Bug#1068415: nghttp2: CVE-2024-28182: Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

On 04/04/24 21:36, Salvatore Bonaccorso wrote: > Source: nghttp2 > Version: 1.60.0-1 > Severity: grave > Tags: security upstream > Justification: user security hole > X-Debbugs-Cc: car...@debian.org, Debian Security Team > > > Hi, > > The following vulnerability was published for nghttp2. > >

Bug#1068177: lintian: unpack-message-for-orig due to readelf failing on python-pyelftools 0.31

Package: lintian Version: 2.117.0 Severity: normal Dear Maintainer, * What led up to the situation? I'm packaging python-pyelftools 0.31 and lintian fails due to files used for testing, because of non-utf8 characters. * What exactly did you do (or not do) that was effective (or

Bug#1042837: Acknowledgement (signify-openbsd: Embedding signature in gz header does not work)

On 05/11/23 14:46, Nikolaus Rath wrote: > Hi Thomas, > > On Sun, 5 Nov 2023, at 14:19, Tomasz Buchert wrote: > > On 01/08/23 17:15, Nikolaus Rath wrote: > >> Using -x instead of -m when verifying gives "interesting" output: > >> > >>

Bug#1042837: Acknowledgement (signify-openbsd: Embedding signature in gz header does not work)

On 01/08/23 17:15, Nikolaus Rath wrote: > Using -x instead of -m when verifying gives "interesting" output: > > $ signify-openbsd -Vz -p s3ql-5.0.pub -x signed.gz > untrusted comment: verify with s3ql-5.0.pub >

Bug#1022093: git repo

The package is packaged under https://salsa.debian.org/debian/libqt5qxlsx. signature.asc Description: PGP signature

Bug#1022093: ITP: libqt5qxlsx -- Excel file (*.xlsx) reader/writer library for Qt5.

Package: wnpp Severity: wishlist Owner: Tomasz Buchert X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: libqt5qxlsx Version : 1.4.4 Upstream Author : Daniel Nicoletti * URL : https://github.com/dantti/QXlsx * License : Expat/MIT Programming Lang

Bug#982882: stellarium FTBFS on armel and mipsel

On 15/02/21 20:54, Paul Gevers wrote: > Source: stellarium > Version: 0.20.4-1 > Severity: serious > Tags: ftbfs > > [...] Seems like it is https://github.com/Stellarium/stellarium/issues/1131. This has been solved with https://bugreports.qt.io/browse/QTBUG-87010. Surprisingly, the fix is not in

Bug#977782: buster-pu: package postsrsd/1.5-2

On 31/01/21 11:08, Salvatore Bonaccorso wrote: > Hi Oxan, > > On Sat, Jan 30, 2021 at 09:58:23PM +0100, Oxan van Leeuwen wrote: > > Hi, > > > > On 30-01-2021 21:27, Salvatore Bonaccorso wrote: > > > I noticed that today there was an upload to security-master for it. > > > Given our previous

Bug#918938: fasm: source contains executables fasm.x64 and fasm

On 11/01/19 10:07, Santiago Vila wrote: > On Fri, Jan 11, 2019 at 09:48:44AM +0100, Tomasz Buchert wrote: > > > they are there, because upstream uses this to also release new versions. > > An unfortunately, in the past my upstream wasn't very responsive. > > > > I use

Bug#947716: RFH: terminator -- multiple GNOME terminals in one window

On 30/12/19 01:49, Lucas Nussbaum wrote: > Hi Markus, > > On 29/12/19 at 13:59 +0100, Markus Frosch wrote: > > I request assistance with maintaining the terminator package. [1] > > > > The upstream seems pretty much dead, though I'd like the keep the > > package available. Popcon [2] is not too

Bug#872960: Actualy...

I once again cannot reproduce this. signature.asc Description: PGP signature

Bug#937051: mininet: Python2 removal in sid/bullseye

Thanks, upstream claims that mininet is python3-compatible in master [1]. I'll try to make the package stop using python2. [1] https://github.com/mininet/mininet/issues/898 signature.asc Description: PGP signature

Bug#958794: lintian: runtime-test-file-uses-supported-python-versions-without-python-all-build-depends fires with

Package: lintian Version: 2.66.0 Severity: normal Dear Maintainer, when preparing upload of brotli, lintian issues a warning runtime-test-file- uses-supported-python-versions-without-python-all-build-depends. I've tried to fix it by adding python-all:any, but in the end I believe the issue is

Bug#940986: duplicity: sh_pexpect_backend.py fails to byte-compile during installation

Package: duplicity Version: 0.8.04-1 Severity: normal Dear Maintainer, the version 0.8.04-1 of duplicity fails to pypy3compile ssh_pexpect_backend.py during installation with the following message: Setting up duplicity (0.8.04-1) ... -V is ignored in pypy3compile Failed to byte-compile

Bug#934762: new upstream (1.39.2)

On 14/08/19 16:46, Daniel Baumann wrote: > Package: nghttp2 > Severity: normal > > Hi, > > 1.39.2 was released with some DoS fixed. It would be nice if you could > upload it to unstable. > > Regards, > Daniel Oh, sorry, I forgot to reupload to unstable. Working on this. Tomasz signature.asc

Bug#933400: signify-openbsd FTCBFS: uses the build architecture pkg-config

On 30/07/19 13:15, Helmut Grohne wrote: > [...] Thanks, Helmut! I adapted your patch and uploaded a new version just now. I'll just mention that all my packages are hosted on salsa, so it may be easier, workflow-wise, to do a pull request there :). signature.asc Description: PGP signature

Bug#933182: python-boto: upadting to 2.49.0-2 causes CERTIFICATE_VERIFY_FAILED with duplicity

Package: python-boto Version: 2.44.0-1.1 Severity: important Dear Maintainer, calling duplicity (with google cloud as the backend) with 2.49.0-2 hangs for a moment and fails with CERTIFICATE_VERIFY_FAILED (similarly too https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909545). Downgrading to

Bug#920988: please consider dropping SPDY support

On 31/01/19 12:23, Andrej Shadura wrote: > Package: nghttp2 > Severity: wishlist > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Dear Maintainer, > > With HTTP/2 having been finalised, SPDY has been deprecated three years > ago, and none of the modern browsers support it anymore. On the

Bug#902115: Fails to handle file names containing '\x2'

On 23/01/19 14:54, Chris Lamb wrote: > retitle 902115 Fails to handle file names containing '\x2' > tags 902115 + patch > thanks > > Hi, > > > Fails to handle file names containing '\x2' > > Patch attached with (minimised) testcase. I can confirm this > successfully re-generates: > >

Bug#918931: fasm: FTBFS because it build-depends on itself and the current version lacks /usr/bin/fasm

On 10/01/19 22:00, Santiago Vila wrote: > tags 918931 + patch > thanks > > Hi. This is a hack but I think it should work. > (Rebootstrapping anything is always hacky after all). > > [...] I've just sent a version reboostrapping itself. After that I will make sure to upload it again. Thanks,

Bug#918936: fasm: Does not trap for errors in debian/rules

On 10/01/19 18:05, Santiago Vila wrote: > ... Oh, and fasm cannot be built by anything else than fasm as it is its own dialect of assembler. signature.asc Description: PGP signature

Bug#918936: fasm: Does not trap for errors in debian/rules

On 10/01/19 18:05, Santiago Vila wrote: > Package: src:fasm > Version: 1.73.06-1 > Severity: serious > Tags: patch > > Dear maintainer: > > Commands in a Makefile should be chained with "&&" so that the first > thing which fails makes the whole process to stop. > > This is Policy 4.6, "error

Bug#918938: fasm: source contains executables fasm.x64 and fasm

On 10/01/19 18:10, Santiago Vila wrote: > Package: src:fasm > Version: 1.73.06-1 > Tags: upstream > > Dear maintainer: > > The source for this package contains two ELF binaries that should > probably not be there. It is usual and customary to repack the source > and exclude them. (If you could

Bug#907524: Support for python 2.7

On 28/08/18 21:55, Luciano Bello wrote: > Source: python-guess-language > Version: 0.5.2-4 > Severity: normal > Tags: patch upstream > > In an attempt to put w3af back into sid, we need support for Python 2 in > guess-language. I opened a PR into upstream with it. Please, take a look >

Bug#905290: verbiste-el: fix emacsen-common-without-dh-elpa

On 24/08/18 16:36, Nicholas D Steeves wrote: > Dear Tomasz, > > On Thu, Aug 02, 2018 at 11:34:31PM +0800, Tomasz Buchert wrote: > > Package: verbiste-el > > Severity: normal > > > > Dear Maintainer, > > lintian reports emacsen-common-without-dh-elpa on

Bug#877711: Latest upstream firmware resolves this issue

On 24/10/17 14:41, Andrew McMillan wrote: > Hi, > > I can confirm that Brian Tarricone's solution also works for me, and > the latest firmware resolves the issue: > > > I.e. this commit from the 9th October: > > https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware >

Bug#868409: verbiste: Please drop the (build-)dependency against gnome-vfs

On 27/07/18 13:04, Nicholas D Steeves wrote: > [...] Hey all, sorry for extremely long lag in fixing this... Anyway, I went with Nicholas' suggestion and added verbiste-gtk, whereas verbiste-gnome is now transitional. Feel free to review it: https://salsa.debian.org/debian/verbiste As for

Bug#905290: verbiste-el: fix emacsen-common-without-dh-elpa

Package: verbiste-el Severity: normal Dear Maintainer, lintian reports emacsen-common-without-dh-elpa on the verbiste-el package. Please fix it. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: amd64

Bug#905097: signing-party: gpglist crashes for (some?) signature revocations

On 31/07/18 17:44, Guilhem Moulin wrote: > Control: tag -1 pending > > On Tue, 31 Jul 2018 at 16:42:36 +0800, Tomasz Buchert wrote: > > I already committed a fix in > > https://salsa.debian.org/debian/signing-party/commit/c62477e3086c33af14493337227ec219f151d5b4. > >

Bug#905097: signing-party: gpglist crashes for (some?) signature revocations

Package: signing-party Version: 2.7-2 Severity: normal Dear Maintainer, 'rev' packet parsing is incorrect and may result in: hi, i'm a bug. please report me to my owner input: rev:::1:HASH:1533019781User Example :30x,00::HASH:::10:, key: user@example at /usr/bin/gpglist line 165, <$fh>

Bug#901952: new info

Control: reassign 901952 tar 1.30+dfsg-1 On 26/06/18 20:23, Tomasz Buchert wrote: > On 20/06/18 21:18, Hans-Christoph Steiner wrote: > > > > [...] > > This seems to be a regression caused by tar. > > I can successfully checkout the tarball, but with the version ta

Bug#901952: new info

On 20/06/18 21:18, Hans-Christoph Steiner wrote: > > [...] This seems to be a regression caused by tar. I can successfully checkout the tarball, but with the version tar_1.29b-2. When I install tar_1.30+dfsg-1, I cannot checkout anymore. I guess we'll need to find the real cause in tar then.

Bug#889700: mininet: Missing test dependency on openvswitch-switch

On 05/02/18 23:34, Steve Langasek wrote: > [...] Oh, sorry for that. I wasn't happy in the past that ci.debian does not support machine-isolation and now it strikes back. Thanks for the patch, I'll upload the new release soon. Tomasz signature.asc Description: PGP signature

Bug#812810: fill-paragraph: Leaves a space at the end of the paragraph

On 12/04/16 06:27, Mark Lumsden wrote: > Hi, I just committed a fix for 812810 in the OpenBSD source tree in > version 1.43 of paragraph.c. (Very late) thanks! I'm closing this bug, since this was probably solved many releases ago. Specifically, I think it was solved with 20160421-1.

Bug#885411: python-pyelftools: Please mark python*-pyelftools as Multi-Arch: foreign

On 26/12/17 12:37, Vagrant Cascadian wrote: > Package: python-pyelftools > Version: 0.24-3 > Severity: normal > Tags: patch > > Please mark python-pyelftools and python3-pyelftools as "Multi-Arch: > foreign", so that it can be used to satisfy build-dependencies when > cross-building packages. > >

Bug#888950: brotli: Use dh_missing --fail-missing

On 31/01/18 21:37, Jeremy Bicha wrote: > On Wed, Jan 31, 2018 at 5:56 PM, Tomasz Buchert <tom...@debian.org> wrote: > > Both bugs you reported will be fixed in the next upload. > > Thanks. > > By the way, your debian/changelog says you bumped the debhelper compat >

Bug#888950: brotli: Use dh_missing --fail-missing

On 31/01/18 09:30, Jeremy Bicha wrote: > [...] Thanks Jeremy! Both bugs you reported will be fixed in the next upload. Cheers, Tomasz signature.asc Description: PGP signature

Bug#886108: debhelper: dh_installdocs -A at compat=11 installs docs in wrong place

On 02/01/18 12:28, Tomasz Buchert wrote: > [...] For repro case, see: https://anonscm.debian.org/cgit/collab-maint/nghttp2.git/commit/?id=3980b752463f2ab67a3fcd0712d9f060b721999f I worked around the problem by not installing the docs in libnghttp2-doc: https://anonscm.debian.org/c

Bug#886108: debhelper: dh_installdocs -A at compat=11 installs docs in wrong place

Package: debhelper Version: 11 Severity: normal Dear Maintainer, I wanted to switch nghttp2 to compat=11, but this causes binaries-have-file- conflict: W: nghttp2 source: binaries-have-file-conflict libnghttp2-dev libnghttp2-doc usr/share/doc/libnghttp2-dev/AUTHORS W: nghttp2 source:

Bug#865523: Build C library from src:brotli sources

On 07/12/17 16:34, Jeremy Bicha wrote: > On Thu, Dec 7, 2017 at 3:34 PM, Tomasz Buchert <tom...@debian.org> wrote: > > The new brotli with c library is in unstable. Enjoy! > > Thanks! By the way, I upstreamed your patch (since I had the same > issue with my woff2 packaging)

Bug#882205: Please make openvswitch-switch recommended instead hard dependency

On 20/11/17 09:48, Piotr Jurkiewicz wrote: > Package: mininet > > Open vSwitch is not necessary to run Mininet. There are many use cases for > Mininet without Open vSwitch. For example we are using it to orchestrate > nodes running Click Modular Router or in-kernel IP forwarding (like in >

Bug#881328: mininet requires missing ovs-controller

On 30/11/17 09:26, Santiago R.R. wrote: > Control: tags -1 + patch fixed-upstream > > On Fri, 10 Nov 2017 12:15:39 +0100 "Santiago R.R." > wrote: > > It seems I am wrong about this. The bug was only happening if you would have openvswitch-testcontroller installed. The

Bug#865523: Build C library from src:brotli sources

On 17/11/17 20:31, Jeremy Bicha wrote: > Hi, > > I need libbrotli in order to build woff2 which will be needed for the > next major release of webkit2gtk. Could you do this upload soon? > > Thanks, > Jeremy Bicha I was informed that the version 1.0.2 will be uploaded soon, which will introduce a

Bug#870831: Broken symbols file creates broken dependencies

On 05/08/17 18:04, Stefan Fritsch wrote: > Package: libbrotli0.6.0 > Version: 0.6.0-2~exp0 > Severity: serious > > I have tried to build apache2's mod_brotli with libbrotli0.6.0 / > libbrotli-dev from experimental But the resulting packages gets a > dependency on the non-existing libbrotli0 (>=

Bug#872960: Actualy...

On 19/09/17 01:14, Tomasz Buchert wrote: > [...] I'm downgrading the priority once again. I fixed the FTBFS for now, this bug will addressed soon (or if it cannot be addressed, synapse will be dropped from Debian). Tomasz signature.asc Description: PGP signature

Bug#871806: uscan: (dpkg, git-buildpackage) accept/mangle/store signed git tags in cases where upstream does not publish detached sigs on tarballs

On 16/08/17 21:01, Daniel Kahn Gillmor wrote: > Hi Guillem-- > > On Thu 2017-08-17 01:05:46 +0200, Guillem Jover wrote: > > It seems to me like you are perhaps trying to reimplement dpkg source > > format «3.0 (git)» (described in man dpkg-source)? :) > > Thanks for that pointer, it does seem

Bug#872960: Actualy...

severity -1 grave thanks ... actually I can reproduce this even on x11. I also get: [INFO 01:12:29.004106] [synapse-main:266] Starting up... [INFO 01:12:29.097393] [synapse-main:208] Binding activation to space [1]23236 segmentation fault synapse signature.asc Description: PGP signature

Bug#872960: Re

As this is somewhat non-standard setup, I downgraded the severity to "important". signature.asc Description: PGP signature

Bug#871809: Please allow to store detached tarball signatures as well

On 20/08/17 17:40, Chris Lamb wrote: > > (I accidentally left a debugging statement in; please use the attached file) > Thanks, merged in the git repo. It will be released in the new release, before we sort out #871938 which I consider to be a blocking bug. Thanks a lot, Tomasz signature.asc

Bug#867545: Fails with cryptic message when given non-existing paths

On 20/08/17 15:54, Chris Lamb wrote: > reopen 867545 > found 867545 1.40 > tags 867545 + patch > thanks > > There's something funky with the logic committed in: > > > https://anonscm.debian.org/git/collab-maint/pristine-tar.git/commit/?id=9265d0c0eea1620370a7261e0a6ee20eb86426fd > > ... so that

Bug#871809: Please allow to store detached tarball signatures as well

On 20/08/17 16:42, Chris Lamb wrote: > tags 871809 + patch > thanks > > Hi, > > > I will implement this soon, this doesn't seem to be too hard > > to do. > > Beat you to it, I think! I've attached: > > commit 24549c61be4c0eea1495e3508377bf46d162230f > Author: Chris Lamb >

Bug#871938: .delta file

On 21/08/17 00:59, Tomasz Buchert wrote: > On 21/08/17 00:27, Tomasz Buchert wrote: > > [...] > > That's a regression in the version 1.40 of pristine-tar (during the > commit). It's almost surely due to > https://anonscm.debian.org/cgit/collab-maint/pristi

Bug#871938: .delta file

On 21/08/17 00:27, Tomasz Buchert wrote: > [...] That's a regression in the version 1.40 of pristine-tar (during the commit). It's almost surely due to https://anonscm.debian.org/cgit/collab-maint/pristine-tar.git/commit/?id=0743dd36ed90c18982a5a861f4978080c1c4a2e3. Here is what 1.39 execu

Bug#871938: .delta file

On 12/08/17 12:00, Francois Marier wrote: > Here's the .delta file I forgot to include. I confirm the issue. At first, I thought it's due to the new delta format, but then verified it reproduces with the previous format as well. The problem seems to lay in the "zgz" utility which incorrectly

Bug#865272: pristine-tar: fails to reproduce mingw-w64-v5.0.2.tar.bz2

On 20/06/17 09:17, Stephen Kitt wrote: > > [...] > > Steps to reproduce: > > wget > http://sourceforge.net/projects/mingw-w64/files/mingw-w64/mingw-w64-release/mingw-w64-v5.0.2.tar.bz2 > mkdir mingw-w64 && cd mingw-w64 > git init > gbp import-orig --pristine-tar

Bug#869645: ssss: Please add simple autopkgtest

On 25/07/17 11:00, Chris Lamb wrote: > Hi, > > > Patch attached. > > Somehow this got dropped initially. Attaching now. > > > Regards, > Thank you Chris and late congrats for becoming our DPL. :) I'm about to upload a new version of with your patch. Tomasz signature.asc Description: PGP

Bug#871809: Please allow to store detached tarball signatures as well

On 11/08/17 16:36, Guido Günther wrote: > Package: pristine-tar > Version: 1.40 > Severity: wishlist > > Hi, > as proposed by maxy on debian-devel it would be great if pristine-tar > would store the tarball signtures as well: > > >

Bug#868409: verbiste: Please drop the (build-)dependency against gnome-vfs

On 15/07/17 13:40, bi...@debian.org wrote: > Source: verbiste > Version: 0.1.44-1 > Severity: wishlist > Tags: sid buster > User: pkg-gnome-maintain...@lists.alioth.debian.org > Usertags: gnome-vfs-removal oldlibs > > Dear maintainer, > > Your package is {build-}depending against gnome-vfs which

Bug#805488: [Patch] Fix (including for a lot of other failing tarballs)

On 10/07/17 11:45, Lennart Sorensen wrote: > On Fri, Jul 07, 2017 at 10:10:04PM +0200, Tomasz Buchert wrote: > > Wow, this is nice. Would you mind adding some tests to cover this? > > Ideally, we would have coverage for all rsyncable "dialects" we > > support.

Bug#867545: Fails with confusing message when tarball target is a unresolved symlink

retitle 867545 Fails with cryptic message when given paths do not exist thanks On 07/07/17 09:57, Guido Günther wrote: > Package: pristine-tar > Version: 1.39 > Severity: minor > > pristine-tar fails when the target it want's to reproduce is a symlink > that points nowhere. That by itself is o.k.

Bug#805488: [Patch] Fix (including for a lot of other failing tarballs)

On 07/07/17 10:34, Lennart Sorensen wrote: > I managed to fix almost half the failures in knownproblems by making > --gnu always be tried rather than only when GZIP_OS_UNIX is found. > Doing the same for --rsyncable and --new-rsyncable probably makes sense > too. > > The --new-rsyncable was

Bug#867499: tiptop: Fix parallel bison FTBFS

On 07/07/17 00:56, Adrian Bunk wrote: > [...] This is amazing, thanks! Just uploaded 2.3-3 with your fix. Tomasz signature.asc Description: PGP signature

Bug#865523: Build C library from src:brotli sources

On 22/06/17 13:57, Ondřej Surý wrote: > [...] I did some work on the version in git now builds the shared libraries. I've packaged all shared libs inside libbrotli, but probably should split it more into 3 more libs (common, enc and dec). I'm however surprised at the architecture: it would be

Bug#865523: Build C library from src:brotli sources

On 22/06/17 13:57, Ondřej Surý wrote: > Package: src:brotli > Version: 0.6.0-1 > Severity: normal > > Dear maintainer, > > according to the brotli 0.6.0 changelog, the "C API is expected to be > final", so it might be a good time to start building the C libraries > from the sources. > > I got a

Bug#862461: tiptop: requires root to run

On 14/05/17 20:58, Ben Hutchings wrote: > On Sun, 2017-05-14 at 10:43 +0200, Tomasz Buchert wrote: > > On 12/05/17 18:54, Nathaniel Beaver wrote: > > > [...] > > > > Thank you, Nathaniel. > > > > I confirm the problem. A safe bet is that > > https:

Bug#862461: tiptop: requires root to run

On 12/05/17 18:54, Nathaniel Beaver wrote: > [...] Thank you, Nathaniel. I confirm the problem. A safe bet is that https://lkml.org/lkml/2016/1/11/587 is the cause. You can verify that /proc/sys/kernel/perf_event_paranoid contains "3". By running echo 2 | sudo tee

Bug#861748: r-cran-rmpi: Loading library fails

Hey, On 06/05/17 14:43, Dirk Eddelbuettel wrote: > > On 6 May 2017 at 20:43, Tomasz Buchert wrote: > | On 06/05/17 19:23, Tomasz Buchert wrote: > | > [...] > | > | Ok, I confirm that dlopen() is required to properly resolve some > | symbols later: I can only assume that

Bug#861748: r-cran-rmpi: Loading library fails

On 06/05/17 19:23, Tomasz Buchert wrote: > [...] Ok, I confirm that dlopen() is required to properly resolve some symbols later: I can only assume that openmpi does some magic there. Here are 2 solutions I came up with: 1. Just like in #741297: add another dlopen() call to the chain (

Bug#861748: r-cran-rmpi: Loading library fails

On 06/05/17 11:58, Dirk Eddelbuettel wrote: > > Hi Tomasz, > > [...] > > While true for us, it is not always true for Rmpi on other system so upstream > for Rmpi added this. I haven't heard from him a while. > > But I do recall that we needed this for some other braindeadness with the > multiple

Bug#861748: r-cran-rmpi: Loading library fails

double-check that it is in the system? I propose to completely drop the dlopen test. I attach a patch that does exactly that. I tried to prepare NMU, but had a hard time with version 1.0 of this package :(. Cheers, Tomasz From d4d39b7f09cfc0d2746702b417bebf0bf421b947 Mon Sep 17 00:00:00 2001 From: T

Bug#861870: Requesting unblock

On 06/05/17 11:12, Balasankar C wrote: > Hi Tomasz, > > GitLab package co-maintainer here. We will be uploading the fix to unstable > and > requesting an unblock, hopefully by Monday. In the mean time, there is already > an unblock request open[0] for the latest version in unstable, >

Bug#851877: fails every time

On 04/05/17 04:47, Adam Borowski wrote: > [...] I cannot reproduce these failures. I've built in my stretch sbuild around 15 times, and succedeed every time. I use: gbp buildpackage --git-builder='sbuild --source-only-changes -v -As --build-dep-resolver=apt --dist=stretch -j4' "$@" Tomasz

Bug#861914: unblock: gitlab/8.13.11+dfsg1-4

On 05/05/17 21:36, Tomasz Buchert wrote: > [...] Let me add that the bug in question is https://bugs.debian.org/861870. signature.asc Description: PGP signature

Bug#861914: unblock: gitlab/8.13.11+dfsg1-4

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package gitlab The attached debdiff fixes CVE-2017-8778. unblock gitlab/8.13.11+dfsg1-4 -- System Information: Debian Release: 9.0 APT prefers testing APT policy:

Bug#861870: gitlab: CVE-2017-8778

On 05/05/17 20:46, Tomasz Buchert wrote: > On 05/05/17 06:19, Salvatore Bonaccorso wrote: > > [...] > > Hi Salvatore, > the fix for this issue seems to be here: > https://gitlab.com/winniehell/gitlab-ce/commit/dd944bf14f4a0fd555db32d5833325fa459d9565 > > I'll try to a

Bug#861870: gitlab: CVE-2017-8778

On 05/05/17 06:19, Salvatore Bonaccorso wrote: > [...] Hi Salvatore, the fix for this issue seems to be here: https://gitlab.com/winniehell/gitlab-ce/commit/dd944bf14f4a0fd555db32d5833325fa459d9565 I'll try to apply it to stretch's gitlab. Tomasz signature.asc Description: PGP signature

Bug#861630: stellarium: Stellarium does not start at all

On 02/05/17 05:26, Pascal Gervais wrote: > On Tue, 2 May 2017 09:43:57 +0200 > Tomasz Buchert <tom...@debian.org> wrote: > > > The message seems pretty clear to me. Do you indeed have an old GPU? > > Seriously, a 5 years old computer is now considered outdated? I used &

Bug#861630: stellarium: Stellarium does not start at all

On 01/05/17 20:59, Pascal Gervais wrote: > The output of Stellarium in a terminal show a segmentation fault. > > -- > Pascal ><©> > pascal@debianx:~$ stellarium > --- > [ This is Stellarium 0.15.2 - http://www.stellarium.org ] > [

Bug#861014: unblock: python-pyelftools/0.24-2

On 29/04/17 12:26, Niels Thykier wrote: > [...] > > Yes please. Upload a -3 to unstable reverting just the debhelper compat > bump from -2. > > Thanks, > ~Niels Yep, I've just uploaded -3. Tomasz signature.asc Description: PGP signature

Bug#861014: unblock: python-pyelftools/0.24-2

On 29/04/17 07:55, Niels Thykier wrote: > Tomasz Buchert: > > On 23/04/17 23:04, Ivo De Decker wrote: > >> Control: tags -1 moreinfo > >> > >> Hi, > >> > >> On Sun, Apr 23, 2017 at 07:51:24PM +0200, Tomasz Buchert wrote: > >>>

Bug#861014: unblock: python-pyelftools/0.24-2

On 23/04/17 23:04, Ivo De Decker wrote: > Control: tags -1 moreinfo > > Hi, > > On Sun, Apr 23, 2017 at 07:51:24PM +0200, Tomasz Buchert wrote: > > Please unblock package python-pyelftools > > > > The package FTBFSes on i386. The version in unstable fixes it. >

Bug#861014: unblock: python-pyelftools/0.24-2

On 28/04/17 21:16, IOhannes m zmölnig (Debian/GNU) wrote: > hi tomasz, > > On Sun, 23 Apr 2017 23:04:08 +0200 Ivo De Decker <iv...@debian.org> wrote: > > Control: tags -1 moreinfo > > > > Hi, > > > > On Sun, Apr 23, 2017 at 07:51:24PM +0200, Tomas

Bug#861014: unblock: python-pyelftools/0.24-2

/control: use debhelper 10 + * d/watch: use watch version 4 + * d/patches: disable readelf tests (Closes: #860630) + + -- Tomasz Buchert <tom...@debian.org> Sun, 23 Apr 2017 19:43:10 +0200 + python-pyelftools (0.24-1) unstable; urgency=medium * Imported Upstream version 0.24 diff -Nru

Bug#860446: gravit segmentation violation

tags 860446 + reproducible severity 860446 normal thanks On 21/04/17 01:16, Tim Retout wrote: > retitle 860446 gravit: Segmentation violation on start (on i386?) > tags 860446 moreinfo > thanks > > For what it's worth, gravit starts for me on amd64, with intel graphics. > > The last call in the

Bug#858806: gbp-buildpackage: reset all time-stamps to last changelog entry

On 31/03/17 13:17, Dominique Dumont wrote: > On Wednesday, 29 March 2017 19:17:26 CEST Guido Günther wrote: > > What about reassigning to pristine-tar? I > > wonder why it doesn' try to preserve timestamps. > > Good idea > > -- > https://github.com/dod38fr/ -o- http://search.cpan.org/~ddumont/

Bug#858744: nghttp2-proxy: nghttpx fails to start at boot due to missing dns resolver

Package: nghttp2-proxy Version: 1.20.0-1 Severity: normal Dear Maintainer, when nghttpx starts at boot, the dns resolver may not be available and then the start fails. More surprisingly, this also happens for explicit ip addresses and port addresses such as 127.0.0.1:80. The upstream bug is

Bug#857546: profanity: Server certificates are not verified

On 12/03/17 13:53, Wolfgang Wiedmeyer wrote: > Package: profanity > Severity: grave > Tags: security > Justification: user security hole > > Dear Maintainer, > > Profanity is not built against libmesode[1]. Libmesode is a fork of > libstrophe that allows to validate the certificate chain. Upstream

Bug#856223: unblock: profanity/0.4.7-1.1

Control: tags -1 -moreinfo On 12/03/17 10:55, Ivo De Decker wrote: > Control: tags -1 moreinfo > > Hi, > > On Tue, Feb 28, 2017 at 11:43:02PM +0100, Tomasz Buchert wrote: > > [...] > > > > > On 26/02/17 18:51, Jonathan Wiltshire wrote: > >

Bug#856223: unblock: profanity/0.4.7-1.1

On 28/02/17 18:04, Jonathan Wiltshire wrote: > On 2017-02-26 19:16, Tomasz Buchert wrote: > > Control: tag -1 -moreinfo > > > > On 26/02/17 18:51, Jonathan Wiltshire wrote: > > > Control: tag -1 confirmed moreinfo > > > > > > [...] > > > >

Bug#855930: Bug#853119: Request to take a look at #855930

On 26/02/17 23:49, Vincent Danjean wrote: > [...] > > And, for more info: > $ mkdir p > $ HOME=p lualatex lualatex-example.tex > This is LuaTeX, Version 0.95.0 (TeX Live 2016/Debian) > [...] > luaotfload | db : Font names database not found, generating new one. > luaotfload | db : This can take

Bug#841526: pristine-tar: please use natural ordering when listing

On 23/10/16 19:24, Mattia Rizzolo wrote: > On Sun, Oct 23, 2016 at 09:09:53PM +0200, Tomasz Buchert wrote: > > What about piping "pristine-tar list" to "sort -V"? > > Sure, that works, but IMHO this should be done by pristine-tar itself. > Actually I've nev

Bug#856223: unblock: profanity/0.4.7-1.1

/changelog 2017-02-25 18:29:37.0 +0100 @@ -1,3 +1,11 @@ +profanity (0.4.7-1.1) testing-proposed-updates; urgency=medium + + * Non-maintainer upload + * Fix CVE-2017-5592 (Closes: #854735) + * Update debian/patches with gbp import/export (side effect of the above fix) + + -- Tomasz Buchert <t

Bug#856225: unblock: sugar-irc-activity/8-1.3

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package sugar-irc-activity It fixes the RC bug #855925. I've already uploaded the package to the unstable DELAYED/3 queue. The debdiff:

Bug#856223: unblock: profanity/0.4.7-1.1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package profanity It fixes the RC bug #854735. Note that this unblock request is for an upload targeting testing-proposed-updates. Debdiff:

Bug#856222: unblock: sugar-physics-activity/7+dfsg-1.3

Here is the unwrapped debdiff link: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=855932;filename=sugar-physics-activity-7%2Bdfsg-1.3-nmu.diff;msg=20 signature.asc Description: PGP signature

Bug#856222: unblock: sugar-physics-activity/7+dfsg-1.3

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package sugar-physics-activity The attached change fixes #855932. I've already uploaded the package to DELAYED/3 (unstable). Here is the relevant debdiff:

Bug#855925: sugar-irc-activity: diff for NMU version 8-1.3

:07:25.0 +0200 +++ sugar-irc-activity-8/debian/changelog 2017-02-26 18:09:56.0 +0100 @@ -1,3 +1,10 @@ +sugar-irc-activity (8-1.3) unstable; urgency=medium + + * Non-maintainer upload. + * Remove broken deps (Closes: #855925) + + -- Tomasz Buchert <tom...@debian.org> Sun,

Bug#855925: sugar-irc-activity: diff for NMU version 8-1.3

(8-1.3) unstable; urgency=medium + + * Non-maintainer upload. + * Remove broken deps (Closes: #855925) + + -- Tomasz Buchert <tom...@buchert.pl> Sun, 26 Feb 2017 18:09:56 +0100 + sugar-irc-activity (8-1.2) unstable; urgency=low * Non-maintainer upload. diff -Nru sugar-irc-activity-8/

Bug#855932: sugar-physics-activity: diff for NMU version 7+dfsg-1.3

Oh my, actually due to me building the package in stretch sbuild, it got rejected during the upload. So now I've uploaded it to the unstable, DELAYED/3. \o/ Tomasz signature.asc Description: PGP signature

Bug#855932: sugar-physics-activity: diff for NMU version 7+dfsg-1.3

-26 17:27:37.0 +0100 @@ -1,3 +1,10 @@ +sugar-physics-activity (7+dfsg-1.3) unstable; urgency=medium + + * Non-maintainer upload. + * d/control: remove non-existing alternatives (Closes: #855932) + + -- Tomasz Buchert <tom...@debian.org> Sun, 26 Feb 2017 17:27:37 +0100 + sugar-p

  1   2   3   4   5   6   >