Simon Josefsson writes:
>> > My naive approach on how to fix a security problem in package X
>> > which is
>> > statically embedded into other packages A, B, C, ... would be to
>> > rebuild
>> > the transitive closure of all packages that Build-Depends on X and
>> > publish a security update for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 09:28:13 +
Source: open-coarrays
Architecture: source
Version: 2.10.2+ds-2
Distribution: unstable
Urgency: medium
Maintainer: Alastair McKinstry
Changed-By: Alastair McKinstry
Changes:
open-coarrays
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 10:32:40 +0100
Source: ros2-colcon-core
Architecture: source
Version: 0.15.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Robotics Team
Changed-By: Timo Röhling
Changes:
ros2-colcon-core
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 12:41:28 +0100
Source: kdiskmark
Architecture: source
Version: 3.1.3+ds-4
Distribution: unstable
Urgency: medium
Maintainer: Dmitry Ilyich Sidorov
Changed-By: Gürkan Myczko
Closes: 1046455 1052266
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 12:16:22 +0100
Source: photoqt
Architecture: source
Version: 4.2+ds-1
Distribution: unstable
Urgency: medium
Maintainer: Debian PhotoTools Maintainers
Changed-By: Gürkan Myczko
Changes:
photoqt (4.2+ds-1)
On 24/01/24 14:01, Luca Boccassi wrote:
how does that work for those applications that require rust, go and friends?
Are you proposing that everything that needs them should be be distributed by a
flatpak or similar mechanism instead?
Those applications are not shipped in the distribution. If
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 13:02:27 +
Source: libsdl3
Architecture: source
Version: 3~git20240124~a06ee5b+ds-1
Distribution: experimental
Urgency: medium
Maintainer: Debian SDL packages maintainers
Changed-By: Simon McVittie
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Mon, 18 Dec 2023 09:13:50 +0100
Source: mistral
Architecture: source
Version: 17.0.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenStack
Changed-By: Thomas Goirand
Closes: 1058182
Changes:
mistral (17.0.0-2)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 14:33:34 +0100
Source: aflplusplus
Architecture: source
Version: 4.09c-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools
Changed-By: Sophie Brun
Closes: 1053679 1061209
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 14:12:36 +0100
Source: knot
Architecture: source
Version: 3.3.4-1
Distribution: unstable
Urgency: medium
Maintainer: knot packagers
Changed-By: Jakub Ružička
Changes:
knot (3.3.4-1) unstable; urgency=medium
.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 10:21:50 +
Source: ostree
Architecture: source
Version: 2024.1-1
Distribution: unstable
Urgency: medium
Maintainer: Utopia Maintenance Team
Changed-By: Simon McVittie
Changes:
ostree (2024.1-1) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 14:09:30 +0200
Source: calamares
Architecture: source
Version: 3.3.1-1
Distribution: unstable
Urgency: medium
Maintainer: Jonathan Carter
Changed-By: Jonathan Carter
Changes:
calamares (3.3.1-1) unstable;
On Wed, 24 Jan 2024 at 12:26, Johannes Schauer Marin Rodrigues
wrote:
>
> Hi,
>
> Quoting Luca Boccassi (2024-01-24 12:59:38)
> > There's always option B: recognize that the Rust/Go ecosystems are not
> > designed to be compatible with the Linux distributions model, and are
> > instead
> >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 20 Jan 2024 18:34:02 +0200
Source: tanglet
Architecture: source
Version: 1.6.5-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Games Team
Changed-By: Jonathan Carter
Changes:
tanglet (1.6.5-1) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 23 Jan 2024 14:18:54 +0100
Source: imapfilter
Binary: imapfilter imapfilter-dbgsym
Architecture: source amd64
Version: 1:2.8.2+1-0.1
Distribution: unstable
Urgency: medium
Maintainer: Francesco Paolo Lovergine
Changed-By:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 23 Jan 2024 11:10:40 +0100
Source: gsoap
Binary: gsoap gsoap-dbgsym gsoap-doc libgsoap-2.8.132 libgsoap-2.8.132-dbgsym
libgsoap-dev
Architecture: source amd64 all
Version: 2.8.132-1
Distribution: unstable
Urgency: medium
On Wed, 24 Jan 2024 at 11:42, Simon Josefsson wrote:
>
> Simon Josefsson writes:
>
> >> > My naive approach on how to fix a security problem in package X
> >> > which is
> >> > statically embedded into other packages A, B, C, ... would be to
> >> > rebuild
> >> > the transitive closure of all
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 14:22:26 +0200
Source: connectagram
Architecture: source
Version: 1.3.5-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Games Team
Changed-By: Jonathan Carter
Changes:
connectagram (1.3.5-1)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 13:12:31 +0100
Source: dpkg
Architecture: source
Version: 1.22.4
Distribution: unstable
Urgency: medium
Maintainer: Dpkg Developers
Changed-By: Guillem Jover
Closes: 1061404
Changes:
dpkg (1.22.4) unstable;
Hi,
Quoting Luca Boccassi (2024-01-24 12:59:38)
> There's always option B: recognize that the Rust/Go ecosystems are not
> designed to be compatible with the Linux distributions model, and are instead
> designed to be as convenient as possible for a _single_ application developer
> and its users
On 24/01/24 5:59 pm, Simon Josefsson wrote:
Does anyone know of a shared library in a Debian package written in Go?
I've only encountered the vendored approach to ship Go libraries.
libgovarnam1 is shipped as a shared library
https://packages.debian.org/sid/amd64/libgovarnam1/filelist
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 13:48:56 +0100
Source: bepasty
Architecture: source
Version: 1.2.0-3
Distribution: unstable
Urgency: medium
Maintainer: Elena Grandi
Changed-By: Elena Grandi
Closes: 968821 1061237
Changes:
bepasty (1.2.0-3)
Package: wnpp
Severity: wishlist
Owner: Jonas Smedegaard
X-Debbugs-Cc: debian-devel@lists.debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
* Package name: iamb
Version : 0.0.8
Upstream Contact: Ulyssa
* URL : https://iamb.chat/
* License :
Luca Boccassi writes:
>> Having reflected a bit, and learned through my own experience and
>> others' insights [1] that Go Build-Depends are not transitive, I'd like
>> to update my proposal on how to handle a security bug in any Go/Rust/etc
>> package and the resulting package rebuilds:
>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 17:29:41 +0800
Source: pg-stat-kcache
Architecture: source
Version: 2.2.3-1
Distribution: unstable
Urgency: medium
Maintainer: Julien Rouhaud
Changed-By: Julien Rouhaud
Changes:
pg-stat-kcache (2.2.3-1)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 14:49:30 +0200
Source: gnome-shell-extension-dash-to-panel
Architecture: source
Version: 60-1~exp1
Distribution: unstable
Urgency: medium
Maintainer: Jonathan Carter
Changed-By: Jonathan Carter
Changes:
On 2024-01-24 13:26:49 +0100 (+0100), Johannes Schauer Marin Rodrigues wrote:
[...]
> how does that work for those applications that require rust, go
> and friends? Are you proposing that everything that needs them
> should be be distributed by a flatpak or similar mechanism
> instead?
>
> Just a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 16:20:13 +
Source: debconf
Architecture: source
Version: 1.5.84
Distribution: unstable
Urgency: medium
Maintainer: Debconf Developers
Changed-By: Colin Watson
Closes: 304572 682508 754123 797071 1039068
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 17:23:21 +0100
Source: fastml
Architecture: source
Version: 3.11-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team
Changed-By: Andreas Tille
Closes: 1044832
Changes:
fastml (3.11-4)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 16:19:37 +0100
Source: golang-github-secure-systems-lab-go-securesystemslib
Architecture: source
Version: 0.8.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team
Changed-By: Simon
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 15:25:08 +0100
Source: camlidl
Architecture: source
Version: 1.12-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OCaml Maintainers
Changed-By: Stéphane Glondu
Changes:
camlidl (1.12-1) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 15:48:21 +0100
Source: ocaml-obuild
Architecture: source
Version: 0.1.11-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OCaml Maintainers
Changed-By: Stéphane Glondu
Changes:
ocaml-obuild (0.1.11-1)
Luca Boccassi writes:
> On Wed, 24 Jan 2024 at 13:34, Simon Josefsson wrote:
>>
>> Luca Boccassi writes:
>>
>> >> Having reflected a bit, and learned through my own experience and
>> >> others' insights [1] that Go Build-Depends are not transitive, I'd like
>> >> to update my proposal on how
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 16:25:37 +0100
Source: golang-github-sigstore-sigstore
Architecture: source
Version: 1.8.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team
Changed-By: Simon Josefsson
Changes:
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: cosign
Version : 2.2.2-1
Upstream Author : The Sigstore Authors
* URL : https://github.com/sigstore/cosign
* License : Apache-2.0
Programming Lang: Go
Description : Code signing
On Wed, 24 Jan 2024 at 13:34, Simon Josefsson wrote:
>
> Luca Boccassi writes:
>
> >> Having reflected a bit, and learned through my own experience and
> >> others' insights [1] that Go Build-Depends are not transitive, I'd like
> >> to update my proposal on how to handle a security bug in any
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 06:56:42 -0600
Source: fwupd
Built-For-Profiles: noudeb
Architecture: source
Version: 1.9.12-1
Distribution: unstable
Urgency: medium
Maintainer: Debian EFI
Changed-By: Mario Limonciello
Closes: 1059606 1060577
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 18:51:13 +0100
Source: dblatex
Architecture: source
Version: 0.3.12py3-3
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group
Changed-By: Matthias Klose
Closes: 1033547 1061320
Changes:
dblatex
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 16:05:18 +0100
Source: audit
Architecture: source
Version: 1:3.1.2-2
Distribution: unstable
Urgency: medium
Maintainer: Laurent Bigonville
Changed-By: Laurent Bigonville
Closes: 1060167
Changes:
audit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 18:14:22 +
Source: thermald
Architecture: source
Version: 2.5.6-1
Distribution: unstable
Urgency: medium
Maintainer: Colin Ian King
Changed-By: Colin Ian King
Changes:
thermald (2.5.6-1) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 13:51:16 +
Source: sdl2-compat
Architecture: source
Version: 2.28.50~git20240124~35695bd+ds-1
Distribution: experimental
Urgency: medium
Maintainer: Debian SDL packages maintainers
Changed-By: Simon McVittie
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 14:24:18 +0100
Source: python-httpretty
Architecture: source
Version: 1.1.4-4
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenStack
Changed-By: Thomas Goirand
Closes: 1060686
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 14:58:36 +0100
Source: photoqt
Architecture: source
Version: 4.2+ds-2
Distribution: unstable
Urgency: medium
Maintainer: Debian PhotoTools Maintainers
Changed-By: Gürkan Myczko
Changes:
photoqt (4.2+ds-2)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 17:38:42 +0100
Source: serd
Architecture: source
Version: 0.32.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers
Changed-By: Dennis Braun
Changes:
serd (0.32.2-1) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 10:18:35 -0500
Source: foliate
Built-For-Profiles: noudeb
Architecture: source
Version: 4.~really3.1.0-0.1
Distribution: unstable
Urgency: medium
Maintainer: Jonathan Carter
Changed-By: Jeremy Bícha
Closes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 08:51:19 -0500
Source: mozjs115
Built-For-Profiles: noudeb
Architecture: source
Version: 115.7.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers
Changed-By: Jeremy Bícha
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 17:50:06 +0300
Source: itcl4
Architecture: source
Version: 4.2.4-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Tcl/Tk Packagers
Changed-By: Sergei Golovan
Changes:
itcl4 (4.2.4-1) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 09:09:55 +0100
Source: alire
Architecture: source
Version: 1.2.1-1.1
Distribution: experimental
Urgency: medium
Maintainer: Stephane Carrez
Changed-By: Nicolas Boulenguez
Changes:
alire (1.2.1-1.1) experimental;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 11:25:54 -0600
Source: fwupd
Built-For-Profiles: noudeb
Architecture: source
Version: 1.9.12-2
Distribution: unstable
Urgency: medium
Maintainer: Debian EFI
Changed-By: Mario Limonciello
Changes:
fwupd
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 02:13:56 -0500
Source: cctbx
Architecture: source
Version: 2023.12+ds2+~3.17.0+ds1-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers
Changed-By: Andrius Merkys
Closes: 1061405
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 09:54:02 +
Source: rust-shlex
Architecture: source
Version: 1.3.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers
Changed-By: Alexander Kjäll
Changes:
rust-shlex (1.3.0-1)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Mon, 22 Jan 2024 02:43:58 -0500
Source: promod3
Binary: libpromod3-core-dev libpromod3-core3.4 libpromod3-core3.4-dbgsym
libpromod3-loop-dev libpromod3-loop3.4 libpromod3-loop3.4-dbgsym
libpromod3-modelling-dev
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 23 Jan 2024 18:54:24 -0700
Source: gh
Architecture: source
Version: 2.42.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team
Changed-By: Anthony Fok
Changes:
gh (2.42.1-1) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 09:11:26 +0100
Source: openjdk-21
Architecture: source
Version: 21.0.2+13-2
Distribution: unstable
Urgency: medium
Maintainer: OpenJDK Team
Changed-By: Matthias Klose
Closes: 1057500 1057508 1057519
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 08:42:11 +0100
Source: python-jsonpath-rw-ext
Architecture: source
Version: 1.2.2-3
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenStack
Changed-By: Thomas Goirand
Changes:
python-jsonpath-rw-ext
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 08:42:39 +0100
Source: bacula
Architecture: source
Version: 13.0.3-1~exp+1
Distribution: experimental
Urgency: medium
Maintainer: Debian Bacula Team
Changed-By: Carsten Leonhardt
Closes: 997831 1009012
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 10:12:19 +0100
Source: nextcloud-spreed-signaling
Architecture: source
Version: 1.2.2-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team
Changed-By: Mike Gabriel
Closes: 1060286
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 10:52:47 +0200
Source: mstflint
Architecture: source
Version: 4.26.0+1-1
Distribution: sid
Urgency: medium
Maintainer: Debian HPC Team
Changed-By: Tzafrir Cohen
Changes:
mstflint (4.26.0+1-1) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 10:54:53 +0100
Source: golang-github-google-go-pkcs11
Architecture: source
Version: 0.3.0+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team
Changed-By: Drew Parsons
Closes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 10:58:30 +0100
Source: dt-schema
Architecture: source
Version: 2023.11-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team
Changed-By: Agathe Porte
Changes:
dt-schema (2023.11-2) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 02:51:08 -0500
Source: nb2plots
Architecture: source
Version: 0.7.2-1
Distribution: unstable
Urgency: medium
Maintainer: Sandro Tosi
Changed-By: Sandro Tosi
Closes: 1035181 1036519 1053999
Changes:
nb2plots
On 24/01/24 2:07 pm, Simon Josefsson wrote:
Yes, for a low-level Go package (e.g., golang-golang-x-net-dev), this
will mean rebuilding almost all of the Go packages in Debian and publish
them in a security advisory.
This algorithm can be optimized (i.e., reduce the number of packages to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 20 Jan 2024 17:20:24 +
Binary: gir1.2-girepository-3.0 gir1.2-girepository-3.0-dev gir1.2-glib-2.0
gir1.2-glib-2.0-dev libgirepository-2.0-0 libgirepository-2.0-0-dbgsym
libgirepository-2.0-dev libglib2.0-0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 23 Jan 2024 18:53:33 +
Source: poco
Binary: libpoco-dev libpocoactiverecord100 libpocoactiverecord100-dbgsym
libpococrypto100 libpococrypto100-dbgsym libpocodata100 libpocodata100-dbgsym
libpocodatamysql100
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 23 Jan 2024 22:00:03 +0100
Source: gcc-13
Binary: cpp-13 cpp-13-for-build cpp-13-for-host cpp-13-x86-64-linux-gnu
cpp-13-x86-64-linux-gnu-dbgsym g++-13 g++-13-for-build g++-13-for-host
g++-13-multilib g++-13-x86-64-linux-gnu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 17 Jan 2024 12:00:00 +
Source: python-goodvibes
Binary: python3-goodvibes
Architecture: source all
Version: 3.2+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team
Changed-By: Yogeswaran Umasankar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Mon, 22 Jan 2024 11:28:32 +
Source: ace
Binary: ace-gperf ace-gperf-dbgsym ace-netsvcs ace-netsvcs-dbgsym libace-7.1.3
libace-7.1.3-dbgsym libace-dev libace-doc libace-flreactor-7.1.3
libace-flreactor-7.1.3-dbgsym
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Mon, 08 Jan 2024 18:54:43 +0100
Source: r-cran-nanoarrow
Binary: r-cran-nanoarrow r-cran-nanoarrow-dbgsym
Architecture: source amd64
Version: 0.3.0.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian R Packages
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 19 Jan 2024 12:30:00 +
Source: python-czt
Binary: python3-czt
Architecture: source all
Version: 0.0.7-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team
Changed-By: Yogeswaran Umasankar
Description:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Mon, 22 Jan 2024 11:54:45 CET
Source: rust-associative-cache
Binary: librust-associative-cache-dev
Architecture: amd64 source
Version: 2.0.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers
Changed-By:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 19 Jan 2024 14:45:36 CET
Source: rust-hickory-client
Binary: librust-hickory-client-dev
Architecture: amd64 source
Version: 0.24.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers
Changed-By:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 19 Jan 2024 15:46:55 CET
Source: rust-hickory-resolver
Binary: librust-hickory-resolver-dev
Architecture: amd64 source
Version: 0.24.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers
Changed-By:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 23 Jan 2024 16:10:25 +
Source: lfortran
Binary: lfortran lfortran-dbgsym liblfortran-dev liblfortran-runtime0
liblfortran-runtime0-dbgsym
Architecture: source arm64
Version: 0.30.0-1
Distribution: experimental
Urgency:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 23 Jan 2024 17:42:40 +0100
Source: golang-github-google-s2a-go
Binary: golang-github-google-s2a-go-dev
Architecture: source all
Version: 0.1.7-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Go Packaging Team
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 19 Jan 2024 00:13:44 +0100
Source: golang-github-spiffe-go-spiffe
Binary: golang-github-spiffe-go-spiffe-dev
Architecture: source all
Version: 2.1.7-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Go Packaging
As Johannes mentioned earlier in this thread, the first piece of practical
advice on nogir should be: if you don't know that you need to use it,
then perhaps you shouldn't. It's primarily aimed at breaking cycles,
and enabling buildability in lower-level packages during bootstrapping.
(Having
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 16:00:02 -0500
Source: giara
Built-For-Profiles: noudeb
Architecture: source
Version: 1.1.0-0.1
Distribution: unstable
Urgency: medium
Maintainer: Federico Ceratto
Changed-By: Jeremy Bícha
Closes: 1036626 1051091
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 20:03:15 +
Source: systemd
Architecture: source
Version: 255.3-1
Distribution: sid
Urgency: medium
Maintainer: Debian systemd Maintainers
Changed-By: Luca Boccassi
Changes:
systemd (255.3-1) sid;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 22:09:32 +0100
Source: qt6-tools
Architecture: source
Version: 6.6.1-3
Distribution: experimental
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers
Changed-By: Patrick Franz
Changes:
qt6-tools (6.6.1-3)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Mon, 22 Jan 2024 16:11:59 -0400
Source: unattended-upgrades
Architecture: source
Version: 2.9.1+nmu4
Distribution: unstable
Urgency: medium
Maintainer: Michael Vogt
Changed-By: Stefano Rivera
Closes: 1058172
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 19:22:01 +0100
Source: urwid
Architecture: source
Version: 2.4.6-0.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team
Changed-By: Matthias Klose
Changes:
urwid (2.4.6-0.1) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 20:20:57 +0100
Source: markdown-callouts
Architecture: source
Version: 0.4.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team
Changed-By: Carsten Schoenert
Changes:
markdown-callouts
[follow-ups should probably go to -project, but I'm not setting my
headers to try to force that]
At 2024-01-24T16:57:06+0100, Simon Josefsson wrote:
> One could equally well make the argument that distributors should care
> about the Go/Rust ecosystems, and make whatever changes needed in
> order
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 21:19:03 +0100
Source: xpdf
Architecture: source
Version: 3.04+git20240124-1
Distribution: unstable
Urgency: medium
Maintainer: Florian Schlichting
Changed-By: Florian Schlichting
Closes: 1061423
Changes:
xpdf
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 16:02:45 -0500
Source: gtk+2.0
Built-For-Profiles: noudeb
Architecture: source
Version: 2.24.33-3
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers
Changed-By: Jeremy Bícha
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 21:30:29 +0100
Source: usb.ids
Architecture: source
Version: 2024.01.20-1
Distribution: unstable
Urgency: medium
Maintainer: Aurelien Jarno
Changed-By: Aurelien Jarno
Changes:
usb.ids (2024.01.20-1) unstable;
On Wed, Jan 24, 2024 at 06:30:02PM +, Alberto Garcia wrote:
> - Are packages that ship gobject-introspection files supposed to have
>in the relevant build dependencies (gir1.2-*-dev,
> gobject-introspection ?), or is the build profile handling this
> automatically?
This is not
On Jan 24, Peter Pentchev wrote:
> This might be a minority, optimistic, rose-tinted-glasses kind of
> opinion, but I believe that the state of the Rust ecosystem today
> (I have no experience with the Go one) is quite similar to what Perl and
> Python modules were 25, 20, bah, even 15 years
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 20:11:26 +
Source: glib2.0
Architecture: source
Version: 2.79.1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian GNOME Maintainers
Changed-By: Simon McVittie
Changes:
glib2.0 (2.79.1-1)
On Wed, Jan 17, 2024 at 10:00:35PM +, Simon McVittie wrote:
> Here is the draft text that I added to the GObject-Introspection
> mini-policy in 1.78.1-11:
Hi, thanks for the explanation.
A couple of questions about this:
- Are packages that ship gobject-introspection files supposed to have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 12:32:54 -0600
Source: fwupd
Built-For-Profiles: noudeb
Architecture: source
Version: 1.9.12-3
Distribution: unstable
Urgency: medium
Maintainer: Debian EFI
Changed-By: Mario Limonciello
Changes:
fwupd
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 20:47:38 +0100
Source: flask-limiter
Architecture: source
Version: 3.5.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team
Changed-By: Carsten Schoenert
Closes: 1019747
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 22:46:52 +0300
Source: sip6
Architecture: source
Version: 6.8.2+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team
Changed-By: Dmitry Shachnev
Changes:
sip6 (6.8.2+dfsg-1) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 20:39:04 +0100
Source: rust-ntp-proto
Architecture: source
Version: 1.1.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers
Changed-By: Sylvestre Ledru
Changes:
rust-ntp-proto
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 22:31:29 +0100
Source: python-webdavclient
Architecture: source
Version: 3.14.6-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team
Changed-By: Alexandre Detiste
Changes:
python-webdavclient
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 13:24:05 -0500
Source: django-maintenancemode
Architecture: source
Version: 0.11.7+git221001-3
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group
Changed-By: Scott Kitterman
Closes: 1044286
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 21:23:37 +0100
Source: libselinux
Architecture: source
Version: 3.5-2
Distribution: unstable
Urgency: medium
Maintainer: Debian SELinux maintainers
Changed-By: Laurent Bigonville
Closes: 914247 1029095
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 21:34:39 +
Source: firehol
Architecture: source
Version: 3.1.7+ds-3
Distribution: unstable
Urgency: medium
Maintainer: Jerome Benoit
Changed-By: Jerome Benoit
Closes: 309198 536362 976014 993322 1050664
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 24 Jan 2024 22:33:15 +0100
Source: onionshare
Architecture: source
Version: 2.6-6
Distribution: experimental
Urgency: medium
Maintainer: Debian Privacy Tools Maintainers
Changed-By: Sandro Knauß
Closes: 1061360
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 24 Jan 2024 22:50:01 +0100
Source: bpftrace
Architecture: source
Version: 0.20.0-1
Distribution: unstable
Urgency: medium
Maintainer: Vincent Bernat
Changed-By: Vincent Bernat
Changes:
bpftrace (0.20.0-1) unstable;
1 - 100 of 138 matches
Mail list logo