Bug#1047403: Unable to reproduce

Control: tags -1 + moreinfo Hi, I'm unable to reproduce this issue using commands given inside https://wiki.debian.org/qa.debian.org/FTBFS/DoubleBuild

Bug#1104051: crm114: Looks unmaintained upstream

Package: crm114 Severity: important X-Debbugs-Cc: secur...@debian.org, y...@debian.org Hi, looking at upstream repo, it seems that this package hasn't been updated for years. Maybe it's time to drop it from Debian ?

Bug#1072121: [Pkg-javascript-devel] Bug#1072121: node-ip: CVE-2024-29415

On 4/22/25 15:39, Moritz Mühlenhoff wrote: Am Wed, May 29, 2024 at 10:26:24AM +0400 schrieb Yadd: On 5/29/24 00:40, Moritz Mühlenhoff wrote: Source: node-ip X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for node-ip

Bug#1101456: [Pkg-javascript-devel] Bug#1101456: fails to upgrade

Control: close -1 Control: notfound -1 javascript-common/12 On 4/11/25 18:34, Fiona Ebner wrote: Hi, On Thu, 27 Mar 2025 21:35:20 +0100 VA wrote: Package: javascript-common Version: 12 Severity: serious For some reason, javascript-common fails to upgrade, and it also fails to be reinstalled,

Bug#1103615: [Pkg-javascript-devel] Bug#1103615: Bug#1103615: node-dompurify: please update to latest version

On 4/21/25 11:19, Jérémy Lal wrote: Le lun. 21 avr. 2025 à 10:12, Paul Gevers > a écrit : Hi Jérémy, Thanks for the reply. On 20-04-2025 13:21, Jérémy Lal wrote: > Good question ! The answer is that it's not needed: > nodejs 20.19.0 can "requi

Bug#1103615: [Pkg-javascript-devel] Bug#1103615: Bug#1103615: node-dompurify: please update to latest version

Control: tags -1 + pending On 4/20/25 13:21, Jérémy Lal wrote: Le dim. 20 avr. 2025 à 09:09, Paul Gevers > a écrit : Hi, On Sat, 19 Apr 2025 19:28:11 +0200 Paul Gevers mailto:elb...@debian.org>> wrote: > I was struggling to package the latest version o

Bug#1092774: Proposed patch for libfcgi

+ + * Non-maintainer upload + * Fix potential memory corruption (Closes: #1092774, CVE-2025-23016) + + -- Yadd Mon, 14 Apr 2025 10:07:31 +0200 + libfcgi (2.4.2-2.1) unstable; urgency=medium * Non-maintainer upload. diff --git a/debian/patches/CVE-2025-23016.patch b/debian/patches/CVE-2025

Bug#1102310: bookworm-pu: package node-send/0.18.0+~cs1.19.1-3+deb12u1

edium + + * Fix XSS issue (Closes: #1081483, CVE-2024-43799) + + -- Yadd Mon, 07 Apr 2025 15:25:46 +0200 + node-send (0.18.0+~cs1.19.1-3) unstable; urgency=medium * Add Breaks: node-express < 4.18.1~ diff --git a/debian/patches/CVE-2024-43799.patch b/debian/patches/CVE-2024-43799.patch

Bug#1102478: bookworm-pu: package node-serialize-javascript/6.0.0-2+deb12u1

+(Closes: #1095767, CVE-2024-11831) + + -- Yadd Wed, 09 Apr 2025 13:54:59 +0200 + node-serialize-javascript (6.0.0-2) unstable; urgency=medium [ Debian Janitor ] diff --git a/debian/patches/CVE-2024-11831.patch b/debian/patches/CVE-2024-11831.patch new file mode 100644 index 000

Bug#1102367: ITP: node-tldts -- JavaScript library to extract fields from URLs

Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-de...@lists.debian.org, y...@debian.org * Package name: node-tldts Version : 6.1.85 Upstream Contact: Rémi Berson <https://github.com/remusao> * URL : https://github.com/remusao/tldts * L

Bug#1102240: RM: node-har-validator -- ROM; Unmaintained upstream and useless

Package: ftp.debian.org Severity: normal X-Debbugs-Cc: node-har-valida...@packages.debian.org, y...@debian.org Control: affects -1 + src:node-har-validator User: ftp.debian@packages.debian.org Usertags: remove According to https://www.npmjs.com/package/har-validator this library is no more mai

Bug#1101969: node-blueprintjs-core overwrites node-blueprintjs-colors

Control: reassign -1 node-blueprintjs-colors Control: affects -1 node-blueprintjs-core [...] > It's not clear to me what the desired state here is. A reasonable > interpretation could be that node-blueprintjs-core accidentally > vendored node-blueprintjs-colors and should really depend on it and

Bug#1078631: Unable to reproduce

Control: tags -1 + moreinfo Hi, I'm unable to reproduce this issue, maybe fixed elsewhere ?

Bug#1099251: Unable to reproduce

Control: tags -1 + moreinfo Hi, I'm unable to reproduce this issue, maybe fixed alsewhere ?

Bug#1102223: [Pkg-javascript-devel] Bug#1102223: node-axios: CVE-2025-27152

On 4/6/25 16:32, Salvatore Bonaccorso wrote: Source: node-axios Version: 1.7.9+dfsg-1 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for node-axios. CVE-2025-27152[0]: | axios is a promise based H

Bug#1067334: Unable to reproduce

Hi, I'm unable to reproduce this issue. Maybe something changed into unicode-data

Bug#1101756: Should libbson-xs-perl be shipped in trixie?

on libbson-xs-perl and libmongodb-perl has some reverse dependencies. gregor, yadd, any opinions from you here? Regards, Salvatore Hi, we can remove BSON::XS from libmongodb-perl dependencies, it will affects only performances. I tested the build, it works. Best regards, Xavier

Bug#1095142: jmeter: Unable to start: Provider org.xbill.DNS.spi.DnsjavaInetAddressResolverProvider not found

Package: jmeter Version: 2.13-5 Severity: grave Justification: renders package unusable X-Debbugs-Cc: y...@debian.org Hi, I just install jmeter. It is unable to start: $ jmeter An error occurred: java.net.spi.InetAddressResolverProvider: Provider org.xbill.DNS.spi.DnsjavaInetAddressResolverProv

Bug#1084310: [Pkg-javascript-devel] Bug#1084310: FTBFS: node-yarnpkg 4.0.2+dfsg-3

Control: block -1 1091032 On 2/1/25 11:39, Jing Luo wrote: Source: node-yarnpkg Version: 4.0.2+dfsg-3 Followup-For: Bug #1084310 Control: tags -1 ftbfs Control: severity -1 grave Dear maintainer, Hi! This package still fails to build from source for 4.0.2+dfsg-3, will this be fixed soon? Hi,

Bug#1094751: bookworm-pu: package node-axios/1.2.1+dfsg-1+deb12u2

On 1/31/25 07:29, Salvatore Bonaccorso wrote: Hi, Thanks for your reply. Disclaimer not part of the release team. On Fri, Jan 31, 2025 at 07:22:36AM +0100, Yadd wrote: On 1/30/25 22:26, Salvatore Bonaccorso wrote: Hi, On Thu, Jan 30, 2025 at 06:55:08PM +0100, Yadd wrote: Package

Bug#1094751: bookworm-pu: package node-axios/1.2.1+dfsg-1+deb12u2

On 1/30/25 22:26, Salvatore Bonaccorso wrote: Hi, On Thu, Jan 30, 2025 at 06:55:08PM +0100, Yadd wrote: Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: node-ax...@packages.debian.org Control: affects -1 + src:node-axios User: release.debian@packages.debian.org

Bug#1094751: bookworm-pu: package node-axios/1.2.1+dfsg-1+deb12u2

ex ad1d642..5c966ce 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +node-axios (1.2.1+dfsg-1+deb12u2) bookworm; urgency=medium + + * Team upload + * Fix potential vulnerability in URL when determining an origin +(Closes: #1094731, CVE-2024-57965) + + -- Yadd Thu, 30 Jan

Bug#1094680: RM: cyrus-imapd [armel armhf i386] -- ROM; Cyrus-Imapd not compatible to 32-bits arch due to libical bug

Package: ftp.debian.org Severity: normal X-Debbugs-Cc: cyrus-im...@packages.debian.org, y...@debian.org Control: affects -1 + src:cyrus-imapd User: ftp.debian@packages.debian.org Usertags: remove Hi, due to libical bug, Cyrus-Imapd calendar services are not compatible with 32 bits architectur

Bug#1093755: bookworm-pu: package lemonldap-ng/2.16.1+ds-deb12u5

(Closes: CVE-2024-52948) + + -- Yadd Wed, 22 Jan 2025 09:27:53 +0100 + lemonldap-ng (2.16.1+ds-deb12u4) bookworm; urgency=medium * Fix authentication privilege (Closes: CVE-2024-52946) diff --git a/debian/patches/CVE-2024-52948.patch b/debian/patches/CVE-2024-52948.patch new file mode 100644

Bug#1093444: [Pkg-javascript-devel] Bug#1093444: node-request: FTBFS: not ok 1011 should be strictly equal

Hopefully we removed reverse dependencies of node-request. I just filled the ROM-RM Best regards, Xavier On 1/18/25 20:24, Santiago Vila wrote: Package: src:node-request Version: 2.88.1-6 Severity: serious Tags: ftbfs trixie sid Dear maintainer: During a rebuild of all packages in unstable,

Bug#1093483: RM: node-request -- ROM; Unmaintained for a long time

Package: ftp.debian.org Severity: normal X-Debbugs-Cc: node-requ...@packages.debian.org, y...@debian.org Control: affects -1 + src:node-request User: ftp.debian@packages.debian.org Usertags: remove node-request has been deprecated a long time ago. It was maintained into Debian due to dependenc

Bug#1092649: ocsinventory-server: switch to another imap library

On 1/10/25 12:33, Chris Hofstaedtler wrote: Source: ocsinventory-server Version: 2.8.1+dfsg1+~2.11.1-1 Severity: important Hi, ocsinventory-reports, via php-imap, depends on libc-client2007e from the uw-imap project. uw-imap in Debian is for various reasons in a bad shape and might not be part

Bug#1041097: Easy to fix

0.gfm.13-1) UNRELEASED; urgency=medium + + * Non maintainer upload + * Drop 2 patches, now included in upstream source + * Update install + + -- Yadd Sat, 04 Jan 2025 12:38:37 +0100 + cmark-gfm (0.29.0.gfm.6-1) unstable; urgency=medium * New upstream version. diff --git a/debian/libcmar

Bug#1091032: Reassign to emscripten

Control: reassign -1 emscripten Control: affects -1 node-inwasm Emscripten automatically adds "--no-growable-memory" which is incompatible with wasm-ld-18

Bug#1087200: bookworm-pu: package lemonldap-ng/2.16.1+ds-deb12u4

On 11/20/24 09:26, Salvatore Bonaccorso wrote: Hi, On Sat, Nov 09, 2024 at 06:54:39PM +0400, Yadd wrote: Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: lemonldap...@packages.debian.org, y...@debian.org Control: affects -1 + src:lemonldap-ng User: release.debian

Bug#1082871: [Debian-pan-maintainers] Bug#1082871: jupyterlab: CVE-2024-43805

On 11/19/24 17:08, Sylvain Beucler wrote: Hi, I'm part of the Debian LTS Team and I'm trying to identify the fix. Checking 4.2.5 and 3.6.8 history: https://github.com/jupyterlab/jupyterlab/commits/4.2.x/ https://github.com/jupyterlab/jupyterlab/commits/3.6.x/ the only common commit appears to

Bug#1087200: bookworm-pu: package lemonldap-ng/2.16.1+ds-deb12u4

regards, Xavier diff --git a/debian/changelog b/debian/changelog index c0bc25b80..8cb311051 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +lemonldap-ng (2.16.1+ds-deb12u4) bookworm; urgency=medium + + * Fix authentication privilege + * Fix XSS in "Upgrade" plugin + +

Bug#1086611: bookworm-pu: package node-dompurify/2.4.1+dfsg+~2.4.0-2+deb12u1

reviewed all changes and I approve them [X] attach debdiff against the package in (old)stable [X] the issue is verified as fixed in unstable [ Changes ] Just some additional checks Best regards, Yadd diff --git a/debian/changelog b/debian/changelog index 02c7a01..e9a5528 100644 --- a/debian

Bug#1084983: [Pkg-javascript-devel] Bug#1084983: node-dompurify: CVE-2024-47875

Erratum On 10/30/24 06:38, Yadd wrote: On 10/19/24 15:32, Salvatore Bonaccorso wrote: Hi Yadd, hi Moritz, On Sat, Oct 12, 2024 at 07:37:45PM +0200, Yadd wrote: On 10/12/24 18:08, Moritz Mühlenhoff wrote: On Sat, Oct 12, 2024 at 04:14:14PM +0200, Yadd wrote: Hi, here is a debdiff for

Bug#1084983: [Pkg-javascript-devel] Bug#1084983: node-dompurify: CVE-2024-47875

On 10/19/24 15:32, Salvatore Bonaccorso wrote: Hi Yadd, hi Moritz, On Sat, Oct 12, 2024 at 07:37:45PM +0200, Yadd wrote: On 10/12/24 18:08, Moritz Mühlenhoff wrote: On Sat, Oct 12, 2024 at 04:14:14PM +0200, Yadd wrote: Hi, here is a debdiff for bookworm Please upload to security-master

Bug#1085176: bookworm-pu: package lemonldap-ng/2.16.1+ds-deb12u3

2u3) UNRELEASED; urgency=medium + + Custom templates maybe vulnerable to XSS injection when default allowed + characters have been changed. To fix this, replace every + + + + by + + + + -- Yadd Tue, 15 Oct 2024 19:27:47 +0200 + lemonldap-ng (2.16.1+ds-deb12u2) bookworm; urgency=med

Bug#1084502: lemonldap-ng: FTBFS: autobuilder hangs

On 10/15/24 01:01, gregor herrmann wrote: On Mon, 14 Oct 2024 12:22:52 +0200, Yadd wrote: I tested the patch given into https://patch-diff.githubusercontent.com/raw/libtom/libtomcrypt/pull/672 (libtomcrypt is embedded into CryptX), it fixes the bug Thanks for checking! I've uploaded C

Bug#1084502: lemonldap-ng: FTBFS: autobuilder hangs

Control: tags -1 + patch Hi, I tested the patch given into https://patch-diff.githubusercontent.com/raw/libtom/libtomcrypt/pull/672 (libtomcrypt is embedded into CryptX), it fixes the bug

Bug#1084983: [Pkg-javascript-devel] Bug#1084983: node-dompurify: CVE-2024-47875

On 10/12/24 18:08, Moritz Mühlenhoff wrote: On Sat, Oct 12, 2024 at 04:14:14PM +0200, Yadd wrote: Hi, here is a debdiff for bookworm Please upload to security-master, thanks! Cheers, Moritz Hi, it's done Best regards, Xavier

Bug#1084983: [Pkg-javascript-devel] Bug#1084983: node-dompurify: CVE-2024-47875

elog @@ -1,3 +1,10 @@ +node-dompurify (2.4.1+dfsg+~2.4.0-2) bookworm-security; urgency=medium + + * Team upload + * Fix mXSS issue (Closes: #1084983, CVE-2024-47875) + + -- Yadd Sat, 12 Oct 2024 16:12:19 +0200 + node-dompurify (2.4.1+dfsg+~2.4.0-1) unstable; urgency=medium * Team upload diff --g

Bug#1084502: lemonldap-ng: FTBFS: autobuilder hangs

On 10/8/24 18:07, Yadd wrote: [...] This script shows that problem is in Cryptx: Hi all, it seems that the new libtomcrypt is not stable. Could we downgrade to version 0.80 ?

Bug#1084502: Processed: found 1084502 in 0.081-2

On 10/8/24 18:44, gregor herrmann wrote: On Tue, 08 Oct 2024 16:15:11 +, Debian Bug Tracking System wrote: found 1084502 0.081-2 Bug #1084502 [libcryptx-perl] Crypt::PK::RSA initialization fails with RSA key passed as reference Marked as found in versions libcryptx-perl/0.081-2. How abo

Bug#1084502: lemonldap-ng: FTBFS: autobuilder hangs

Control: reassign -1 libcryptx-perl Control: affects -1 libcrypt-jwt-perl On 10/8/24 07:33, Yadd wrote: On 10/8/24 07:14, Yadd wrote: On 10/7/24 14:13, Santiago Vila wrote: Package: src:lemonldap-ng Version: 2.19.2+ds-1 Severity: serious Tags: ftbfs Dear maintainer: During a rebuild of all

Bug#1084502: lemonldap-ng: FTBFS: autobuilder hangs

Control: reassign -1 libcrypt-jwt-perl Control: affects -1 lemonldap-ng On 10/8/24 07:14, Yadd wrote: On 10/7/24 14:13, Santiago Vila wrote: Package: src:lemonldap-ng Version: 2.19.2+ds-1 Severity: serious Tags: ftbfs Dear maintainer: During a rebuild of all packages in unstable, your

Bug#1084502: lemonldap-ng: FTBFS: autobuilder hangs

On 10/7/24 14:13, Santiago Vila wrote: Package: src:lemonldap-ng Version: 2.19.2+ds-1 Severity: serious Tags: ftbfs Dear maintainer: During a rebuild of all packages in unstable, your package failed to build: [...

Bug#1081986: [Pkg-javascript-devel] Bug#1081986: Should leaflet-image be removed from unstable?

Control: severity -1 normal Control: retitle -1 RM: leaflet-image -- RoM; rc-buggy Control: reassign -1 ftp.debian.org Control: affects -1 + src:leaflet-image On 9/17/24 10:21, Helmut Grohne wrote: Source: leaflet-image Severity: important User: helm...@debian.org Usertags: sidremove Dear main

Bug#1081983: [Pkg-javascript-devel] Bug#1081983: Should node-node-localstorage be removed from unstable?

Control: severity -1 normal Control: retitle -1 RM: node-node-localstorage -- RoM; rc-buggy Control: reassign -1 ftp.debian.org Control: affects -1 + src:node-node-localstorage On 9/17/24 10:21, Helmut Grohne wrote: Source: node-node-localstorage Severity: important User: helm...@debian.org User

Bug#1080052: [Pkg-javascript-devel] Bug#1080052: Should node-lockfile be removed from unstable?

. Hi, sure this package is no more useful here. Best regards, Yadd

Bug#1079833: [Pkg-javascript-devel] Bug#1079833: node-minimatch: please provide a bundled version

Hi Jérémy, ready to review and push into salsa.d.o Best regards, Xavier On 8/28/24 03:25, Jérémy Lal wrote: Package: node-minimatch Version: 9.0.3-4 Severity: wishlist nodejs 20.17.0 includes minimatch, however the mecanism for inclusion is somewhat convoluted, and it would be greatly easier

Bug#1079164: devscripts: Files-Excluded version of regexp should be documented and if not pcre Files-Excluded-PCRE should be created

On 8/22/24 02:06, Bastien Roucariès wrote: Le mercredi 21 août 2024, 11:07:17 UTC Niels Thykier a écrit : On Tue, 20 Aug 2024 18:50:20 + Bastien =?ISO-8859-1?Q?Roucari=E8s?= wrote: Package: devscripts Version: 2.23.7 Severity: minor Dear Maintainer, I do not find the syntax of the regex

Bug#1078880: [Pkg-javascript-devel] Bug#1078880: gettext.js: CVE-2024-43370

On 8/20/24 17:30, Salvatore Bonaccorso wrote: Hi, On Tue, Aug 20, 2024 at 05:20:38PM +0400, Yadd wrote: On 8/20/24 16:34, Moritz M??hlenhoff wrote: Hi Yadd, here is a simple patch for this issue The debdiff looks fine, but I don't believe this needs a DSA, can you please submit thi

Bug#1078880: [Pkg-javascript-devel] Bug#1078880: gettext.js: CVE-2024-43370

On 8/20/24 16:34, Moritz Mühlenhoff wrote: Hi Yadd, here is a simple patch for this issue The debdiff looks fine, but I don't believe this needs a DSA, can you please submit this for the next point update instead? Agree, but the bug was tagged as "grave" ;-) Cheers, Xavier

Bug#1076531: bookworm-pu: package apache2/2.4.62-1~deb12u1

On 8/15/24 20:29, Adam D. Barratt wrote: On Thu, 2024-08-15 at 05:09 +0400, Yadd wrote: Hi Adam, can I do the same with Bullseye ? I've just replied to the bullseye request, but afaics it wasn't even filed at the point the above chase was posted. Regards, Adam Yes, sorr

Bug#1076531: bookworm-pu: package apache2/2.4.62-1~deb12u1

Hi Adam, can I do the same with Bullseye ? On 8/15/24 00:33, Adam D. Barratt wrote: Control: tags -1 + confirmed On Thu, 2024-07-18 at 09:39 +0400, Yadd wrote: [ Reason ] Apache2 was updated to 2.4.61 due to 8 CVEs. However "a partial fix for CVE-2024-39884 in the core of Apache HTTP S

Bug#1078622: [Debian-pan-maintainers] Bug#1078622: jupyterlab: will FTBFS during trixie support period

Control: fixed -1 jupyterlab/4.0.11+ds1+~cs11.25.27-1 Control: close -1 Control: forcemerge -1 1060772 On 8/13/24 22:06, Santiago Vila wrote: Package: src:jupyterlab Version: 4.0.11+ds1-2 User: debian...@lists.debian.org Usertags: ftbfs-during-trixie-support-period Tags: ftbfs Dear maintainer:

Bug#1078579: RM: node-jupyterlab -- ROM; Replaced by src:jupyterlab

Package: ftp.debian.org Severity: normal X-Debbugs-Cc: node-jupyter...@packages.debian.org, debian-pan-maintain...@alioth-lists.debian.net, y...@debian.org Control: affects -1 + src:node-jupyterlab User: ftp.debian@packages.debian.org Usertags: remove Hi, we just grouped python3-jupyterlab

Bug#1077760: [Pkg-javascript-devel] Bug#1077760: pkg-js-tools: please allow to run a hook before testing

On 8/1/24 18:34, Bastien Roucariès wrote: Package: pkg-js-tools Version: 0.15.22 Severity: important Dear Maintainer, Could you run an hook like pre-test in tests that will run something like for instance regenerating certicate. It will avoid a lot a failure and manual work I can work arround

Bug#1077639: ITP: libcaptcha-recaptcha-v3-perl -- Perl implementation of reCAPTCHA API version v3

Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-de...@lists.debian.org, y...@debian.org * Package name: libcaptcha-recaptcha-v3-perl Version : 0.05 Upstream Contact: worthmine * URL : https://metacpan.org/release/Captcha-reCAPTCHA-V3 * License

Bug#1077509: bookworm-pu: package cyrus-imapd/3.6.1-4+deb12u3

loses: #1075853) + + -- Yadd Mon, 29 Jul 2024 12:43:50 +0400 + cyrus-imapd (3.6.1-4+deb12u2) bookworm-security; urgency=medium * Fix unbounded memory allocation (Closes: CVE-2024-34055) diff --git a/debian/patches/CVE-2024-34055-regressions-1.patch b/debian/patches/CVE-2024-34055-regressions-1.

Bug#1076904: [Pkg-javascript-devel] Bug#1076904: pkg-js-tools: FTBFS: help2man: can't get `--version' info from ./tools/debcheck-node-repo

On 7/27/24 07:15, Guillem Jover wrote: Control: reopen -1 Control: notfixed -1 dpkg/1.22.9 Control: affect -1 = src:pkg-js-tools Control: retitle -1 dpkg-dev: Make fragments lack internal dpkg_lazy_eval macros Control: tags -1 = On Fri, 2024-07-26 at 15:21:16 +0200, Santiago Vila wrote: unmerge

Bug#1076904: [Pkg-javascript-devel] Bug#1076904: pkg-js-tools: FTBFS: help2man: can't get `--version' info from ./tools/debcheck-node-repo

Control: tags -1 + moreinfo On 7/24/24 14:48, Santiago Vila wrote: Package: src:pkg-js-tools Version: 0.15.21 Severity: serious Tags: ftbfs Dear maintainer: During a rebuild of all packages in unstable, your package failed to build: Hi, I'm unable to reproduce in a schroot, could you share

Bug#1076378: [Pkg-javascript-devel] Bug#1076378: node-xterm: Unable to build package node-xterm from sources in Debian Bookworm because of error TS2769

Control: fixed -1 5.3.0-1 On 7/15/24 15:57, Sergei Semin wrote: Source: node-xterm Version: 3.8.1+~cs0.9.0-1 Severity: serious Tags: ftbfs Justification: fails to build from source X-Debbugs-Cc: syominser...@gmail.com Dear Maintainer, I tried to build node-xterm from sources in Debian Bookworm

Bug#1071632: Mark as done in 3.0.3

Hi, upstream marked this issue "done" in 3.0.3

Bug#1060772: [Debian-pan-maintainers] Unifying jupyterlab and node-jupyterlab

On 6/2/24 12:53, Yadd wrote: On 6/2/24 10:38, Yadd wrote: In my last commit, I added also a fix for #1060772:   - jupyter-lab uses yarnpkg by default   - in Debian build context, this can be overridden using     YARN_COMMAND=pkgjs-install-minimal Better hook with "YARN_COMMAND=pkgjs&q

Bug#1060772: [Debian-pan-maintainers] Unifying jupyterlab and node-jupyterlab

On 6/2/24 10:38, Yadd wrote: In my last commit, I added also a fix for #1060772:  - jupyter-lab uses yarnpkg by default  - in Debian build context, this can be overridden using    YARN_COMMAND=pkgjs-install-minimal Better hook with "YARN_COMMAND=pkgjs" which uses the adapted pkgjs

Bug#1060772: [Debian-pan-maintainers] Unifying jupyterlab and node-jupyterlab

must be verified (and also python install looks bad). Best regards, Xavier On 6/2/24 07:40, Yadd wrote: Hi Roland, I merged Python and Node.js package into branch "merge-python-and-node", but I didnt yet import the "build" part you entered into dh_auto_install in Python pa

Bug#1060772: [Python-modules-team] Bug#1060772: python3-jupyterlab: Using node-corepack downloads yarnpkg from Internet

Hi, depending on the use of "jupyterlab build": - when used manually, may prefer to launch yarnpkg - when used under Debian build/test, may prefer to use pkgjs-install-minimal So proposition: - drop the patch 0003-Use-system-provided-yarn.js.patch - build a custom yarn.js that calls yarnp

Bug#1072121: [Pkg-javascript-devel] Bug#1072121: node-ip: CVE-2024-29415

On 5/29/24 00:40, Moritz Mühlenhoff wrote: Source: node-ip X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for node-ip. CVE-2024-29415[0]: | The ip package through 2.0.1 for Node.js might allow SSRF because | some IP addre

Bug#1071213: [Pkg-javascript-devel] Bug#1071213: pkg-js-tools: nodepath fails with nodejs 20 because it passes non-integer to process.exit

On 5/16/24 13:16, Jérémy Lal wrote: Package: pkg-js-tools Version: 0.15.19 Severity: important Hi, this makes all automatic autopkgtest fail: $ nodepath after node:internal/errors:541 throw error; TypeError [ERR_INVALID_ARG_TYPE]: The "code" argument must be of type number. Received ty

Bug#1065722: FTBFS: /usr/lib/python3/dist-packages/torch/include/c10/util/C++17.h:27:2: error: #error You need C++17 to compile PyTorch

Control: tags -1 + patch Hi, updating to 0.18 fixes the build issue: see https://salsa.debian.org/deeplearning-team/pytorch-vision/-/merge_requests/2 Best regards, Xavier

Bug#1070831: ITP: python3-nxtomo -- Python API to edit NXtomo application

Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-de...@lists.debian.org, y...@debian.org * Package name: python3-nxtomo Version : 1.2.3 Upstream Contact: , Pierre Paleo , Alessandro Mirone , Jérôme Lesaint * URL : https://gitlab.esrf.fr

Bug#1070408: ITP: python3-tabnet -- Attentive Interpretable Tabular Learning

Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-de...@lists.debian.org, y...@debian.org * Package name: python3-tabnet Version : 4.1.0 Upstream Contact: DreamQuark <https://github.com/dreamquark-ai/tabnet/issues> * URL : https://github.com/drea

Bug#1068862: ITP: node-microsoft-fast -- FAST monorepo, containing web component packages, tools, examples, and documentation

Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: node-microsoft-fast Version : 0~20240320-1 Upstream Contact: https://github.com/Microsoft/fast/issues * URL : https://github.com/Microsoft/fast * License

Bug#1068412: apache2: CVE-2024-27316 CVE-2024-24795 CVE-2023-38709

On 4/5/24 15:58, Moritz Muehlenhoff wrote: On Fri, Apr 05, 2024 at 08:16:43AM +0400, Yadd wrote: On 4/4/24 22:51, Moritz Mühlenhoff wrote: Source: apache2 X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerabilities were published for apache2. CVE

Bug#1066749: FTBFS: dh_auto_test: error: /bin/sh -ex debian/tests/pkg-js/test returned exit code 1

Control: tags -1 + moreinfo Hi, I'm unable to reproduce this issue. Probably fixed elsewhere during time_t transition

Bug#1064558: [Pkg-javascript-devel] Bug#1064558: node-leveldown: FTBFS on mips64el: not ok 1397 Error: batch(array) element must be an object and not `null`

1]: Entering directory '/home/yadd/node-leveldown' node-gyp clean node: error while loading shared libraries: libnode.so.108: cannot open shared object file: No such file or directory make[1]: *** [debian/rules:18: override_dh_auto_clean] Error 127 make[1]: Leaving directory '/home/yadd/node-leveldown'

Bug#1061341: cyrus-common: identified for time_t transition but no ABI in shlibs

I closed this issue because: - I dropped all bad .h files from install - I added ABI flags to build - cyrus-dev has no reverse dependencies If I'm wrong, please reopen this issue Cheers, Yadd

Bug#1063908: [Debian-pan-maintainers] Bug#1063908: node-jupyter-widgets-{base, base-manager, control}: ships files already in python3-widgetsnbextension

On 2/14/24 20:26, Andreas Beckmann via Debian-pan-maintainers wrote: Package: node-jupyter-widgets-base,node-jupyter-widgets-base-manager,node-jupyter-widgets-controls Version: 6.0.7+~cs14.23.94-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piup

Bug#1063824: zenmap should depends on python3-gi-cairo

Package: zenmap Version: 7.94+git20230807.3be01efb1+dfsg-3 Severity: important X-Debbugs-Cc: y...@debian.org Hi, when using zenmap, the "port" tab is broken unless python3-gi-cairo is installed: TypeError: Couldn't find foreign struct converter for 'cairo.Context' Cheers, Yadd

Bug#1061341: Fwd: Bug#1061341: cyrus-common: identified for time_t transition but no ABI in shlibs

On 2/7/24 06:31, ellie timoney wrote: Hi Xavier, On Mon, 29 Jan 2024, at 9:59 AM, ellie timoney wrote: On Thu, 25 Jan 2024, at 3:53 PM, Yadd wrote: yes there are other errors because some .h require unavailable .h like config.h Ooh interesting, I'll have a look I'm still worki

Bug#1061341: cyrus-common: identified for time_t transition but no ABI in shlibs

On 1/28/24 20:21, Steve Langasek wrote: On Tue, Jan 23, 2024 at 08:32:18AM +0400, Yadd wrote: Control: tags -1 + moreinfo On 1/23/24 00:43, Steve Langasek wrote: Package: cyrus-common Version: 3.8.1-1 Severity: serious User: debian-...@lists.debian.org Usertags: time-t Dear maintainers

Bug#1061341: cyrus-common: identified for time_t transition but no ABI in shlibs

Control: tags -1 + moreinfo On 1/23/24 00:43, Steve Langasek wrote: Package: cyrus-common Version: 3.8.1-1 Severity: serious User: debian-...@lists.debian.org Usertags: time-t Dear maintainers, Analysis of the archive for the 64-bit time_t transition[0][1] identifies cyrus-common as an affecte

Bug#1027859: Fwd: pkg-js-tools_0.15.17~bpo11+1_sourceonly.changes REJECTED

Control: tags -1 + wontfix > Forwarded Message > Subject: pkg-js-tools_0.15.17~bpo11+1_sourceonly.changes REJECTED > Date: Wed, 17 Jan 2024 09:17:48 + > From: Debian FTP Masters > To: Yadd , Debian Javascript Maintainers javascript-de...@lists.alioth.debian

Bug#1059829: Thank you

7;t follow exactly the common way (see dh_auto_install hook) Best regards, Georges. Cheers, Yadd

Bug#1060772: python3-jupyterlab: Using node-corepack downloads yarnpkg from Internet

instead of using Debian's one. Cheers, Yadd

Bug#1060312: ITP: node-yarn-plugin-apt -- Yarn plugin to resolve dependencies from packages installed in apt

 .  Node.js is an event-based server-side JavaScript engine. Hi, take a look also at pkgjs-install and pkgjs-install-minimal Best regards, Yadd

Bug#1060152: python3-jupyterlab should provide jupyterlab

Package: python3-jupyterlab Severity: normal X-Debbugs-Cc: y...@debian.org Hi, python3-jupyterlab provides bin/jupyterlab, then it should "Provides: jupyterlab (= ${binary:Version})"

Bug#1059829: node-html5-qrcode: Build using libraries downloaded from Internet during build

On 1/2/24 09:50, Yadd wrote: Package: node-html5-qrcode Version: 2.3.8+repack-3 Severity: serious Justification: not-dfsg X-Debbugs-Cc: y...@debian.org node-html5-qrcode is built using "npm install" which downloads libraries from Internet. This is totally out of DFSG. For now, the

Bug#1059829: node-html5-qrcode: Build using libraries downloaded from Internet during build

Package: node-html5-qrcode Version: 2.3.8+repack-3 Severity: serious Justification: not-dfsg X-Debbugs-Cc: y...@debian.org node-html5-qrcode is built using "npm install" which downloads libraries from Internet. This is totally out of DFSG.

Bug#1058863: libqwt-qt5-dev: invalid conversion from ‘int’ to ‘QwtPlotLayout::Option’

On 12/30/23 00:58, Gudjon I. Gudjonsson wrote: Hi Yadd I did try to build Ovito with qwt 6.2 and it works with minor fixes to ovito. Ovito is compiled with Qt6 so you need to change your dependencies to qwt-qt6. I suggest that you build against the experimental version of libqwt-qt6-dev and I

Bug#1058863: libqwt-qt5-dev: invalid conversion from ‘int’ to ‘QwtPlotLayout::Option’

Hi Gudjon, yes I'm trying to build ovito. you can find my temporary repository on g...@salsa.debian.org:yadd/ovito.git Best regards, Yadd

Bug#1059469: ITP: node-ipydatagrid -- Fast Datagrid widget for the Jupyter Notebook and JupyterLab

Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: node-ipydatagrid Version : 1.2.0 Upstream Contact: https://github.com/Bloomberg/ipydatagrid/issues * URL : https://github.com/Bloomberg/ipydatagrid * License

Bug#1059336: ITP: node-html5-qrcode -- qr-code and bar-code scanning library for the web

stall" which imports files from Internet, this is not compliant with policy. Cheers, Yadd

Bug#1058868: [Debichem-devel] Bug#1058868: gemmi: Please build shared library

Control: tags -1 + wontfix On 12/19/23 12:43, Andrius Merkys wrote: Hi, On 2023-12-17 11:31, Yadd wrote: currently src:gemmi builds gemmi and gemmi-dev. This doesn't permit to build any software using gemmi-dev without static linking. The proposed patch adds package libgemmi1 which con

Bug#1058868: gemmi: Please build shared library

o manually trigger the ldconfig before. The > issue might be the lack of 'Section: libs' in binary package > description. Maybe it's the issue Best regards, Yadd

Bug#1058868: gemmi: Please build shared library

Source: gemmi Version: 0.6.3+ds-1 Severity: important Tags: patch X-Debbugs-Cc: y...@debian.org Hi, currently src:gemmi builds gemmi and gemmi-dev. This doesn't permit to build any software using gemmi-dev without static linking. The proposed patch adds package libgemmi1 which contains the share

Bug#1058864: ITP: ovito -- scientific data visualization and analysis software for particle-based simulations

Package: wnpp Severity: wishlist Owner: Yadd X-Debbugs-Cc: debian-de...@lists.debian.org, y...@debian.org * Package name: ovito Version : 3.9.4 Upstream Contact: https://gitlab.com/stuko/ovito/-/issues * URL : https://www.ovito.org * License : GPL-3 or Expat

Bug#1058863: libqwt-qt5-dev: invalid conversion from ‘int’ to ‘QwtPlotLayout::Option’

6_64-linux-gnu/qt6/QtCore/qglobal.h:1401, from /usr/include/x86_64-linux-gnu/qt6/QtCore/qcoreapplication.h:7, from /usr/include/x86_64-linux-gnu/qt6/QtCore/QCoreApplication:1, from /home/yadd/dev/debian/src/other/tmp/ovito-3.9.4/src/ovito/core/Co

Bug#1058784: esbuild: [armel] install @esbuild/arm

Package: esbuild Version: 0.19.8-1 Severity: serious Tags: ftbfs patch Justification: node-esbuild-unusable-on-armel X-Debbugs-Cc: y...@debian.org Hi, my armel patch was wrong: armel build uses @esbuild/arm, not @esbuild/armel. I fixed this in a merge request [MR4] [MR4]: https://salsa.debian.

Bug#1058596: [Pkg-javascript-devel] Bug#1058596: yarnpkg broken on bookworm - yarnpkg --help fails with TypeError: commander.on is not a function

update for stable also Cheers, Yadd

  1   2   3   4   5   6   7   8   9   >