On Thu, May 08, 2025 at 04:52:36PM +0200, Paul Gevers wrote:
> > I'm not so sure about my statement above, is a Breaks: appropriate when
> > it is not breaking the package build but only breaks debci for that
> > package? Seems like that ought to be handled by
> > gsasl/debian/tests/control Depend
On Thu, May 08, 2025 at 05:25:41PM +0200, Paul Gevers wrote:
> > If this is accurate,
> > then adding a version constraint of (>= 1:2.4~) to the dovecot
> > dependencies for the tests is the correct solution.
>
> Yes, but as the RT is already involved, it doesn't bring us much to do
> another uplo
On Thu, May 08, 2025 at 04:39:52PM +0200, Simon Josefsson wrote:
> >> The testing migration seems a bit unclear to me, can you take a look if
> >> this will actually migrate? It is scheduled for autoremoval right now.
> >> https://tracker.debian.org/pkg/gsasl
> >> https://tracker.debian.org/pkg/li
On Thu, May 01, 2025 at 05:04:33PM -0400, Noah Meyerhans wrote:
> For dovecot in trixie, I'm considering reverting channel binding support
> altogether. That'll force us to drop SCRAM-SHA-1-PLUS and
> SCRAM-SHA-256-PLUS support, but I'd rather do that than ship dovecot 2
On Thu, May 01, 2025 at 10:55:27PM +0200, Simon Josefsson wrote:
> Thanks for debugging! Seems okay for a quick fix but a proper fix should work
> with both new and old configs. I suspect some GSSAPI flag or parameter may
> trigger this, even if it can be fixed in dovecot I would want to review i
Control: tags -1 + patch
On Thu, May 01, 2025 at 03:56:11PM -0400, Noah Meyerhans wrote:
> So for gsasl (and libgssglue) expect a merge request soon to update
> their autopkgtests to the dovecot 2.4 configuration language.
And that is now https://salsa.debian.org/xmpp-team/gsasl/-/merge_re
Package: dovecot-gssapi
Version: 1:2.4.1+dfsg1-2
Severity: grave
Tags: upstream
Justification: Breaks other package's autopkgtests
Issue was first observed in gsasl's autopkgtest failures. Protocol traces are
available in #1104411.
Some (but not all) IMAP clients are unable to negotiate GSSAPI a
I've traced the regression to a specific commit in dovecot. Details at
https://dovecot.org/mailman3/archives/list/dove...@dovecot.org/message/LMUX23ZRYPOJ6RRZWBPBUBSBYK4FLI6O/
I'm still not sure exactly how dovecot broke, but I do suspect the fix
will have to happen there.
So for gsasl (and libgs
On Tue, Apr 29, 2025 at 10:48:24PM +0200, Simon Josefsson wrote:
> Okay that would help to confirm if this is a dovecot problem or gsasl
> problem. You could try increasing the dovecot debug logging during the
> gsasl test, the generic error in dovecot must be caused by something
> and understandin
On Tue, Apr 29, 2025 at 10:22:21PM +0200, Simon Josefsson wrote:
>Thanks for report! Did you confirm that your new dovecot version has
>working GSSAPI support, with some other client? Or is this gsasl
>autopkgtest the only one that test that functionality?
Gsasl (and libgssglue) test
Source: gsasl
Version: 2.2.0-1
Severity: serious
Justification: autopkgtest regression
Dovecot 2.4 is currently in unstable and trying to migrate to testing. It's
currently blocked because its configuration file format changes introduce
regressions in autopkgtests for some packages, including gsa
Package: dovecot-ldap
Version: 1:2.4.1+dfsg1-1
Severity: grave
Tags: pending
Justification: renders package unusable
dovecot-ldap fails to configure with:
Setting up dovecot-ldap (1:2.4.1+dfsg1-1) ...
Error: The new file /usr/share/dovecot/dovecot-ldap.conf.ext does not exist!
dpkg: error p
Control: reassign -1 python3-prompt-toolkit
On Mon, Apr 21, 2025 at 02:01:22PM +0200, Andre Naujoks wrote:
> The 'aws' command no longer functions in any way. Just running 'aws' without
> arguments gives me an exception. Adding arguments does not change this. This
> seems to be very early in initi
On Mon, Apr 21, 2025 at 02:01:22PM +0200, Andre Naujoks wrote:
> The 'aws' command no longer functions in any way. Just running 'aws' without
> arguments gives me an exception. Adding arguments does not change this. This
> seems to be very early in initialization.
>
> $ aws
> Traceback (most recen
Control: tags -1 + pending
Fix in
https://salsa.debian.org/noahm/waagent/-/commit/93d300d8b40b1c3db1c4b4e00caff57848add732
Control: tags -1 + pending
On Sun, Apr 13, 2025 at 12:53:28PM +0200, Helmut Grohne wrote:
> Package: dovecot-flatcurve
> Version: 1:2.4.1+dfsg1-1~exp1
> Severity: serious
> User: debian...@lists.debian.org
> Usertags: fileconflict
> Control: affects -1 + dovecot-fts-flatcurve
Fix is in
https://s
Control: tags -1 + pending
Fix is pending review in
https://salsa.debian.org/cloud-team/google-guest-agent/-/merge_requests/2
On Tue, Apr 01, 2025 at 08:47:25PM +, Stefano Rivera wrote:
> Hi Luca (2025.04.01_18:06:38_+)
> > More generically, if you haven't seen on the MR, I had proposed several
> > alternatives to the submitter that are much safer and clearer, such as
> > a package conflict. The MR submitter's ans
On Tue, Apr 01, 2025 at 09:10:20PM +, Luca Boccassi wrote:
> > Please let's not get ahead of ourselves. I think Stefano was simply
> > pointing out something that had happned in the past, not any new DAM
> > involvement.
>
> Sorry I should have been clearer: when I said warning, I literally
>
On Tue, Apr 01, 2025 at 09:35:02PM +, Luca Boccassi wrote:
> > > > Please let's not get ahead of ourselves. I think Stefano was simply
> > > > pointing out something that had happned in the past, not any new DAM
> > > > involvement.
> > >
> > > Sorry I should have been clearer: when I said war
On Tue, Apr 01, 2025 at 08:59:44PM +, Luca Boccassi wrote:
> > > Do the cloud images use avahi at all? Assuming I'm looking at the right
> > > manifest:
> > >
> > > https://cdimage.debian.org/images/cloud/trixie/daily/20250324-2061/debian-13-generic-amd64-daily-20250324-2061.json
> >
> > No, in
On Tue, Apr 01, 2025 at 08:24:37AM +0200, Helmut Grohne wrote:
> > In the interest of trying to contribute potential solutions, one
> > possibility that comes to mind is to use a generator to avoid
> > conflicting with avahi. If the generator determines that avahi is
> > installed (I don't think i
On Tue, Apr 01, 2025 at 07:06:38PM +0100, Luca Boccassi wrote:
> Do the cloud images use avahi at all? Assuming I'm looking at the right
> manifest:
>
> https://cdimage.debian.org/images/cloud/trixie/daily/20250324-2061/debian-13-generic-amd64-daily-20250324-2061.json
No, in fact most cloud envir
On Mon, Mar 31, 2025 at 11:47:07PM +0200, Marco d'Itri wrote:
> > I am really sorry for the disruption, but unfortunately when features
> > need to be dropped, there's bound to be some of that. Let's keep in
> > mind though, that we are talking about an optional 2% popcon package.
> Considering all
On Mon, Mar 31, 2025 at 10:30:41PM +0100, Luca Boccassi wrote:
> > Please try to find a less disruptive way to handle the resolved
> situation.
>
> I am really sorry for the disruption, but unfortunately when features
> need to be dropped, there's bound to be some of that. Let's keep in
> mind tho
Control: tags -1 + moreinfo
On Mon, Mar 10, 2025 at 12:46:41PM +0100, Santiago Vila wrote:
> In my tests, this fails 100% of the time on
> single-CPU systems and 40% of the time on systems
> with 2 CPUs. I think that's bad enough.
I have not been able to reproduce this, even with single-CPU build
Control: tags -1 + confirmed
On Tue, Mar 11, 2025 at 01:26:57PM +0100, Helmut Grohne wrote:
> Both dovecot-core in experimental and dovecot-sieve in unstable contain
> /usr/share/dovecot/conf.d/90-sieve-extprograms.conf. This can result in
> an unpack error from dpkg:
>
> mmdebstrap --verbose --v
On Tue, Dec 24, 2024 at 09:38:01AM -0500, Noah Meyerhans wrote:
> > > > During a rebuild of all packages in sid, this package failed to build
> > > > on armhf.
> >
> > > The problem seems related to libunwind. Dovecot builds successfully in
> > >
On Tue, Dec 24, 2024 at 01:30:17PM +0100, Chris Hofstaedtler wrote:
> > > During a rebuild of all packages in sid, this package failed to build
> > > on armhf.
>
> > The problem seems related to libunwind. Dovecot builds successfully in
> > trixie, but if we update libunwind packages to the sid v
Control: tags -1 + confirmed
On Mon, Dec 23, 2024 at 06:46:41PM +0100, Lucas Nussbaum wrote:
> During a rebuild of all packages in sid, this package failed to build
> on armhf.
>
> This package currently has binary packages on armhf, so this is a regression.
> Also, there are no known issues on a
Control: tags -1 + patch
The attached patch resolves the issue in (at least) the lxc autopkgtest
environment.
noah
>From da1b5c83e3d730c3f2aa63297bc9e994c0a9b237 Mon Sep 17 00:00:00 2001
From: Noah Meyerhans
Date: Tue, 3 Dec 2024 15:18:21 -0500
Subject: [PATCH] autopkgtest:
Source: fence-agents
Version: 4.15.0-3
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
The fence-agents package is currently failing autopkgtests. This appears to
be caused by iputils-ping no longer being installed with elevated
privile
Control: tags -1 + patch
See https://salsa.debian.org/ha-team/fence-agents/-/merge_requests/8 for
a proposed fix.
Thanks
noah
On Sat, Oct 19, 2024 at 08:19:49PM +0200, Paul Gevers wrote:
> > > > linux-sysctl-defaults should be pulled in as a Recommends (assuming you
> > > > haven't overriden that), which should then apply the new setting.
> > > As Recommends of what?
> >
> > The iputils-ping binary package
>
> autopkgte
On Sat, Oct 19, 2024 at 07:56:37PM +0200, Paul Gevers wrote:
> Hi,
>
> On 18-10-2024 22:42, Noah Meyerhans wrote:
> > linux-sysctl-defaults should be pulled in as a Recommends (assuming you
> > haven't overriden that), which should then apply the new setting.
> As Rec
On Fri, Oct 18, 2024 at 09:35:04PM +0200, Paul Gevers wrote:
> Hi,
>
> On 18-10-2024 21:09, Noah Meyerhans wrote:
> > That'll work, obviously, but I do think it should be considered
> > system-wide on the debci lxc environment. On a common Debian
> > installation
On Fri, Oct 18, 2024 at 08:04:59PM +0200, Paul Gevers wrote:
> > The sysctl is namespaced, so it should suffice to set it in the
> > testbed container.
>
> So, this should be done by src:backuppc then.
That'll work, obviously, but I do think it should be considered
system-wide on the debci lxc en
On Fri, Oct 18, 2024 at 07:48:43PM +0200, Paul Gevers wrote:
> Hi Noah,
>
> On 18-10-2024 19:43, Noah Meyerhans wrote:
> > In bookworm and earlier, ping uses CAP_NET_RAW file capabilities in
> > order to obtain permission to transmit ICMP. The version in trixie and
> >
Control: reassign -1 debci
Control: retitle -1 Please set net.ipv4.ping_group_range sysctl on debci test
hosts
On Thu, Oct 17, 2024 at 10:06:06PM +0200, Paul Gevers wrote:
> system /bin/ping6 -c 1 localhost
> 57s CheckHostAlive: first ping (/bin/ping6 -c 1 localhost) failed (512, )
> 57s no pin
Control: tags -1 + fixed-upstream
On Thu, Oct 03, 2024 at 04:10:44PM -0400, Noah Meyerhans wrote:
> waagent is missing a dependency on python3-setuptools, causing it to crash on
> startup on current sid Azure images.
The 2.12 upstream release branch resolves this issue by eliminating the
Source: waagent
Version: 2.9.1.1-2
Severity: grave
Justification: renders package unusable
waagent is missing a dependency on python3-setuptools, causing it to crash on
startup on current sid Azure images.
noahm@scratch:~$ apt policy waagent
waagent:
Installed: 2.9.1.1-2
Candidate: 2.9.1.1-2
Control: retitle -1 cloud-init should depend on dhcpcd-base rather than dhcpcd
Control: severity -1 important
On Fri, Sep 27, 2024 at 10:47:05PM +0200, Bastian Blank wrote:
> After the cloud-init run, a dhcpcd keeps running and regularly redoing
> the network config:
>
> | Sep 27 20:40:01 boot1 d
On Mon, Sep 23, 2024 at 07:32:05PM +0200, Alexandre Detiste wrote:
> I seen 1 remaining refererence
>
> tests/common/test_cgroupconfigurator.py:from nose.plugins.attrib import attr
Yeah, but we don't actually fail on test failures currently, so dropping
the dependency would not introduce a regres
On Fri, Sep 13, 2024 at 07:57:01PM +0200, Alexandre Detiste wrote:
>
> For some reason waagent was not included it this previous MBF.
>
> I do it now.
>
> python3-nose is as of today RC-buggy.
It seems that we can just drop python3-nose from build-depends. It is
actually used in the build proce
Control: tag -1 pending
Hello,
Bug #1073189 in awscli reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/cloud-team/awscli/-/commit/7f5dd73b698a9fac17aea202f8ffbfd
Control: tag -1 pending
Hello,
Bug #1064307 in awscli reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/cloud-team/awscli/-/commit/7f5dd73b698a9fac17aea202f8ffbfd
Control: tags -1 + upstream
Control: forwarded -1 https://github.com/aws/aws-cli/issues/8342
On Fri, Jun 14, 2024 at 12:13:10PM +0300, Andrey Chernomyrdin wrote:
> After install awscli I got error on any command:
> ImportError: cannot import name 'DEFAULT_CIPHERS' from 'urllib3.util.ssl_'
> (/usr
On Wed, Mar 13, 2024 at 03:57:06PM +0100, Lucas Nussbaum wrote:
> > === FAILURES
> > ===
> > ___ TestUtils.test_init_once_and_debug_mode
> >
> >
> > self = > testMethod=test_init_once_and_debug_
Source: cloud-init
Version: 21.1.4-1
Severity: serious
Tags: ftbfs upstream
Justification: fails to build from source
Cloud-init's test fails in a non-networked build environment, as visible in
recent buildd logs, e.g.
https://buildd.debian.org/status/fetch.php?pkg=cloud-init&arch=all&ver=24.1.4-1
close 895823
thanks
This was actually fixed with the removal of dovecot-common's postrm script with
version 1:2.2.32-2 way back in 2017. However, that change never made it to the
Debian 9 (stretch) branch, which I suspect is what led to this issue being
encountered there.
In any case, as we are
On Sun, Feb 04, 2024 at 09:24:30AM +0200, Graham Inggs wrote:
> debian-cloud-images 0.0.7 introduced a dependency on systemd-timesyncd
> (not mentioned in the changelog), which makes the dependencies of
> debian-cloud-images-packages unsatisfiable [1] due to a conflict with
> chrony.
>
> The depen
Control: tag -1 pending
Hello,
Bug #1060455 in awscli reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/cloud-team/awscli/-/commit/3063cba4ec35ea43ce28eeac05abb96
On Thu, Jan 11, 2024 at 02:27:23PM -0500, Jeremy Bícha wrote:
> There is a diff at
> https://launchpad.net/ubuntu/+source/awscli/2.14.6-1ubuntu1 for this
> issue. You can ignore the build failure since that doesn't seem to
> currently affect Debian Unstable.
Thanks, I've applied that patch and wil
On Tue, Dec 12, 2023 at 08:14:41PM +0100, Andreas Tille wrote:
> maybe we need to remove python-boto and fix all its rdepends.
>
> According to upstream[1]:
>
> This repo, boto was deprecated in 2020 and the last supported Python 3
> version was 3.4. It's unlikely this package will ever work w
Control: tags -1 + pending
On 6/12/2023 8:58 PM, Steve Langasek wrote:
I've applied the attached (very dirty) patch to libmail-dmarc-perl in
Ubuntu, which is sufficient to let the package build in Launchpad. Having
looked at some of the surrounding tests, I'm not sure this would let the
packag
On Wed, Jan 04, 2023 at 06:58:30PM +0200, Adrian Bunk wrote:
> https://buildd.debian.org/status/logs.php?pkg=spamassassin&arch=amd64
>
> ...
> Jan 4 03:57:23.254 [3488924] dbg: logger: adding facilities: all
> Jan 4 03:57:23.255 [3488924] dbg: logger: logging level is DBG
> Jan 4 03:57:23.257 [
Control: tags -1 + pending
The fix targeting sid is pending review on salsa.
My inclination is that this won't need a DSA and can wait for a bullseye point
release, but I'm open to other opinions.
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
On Mon, Apr 25, 2022 at 12:15:40PM +0300, Timo Sirainen wrote:
> >> It looks like the ppc64el build was retried and succeeded.
> >>
> >> Maybe the timeouts should be increased for slow build systems, similar
> >> what upstream did for running under valgrind with commit 2d12409a
> >> ("lib-smtp: Ad
On Wed, Apr 13, 2022 at 09:33:58PM +0200, Christian Göttsche wrote:
> It looks like the ppc64el build was retried and succeeded.
>
> Maybe the timeouts should be increased for slow build systems, similar
> what upstream did for running under valgrind with commit 2d12409a
> ("lib-smtp: Adjust test
close 997513 1:2.3.17.1+dfsg1-1
thanks
This has been been resolved with 1:2.3.17.1+dfsg1-1 via commit
e3d0747bb2ef86b3d146e2a8fcadce18d587db52
On Thu, Dec 09, 2021 at 04:02:24PM +0100, Paul Gevers wrote:
> Source: python-boto
> Version: 2.49.0-3
> Severity: serious
We should probably pursue the removal of this package before the
bookworm release rather than trying to drag it forward for another
release. It's dead upstream in favor of th
On Sun, Dec 05, 2021 at 07:58:17PM +0300, Dmitry Alexandrov wrote:
> >> So what's happening with chromium in both sid and stable? I saw on
> >> d-release that it was removed from testing (#998676 and #998732), with a
> >> discussion about ending security support for it in stable.
> >
> > The pro
close 994439
thanks
resolving per submitter request
On Wed, Aug 11, 2021 at 08:11:27PM -0600, Ross Vandegrift wrote:
> > > 2. I will implement a temporary change to our bullseye images to revert
> > > the
> > >sudoers file to use the old syntax that cloud-init will detect.
> >
> > This is implemented by
> > https://salsa.debian.org/cloud-team/
Control: severity -1 important
Please see https://www.debian.org/Bugs/Developer#severities
On Wed, Jul 28, 2021 at 05:22:43PM +0200, Thomas Goirand wrote:
> After spawning a VM, it takes a long time to get networking (output from
> the console):
>
> cloud-init[281]: Cloud-init v. 20.2 running 'i
On Mon, Jul 19, 2021 at 08:21:45AM -0700, Noah Meyerhans wrote:
> > > CVE-2021-33515[0]:
> > > | The submission service in Dovecot before 2.3.15 allows STARTTLS
> > > | command injection in lib-smtp. Sensitive information can be redirected
> > >
On Sat, Jul 17, 2021 at 09:05:32PM +0200, Salvatore Bonaccorso wrote:
> > CVE-2021-33515[0]:
> > | The submission service in Dovecot before 2.3.15 allows STARTTLS
> > | command injection in lib-smtp. Sensitive information can be redirected
> > | to an attacker-controlled address.
> >
> > https://d
Discussing the path forward for bullseye with the release team in
#988686
On Mon, May 17, 2021 at 07:57:23PM +0200, Guillem Jover wrote:
> > -if [ $code -eq 104 ] && \
> > -! command -v systemctl > /dev/null ; then
> > -# We're not using systemd and thus may have some sysvinit cleanup
> > -# to do in order to comply with policy 9.3.3.1
> >
-if [ $code -eq 104 ] && \
-! command -v systemctl > /dev/null ; then
-# We're not using systemd and thus may have some sysvinit cleanup
-# to do in order to comply with policy 9.3.3.1
-
-if [ -z "$ENABLED" -o "$ENABLED" = 0 ]; then
-# The rc?d sy
On Mon, May 10, 2021 at 09:00:34PM +0200, Moritz Mühlenhoff wrote:
> > Hi, since this package was brought into Debian in ~2018, there have been
> > several transformations in the GCE guest software stack and thus the
> > current landscape is very different. Google doesn't actually maintain the
> >
Control: severity -1 important
On Mon, Mar 29, 2021 at 01:44:15AM +0200, Stephan Helma wrote:
> Severity: grave
> Justification: renders package unusable
Downgrading from grave because I've been unable to reproduce it when
testing various upgrade scenarios. I suspect a local issue that's not
ful
Source: spamassassin
Version: 3.4.2-1+deb10u2
Severity: grave
Tags: security patch upstream
Justification: user security hole
X-Debbugs-Cc: Debian Security Team
CVE-2020-1946
Quoting from https://www.openwall.com/lists/oss-security/2021/03/24/3 :
In Apache SpamAssassin before 3.4.5, maliciou
Package: cloud-init
Version: 20.4-1
Severity: grave
Tags: security upstream patch
Justification: user security hole
X-Debbugs-Cc: Debian Security Team
cloud-init has the ability to generate and set a randomized password for
system users. This functionality is enabled at runtime by passing
cloud-
On Mon, Jan 25, 2021 at 11:51:11AM -0500, Joe Nahmias wrote:
> Just wanted to ask if there's anything I can do to help? I could try
> updating the package to the latest upstream release, which should fix
> those issues, but hesitate to do that without maintainer agreement. Given
> the timing, I'd h
Control: block -1 by 972721
> File "/usr/lib/python3/dist-packages/httpretty/core.py", line 438, in
> makefile
> if t.isAlive():
> AttributeError: 'Thread' object has no attribute 'isAlive'
This looks like #972721
I don't think we need to do anything in python-boto to fix this.
Control: tag -1 pending
Hello,
Bug #969803 in awscli reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/cloud-team/awscli/-/commit/4520ece3337f4e73d5323651fd1c453c
On Tue, Sep 08, 2020 at 07:33:13PM +0100, Sudip Mukherjee wrote:
> > Short of communicating with a remote service, I'm not sure how we can
> > get more meaningful functional test coverage in this package, but it
> > would be nice to do so.
>
> There is also another "Restrictions: needs-internet" w
On Tue, Sep 08, 2020 at 10:38:18AM +0100, Sudip Mukherjee wrote:
> The test done in the autopkgtest of 'awscli' does not provide
> significant test coverage and it should be marked with "Restrictions:
> superficial".
The current test merely invokes "/usr/bin/aws help". Is there any
actual value i
Package: src:dovecot
Version: 1:2.3.10.1+dfsg1-2
Severity: grave
Tags: security bullseye sid
Justification: user security hole
Multiple security issues have been identified in dovecot. These were addressed
in stable with dovecot 1:2.3.4.1-5+deb10u3 (DSA 4745-1), but need to be tracked
in unstable
Control: reopen -1
This isn't actually resolved. The usage of python is still unversioned
(that is, the tests invoke /usr/bin/python, rather than python3, which
still fails).
The tests really have no need at all to use python. Since
spamassassassin is a perl project, it'd be reasonable to reimp
Control: tags -1 + patch
Proposed fix is at https://salsa.debian.org/debian/dovecot/-/merge_requests/8
(This message was previously sent to the wrong bug by mistake...)
Linking against libunwind helps on (at least) armel, but it seems to
break on (at least) arm64.
The test suite reports the following when linked against libunwind on
arm64:
test-backtrace.c:14: Assert failed: strstr(str_c(bt), "te
Based on https://lists.debian.org/debian-glibc/2011/09/msg4.html, it
appears that adding -funwind-tables to CFLAGS solves the problem on
32-bit arm systems. AFAICT, this is not documented in the gcc manual or
the docs for backtrace(3).
Adding -rdynamic to LDFLAGS makes the stack traces actual
Initial testing suggests that adding libunwind-dev to build-deps
resolves this issue.
Package: src:dovecot
Version: 1:2.3.10.1+dfsg1-1
Severity: serious
Justification: FTBFS on armel and armhf
Tags: sid
Dovecot currently fails to to build on 32-bit arm architectures.
The failure is in the upstream test suite, with the following output:
test-backtrace.c:19: Assert failed: backtrac
On Tue, May 26, 2020 at 05:10:10PM +0300, Adrian Bunk wrote:
> > Adrian filed a rc bug in November 2019 which received no maintainer
> > response, however the package was not autoremoved from testing due to aufs
> > and aufs-tools being considered a "key packages" due to high popcon. This
> > po
On Fri, May 22, 2020 at 11:51:07PM +0200, Michael Biebl wrote:
> > I will upload a new upstream version to sid containing the workaround
> > for the test failures. I will leave this bug open, but will reduce the
> > severity to 'normal'. In a subsequent upload, I will apply a patch to
> > impleme
On Sun, May 10, 2020 at 11:06:26PM +0200, Michael Biebl wrote:
> > +echo "Waiting for the service to be available"
> > +c=0
> > +while ! nc -z -U /var/run/dovecot/auth-userdb; do
> > + c=$(($c+1))
> > + sleep 2
> > + if [ $c -gt 30 ]; then
> > + echo "Timed out waiting for the servi
On Wed, May 20, 2020 at 12:55:08PM +0200, Tomas Pospisek wrote:
> What's the status of this problem? Is anybody working on dovecot to have
> this fixed in Debian stable?
It was fixed with DSA 4690: https://www.debian.org/security/2020/dsa-4690
Control: tags -1 + patch
> I'll move this package to a cloud-team repository and prepare an upload
> to unstable on Monday if nobody beats me to it.
https://salsa.debian.org/cloud-team/python-boto/-/merge_requests/1
On Sun, May 10, 2020 at 09:49:18AM +0200, Andreas Tille wrote:
> this bug stays a source of autoremoval warnings noise. I wonder if
> someone might take action on this to move the package to team
> maintenance. Eric suggested the cloud team which is perfectly fine for
> me - but can this please m
On Mon, Mar 30, 2020 at 11:44:23AM +0200, Andreas Tille wrote:
> I wonder whether we should take over python-boto into DPMT maintenance
> which would enable commits to Git way more easily.
If it's going to move, might I suggest maintaining it within the
cloud-team instead? Among other things, th
Package: src:spamassassin
Version: 3.4.2-1+deb10u1
Severity: grave
Tags: security
CVE-2020-1930:
Apache SpamAssassin 3.4.4 was recently released, and fixes an issue
of security note where nefarious rule configuration (.cf) files can be
configured to run system commands similar to CVE-2018-11805.
Package: spamassassin
Version: 3.4.2-1
Severity: grave
Tags: upstream fixed-upstream pending security
Per upstream's 3.4.3 release announcement:
Apache SpamAssassin 3.4.3 was recently released [1], and fixes an issue
of security note where a message can be crafted in a way to use
excessive resour
Package: spamassassin
Version: 3.4.2-1
Severity: grave
Tags: security upstream fixed-upstream pending
Per upstream's release announcement:
Apache SpamAssassin 3.4.3 was recently released [1], and fixes an issue
of security note where nefarious CF files can be configured to run
system commands wit
Control: severity -1 important
Dropping the severity of this after verifying that it does not impact
the default install when upgrading across multiple Debian releases.
Control: tags -1 + moreinfo
On Tue, Nov 26, 2019 at 06:07:15PM +0100, Christian Göttsche wrote:
> gpg: WARNING: unsafe ownership on homedir
> '/var/lib/spamassassin/sa-update-keys'
> gpg: failed to create temporary file
> '/var/lib/spamassassin/sa-update-keys/.#lk0xREPLACED.1705986':
> Permission
There's a bug in upstream's build system that causes the build to fail
if setcap is unavailable, even if its usage is disabled via the
NO_SETCAP_OR_SUID configuration. I'll work with upstream to get this
fixed.
On Sat, Jul 06, 2019 at 01:31:08PM +0200, Gianfranco Costamagna wrote:
>
> Hello, looks like the new version does search for *bin/setcap tool, and fails
> to build if missing.
>
Hm. Seems libcap2-bin is present in my pbuilder environment as a result
of being a dependency of packages like iprout
1 - 100 of 178 matches
Mail list logo
