Bug#1034805: #1034805 fis-gtm: CVE-2021-44496 CVE-2021-44504

2024-01-16 Thread Shah, Amul 
The CVEs listed in this bug report do NOT affect GT.M V7.0-005, the current 
Debian version listed on https://tracker.debian.org/pkg/fis-gtm. There is no 
reason for this bug report. Please close it. I will upload a newer version of 
GT.M, V7.1-002, later this month.

Thanks,
Amul
The information contained in this message is proprietary and/or confidential. 
If you are not the intended recipient, please: (i) delete the message and all 
copies; (ii) do not disclose, distribute or use the message in any manner; and 
(iii) notify the sender immediately. In addition, please be aware that any 
message addressed to our domain is subject to archiving and review by persons 
other than the intended recipient. Thank you. Message Encrypted via TLS 
connection

Bug#1051562: fis-gtm: uploader email adres maybe invalid

2023-09-11 Thread Shah, Amul 
Hi Andreas,
This email address is active. Did an email to this address bounce?

Thanks,
Amul

From: Andreas Tille 
Date: Sunday, September 10, 2023 at 12:43 AM
To: Ben Tris , 1051...@bugs.debian.org 
<1051...@bugs.debian.org>, Shah, Amul 
Subject: Re: Bug#1051562: fis-gtm: uploader email adres maybe invalid
Hi Amul,

I did not had any problems to reach you under this e-mail address.
Please confirm it is valid and also confirm you are working on packaging
the latest upstream release.

Kind regards
Andreas.

Am Sat, Sep 09, 2023 at 10:20:40PM +0200 schrieb Ben Tris:
> Package: fis-gtm
> Severity: minor
> X-Debbugs-Cc: benatt...@gezapig.nl, m...@qa.debian.org
>
> Dear Maintainer,
>
> The email under uploader Amul Shah is now
>  this is not found in qa.
> I could not find more info.
>
>
> -- System Information:
> Debian Release: 12.1
>   APT prefers stable-updates
>   APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
> 'stable')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 6.1.0-11-amd64 (SMP w/4 CPU threads; PREEMPT)
> Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not 
> set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
>
> Versions of packages fis-gtm depends on:
> pn  fis-gtm-7.0  
>
> fis-gtm recommends no packages.
>
> fis-gtm suggests no packages.
>
> ___
> Debian-med-packaging mailing list
> debian-med-packag...@alioth-lists.debian.net
> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Falioth-lists.debian.net%2Fcgi-bin%2Fmailman%2Flistinfo%2Fdebian-med-packaging=05%7C01%7Camul.shah%40fisglobal.com%7Ca29fbad1bd6c49d96b8f08dbb1b86cbc%7Ce3ff91d834c84b15a0b418910a6ac575%7C0%7C0%7C638299177889349381%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=oqLX4bXfEbjr3UhpX8IUD%2Bdy5AqNsccLBXzFUW35Qfc%3D=0<https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-med-packaging>
>

--
https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Ffam-tille.de%2F=05%7C01%7Camul.shah%40fisglobal.com%7Ca29fbad1bd6c49d96b8f08dbb1b86cbc%7Ce3ff91d834c84b15a0b418910a6ac575%7C0%7C0%7C638299177889349381%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=2OJBpIPvJ7j2Vgyzxju94OTS1eftsFMmpBAB2lHxdtc%3D=0<http://fam-tille.de/>
The information contained in this message is proprietary and/or confidential. 
If you are not the intended recipient, please: (i) delete the message and all 
copies; (ii) do not disclose, distribute or use the message in any manner; and 
(iii) notify the sender immediately. In addition, please be aware that any 
message addressed to our domain is subject to archiving and review by persons 
other than the intended recipient. Thank you.

Bug#921781: fis-gtm: FTBFS (dh_auto_configure fails)

2019-02-10 Thread Shah, Amul 
Thank you for the patch! We encountered the same problem with the deprecation 
of icu-config. I will fix the upstream source ASAP.

Best Regards,
Amul

The information contained in this message is proprietary and/or confidential. 
If you are not the intended recipient, please: (i) delete the message and all 
copies; (ii) do not disclose, distribute or use the message in any manner; and 
(iii) notify the sender immediately. In addition, please be aware that any 
message addressed to our domain is subject to archiving and review by persons 
other than the intended recipient. Thank you.

Bug#891298: fis-gtm: Incomplete debian/copyright?

2018-02-26 Thread Shah, Amul 
Chris,
Thanks for bringing this to my attention. Does the following meet the 
standards? I looked at 
https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/#files-field 
and giggled for various examples.

Files: sr_port/md5hash.c
Copyright:  none
License: public-domain
Comment:  There are multiple comments in the file declaring no claim of 
copyright on the file

Thanks,
Amul

PS forgive the awful Outlook formatting.

-Original Message-
From: Chris Lamb [mailto:la...@debian.org]
Sent: Saturday, February 24, 2018 11:52 AM
To: sub...@bugs.debian.org
Subject: Bug#891298: fis-gtm: Incomplete debian/copyright?

Source: fis-gtm
Version: 6.3-003A-1
Severity: serious
Justication: Policy 12.5
X-Debbugs-CC: Amul Shah 

Hi,

I just ACCEPTed fis-gtm from NEW but noticed it was missing attribution in 
debian/copyright for at least md5hash.c. Please clarify the situation in 
debian/copyright.

This is not exhaustive so please check over the entire package carefully - 
especially that directory for code copies - and address these on your next 
upload.


Regards,

--
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
The information contained in this message is proprietary and/or confidential. 
If you are not the intended recipient, please: (i) delete the message and all 
copies; (ii) do not disclose, distribute or use the message in any manner; and 
(iii) notify the sender immediately. In addition, please be aware that any 
message addressed to our domain is subject to archiving and review by persons 
other than the intended recipient. Thank you.

Bug#856984: fis-gtm: please enable openssl support

2017-12-14 Thread Shah, Amul 
Hi Sebastian,

From: Sebastian Andrzej Siewior [mailto:sebast...@breakpoint.cc] Sent: 
Thursday, December 14, 2017 9:08 AM
On 2017-12-13 08:33:02 [+0100], Andreas Tille wrote:
>> On Wed, Mar 29, 2017 at 08:50:57PM +, Shah, Amul wrote:
> somehow this email never reached me or I skipped it by accident.
[amul] I blame the Outlook formatting! It would make anyone not want to read 
email! ;)

>> > If I understood your question correctly, you are asking for the fis-gtm
>> > package to either enable openssl OR drop the libssl-dev requirement.
>> >
>> > We dropped the openssl using encryption plugin libraries from the
>> > distributed package because of the "openssl advertising clause". To work
>> > around the advertising clause, we distribute our encryption plugin
>> > libraries as source, letting the end users that desire encryption support
>> > compile it for themselves. So we can't enable openssl.
>> >
>> > The fis-gtm package builds the encryption plugin sources as a
>> > compatibility test build. That compatibility test build alerted us to the
>> > upcoming changes in openssl 1.1. So we won't drop the libssl-dev
>> > requirement.
>> >
>> > If the above makes sense, I would like to close this bug. If you have some
>> > other option, let me know.
>
>That makes sense. I wanted to ensure that you don't depend on it for no reason
>or that openssl support is disabled because the new openssl is not properly
>detected (we had both cases it the past). If I remember correctly, then I
>could not find a difference to build and without libssl-dev and the changelog
>said that encryption was temporary disabled (or something like that).

[amul] Understood and I agree with your stance. There is no need for
dependencies that get in the way of moving forward.

>If you are saying that as part of the build process you do use openssl and
>that the build would fail if the openssl library would have changed/ became
>incompatible for the source you distribute then this is fine.

[amul] That is what I am saying. Can we close this bug?

Thanks - Amul
The information contained in this message is proprietary and/or confidential. 
If you are not the intended recipient, please: (i) delete the message and all 
copies; (ii) do not disclose, distribute or use the message in any manner; and 
(iii) notify the sender immediately. In addition, please be aware that any 
message addressed to our domain is subject to archiving and review by persons 
other than the intended recipient. Thank you.

Bug#882985: Patches that fix #882985

2017-12-05 Thread Shah, Amul 
The attached patches were produced from the changes that enhance the gpg-agent 
and libgcrypt to add an "Option to auto-increase secmem in gpg-agent" 
(https://dev.gnupg.org/T3530). These patches apply to gnupg2-2.2.3-1 and 
libgcrypt20-1.8.1-4.

The fis-gtm package (https://tracker.debian.org/pkg/fis-gtm) requires these 
changes to fix a deficiency in the gpg-agent.

Thanks,
Amul
The information contained in this message is proprietary and/or confidential. 
If you are not the intended recipient, please: (i) delete the message and all 
copies; (ii) do not disclose, distribute or use the message in any manner; and 
(iii) notify the sender immediately. In addition, please be aware that any 
message addressed to our domain is subject to archiving and review by persons 
other than the intended recipient. Thank you.


libgcrypt-auto-expand-secmem.patch
Description: libgcrypt-auto-expand-secmem.patch


gnupg-auto-expand-secmem.patch
Description: gnupg-auto-expand-secmem.patch

Bug#881368: fis-gtm: please switch build-dep from libconfig8-dev to libconfig-dev

2017-11-21 Thread Shah, Amul 
Hi Andreas/Mattia,

From: Andreas Tille [mailto:ti...@debian.org] Sent: Monday, November 20, 2017 
10:52 PM

Hi Mattia,

On Fri, Nov 10, 2017 at 09:09:16PM +0100, Mattia Rizzolo wrote:
> Version: 6.3-002-3
> Severity: serious
>
> I'm about to upload a libconfig dropping this transitional package,
> please update fis-gtm.

Fis-gtm Build-Depends: libconfig-dev | libconfig8-dev.

In how far is it serious to drop the second alternative?

Kind regards

  Andreas.

[amul] GT.M works fine with the latest libconfig. There is no need to include 
the transitional package. I will make the necessary changes to the fis-gtm 
package control file.
[amul] Thanks, Amul
[amul] Please excuse what Outlook does to this email.
The information contained in this message is proprietary and/or confidential. 
If you are not the intended recipient, please: (i) delete the message and all 
copies; (ii) do not disclose, distribute or use the message in any manner; and 
(iii) notify the sender immediately. In addition, please be aware that any 
message addressed to our domain is subject to archiving and review by persons 
other than the intended recipient. Thank you.

Bug#856984: fis-gtm: please enable openssl support

2017-03-29 Thread Shah, Amul 
If I understood your question correctly, you are asking for the fis-gtm package 
to either enable openssl OR drop the libssl-dev requirement.

We dropped the openssl using encryption plugin libraries from the distributed 
package because of the "openssl advertising clause". To work around the 
advertising clause, we distribute our encryption plugin libraries as source, 
letting the end users that desire encryption support compile it for themselves. 
So we can't enable openssl.

The fis-gtm package builds the encryption plugin sources as a compatibility 
test build. That compatibility test build alerted us to the upcoming changes in 
openssl 1.1. So we won't drop the libssl-dev requirement.

If the above makes sense, I would like to close this bug. If you have some 
other option, let me know.

Thanks,
Amul

The information contained in this message is proprietary and/or confidential. 
If you are not the intended recipient, please: (i) delete the message and all 
copies; (ii) do not disclose, distribute or use the message in any manner; and 
(iii) notify the sender immediately. In addition, please be aware that any 
message addressed to our domain is subject to archiving and review by persons 
other than the intended recipient. Thank you.

Bug#775302: [fis-gtm] UTF-8 libgtmutils.so in fis-gtm-6.2-000 is missing routines

2015-01-27 Thread Shah, Amul 
[top posting, sorry]
Hi Andreas,
No, the bug has not been fixed. I'm still working on understand what broke. I 
patched the latest version to log more information. I'm hoping that will help 
me understand what went wrong.

Amul


From: Andreas Tille [andr...@fam-tille.de]
Sent: Tuesday, January 27, 2015 2:20 AM
To: Shah, Amul; 775...@bugs.debian.org
Subject: Re: Bug#775302: [fis-gtm] UTF-8 libgtmutils.so in fis-gtm-6.2-000 is 
missing routines

Hi Amul,

is this issue fixed with the last upload.  I simply forgot to ask before
sponsoring.  If yes, usually the bug should be closed in the changelog.
Now we can do it manually.

Kind regards

Andreas.

On Tue, Jan 13, 2015 at 04:05:45PM -0500, Amul Shah wrote:
 Package: fis-gtm
 Version: 6.2-000-1
 Severity: important

 A user reported the following on comp.lang.mumps:
 When starting gtm with gtm_chset=UTF-8 i get the following error:
 (the error does not occur in m-mode)
 
 %GTM-E-ZLINKFILE, Error while zlinking %XCMD
 %GTM-E-FILENOTFND, File %XCMD not found
 
 Any hints? I found an old discussion linking this to a missing/incomplete
 gtmroutines environment variable, but that one seems to be correct

 As an upstream fis-gtm developer, I was confused since this bug is
 not present in the package that I built on my Debian 7 stable
 workstation. However, when I picked up the package from
 https://urldefense.proofpoint.com/v2/url?u=https-3A__packages.debian.org_sid_fis-2Dgtm-2D6.2-2D000d=AAIBAgc=3BfiSO86x5iKjpl2b39jud9R1NrKYqPq2js90dwBswkr=9ssj4QMqXvXerR0OPzrgsqFDldUsqMEK5X4uhRXsy2Qm=MR6G-OO0DRjlpTLGPNX7tQLsWOFcLkzLU6MZAW-XHlcs=4l0YA-iH0qqS6x6k9076pU3XXxBCjHDVQ2drJUovClQe=
  , I was able to
 recreate the error.

 There seems to be a problem with the creation of the UTF-8 mode 
 libgtmutil.so. Upstream is tracking the issue as GTM-8041.

 This is the M mode test case which works:
 $ . /usr/lib/x86_64-linux-gnu/fis-gtm/V6.2-000_x86_64/gtmprofile
 $ ls $gtm_dist/[_A-Z][A-Z]*.m | sed -e
 's;/usr/lib/x86_64-linux-gnu/fis-gtm/V6.2-000_x86_64/;set ln=^;' -e
 's;\.m.*$; write ln, was ,$select($length($text(@ln)):,1:not
 ),found;' -e 's;_;%;' | $gtm_dist/mumps -direct ; echo
 $gtmroutines
 ... prints mostly ^XYZ was found except for GDE routines which is normal ...

 This is the UTF-8 mode test case which does not work
 $ . /usr/lib/x86_64-linux-gnu/fis-gtm/V6.2-000_x86_64/utf8/gtmprofile
 $ ls $gtm_dist/[_A-Z][A-Z]*.m | sed -e
 's;/usr/lib/x86_64-linux-gnu/fis-gtm/V6.2-000_x86_64/utf8/;set
 ln=^;' -e 's;\.m.*$; write ln, was
 ,$select($length($text(@ln)):,1:not ),found;' -e 's;_;%;' |
 $gtm_dist/mumps -direct ; echo $gtmroutines
 ... prints only ^XYZ was not found ...

 Amul

 _
 The information contained in this message is proprietary and/or confidential. 
 If you are not the intended recipient, please: (i) delete the message and all 
 copies; (ii) do not disclose, distribute or use the message in any manner; 
 and (iii) notify the sender immediately. In addition, please be aware that 
 any message addressed to our domain is subject to archiving and review by 
 persons other than the intended recipient. Thank you.

 ___
 Debian-med-packaging mailing list
 debian-med-packag...@lists.alioth.debian.org
 https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.alioth.debian.org_cgi-2Dbin_mailman_listinfo_debian-2Dmed-2Dpackagingd=AAIBAgc=3BfiSO86x5iKjpl2b39jud9R1NrKYqPq2js90dwBswkr=9ssj4QMqXvXerR0OPzrgsqFDldUsqMEK5X4uhRXsy2Qm=MR6G-OO0DRjlpTLGPNX7tQLsWOFcLkzLU6MZAW-XHlcs=6gB3iYNB4wROoe2jHssFbEpq5GFnHtKsYPJjwHL4QVke=


--
https://urldefense.proofpoint.com/v2/url?u=http-3A__fam-2Dtille.de_d=AAIBAgc=3BfiSO86x5iKjpl2b39jud9R1NrKYqPq2js90dwBswkr=9ssj4QMqXvXerR0OPzrgsqFDldUsqMEK5X4uhRXsy2Qm=MR6G-OO0DRjlpTLGPNX7tQLsWOFcLkzLU6MZAW-XHlcs=WGWqyMw53X8d32GQd0lscGrZEccfcl3AFAfdg27_6RAe=

_
The information contained in this message is proprietary and/or confidential. 
If you are not the intended recipient, please: (i) delete the message and all 
copies; (ii) do not disclose, distribute or use the message in any manner; and 
(iii) notify the sender immediately. In addition, please be aware that any 
message addressed to our domain is subject to archiving and review by persons 
other than the intended recipient. Thank you.


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org