Bug#846329: marked as done (RFS: tsctp/0.6.3-1)
Your message dated Fri, 24 Mar 2017 04:26:14 + with message-id and subject line closing RFS: tsctp/0.6.3-1 has caused the Debian Bug report #846329, regarding RFS: tsctp/0.6.3-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 846329: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846329 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "tsctp" * Package name : tsctp Version : 0.6.3-1 Upstream Author : Michael Tüxen * URL : https://www.uni-due.de/~be0001/tsctp/ * License : BSD Section : net It builds those binary packages: tsctp - SCTP Test Tool To access further information about this package, please visit the following URL: https://mentors.debian.net/package/tsctp Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/t/tsctp/tsctp_0.6.3-1.dsc signature.asc Description: This is a digitally signed message part. --- End Message --- --- Begin Message --- Package tsctp has been removed from mentors.--- End Message ---
Re: arpwatch & systemd
Hi, thanks Vincent and Gianfranco for offering your advice! On Wed, 22 Mar 2017 23:13:52 + (UTC) Gianfranco Costamagna wrote: > did you consider to merge the work from Fedora? > they already have a systemd service, and IIRC the project seems > somewhat dead upstream, so merging their work and sending them > patches might be beneficial for both distros. Please try to have a > similar working tool, rather than diverging too much, specially when > upstream is not active anymore. Well, I had looked at systemd unit files for arpwatch using web search. Most of the unit files I found only allow starting one instance of arpwatch. This is also true for the unit file included in Fedora. At least openSUSE has a systemd service file which allows launching multiple instances of arpwatch, but it does not allow different configurations for the individual interfaces (which our current LSB init script is capable of). I would like to avoid a situation where upgrading to the new version requires writing systemd unit files, so we need to keep the ability to have multiple instances of arpwatch which can be configured differently. I think calling the project "somewhat dead" is an understatement after 7+ years of inactivity. This is a long time and different distros have accumulated different patches. There also used to be an arpwatch-ng fork, which is now also dead. Debian's patches introduce quite a bit of functionality to arpwatch as well. Now directly comparing Fedora and Debian, the arpwatch binaries are pretty different (the introduced patches add different feature, newly introduced arguments are conflicting, e.g. '-s', …). While I agree that a strong cooperation between the distros, especially for packages with dead upstream, would be mutually beneficial, it is hard to start doing that after the packages have diverted so much. > I don't think you want people having issues when switching from > Fedora to Debian and vice-versa, specially with systemd configuration > files :) Unless we want to drop some features available using our current LSB init script (thereby forcing some admins to write their own systemd unit files just to keep their current arpwatch setup), I don't think incompatibilities can be avoided. > (as pkg-security team we might have some interests in having the > package under our team, so you might find sponsors asking us to > review your work!) Good to know, I will X-Debbugs-CC pkg-security once I file an RFS bug. Team maintenance would be really nice :) . Regards Lukas pgpySc0mm2DJ8.pgp Description: OpenPGP digital signature
Bug#832941: RFS: 4pane
Dear Sean, >>> Files in .build/ remain, and are not given in d/copyright. >> The remaining ones are my own files. Won't they be covered by '*'? >Oh, sorry, I assumed you hadn't written 4pane.m4. Not so many people >know m4, as I understand it :) I believe you; it's not my idea of light relaxation either. >Having read the results of your research, I suggest the following >approach: >- insert all the authorship info you've managed to find thus far -- no > reason to throw away that effort -- in the Copyright: field, not > Comment:. > In the situation where you have a list of project authors but it is > unlikely that they all worked on the icon file, just list them all, > and put "Comment: These are the authors for the upstream project from > which this file was obtained." >- for the files where it is not clear, write a copyright string based on > the project name. E.g. for kedit.xpm, "(C) 1999 kde-artist team" >If this doesn't sound sane, it might be best to ask debian-legal. But I >think we could go ahead and upload and see what the ftp-masters think of >my proposed solution. Thank you for the suggestion, which sounds entirely reasonable to me. I've updated d/copyright along those lines, and uploaded a new tarball with Makefile.in removed. >> Finally, my ITP has timed-out and the package removed from >> mentors. Does this now matter? >We don't need mentors since I am working out of your git repo. Your ITP >does not appear to have timed out. If the RFS gets closed, you can just >re-open it. Sorry, wrong TLA; it was actually a notification about this RFS, which still seems live. Regards, David Hart
dh_installdocs multiple docs with same name
Hi! can I use dh_installdocs to install two files with the same name but with a different path in the source tree? Say my source tree contains: README module/README How would I install both files as docs? I've thought up a way to do this: override dh_install and rename one of the files there, and list the new name in the docs file. But this seems overly complicated. Surely there is a better way? Thanks, Roel
Bug#858557: RFS: golang-github-klauspost-reedsolomon/1.3-1~exp1 -- Reed-Solomon Erasure Coding in Go
Package: sponsorship-requests Severity: normal X-Debbugs-Cc: pkg-go-maintain...@lists.alioth.debian.org, fr...@debian.org, daniel820...@gmail.com, rogershim...@gmail.com Dear mentors, I am looking for a sponsor for my package "golang-github-klauspost-reedsolomon", which is a dependency of another my package "golang-github-xtaci-kcp". * Package name: golang-github-klauspost-reedsolomon Version : 1.3-1~exp1 Upstream Author : Klaus Post * URL : https://github.com/klauspost/reedsolomon * License : MIT Section : devel It builds those binary packages: golang-github-klauspost-reedsolomon-dev - Reed-Solomon Erasure Coding in Go To access further information about this package, please visit the following URL: https://mentors.debian.net/package/golang-github-klauspost-reedsolomon Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/g/golang-github-klauspost-reedsolomon/golang-github-klauspost-reedsolomon_1.3-1~exp1.dsc or you can use git-buildpackage to build: gbp clone --pristine-tar https://anonscm.debian.org/git/pkg-go/packages/golang-github-klauspost-reedsolomon.git cd golang-github-klauspost-reedsolomon git checkout mentors mk-build-deps --root-cmd sudo --install --tool "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends" gbp buildpackage -uc -us --git-ignore-branch --git-pristine-tar I also built this package on debomatic (amd64): http://debomatic-amd64.debian.net/distribution#experimental/golang-github-klauspost-reedsolomon/1.3-1~exp1/buildlog Changes since the last upload: golang-github-klauspost-reedsolomon (1.3-1~exp1) experimental; urgency=medium * New upstream 1.3 * debian/control: - Add myself as uploader. Cheers, -- Roger Shimizu, GMT +9 Tokyo PGP/GPG: 4096R/6C6ACD6417B3ACB1
Bug#852415: marked as done (RFS: scap-security-guide/0.1.31-1 ITP: security guides and conformity checks using SCAP standard)
Your message dated Thu, 23 Mar 2017 10:20:16 + with message-id and subject line closing RFS: scap-security-guide/0.1.31-1 ITP: security guides and conformity checks using SCAP standard has caused the Debian Bug report #853903, regarding RFS: scap-security-guide/0.1.31-1 ITP: security guides and conformity checks using SCAP standard to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 853903: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853903 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "scap-security-guide" Package name: scap-security-guide Version : 0.1.31-3 Upstream Author : Watson Yuuma Sato (ws...@redhat.com) URL : https://www.open-scap.org/security-policies/scap-security-guide/ License : unlicenced (see https://github.com/OpenSCAP/scap-security-guide/blob/master/LICENSE) Section : admin It builds those binary packages: ssg-base - SCAP Security guide base content and documentation ssg-debian8 - SCAP Guides and benchmarks targeting Debian 8 ssg-firefox - SCAP Guides and benchmarks targeting Firefox Browser ssg-jre- SCAP Guides and benchmarks targeting Java Runtime Environment ssg-ubuntu1604 - SCAP Guides and benchmarks targeting Ubuntu 16.04 ssg-webmin - SCAP Guides and benchmarks targeting Webmin To access further information about this package, please visit the following URL: https://mentors.debian.net/package/scap-security-guide Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/s/scap-security-guide/scap-security-guide_0.1.31-3.dsc More information about scap-security-guide can be obtained from https://www.open-scap.org/security-policies/scap-security-guide The repository is on https://github.com/OpenSCAP/scap-security-guide Changes since the last upload: * Add XCCDF benchmarks and guides for JRE and Webmin About SCAP-security-guide: SCAP-security-guide works with the OpenSCAP tool, which is already packaged in Debian. The goal of this package is to deploy SCAP XCCDF Benchmarks and Guides for various targets not deployed by the OpenSCAP core package, but supported by the SCAP-security-guide community in which I work as contributor for Ubuntu, Debian and ANSSI best practices. Using these guides/benchmarks, it is possible to validate conformity of Debian-based deployment against standard security policies such as ANSSI Best-practices, PCI-DSS, NIST SP-800... and to launch remediation scripts when needed. Using the OpenSCAP ecosystem, it is possible to manage the security policy of a complete infrastructure, when launching OpenSCAP tool with the above benchmarks through ssh (for e.g.) or on VM or docker templates. Regards, Philippe Thierry --- End Message --- --- Begin Message --- Package scap-security-guide version 0.1.31-1 is in unstable now. https://packages.qa.debian.org/scap-security-guide--- End Message ---
Bug#853903: marked as done (RFS: scap-security-guide/0.1.31-1 ITP: security guides and conformity checks using SCAP standard)
Your message dated Thu, 23 Mar 2017 10:20:16 + with message-id and subject line closing RFS: scap-security-guide/0.1.31-1 ITP: security guides and conformity checks using SCAP standard has caused the Debian Bug report #853903, regarding RFS: scap-security-guide/0.1.31-1 ITP: security guides and conformity checks using SCAP standard to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 853903: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853903 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: sponsorship-requests Severity: wishlist Dear mentors, First, thanks Tobi for your message ! I've corrected Warnings and Informational from lintian. Pedantic ones are harder to correct : - there is no explicit upstream changelog in sources, the scap-security-guide.spec is used as a changelog file. I deploy it through the ssg-base package - other binary packages don't deploy this file, ssg-base being a dependency of all other binary pacakges - there is not gpg check available on the github repository for uscan - the .svn control dir is voluntary in the upsteam sources, used as a "git submodule" like mechanism for the Red-Hat specific documentation - duplicated files is due to a current work on new PCIDSS derivative on which the RedHat team is working. When the 0.1.31 version has been released, the derivative was just a duplication of the PCIDSS content. To continue this mail in a standard way... I am looking for a sponsor for my package "scap-security-guide" Package name: scap-security-guide Version : 0.1.31-6 Upstream Author : Watson Yuuma Sato (ws...@redhat.com) URL :https://www.open-scap.org/security-policies/scap-security-guide/ License : unlicenced (seehttps://github.com/OpenSCAP/scap-security-guide/blob/master/LICENSE) Section : admin It builds those binary packages: ssg-base - SCAP Security guide base content and documentation ssg-debian8 - SCAP Guides and benchmarks targeting Debian 8 ssg-firefox - SCAP Guides and benchmarks targeting Firefox Browser ssg-jre- SCAP Guides and benchmarks targeting Java Runtime Environment ssg-rhel5 - SCAP Guides and benchmarks targeting Red-Hat Enterprise Linux 5 ssg-rhel6 - SCAP Guides and benchmarks targeting Red-Hat Enterprise Linux 6 ssg-rhel7 - SCAP Guides and benchmarks targeting Red-Hat Enterprise Linux 7 ssg-ubuntu1604 - SCAP Guides and benchmarks targeting Ubuntu 16.04 ssg-webmin - SCAP Guides and benchmarks targeting Webmin To access further information about this package, please visit the following URL: https://mentors.debian.net/package/scap-security-guide Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/s/scap-security-guide/scap-security-guide_0.1.31-6.dsc More information about scap-security-guide can be obtained fromhttps://www.open-scap.org/security-policies/scap-security-guide The repository is onhttps://github.com/OpenSCAP/scap-security-guide Changes since the last upload: * Various corrections for lintian conformity. Only pedantic and experimental are still present. About SCAP-security-guide: SCAP-security-guide works with the OpenSCAP tool, which is already packaged in Debian. The goal of this package is to deploy SCAP XCCDF Benchmarks and Guides for various targets not deployed by the OpenSCAP core package, but supported by the SCAP-security-guide community in which I work as contributor for Ubuntu, Debian and ANSSI best practices. Using these guides/benchmarks, it is possible to validate conformity of Debian-based deployment against standard security policies such as ANSSI Best-practices, PCI-DSS, NIST SP-800... and to launch remediation scripts when needed. Using the OpenSCAP ecosystem, it is possible to manage the security policy of a complete infrastructure, when launching OpenSCAP tool with the above benchmarks through ssh (for e.g.) or on VM or docker templates. Regards, Philippe Thierry --- End Message --- --- Begin Message --- Package scap-security-guide version 0.1.31-1 is in unstable now. https://packages.qa.debian.org/scap-security-guide--- End Message ---
Bug#858538: RFS: fadecut/0.2.0-1
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "fadecut" * Package name: fadecut Version : 0.2.0-1 Upstream Author : Martin Gafner, Marco Balmer * URL : https://github.com/fadecut/fadecut * License : GPL-3.0 Section : sound It builds those binary packages: fadecut - toolset to rip audiostreams, cut, fade in/out and tag To access further information about this package, please visit the following URL: https://mentors.debian.net/package/fadecut https://github.com/fadecut/fadecut/tree/debian Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/f/fadecut/fadecut_0.2.0-1.dsc Changes since the last upload: fadecut (0.2.0-1) unstable; urgency=low * New 0.2.0 upstream release * Standards bumped to 3.9.8 * Add pandoc to build-depends * Add opus-tools to depends * Add gzip to build-depends * Add mediainfo to depends and build-depends * Change watch-file url * Replace with new Vcs-Git to github url Thank you in advance, Marco Balmer -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJY04ulAAoJECWTbxPp/5knUPsQAJV2Rng/aH7ZkuX93cAkxBiM t00rnfjXSic7N3CRzBhe/20ye1Mpf6a8fDHz/HzZOTunUrYVW3KX0VXHdihS7y6m sg0H+Mj/jWQYTvAKLK4q1sSLQ8gfEhr9xHW5HT2XrSfsFTdYpDsmu4rZxFTrEoKQ Tg4RSwRL7jVVDfgVlRpd+WVY1UrPO8H10GCuRy8sxXTMBKlpgySSWAEup5jYJ7hu EeuXn1a0n8kCIa1FlXgslX69n0KZAAb85OQxNXi7JQG1II0qjDfcF/xzU2RNBUTP e4BDhgVshQnHYwyABmtvpgQy39uqNhoL3912N0QcScJYEwTqUyawzBYf6scqdJWs lP92c1Mhs+uuzDf0Vqd0P/0aTskpLiN5hcfZ98A+N/CsPWEX2e5fn8JFXrfD967J eKV4Gc1VISunB2N/PLrvLMOGTiE2TeKHxA/5ooZMuSxWWMQ2R6vTAY5dfvvGxEHA fOa6n7WhX6HYts5jJKdQT7vlqGq/EaQMZjOEwXstjJg1pRzrrzFtaqM9SLduLcKN mPe8E0Z89wHxu0tDdngIJJ5XaC/XLRfq2jM/J1ztEJx7+nPEldTHPC1/eD9kwQhP U3lBxHKF7zIkQvF7GTnsQHNJtnqi0AErf358j+qA6mpSRQeRr38M84XYI5lH7k62 ucJp/e2KTwo+WqVjwn2i =IWnX -END PGP SIGNATURE-