Hi everyone,
First of all thank you for creating this RFP Antoine! I might be biased
when I say this, but I think auto-cpufreq definitely deserves and should be
available in Debian repos. There's even a long standing auto-cpufreq issue
(feature request) to create a Debian package for it:
https://g
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: el...@packages.debian.org
Control: affects -1 + src:eliom
Dear FTP Team,
eliom FTBFS on armhf buildds, and I cannot reproduce locally in a
chroot (with pbuilder and sbuild) (using qemu
Package: sponsorship-requests
Severity: normal
Dear mentors,
I am looking for a sponsor for my package "kcollectd":
* Package name : kcollectd
Version : 0.12.1-1
Upstream contact : Antonio Russo
* URL : https://www.antonioerusso.com/projects/kcollectd
* Licens
Source: golang-ginkgo
Version: 1.16.5-4
Severity: serious
golang-ginkgo is failing to migrate to testing, because it dropped the
transitional package golang-ginkgo-dev, which makes a lot of golang
packages uninstallable, because they haven't migrated to the new
package golang-github-onsi-ginkgo-de
Hello,
On Tue, 26 Sep 2023 06:54:43 +0200 Salvatore Bonaccorso
wrote:
> The next point release is scheduled on 7th October, meaning that the
> kernel needs to be uploaded to the stable-proposed-updates queue the
> weekend before (and testing from there would be very welcome).
I can confirm th
Package: wnpp
Severity: wishlist
X-Debbugs-Cc: Adnan Hodzic
* Package name: auto-cpufreq
Version : 2.0.0
Upstream Contact: Adnan Hodzic
* URL : https://github.com/AdnanHodzic/auto-cpufreq
* License : LGPL-3
Programming Lang: Python
Description : Automa
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
As requested by the security team, I would like to bring the microcode
update level for AMD64 processors in Bullseye and Bookworm to match what
we have in Sid and Trixi
Package: ghdl-llvm
Version: 3.0.0+dfsg-1
Severity: important
ghdl-llvm has become unusable with 3.0.0+dfsg-1. Running ghdl-llvm
immediately aborts with the message:
/usr/bin/ghdl-llvm:error: installation problem: ghdl1-llvm not found
According to build logs, the testsuite for the LLVM build al
Source: libffi-platypus-perl
Severity: normal
Tags: ftbfs
Dear Maintainer,
Various integer tests fail. See build log:
https://buildd.debian.org/status/fetch.php?pkg=libffi-platypus-perl&arch=hppa&ver=2.08-1&stamp=1696034524&raw=0
More details are available in this upstream issue:
https://github
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
As requested by the security team, I would like to bring the microcode
update level for AMD64 processors in Bullseye and Bookworm to match what
we have in Sid and Trixi
Hello Patrice,
>Here is a suggested patch for this.
for this what? Is there a problem with the watch file,
other than the usual github changed their links one?
I’ve had a fix for the latter in another package of mine
for a long time already but hadn’t had uploaded polyphone
yet. I guess I should
Source: libzypp
Version: 17.31.15-1
Severity: serious
Tags: ftbfs
https://buildd.debian.org/status/logs.php?pkg=libzypp&arch=mips64el
https://buildd.debian.org/status/logs.php?pkg=libzypp&arch=riscv64
https://buildd.debian.org/status/logs.php?pkg=libzypp&arch=alpha
...
87: Test command:
/<>/obj-
Package: cron
Version: 3.0pl1-175
I am using a dark desktop theme. Problem is, since #813614 the output
of crontab -l is unreadable due to lack of contrast, esp. the comment
lines. Apparently crontab -l changes the foreground color to dark blue,
but ignores the background color provided by the te
I have fixed this in git by building the Xaw backend.
As I am not very familiar with xboard, can somebody please verify
that one can still use it in all the ways as the gtk version?
>@10dmar10
>Do you have lxapperance-obconf installed too? If yes, have you tried removing
>it?
lxapperance and lxapperance-obconf are installed on my system as a
required dependency of lxde.
Removing lxapperance-obconf would break lxde, I would prefer not to do that...
>And if possible, please op
Package: lxappearance-obconf
Version: 0.2.3-2
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: 10dma...@gmail.com
Hi,
it seems since the last upgrade from 0.2.3-1 to 0.2.3-2 this package is
causing a segfault in lxappearance.
see also:
attached gdb backtrace text fil
Control: retitle -1 qtremoteobjects-everywhere-src: FTBFS:
tst_usertypes::extraPropertyInQml2() fails
Control: severity -1 important
Control: tags -1 + unreproducible
Hi Lucas!
On Tue, Sep 26, 2023 at 02:38:35PM +0200, Lucas Nussbaum wrote:
> Source: qtremoteobjects-everywhere-src
> Version: 5.1
Package: tripwire
Version: 2.4.3.7-4+b9
Severity: important
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Dear Maintainer,
The latest version of tripwire segfaults during a run. I've taken an
strace, but it's over a Gb lond, and still over 100 Mb when tarred and
feathered. I'll try and attach
Hello!
Please excuse me for writing a mail about this bug as a non-Debian developer.
I had read on a problem with the GnuPG2 package (#1033155) that Daniel is on
the LowThresholdNmu list.
If I understood it correctly, there is already a patch for this bug. So could
such a non-maintainer upload be
X-Debbugs-CC: Phil Chadwick
Control: tag -1 moreinfo
I cannot reproduce this with 2.4-7 under xorg: xcb behaves as
expected.
You state that you use the "standard bookworm Gnome desktop" which
should be using Wayland. Are you under Wayland? Because if so then I
suspect the behaviour you observe
Package: platformio
Version: 4.3.4-3
Severity: grave
Justification: renders package unusable
Forwarded: https://github.com/platformio/platformio-core/issues/4075
X-Debbugs-Cc: onit...@gmail.com
Dear Maintainer,
The current version of PlatformIO in Debian no longer works with python3-click
due to
Source: xrdp
Version: 0.9.21.1-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for xrdp.
CVE-2023-42822[0]:
| xrdp is an open source remote desktop protocol server. Access to the
| font glyphs in x
Source: matrix-synapse
Version: 1.92.0-3
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerabilities were published for matrix-synapse.
CVE-2023-42453[0]:
| Synapse is an open-source Matrix homeserver written and maintained
Source: node-postcss
Version: 8.4.20+~cs8.0.23-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for node-postcss.
CVE-2023-44270[0]:
| An issue was discovered in PostCSS before 8.4.31. It affects li
Package: src:linux
Version: 6.5.3-1
Severity: important
X-Debbugs-Cc: kurom...@stodwa.org
Dear Maintainer,
* What is the issue?
When I cold boot my Intel NUC12SNKi72, boot process of my Debian sid hangs at
Loading initial ramdisk
EFI stub: Loaded initrd from LINUX_EFI_INITRD_MEDIA_GUID devic
Package: sponsorship-requests
Severity: normal
Dear mentors,
I am looking for a sponsor for my package "gsimplecal":
* Package name : gsimplecal
Version : 2.5.1-1
Upstream contact : https://github.com/dmedvinsky/gsimplecal/issues
* URL : https://dmedvinsky.githu
Hi,
Thanks for reporting issues you encounter.
On 29-09-2023 09:47, Paul Seyfert wrote:
I upgraded liferea and liferea-data 1.15.2-1 → 1.15.3-1, along with a
bunch of other updates (e.g. libwebkit2gtk 2.40.5-1 → 2.42.0-1)
Stupid question maybe: did you restart liferea since the upgrade?
The
Recent patch:
*
https://gitlab.com/axet/homebin/-/blob/debian/dbuild.d/bookworm/devscripts/mk-build-deps.patch
Also devscripts failed to build without:
*
https://gitlab.com/axet/homebin/-/blob/debian/dbuild.d/bookworm/devscripts/build.patch
-- AK
tags 999649 + pending
thanks
Fixed with commit: https://salsa.debian.org/science-team/ckon/-/commit/45cf9dd5f
Hi Christian,
On 30.09.23 19:02, Christian T. Steigies wrote:
I did not find this file (because I don't have a full install), but I think
the filename should be cupsd.conf instead of cupds.conf.
oops, thanks for telling. You are right, the correct name would have
been cupsd.conf
Thorsten
Screenshot attached
--
see shy jo
signature.asc
Description: PGP signature
Package: firefox
Version: 118.0-1
Severity: normal
toolkit/components/translations/fasttext/fasttext_wasm.js is 100+ kb of
minified js. There is no other source code. AFAIK this is not acceptable
in a Debian package.
https://firefox-source-docs.mozilla.org/toolkit/components/translations/resource
Package: firefox
Version: 118.0-1
Severity: normal
Firefox has a new offline translation capability in version 118.
Step one of that is determining the language used in a web page.
It uses https://fasttext.cc/ to acomplish that.
I have experimentally verified that firefox is able to detect the
l
Control: tags -1 confirmed
On Fri, 2023-09-29 at 17:37 +0400, Yadd wrote:
> Two new vulnerabilities have been dicovered and fixed in lemonldap-
> ng:
> - an open redirection only when configuration is edited by hand and
>doesn't follow OIDC specifications
> - a server-side-request-forgery (C
Control: tags -1 confirmed
On Fri, 2023-09-29 at 08:35 +0200, Birger Schacht wrote:
> The terminal emulator foot contains a vulnerability. The issue is
> that, if an XTGETTCAP escape sequence printed to the terminal
> contains newline characters, foot will echo the newline characters
> back into t
Control: tags -1 confirmed
On Fri, 2023-09-29 at 17:45 +0400, Yadd wrote:
> Two new vulnerabilities have been dicovered and fixed in lemonldap-
> ng:
> - an open redirection due to incorrect escape handling
> - an open redirection only when configuration is edited by hand and
>doesn't follow
Package: libcups2
Version: 2.2.10-6+deb10u9
Severity: minor
Dear Maintainer,
I don't seem to have a full CUPS install on this old machine, but libcups2
got updated and displayed the NEWS file with this line:
"Please double check your /etc/cups/cupds.conf file"
I did not find this file (because
Control: tags -1 confirmed
On Sat, 2023-09-30 at 20:46 +0800, Carlos Henrique Lima Melara wrote:
> Vulnerabilities were discovered and reported to Curl upstream [1][2]
> with the
> following CVE IDs:
>
> - CVE-2023-28321
> - CVE-2023-28322
>
Please go ahead.
Regards,
Adam
Package: polyphone
Version: 2.2.0.20210109+dfsg1-3
Severity: minor
Dear Maintainer,
Here is a suggested patch for this.
Thanks,
Patrice
-- System Information:
Debian Release: trixie/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1,
'experimental-de
On Mon, 28 Aug 2023 at 06:05:57 +, Gayathri Berli wrote:
> Unfortunately, we are encountering an issue with the chroot as followed.
> [an attached screenshot of some text]
For reference, the attached image was a screenshot of a terminal with
approximately this text (might contain mistakes, I a
On Sun, 18 Jun 2023 at 15:58:10 +0200, John Paul Adrian Glaubitz wrote:
> TIL about debbisect. I can try to bisect this on big-endian PowerPC,
> I have root on multiple big-endian machines.
Were you able to do this?
Thanks,
smcv
Hello, this has been fixed. Can you unblock canu from running on the CI
infrastructure?
Thanks,
I don't think disabling LTO is the correct solution here.
At least, view3dscene 4.2.0-2 still FTBFS in Ubuntu with:
/usr/bin/ld.bfd: -f may not be used without -shared
Please consider the patch that was applied in Ubuntu [1], which
filters out -ffat-lto-objects from LDFLAGS.
--- a/debian/rules
+
Package: devscripts
Version: 2.23.4
Severity: normal
Dear Maintainer,
the script copy Build-Depends into Depends. But those are not the same
fields. Build-Depends parsed differently by apt then Depends. For most
cases it is the same. But when you specify Build-Depends as for example
python3-m
Source: ont-fast5-api
Version: 4.1.1+dfsg-2
Severity: serious
Justification: debci
h5py 3.9.0 is triggering an error ont-fast5-api debci tests,
https://ci.debian.net/data/autopkgtest/testing/amd64/o/ont-fast5-api/38279479/log.gz
33s ERROR: test_001_read_events
(test.test_event_detection_tools.
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: Julian Gilbey , Carlos Maddela
This adds the #1040940 fix to the #1040939 upload for an unrelated
issue that is already included for the next point release.
#10409
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: t...@security.debian.org, Anibal Monsalve Salazar
This updates the cpio package in bullseye to the package
in bookworm/trixie/sid (same upstream version).
The firs
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: c...@packages.debian.org, charlesmel...@riseup.net
Control: affects -1 + src:curl
[ Reason ]
Vulnerabilities were discovered and reported to Curl upstream [1][2] with
Package: sponsorship-requests
Severity: normal
Dear mentors,
I am looking for a sponsor for my package "wifi-qr":
* Package name : wifi-qr
Version : 0.3-1
Upstream contact : kokoye2007
* URL : https://github.com/kokoye2007/wifi-qr
* License : GPL-3.0+
Source: prody
Followup-For: Bug #1028722
There seems to be ambiguity about the reproducibility of this bug.
That's possibly consistent with problems with rounding, though the bug
here seems to be more than an issue with floating point precision.
Upstream has made a new release. I suggest packagi
David Bremner writes:
> Control: tag -1 unreproducible
>
Thierry told me off list that the problem went away after an upgrade, so
I'll close the bug for now. Feel free to reopen (ideally with the apt
debugging info above) if the problem resurfaces.
d
I had the same problem, but if you use the service configured by the debian
packages it works fine (like: systemctl omnidb start). For more information you
can see:
/usr/share/doc/omnidb-server/README.Debian
Regards
--
Diego Roversi
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: pgaudit-...@packages.debian.org
Control: affects -1 + src:pgaudit-1.7
Please remove pgaudit-1.7 from unstable, it supports PG15 only.
(pgaudit-16 in unstable supports PG16.)
Thanks,
Ch
Source: hickle
Version: 5.0.2-5
Severity: serious
Justification: debci
h5py 3.9.0 is triggering an error in hickle tests, found by debci,
https://ci.debian.net/data/autopkgtest/testing/amd64/h/hickle/38279474/log.gz
62s test_H5NodeFilterProxy
___
Package: python3-h5sparse
Version: 0.1.0-6
Severity: serious
Justification: debci
Currently python3-h5sparse Depends: python3-h5py-serial, but h5sparse
tests access h5py, not h5py._debian_h5py_serial.
The python3-h5py-serial package only provides
h5py._debian_h5py_serial. If you need to use the g
Source: dipy
Version: 1.7.0-2
Severity: serious
Justification: debci
h5py 3.9.0 is triggering an error in dipy debci tests,
https://ci.debian.net/data/autopkgtest/testing/amd64/d/dipy/38279462/log.gz
However from the error log, it's not clear that the problem is
directly related to h5py. An exac
Package: wpasupplicant Version: 2.10 Dear Maintainer, wpa_supplicant has
problems loading a configs that contains a network with an SSID/PSK that
contains double quotes followed by hash. steps to reproduce: 1a. create the
config: ctrl_interface=/run/wpa_supplicant network={ ssid="my"#SSID"
psk=
Hi Helmut,
Sorry for the delay, I was at a conference.
25 Sept 2023 23:33:15 Helmut Grohne :
> We want to change the value of systemdsystemunitdir in systemd.pc to
> point below /usr. mptcpd's upstream build system consumes this variable
> while its packaging hard codes the current value. Conseq
Source: blaspp
Version: 2023.08.25-1
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: hostname
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
Hi,
Whilst working on the Reproducible Builds effort [0], we noticed that
blaspp could not be built repr
Christoph,
I tried cherry-picking the commit you mentioned. It needed to be
rebased slightly. It did not fix my test case: Use geeqie to open the
autumn image from upstream issue 933
I pushed my change to the wip/10421242 branch of
https://salsa.debian.org/multimedia-team/libheif if someone wants
Source: node-get-func-name
Version: 2.0.0+dfsg-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for node-get-func-name.
CVE-2023-43646[0]:
| get-func-name is a module to retrieve a function's name s
Source: gst-plugins-bad1.0
Version: 1.22.4-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for gst-plugins-bad1.0.
CVE-2023-40474[0]:
| Integer overflow leading to heap overwrite in MXF file handling w
Source: gst-plugins-bad1.0
Version: 1.22.4-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for gst-plugins-bad1.0.
CVE-2023-40475[0]:
| Integer overflow leading to heap overwrite in MXF file handling w
Source: gst-plugins-bad1.0
Version: 1.22.4-1
Severity: grave
Tags: patch security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for gst-plugins-bad1.0.
CVE-2023-40476[0]:
| Integer overflow in H.265 video parser leading to stack ove
Package: cdimage.debian.org
Severity: normal
Dear Maintainer,
I am maintaining some offline computers in my organization. I choose Debian
because it provides a set of DVDs/BDs of nearly complete Debian software
repositories, and can be used with USB sticks to maintain these offline
computers.
This seems to be the same issue reported in #1050832.
The problem seems to be a regression in xarray v2023.08.
The update to xarray > 2023.08 should fix the issue.
See also https://github.com/bopen/sarsen/issues/54.
I will reassign to xarray.
[#1050832] https://bugs.debian.org/cgi-bin/bugreport.
Package: wnpp
Severity: wishlist
Owner: Étienne Mollier
X-Debbugs-Cc: debian-de...@lists.debian.org
X-Debbugs-Cc: debian-pyt...@lists.debian.org
X-Debbugs-Cc: debian-...@lists.debian.org
* Package name: python-globus-sdk
Version : 3.28.0
Upstream Contact: Globus Team
* URL
control: severity -1 normal
Hello,
In 0.0~git20230914.917f19d-1 I have excluded armel and armhf
architectures from the list of architectures asmjit is built upon. Thus
I think the severity should be normal now.
Andrius
Package: wnpp
Severity: wishlist
Owner: Andres Salomon
X-Debbugs-Cc: debian-de...@lists.debian.org
* Package name: bypass-paywalls-firefox-clean
Version : 3.3.5.0
Upstream Contact: https://gitlab.com/magnolia1234
* URL :
https://gitlab.com/magnolia1234/bypass-paywalls
69 matches
Mail list logo
