Package: ptpython
Version: 3.0.30-1
Severity: grave
Justification: renders package unusable
Hey.
It seems that after 3.0.29-3 all files in /usr/bin went missing from the
package.
Cheers,
Chris.
-- System Information:
Debian Release: trixie/sid
APT prefers unstable-debug
APT policy: (500
Hey.
Seems that for me the SHA512 sum of the downloaded file simply differs?
btw: @David
In some of the postinst scripts you wget from http, in some from
https... better use https everywhere?
Cheers,
Chris.
Hey.
Did some debugging for an hour now, finding out that it works again
when changing in src/audio/ffmpeg_audio_processor_swresample.h the
following functions as given below:
void SetInputChannelLayout(AVChannelLayout *channel_layout) {
av_opt_set_chlayout(m_swr_ctx, "in_
On Wed, 2025-01-01 at 01:42 +0100, Sebastian Ramacher wrote:
> That's some sort of incompatibility with ffmpeg 7.0. But since
> upstream
> does not appear to be very active at the moment, at the worst case we
> will need to drop fpcalc.
I did some poor man's debugging, changed the call to av_log_s
Package: libchromaprint-tools
Version: 1.5.1-6
Severity: grave
Justification: renders package unusable
Hey.
I tried various files (WAV, FLAC, Opus), for all calculation fails with:
$ fpcalc *.opus
ERROR: Could not create an audio converter instance (Invalid argument)
Similarly, picard, when it i
Package: remmina-plugin-vnc
Version: 1.4.36+dfsg-1
Severity: grave
Tags: upstream
Justification: renders package unusable
Control: forwarded -1 https://gitlab.com/Remmina/Remmina/-/issues/3207
Hey.
1.4.36, in trying to fix another Windows/VNC bug
(https://gitlab.com/Remmina/Remmina/-/issues/3121
Package: deluge
Version: 2.1.2~dev0+20240910-2
Severity: grave
Justification: renders package unusable
Hey.
I think there slipped a typo throug and the package should be:
python3-legacy-cgi
not:
python-legacy-cgi
Thanks,
Chris.
Package: sonic-visualiser
Version: 5.0-1
Severity: grave
Justification: renders package unusable
Hi.
When starting the program it crashes immediately:
$ sonic-visualiser
terminate called after throwing an instance of 'Dataquay::RDFIncompleteURI'
what(): Uri::Uri: Given string is not a complete
On Mon, 2024-08-19 at 10:58 -0400, Antoine Beaupré wrote:
> To which version?
Well I'd guess any earlier one. In my case I simply took the previous
one 32+20240611-1, which is still in testing.
Cheers,
Chris.
On Mon, 2024-08-19 at 11:59 +0200, Diederik de Haas wrote:
> Please don't. At least not yet so that people get warned about this
> bug before
> they try to reboot into an unbootable system.
Ah, sure... I hadn't seen that the ticket was already raised to
critical... and last night when I've notice
Hey Marco.
On Mon, 2024-08-19 at 05:12 +0200, Marco d'Itri wrote:
> > With the new version, initramfs generation gives:
> I know, the plan it to rebuild dracut-install.
Thanks. Then I guess from my side we could also already close the bug.
Your choice :-)
Cheers,
Chris.
FYI:
I haven't seen that behaviour after upgrading... and I do have quite a
few tabs in many windows open.
Maybe it happens not in all configurations.
Cheers,
Chris.
On Sat, 2024-04-27 at 03:15 +0200, Guilhem Moulin wrote:
> Yup that'd make sense to me (and I see you did that already), thanks!
:-)
Unfortunately I doubt it will be possibly to do some fully generic
solution.
So best we'll get is probably either an unconditional inclusion or some
simpler copy_*
On Sat, 2024-04-27 at 01:48 +0200, Guilhem Moulin wrote:
> built using glibc ≥2.34. AFAICT the “if the ldd output includes
> libpthread then run copy_libgcc()” logic from initramfs-tools is
> mostly moot
> now
Ah, I just realised glibc "merged" libpthread ^^
Therefore...
> but despite what I pr
Hey Guilhem
On Sat, 2024-04-27 at 01:48 +0200, Guilhem Moulin wrote:
> Even it weren't, libpthread wouldn't show up since src:argon2 from
> bookworm
> and later is built using glibc ≥2.34.
When argon2 builds, it uses -pthread ... not really sure what that does
exactly, the manpage merely says it
Hey guys.
I kinda ran into a similar issue.
I use my own OpenPGP keyscript which is highly improved upon that
("decrypt_gnupg") shipped by the package.
One thing that I do is offer optionally feeding the entered passphrase
trough argon2 (the standalone tool from the package of the same name)
whi
On Sat, 2024-04-20 at 07:54 -0400, P. J. McDermott wrote:
> Then the salvage procedure can play out for the full 28+ days
> specified
> by developers-reference (21 days to allow the maintainer to object
> followed by a DELAYED/7 adoption upload). I've already soft-proposed
> to
> salvage in bug #1
On Thu, 2024-02-29 at 13:31 -0700, Sam Hartman wrote:
> > > > >
> I tried to make the revert work either if you didn't have libpam0t64
> at
> all or if you did, but we're more focused on people who never
> upgraded.
>
> If you do run into breakage, we'll work with you to find a solution.
I gues
On Thu, 2024-02-29 at 13:30 +, Simon McVittie wrote:
> The advice for "end users" would be don't run unstable or
> experimental,
> and wait for maintainers to fix release-critical bugs like this one
> as
> they are detected.
Well "end user" is a broad range :-)
I guess quite some people do run
On Thu, 2024-02-29 at 08:14 +0100, Helmut Grohne wrote:
> Can you locate a more complete upgrade log?
Attached is the excerpt from APT's term.log, if that helps.
Cheers,
Chris.
term.log.xz
Description: application/xz
On Thu, 2024-02-29 at 08:50 -0700, Sam Hartman wrote:
> > > > >
> Steve and I agreed to revert the rename on IRC, effectively
> accepting
> the ABI break because it doesn't matter for the archive.
> We may look at better solutions when we have a bit of time.
Do you happen to know whether there's
Hey Simon.
On Thu, 2024-02-29 at 10:33 +, Simon McVittie wrote:
> Yes, the workaround for this is to reinstall any package that carries
> GSettings schemas. gsettings-desktop-schemas is a common one, but
> actually
> any package that has files in /usr/share/glib-2.0/schemas/ should be
> equal
On Thu, 2024-02-29 at 06:53 +0100, Paul Gevers wrote:
> Well, officially downgrading isn't supported (although it typically
> works) *and* losing files is one of the problems of our merged-/usr
> solution (see [1]). I *suspect* this might be the cause. We're
> working
> hard (well, helmut is) to
On Wed, 2024-02-28 at 21:57 -0800, Steve Langasek wrote:
> Furthermore, this is a downgrade from a replacing package to a
> replaced
> package. Unless you also --reinstall the package at the end, missing
> files
> are quite to be expected.
Shouldn't that case be something that DPKG could detect an
Attached is the aptitude log.
Cheers,
Chris.
Aptitude 0.8.13: log report
Thu, Feb 29 2024 02:17:21 +0100
IMPORTANT: this log only lists intended actions; actions which fail
due to dpkg problems may not be completed.
Will install 83 packages, and remove 21 packages.
471 kB of disk space will
Package: libglib2.0-0t64
Version: 2.78.4-2
Severity: critical
Justification: breaks unrelated software
X-Debbugs-Cc: debian-de...@lists.debian.org
Hey.
CCing d-d since there seems some further deeper problem with the t64
transition (namely lib files getting lost, when "downgrading" i.e.
revertin
If you really insist on having that functionality, wouldn't it be
anyway better to:
- Add a systemd.timer that regularly (perhaps weekly?) calls
update-smart-drivedb instead of doing it only once in postinst,
where it's unlikely to be of much use, because the package was just
upgraded, so th
Package: smartmontools
Version: 7.4-1
Severity: grave
Tags: security
Justification: user security hole
X-Debbugs-Cc: Debian Security Team
Hey.
The most recent upgrade forces people to use
update-smart-drivedb by doing it already in the postinst and not leaving it
up to the user whether he wants
Hey.
Seems a new upstream version is out:
https://github.com/strukturag/libheif/releases/tag/v1.17.0
Cheers,
Chris
Hey Jeremy
It seems everything is now fixed upstream (see
https://github.com/strukturag/libheif/issues/974).
But upstream also said[0] a new release might follow in the next
days,... so I guess you don't really need to cherry pick the various
commits that were now necessary.
[0] https://git
Hey Jeremy
On Sat, 2023-09-30 at 05:39 -0400, Jeremy Bícha wrote:
> I pushed my change to the wip/10421242 branch of
> https://salsa.debian.org/multimedia-team/libheif if someone wants to
> do a test build.
I finally came around testing this.
1) building (with all build-deps installed) generall
Hey.
Any chance to cherry pick the fixing commit from upstream and upload a
new version with that to unstable?
Thanks,
Chris.
On Fri, 2023-08-11 at 09:36 -0400, Jeremy Bícha wrote:
> Yes, this is a known issue and it's why I am patching out the switch
> from gkbd-display to tecla in GNOME 45 apps until the tecla app
> actually works.
Ah thanks :-)
Cheers,
Chris.
Package: tecla
Version: 45~beta-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
Hey.
IIRC, this was already the case in the previous version in sid:
When starting tecla, I see only the window and they grey areas for
the keys, but the
Control: forwarded -1 https://github.com/strukturag/libheif/issues/933
Hey.
AFAICS, this had also been reported (and fixed meanwhile) upstream.
Cheers,
Chris.
Hey Joachim.
On Mon, 2023-07-17 at 08:49 +0200, Joachim Bauch wrote:
> do you have any of the "libheif-plugin-*" packages installed with
> 1.16.2?
Quoting myself :-)
On Sun, 2023-07-16 at 14:25 +0200, Christoph Anton Mitterer wrote:
> But after upgrading to 1.16.2-1+b1 dies
On Sun, 2023-07-16 at 16:25 +0200, Fabian Greffrath wrote:
> Do you have the heif-gdk-pixbuf package installed?
Yes:
On Sun, 2023-07-16 at 14:25 +0200, Christoph Anton Mitterer wrote:
> With libheif1, heif-gdk-pixbuf and heif-thumbnailer installed, I was
Cheers,
Chris.
Weird... I did another upgrade/downgrade cycle and it now works (with
the downgraded version) for eog too.
And I'm pretty sure I checked the first time, whether eog was perhaps
still running and using the old (that is the new version) of the lib.
Package: libheif1
Version: 1.16.2-1+b1
Severity: grave
Justification: renders package unusable
Hey.
With libheif1, heif-gdk-pixbuf and heif-thumbnailer installed, I was able
to display *.heic images from my smartphone in eog, geeqie and gimp.
But after upgrading to 1.16.2-1+b1 dies works no long
Hey Guilhem.
> There might be a better way to detect an initramfs-tools environment
I once faced the same question when writing a (cryptsetup) keyscript,
i.e. how to definitely find out whether one's "within" the initramfs.
With crypsetup it may seem easy - check for e.g. /scripts/local-
top/cr
On Mon, 2023-04-03 at 10:38 +0400, Yadd wrote:
> > Causes that would also make it fix #977014.
> Sure, thanks for the link
You've marked it as fixed but haven't closed it.
Was that on purpose or should I close it?
> I saw in this issue that you were a little frustrated by the lack of
> respons
Hey.
Thanks for the fix.
Am I right that this *generally* does not longer enable apache2-
doc.conf per default (i.e. also on fresh installs)?
Causes that would also make it fix #977014.
Cheers,
Chris.
On Wed, 2023-03-08 at 14:04 +0100, Guilhem Moulin wrote:
> No please don't, #-1 is RC so that would block transitioning into
> Bookworm which only supports merged-usr… Will fix that later during
> the
> freeze, but ATM the priority is to get -2 into Bookworm ASAP, not
> further delay the transitio
Control: reopen -1
On Wed, 2023-03-08 at 08:16 +0100, Milan Broz wrote:
> Just upstream is no longer responding here...
Seems upstream is dead... I also have some minor PRs open against
argon2, but no response. Tried to get directly in contact with some of
them, but the same.
@Guilhem, I'm reope
Hey Guilhem.
Is it possible that your fix doesn't work on not-yet-usr-merged
systems?
I get here:
$ env --unset=LD_PRELOAD ldd /sbin/cryptsetup | sed -nr
'/.*=>\s*(\S+)\/libargon2\.so\..*/ {s//\1/p;q}'
/usr/lib/x86_64-linux-gnu
but:
$ dpkg -L libgcc-s1
/lib/x86_64-linux-gnu
/lib/x86_64-linux-
Package: kismet-plugins
Version: 2016.07.R1-1+b1
Severity: grave
Justification: renders package unusable
Hey.
libssl1.1 has been removed from unstable and thus kismet-plugins is no
longer installable.
Cheers,
Chris.
Control: tags -1 - ftbfs
Control: severity -1 important
Still not used to reportbug's new numbering...
Package: vim
Version: 2:9.0.1000-2
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
Hey.
The following probably still worked with 2:9.0.1000-1, but definitely works
again
when going back to the version in testing (2:9.0.0813-1+b1).
Wh
Hey Pierre.
On Tue, 2022-12-06 at 23:08 +0100, Pierre Gruet wrote:
> Thanks for the bug report (and the follow-up precisions you sent)!
>
> Yet I fail to reproduce it on testing. I installed zookeeper and
> zookeeperd on testing, then ran
>
> $ /usr/share/zookeeper/bin/zkCli.sh
> specifying not
And here we go:
CLASSPATH="/etc/zookeeper/conf:/usr/share/java/zookeeper.jar:/usr/share/java/slf4j-log4j12.jar:/usr/share/java/log4j-1.2.jar"
Seems to do the trick to get logging to /var/log/zookeeper/foobar .
The zkCli shows still no prompt, though.
It also needs the /usr/share/java/log4j-1.2.ja
I got a bit further:
Setting:
CLASSPATH="/etc/zookeeper/conf:/usr/share/java/zookeeper.jar:/usr/share/java/slf4j-simple.jar"
i.e. adding the ":/usr/share/java/slf4j-simple.jar" helps a bit...
The server seems to start now, and via zkCli, I can `ls` my paths and
`get` values.
But there's still no
I should perhaps add, that I have installed the zookeeper packages
(zookeeper zookeeperd libzookeeper-java) from testing into stable
(bullseye), all other dependencies were already met with bullseye
versions.
Also, according to https://www.slf4j.org/codes.html#StaticLoggerBinder
and there the ques
Package: zookeeper
Version: 3.8.0-10
Severity: grave
Justification: renders package unusable
Hey.
I've tried the new packagin, but while all my config and data files are in
place,
and while the server "runs", there is no logging (neither to stdout/err for
systemd
nor /var/log/zookeeper .. not
Hey.
I've just installed this again on some node, and for some reason apt-
listbugs still shows it as open:
# aptitude
Performing actions...
Retrieving bug reports... Done
Parsing Found/Fixed information... Done
grave bugs of liblog4j1.2-java (→ 1.2.17-10+deb11u1)
b1 - #1004482 - liblog4j1.2-jav
On Tue, 2022-11-22 at 21:11 -0800, tony mancill wrote:
> Yes, totally. I didn't mean to imply that the bug shouldn't be here.
Sure... just wanted to point out, that I don't consider it your fault
or so :-)
> > I had evolution running, while I've upgraded. And didn't restart it
> > afterwards (
Hey Tony.
On Tue, 2022-11-22 at 20:40 -0800, tony mancill wrote:
> Thank you for the bug report. libphonenumber 8.12.57+ds-1 has been
> in
> testing for longer than a month at this point [1]. Has it been
> broken
> all of this time? If not, I suspect this is related the protobuf
> transition [2
Package: libphonenumber8
Version: 8.12.57+ds-1+b2
Severity: serious
Hey.
After the upgrade, evolution crashes when started:
$ evolution
evolution: symbol lookup error:
/usr/lib/x86_64-linux-gnu/libebook-contacts-1.2.so.4: undefined symbol:
_ZN4i18n12phonenumbers11PhoneNumberC1EPN6google8protob
On Sat, 2022-10-29 at 09:23 +0200, Salvatore Bonaccorso wrote:
>
> No unfortunately we cannot do that. The reason is similar to what
> lead
> to
> https://salsa.debian.org/kernel-team/linux/-/commit/248736d493fcfd0e05cd23f97befe40f5c125c71
> or caused bugs like #916927.
Forgive me my ignorance, b
Hey Salvatore.
On Fri, 2022-10-28 at 06:49 +0200, Salvatore Bonaccorso wrote:
> I did decide to still do so, so we can have the CVE fix migrate
> finally to testing (which took some time as well given there was the
> perl transition ongoing).
Fine for me... I think it would be nice if there was a
Control: retitle -1 6.0.5 fixes critical btrfs bug in 6.0.3, affecting space
cache v1 filesystems
Control: notfound -1 5.19.6-1
Control: found -1 6.0.3-1
No idea why reportbug picked 5.19.6, which I have not even installed
anymore... o.O
Source: linux
Version: 5.19.6-1
Severity: critical
Justification: breaks the whole system
Hi.
6.0.3 introduced a commit that causes (permanent) CPU soft lockups
for some people with btrfs filesystems, effectively breaking the
system, e.g. when booting.
See e.g.
https://lore.kernel.org/linux-btr
Package: libgtkhex-4-1
Version: 43~alpha-1
Severity: grave
Justification: renders package unusable
Hey.
When trying to upgrade:
Unpacking libgtkhex-4-1:amd64 (43~alpha-1) ...
dpkg: error processing archive
/var/cache/apt/archives/libgtkhex-4-1_43~alpha-1_amd64.deb (--unpack):
trying to overwri
On Tue, 2022-08-23 at 16:23 +, Holger Levsen wrote:
> users must not be cleaned up (=removed) on package removal
Well perhaps not a must as per policy, but I think for debian-security-
support it would still make sense to clean up the user, or do you
expect anyone to create files under that us
Hey Holger.
It also seems as if neither that director or its files nor the created
user is ever cleaned up on purge, but left behind as cruft forever.
Or did I oversee something in the posrm?
Thanks,
Chris.
On Fri, 2022-06-10 at 05:09 +0900, Mike Hommey wrote:
> There's a 101.0.1 on the way.
I assume you mean "being built for Debian"?
Anyway... thanks for taking care. :-)
Cheers,
Chris.
Could someone then possibly rebuild this with Julian’s patch, ASAP?
Over a week with a likely remote code exploit hole in the browser of
any Debian (non-ESR) FF user, seems not so ideal,
Thanks,
Chris.
On Sat, 2022-06-04 at 14:42 +0200, Vincent Bernat wrote:
> Unfortunately, Firefox is not buildable due to depending on a version
> of
> Cargo not available in unstable.
Shouldn't that be reopened then?
I wouldn't be surprised if quite a number of people use the non ESR FF,
probably also DDs/DMs.
Package: firefox
Version: 100.0.2-1
Severity: serious
Tags: security ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: Debian Security Team
Hi.
Would be good to see 101 packaged ASAP, as it fixes numerous issues,
including some which are apparent
Package: qtqr
Version: 2.1~bzr46-2
Severity: grave
Justification: renders package unusable
Hey.
On a fresh install of the package:
$ qtqr
Traceback (most recent call last):
File "/usr/bin/qtqr", line 15, in
from qrtools import QR
ModuleNotFoundError: No module named 'qrtools'
Thanks,
Ch
On Sat, 2022-04-02 at 08:14 -0700, tony mancill wrote:
> Thank you for the bug report Chris, for setting the severity so
> as to block the migration, and noting the affected packages.
Actually, the latter two were done by some other helpers :-)
Thanks,
Chris.
Package: libphonenumber8
Version: 8.12.46-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
Hi.
8.12.46-1 causes evolution to fail:
$ evolution
evolution: symbol lookup error: /usr/lib/x86_64-linux-gnu/libphonenumber.so.8:
undefined s
On Sun, 2022-03-20 at 07:07 +0100, Paul Menzel wrote:
> Firefox with VA-API enabled crashes too,
> but not when it’s disabled.
> Do you have VA-API enabled for mpv?
I do have:
hwdec=auto
in mpv.conf, which I think would use vaapi here.
However, I have nothing specifically set for VLC.
Thanks,
Package: libigdgmm12
Version: 22.1.1+ds1-1
Severity: critical
Justification: breaks unrelated software
Hey.
This version breaks e.g. video playback with mpv (also vlc):
$ mpv test.mp4
(+) Video --vid=1 (h264 720x300 23.976fps)
(+) Audio --aid=1 (aac 2ch 44100Hz)
Segmentation fault
With:
Mar
Hey.
Is that going to be fixed in stable, too?
Cheers,
Chris.
Further for the records (for a future upgrade to newer ZK versions):
There will likely need to be a NEWS.Debian entry about the following:
https://issues.apache.org/jira/browse/ZOOKEEPER-3056
In short:
- apparently they've added a check that prevents ZK from starting, when
no snapshots were fou
Package: liblog4j1.2-java
Version: 1.2.17-10
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: Debian Security Team
Hey.
A number of holes was found in the 1.2 branch of log4j.
The following is apparently critical (code injection):
https://www.cvedetails.co
Package: cryptsetup
Version: 2:2.4.2-1
Severity: critical
Tags: security upstream
Justification: root security hole
Hey.
You've probably seen it already... Milan found CVE-2021-4122, and
the package should be upgraded to 2.4.3 ASAP.
Thanks in advance,
Chris.
I just had one occasion of the "freezing" problem... but it was the
first time since we got 94.0-2.
Also it didn't occur short after start, but quite some time after
browsing the very same websites.
But the symptoms were as described in message #15 (i.e. that loading
wheel).
So there may be sti
On Sat, 2021-11-20 at 15:30 -0800, Josh Triplett wrote:
> I'm still experiencing this bug regularly, with complete browser UI
> freezes that require killing and restarting Firefox.
Hm perhaps something else? At least I haven't suffered from that
particular issue since 94.0-2.
Cheers,
Chris.
On Thu, 2021-11-11 at 23:06 +1100, 小太 wrote:
> So either the change needs to be backported to v94
It seems Mike has already been active in that bug (and even found it
himself a ~month ago ^^) and indicated he'll backport it (AFAIU).
Which I hope really happens... I know there is no official secu
Not sure if this is related, but since a while I've noted even bigger
than the usual performance problems of firefox...
Crackling sound is something I've heard for a month now... but since
about FF93 came out CPU utilisation seems to be much higher.
I just load simple webpages and may CPU goes up
> I was also experiencing this problem and was monitoring this bug
> report for potential solutions, but the problem seems to have
> recently disappeared.
I cannot confirm this.
I've just upgraded to 94.0-1 (with everything else on my system
upgraded to the current state of unstable, well everyt
FF94 is still broken.
Oh and as a warning for everyone who wants to try out.
Stupid *zilla seems to no prevent downgrade of the profiles... so once
upgraded you cannot downgrade without throwing away your old profile
with all data in it. Wonderful...
Sometimes it seems that firefox doesn't freeze "immediatly" but some
sites continue to work (and e.g. the address bar still allows input).
But new sites (especially with JS stuff) don't load correctly or just
freeze.
Eventually whole firefox freezes and one cannot event select the
address bar anym
Package: firefox
Version: 93.0-1+b1
Severity: grave
Justification: renders package unusable
Hey.
Since about yesterday (possibly since the rebuilt package came in)
firefox freezes shortly after being started.
There is no high CPU activity then, it just takes no input anymore
(no keyboard, no mous
Package: ca-certificates
Version: 20211004
Severity: grave
Justification: renders package unusable
Hey.
It seems that when not selecting any of the new certs on upgrade, the package
install fails:
Setting up ca-certificates (20211004) ...
Updating certificates in /etc/ssl/certs...
chmod: cannot
Source: pulseaudio
Version: 15.0+dfsg1-2
Severity: grave
Justification: renders package unusable
Hi
Since upgrading to 15.0+dfsg1-2, the pulseaudio daemon runs constantly at
around ~20% CPU
on my system (even when no sound is played).
If sound is played it's constantly crackling.
Downgrading
Package: kdenlive-data
Version: 21.04.3-1
Severity: grave
Justification: renders package unusable
Hey.
There is some conflict:
Preparing to unpack .../kdenlive-data_21.04.3-1_all.deb ...
Unpacking kdenlive-data (21.04.3-1) over (20.12.3-1) ...
dpkg: error processing archive
/var/cache/apt/arch
On Thu, 2021-07-15 at 21:18 -0700, tony mancill wrote:
> The Debian package disables building against Netty via this patch:
> https://salsa.debian.org/java-team/zookeeper/-/blob/master/debian/patches/13-disable-netty-connection-factory.patch
Ah I see.
> This is certainly a valid point. There i
Hey.
On Sun, 2021-06-27 at 14:46 +0200, Salvatore Bonaccorso wrote:
> To me this looks like CVEs in other products, but which zookeeper
> uses
> as dependency? Is this correct?
Indeed, but I couldn't find that the zookeeper package depends on these
while it does contain:
zookeeper-3.4.13/src$ fin
Source: zookeeper
Version: 3.4.13-6
Severity: grave
Tags: security
Justification: user security hole
X-Debbugs-Cc: Debian Security Team
Hi.
The release notes for https://zookeeper.apache.org/doc/r3.6.3/releasenotes.html
list various security issues:
CVE-2020-25649
CVE-2021-21295
CVE-2021-28165
On Tue, 2021-05-04 at 16:51 +0200, Guido Günther wrote:
> Since upstream is pretty inactive i wonder if we should just drop it,
> it
> won't be in bullseye either and popcon is fairly low:
Hmm I always found it to be pretty nice... an are there any specific
bugs/features that would be needed to wo
Hey.
AFAICS, all python script have been adapted to Python3 upstream (or
dropped)... so I guess this could be solved by upgrading to the current
version.
Cheers,
Chris.
Package: gimp-gmic
Version: 2.9.4-1
Severity: grave
Justification: renders package unusable
Hi.
Since one of the more recent upgrades, gimp doesn't start up anymore, when
gimp-gmic is present (purging it solves the issue), but instead hangs
forever at th slapsh screen.
Cheers,
Chris.
$ gimp
On Fri, 2021-01-01 at 12:10 +0100, Michel Le Bihan wrote:
>
>
> That's actually intended. It would be easier to set the build flag
> that
> disables it, but some users are still interested in using it. The way
> it's done currently still allows them to use it.
Yeah, but the point is, AFAIU, for
Hey.
Just wondered:
1) Since this is a binary blob who, by it's nature, is made for
surveillance, it's IMO more a rather serious security issue than just a
DFSG-policy problem.
No one really knows what exactly Google ships there.
So maybe people should be told about this more actively in a DSA
Hey.
Seems gprename has been ported to GTK3... would be awesome if this
could find it's way back into Debian :-)
https://sourceforge.net/p/gprename/bugs/18/
Cheers,
Chris.
On Mon, 2020-08-31 at 10:12 +0200, Markus Koschany wrote:
> remove
> ~/.mozilla/firefox to create a new profile to get it working again.
Doesn't really sound like a "solution" to me (well except than taking
it as a trigger to finally move away from crappy FF).
It seems to have become fashion nowa
On Sat, 2020-08-29 at 01:32 +0200, Markus Koschany wrote:
> Thanks for reporting. I believe this is fixed in 1.29.0+dfsg.
> Unfortunately the package has to go through NEW again which is
> unfortunate. I hope I can convince the ftp-team to fast-track
> reviewing
> uBo (again).
Interestingly it see
1 - 100 of 518 matches
Mail list logo
