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Wed, 2024-05-08 at 17:59 +0200, Salvatore Bonaccorso wrote: > > Hi, > > > > On Wed, May 08, 2024 at 09:52:01AM +0200, Thomas Goirand wrote: > > > [...] > > > I wo

Bug#1073281: ITP: golang-github-containerd-errdefs -- Common definition and library of errors used by containerd

Package: wnpp Severity: wishlist Owner: Reinhard Tartler * Package name: golang-github-containerd-errdefs Version : 0.1.0-1 Upstream Author : containerd * URL : https://github.com/containerd/errdefs * License : Apache-2.0 Programming Lang: Go Description

Bug#1073174: bullseye-pu: package lacme/0.8.0-2+deb11u2

Control: tag -1 confirmed On Fri, Jun 14, 2024 at 02:07:33AM +0200, Guilhem Moulin wrote: > diff -Nru lacme-0.8.0/debian/changelog lacme-0.8.0/debian/changelog > --- lacme-0.8.0/debian/changelog 2023-04-28 10:25:54.0 +0200 > +++ lacme-0.8.0/debian/changelog 2024-06-13 19:19:07.00

Bug#1073282: ITP: golang-github-charlievieth-fastwalk -- Fast directory traversal for Golang

Package: wnpp Severity: wishlist Owner: Vincent Blut * Package name: golang-github-charlievieth-fastwalk Version : 1.0.3-1 Upstream Author : Charlie Vieth * URL : https://github.com/charlievieth/fastwalk * License : Expat Programming Lang: Go Description

Bug#1073206: bullseye-pu: package python-aiosmtpd/1.2.2-1+deb11u1

Control: tag -1 confirmed On Fri, Jun 14, 2024 at 03:00:46PM +0100, Dale Richards wrote: > [ Reason ] > This update resolves two security vulnerabilities present in > the version of python-aiosmtpd in Bullseye (1.2.2-1): > > * CVE-2024-27305 - SMTP smuggling due to poor handling of > non-st

Bug#1073231: bullseye-pu: package sendmail/8.15.2-22+deb11u1

Control: tag -1 confirmed On Fri, Jun 14, 2024 at 09:01:06PM +, Bastien Roucariès wrote: > diff -Nru sendmail-8.15.2/debian/NEWS.Debian > sendmail-8.15.2/debian/NEWS.Debian > --- sendmail-8.15.2/debian/NEWS.Debian1970-01-01 00:00:00.0 > + > +++ sendmail-8.15.2/debian/NEWS

Bug#1073260: systemd-tmpfiles can nuke /home and /srv

Control: severity -1 wishlist Control: tags -1 wontfix Control: close -1 On Sat, 15 Jun 2024 12:58:28 +0200 Antoine Le Gonidec wrote: > Package: systemd > Version: 256-1 > Severity: critical > Justification: causes serious data loss > > The current build of systemd in Debian Sid ships the follow

Bug#805592: adequate: Please check pid file permissions

hola Guillem, bon dia ;) do you think that this bug is still relevant, especially with most daemons now being handled internally by systemd? if so, can you please point me to a specific package with non-readable pid file(s)? gràcies, Serafeim signature.asc Description: PGP signature

Bug#1069672: flatpak 1.14.8-1~deb12u1 flagged for acceptance

package release.debian.org tags 1069672 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: flatpak Version: 1.14.8-1~de

Bug#1069836: libkf5ksieve 20.08.3-1+deb11u1 flagged for acceptance

package release.debian.org tags 1069836 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: libkf5ksieve Version: 20.08.

Bug#1070702: nano 7.2-1+deb12u1 flagged for acceptance

package release.debian.org tags 1070702 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: nano Version: 7.2-1+deb12u1

Bug#1072009: systemd 247.3-7+deb11u5 flagged for acceptance

package release.debian.org tags 1072009 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: systemd Version: 247.3-7+deb

Bug#1072682: luametatex: context 2024.04 and luametatex 2.11 no longer build PDF via Pandoc. (+ workaround)

Control: reassign -1 luametatex Control: tags -1 + pending On 06.06.2024 15:17, Gijs Hillenius wrote: Hello, Context 2024.04.01.20240428+dfsg-2 and Luametatex 2.11.02+ds-4 no longer let me build PDFs from Emacs Org-Mode files via Pandoc. After downgrading to luametatex 2.11.01 (from 2.11.02)

Bug#1072817: openrc 0.45.2-2+deb12u1 flagged for acceptance

package release.debian.org tags 1072817 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: openrc Version: 0.45.2-2+deb

Bug#1073202: bookworm-pu: package python-aiosmtpd/1.4.3-1.1+deb12u1

On 2024-06-14 14:01:36 +0100, Dale Richards wrote: > Package: release.debian.org > Severity: normal > Tags: bookworm > X-Debbugs-Cc: python-aiosm...@packages.debian.org, d...@dalerichards.net > Control: affects -1 + src:python-aiosmtpd > User: release.debian@packages.debian.org > Usertags: pu >

  1   2   >