Re: Gnutls and secure renegotiation / CVE-2009-3555 / RFC 5746
On Tuesday 07 December 2010, Simon Josefsson wrote: But Suse has released updates for 2.4.1 and 2.8.6 [2]. I have put the extracted source rpms at [3]. The patches are huge but 80% seem to be the test suite. [3] contains two versions of each, the older one is the released package and the newer one is unreleased but has additional fixes. My current feeling is that we will just skip gnutls for the first round of Lenny-DSAs that add RFC5746 support. We can reconsider later if it causes many problems for users. Therefore patching squeeze has definitely higher priority. If you have time, it would be great if you could look at the patches. If back-ported patches are contributed back upstream (this is the first time I heard about Suse's work) we can do an semi-official The release happened only a few days ago. release for 2.8.x with the renegotiation support. However I don't have any free time to do serious checking of the old 2.8.x branch, so it will be all up to whoever does the work here to make sure it is working correctly. OK. I think the best way forward is this: - We will not include gnutls in the first round of RFC5746-DSAs for Lenny, which I hope to release before Christmas. - gnutls in squeeze will be updated by backport to 2.8.6 rather than by upgrading to 2.10. This will happen as soon as someone has the time to do the testing. IMHO, this can also be done in a DSA or point release and should not delay squeeze's release. - When the backport+testing for 2.8.6 is done, we can decide about what to do with 2.4.2 in Lenny. Cheers, Stefan -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201012080907.30957...@sfritsch.de
Re: Bug#596899: Please unblock ia32-libs/20101012
Hi! Am 07.12.2010 18:01, schrieb Goswin von Brederlow: Uploading ia32-libs-core_20101207_source to mentors. Sponsors welcome. That one FTBFS for me with: dh_builddeb -s dh_builddeb: You asked that all arch in(dep) packages be built, but there are none of that type. dpkg-genchanges ../ia32-libs-core_20101207_amd64.changes dpkg-genchanges: error: cannot read files list file: No such file or directory dpkg-buildpackage: error: dpkg-genchanges gave error exit status 2 E: Failed autobuilding of package Full build log available at http://people.debian.org/~tolimar/tmp/ia32-libs-core_20101207_amd64.log Best regards, Alexander -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4cff426f.2050...@debian.org
Re: Bug#596899: Please unblock ia32-libs/20101012
Hi! Am 08.12.2010 09:31, schrieb Alexander Reichle-Schmehl: That one FTBFS for me with: Sorry for the noise. I was just pointed at the fact, that this is the expected behaviour when building an ia64 package on amd64 :( Best regards, Alexander -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4cff466c.9070...@schmehl.info
Re: Is 603450 realy release critical?
On Wed, Dec 08, 2010 at 08:45:30AM +0100, Alexander Reichle-Schmehl wrote: #603450 is a bug (currently with severity grave, Justification: user security hole), as offlineimap does no ssl certificate checking. Could you explain why it should be acceptable to announce secure operation but ignore the very basic principles of it? #564690 is an old example of the same problem. There's patch floating arround, which has a major regression: It doesn't work for users of self signed certificates. From what I've seen in the bug, even you should be able to fix that. Bastian -- ... bacteriological warfare ... hard to believe we were once foolish enough to play around with that. -- McCoy, The Omega Glory, stardate unknown -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208093723.ga30...@wavehammer.waldi.eu.org
Re: Your last phamm upload in Debian unstable
Il 05/12/2010 22:01, Mehdi Dogguy ha scritto: Could you please fix this? I see two solutions 1) Upload the fix for the RC-bug to testing-proposed-updates 2) Revert the source format change in unstable and remove /usr/share/phamm/.pc. Thus, making it possible to migrate phamm from Unstable to Squeeze. I am working to provide a solution ASAP cheers Alessandro (lota) -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4cff5199.20...@nonlontano.it
Re: Is 603450 realy release critical?
Hi! Am 08.12.2010 10:37, schrieb Bastian Blank: #564690 is an old example of the same problem. So is #547092 (which has severity important). And I'm sure if we dig deep enough, we can find others as well. There's patch floating arround, which has a major regression: It doesn't work for users of self signed certificates. From what I've seen in the bug, even you should be able to fix that. If I'm ever interested in your opinion, I let you know. Alexander -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4cff593b.5010...@debian.org
Bug#606312: unblock: opendnssec/1.1.3-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package opendnssec Same reasons as for opendnssec/1.1.3-2 (#605601), but this time I have removed rebuilding *.rng files because there is an error in trang package which causes Bus error on kfreebsd-amd64 (reported as #606309) and whole build fails on kfreebsd-amd64. The *.rng files are provided by upstream and hence the regeneration in the build is not absolutely necessary. unblock opendnssec/1.1.3-3 -- System Information: Debian Release: squeeze/sid APT prefers maverick-updates APT policy: (500, 'maverick-updates'), (500, 'maverick-security'), (500, 'maverick-backports'), (500, 'maverick') Architecture: i386 (i686) Kernel: Linux 2.6.35-23-generic (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=cs_CZ.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208100949.8697.89072.report...@ookami
Re: Is 603450 realy release critical?
* Bastian Blank [2010-12-08 10:37 +0100]: On Wed, Dec 08, 2010 at 08:45:30AM +0100, Alexander Reichle-Schmehl wrote: #603450 is a bug (currently with severity grave, Justification: user security hole), as offlineimap does no ssl certificate checking. Could you explain why it should be acceptable to announce secure operation but ignore the very basic principles of it? #564690 is an old example of the same problem. Could you explain how an example of a bug with a severity set by yourself supports your point, considering that the maintainer of this package only agreed about the bugs severity because it was a regression? Carsten -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208110035.ga22...@furrball.stateful.de
Re: Bug#511582: Plan of action ?
tag 511582 squeeze-ignore kthxbye On Sun, Dec 5, 2010 at 22:23:04 +0100, Moritz Muehlenhoff wrote: IMO we should ignore this for Squeeze and proceed with removing opie after the Squeeze release. Sounds like a good plan. Cheers, Julien signature.asc Description: Digital signature
Re: Security bugfix #595248: please unblock libnusoap-php
Hi. Le mercredi 08 décembre 2010 à 19:57 +0800, Thomas Goirand (GPLHost) a écrit : On 09/08/2010 12:02 PM, Thomas Goirand wrote: Hi, That leads me to say that I would suggest any DD to *not* sponsor any package from Olivier Berger in the future, as he really had a bad attitude on this case. I now believe I shouldn't have write the above, even with strong disagreement on the technical issue (which I btw don't withdraw, but that's not the point). I hadn't noticed the original email you had sent to debian-rele...@d.o... I think it's not time to argue now that a minimal politeness would have been to CC: me when I was mentioned on such a public list, and in such a bad tone, given that you now apologize (and reading now that the responders did respond publicly in an appropriate way, IMHO). I'll try forget about this episode. I should fix the issue and do an NMU, that's it, then I'm sure it would have been ok. If someone sees this later, please do not take it into account. I sent my apologies (privately) to Olivier for this (and the rest), but I wanted to as well do it publicly. Thomas Thanks for your apologies. I hope you'll be able to contribute to Debian in a more relaxed way in the future. End of the episode, and back to work ;-) -- Olivier BERGER olivier.ber...@it-sudparis.eu http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 2048R/5819D7E8 Ingénieur Recherche - Dept INF Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France) -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1291812653.15455.21.ca...@inf-8657.int-evry.fr
Re: Security bugfix #595248: please unblock libnusoap-php
Oh, and btw, please use a proper 'from' or reply-to address if you post and eventually expect a response... Here's the message I've sent to you earlier, but which bounced on Thomas Goirand (GPLHost) tho...@goirand.nospam.fr :-/ Le mercredi 08 décembre 2010 à 13:50 +0100, Olivier Berger a écrit : Hi. Le mercredi 08 décembre 2010 à 19:57 +0800, Thomas Goirand (GPLHost) a écrit : On 09/08/2010 12:02 PM, Thomas Goirand wrote: Hi, That leads me to say that I would suggest any DD to *not* sponsor any package from Olivier Berger in the future, as he really had a bad attitude on this case. I now believe I shouldn't have write the above, even with strong disagreement on the technical issue (which I btw don't withdraw, but that's not the point). I hadn't noticed the original email you had sent to debian-rele...@d.o... I think it's not time to argue now that a minimal politeness would have been to CC: me when I was mentioned on such a public list, and in such a bad tone, given that you now apologize (and reading now that the responders did respond publicly in an appropriate way, IMHO). I'll try forget about this episode. I should fix the issue and do an NMU, that's it, then I'm sure it would have been ok. If someone sees this later, please do not take it into account. I sent my apologies (privately) to Olivier for this (and the rest), but I wanted to as well do it publicly. Thomas Thanks for your apologies. I hope you'll be able to contribute to Debian in a more relaxed way in the future. End of the episode, and back to work ;-) -- Olivier BERGER olivier.ber...@it-sudparis.eu http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 2048R/5819D7E8 Ingénieur Recherche - Dept INF Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France) -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1291816541.15455.94.ca...@inf-8657.int-evry.fr
Re: freeze exception -- bugzilla3 3.6.3.0-1
Dear Christian, Debian uses a different directory structure then upstream since years. The CVE-2010-3764 patch can not be applied as drop in because it's affect the directory structure of Debian. You have to change Debian's patches to achieve this too. Instead of loosing time changing something that is done already accept the 3.6.3.0 series. At the end it's more clear that Debian fixed those vulnerability if package version is 3.6.3.0 anyway. /Raphael 2010/12/6 Christian PERRIER bubu...@debian.org: Quoting Julien Cristau (jcris...@debian.org): On Thu, Nov 25, 2010 at 22:05:47 +, Adam D. Barratt wrote: On Thu, 2010-11-25 at 21:07 +, Adam D. Barratt wrote: $ debdiff ftp/pool/main/b/bugzilla/bugzilla_3.6.{2.0-4,3.0-2}.dsc 2/dev/null | diffstat | tail -n1 1645 files changed, 80807 insertions(+), 94494 deletions(-) A lot of that is probably ignorable as it relates to changes in CVS and .svn{,-base} files and directories (why are those even in the diff?) but at this stage of the freeze we shouldn't be having to spend significant amounts of time reviewing diffs where the patches for the required fixes amount to less than two hundred lines of nett changes. As a follow-up note, if you can identify any significant parts of the above which are likely not to be relevant to the Debian package, that would be helpful in persuading us that the unstable package should be accepted, rather than requesting a t-p-u upload with the extracted fixes. Ping. Can this be addressed or the security and RC fixes uploaded to tpu? I made an attempt yesterday after being pointed at this by Julien (I was trying to get debconf l10n fixed and uploaded a package to tpu with these fixessorry, I should have asked before). However, the build system of that package is not well known to me (upstream tarballs in the source package) and I don't know how to properly patch the sources with the two security fixes. Just naively dropping them to a newly-created debian/patches and creating debian/patches/series didn't work as expected. So, I gave up. If anyone is working on this, I would deeply appreciate if the two debconf translations that are fixed in unstable would be fixed in the tpu upload. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJM/HvVAAoJEIcvcCxNbiWo788P/iUZecyT1NCunOjIuBdk525Q vbsxBYnigr8RKGr4AuFuv6K6IegbQdIEfCHZJ7xmnwEHlqPSIUMH+GbPU9gIn0JP 7961KnHSOxZv8oDdhRFlFKs6a3vGvLtx6FqUx8Wo48LbUhC18DUPW5vmpUoCp9qz Ffvm9LwCR495oblhtL9KXMmmgEbD12Fd2CMRnL6oeOx5mdD/Uf+8YS6rZbAzh+RD dje9b8MFNs2UsUbIsTaV477DuKFEHC9gQ2Y2NtPDw/GTZ+YrwK1jezHSWo297pU6 GzIRnLq4BX7vlkfXGgu5D73BSWlZdieWkR9Rw3M2NbQGaK9HYjslW1CsWJnsVJsP DKgt5OJPnGCmqdB9bE4iSIKjWtobhoP6qEaDVyg0EQ92DpQI+7KfF9CuUUHQSGdG xKizay+SdAibQ+6HCHyaNn0uhAFMdCFdmsZia+CW80mcLkIUaiKowYo6u6F6bvcO tFh9kgvPwO+ncxuuloEChjnhGX5Oe/GXdUTr8fvi7ZrOKozCe81wOec0/OTedmmX HOfJmyEsh/sCSzabaen/iZQGuWwG9ae5dfOV21qGRV4r3xpB138TdkwLsMZ16qz4 uii7hD4hV10PD+eG/DRiZfaYWpsbuR68f94V4XedlkYRzmMds1j4vdYxaK7mL+AV wpDg0MYy6ABjh+2Gb/dw =BcvL -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktinprwcifvmjkxpmuwynysdpgzoezbdges-rh...@mail.gmail.com
Please, is it possible to give back qgis on ppc?
On the basis of final comments about #603986 a rebuild could fix the problem. -- Francesco P. Lovergine -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208153542.ga2...@mithrandir
Re: Please, is it possible to give back qgis on ppc?
On Wed, 2010-12-08 at 16:35 +0100, Francesco P. Lovergine wrote: On the basis of final comments about #603986 a rebuild could fix the problem. I was about to suggest that you should have e-mailed powe...@buildd.d.o and/or debian-wb-t...@l.d.o for this, but looking at the bug and the package status you need a binNMU rather than a give-back (as it's already built and installed) so never mind. :-) I've scheduled a binNMU on powerpc. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1291834424.15017.46.ca...@hathi.jungle.funky-badger.org
Bug#606258: unblock: distcc/3.1-3.2
On Tue, Dec 07, 2010 at 10:35:06PM +, Adam D. Barratt wrote: On Tue, 2010-12-07 at 22:25 +0100, Moritz Muehlenhoff wrote: Please unblock package distcc. It fixes another of the yet CVE-less PYTHONPATH issues. Looking at the diff, either the original code is more broken than the general case, or it's intentionally adding an empty entry to PYTHONPATH. It seems an odd choice, but part of me does wonder if it was intentional. - PYTHONPATH='$pythonpath::$PYTHONPATH' \ + PYTHONPATH='$pythonpath${PYTHONPATH:+:$PYTHONPATH}' \ Adding the NMUer and the maintainer to CC. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208183201.ga2...@galadriel.inutil.org
Re: Bug#605748: Intent to NMU or help for an l10n upload of grub2 to fix pending po-debconf l10n bugs
Hello, On Tue, Dec 07, 2010 at 11:17:14PM +0100, Julien Cristau wrote: On Sat, Dec 4, 2010 at 18:23:39 +, Colin Watson wrote: grub2 (1.98+20100804-10) unstable; urgency=low I've just unblocked this one, should go in in a couple of days, barring new RC bugs. So are those untranslated strings going to be translated now? Will there be a call for translations? Greetings Helge -- Dr. Helge Kreutzmann deb...@helgefjell.de Dipl.-Phys. http://www.helgefjell.de 64bit GNU powered gpg signed mail preferred Help keep free software libre: http://www.ffii.de/ signature.asc Description: Digital signature
Re: Bug#606327: vmmemctl missing in squeeze
Hi, On Wed Dec 08, 2010 at 19:21:50 +0100, Daniel Baumann wrote: reassign 606327 open-vm-tools severity 606327 important thanks On 12/08/2010 01:54 PM, Martin Zobel-Helas wrote: This makes the package partly unsuable right, partially, correcting severity. Please provide vmmemctl on Squeeze machines regarding open-vm-tools, according to release managers policy for unblocks, this is not possible anymore in the current state of the release. I dissagree with the severity adjustment (but leave it untouched for now). I do belive that this issue needs to be / should be fixed in Sqeeze before the release. Thus I am Cc'ing the release team so we get their input on this. Not having vmmemctl (or vmw_balloon, the new name) in Squeeze means that memory management will be broken within VMs on for VMWare hosts. This is IMHO unacceptable. Cheers Martin -- Martin Zobel-Helas zo...@debian.org | Debian System Administrator Debian GNU/Linux Developer | Debian Listmaster Public key http://zobel.ftbfs.de/5d64f870.asc - KeyID: 5D64 F870 GPG Fingerprint: 5DB3 1301 375A A50F 07E7 302F 493E FB8E 5D64 F870 -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208192403.gb1...@ftbfs.de
Re: Bug#606311: Acknowledgement (movabletype-opensource: Unspecified XSS and SQL injection vulnerabilities fixed in 4.35)
Ignoring files that have only changed SVN ID, removed files which were already ignored by debian/rules (mt-static/support/dashboard/stats) and changes which only bump the version number, we have the following changes between MTOS 4.34 and 4.35: lib/MT/App/Search.pm| 22 +- lib/MT/CMS/Tools.pm |5 - lib/MT/Template/Context/Search.pm |4 ++-- lib/MT/Template/ContextHandlers.pm | 26 -- php/extlib/ezsql/ezsql_postgres.php |2 +- php/lib/mtdb_base.php | 23 +++ php/mt.php |5 +++-- 7 files changed, 62 insertions(+), 25 deletions(-) The vulnerabilities are not described by upstream except that there is at least one XSS fix and at least one SQL injection fix. The changes can be summarised roughly as follows: lib/MT/App/Search.pm| 22 +- Input checking lib/MT/CMS/Tools.pm |5 - HTML/JS escaping lib/MT/Template/Context/Search.pm |4 ++-- URI encoding lib/MT/Template/ContextHandlers.pm | 26 -- Input checking, HTML escaping php/extlib/ezsql/ezsql_postgres.php |2 +- Modifying input checking php/lib/mtdb_base.php | 23 +++ Modifying logic to accommodate escaping php/mt.php |5 +++-- Modifying input checking Although not well documented it's clear that these changes are all security-relevant, so I propose to upload 4.3.5 to unstable and have it migrate to testing. I will go ahead with an upload to unstable this evening unless someone shouts. Patch corresponding to above diffstat attached for reference. Still TODO: assess stable. -- Dominic Hargreaves | http://www.larted.org.uk/~dom/ PGP key 5178E2A5 from the.earth.li (keyserver,web,email) diff -wurN MTOS-4.34-en//lib/MT/App/Search.pm MTOS-4.35-en//lib/MT/App/Search.pm --- MTOS-4.34-en//lib/MT/App/Search.pm 2009-12-17 08:45:12.0 + +++ MTOS-4.35-en//lib/MT/App/Search.pm 2010-11-25 09:04:37.0 + @@ -670,13 +670,14 @@ $ctx-var('datebased_archive', 1) if ($app-param('archive_type') ( $app-param('archive_type') =~ /Daily/i || $app-param('archive_type') =~ /Weekly/i || $app-param('archive_type') =~ /Monthly/i || $app-param('archive_type') =~ /Yearly/i )); -if ($app-param('author')) { +if ($app-param('author') $app-param('author') =~ /^[0-9]*$/) { require MT::Author; -my $author = MT::Author-load($app-param('author')); +if ( my $author = MT::Author-load($app-param('author')) ) { $ctx-stash('author', $author); $ctx-var('author_archive', 1); } -if ($app-param('category')) { +} +if ($app-param('category') $app-param('category') =~ /^[0-9]*$/) { require MT::Category; my $category = MT::Category-load($app-param('category')); $ctx-stash('category', $category); @@ -1004,6 +1005,8 @@ $query =~ s/'//g; } +my $can_search_by_id = $query =~ /^[0-9]*$/ ? 1 : 0; + my $lucene_struct = Lucene::QueryParser::parse_query($query); if ( 'PROHIBITED' eq $term-{type} ) { $_-{type} = 'PROHIBITED' foreach @$lucene_struct; @@ -1011,7 +1014,11 @@ # search for exact match my ($terms) -= $app-_query_parse_core( $lucene_struct, { id = 1, label = 1 }, {} ); += $app-_query_parse_core( $lucene_struct, { +( $can_search_by_id ? ( id = 1 ) : () ), +label = 1 +}, +{} ); return unless $terms @$terms; push @$terms, '-and', { @@ -1039,12 +1046,17 @@ $query =~ s/'//g; } +my $can_search_by_id = $query =~ /^[0-9]*$/ ? 1 : 0; + my $lucene_struct = Lucene::QueryParser::parse_query($query); if ( 'PROHIBITED' eq $term-{type} ) { $_-{type} = 'PROHIBITED' foreach @$lucene_struct; } my ($terms) -= $app-_query_parse_core( $lucene_struct, { id = 1, nickname = 'like' }, += $app-_query_parse_core( $lucene_struct, { +( $can_search_by_id ? ( id = 1 ) : () ), +nickname = 'like', +}, {} ); return unless $terms @$terms; push @$terms, '-and', { id = \'= entry_author_id', }; diff -wurN MTOS-4.34-en//lib/MT/CMS/Tools.pm MTOS-4.35-en//lib/MT/CMS/Tools.pm --- MTOS-4.34-en//lib/MT/CMS/Tools.pm 2009-12-16 22:59:13.0 + +++ MTOS-4.35-en//lib/MT/CMS/Tools.pm 2010-11-24 06:26:40.0 + @@ -112,6 +112,9 @@ $param ||= {}; $param-{'email'} = $app-param('email'); $param-{'return_to'} = $app-param('return_to') || $cfg-ReturnToURL || ''; +if ( $param-{recovered} ) { +$param-{return_to} = MT::Util::encode_js($param-{return_to}); +} $param-{'can_signin'} = (ref $app eq 'MT::App::CMS') ? 1 : 0;
Re: freeze exception -- bugzilla3 3.6.3.0-1
Quoting Raphael Bossek (boss...@debian.org): Dear Christian, Debian uses a different directory structure then upstream since years. The CVE-2010-3764 patch can not be applied as drop in because it's affect the directory structure of Debian. You have to change Debian's patches to achieve this too. Instead of loosing time changing something that is done already accept the 3.6.3.0 series. At the end it's more clear that Debian fixed those vulnerability if package version is 3.6.3.0 anyway. Maybe. But we're in a release freeze and, imagine that everybody follows the same reasoning: we will always end up with new upstream releases and we'll never release. It's not very good news to hear that a simple security patch isn't easy to apply to bugzilla. If that's true, how will later security updates be handled? In that specific case, anyway, the decision is in the release team hands. But not seeing signs of attempts to apply the sec fix to the existing package in testing can't make them very optimistic about further maintenance. signature.asc Description: Digital signature
Bug#606384: unblock: collectd/4.10.1-2.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package collectd. Judging by the changelog 4.10.1-1+squeeze1 and 4.10.1-2 look alike, but for some reason Steffen NMUd the unstable version. RMs, can 4.10.1-2.1 be unblocked or should this be fixed as 4.10.1-1+squeeze2 unblock collectd/4.10.1-2.1 -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208201018.5570.18360.report...@localhost.localdomain
Re: Please unblock schroot 1.4.16-1
On Tue, 2010-12-07 at 17:31 +, Roger Leigh wrote: I've made a new upload of schroot to unstable which fixes a few security- and upgrade-related bugs. The bulk of the changes are documentation (manual pages, release notes and changelogs). The code changes are tiny, but are important to have to upgrade from lenny cleanly and fully document security issues and program behaviour. Unblocked; thanks. As discussed on IRC, it's a shame that this resulted in a new translatable (and currently untranslated) string, although the fact that the string should rarely be seen and is in the program translation rather than a debconf template mitigates this slightly. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1291841088.15017.388.ca...@hathi.jungle.funky-badger.org
Re: Bug#605748: Intent to NMU or help for an l10n upload of grub2 to fix pending po-debconf l10n bugs
On Wed, Dec 08, 2010 at 08:19:02PM +0100, Helge Kreutzmann wrote: On Tue, Dec 07, 2010 at 11:17:14PM +0100, Julien Cristau wrote: On Sat, Dec 4, 2010 at 18:23:39 +, Colin Watson wrote: grub2 (1.98+20100804-10) unstable; urgency=low I've just unblocked this one, should go in in a couple of days, barring new RC bugs. So are those untranslated strings going to be translated now? Will there be a call for translations? Yes, David Prévot is organising this. -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208210154.gc12...@riva.ucam.org
Bug#606384: unblock: collectd/4.10.1-2.1
On Wed, 2010-12-08 at 21:10 +0100, Moritz Muehlenhoff wrote: Please unblock package collectd. Judging by the changelog 4.10.1-1+squeeze1 and 4.10.1-2 look alike, but for some reason Steffen NMUd the unstable version. RMs, can 4.10.1-2.1 be unblocked or should this be fixed as 4.10.1-1+squeeze2 Unfortunately it will need to go through t-p-u. Although the source packages were identical other than the changelogs, the reason that +squeeze1 was t-p-u-ed is that the collectd binary package Recommends: libesmtp6 which doesn't (and won't) exist in squeeze. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1291842197.15017.448.ca...@hathi.jungle.funky-badger.org
Bug#606390: unblock: libio-socket-ssl-perl/1.35-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package libio-socket-ssl-perl. It fixes CVE-2010-4334. If the diff between 1.33 and 1.35 is to large to unblock, we'll need a tpu upload with the security fix only, adding Salvatore to CC. unblock libio-socket-ssl-perl/1.35-1 -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208205213.10736.29850.report...@localhost.localdomain
Re: Bug#606327: vmmemctl missing in squeeze
severity 606327 grave thanks On 08/12/2010 20:24, Martin Zobel-Helas wrote: Hi, On Wed Dec 08, 2010 at 19:21:50 +0100, Daniel Baumann wrote: reassign 606327 open-vm-tools severity 606327 important thanks On 12/08/2010 01:54 PM, Martin Zobel-Helas wrote: This makes the package partly unsuable right, partially, correcting severity. Please provide vmmemctl on Squeeze machines regarding open-vm-tools, according to release managers policy for unblocks, this is not possible anymore in the current state of the release. It's RC now. You can fix it. Could you please provide a reasonable fix for this bug? Regards, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4cfff524.5060...@dogguy.org
Re: Alive
On Fri, Nov 12, 2010 at 05:10:11PM +0100, Pietro Battiston wrote: Il giorno ven, 12/11/2010 alle 13.46 +0100, Moritz Muehlenhoff ha scritto: On Mon, Nov 08, 2010 at 11:08:38AM +0100, Pietro Battiston wrote: I didn't forget this, it's just harder than I thought, in particular considering I have no cloud computing experience and account. I'm still committed to fix it (and also asked for help upstream), but have no precise idea of the time it will take. In particular, any help is appreciated. This appears to be still unfixed in current 0.4 and should be reported/ fixed upstream. Given that libcloud is already outdated, has no reverse deps and virtually no users in popcon, we should remove it from Squeeze. Please (not just you, possibly anyone who can test it), just check [1], then decide freely - I'm not necessarily against removing it, but it's apparently not that hard to keep it. Pietro, thanks for your contribution to Debian! Howeber, the deeper problem is that the maintainer himself didn't followup on this bug during the last 70 days. As such, I prefer to remove libcloud from Squeeze. A package like this needs an active maintainer, it's too volatile to rot in the archive. If you have a deeper interest in libcloud, you could pick up the maintenance of libcloud in the future. [ Adding debian-release to CC, please remove libcloud from testing for now ] Cheers, Moritz -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208205758.ga10...@galadriel.inutil.org
Re: Alive
On 08/12/2010 21:57, Moritz Muehlenhoff wrote: [ Adding debian-release to CC, please remove libcloud from testing for now ] Removal hint added. Cheers, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4cfff60c.7010...@dogguy.org
Bug#606390: unblock: libio-socket-ssl-perl/1.35-1
Hi On Wed, Dec 08, 2010 at 09:52:13PM +0100, Moritz Muehlenhoff wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package libio-socket-ssl-perl. It fixes CVE-2010-4334. If the diff between 1.33 and 1.35 is to large to unblock, we'll need a tpu upload with the security fix only, adding Salvatore to CC. unblock libio-socket-ssl-perl/1.35-1 Thanks Moritz, for filling this as bug too. I asked already for comment from release team [1], but did it not as bugreport against release.debian.org. Agree, if changes from 1.33 to 1.35 are to large to unblock, I can prepare an upload to t-p-u only containing the fix from 1.34 to 1.35. In any case I attach here the debdiff between 1.33-1 and 1.35-1 too. [1] http://lists.debian.org/debian-release/2010/12/msg00209.html Bests and thanks! Salvatore diff -Nru libio-socket-ssl-perl-1.33/Changes libio-socket-ssl-perl-1.35/Changes --- libio-socket-ssl-perl-1.33/Changes 2010-03-17 13:48:59.0 +0100 +++ libio-socket-ssl-perl-1.35/Changes 2010-12-06 08:57:39.0 +0100 @@ -1,4 +1,18 @@ +v1.35 2010.12.06 +- if verify_mode is not VERIFY_NONE and the ca_file/ca_path cannot be + verified as valid it will no longer fall back to VERIFY_NONE but throw + an error. Thanks to Salvatore Bonaccorso and Daniel Kahn Gillmor for + pointing out the problem, see also + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606058 +v1.34 2010.11.01 +- schema http for certificate verification changed to + wildcards_in_cn=1, because according to rfc2818 this is valid and + also seen in the wild +- if upgrading socket from inet to ssl fails due to handshake problems + the socket gets downgraded, but is still open. + See https://rt.cpan.org/Ticket/Display.html?id=61466 +- depreceate kill_socket, just use close() v1.33 2010.03.17 - attempt to make t/memleak_bad_handshake.t more stable, it fails for unknown reason on various systems diff -Nru libio-socket-ssl-perl-1.33/debian/changelog libio-socket-ssl-perl-1.35/debian/changelog --- libio-socket-ssl-perl-1.33/debian/changelog 2010-12-08 22:16:05.0 +0100 +++ libio-socket-ssl-perl-1.35/debian/changelog 2010-12-06 10:48:08.0 +0100 @@ -1,3 +1,27 @@ +libio-socket-ssl-perl (1.35-1) unstable; urgency=low + + * New upstream release (Closes: #606058). + * Refresh debian/copyright: Update copyright information for debian/* +packaging stanza. + + -- Salvatore Bonaccorso car...@debian.org Mon, 06 Dec 2010 10:48:05 +0100 + +libio-socket-ssl-perl (1.34-1) unstable; urgency=low + + [ Salvatore Bonaccorso ] + * Update my email address. + + [ Ansgar Burchardt ] + * Update my email address. + * Use source format 3.0 (quilt). + * Bump Standards-Version to 3.9.1. + + [ Angel Abad ] + * New upstream release + * debian/copyirght: Update license information + + -- Angel Abad angela...@gmail.com Tue, 02 Nov 2010 15:20:49 +0100 + libio-socket-ssl-perl (1.33-1) unstable; urgency=low * New upstream release diff -Nru libio-socket-ssl-perl-1.33/debian/control libio-socket-ssl-perl-1.35/debian/control --- libio-socket-ssl-perl-1.33/debian/control 2010-12-08 22:16:05.0 +0100 +++ libio-socket-ssl-perl-1.35/debian/control 2010-11-06 21:45:16.0 +0100 @@ -3,14 +3,14 @@ Priority: optional Maintainer: Debian Perl Group pkg-perl-maintain...@lists.alioth.debian.org Uploaders: gregor herrmann gre...@debian.org, - Ansgar Burchardt ans...@43-1.org, Rene Mayorga rmayo...@debian.org, + Ansgar Burchardt ans...@debian.org, Rene Mayorga rmayo...@debian.org, Antonio Radici anto...@dyne.org, - Salvatore Bonaccorso salvatore.bonacco...@gmail.com, + Salvatore Bonaccorso car...@debian.org, Angel Abad angela...@gmail.com Build-Depends: debhelper (= 7) Build-Depends-Indep: libio-socket-inet6-perl, libnet-libidn-perl, libnet-ssleay-perl (= 1.35), netbase, perl -Standards-Version: 3.8.4 +Standards-Version: 3.9.1 Homepage: http://search.cpan.org/dist/IO-Socket-SSL/ Vcs-Svn: svn://svn.debian.org/pkg-perl/trunk/libio-socket-ssl-perl/ Vcs-Browser: http://svn.debian.org/viewsvn/pkg-perl/trunk/libio-socket-ssl-perl/ diff -Nru libio-socket-ssl-perl-1.33/debian/copyright libio-socket-ssl-perl-1.35/debian/copyright --- libio-socket-ssl-perl-1.33/debian/copyright 2010-12-08 22:16:05.0 +0100 +++ libio-socket-ssl-perl-1.35/debian/copyright 2010-12-06 10:17:28.0 +0100 @@ -14,12 +14,12 @@ Copyright: 2000-2004, Davide Puricelli (evo) e...@debian.org 2000, Christian Surchi csur...@debian.org 2005-2007, Florian Ragwitz r...@debian.org - 2008-2009, Ansgar Burchardt ans...@43-1.org + 2008-2009, Ansgar Burchardt ans...@debian.org 2008-2009, gregor herrmann gre...@debian.org 2008, Mark Hymers m...@debian.org 2008, Rene Mayorga rmayo...@debian.org.sv 2009, Antonio Radici anto...@dyne.org - 2009, Salvatore Bonaccorso salvatore.bonacco...@gmail.com + 2009, 2010, Salvatore Bonaccorso car...@debian.org 2010, Angel
Re: Possible upload for libio-socket-ssl-perl to t-p-u?
On Mon, 2010-12-06 at 13:38 +0100, Salvatore Bonaccorso wrote: I just uploaded libio-socket-ssl-perl 1.35-1 to unstable fixing Bug #606058 (http://bugs.debian.org/606058) (Severity normal, tagged security). The change done by upstream is, that if the verify_mode is not VERIFY_NONE and the ca_file/ca_path cannot be verified as valid then IO::Socket::SSL will not fall back to VERIFY_NONE but at least throw an error to inform the user. The reasoning from upstream is: [...] If you would agree on it, should I prepare an upload too for t-p-u for it? The changes done by upstream are the following: Please go ahead; thanks. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1291843301.15017.504.ca...@hathi.jungle.funky-badger.org
Bug#606390: unblock: libio-socket-ssl-perl/1.35-1
On Wed, 2010-12-08 at 21:52 +0100, Moritz Muehlenhoff wrote: Please unblock package libio-socket-ssl-perl. It fixes CVE-2010-4334. If the diff between 1.33 and 1.35 is to large to unblock, we'll need a tpu upload with the security fix only, adding Salvatore to CC. Salvatore already suggested a t-p-u upload a couple of days ago, although his mail hadn't had a reply; I've just rectified that. I've no particular preference whether we close this bug or convert it to cover the t-p-u. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1291843435.15017.516.ca...@hathi.jungle.funky-badger.org
Bug#606384: unblock: collectd/4.10.1-2.1
On Wed, Dec 08, 2010 at 09:03:17PM +, Adam D. Barratt wrote: On Wed, 2010-12-08 at 21:10 +0100, Moritz Muehlenhoff wrote: Please unblock package collectd. Judging by the changelog 4.10.1-1+squeeze1 and 4.10.1-2 look alike, but for some reason Steffen NMUd the unstable version. RMs, can 4.10.1-2.1 be unblocked or should this be fixed as 4.10.1-1+squeeze2 Unfortunately it will need to go through t-p-u. Although the source packages were identical other than the changelogs, the reason that +squeeze1 was t-p-u-ed is that the collectd binary package Recommends: libesmtp6 which doesn't (and won't) exist in squeeze. Steffen, can you rebuild your NMU for t-p-u, then? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208210838.ga12...@galadriel.inutil.org
Bug#603982: unblock: unscd/0.47-1 (New Package)
On Thu, 25 Nov 2010, Don Armstrong wrote: On Thu, 25 Nov 2010, Mehdi Dogguy wrote: Moreover, it doesn't seem to fix any RC bug. unscd was made to resolve the problems seen in nscd where nscd is near useless in a system with any amount of load (see #574990 et al.) So, I'd rather keep it in sid and not unblock it. That's your decision, but considering the ease with which the package can be removed if it holds up the release at all (and the real issues with nscd that it resolves), I'd suggest revisiting this decision. Ping. Don Armstrong -- He quite enjoyed the time by himself in the mornings. The day was too early to have started going really wrong. -- Terry Pratchet _Only You Can Save Mankind_ p133 http://www.donarmstrong.com http://rzlab.ucr.edu -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208213235.gx16...@teltox.donarmstrong.com
Re: Bug#598463: Alive
Hi. I'm the maintainer. I'll readily admit I've failed miserably to track this issue appropriately. Part of it is due to some rather unfortunate e-mail filtering, but that's certainly not all. (Debian bug mail ended in a folder I didn't subscribe to, but I noticed the issue when it was first raised on the libcloud list) I've had no time to drive this issue personally, but idly following the upstream libcloud mailing list (where Pietro has done a great job trying to get things moving), there doesn't seem to be any resolution. The final e-mail in the thread (AFAIK) being this: http://mail-archives.apache.org/mod_mbox/incubator-libcloud/201011.mbox/%3caanlkti=x9nfbv7igzcakwuqoumoe-j1tk6duw3y6a...@mail.gmail.com%3e I was sort of hoping it would be resolved soon so that we could get the fix in. I didn't see much point in getting 0.4 into squeeze since this issue would remain. (Was that wrong?) I agree the issue is important. I'm not sure I personally think it warrants removal, but if that's how things are done, that's of course fine. On a more general note, I'm going to thoroughly reconsider my maintaining this package. I don't really use it anymore, and if I did, it wouldn't be on Debian, so if anyone else wants to take it over, that'd be great. If not, it'll be on a best-effort basis, were best probably isn't going to be very awesome :( -- Soren Hansen -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlkti=asj+mrf2--rj5k2sdb_dh6qbmzapecx8k8...@mail.gmail.com
Re: Please, is it possible to give back qgis on ppc?
On Wed, Dec 08, 2010 at 06:53:44PM +, Adam D. Barratt wrote: On Wed, 2010-12-08 at 16:35 +0100, Francesco P. Lovergine wrote: On the basis of final comments about #603986 a rebuild could fix the problem. I was about to suggest that you should have e-mailed powe...@buildd.d.o and/or debian-wb-t...@l.d.o for this, but looking at the bug and the package status you need a binNMU rather than a give-back (as it's already built and installed) so never mind. :-) I've scheduled a binNMU on powerpc. Yep, I never remember if a give back can be done or not once installed the same version. Thanks. -- Francesco P. Lovergine -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208213239.ga2...@frankie.is-a-geek.org
Bug#606399: unblock: grub 0.97-64
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock I only just uploaded this, but before I forget, this fixes a critical bug and I think it should go into squeeze. grub (0.97-64) unstable; urgency=low * Exit silently from zz-update-grub kernel hook if update-grub does not exist (e.g. if grub has been removed but not purged; closes: #606377). -- Colin Watson cjwat...@debian.org Wed, 08 Dec 2010 21:08:19 + diff -u grub-0.97/debian/changelog grub-0.97/debian/changelog --- grub-0.97/debian/changelog +++ grub-0.97/debian/changelog @@ -1,3 +1,10 @@ +grub (0.97-64) unstable; urgency=low + + * Exit silently from zz-update-grub kernel hook if update-grub does not +exist (e.g. if grub has been removed but not purged; closes: #606377). + + -- Colin Watson cjwat...@debian.org Wed, 08 Dec 2010 21:08:19 + + grub (0.97-63) unstable; urgency=low * Make /etc/kernel/postrm.d/zz-update-grub a real file rather than a diff -u grub-0.97/debian/kernel/zz-update-grub grub-0.97/debian/kernel/zz-update-grub --- grub-0.97/debian/kernel/zz-update-grub +++ grub-0.97/debian/kernel/zz-update-grub @@ -1,6 +1,8 @@ #! /bin/sh set -e +which update-grub /dev/null 21 || exit 0 + set -- $DEB_MAINT_PARAMS mode=${1#\'} mode=${mode%\'} Thanks, -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208215823.ge12...@riva.ucam.org
Re: Please unblock schroot 1.4.16-1
On Wed, Dec 08, 2010 at 08:44:48PM +, Adam D. Barratt wrote: On Tue, 2010-12-07 at 17:31 +, Roger Leigh wrote: I've made a new upload of schroot to unstable which fixes a few security- and upgrade-related bugs. The bulk of the changes are documentation (manual pages, release notes and changelogs). The code changes are tiny, but are important to have to upgrade from lenny cleanly and fully document security issues and program behaviour. Unblocked; thanks. As discussed on IRC, it's a shame that this resulted in a new translatable (and currently untranslated) string, although the fact that the string should rarely be seen and is in the program translation rather than a debconf template mitigates this slightly. Many thanks. I've already received updated da, de and it translations. I should hopefully be able to make a new release with all of the translations updated in the next week or so once the rest come in. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `-GPG Public Key: 0x25BFB848 Please GPG sign your mail. signature.asc Description: Digital signature
Bug#606399: marked as done (unblock: grub 0.97-64)
Your message dated Wed, 08 Dec 2010 22:12:29 + with message-id 1291846349.3331.10.ca...@hathi.jungle.funky-badger.org and subject line Re: Bug#606399: unblock: grub 0.97-64 has caused the Debian Bug report #606399, regarding unblock: grub 0.97-64 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 606399: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606399 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock I only just uploaded this, but before I forget, this fixes a critical bug and I think it should go into squeeze. grub (0.97-64) unstable; urgency=low * Exit silently from zz-update-grub kernel hook if update-grub does not exist (e.g. if grub has been removed but not purged; closes: #606377). -- Colin Watson cjwat...@debian.org Wed, 08 Dec 2010 21:08:19 + diff -u grub-0.97/debian/changelog grub-0.97/debian/changelog --- grub-0.97/debian/changelog +++ grub-0.97/debian/changelog @@ -1,3 +1,10 @@ +grub (0.97-64) unstable; urgency=low + + * Exit silently from zz-update-grub kernel hook if update-grub does not +exist (e.g. if grub has been removed but not purged; closes: #606377). + + -- Colin Watson cjwat...@debian.org Wed, 08 Dec 2010 21:08:19 + + grub (0.97-63) unstable; urgency=low * Make /etc/kernel/postrm.d/zz-update-grub a real file rather than a diff -u grub-0.97/debian/kernel/zz-update-grub grub-0.97/debian/kernel/zz-update-grub --- grub-0.97/debian/kernel/zz-update-grub +++ grub-0.97/debian/kernel/zz-update-grub @@ -1,6 +1,8 @@ #! /bin/sh set -e +which update-grub /dev/null 21 || exit 0 + set -- $DEB_MAINT_PARAMS mode=${1#\'} mode=${mode%\'} Thanks, -- Colin Watson [cjwat...@debian.org] ---End Message--- ---BeginMessage--- On Wed, 2010-12-08 at 21:58 +, Colin Watson wrote: I only just uploaded this, but before I forget, this fixes a critical bug and I think it should go into squeeze. grub (0.97-64) unstable; urgency=low * Exit silently from zz-update-grub kernel hook if update-grub does not exist (e.g. if grub has been removed but not purged; closes: #606377). Unblocked; thanks. Regards, Adam ---End Message---
Re: release team advice: chocolate-doom lock-up / OOD libsdl-mixer
On Tue, Nov 30, 2010 at 10:17:48PM +, Jon Dowland wrote: Chocolate doom (contrib) upstream has alerted me to an RC bug http://bugs.debian.org/605504. The problem is actually in libsdl-mixer1.2 and is fixed upstream. There are three possible ways to resolve this for squeeze (asides from ignoring it): snip 3. backport the fix for sdl-mixer to the current version. I've taken a wild guess that this would be the preferred solution. I uploaded an updated sdl-mixer1.2 package to experimental earlier on. I will re-upload to unstable in 1 or 2 days, if nobody shouts. -- Jon Dowland signature.asc Description: Digital signature
Re: Bug#606327: vmmemctl missing in squeeze
On 12/08/2010 10:14 PM, Mehdi Dogguy wrote: Could you please provide a reasonable fix for this bug? the correct fix is to upload open-vm-tools 8.4.2-261024. will you accept this new-old upstream release for squeeze? -- Address:Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist Email: daniel.baum...@progress-technologies.net Internet: http://people.progress-technologies.net/~daniel.baumann/ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4d000b67.3050...@debian.org
Bug#606404: RM: lgrind/3.67-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Please remove lgrind from Squeeze. It's more or less unmaintained (the maintainer didn't notice the lack of autobuild/testing migration since april and didn't followup on my pointer (which happened in october). Plus, it's non-free and virtually unused in popcon. Cheers, Moritz -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208223538.3232.85189.report...@localhost.localdomain
Bug#606406: unblock: movabletype-opensource/4.3.5+dfsg-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package movabletype-opensource This fixes security vulnerabilities, see #606311. unblock movabletype-opensource/4.3.5+dfsg-1 Many thanks, Dominic. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208224941.17658.10324.report...@callisto.ipv6.larted.org.uk
Re: Bug#404760: closed: fixed in inetutils 2:1.8-1
On Mon, 06 Dec 2010 at 05:05:54 +0100, Guillem Jover wrote: I guess the inetd se_v4mapped logical inversion fix and the “ping -w” support, both from upstream 1.8, would be important to have. My backport of making tcp/udp be v4-only already included the inversion fix as part of the conflict resolution, in fact. I've added the ping -w patch and put an updated proto-NMU here: http://git.debian.org/?p=users/smcv/qa/inetutils.git;a=shortlog;h=refs/heads/squeeze I've done some basic testing, but I don't really know what to look for in this package, so I'm not really comfortable with NMUing this without some review, and to be honest I'd prefer a maintainer upload. (I also don't have a kFreeBSD machine around to test that aspect of it.) While smoke-testing it I did notice http://bugs.debian.org/559744 (the escape character in telnet doesn't work), which seems pretty glaring, and has been open for a year. I'm somewhat surprised anyone uses this variant of telnet with that bug present (it'd certainly drive me mad), particularly with netkit-telnet and telnet-ssl both available on all release architectures too; does the inetutils version have any killer advantages? A lot of the binary packages in inetutils don't seem to have any compelling advantages over their higher-package-priority counterparts, in fact; if some of them don't work very well, might it be worth dropping some binary packages? The only thing in inetutils that seems to be particularly important is the ping implementation, for kFreeBSD's benefit (because iputils is Linux-only). But then at that point the 1.6 Debian release would be the same as the one in unstable except for the indentation changes, the header cleanups, the unconditionalization of free() calls and the argp switch ... none of which really sound like changes to make during a freeze. Regards, Simon -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208230351.ga27...@reptile.pseudorandom.co.uk
Bug#606406: marked as done (unblock: movabletype-opensource/4.3.5+dfsg-1)
Your message dated Wed, 08 Dec 2010 23:52:50 + with message-id 1291852370.3331.318.ca...@hathi.jungle.funky-badger.org and subject line Re: Bug#606406: unblock: movabletype-opensource/4.3.5+dfsg-1 has caused the Debian Bug report #606406, regarding unblock: movabletype-opensource/4.3.5+dfsg-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 606406: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606406 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package movabletype-opensource This fixes security vulnerabilities, see #606311. unblock movabletype-opensource/4.3.5+dfsg-1 Many thanks, Dominic. ---End Message--- ---BeginMessage--- On Wed, 2010-12-08 at 22:49 +, Dominic Hargreaves wrote: Please unblock package movabletype-opensource This fixes security vulnerabilities, see #606311. Unblocked; thanks. (After fighting the huge number of $Id$ updates and the 1,000 lines or so of changes which turned out to just be whitespace tweaking). Regards, Adam ---End Message---
Re: Bug#404760: closed: fixed in inetutils 2:1.8-1
Hi Simon, Simon McVittie wrote: [ping on kfreebsd] (I also don't have a kFreeBSD machine around to test that aspect of it.) If you want, you can prepare a test-case on io.d.n or asdfasdf.d.n, and me (or KiBi or aurel32) can test the stuff which needs root permissions or setuid. Another option I can imagine is to install a preliminary package containing some setuid stuff in e.g. io.d.n's experimental chroot, so that you can run the tests yourself there. Regards, Axel -- ,''`. | Axel Beckert a...@debian.org, http://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE `-| 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101208235534.gc32...@sym.noone.org
Bug#606404: marked as done (RM: lgrind/3.67-2)
Your message dated Wed, 08 Dec 2010 23:56:58 + with message-id 1291852618.3331.332.ca...@hathi.jungle.funky-badger.org and subject line Re: Bug#606404: RM: lgrind/3.67-2 has caused the Debian Bug report #606404, regarding RM: lgrind/3.67-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 606404: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606404 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Please remove lgrind from Squeeze. It's more or less unmaintained (the maintainer didn't notice the lack of autobuild/testing migration since april and didn't followup on my pointer (which happened in october). Plus, it's non-free and virtually unused in popcon. Cheers, Moritz -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash ---End Message--- ---BeginMessage--- On Wed, 2010-12-08 at 23:35 +0100, Moritz Muehlenhoff wrote: Please remove lgrind from Squeeze. It's more or less unmaintained (the maintainer didn't notice the lack of autobuild/testing migration since april and didn't followup on my pointer (which happened in october). Plus, it's non-free and virtually unused in popcon. Removal hint added. Regards, Adam ---End Message---
Bug#606427: unblock: debian-reference/2.45
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package debian-reference Basic document corrections and translation updates: debian-reference (2.45) unstable; urgency=low * Fixed typo per Mathieu Parent. Closes: #597816 * Added clearsigned gpg mail example. * xz/unxz command mentioned in Tutorial. * Fixed bashism per by Dominique Brazziel. Closes: #600016 * Updated Wikipedia URL. * Updated French translation. * Added Portguese translation by Américo Monteiro. unblock debian-reference/2.45 -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101209020405.ga7...@debian.org
Bug#606428: unblock: debian-history/2.14
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package debian-history Document corrections and translation updates. debian-history (2.14) unstable; urgency=low [ David Prévot ] * Updated French translation from Steve Petruzzello, closes: #599182 [ Osamu Aoki ] * Retroactively added note on #594538 and Lithuanian missed in 2.13. * Fixed leadership text consistency and Andrés García. -- Osamu Aoki os...@debian.org Thu, 09 Dec 2010 09:56:27 +0900 unblock debian-history/2.14 -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101209020624.ga7...@debian.org
Bug#606258: unblock: distcc/3.1-3.2
Hi, On Wed, Dec 08, 2010 at 07:32:01PM +0100, Moritz Muehlenhoff wrote: On Tue, Dec 07, 2010 at 10:35:06PM +, Adam D. Barratt wrote: Looking at the diff, either the original code is more broken than the general case, or it's intentionally adding an empty entry to PYTHONPATH. It seems an odd choice, but part of me does wonder if it was intentional. - PYTHONPATH='$pythonpath::$PYTHONPATH' \ + PYTHONPATH='$pythonpath${PYTHONPATH:+:$PYTHONPATH}' \ Adding the NMUer and the maintainer to CC. I did the NMU. I simply assumed the original code is in error: I can't imagine why the script would want the current dir in the PYTHONPATH. Regards, -Steve signature.asc Description: Digital signature
Bug#606430: unblock: puppet/2.6.2-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: freeze-exception Hello! There have been a number of issues that have come up in the puppet package that really should be included in Squeeze. The puppet packaging team have fixed them, and so I am writing to ask that you please make a freeze exception for puppet 2.6.2-3. The changes from the current version in Squeeze were made specifically with an eye towards fixing simple things, but important ones: . a remote security issue . fixing log rotation . fixing initscript that failed to remove PID file . fixing initscript to actually use the /etc/default file . include a missing binary . update logcheck rules . add missing suggests for functionality . add missing directory in puppet-common.dirs . update documentation Let me know if you have any questions, and thanks again for your hard work on Squeeze, its very appreciated! unblock puppet/2.6.2-3 -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101209045725.14245.49496.report...@algae.riseup.net
Re: Bug#598463: Alive
Um, well I could see if they would accept a patch I could make up soon... The problem is / was they closed the bug saying it was a python issue, where they didnt' even attempt to ensure that a https connection would be secured, through wrapping it in ssl, iirc. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlkti=2msuwq_f+8bcjas0dr-u2oadf=ndy-zq=o...@mail.gmail.com
Bug#606427: unblock: debian-reference/2.45
On Thu, 2010-12-09 at 11:04 +0900, Osamu Aoki wrote: Please unblock package debian-reference Basic document corrections and translation updates: debian-reference (2.45) unstable; urgency=low * Fixed typo per Mathieu Parent. Closes: #597816 * Added clearsigned gpg mail example. * xz/unxz command mentioned in Tutorial. * Fixed bashism per by Dominique Brazziel. Closes: #600016 * Updated Wikipedia URL. * Updated French translation. * Added Portguese translation by Américo Monteiro. This appears to be stuck in NEW currently. I'm guessing Added Portuguese translation means added new binary package containing Portuguese translation? Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1291877401.3331.1573.ca...@hathi.jungle.funky-badger.org
Bug#606384: unblock: collectd/4.10.1-2.1
Hi, On Wed, Dec 08, 2010 at 09:03:17PM +, Adam D. Barratt wrote: On Wed, 2010-12-08 at 21:10 +0100, Moritz Muehlenhoff wrote: Please unblock package collectd. Judging by the changelog 4.10.1-1+squeeze1 and 4.10.1-2 look alike, but for some reason Steffen NMUd the unstable version. RMs, can 4.10.1-2.1 be unblocked or should this be fixed as 4.10.1-1+squeeze2 Unfortunately it will need to go through t-p-u. Although the source packages were identical other than the changelogs, the reason that +squeeze1 was t-p-u-ed is that the collectd binary package Recommends: libesmtp6 which doesn't (and won't) exist in squeeze. Steffen, can you rebuild your NMU for t-p-u, then? Yes, I can upload to t-p-u, but not before tomorrow. If someone wants to beat me to it, feel free. Cheers, Steffen signature.asc Description: This is a digitally signed message part.
Bug#603982: unblock unscd
Good morning, we (Sysadmins at ETH Zurich) would be very happy to see unscd unblocked. nscd is broken for YEARS and nobody cared (*) about it. Don is probably the only person in the Debian area, who took responsibilty and created a VERY GOOD replacement (**). IF you haven't run a large scale LDAP infrastructure, you probably cannot understand the need for unscd. We had/have to patch all our Debian machines, because nscd is practically unusable (see various other bugs). Please, take this chance now to end this disaster once and forever. Thanks. Nico (*) Not completly true, but nobody finished the transition to unscd so far nor was pushing it like Don does with his work. (**) No, the limit of not being able to use the full caching capabilities is not making it unusable. Instead, as it is the only stable nscd version out there, it's way more than only acceptable, but a major requirement for large deployments. -- PGP key: 7ED9 F7D3 6B10 81D7 0EC5 5C09 D7DC C8E4 3187 7DF0 pgpuboghlViDr.pgp Description: PGP signature
Bug#606430: marked as done (unblock: puppet/2.6.2-3)
Your message dated Thu, 09 Dec 2010 08:27:47 +0100 with message-id 4d0084f3.6000...@dogguy.org and subject line Re: Bug#606430: unblock: puppet/2.6.2-3 has caused the Debian Bug report #606430, regarding unblock: puppet/2.6.2-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 606430: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606430 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: freeze-exception Hello! There have been a number of issues that have come up in the puppet package that really should be included in Squeeze. The puppet packaging team have fixed them, and so I am writing to ask that you please make a freeze exception for puppet 2.6.2-3. The changes from the current version in Squeeze were made specifically with an eye towards fixing simple things, but important ones: . a remote security issue . fixing log rotation . fixing initscript that failed to remove PID file . fixing initscript to actually use the /etc/default file . include a missing binary . update logcheck rules . add missing suggests for functionality . add missing directory in puppet-common.dirs . update documentation Let me know if you have any questions, and thanks again for your hard work on Squeeze, its very appreciated! unblock puppet/2.6.2-3 -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash ---End Message--- ---BeginMessage--- On 12/09/2010 05:57 AM, Micah Anderson wrote: unblock puppet/2.6.2-3 Unblocked. Regards, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ ---End Message---