Bug#985971: jemalloc accesses the network during build

Source: jemalloc Version: 5.2.1-2 Severity: serious Justification: policy 4.9 violation X-Debbugs-Cc: Vineet Gupta jemalloc's build attempts to retrieve docbookx.dtd from the network during build. There can be three outcomes: 1. Network is unavailable. A warning is printed. See e.g. https://b

Bug#985946: patch proposal

OK, you are way ahead of me Frédéric, please disregard my previous response. Great that your patch works, really cool.  And thanks ! However, do you mind if I query something ?  I don't quite see why you call the - +if [ "$CPU" = "powerpc64le" ]; then +    CPU="powerpc64" +fi AFTER the line - T

Bug#985970: unblock: kglobalaccel/5.78.0-3

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: pkg-kde-t...@alioth-lists.debian.net Please unblock package kglobalaccel [ Reason ] Upstream asked to backport a security fix: There is the possibility that kglobalaccel runs

Bug#985946: tomboy-ng: FTBFS on ppc64el

Wow Frédéric, thats given me something to think about ! On 27/3/21 2:12 am, Frédéric Bonnard wrote: > Package: src:tomboy-ng > Version: 0.32-1 > tomboy fails to build on ppc64el : "ppc64el" ?  "endian little" ?  Is that the same as ppc64le  ?   As in IBM Power8 ? I do have a history with IBM Po

Bug#969174: firefox: FF80 broke webext-* add-ons on existing profiles and new profiles after three restarts

On Thu, 25 Mar 2021 01:54:53 +0100 Christoph Anton Mitterer wrote: Anyway, it seems with FF87, Mozilla blessed people with further goodness and the old bug is also back again... at least I see add-ons like ublock or no-script ineffective, even though their icon is displayed this time... Firefo

Bug#985848: RFS: xpenguins/3.2.1-1 -- little penguins walk on your windows

On Wed, Mar 24, 2021 at 03:06:53PM -0700, Micheal Waltz wrote: > * Package name: xpenguins >Version : 3.2.1-1 > xpenguins (3.2.1-1) unstable; urgency=medium > . >* New upstream version 3.2.1 >* Update standards to 4.5.1 and compat to 13 Hi! Isn't the package supposed to

Bug#985969: libvirt: Build with libssh

Source: libvirt Severity: normal Using SSH keyfile authentication with libssh2 will fail for most file formats because libssh2 is built with gcrypt instead of OpenSSL (see #668271). As long as that is not resolved, please build with libssh instead, which has an OpenSSL version in Debian. Tha

Bug#668271: libssh2-1: The libssh2 has several limitations when configured --with-libgcrypt. Please do not use libgcrypt.

On Tue, 10 Apr 2012 17:26:46 +0200 Mikhail Gusarov wrote: apt-rdepends -r libssh2-1 lists at least 2556 packages, so enabling OpenSSL would require all GPL-ed reverse-depends to add a clause to their license that allows the package in question to be linked against OpenSSL. According to GPL usag

Bug#985928: vc4.ko brings unusable&unstable ALSA sinks

From: Ryutaroh Matsumoto Subject: vc4.ko brings unusable&unstable ALSA sinks Date: Fri, 26 Mar 2021 17:15:40 +0900 (JST) > Touching vc4-hdmi-[01] too many times makes the kernel unstable, > and shutting down often needs several minutes. > /usr/bin/pulseaudio in its default setting touches all avai

Bug#985968: RFS: streamlink/2.1.1-1~exp1 -- CLI for extracting video streams from various websites to a video player

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "streamlink" for a new upstream version 2.1.1. * Package name: streamlink Version : 2.1.1-1~exp1 Upstream Author : Streamlink Team * URL : https://streamlink.git

Bug#985967: freeradius: Fails to start with permission denied when configuring to use privileged ports

Package: freeradius Version: 3.0.21+dfsg-2+b2 Severity: important X-Debbugs-Cc: th...@selfnet.de Good evening, after a test upgrade of my running buster configuration to bullseye I can no longer start freeradius. Mar 26 23:46:35 radius-user-dev-1 radiusd[14718]: Failed binding to dhcp interface

Bug#978674: python3-build: Fails to work unless pip is installed

Control: severity -1 serious Control: tags -1 + help On Sunday, January 17 2021, Martina Ferrari wrote: > On 17/01/2021 01:06, Sergio Durigan Junior wrote: > >> Thanks for the bug report, Martina. >> Yeah, this is strange. I don't think it should require pip, and >> after >> installing python3-p

Bug#985963: debuerreotype: uses debian-archive-keyring in autopkgtests without real dependency

tags 985963 + pending thanks On Fri, 26 Mar 2021 at 15:45, Gianfranco Costamagna wrote: > Hello, looks like the debian/tests/stretch is using the keyring but the > package has only a recommends on that dependency. > This makes the autopkgtest fail when apt is configured with > --no-install-reco

Bug#985966: pcp: pmda postgresql not installed

Package: pcp Version: 4.3.2+really4.3.1-0.1 Severity: normal Dear Maintainer, Using version "4.3.2+really4.3.1" from stable, the postgresql pmda and pmlogconf files are not installed. The only postgresql related file included in the package is the pmdapostgresql manpage. According to the configu

Bug#985965: speechd-up: initscript speechd-up, action "start" failed.

Package: speechd-up Version: 0.5~20110719-10 Severity: normal X-Debbugs-Cc: bardot.jer...@gmail.com Dear Maintainer, LC_ALL=C aptitude upgrade The following partially installed packages will be configured: speechd-up No packages will be installed, upgraded, or removed. 0 packages upgraded, 0 ne

Bug#985887: gscan2pdf: saves b&w scanned pages in inverted mode

>Please start gscan2pdf from the command line: > > gscan2pdf --log=log > >reproduce the problem, quit, and post the input image, log file and the >resulting PDF. I scanned the same a4 sheet twice, first in color mode, then in bw mode. The two scans appear ok in the gscan2pdf windows. However,

Bug#985964: ITP: librdata -- C/C++ library to manipulate GNU R data frames.

Package: wnpp Severity: wishlist Owner: Filippo Rusconi X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: librdata Version : 0.1.0 Upstream Author : Evan Miller * URL : https://github.com/WizardMac/librdata * License : MIT/X Programming Lang: C, C++

Bug#985963: debuerreotype: uses debian-archive-keyring in autopkgtests without real dependency

Source: debuerreotype Version: 0.10-2 Severity: serious Justification: breaks autopkgtests when recommended packages are not installed by default tags: patch Hello, looks like the debian/tests/stretch is using the keyring but the package has only a recommends on that dependency. This makes the

Bug#985957: usrmerge has 47.3MB of dependencies

On Fri, 26 Mar 2021 at 20:58, Marco d'Itri wrote: > > On Mar 26, Dimitri John Ledkov wrote: > > > Is it possible to rewrite the code to only use perl-base? without the > > full perl? > Probably it would not be too hard to reimplement what File::Find::Rule > does and remove these dependencies. May

Bug#985962: spamassassin: arbitrary code execution via malicious rule configuration files

Source: spamassassin Version: 3.4.2-1+deb10u2 Severity: grave Tags: security patch upstream Justification: user security hole X-Debbugs-Cc: Debian Security Team CVE-2020-1946 Quoting from https://www.openwall.com/lists/oss-security/2021/03/24/3 : In Apache SpamAssassin before 3.4.5, maliciou

Bug#980963: dpkg: Please add ARC architecture

On 3/4/21 3:56 PM, Vineet Gupta wrote: >> Also just to make sure, the GNU triplets are: >> >>    arc-linux-gnu >>    arceb-linux-gnu >> No ABI modifiers (stuff like “eabi”) for the libc part (“gnu“) right? > > Actually it seems we are missing hardfloat here: ARC glibc/gcc support > it very well an

Bug#985961: RFP: elpa-ednc -- Emacs Desktop Notification Center

Package: wnpp Severity: wishlist X-Debbugs-Cc: debian-emac...@lists.debian.org * Package name: elpa-ednc Version : 0.1 Upstream Author : Simon Nicolussi * URL : https://github.com/sinic/ednc * License : GPL-3+ Programming Lang: Emacs-Lisp Description :

Bug#981088: pacemaker: crm shell can't be executed due to a library error

I'm dropping the bug submitter from CC because I believe the discussion is no longer relevant for him. Am Freitag, den 26.03.2021, 21:08 +0100 schrieb wf...@niif.hu: > Markus Koschany writes: [...] > > Yes, exactly. There should be a versioned dependency on > > pacemaker-cli-utils. > > What kind

Bug#985957: usrmerge has 47.3MB of dependencies

On Mar 26, Dimitri John Ledkov wrote: > Is it possible to rewrite the code to only use perl-base? without the > full perl? Probably it would not be too hard to reimplement what File::Find::Rule does and remove these dependencies. Maybe by running find(1). > Or maybe even pure dash or C? Hard to

Bug#985960: debci: ANSI codes passed through the web interface

Package: debci Severity: normal Hi! We generally expect build/autopkgtest log output to be plain text -- but a lot of new-fangled build/test systems decorate it with colors. Also, optimizing long runs of spaces into horizontal cursor movement is not unheard of. Such pretty-printing got more popu

Bug#981088: pacemaker: crm shell can't be executed due to a library error

Markus Koschany writes: > Am Freitag, den 26.03.2021, 16:37 +0100 schrieb wf...@niif.hu: > >> Thorsten Rehm writes: >> >>> In my opinion the crmsh package should be more strict with the >>> pacemaker-cli-utils package >> >> Sorry for not looking into this sooner. What do you mean by being >>

Bug#985670: CVE-2020-27781 CVE-2020-27839

On 3/25/21 7:11 PM, Salvatore Bonaccorso wrote: > Source: ceph > Source-Version: 14.2.18-1 > > On Mon, Mar 22, 2021 at 11:17:02AM +0100, Moritz Muehlenhoff wrote: >> On Mon, Mar 22, 2021 at 10:11:29AM +0100, Thomas Goirand wrote: >>> On 3/21/21 7:59 PM, Moritz Muehlenhoff wrote: Package: ceph

Bug#985958: [pre-approval] unblock: spip/3.2.11-2

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package spip [ Reason ] Upstream just released a new minor version to improve PHP 7.4 compat (latest version already improved PHP 7.3 compat). Since Bullseye ship with PHP 7.

Bug#985959: calibre: please mark autopkgtest as superficial

Source: calibre Version: 5.14.0+dfsg-1 Severity: important X-Debbugs-CC: debian...@lists.debian.org User: debian...@lists.debian.org Usertags: issue Hi Maintainer, Your package has an autopkgtest, great. However, I noticed that the test coverage is very limited. Because of the way the results of

Bug#985957: usrmerge has 47.3MB of dependencies

Package: usrmerge Version: 23 Severity: important Dear Maintainer, In minimal chroot/container scenarios usrmerge has a huge amount of dependencies, doubling the total size of the container. # apt install usrmerge --no-install-recommends Reading package lists... Done Building dependency tree...

Bug#788176: diodon logs copious sensitive information to zeitgeist and does not clear it

Thanks Sam for reporting this. This is actually not fully related to the original report of this issue as it is a bug that `Clear` method does not completely remove clipboard content from the Zeitgeist database as I agree it really should. As discussed on the upstream issue [0] I will look into t

Bug#985935: Actual debdiff

Hi The correct debdiff is attached. Regards, Salvatore diff -Nru ldb-2.2.0/debian/changelog ldb-2.2.0/debian/changelog --- ldb-2.2.0/debian/changelog 2020-11-18 20:33:02.0 +0100 +++ ldb-2.2.0/debian/changelog 2021-03-26 19:52:18.0 +0100 @@ -1,3 +1,17 @@ +ldb (2:2.2.0-3.1) unstab

Bug#985935: ldb: diff for NMU version 2:2.2.0-3.1

Control: tags 985935 + patch Control: tags 985935 + pending Control: tags 985936 + patch Control: tags 985936 + pending Hi Mathieu and Debian Samba maintainers, I've prepared an NMU for ldb (versioned as 2:2.2.0-3.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it l

Bug#985956: Installation Report - Bullseye 2021-03-15

Package: installation-reports Boot method: SSD built with Rufus using this installation guide: https://www.raspberrypi.org/forums/viewtopic.php?f=50&t=282839 Image version: Debian 11 ARM64 net install ISO Debian-testing-arm64-netinst.iso 2021-03-15 04:03 Date: 2021-03-

Bug#985955: fscrypt reports of bad pam configuration

Package: fscrypt Version: 0.2.9-1+b2 Severity: important Dear Maintainer, both stable and unstable versions of fscrypt does not work at all both of them report same error when I try to setup encrypted directory [ERROR] fscrypt encrypt: user keyring for "kudrale" is not linked into the session ke

Bug#985858: Fails to start with seccomp violation (eventfd2)

hey, if you don't mind please go ahead. Thank you!

Bug#985931: golang-github-aryann-difflib-dev --

Hi, Am 26.03.21 um 18:48 schrieb Nilesh Patra: Hi, As I said on debian-go@l.d.o [1] as well, the name of the source package should "NOT" have -dev suffxed however, binary package "must" have -dev suffixed Ah, thanks, I got the -dev suffix thing mixed up quite a bit :D please fix your debia

Bug#985954: libvirt: [alpha guest] IDE controllers are unsupported for this QEMU binary or machine type

Package: libvirt0 Version: 7.0.0-3 Severity: normal X-Debbugs-Cc: t...@mirbsd.de libvirt pretends Alpha guests don’t use IDE: Unable to complete install: 'unsupported configuration: IDE controllers are unsupported for this QEMU binary or machine type' Traceback (most recent call last): File "

Bug#985953: tracker-store: tracker-store consumes 100% of one core permanently

Package: tracker Version: 2.3.6-2 Severity: important File: tracker-store Dear Maintainer, Since few days tracker-store consumes 100% of one core permanently. tracker status returns that all indexations are done. LANG=C tracker status Currently indexed: 20624

Bug#985931: golang-github-aryann-difflib-dev --

control: retitle -1 ITP: golang-github-aryann-difflib -- go library for diffing two sequences of text Hi, As I said on debian-go@l.d.o [1] as well, the name of the source package should "NOT" have -dev suffxed however, binary package "must" have -dev suffixed -- please fix your debian/ dir accor

Bug#985952: quota: quota.service is installed disabled and needs After=local-fs.target

Package: quota Version: 4.04-2+deb10u1 Architecture: amd64 Severity: normal Tags: patch X-Debbugs-CC: d.fil...@web.de I created a new filesystem and specified to use quota in /etc/fstab, but didn't run quotacheck -c as I expected this to happen anyway on reboot. However, systemd's unit quotaon.se

Bug#985951: upnp-router-control: New upstream version since February 2021

Package: upnp-router-control Version: 0.2-1.2+b1 Severity: minor Tags: upstream X-Debbugs-Cc: pitsior...@gmail.com Dear Maintainer, Earlier, I noticed that upnp-router-control was removed from the repo 1+ year ago. I had installed it a couple of years ago in order to troubleshoot some connection

Bug#985825: do not remove useful packages due to political issues, please

On Fri, Mar 26, 2021 at 04:14:14AM +0100, Matija Nalis wrote: > After all, we still have several "reiserfs" named packages in Debian > main, and one should well argue that Hans Reiser actions were much bigger > atrocity than RMS-based one. thank you for that input! > Perhaps check-dfsg-status mi

Bug#985946: patch proposal

Here is a patch proposal which fixes the build. The patch header details the issue and the possible workaround. Regards, F. --- a/buildit.bash +++ b/buildit.bash @@ -156,6 +156,9 @@ CPU="i386" fi TARGET="$CPU-$OS" +if [ "$CPU" = "powerpc64le" ]; then +CPU="powerpc64" +fi CheckFPC Ch

Bug#985950: network-console: Should tell user to disable public key auth when having too many ssh private keys

Package: network-console Severity: normal Tags: d-i Hi, I had trouble connecting to the installer because my ssh client was trying to authenticate using all of my ssh private keys before password auth. As i had too many keys, this lead to a "Too many authentication failures" message followed by

Bug#985173: pacemaker-resource-agents: missing Breaks+Replaces: pacemaker (<< 2)

Hi Andreas, Sorry for not responding sooner, some mail forwarding problem intervened. Looks like there's another serious problem with the security upload breaking the buster upgrade path, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981088. I haven't asked the Security Team yet, but if

Bug#923500: (No Subject)

Hi, I upgraded snapd from the stable channel today. It does seem as if more confinement is now activated because of an error I am now getting with bitcoin-core. The error is Error: Unable to open settings file /home/user/.bitcoin/settings.json.tmp for writing. I checked the permissions with the sn

Bug#985949: chromium keeps vsyncing to 48Hz

Package: chromium Version: 89.0.4389.90-1 Severity: normal X-Debbugs-Cc: raibo.quadro...@gmail.com Dear Maintainer, First, I am not sure if this is the correct way to report. As this is possibly an upstream issue? However some places seam to suggest reporting even standard bugs to distro bugtrack

Bug#985948: libubootenv-tool: Debug lines from fw_printenv break RAUC

Package: libubootenv-tool Version: 0.3-1 Severity: grave Hello, there are compatibility problems with RAUC and the libubootenv-tool package. RAUC requires the fw_setenv and fw_printenv utilites to interact with the u-boot-environment. After Installing the libubootenv-tool package to get fw_prin

Bug#981088: pacemaker: crm shell can't be executed due to a library error

Hello Feri, Am Freitag, den 26.03.2021, 16:37 +0100 schrieb wf...@niif.hu: > Control: reassign -1 libpe-status10 1.1.24-0+deb9u1 > Control: severity -1 serious > > Thorsten Rehm writes: > > > In my opinion the crmsh package should be more strict with the > > pacemaker-cli-utils package > > Sor

Bug#985947: CVE-2021-28543

Package: varnish-modules Severity: grave Tags: security X-Debbugs-Cc: Debian Security Team https://varnish-cache.org/security/VSV6.html Patch: https://github.com/varnish/varnish-modules/commit/2c120e576ebb73bc247790184702ba58dc0afc39 Cheers, Moritz

Bug#955208: [Pkg-rust-maintainers] Bug#955208: Bug#955208: Bug#955208: rustc: rustup is not available on Debian

Ah fair enough. Thanks for the additional detail. Lack of signature checking is a bit annoying. It seems they have an open issue about it: https://github.com/rust-lang/rustup/issues/2028 X Matt Corallo: > I was just trying to ensure that the trust chain was correct here as some of > the earlie

Bug#985946: tomboy-ng: FTBFS on ppc64el

Package: src:tomboy-ng Version: 0.32-1 Control: tags -1 ftbfs -- Dear maintainer, tomboy fails to build on ppc64el : https://buildd.debian.org/status/fetch.php?pkg=tomboy-ng&arch=ppc64el&ver=0.32-1&stamp=1612358331&raw=0 Regards, F. signature.asc Description: PGP signature

Bug#981088: pacemaker: crm shell can't be executed due to a library error

Control: reassign -1 libpe-status10 1.1.24-0+deb9u1 Control: severity -1 serious Thorsten Rehm writes: > In my opinion the crmsh package should be more strict with the > pacemaker-cli-utils package Sorry for not looking into this sooner. What do you mean by being "more strict"? Does crmsh req

Bug#985942: kodi: Cannot shutdown computer from kodi

Hi Libor! > Since this week (i think), I cannot shutdown/restart computer from kodi. Please attach kodi.log in private message (to avoid hostname / IP exposure) & also /var/log/{apt,dpkg}/*.log Lets see what has broken upowerd. --  Vasyl Gello == C

Bug#959022: cgroup-tools: does not work in cgroup2 / unified hierarchy

Control: forwarded -1 https://github.com/libcgroup/libcgroup/issues/12 Control: tags -1 + upstream On Tue, 28 Apr 2020 15:22:35 +0900 Ryutaroh Matsumoto wrote: > Package: cgroup-tools > Version: 0.41-10 > Severity: normal > Tags: wontfix > User: pkg-systemd-maintain...@lists.alioth.debian.org >

Bug#985945: ITP: nthash -- recursive hash function for hashing all possible k-mers in a DNA/RNA sequence

Package: wnpp Severity: wishlist Owner: Nilesh Patra X-Debbugs-Cc: debian-de...@lists.debian.org, nil...@debian.org * Package name: nthash Version : 2.2.0-1 Upstream Author : Hamid Mohamadi * URL : https://github.com/bcgsc/ntHash * License : Expat Programming

Bug#985944: reportbug: Multiple headphones mic's usb or stereo ports not working.

Package: reportbug Version: 7.10.3 Severity: important X-Debbugs-Cc: lesleyjad...@gmail.com Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? Upgrade the linux kernel and the new kernel broke the external mic input

Bug#955208: [Pkg-rust-maintainers] Bug#955208: Bug#955208: rustc: rustup is not available on Debian

I was just trying to ensure that the trust chain was correct here as some of the earlier comments seemed confused - unlike most other things that install software in $HOME, rustup doesn't fetch source (and optionally compile it), it just fetches binaries from the same source that provides rustup

Bug#985943: buster-pu: package node-hosted-git-info/2.7.1-1+deb10u1

Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: pkg-javascript-de...@lists.alioth.debian.org [ Reason ] node-hosted-git-info is vulnerable to RegExp Denial of Service [ Impact ] Medium security risk [ Tests ] Upstr

Bug#985942: kodi: Cannot shutdown computer from kodi

Package: kodi Version: 2:19.0+dfsg1-1 Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Dear Maintainer, after few weeks running kodi on bullseye, shutting down computer from kodi stopped working. I run kodi from ~/.xsession using autologin in lightdm autogreeter, using dedicate

Bug#955208: [Pkg-rust-maintainers] Bug#955208: Bug#955208: rustc: rustup is not available on Debian

Not sure what your purpose is with your comment. Nobody is asking you to package it. If somebody else wants to, this doesn't affect you, you don't have to install it. Packaging 3rd party software in general gives the user a trust chain from Debian trust keys to that software, rather than e.g. v

Bug#788176: diodon logs copious sensitive information to zeitgeist and does not clear it

I had a look in my zeitgeist activity.sqlite just now, and found 526MB of "activity" stored in the clear, including a whole lot of information which I do not want to be logged: at least three of my main passwords including my main server password, URLs of porn I have downloaded, whole files and

Bug#985659: petsc3.14-doc: broken symlinks: /usr/share/doc/petsc3.14-doc/html/_static/*.js -> ../../../../sphinx/themes/basic/static/*.js

Source: petsc Followup-For: Bug #985659 Yeah, the sphinx/dh_sphinxdoc infrastructure seems somewhat flakey (and we really need someone to help reinvigorate mathjax) lintian is particularly unhelpful about it, complaining one way about sphinx dependencies, then when you make the suggested change i

Bug#985941: libcgicc3: wrong file length if file upload via POST as "multipart/form-data"

Package: libcgicc3 Version: 3.2.19-0.2 Severity: normal Dear Maintainer, * What led up to the situation? If you upload a file via POST as "multipart/form-data" to a C++ program compiled with libcgicc3, the transmitted file length is 2 bytes too short. * What exactly did you do (or not

Bug#985940: appstream-glib: fails to validate appdata starting with non-ascii characters

Source: appstream-glib Severity: normal Dear Maintainer, while running reprotest on salsa CI my package chatty [0] failed to build during the locale variation with the russian locale [1]. It has been pointed out to me that non-ascii characters are not handled correctly when it comes to checking

Bug#984394: vlc: ftbfs with GCC-11

Control: tags -1 fixed-upstream upstream On 2021-03-03 16:18:29, Matthias Klose wrote: > Package: src:vlc > Version: 3.0.12-2 > Severity: normal > Tags: sid bookworm > User: debian-...@lists.debian.org > Usertags: ftbfs-gcc-11 > > [This bug is not targeted to the upcoming bullseye release] > > P

Bug#985939: ITP: wiredpanda -- logic circuits simulator

Package: wnpp Severity: wishlist Owner: Sudip Mukherjee X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: wiredpanda Version : v3.0.0 Upstream Author : Davi Morales, Fábio Cappabianco, Lucas Lellis, Rodrigo Torres and Vinícius Miguel * URL : https://github.c

Bug#985927: uif: fails to start since iptables have been relocated to /usr/sbin/

Package: uif Version: 1.1.9-2 Severity: grave The uif script fails to load on systems with still separate /(s)bin and /usr/(s)bin folders. The iptables executables have recently beem moved from /sbin/ to /usr/sbin/. The uif init script and the uif Perl script both have those /sbin/ locati

Bug#985925: uif: won't start up, if the mail command is missing on the system

Package: uif Severity: important Version: 1.1.9-2 On a freshly installed desktop machine (i.e. one without so many network services), I just discovered that the uif service refuses to start if the mail command is not installed. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Ecke

Bug#985938: syncthing-discosrv: cannot set more than one option in STDISCOSRV_OPTS variable

Package: syncthing-discosrv Version: 1.0.0~ds1-1+b11 Severity: normal Tags: patch Dear Maintainer, In file syncthing-discosrv.service the variable STDISCOSRV_OPTS is written with braces and this prevents setting more than one startup option because they are passed to stdiscosrv as a single option

Bug#985937: RFS: p4c/1.2.0+g202103261112~c8d09d-1 [ITP]

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "p4c ": * Package name: p4c Version: 1.2.0+g202103261112~c8d09d-1 Upstream Author: * URL: https://github.com/p4lang/p4c

Bug#985935: ldb: CVE-2021-20277

Source: ldb Version: 2:2.2.0-3 Severity: grave Tags: security upstream Justification: user security hole Forwarded: https://bugzilla.samba.org/show_bug.cgi?id=14655 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for ldb. CVE-2021-20277[0]: |

Bug#985936: ldb: CVE-2020-27840

Source: ldb Version: 2:2.2.0-3 Severity: grave Tags: security upstream Justification: user security hole Forwarded: https://bugzilla.samba.org/show_bug.cgi?id=14595 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for ldb. CVE-2020-27840[0]: |

Bug#931785: release-notes: bullseye: security suite renamed to bullseye-security (from buster/updates)

Justin B Rye wrote: > It looks good, but I'd just made a note to myself that we might also > want to mention this in upgrading.dbk where it discusses editing APT > sources. Hoping to send in some patches tomorrow. Better late than never. -- JBR with qualifications in linguistics, experience

Bug#985931: golang-github-aryann-difflib-dev --

Oh, I am sorry. Seems i did not include ITP in the subject line. Looking into fixing that OpenPGP_signature Description: OpenPGP digital signature

Bug#984938: avahi-daemon: local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket

I have requested a CVE through Red Hat. I'm proposing a patch upstream[1]. Additional details about the flaw at [2]. [1] https://github.com/lathiat/avahi/pull/330 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1939614#c3 Thanks, -- Riccardo Schirone Red Hat -- Product Security Email: rschi...@

Bug#985934: chromium: Built in update feature appears to be enabled

Package: chromium Version: 89.0.4389.82-1 Severity: important Tags: security I got an orange "Update" prompt near the omnibar today, as usual when a separately packaged Chrome installation wants to update itself. But this is not expected behaviour from the Debian packaged Chromium. I tried clickin

Bug#985933: RFS: p4lang-pi/0.1.0+g202103250946~827907-1 [ITP]

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "p4lang-pi ": * Package name: p4lang-pi Version: 0.1.0+g202103250946~827907-1 Upstream Author: Antonin Bas mailto:anto...@barefootnetworks.com>> * URL:

Bug#985932: openstack-trove should not be included in Bullseye

Package: openstack-trove Version: 1:13.0.0-1 Severity: serious Hi, I never really tried Trove myself, and therefore, I would prefer if it was not part of Bullseye. It will still be available from the unofficial repository of OpenStack (osbpo.debian.net, accessible with extrepo). Cheers, Thomas

Bug#985339: nauty: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

Hi Andreas, On 2021-03-25 09:39, Andreas Beckmann wrote: > On 24/03/2021 22.59, Andrius Merkys wrote: >> However, I am not sure how to proceed next. In principle I could tinker >> with maintscripts, but I am not sure how to instruct piuparts to pick my >> .deb instead of what is already present in

Bug#985931: golang-github-aryann-difflib-dev --

Package: wnpp Severity: wishlist Owner: Peymaneh Nejad * Package name: golang-github-aryann-difflib-dev Version : 0.0~git20170710.e206f87-1 Upstream Author : Aryan Naraghi * URL : https://github.com/aryann/difflib * License : Expat Programming Lang: Go De

Bug#930099: pyxdg: CVE-2019-12761

On Sun, 18 Oct 2020 15:02:50 +0200 Salvatore Bonaccorso wrote: close 930099 0.26-1 Should this be fixed in stretch and buster, too? Right now jessie-lts has a higher version than stretch(-lts), "breaking" upgrades. pyxdg | 0.25-4| jessie | source pyxdg | 0.25-4

Bug#985914: xdg-desktop-portal-kde: should be Multi-Arch: foreign, so it satisfies steam:i386 Recommends

Control: retitle -1 xdg-desktop-portal-kde: should be Multi-Arch: foreign, so it satisfies steam:i386 Recommends Control: reassign -1 xdg-desktop-portal-kde Control: affects -1 + steam Control: tags -1 + patch On Thu, 25 Mar 2021 at 17:49:42 -0500, Boyd Stephen Smith Jr. wrote: > steam:i386 has a

Bug#985930: duplicate lines in symbols files

Package: src:gpsd Version: 3.22-2 it looks like there are many duplicate lines in symbols files.

Bug#985929: lavacli: Provide an updated lavacli for buster

Package: lavacli Version: 0.9.5-1 Severity: wishlist Dear Maintainer, The lavacli tool has some useful fixes in latest versions (I'm especially interested in the credential leaks that have been fixed in https://git.lavasoftware.org/lava/lavacli/-/commit/72b98993348861132f0fd59238d94b1f5fa0d0c6 )

Bug#981166: support origin pins based on path

Quack, Sorry for the lag. On 2021-01-27 21:01, Julian Andres Klode wrote: So effectively, what you are asking for is to allow origin to pin based on the path, not just the hostname, like we allow for apt_auth.conf. I need to way to securely restrict sources, so that a custom source for a ha

Bug#892058: Your Debian key is expiring

Hello Felix, El 23/03/21 a las 12:47, Felix Lechner escribió: ... > Please keep in mind that the Debian folks in charge of the keyring > update it only once a month. That usually happens on the 24th of each > month. It it just a few days away. > > If you like this service, please leave a favorabl

Bug#985926: bind9: cannot create /run/named

Hi Marc, is there anything wrong with your systemd-tmpfiles? $ cat /usr/lib/tmpfiles.d/named.conf d /run/named 0775 root bind - - Ondrej -- Ondřej Surý (He/Him) ond...@sury.org > On 26. 3. 2021, at 9:19, Marc Dequènes (duck) wrote: > > Package: bind9 > Version: 1:9.16.11-2~bpo10+1 > > Quack,

Bug#934206: buster-pu: package golang-github-docker-docker-credential-helpers/0.6.1-2+deb10u1

On Fri, Mar 26, 2021 at 09:12:08AM +0100, Salvatore Bonaccorso wrote: > Hi Arnaud, > > On Fri, Jul 31, 2020 at 10:20:12AM +0200, Salvatore Bonaccorso wrote: > > Hi, > > > > On Mon, Mar 30, 2020 at 10:08:50PM +0100, Adam D. Barratt wrote: > > > Hi, > > > > > > On Sat, 2019-10-12 at 11:41 +0200, J

Bug#945578: buster-pu: package libapache2-mod-auth-openidc/2.3.10.2-1

Hi Moritz, On Fri, Jul 31, 2020 at 10:25:13AM +0200, Salvatore Bonaccorso wrote: > Hi Moritz, > > On Tue, Jan 28, 2020 at 10:43:25PM +, Adam D. Barratt wrote: > > Control: tags -1 + confirmed > > > > On Wed, 2019-11-27 at 11:18 +0100, Moritz Schlarb wrote: > > > Fixes CVE-2019-14857 (Open re

Bug#985926: bind9: cannot create /run/named

Package: bind9 Version: 1:9.16.11-2~bpo10+1 Quack, I got these errors at startup: Mar 26 08:51:46 Orfeo named[14057]: couldn't mkdir '/run/named': Permission denied Mar 26 08:51:46 Orfeo named[14057]: generating session key for dynamic DNS Mar 26 08:51:46 Orfeo named[14057]: couldn't mkdir '/r

Bug#983110: buster-pu: package ipmitool/1.8.18-6 (CVE-2020-5208)

Hi Thomas, On Wed, Mar 17, 2021 at 07:01:35PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sat, 2021-02-20 at 22:43 +0100, Thomas Goirand wrote: > > On 2/19/21 8:38 PM, Salvatore Bonaccorso wrote: > > > Thanks for preparing this update! For the buster update, please > > > a

Bug#985924: pmacct FTCBFS: fails finding mysql

Source: pmacct Version: 1.7.6-2 Tags: patch upstream User: debian-cr...@lists.debian.org Usertags: ftcbfs pmacct fails to cross build from source, because it uses mysql_config and mysql_config fundamentally cannot be made to work during cross builds. A better solution is pkg-config and that actual

Bug#941901: buster-pu: package octavia/3.0.0-3

Hi, On Sun, Nov 10, 2019 at 05:08:54PM +0100, Thomas Goirand wrote: > On 11/9/19 2:31 PM, Adam D. Barratt wrote: > > Control: tags -1 + confirmed > > > > On Mon, 2019-10-07 at 14:35 +0200, Thomas Goirand wrote: > >> Since Buster was frozen, I worked quite a long time on Octavia, and > >> was > >>

Bug#934206: buster-pu: package golang-github-docker-docker-credential-helpers/0.6.1-2+deb10u1

Hi Arnaud, On Fri, Jul 31, 2020 at 10:20:12AM +0200, Salvatore Bonaccorso wrote: > Hi, > > On Mon, Mar 30, 2020 at 10:08:50PM +0100, Adam D. Barratt wrote: > > Hi, > > > > On Sat, 2019-10-12 at 11:41 +0200, Julien Cristau wrote: > > > Control: tag -1 - moreinfo > > > Control: tag -1 + confirmed

Bug#985895: Any volunter to write a test for bamclipper?

On Fri, 26 Mar 2021 at 02:48, Andreas Tille wrote: > I'll do so for every package I'm touching and would have probably done > soon for this package. However, what I would love even more if someone > would fix inject-into-salsa-git to approach this automatically. > I wonder if there is a central