Package: thunderbird
Version: 1:115.10.1-1
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
Thunderbird was (understandably) using an internal copy of librnp
because upstream hadn't releasd a version with
`rnp_signature_get_features`
Now that 0.17.1-1 is in debian/unstable, please rebuild
ually
pruning for things that include either my name or e-mail address):
```
DEBFULLNAME=Daniel Kahn Gillmor
DEBEMAIL=d...@fifthhorseman.net
DEBSIGN_MAINT=Daniel Kahn Gillmor
EMAIL=d...@fifthhorseman.net
```
None of this seems wrong to me; or even if it does, it still ought to be
able to be c
Package: gpg-from-sq
Version: 0.8.0-5
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
Control: affects -1 + src:rnp
With gpg-from-sq installed, trying to build rnp 0.17.1-1 results in
these test failures:
---
96% tests passed, 10 tests failed out of 263
Total Test time (real) = 273.53
Control: affects 1070688 + gpg-from-sq apt
Hi Farblos, all--
Thanks for this detailed bug report (https://bugs.debian.org/1070688).
I'm a bit confused about the following:
On Wed 2024-05-08 11:07:28 +0200, Farblos wrote:
> Never mind. During one of the last t64 upgrade orgies package gpg-sq
Package: ruby-kramdown-rfc2629
Version: 1.7.1-1~exp1
Severity: wishlist
X-Debbugs-Cc: Daniel Kahn Gillmor
Dear Maintainer,
kramdown-rfc 1.7.11 is available upstream -- it would be great to have
this in debian, because it offers a feature that i hope to use for
draft-ietf-lamps-header-protection
Package: gpgv-from-sq
Version: 0.8.0-5
Control: affects -1 + apt
Control: forwarded -1 +
https://gitlab.com/sequoia-pgp/sequoia-chameleon-gnupg/-/issues/68
As of 50e3fee26ae843a812b1c9ec8531946931773fd3, apt 2.7.13 started
trying to use --assert-pubkey-algo, which appears to have been hastily
Hi Guillem--
On Sat 2024-04-27 23:13:13 +0200, Guillem Jover wrote:
> I was just modifying this code for another report I'm about to file,
> and instead wondered why have it at all! I'm proposing simply removing
> the backwards compat code given that even in oldstable gnugp1 is
> already at
Package: elpa-debian-el
Version: 37.11
Severity: normal
X-Debbugs-Cc: none, d...@fifthhorseman.net, Daniel Kahn Gillmor
When i do "M-x debian-bug P elpa-debian-el RET" i get the template you
see here.
Weirdly, X-Debbugs-Cc is pre-populated in this way.
There are at least two th
Package: debian-keyring
Version: 2024.03.24
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor ,
ftpmas...@ftp-master.debian.org, ftpmas...@debian.org
I receive e-mail messages from the debian FTP archive-processing
software are signed with F38AA24EB85F09F9923CA4949BF6A82061CCB921, and
labeled
Hi László--
Thanks for sorting out the 3.3-1 upload for tcplay, multiarch-ifying
library along the way, and updating the packaging history in Salsa, too!
With much appreciation,
--dkg
signature.asc
Description: PGP signature
Package: gpg-sq-dbgsym
Version: 0.8.0-4
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
I am trying to debug a performance issue with gpg-sq upstream
(https://gitlab.com/sequoia-pgp/sequoia-chameleon-gnupg/-/issues/72) and
i attached gdb to a running gpg-sq process.
As soon
On Mon 2024-04-22 20:17:54 +, Holger Levsen wrote:
> fixed in git.
thanks! I've just uninstalled the octopus, but i'll consider
reinstalling it later if this and some of the performance issues can be
ironed out (or maybe to help iron out the performance issues, visible
upstream at
Package: libsequoia-octopus-librnp
Severity: wishlist
X-Debbugs-Cc: Daniel Kahn Gillmor
the octopus has a simple, superficial autopkgtest, which just confirms
that the library has the expected symbols.
It would be great to have an autopkgtest that confirms that it actually
interoperates
Package: libsequoia-octopus-librnp
Version: 1.8.1-3
Severity: grave
X-Debbugs-Cc: Daniel Kahn Gillmor
Trying to install libsequoia-octopus-librnp:
/var/lib/dpkg/tmp.ci/preinst: 12: Syntax error: "fi" unexpected (expecting
"then")
dpkg: error processing archive
/tmp/apt-d
On Sun 2024-04-21 15:44:12 +0200, László Böszörményi (GCS) wrote:
> I prefer communication first. :) Currently I'm travelling so I can
> only check it on Tuesday.
That's why i uploaded to DELAYED/15 :) thanks for offering to take a
look at it later this week, László!
> There were some license
Package: libsequoia-octopus-librnp
Version: 1.8.1-2
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
Control: affects -1 thunderbird gpg-from-sq gpgv-from-sq
When i try to install thunderbird 1:115.10.1-1, i get this error:
```
Unpacking thunderbird (1:115.10.1-1) over (1:115.9.0-1+b1
Package: libsequoia-octopus-librnp
Version: 1.8.1-2
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
/var/lib/dpkg/info/libsequoia-octopus-librnp.preinst contains:
#!/bin/sh
set -e
add_diversion() {
dpkg-divert --package libsequoia-octopus-librnp --add --rename \
--divert &qu
Control: retitle 979617 tcplay: new upstream version 3.3 (includes VeraCrypt
support)
I've just confirmed what Johannes said about tcplay 3.3 building easily
on debian. I uploaded 3.3-0.1 to unstable as an NMU to DELAYED/15,
after cleaning up the packaging a little bit.
I've imported all the
Source: tcplay
Version: 1.1-6
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
In looking at cleaning up the tcplay package in debian, i noticed that
the libtcplay package name doesn't match the SONAME of libtcplay.so.1.1
It looks like upstream hasn't actually been doing normal C library
Source: tcplay
Version: 1.1-6
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
libtcplay gets installed directly in /usr/lib, and tcplay.pc gets placed
in /usr/lib/pkgconfig. For modern, multiarch systems, these should
probably be placed in a different location.
We're also currently patching
Retitle: 979617 tcplay: new upstream version 3.3 (includes VeraCrypt support)
On Thu 2023-02-16 15:07:10 +0100, Johannes Truschnigg wrote:
> tc-play 3.3 seems to build fairly cleanly on bullseye from its tag/release
> tarball [0]. It'd be *really* nice to have in Debian to be able to handle
>
Control: reopen 1069202
Control: found 1069202 0.8.0-3
The symlinks in the gpg-from-sq and gpgv-from-sq packages appear to
point in the wrong direction. That is, gpg-from-sq installs a symlink
at /usr/bin/gpg-sq, which refers to gpg. Instead, gpg-from-sq should
install a symlink at
Package: elpa-rust-mode
Version: 0.4.0-2
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
File: /usr/share/emacs/site-lisp/elpa-src/rust-mode-0.4.0/rust-mode.el
When i enter rust-mode on a file that has no problems, i see the
following warnings in the emacs *Warning* buffer:
⛔ Warning (comp
Source: librust-sequoia-openpgp-dev
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
Hi all--
If i try building rust-sequoia-openpgp (e.g. using debuild -uc -us) as a
non-privileged user on a system that has some unnecessary dependencies
installed, i will sometimes get a failure during
Source: rust-base64
Version: 0.21.7-1
Severity: wishlist
X-Debbugs-Cc: Daniel Kahn Gillmor
rust-base64 has a new upstream version 0.22.0 available, with the
following subtle changes to the API since 0.21.7:
- `DecodeSliceError::OutputSliceTooSmall` is now conservative rather
than precise
Package: gpg-from-sq
Version: 0.8.0-1
Severity: wishlist
X-Debbugs-Cc: Daniel Kahn Gillmor
If i install gpg-from-sq, i'd expect it to satisfy any dependency that
exists for gpg. That means it should probably have a Provides: header.
Given that the current chameleon sources infer the behavior
Package: gpgv-from-sq
Version: 0.8.0-1
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
If i install gpgv-from-sq, i'd expect it to satisfy any dependency that
exists for gpgv. That means it should probably have a Provides: header.
Given that the current chameleon sources infer the behavior
Package: gpg-from-sq
Version: 0.8.0-1
Severity: grave
X-Debbugs-Cc: Daniel Kahn Gillmor
I did:
apt install gpg-from-sq
and i expected to run `gpg --version` and see the resultant info from
the chameleon.
Instead, i see:
bash: gpg: command not found
I'm seeing the same issue
Source: rust-sequoia-chameleon-gnupg
Version: 0.8.0-1
Severity: grave
X-Debbugs-Cc: Daniel Kahn Gillmor
trying to upgrade from sequoia-chameleon-gnupg 0.5.1-1 to
sequoia-chameleon-gnupg 0.8.0-1, i see this:
```
Selecting previously unselected package gpg-sq.
Preparing to unpack .../gpg
On Sat 2024-04-06 16:20:33 +0800, Sean Whitton wrote:
> Thanks! Just to note that I also had to add python3-gssapi as a b-d.
That sounds reasonable. thanks for taking care of that, Sean!
--dkg
signature.asc
Description: PGP signature
On Sat 2024-04-06 11:40:14 +0800, Sean Whitton wrote:
> On Thu 04 Apr 2024 at 06:37pm -04, Daniel Kahn Gillmor wrote:
>
>> On Wed 2024-04-03 13:03:19 +0800, Sean Whitton wrote:
>>> Thanks, but can you sign this off? Ty!
>>
>> Sure, attached. Let me know if you ne
On Thu 2024-04-04 15:28:34 -0400, Daniel Kahn Gillmor wrote:
> ssh-agent is a critical piece of infrastructure for my workflow, and i
> want it better integrated with my user session, which is managed by
> systemd's per-user login manager (`systemd --user`).
I'm attaching an up
Package: dunst
Version: 1.9.2-1
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
the dunst system --user service works well whenever i'm in a graphical
environment, but it produces a lot of noisy warnings, errors, and
complaints, especially when i log in from a tty instead of a graphical
On Wed 2024-04-03 13:03:19 +0800, Sean Whitton wrote:
> Thanks, but can you sign this off? Ty!
Sure, attached. Let me know if you need anything different.
--dkg
From b522c1cc6201f75ab6103954016bbb719d4dd2fa Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor
Date: Tue, 30 Jan 2024 15
Package: kanshi
Version: 1.5.1-2
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
I'm using sway 1.9-1 with kanshi. When i plug in an external monitor,
kanshi matches it appropriately against my configuration, and it
configures the monitor appropriately.
However, when i do `swaymsg reload
Package: openssh-client
Version: 1:9.7p1-4
Severity: wishlist
X-Debbugs-Cc: Daniel Kahn Gillmor
Tags: patch
Hi Debian OpenSSH maintainers!
ssh-agent is a critical piece of infrastructure for my workflow, and i
want it better integrated with my user session, which is managed by
systemd's per
Package: openssh-client
Version: 1:9.7p1-4
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
Forwarded: https://github.com/openssh/openssh-portable/pull/479
Tags: patch
On a pure wayland system, without X11, openssh-askpass-gnome works just
fine.
But ssh-agent won't use it when passed the -c
tch is worth applying generally, but given the flux around mypy
typing, i would also be fine with just recording the output of mypy
--strict instead of failing hard on it.
--dkg
From b522c1cc6201f75ab6103954016bbb719d4dd2fa Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor
Date: Tue, 30
Package: chromium
Version: 122.0.6261.57-1
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
I regularly launch chromimum with --temp-profile to have a completely
isolated, throwaway browsing session.
I am experimenting with switching to wayland. To use chromium with
wayland, i need to launch
Package: openssh-client
Version: 1:9.7p1-2+b1
Severity: normal
Tags: patch
Forwarded: https://github.com/openssh/openssh-portable/pull/479
X-Debbugs-Cc: Daniel Kahn Gillmor
When using a wayland graphical environment without xwayland, at least
two different parts of OpenSSH decline to prompt
Package: elpa-magit-forge
Version: 0.3.2-1
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
I'm trying to do some work on impass, which is publicly hosted on
salsa.debian.org.
From emacs, i'm using forge in my working copy of the impass git repo,
and i've configured ~/.gitconfig to have
Package: wireplumber
Version: 0.4.17-1+b1
Severity: normal
X-Debbugs-Cc: Daniel Kahn Gillmor
I am trying to use wireplumber from the command line (or as a backend to
another controlling tool). the wireplumber package includes `wpctl`,
which appears to be the thing that i want to use
Package: elpa-magit
Version: 3.3.0-3
Severity: normal
X-Debbugs-Cc: d...@fifthhorseman.net
Dear Maintainer,
I'm using emacs-pgtk 29.2+1-2, with magit.
I opened a revision controlled file in magit, and got the following
warnings in my *Messages* buffer:
⛔ Warning (comp): magit-utils.el:571:33:
Package: kanshi
Version: 1.5.1-1
Severity: minor
X-Debbugs-Cc: d...@fifthhorseman.net
Dear Maintainer,
Reading the manual page for kanshi(1), i note that it has a SEE ALSO
reference to kanshictl(1). no such manual page or binary is shipped.
Looking at the upstream source, it appears to only be
for maintaining devscripts!
--dkg
From 6bed35a535962534883a5aa233cbbcbfc7b15624 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor
Date: Thu, 14 Mar 2024 14:10:59 -0400
Subject: [PATCH] debsign: check gpg version with machine-parseable format
debsign currently tries to determine the version of gpg
/changelog
index f2851b483e..c51e93d091 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,17 @@
+libreswan (4.10-2+deb12u3) bookworm-security; urgency=medium
+
+ * Fix CVE 2024-2357 (Closes: #1066059)
+
+ -- Daniel Kahn Gillmor Tue, 12 Mar 2024 00:14:33 -0400
+
+libreswan (4.10-2
Control: forwarded 1053550 https://github.com/libreswan/libreswan/issues/1645
On Fri 2023-10-06 15:31:40 +0800, Herbert Xu wrote:
> When the IP address of a host behind NAT changes, libreswan fails
> to respond correctly when IKEv2 is used. This is a regression from
> IKEv1 as libreswan will
Package: thunderbird
Version: 1:115.7.0-1
When i select a timezone in the dropdown list for Thunderbird, i expect
changing the timezone indicator to change the highlighted part of the
world map.
In practice, this doesn't happen.
Attached is a screenshot showing a region of the Pacific Ocean
Package: sysstat
Version: 12.7.5-2
```
0 dkg@alice:~$ grep Source /usr/share/doc/sysstat/copyright
Source: http://sebastien.godard.pagesperso-orange.fr/
0 dkg@alice:~$
```
but when i visit that page, i get redirected to
https://end.pagesperso-orange.fr/ , which currently offers the following
On Mon 2024-02-12 11:18:59 -0500, Jérôme Charaoui wrote:
> On Fri, 09 Feb 2024 10:19:59 -0500 Daniel Kahn Gillmor
> wrote:
>> Package: src:pgpainless
>> Version: 1.6.5-1
>> Severity: wishlist
>>
>> pgpainless 1.6.6 is available upstream. it would be great to
Package: src:pgpainless
Version: 1.6.5-1
Severity: wishlist
pgpainless 1.6.6 is available upstream. it would be great to have it in
debian.
Thanks,
--dkg
signature.asc
Description: PGP signature
Package: sq
Version: 0.33.0-2
sq upstream has some pretty good manpage coverage. However, the sq
package no longer seems to ship any man pages.
It would be great to ensure that the upstream manpages are generated at
build time, and shipped with the sq package.
Thanks,
--dkg
Package: src:sop-java
Version: 4.1.0
Control: affects -1 + pgpainless-cli
Hi folks--
sop-java 4.1.2 is available upstream, and should be a relatively
straightforward update in Debian.
As are several substantially newer versions, but the newer ones look
like they might be semver incompatible, so
On Thu 2023-11-16 20:49:49 -0500, Daniel Kahn Gillmor wrote:
> The attached patch runs the valgrind tests during build, but i also note
> that it causes a build failure on amd64 platforms, because of what
> appears to be data-dependent branching during RSA decryption. I've
> raised
036e3794b169f8b0bfe306bc6db1ac47d9527da7
Author: Daniel Kahn Gillmor
Date: Wed Nov 15 12:45:19 2023 -0500
Run tests under valgrind during build
diff --git a/debian/control b/debian/control
index ce51f75b..c16150b5 100644
--- a/debian/control
+++ b/debian/control
@@ -8,6 +8,7 @@ Build-Depends
Thanks Andreas and Samuel for doing the work to take pinentry out of the
bootstrap path! This was very nicely done.
Another approach to consider for the future could be for the
bootstrapping build daemons to use a different OpenPGP signing tool
there are a number of different OpenPGP signers in
Hi Manoj--
On Mon 2023-09-25 19:01:45 -0400, Daniel Kahn Gillmor wrote:
> Control: forwarded 1052131 https://dev.gnupg.org/T6733
> Control: retitle 1052131 GnuPG's keytocard fails on Yubikey 5 NFC when PIN is
> not default
I don't know whether you've seen over on the upstream bug but
Source: ruby-kramdown-rfc2629
Version: 1.6.22-1
Severity: wishlist
X-Debbugs-Cc: d...@fifthhorseman.net
kramdown-rfc now has version 1.7.1 out. it would be great to have
that in debian.
Thanks!
--dkg
-- System Information:
Debian Release: trixie/sid
APT prefers testing-debug
APT
Package: spice-client-gtk
X-Debbugs-Cc: d...@fifthhorseman.net
Version: 0.42-2
Severity: minor
Dear Maintainer,
When i run spicy with the following command:
spicy --uri=spice+unix:///path/to/spice/socket/S.spice
--spice-shared-dir=/path/to/spice/shared
it produces the following
Control: forwarded 1052131 https://dev.gnupg.org/T6733
Control: retitle 1052131 GnuPG's keytocard fails on Yubikey 5 NFC when PIN is
not default
Please feel free to re-retitle if i've got the summary wrong. I've also
forwarded this upstream since it might affect other non-debian users.
On Wed 2023-09-20 13:30:23 +0900, NIIBE Yutaka wrote:
> NIIBE Yutaka wrote:
>> I backported and pushed my changes to tmp-gniibe-v2.4.
>>
>> https://salsa.debian.org/gniibe/gnupg2
>>
>> This is Debian compatible version of GnuPG 2.4.1.
>
> Today, I merged 2.4.3 from Andreas Metzler's
Package: src:python-pyasn1-modules
Version: 0.2.8-1
Severity: wishlist
It looks like @etingof has sadly passed away:
https://github.com/etingof/pyasn1-modules/issues/154 and the maintenance
of pyasn1 has moved locations:
https://github.com/etingof/pyasn1-modules/issues/150
The new upstream
Control: forwarded 1051719 https://github.com/jrblevin/markdown-mode/pull/725
Hi Nicholas--
On Tue 2023-09-12 17:02:55 -0400, Nicholas D Steeves wrote:
> Agreed! Are you interested in forwarding this bug upstream to
> https://jblevins.org/projects/markdown-mode, or would you prefer to wait
>
Package: elpa-markdown-mode
Version: 2.5-1
I get a lot of warnings from markdown-mode when i launch emacs. the
buffer contains the following:
⛔ Warning (comp): markdown-mode.el:189:2: Warning: custom-declare-variable
`markdown-indent-on-enter' docstring has wrong usage of unescaped single
Package: xapers
Version: 0.9.0-1
I see the following warning when i use "xapers add" :
```
Running
/usr/bin/xapers:6: DeprecationWarning: pkg_resources is deprecated as an API.
See https://setuptools.pypa.io/en/latest/pkg_resources.html
from pkg_resources import load_entry_point
```
This
On Tue 2023-07-18 19:06:58 +0200, Carsten Schoenert wrote:
> Your analysis is correct, Thunderbird will need a version constrain on
> librnp0. But this requires the package to be available at least in
> experimental.
>
> I'll do some work around this and change the build system while
>
Hi all--
Many apologies for the delayed response on this thread, and my recent
delays on GnuPG in debian generally. My time has been lacking here, and
my relationship with GnuPG upsteam is sadly strained, though i wish it
were not.
I really appreciate the work that other folks have put in here
Package: src:bouncycastle
Version: 1.72-2
Control: block 1043471 by -1
Please update bouncycastle to at least version 1.76. As noted in
#1043471, the older version of bouncycastle means we can't get the
latest version of pgpainless into debian.
Thanks for maintaining bouncycastle for debian!
Package: src:pgpainless
Version: 1.3.16-1
Severity: wishlist
According to https://github.com/pgpainless/pgpainless/tags version 1.6.1
was released 3 weeks ago. It would be great to get this version into
debian.
Thanks for maintaining pgpainless in Debian!
--dkg
signature.asc
On Thu 2023-08-10 21:59:24 +, Thorsten Alteholz wrote:
> On Thu, 10 Aug 2023, Daniel Kahn Gillmor wrote:
>> The corrected URL is https://github.com/rnp/sexpp and the package name
>> will be sexpp. This has been in NEW for over a month now, and is
>> blocking our abili
On Wed 2023-06-21 12:20:52 -0400, Daniel Kahn Gillmor wrote:
> Package: wnpp
> Severity: wishlist
> Owner: Daniel Kahn Gillmor
> X-Debbugs-Cc: debian-de...@lists.debian.org, d...@fifthhorseman.net
>
> * Package name: sexp
> Version : 0.8.5
> Upstream
Package: knot-resolver
Version: 5.3.1-1+deb11u1
An armhf bullseye machine received several rapid and unexpected power
outages, automatically rebooting each time, with kresd opening
immediately on boot.
after the third boot, I see these mdb errors and warnings, resulting in
a permanent failure of
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: tcpcr...@packages.debian.org, d...@fifthhorseman.net
Control: affects -1 + src:tcpcrypt
https://tcpcrypt.org has been non-responsive for quite some time, and
the tcpcrypt.org domain
Source: curl
Version: 7.88.1-10
Severity: normal
X-Debbugs-Cc: d...@fifthhorseman.net
libcurl4 (and indeed, libcurl3-nss) both ship shared objects that
themselves link to a set of shared objects that are a strict superset
of the shared objects linked to by libcurl3-gnutls:
```
0 dkg@alice:~$
Control: forwarded 1038912 https://github.com/libreswan/libreswan/issues/1202
On Fri 2023-06-23 00:49:24 +0100, Samuel Henrique wrote:
> This package build-depends on the NSS variant of libcurl "libcurl4-nss-dev".
>
> Curl's upstream announced support for NSS is going to be dropped in August
>
Control: block 1041409 by 1038812
Hi all--
Thanks for noticing this. Putting rnp 0.17.0 in the archive will
require sexpp to land in the archive as well, but has been in in NEW for
a few weeks (see #1038812).
--dkg
On Tue 2023-07-18 19:06:58 +0200, Carsten Schoenert wrote:
> Hi Alper,
>
>
Package: linux-image-6.1.0-9-armmp 6.1.27-1
I recently upgraded a Turris Omnia devce
(https://docs.turris.cz/hw/omnia/omnia/) to debian bookworm. The newer
kernel now produces a pair of repeated error messages a few times a
minute:
Jul 03 05:48:02 host kernel: i2c i2c-0: mv64xxx: I2C bus
On Thu 2023-06-22 19:01:05 +0200, Alexander Sulfrian wrote:
> Hi,
>
> On Wed, Jun 21, 2023 at 12:20:52PM -0400, Daniel Kahn Gillmor wrote:
>> * URL : https://github.com/rnp/sexp
>
> this URL is 404, maybe you meant https://github.com/rnpgp/sexp ?
yes, t
Package: wnpp
Severity: wishlist
Owner: Daniel Kahn Gillmor
X-Debbugs-Cc: debian-de...@lists.debian.org, d...@fifthhorseman.net
* Package name: sexp
Version : 0.8.5
Upstream Contact: Maxim Samsonov
* URL : https://github.com/rnp/sexp
* License : MIT
Hi Salvatore--
On Fri 2023-06-02 21:20:50 +0200, Salvatore Bonaccorso wrote:
> Thanks for having a closer look and for your assessment. Then I
> believe we can have a fix scheduled via respective point releases, I
> do not see an urgency for it requiring a DSA. Initially I was not
> completely
/changelog 2023-03-10 16:34:25.0 -0500
+++ libreswan-4.10/debian/changelog 2023-06-02 18:15:28.0 -0400
@@ -1,3 +1,9 @@
+libreswan (4.10-2+deb12u1) bookworm; urgency=medium
+
+ * Fix CVE-2023-30570 (Closes: #1035542)
+
+ -- Daniel Kahn Gillmor Fri, 02 Jun 2023 18:15:28
-0400
2023-03-03 08:34:50.0 -0500
+++ libreswan-4.3/debian/changelog 2023-06-01 16:14:59.0 -0400
@@ -1,3 +1,9 @@
+libreswan (4.3-1+deb11u4) bullseye; urgency=medium
+
+ * Resolve CVE-2023-30570 (Closes: #1035542)
+
+ -- Daniel Kahn Gillmor Thu, 01 Jun 2023 16:14:59
-0400
t i intend to send to
bullseye-security:
From: Daniel Kahn Gillmor
Date: Thu, 1 Jun 2023 16:12:50 -0400
Subject: Resolve CVE-2023-30570
see https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt
This patch was ported from
https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570-l
Control: clone 1034065 -1
Control: reassign -1 python3-argparse-manpage
Control: affects -1 src:sasl-xoauth2
Control: retitle -1 argparse-manpage doesn't run unless python3-setuptools is
installed
On Fri 2023-04-07 22:14:44 +0200, Andreas Beckmann wrote:
> sasl-xoauth2/experimental FTBFS on all
On Wed 2023-05-24 07:32:31 +0200, Salvatore Bonaccorso wrote:
> Thanks! Note the deadline for unblock requests will be on 28th. So the
> unblock needs to be granted by then so we have the fixes in bookworm.
The associated unblock request for 1034558 is #1036721
--dkg
signature.asc
nerate
diff -Nru rnp-0.16.2/debian/changelog rnp-0.16.3/debian/changelog
--- rnp-0.16.2/debian/changelog 2022-10-03 21:30:25.0 -0400
+++ rnp-0.16.3/debian/changelog 2023-05-24 09:06:07.0 -0400
@@ -1,3 +1,14 @@
+rnp (0.16.3-1) unstable; urgency=medium
+
+ * New upstream release, Clos
In https://bugs.debian.org/1034558, Salvatore Bonaccorso wrote:
> Source: rnp
> Version: 0.16.2-1
> Severity: grave
> Tags: security upstream
> Justification: user security hole
> X-Debbugs-Cc: car...@debian.org, Debian Security Team
>
Thanks for tracking this in the BTS, Salvatore.
I aim to
On Sat 2023-04-01 13:11:41 +0200, Dennis Filder wrote:
> While I agree in principle that the wording is a tick inaccurate, this
> is a very small issue -- too small to merit its own upload IMO. If
> any other issue in the linphone source package pops up during the
> freeze I will fix this one,
Hi Dennis--
On Wed 2023-02-22 21:44:20 +0100, Dennis Filder wrote:
> Control: reassign -1 linphone 5.1.65-3
> X-Debbugs-CC: Bastian Germann
>
> On Wed, Feb 22, 2023 at 02:15:09PM +0100, Bastian Germann wrote:
>> The update check in the "burger menu" should be disabled because it
>> downloads the
Hi Andreas--
Thank you for addressing this problem, it is much appreciated!
--dkg
On Sun 2023-03-26 14:00:17 +0200, Andreas Metzler wrote:
> On 2023-03-18 Jonathan Wiltshire wrote:
>> Source: gnupg2
>> Version: 2.2.40-1
>> Severity: important
>> Tags: patch
>> X-Debbugs-Cc:
Package: debcargo
Version: 2.6.0-2+b1
Control: affects -1 + src:rust-sequoia-net dh-cargo
debcargo's dh_auto_test fails by default for rust-sequoia-net version
0.26.0 unless i override it in debian/rules. I think i ought to be able
to specify the particular additional thing i need in
On Fri 2023-03-03 21:01:58 +0100, Salvatore Bonaccorso wrote:
> DSA 5368-1 is released with your update. Thank you!
>
> On a related note: I saw the 4.10-1 upload, but wouldn't it have been
> better to make first 4.9-2 move to bookworm? Can you get in touch with
> the release team so that the fix
On Thu 2023-03-02 17:34:10 -0500, Daniel Kahn Gillmor wrote:
> yep, works for me, thanks. I'll do that later this evening or tomorrow
> morning.
This has been uploaded now, thanks for bearing with me.
--dkg
signature.asc
Description: PGP signature
On Thu 2023-03-02 19:51:17 +0100, Salvatore Bonaccorso wrote:
> Hi,
>
> On Thu, Mar 02, 2023 at 08:54:04AM -0500, Daniel Kahn Gillmor wrote:
>> On Thu 2023-03-02 07:52:55 +0100, Salvatore Bonaccorso wrote:
>> >> I have rejected the current package so we can re-use the ve
On Wed 2023-01-25 17:05:53 +0100, Bastian Germann wrote:
> On Wed, 4 Nov 2020 17:04:48 -0700 Bobby de Vos wrote:
>> Package: wnpp
>> Version N/A; reported 2020-11-04
>> Severity: wishlist
>>
>> Greetings,
>>
>> My team at SIL-WSTech is about to released a font not in Debian,
>> Scheherazade New,
Package: wnpp
Severity: wishlist
X-Debbugs-Cc: d...@fifthhorseman.net
* Package name: pysilfont
Version : 1.6.0
Upstream Contact: SIL International
* URL : https://github.com/silnrsi/pysilfont
* License : MIT
Programming Lang: Python
Description :
On Thu 2023-03-02 07:52:55 +0100, Salvatore Bonaccorso wrote:
>> I have rejected the current package so we can re-use the version later
>> one, when this is fixed.
>
> Cofnirmed it was renamed in v4.4 upstream. I have put a comment on
> upstream issue about backports to older versions.
Gah sorry
On Wed 2023-03-01 20:35:22 +0100, Salvatore Bonaccorso wrote:
> Looks good to me, please do upload.
uploaded, tagged in git, and pushed to salsa.
please let me know if you see anything else that needs doing.
--dkg
signature.asc
Description: PGP signature
y; urgency=high
+
+ * Fixes CVE-2023-23009 (Closes: #1031821)
+
+ -- Daniel Kahn Gillmor Wed, 01 Mar 2023 13:11:05 -0500
+
libreswan (4.3-1+deb11u1) bullseye-security; urgency=high
* Fixes CVE-2022-23094
diff --git libreswan-4.3/debian/patches/0004-Fix-CVE-2023-23009.patch libreswan-4.3/debi
On Thu 2023-02-23 15:03:21 +0100, Salvatore Bonaccorso wrote:
> Can you confirm on the following point: Is my understanding from the
> upstream issue discussion correct, that this requires an authenticated
> peer
I'm afraid i'm taking cagney's word for it there, i haven't followed the
C far
1 - 100 of 4314 matches
Mail list logo