Bug#1034805: #1034805 fis-gtm: CVE-2021-44496 CVE-2021-44504
The CVEs listed in this bug report do NOT affect GT.M V7.0-005, the current Debian version listed on https://tracker.debian.org/pkg/fis-gtm. There is no reason for this bug report. Please close it. I will upload a newer version of GT.M, V7.1-002, later this month. Thanks, Amul The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. Message Encrypted via TLS connection
Bug#1051562: fis-gtm: uploader email adres maybe invalid
Hi Andreas, This email address is active. Did an email to this address bounce? Thanks, Amul From: Andreas Tille Date: Sunday, September 10, 2023 at 12:43 AM To: Ben Tris , 1051...@bugs.debian.org <1051...@bugs.debian.org>, Shah, Amul Subject: Re: Bug#1051562: fis-gtm: uploader email adres maybe invalid Hi Amul, I did not had any problems to reach you under this e-mail address. Please confirm it is valid and also confirm you are working on packaging the latest upstream release. Kind regards Andreas. Am Sat, Sep 09, 2023 at 10:20:40PM +0200 schrieb Ben Tris: > Package: fis-gtm > Severity: minor > X-Debbugs-Cc: benatt...@gezapig.nl, m...@qa.debian.org > > Dear Maintainer, > > The email under uploader Amul Shah is now > this is not found in qa. > I could not find more info. > > > -- System Information: > Debian Release: 12.1 > APT prefers stable-updates > APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, > 'stable') > Architecture: amd64 (x86_64) > > Kernel: Linux 6.1.0-11-amd64 (SMP w/4 CPU threads; PREEMPT) > Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not > set > Shell: /bin/sh linked to /usr/bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > Versions of packages fis-gtm depends on: > pn fis-gtm-7.0 > > fis-gtm recommends no packages. > > fis-gtm suggests no packages. > > ___ > Debian-med-packaging mailing list > debian-med-packag...@alioth-lists.debian.net > https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Falioth-lists.debian.net%2Fcgi-bin%2Fmailman%2Flistinfo%2Fdebian-med-packaging=05%7C01%7Camul.shah%40fisglobal.com%7Ca29fbad1bd6c49d96b8f08dbb1b86cbc%7Ce3ff91d834c84b15a0b418910a6ac575%7C0%7C0%7C638299177889349381%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=oqLX4bXfEbjr3UhpX8IUD%2Bdy5AqNsccLBXzFUW35Qfc%3D=0<https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-med-packaging> > -- https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Ffam-tille.de%2F=05%7C01%7Camul.shah%40fisglobal.com%7Ca29fbad1bd6c49d96b8f08dbb1b86cbc%7Ce3ff91d834c84b15a0b418910a6ac575%7C0%7C0%7C638299177889349381%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=2OJBpIPvJ7j2Vgyzxju94OTS1eftsFMmpBAB2lHxdtc%3D=0<http://fam-tille.de/> The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.
Bug#921781: fis-gtm: FTBFS (dh_auto_configure fails)
Thank you for the patch! We encountered the same problem with the deprecation of icu-config. I will fix the upstream source ASAP. Best Regards, Amul The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.
Bug#891298: fis-gtm: Incomplete debian/copyright?
Chris, Thanks for bringing this to my attention. Does the following meet the standards? I looked at https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/#files-field and giggled for various examples. Files: sr_port/md5hash.c Copyright: none License: public-domain Comment: There are multiple comments in the file declaring no claim of copyright on the file Thanks, Amul PS forgive the awful Outlook formatting. -Original Message- From: Chris Lamb [mailto:la...@debian.org] Sent: Saturday, February 24, 2018 11:52 AM To: sub...@bugs.debian.org Subject: Bug#891298: fis-gtm: Incomplete debian/copyright? Source: fis-gtm Version: 6.3-003A-1 Severity: serious Justication: Policy 12.5 X-Debbugs-CC: Amul ShahHi, I just ACCEPTed fis-gtm from NEW but noticed it was missing attribution in debian/copyright for at least md5hash.c. Please clarify the situation in debian/copyright. This is not exhaustive so please check over the entire package carefully - especially that directory for code copies - and address these on your next upload. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.
Bug#856984: fis-gtm: please enable openssl support
Hi Sebastian, From: Sebastian Andrzej Siewior [mailto:sebast...@breakpoint.cc] Sent: Thursday, December 14, 2017 9:08 AM On 2017-12-13 08:33:02 [+0100], Andreas Tille wrote: >> On Wed, Mar 29, 2017 at 08:50:57PM +, Shah, Amul wrote: > somehow this email never reached me or I skipped it by accident. [amul] I blame the Outlook formatting! It would make anyone not want to read email! ;) >> > If I understood your question correctly, you are asking for the fis-gtm >> > package to either enable openssl OR drop the libssl-dev requirement. >> > >> > We dropped the openssl using encryption plugin libraries from the >> > distributed package because of the "openssl advertising clause". To work >> > around the advertising clause, we distribute our encryption plugin >> > libraries as source, letting the end users that desire encryption support >> > compile it for themselves. So we can't enable openssl. >> > >> > The fis-gtm package builds the encryption plugin sources as a >> > compatibility test build. That compatibility test build alerted us to the >> > upcoming changes in openssl 1.1. So we won't drop the libssl-dev >> > requirement. >> > >> > If the above makes sense, I would like to close this bug. If you have some >> > other option, let me know. > >That makes sense. I wanted to ensure that you don't depend on it for no reason >or that openssl support is disabled because the new openssl is not properly >detected (we had both cases it the past). If I remember correctly, then I >could not find a difference to build and without libssl-dev and the changelog >said that encryption was temporary disabled (or something like that). [amul] Understood and I agree with your stance. There is no need for dependencies that get in the way of moving forward. >If you are saying that as part of the build process you do use openssl and >that the build would fail if the openssl library would have changed/ became >incompatible for the source you distribute then this is fine. [amul] That is what I am saying. Can we close this bug? Thanks - Amul The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.
Bug#882985: Patches that fix #882985
The attached patches were produced from the changes that enhance the gpg-agent and libgcrypt to add an "Option to auto-increase secmem in gpg-agent" (https://dev.gnupg.org/T3530). These patches apply to gnupg2-2.2.3-1 and libgcrypt20-1.8.1-4. The fis-gtm package (https://tracker.debian.org/pkg/fis-gtm) requires these changes to fix a deficiency in the gpg-agent. Thanks, Amul The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. libgcrypt-auto-expand-secmem.patch Description: libgcrypt-auto-expand-secmem.patch gnupg-auto-expand-secmem.patch Description: gnupg-auto-expand-secmem.patch
Bug#881368: fis-gtm: please switch build-dep from libconfig8-dev to libconfig-dev
Hi Andreas/Mattia, From: Andreas Tille [mailto:ti...@debian.org] Sent: Monday, November 20, 2017 10:52 PM Hi Mattia, On Fri, Nov 10, 2017 at 09:09:16PM +0100, Mattia Rizzolo wrote: > Version: 6.3-002-3 > Severity: serious > > I'm about to upload a libconfig dropping this transitional package, > please update fis-gtm. Fis-gtm Build-Depends: libconfig-dev | libconfig8-dev. In how far is it serious to drop the second alternative? Kind regards Andreas. [amul] GT.M works fine with the latest libconfig. There is no need to include the transitional package. I will make the necessary changes to the fis-gtm package control file. [amul] Thanks, Amul [amul] Please excuse what Outlook does to this email. The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.
Bug#856984: fis-gtm: please enable openssl support
If I understood your question correctly, you are asking for the fis-gtm package to either enable openssl OR drop the libssl-dev requirement. We dropped the openssl using encryption plugin libraries from the distributed package because of the "openssl advertising clause". To work around the advertising clause, we distribute our encryption plugin libraries as source, letting the end users that desire encryption support compile it for themselves. So we can't enable openssl. The fis-gtm package builds the encryption plugin sources as a compatibility test build. That compatibility test build alerted us to the upcoming changes in openssl 1.1. So we won't drop the libssl-dev requirement. If the above makes sense, I would like to close this bug. If you have some other option, let me know. Thanks, Amul The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.
Bug#775302: [fis-gtm] UTF-8 libgtmutils.so in fis-gtm-6.2-000 is missing routines
[top posting, sorry] Hi Andreas, No, the bug has not been fixed. I'm still working on understand what broke. I patched the latest version to log more information. I'm hoping that will help me understand what went wrong. Amul From: Andreas Tille [andr...@fam-tille.de] Sent: Tuesday, January 27, 2015 2:20 AM To: Shah, Amul; 775...@bugs.debian.org Subject: Re: Bug#775302: [fis-gtm] UTF-8 libgtmutils.so in fis-gtm-6.2-000 is missing routines Hi Amul, is this issue fixed with the last upload. I simply forgot to ask before sponsoring. If yes, usually the bug should be closed in the changelog. Now we can do it manually. Kind regards Andreas. On Tue, Jan 13, 2015 at 04:05:45PM -0500, Amul Shah wrote: Package: fis-gtm Version: 6.2-000-1 Severity: important A user reported the following on comp.lang.mumps: When starting gtm with gtm_chset=UTF-8 i get the following error: (the error does not occur in m-mode) %GTM-E-ZLINKFILE, Error while zlinking %XCMD %GTM-E-FILENOTFND, File %XCMD not found Any hints? I found an old discussion linking this to a missing/incomplete gtmroutines environment variable, but that one seems to be correct As an upstream fis-gtm developer, I was confused since this bug is not present in the package that I built on my Debian 7 stable workstation. However, when I picked up the package from https://urldefense.proofpoint.com/v2/url?u=https-3A__packages.debian.org_sid_fis-2Dgtm-2D6.2-2D000d=AAIBAgc=3BfiSO86x5iKjpl2b39jud9R1NrKYqPq2js90dwBswkr=9ssj4QMqXvXerR0OPzrgsqFDldUsqMEK5X4uhRXsy2Qm=MR6G-OO0DRjlpTLGPNX7tQLsWOFcLkzLU6MZAW-XHlcs=4l0YA-iH0qqS6x6k9076pU3XXxBCjHDVQ2drJUovClQe= , I was able to recreate the error. There seems to be a problem with the creation of the UTF-8 mode libgtmutil.so. Upstream is tracking the issue as GTM-8041. This is the M mode test case which works: $ . /usr/lib/x86_64-linux-gnu/fis-gtm/V6.2-000_x86_64/gtmprofile $ ls $gtm_dist/[_A-Z][A-Z]*.m | sed -e 's;/usr/lib/x86_64-linux-gnu/fis-gtm/V6.2-000_x86_64/;set ln=^;' -e 's;\.m.*$; write ln, was ,$select($length($text(@ln)):,1:not ),found;' -e 's;_;%;' | $gtm_dist/mumps -direct ; echo $gtmroutines ... prints mostly ^XYZ was found except for GDE routines which is normal ... This is the UTF-8 mode test case which does not work $ . /usr/lib/x86_64-linux-gnu/fis-gtm/V6.2-000_x86_64/utf8/gtmprofile $ ls $gtm_dist/[_A-Z][A-Z]*.m | sed -e 's;/usr/lib/x86_64-linux-gnu/fis-gtm/V6.2-000_x86_64/utf8/;set ln=^;' -e 's;\.m.*$; write ln, was ,$select($length($text(@ln)):,1:not ),found;' -e 's;_;%;' | $gtm_dist/mumps -direct ; echo $gtmroutines ... prints only ^XYZ was not found ... Amul _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ Debian-med-packaging mailing list debian-med-packag...@lists.alioth.debian.org https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.alioth.debian.org_cgi-2Dbin_mailman_listinfo_debian-2Dmed-2Dpackagingd=AAIBAgc=3BfiSO86x5iKjpl2b39jud9R1NrKYqPq2js90dwBswkr=9ssj4QMqXvXerR0OPzrgsqFDldUsqMEK5X4uhRXsy2Qm=MR6G-OO0DRjlpTLGPNX7tQLsWOFcLkzLU6MZAW-XHlcs=6gB3iYNB4wROoe2jHssFbEpq5GFnHtKsYPJjwHL4QVke= -- https://urldefense.proofpoint.com/v2/url?u=http-3A__fam-2Dtille.de_d=AAIBAgc=3BfiSO86x5iKjpl2b39jud9R1NrKYqPq2js90dwBswkr=9ssj4QMqXvXerR0OPzrgsqFDldUsqMEK5X4uhRXsy2Qm=MR6G-OO0DRjlpTLGPNX7tQLsWOFcLkzLU6MZAW-XHlcs=WGWqyMw53X8d32GQd0lscGrZEccfcl3AFAfdg27_6RAe= _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org