Re: request to upload update-inetd 4.38+nmu1+squeeze1
Hi Adam, On Mon, Sep 12, 2011 at 07:33:47PM +0100, Adam D. Barratt wrote [edited]: On Sun, 2011-09-11 at 22:22 +0200, Serafeim Zanikolas wrote: update-inetd parses successfully the /proc/pid/stat file of inetd only when the latter comes from the default Provides: inet-superserver package (ie. openbsd-inetd) but fails to do so for inetutils-inetd and rlinetd. What about xinetd? The patched code is within an inetd-specific (read: non-xinetd) if clause for sending a SIGHUP. That's never the case for xinetd[0] which is restarted via invoke-rc.d instead. thanks, sez [0] xinetd is only partially supported by update-inetd; that's one of the things DEP9 aims to improve -- Every great idea is worthless without someone to do the work. --Neil Williams -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110913090347.GE3458@mobee
[SRM] proposed stable update ca-certificates
Hi, There have been no furhter folluwups on the ca-certificates version number reuse thread for a while now. My conclusion is that we need to prepare an upload targeted at stable to ensure the change is also included in the point release, on cd's etc. I've attached my proposed change. Please review and let me know if I can upload. Cheers, Thijsdiff -Nru ca-certificates-20090814+nmu3/debian/changelog ca-certificates-20090814+nmu3squeeze1/debian/changelog --- ca-certificates-20090814+nmu3/debian/changelog 2011-08-31 04:37:45.0 +0200 +++ ca-certificates-20090814+nmu3squeeze1/debian/changelog 2011-09-13 11:32:01.0 +0200 @@ -1,3 +1,11 @@ +ca-certificates (20090814+nmu3squeeze1) stable; urgency=low + + * Non-maintainer upload. + * No-change upload with incremented version number to avoid a +version number conflict with '20090814+nmu3'. + + -- Thijs Kinkhorst th...@debian.org Tue, 13 Sep 2011 11:29:21 +0200 + ca-certificates (20090814+nmu3) squeeze-security; urgency=high * Non-maintainer upload by the Security Team.
Re: Bug#598957: NMU of mdadm for squeeze-proposed-upates
On Sat, Aug 27, 2011 at 02:55:50PM +0200, Philipp Kern wrote:
On Mon, Jun 06, 2011 at 12:59:09PM +0100, Dominic Hargreaves wrote:
+1 for this patch to be applied in stable. Apart from the inconvenience
of being emailed by all your Debian systems using mdadm once a month,
sending people an email about a normal situation is likely to mean that
people miss the occasion when something isn't normal.
This is still unfixed in sid, though.
Indeed so.
In any case, since I have rolled this out on some servers I manage,
I thought I may as well confirm that a patch (attached) adopted from
http://anonscm.debian.org/gitweb/?p=pkg-mdadm/mdadm.git;a=commit;h=219ef9a6c6a5e6bd1747bca4d13b72ae95ff9512
applied on squeeze seems to work okay.
--
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
diff -urN mdadm-3.1.4/debian/checkarray mdadm-3.1.4.fixed//debian/checkarray
--- mdadm-3.1.4/debian/checkarray 2010-09-03 09:44:09.0 +0100
+++ mdadm-3.1.4.fixed//debian/checkarray 2011-08-10 17:08:34.0 +0100
@@ -193,7 +193,7 @@
wait=$((wait - 1))
resync_pid=$(ps -ef | awk -v dev=$array 'BEGIN { pattern = ^\\[ dev _resync]$ } $8 ~ pattern { print $2 }')
if [ -n $resync_pid ]; then
- echo $PROGNAME: I: selecting $ionice I/O scheduling class for resync of $array. 2
+ [ $quiet -lt 1 ] echo $PROGNAME: I: selecting $ionice I/O scheduling class for resync of $array. 2
ionice -p $resync_pid $arg
break
fi
Re: [SRM] proposed stable update ca-certificates
On Tuesday 13 September 2011 04:37:56 Thijs Kinkhorst wrote: There have been no furhter folluwups on the ca-certificates version number reuse thread for a while now. My conclusion is that we need to prepare an upload targeted at stable to ensure the change is also included in the point release, on cd's etc. I was waiting for ftp-master's response, but they seem to be busy lately. I've attached my proposed change. Please review and let me know if I can upload. I think it needs to be uploaded via the sec archive, and the +nmu3 version removed from it. IIRC when syncing sec-master to ftp-master all versions are copied. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201109131238.25022.geiss...@debian.org
Re: Bug#598957: NMU of mdadm for squeeze-proposed-upates
On 13.09.2011 19:01, Dominic Hargreaves wrote: [] This is still unfixed in sid, though. Indeed so. In any case, since I have rolled this out on some servers I manage, I thought I may as well confirm that a patch (attached) adopted from http://anonscm.debian.org/gitweb/?p=pkg-mdadm/mdadm.git;a=commit;h=219ef9a6c6a5e6bd1747bca4d13b72ae95ff9512 applied on squeeze seems to work okay. We're preparing upload of new (upstream) version to unstable. Once it hits testing we'll request a stable update for squeeze. Thanks, /mjt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4e6f978e.7090...@msgid.tls.msk.ru
Re: Upcoming Point Releases
On Sun, 2011-09-11 at 23:59 +0100, Ben Hutchings wrote: On Wed, 2011-09-07 at 21:30 +0200, Philipp Kern wrote: For Squeeze it would be cool to have the kernel in for testing end of next week (16/17th). The d-i upload should be there the middle of week 39, October 1st at the latest. [...] I believe we're now ready to do the kernel update, having got most of the security fixes done separately. I'm going to start a build now and intend to upload tomorrow unless I hear any objection to this (or I find a problem myself). Nobody appears to have objected, and it was uploaded. I've just marked the upload for acceptance at the next dinstall; thanks. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1315942075.28889.3.ca...@hathi.jungle.funky-badger.org
NEW changes in proposedupdates
Processing changes file: linux-2.6_2.6.32-35squeeze1_i386.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze1_amd64.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze1_armel.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze1_ia64.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze1_mips.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze1_mipsel.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze1_powerpc.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze1_s390.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze1_sparc.changes ACCEPT Processing changes file: mantis_1.1.8+dfsg-10squeeze1_i386.changes ACCEPT Processing changes file: user-mode-linux_2.6.32-1um-4+35squeeze2_amd64.changes ACCEPT Processing changes file: user-mode-linux_2.6.32-1um-4+35squeeze2_i386.changes ACCEPT Processing changes file: linux-2.6_2.6.32-36_multi.changes ACCEPT Processing changes file: user-mode-linux_2.6.32-1um-4+35squeeze1_amd64.changes ACCEPT Processing changes file: user-mode-linux_2.6.32-1um-4+35squeeze1_i386.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze2_multi.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze2_i386.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze2_mips.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze2_mipsel.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze2_s390.changes ACCEPT Processing changes file: linux-2.6_2.6.32-35squeeze2_sparc.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1r3z55-0008be...@franck.debian.org
Re: Bug#637384: pu: package lintian/2.4.3+squeeze1
On 2011-09-11 20:56, Adam D. Barratt wrote:
On Sat, 2011-09-10 at 15:00 +0200, Niels Thykier wrote:
Sorry for the delay. I have attached the complete debdiff from 2.4.3 to
now including the extra issue and the debian/source/options magic to
make dpkg-source keep those files (mentioned above).
I have also added incremental patches from 2.4.3 to now. These
are available in the lintian-2.4.3.tar.gz (and was generated from git).
[...]
I have not uploaded the package yet; I assumed you would want a second
review given the changes to fix the checks/{etcfiles,conffiles} issue. :)
Please go ahead; thanks.
Regards,
Adam
Done. :)
~Niels
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4e6fc43d.6030...@thykier.net
release goal proposal: enable hardening build flags
Hi, I would like to propose a release goal of enabling hardening build flags[1] for all C/C++ packages in the archive[2]. For Wheezy, specific sub-goals are being chosen. The default flags are almost settled[3], additional subgoals may come up[4], and more work is needed to identify the specific packages involved in the subgoals[5], but I'd like to get the ball rolling on this as a release goal. Thanks, -Kees [1] http://wiki.debian.org/Hardening [2] http://wiki.debian.org/ReleaseGoals/Hardening [3] http://lists.debian.org/debian-dpkg/2011/09/msg00025.html [4] http://lists.debian.org/debian-devel/2011/09/msg00071.html [5] http://anonscm.debian.org/viewvc/secure-testing/hardening/subgoal-important.txt?view=log http://anonscm.debian.org/viewvc/secure-testing/hardening/subgoal-dsa.txt?view=log -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110913223829.gl4...@outflux.net
Re: release goal proposal: enable hardening build flags
On Tue, 13 Sep 2011 15:38:29 -0700 Kees Cook wrote: Hi, I would like to propose a release goal of enabling hardening build flags[1] for all C/C++ packages in the archive[2]. I think all C/C++ packages is an impossibility in the wheezy timeframe, and we should be honest about that. Something like as many C/C++ packages as possible (prioritized by packages that have had known issues in the past, and then priority, and then popularity) would be more appropriate. There will be a certain number of packages that simply won't build with all build flags at this time, and thus we won't be able to achieve that goal. We can of course change the language to use all for the release goals for some far off future release. The default flags are almost settled[3], additional subgoals may come up[4], and more work is needed to identify the specific packages involved in the subgoals[5], but I'd like to get the ball rolling on this as a release goal. I see the subgoals as the quantifiable real goals, and we need to work to define these first. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110913190113.cc9781ba.michael.s.gilb...@gmail.com
Re: release goal proposal: enable hardening build flags
On Tue, 13 Sep 2011 15:38:29 -0700 Kees Cook wrote: [1] http://wiki.debian.org/Hardening It looks like we're duplicating wiki work. The page I created yesterday is much more comprehensive and detailed right now: http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags Best wishes, Mike -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110913192410.5bf7f14e.michael.s.gilb...@gmail.com
NEW changes in oldproposedupdates
Processing changes file: mantis_1.1.6+dfsg-2lenny6_i386.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1r3ej5-0002mq...@franck.debian.org
Re: release goal proposal: enable hardening build flags
Hi, On Tue, Sep 13, 2011 at 07:24:10PM -0400, Michael Gilbert wrote: On Tue, 13 Sep 2011 15:38:29 -0700 Kees Cook wrote: [1] http://wiki.debian.org/Hardening You mean http://wiki.debian.org/ReleaseGoals/Hardening ? It looks like we're duplicating wiki work. The page I created yesterday is much more comprehensive and detailed right now: http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags That's fine; either works. Moritz started the former on the 8th, but the latter one is, as you say, more complete. We can point to the latter one. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110914031517.gv4...@outflux.net
Re: release goal proposal: enable hardening build flags
On Tue, Sep 13, 2011 at 07:01:13PM -0400, Michael Gilbert wrote: On Tue, 13 Sep 2011 15:38:29 -0700 Kees Cook wrote: I would like to propose a release goal of enabling hardening build flags[1] for all C/C++ packages in the archive[2]. I think all C/C++ packages is an impossibility in the wheezy timeframe, and we should be honest about that. Something like as many Right, of course. I thought Moritz chose that language as the final goal. The Wheezy-specific bits were the sub-goals. I see the subgoals as the quantifiable real goals, and we need to work to define these first. Agreed. -Kees -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110914034759.gx4...@outflux.net
