Jan-Benedict Glaw | 28 Apr 20:05 2015

Bug#783650: wpasupplicant: Honor /etc/network/interfaces.d/ (or whatever directories are sourced in /etc/network/interfaces)

Package: wpasupplicant
Version: 2.3-2


I configured wpasupplicant with a roaming interface:

root <at> odroid-c1-1:~# cat /etc/network/interfaces.d/wlan0 
auto wlan0
iface wlan0 inet manual
        wpa-driver      wext
        wpa-roam        /etc/wpa_supplicant/wpa_supplicant.conf
        wpa-verbosity   1

I configured one Wifi network in it's wpa_supplicant.conf and it is
joined. However, `dhclient' isn't started, because
/etc/wpa_supplicant/functions.sh:ifup() (sourced from
/sbin/wpa_action) does only look in /etc/network/interfaces, but
doesn't honor in directories configured there with the
"source-directory" directive.

  Modern systems may have something like
"source-directory /etc/network/interfaces.d", which allows to define
each interface in its own file. But since the simple parser doesn't
honor the fragment directory, is just replaces the correct network
name with `default':

 886 #####################################################################
(Continue reading)

Salvatore Bonaccorso | 28 Apr 20:12 2015

Bug#783649: dovecot: CVE-2015-3420: SSL/TLS handshake failures leading to a crash of the login process

Source: dovecot
Version: 1:2.2.13-11
Severity: important
Tags: security upstream patch fixed-upstream


the following vulnerability was published for dovecot.

SSL/TLS handshake failures leading to a crash of the login process

The segfault is easy reproducible if one takes openssl/1.0.2-1 from
experimental. More information and reproducer steps are in [1,2]

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2015-3420
[1] http://dovecot.org/pipermail/dovecot/2015-April/100618.html
[2] http://dovecot.org/pipermail/dovecot/2015-April/100579.html
[3] http://hg.dovecot.org/dovecot-2.2/rev/86f535375750

Please adjust the affected versions in the BTS as needed.


(Continue reading)

Thérèse Bonin | 28 Apr 20:03 2015

Bug#783648: mupdf: fails to display PDFs encrypted with owner (not user) password

Package: mupdf
Version: 1.5-1+b2
Severity: normal

Dear Maintainer,

Since upgrading from Wheezy to Jessie upon the release of the latter, I can no
longer use mupdf to view PDFs I’ve encrypted with qpdf; those encrypted with
pdftk can be displayed.

I suspect that the problem is with mupdf rather than qpdf, because acroread
displays the files without demanding a password, and because acroread reports
that the files encrypted with qpdf can be opened with Acrobat 6.0 and later,
whereas those encrypted with pdftk require only Acrobat 5.0 or later.

If I type “mupdf filename.pdf” in an xterm, the output looks like this:

error: zlib error: incorrect header check
warning: read error; treating as end of file
error: corrupt object stream (3 0 R)
error: cannot open object stream (3 0 R)
error: cannot load object stream containing object (68 0 R)
warning: cannot load object (68 0 R) into cache
mupdf: warning: Invalid password.
error: Needs a password
mupdf: error: cannot open document

Thank you for packaging this very useful program!  And please excuse any
duplicate messages: google’s security measures were confused by reportbug and
blocked my first two attempts to report this.
(Continue reading)

Eike | 28 Apr 19:59 2015

Bug#783646: [devede] "Unrecognized option 'newaudio'" when creating preview

Package: devede
Version: 3.23.0-13-gbfd73f3-2
Severity: normal

--- Please enter the report below this line. ---

When trying to create a preview from an ordinary DVB TS, I get a message 
guessing it might be an mencoder bug. This has been printed to terminal:

Launching program:  ffmpeg -i

-y -target pal-dvd -acodec ac3 -sn -g 12 -bf 2 -strict 1 -t 60.0 -ac 2 -s 
720x576 -threads 4 -trellis 1 -mbd 2 -b 5001000 -ab 224000 -aspect 16:9 -
newaudio /var/tmp/previewfile_01_01.mpg
elemento:  /usr/bin
ffmpeg version 2.6.2-1 Copyright (c) 2000-2015 the FFmpeg developers
  built with gcc 4.9.2 (Debian 4.9.2-10)
  configuration: --prefix=/usr --extra-version=1 --build-suffix=-ffmpeg --
toolchain=hardened --libdir=/usr/lib/x86_64-linux-gnu --
incdir=/usr/include/x86_64-linux-gnu --enable-gpl --enable-shared --disable-
stripping --enable-avresample --enable-avisynth --enable-ladspa --enable-
libass --enable-libbluray --enable-libbs2b --enable-libcaca --enable-libcdio 
--enable-libflite --enable-libfontconfig --enable-libfreetype --enable-
libfribidi --enable-libgme --enable-libgsm --enable-libmodplug --enable-
libmp3lame --enable-libopenjpeg --enable-libopus --enable-libpulse --enable-
libschroedinger --enable-libshine --enable-libspeex --enable-libssh --enable-
libtheora --enable-libtwolame --enable-libvorbis --enable-libwavpack --enable-
libwebp --enable-libxvid --enable-opengl --enable-x11grab --enable-libdc1394 
--enable-libiec61883 --enable-libzvbi --enable-libzmq --enable-frei0r --
(Continue reading)

Jérémy Bobbio | 28 Apr 19:59 2015

Bug#783647: win32-loader: please make the build reproducible

Source: win32-loader
Version: 0.7.9
Severity: wishlist
Tags: patch
User: reproducible-builds <at> lists.alioth.debian.org
Usertags: timestamps


While working on the “reproducible builds” effort [1], we have noticed
that win32-loader could not be built reproducibly.

The attached patch—based on Git master—fixes timestamps related
variations from the build system. Once applied, win32-loader can be
built reproducibly in our current experimental framework.

 [1]: https://wiki.debian.org/ReproducibleBuilds


Jérémy Bobbio                        .''`.
jeremy.bobbio <at> irq7.fr               : :   :         lunar <at> debian.org
                                    `. `'`          lunar <at> torproject.org
Juan Zuluaga | 28 Apr 19:50 2015

Bug#783645: libfontconfig1: iceweasel and gqrx crash. fccharset.c: No such file

Package: libfontconfig1
Version: 2.11.0-6.3
Severity: important

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
 Please be patient, this is the first time I log a bug report.
 I just upgraded from wheezy to jessie (yesterday, April 27/15). 

 Iceweasel: After upgrading distro, iceweasel (31.6.0) crashes in many pages.
 It consistently crashed when trying to login to yahoo email.
 I tried running in safe mode, deleting cache and cookies, uninstalling Flash, but it still keeps crashing.
 Running gdb iceweasel > run > this message appears at crashing point:

 [New Thread 0x7fffcb3ff700 (LWP 3264)]
[New Thread 0x7fffca9ff700 (LWP 3265)]

Program received signal SIGSEGV, Segmentation fault.
0x00007fffeebc2ad5 in IA__FcCharSetIsSubset (a=0x7ffff6d7f660, 
    b=0x7fffcb409040) at fccharset.c:711
711	fccharset.c: No such file or directory.
(gdb) quit
A debugging session is active.

	Inferior 1 [process 3208] will be killed.

Quit anyway? (y or n) y
(Continue reading)

Donald Norwood | 28 Apr 19:24 2015

Bug#783635: mirror submission for mirror.dhakacom.com

Control: tag -1 +moreinfo


Thank you for your support and for mirroring Debian!

We are checking your mirror for entry onto the mirrors list.

We note there is a difference between the select archives you have
indicated: amd64 armel i386 mips mipsel powerpc s390x , against what
your mirror is serving which is the full archive. Is this in error?

It is suggested that you update more frequently than once per day with
the main archive so that your mirror is up to date and synced with the
rest of the archive.

Also, what is the available bandwidth of the mirror?

On Tue, 28 Apr 2015 15:19:17 +0000 "Fakrul Alam" <mirror <at> dhakacom.com>
> Package: mirrors
> Severity: wishlist
> Submission-Type: new
> Site: mirror.dhakacom.com
> Type: leaf
> Archive-architecture: amd64 armel i386 mips mipsel powerpc s390x
> Archive-ftp: /debian/
> Archive-http: /debian/
> Archive-rsync: debian/
(Continue reading)

Lionel Elie Mamane | 28 Apr 19:09 2015

Bug#783644: python-stdnum: new feature: EU VAT VIES check _with_ proof (certificate)

Package: python-stdnum
Version: 1.0-1.0
Severity: wishlist
Tags: patch

Please add a new function to stdnum.eu.vat so that when one does a
VIES VAT number check, one gets a proof (certificate) that one did the
check, as defence against the VAT administration later putting this in
doubt. This certificate is provided by the VIES service, if one provides
one's own VAT number.


>>> stdnum.eu.vat.check_vies('BEXXXXXXXXXX')
   countryCode = "BE"
   vatNumber = "XXXXXXX"
   requestDate = 2015-04-28
   valid = True
   name = "SPRL FAFA"
   address = "RUE DE FAFA 18
6000 NAMUR"


>>> stdnum.eu.vat.check_vies_certificate('BEXXXXXXX', 'LUXXXXXX')
   countryCode = "BE"
   vatNumber = "XXXXXXXX"
(Continue reading)

Andrzej Bylicki | 28 Apr 19:21 2015

Bug#783643: Unmet dependencies in package fglrx-legacy-driver [Sid]

Package: fglrx-legacy-driver (
Error type: unmet dependencies
Concerned Debian version: Sid/Unstable

Full description:
Package fglrx-legacy-driver ( cannot be installed due to unmet dependencies. The package requires any of the following virtual packages:

xorg-video-abi-12 is provided ONLY by xorg-xserver-core (2:1.12.4-6+deb7u6) in Wheezy repositories, but oddly not by xorg-xserver-core (2:1.16.4-1) in Sid repositories. An older version of the faulty package in question: fglrx-legacy-driver ( is available in Wheezy-backports and can be safely installed on Wheezy (confirmed to work properly).

Proposed solutions:
I would suggest the following (mutually exclusive) alternatives:
1. Remove package fglrx-legacy-driver ( and ATI legacy driver related dependencies (*fglrx-legacy*) from Sid repositories so that users are not misled into breaking their setups.

2. Provide the Sid package xorg-xserver-core (2:1.16.4-1) with the virtual package xorg-video-abi-12 or point fglrx-legacy-driver ( that xorg-xserver-core (2:1.16.4-1) contains the mentioned virtual package.

3. Rename package xorg-xserver-core (2:1.12.4-6+deb7u6) to xorg-xserver-core-legacy (2:1.12.4-6+deb7u6), introduce that package to Sid repositories and set up a dependency chain including fglrx-legacy-driver (

As it is right now fglrx-legacy-driver cannot be installed successfully under Sid/Unstable and xorg-xserver-core versions above 1.12 are incompatible with this package.

I am aware that this problem has been reported in the past, but it was abandoned due to lack of upstream response (ATI) and no fix/workaround was provided.

Ross Reedstrom | 28 Apr 18:57 2015

Bug#760781: upstream fix

This bug seems to be fixed upstream:


There is a workaround - if the domain server is known at the time of
the net time call, explicitly pass the name w/ -S:

net time -S <servername|IP>

Not sure where in the install this happens, presumably after CIFS network
config, so the SAMBA domain controller is at a well known name/IP.


Ross Reedstrom, Ph.D.                                 reedstrm <at> rice.edu
Systems Engineer & Admin, Research Scientist        phone: 713-348-6166
Connexions                  http://cnx.org            fax: 713-348-3665
Rice University MS-375, Houston, TX 77005
GPG Key fingerprint = F023 82C8 9B0E 2CC6 0D8E  F888 D3AE 810E 88F0 BEDE

Cyril Brulebois | 28 Apr 19:16 2015

Bug#783642: d-i.debian.org: investigate testing-summary generation

Package: d-i.debian.org
Severity: normal

After dillon's upgrade to jessie, the following occurs:
| From: Cron <d-i <at> dillon> cd $DI; mr -q up ; cd $DI/scripts/testing-summary; svn -q up; ./gen-summary
/srv/mirrors/debian > /srv/d-i.debian.org/www/testing-summary.html
| …
| failed to read frozen packages file: No such file or directory

To investigate when time permits.



To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST <at> lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster <at> lists.debian.org