Your message dated Mon, 07 Oct 2019 15:49:50 +0000
with message-id <[email protected]>
and subject line Bug#940026: fixed in gvfs 1.42.1-1
has caused the Debian Bug report #940026,
regarding gvfs: unbuildable in unstable: requires experimental 
gsettings-desktop-schemas
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
940026: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940026
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: gvfs
Version: 1.42.0-1
Severity: grave
Justification: renders package unusable

> gvfs unsatisfiable Build-Depends(-Arch) on amd64: 
> gsettings-desktop-schemas-dev (>= 3.33.0)

We cannot upload the new gsettings-desktop-schemas-dev to unstable yet,
because it Breaks the current version of mutter, which cannot go to
unstable until we are ready for the libmutter and evolution-data-server
ABI transitions to take place.

This probably needs to be reverted via a 1.42.0+really1.38.1 or
1.42.0+really1.40.1 upload to unstable, and 1.42.0+really1.42.0 to
experimental.

Unfortunately this has also knocked gvfs 1.41.x out of experimental,
because that happens automatically whenever the source version in unstable
is higher.

    smcv

--- End Message ---
--- Begin Message ---
Source: gvfs
Source-Version: 1.42.1-1

We believe that the bug you reported is fixed in the latest version of
gvfs, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Simon McVittie <[email protected]> (supplier of updated gvfs package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 07 Oct 2019 15:40:15 +0100
Source: gvfs
Architecture: source
Version: 1.42.1-1
Distribution: unstable
Urgency: high
Maintainer: Debian GNOME Maintainers 
<[email protected]>
Changed-By: Simon McVittie <[email protected]>
Closes: 921816 927221 929755 930376 940026
Changes:
 gvfs (1.42.1-1) unstable; urgency=medium
 .
   * Team upload
   * Merge changelog entries from unstable
   * New upstream release
     - dav: Fix mounting when 403 is returned for the parent folder
     - Revert "sftp: Always use port 22 if not specified"
       to fix use of a configured port number in ~/.ssh/config
     - Translation updates: da, de, nl
   * Upload to unstable, now that the required gsettings-desktop-schemas
     is available in testing
 .
 gvfs (1.42.0+really1.38.1-1) unstable; urgency=medium
 .
   * Team upload
   * Re-release 1.38.1-5 to unstable to overwrite premature upload of
     1.42.x. Versions 1.42.x depend on a gsettings-desktop-schemas version
     from experimental that cannot go to unstable until the mutter and
     evolution-data-server transitions for GNOME 3.34 are ready.
     (Closes: #940026)
     - d/gbp.conf: Set packaging branch to debian/unstable
 .
 gvfs (1.38.1-5) unstable; urgency=high
 .
   * Team upload
   * d/p/gvfsdaemon-Check-that-the-connecting-client-is-the-same-u.patch:
     Add missing authentication, preventing a local attacker from connecting
     to an abstract socket address learned from netstat(8) and issuing
     arbitrary D-Bus method calls
   * d/p/gvfsdaemon-Only-accept-EXTERNAL-authentication.patch:
     Harden private D-Bus connection by rejecting the more complicated
     DBUS_COOKIE_SHA1 authentication mechanism and only accepting EXTERNAL.
 .
 gvfs (1.38.1-4) unstable; urgency=high
 .
   * Team upload
   * Update from upstream gnome-3-30 branch to fix the admin backend
     (Closes: #929755)
     - Implement query_info_on_read/write to fix some race conditions
       (CVE-2019-12448)
     - Ensure that created files get the correct ownership (CVE-2019-12247)
     - Ensure that copied files get the correct ownership (CVE-2019-12449)
   * Remove obsolete version number from fuse dependency.
     gvfs needs fuse (>= 2.8.4), but that version is older than oldstable,
     so we can safely simplify to "Depends: fuse".
     The versioned dependency is not satisfied by fuse3's unversioned
     "Provides: fuse", but the unversioned dependency is. (Closes: #927221)
 .
 gvfs (1.38.1-3) unstable; urgency=high
 .
   * Team upload
   * d/p/admin-Prevent-access-if-any-authentication-agent-isn-t-av.patch:
     Add patch from upstream to prevent members of the sudo group from
     bypassing the intended password check for privileged access to files
     via the admin: backend if no polkit authentication agents are
     available (CVE-2019-3827, Closes: #921816)
   * d/p/*: Update to upstream gnome-3-30 branch, commit 1.38.1-9-gd4dab113
     - admin: Fix CVE-2019-3827 (see above)
     - autorun: Don't crash if an autorun file is not valid UTF-8
     - mtp: Don't busy-loop retrying reading an event after failure
     - udisks2: Reinstate support for deprecated comment=x-gvfs-show fstab
       option syntax (but please use x-gvfs-show instead)
     - tests: Use the right SMB port if running in the sandbox
     - Update translations: eu, sk, sr
   * d/gbp.conf: Configure for debian/buster and upstream/1.38.x branches
   * d/control: Use debian/buster branch in Vcs-Git
 .
 gvfs (1.42.0+really1.42.0-1) experimental; urgency=medium
 .
   * Team upload
   * Re-upload 1.42.x to experimental, with a higher version number than
     the revert to 1.38.x in unstable. It isn't ready for unstable just yet.
     (Closes: #940026)
 .
 gvfs (1.42.0-1) unstable; urgency=medium
 .
   * New upstream release
 .
 gvfs (1.41.91-1) experimental; urgency=medium
 .
   [ Simon McVittie ]
   * Add bug number and CVE ID to previous changelog entry
 .
   [ Iain Lane ]
   * debian/watch: Find unstable versions
   * New upstream release
     + admin: Add query_info_on_read/write functionality (CVE-2019-12448)
     + admin: Allow changing file owner (CVE-2019-12447)
     + admin: Ensure correct ownership when moving to file:// uri
       (CVE-2019-12449)
     + admin: Prevent core dumps when daemon is manually started
     + admin: Use fsuid to ensure correct file ownership (CVE-2019-12447)
     + afc: Remove assumptions about length of device UUID to support new
       devices
     + afp: Fix afp backend crash when no username supplied
     + build: Add dependency on gsettings-desktop-schemas
     + build: Bump required meson version to 0.50.0
     + build: Define gvfs_rpath for libgvfsdaemon.so
     + build: Several meson improvements
     + daemon: Check that the connecting client is the same user
       (CVE-2019-12795)
     + daemon: Only accept EXTERNAL authentication (CVE-2019-12795)
     + daemon/udisks2: Handle lockdown option to disable writing
     + daemon: Unify some translatable strings
     + fuse: Adapt gvfsd-fuse to use fuse 3.x
     + fuse: Define RENAME_* macros when they are not defined
     + fuse: Remove max_write limit
     + gmountsource: Fix deadlocks in synchronous API
     + google: Check ownership in is_owner() without additional HTTP request
     + google: Disable deletion of non-empty directories
     + google: Do not enumerate volatile entries if title matches id
     + google: Fix crashes when deleting if the file isn't found
     + google: Fix issue with stale entries remaining after rename operation
     + google: Support deleting shared Google Drive files
     + proxy: Don't leak a GVfsDBusDaemon
     + udisks2: Change display name for crypto_unknown devices
   * debian/patches: Drop backported patches. We're further ahead now.
 .
 gvfs (1.40.1-3) experimental; urgency=medium
 .
   * Team upload
   * d/p/gvfsdaemon-Check-that-the-connecting-client-is-the-same-u.patch:
     Add missing authentication, preventing a local attacker from connecting
     to an abstract socket address learned from netstat(8) and issuing
     arbitrary D-Bus method calls
     (Closes: #930376, CVE-2019-12795)
   * d/p/gvfsdaemon-Only-accept-EXTERNAL-authentication.patch:
     Harden private D-Bus connection by rejecting the more complicated
     DBUS_COOKIE_SHA1 authentication mechanism and only accepting EXTERNAL
 .
 gvfs (1.40.1-2) experimental; urgency=medium
 .
   * Team upload
   * Update from upstream gnome-3-32 branch, commit 1.40.1-9-gec939a01,
     to fix the admin backend
     (Closes: #929755)
     - Implement query_info_on_read/write to fix some race conditions
       (CVE-2019-12448)
     - Ensure that created files get the correct ownership (CVE-2019-12247)
     - Ensure that copied files get the correct ownership (CVE-2019-12449)
     - Fix deadlocks in synchronous API
     - Various fixes for afc backend
     - Update translation: zh_CN
   * Remove obsolete version number from fuse dependency.
     gvfs needs fuse (>= 2.8.4), but that version is older than oldstable,
     so we can safely simplify to "Depends: fuse".
     The versioned dependency is not satisfied by fuse3's unversioned
     "Provides: fuse", but the unversioned dependency is. (Closes: #927221)
 .
 gvfs (1.40.1-1) experimental; urgency=medium
 .
   * New upstream release
 .
 gvfs (1.40.0-1) experimental; urgency=medium
 .
   * New upstream release
   * Drop test-Remove-trailing-newline-from-the-IP-string.patch: Applied
 .
 gvfs (1.39.91-1) experimental; urgency=medium
 .
   * New upstream development release
   * Add test-Remove-trailing-newline-from-the-IP-string.patch:
     - Proposed patch to fix autopkgtest with glibc 2.29
 .
 gvfs (1.39.90-1) experimental; urgency=medium
 .
   * New upstream development release
   * Bump minimum meson to 0.49.0
Checksums-Sha1:
 c7f93e04f5be2794ac9a14b2cc190e2990a15904 3396 gvfs_1.42.1-1.dsc
 7741122e301544a7a50fe057dcb421a60b0778f5 1204916 gvfs_1.42.1.orig.tar.xz
 9388a90539c522b759c6101937ccfb585a36fa96 24508 gvfs_1.42.1-1.debian.tar.xz
 f9a492075035d302151f479eb487617fa353cdf0 19187 gvfs_1.42.1-1_source.buildinfo
Checksums-Sha256:
 6683cea560e042a5ca29a518f6e390a79950c6d6cc65c3e2a0a31f2159c8555b 3396 
gvfs_1.42.1-1.dsc
 9d06071b4a1d83671f76d0e3c32b66631671669d330fe21702f60a8611c37730 1204916 
gvfs_1.42.1.orig.tar.xz
 cc39d4466805abb4c8fd91fcc85b19d308ead56e64c81c7e772ee64f1b21c227 24508 
gvfs_1.42.1-1.debian.tar.xz
 d795f278d23cce5b189a70d27de20422bd46d1e1499595842f4ff50f57ff3edf 19187 
gvfs_1.42.1-1_source.buildinfo
Files:
 ba478b7038a6b4df058837378fb25121 3396 gnome optional gvfs_1.42.1-1.dsc
 93592535508322548d44fa036b635a0a 1204916 gnome optional gvfs_1.42.1.orig.tar.xz
 43fc9e8356c1bc33d06c4bd58e55624b 24508 gnome optional 
gvfs_1.42.1-1.debian.tar.xz
 86f64d39f1bbdc3566ce99475bcc1eee 19187 gnome optional 
gvfs_1.42.1-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAl2bVI4ACgkQ4FrhR4+B
TE+Yng//a8G5BPV2msyisPs9nAWKNXxpfQm5OtzHm33Sm4giMJl1cMDKowI5pVeL
ZvjY/EPO89fThzS/5+nmVnFnkSv+GH5L/pdR3zN1b1plOOmtaelmpu809CO+zkT+
486Etfw3dON0RKBz0+ix6ls9wDrSehALcur9qolFFa7V2QRZCdPAj3cEtBOmK3Sa
cBRn/ULWO4KEqTJ3+ENWZIpdoSpX+ypqVc8HYKHEZDLXgvX/H9+m6TarbNl1A1Gf
KkhT+82Fth4SwuZd1cx0Hj1TbdFMCphXShTWUAM8tPNYTOr0fdcbfhZvYh2O99Ll
TcigQbWiWWtL9er75XOacj+D4OGyK5YbeJLeQzFPYNkSHWyB/7umQ6n7T4sBY+Qq
JkBsCF1MX2bhm41bL6QYeLoLpz9DoFmpwYZJr/3GQBg2msh4/HKRz0fxJCa6Bc9p
O0WCD1qVXEpcyRy5kgOMP7AmfXIlEKEAlcwfs8lFR7HVw0DO0HKfzx6Lhf2luEXE
mzTwcbyhDnbM+MRDLtfnlagFgHStgLBc4Vfnl/YPDvVepvx0DGWJCYvFUa6J9+Rm
o21KhFrG7rFdpDIqwbsUcwsJuA5u994xF6ccz5a/fDHgXYzstLmXEk/Cs/slXJjP
e3yuSWbM+EKqIFuAile7iEqkRtrwn0XHuhbfyj+db85FqMRdxl4=
=gQYP
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to