On July 3, 2014 3:26:49 PM EDT, Andreas Cadhalpun <[email protected]> wrote: >Hi, > >On 03.07.2014 19:10, Sebastian Andrzej Siewior wrote: >> On 2014-07-03 17:37:58 [+0200], Andreas Cadhalpun wrote: >>>>>> Maybe they can manage to sign their tags. >>>>> >>>>> That would be good, although I don't know if uscan can verify >signed tags. >>>>> Or would there be detached signatures on the download page? >>>> >>>> Argh, right. No, it would be part of the tag. So it wouldn't be of >any >>>> use for use then :P >>> >>> Except if uscan can be thought to verify signed tags... >> >> Those tags are a little different. This tag signes the commit and not >> something that we download. I don't see how uscan could verify those >> apart from a git tree. > >Yes, this probably won't work. :( > >>> I see you backported a patch to expose cl_initialize_crypto in >clamav.h. >>> Have you already tested/patched the reverse dependencies? > >Looking closer, I think now that cl_initialize_crypto and >cl_cleanup_crypto are in clamav.h, they should be moved from >CLAMAV_PRIVATE to CLAMAV_PUBLIC in libclamav/libclamav.map.
Should discuss with upstream. >> - havp: #753530 >> doesn't look very well maintained. For that reason we might want >to >> bump the so number of the version to make sure the "old" version >works >> even if nobody updates the packages. >> Besides that, it is only on unstable so we don't have to worry >about >> stable :) > >Not very well maintained means in this case completely unmaintained >since three years. Given that it has now 5 RC bugs, it's probably best >to remove it from the archive. Upstream havp offered to do a new release to fix this issue, so depending on how hard the RC bugs are to fix, it might be worth an NMU. >> - dansguardian: #753533 >> I opened that bug against stable. Which remainds, shouldn't >oldstable >> be gone by now? > >It has the same version in stable and unstable, so the stable update is > >just the same as the update in unstable. Oldstable has LTS support by a dedicated team. We can ignore it. >> - c-icap-modules: started yesterday, should be finished by tonight :) > >OK. > >> - python-pyclamav: haven't look at it yet. > >I just looked into this one and the attached patch should be enough, >but >I'm not sure how to test that. > >Scott, since you are the only uploader of python-pyclamav, can you >verify that this patch is good? I can try it. >By the way, python-pyclamav seems to be dead upstream since 2008 and >superseeded by python-pyclamd, which seems to be unmaintained in Debian > >since 2011, while the last upstream version is from 2014-06-23. > >You might want to consider to take over python-pyclamd and remove >python-clamav from unstable. Python-pyclamd doesn't fully replace python-clamav. It requires little enough maintenance that I think it's worth keeping. I'll look into the patch and pyclamd. Thanks, Scott K _______________________________________________ Pkg-clamav-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-clamav-devel
