Re: CVE against the fwknop package

[Franck Joncourt]

Hi Adam,

Le 11/10/2012 00:15, Adam D. Barratt a écrit :

On 10.10.2012 20:29, Franck Joncourt wrote:

I have prepared an upload for squeeze to fix the CVEs against the
2.0.0rc2 release. I have enclosed a debdiff.


I assume you meant wheezy here? squeeze has 1.9.


Yes, I meant wheezy :) Sorry for the mistake.

Regards,

--
Franck


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/50766d25.1090...@debian.org

Bug#685960: unblock: gnupg/1.4.12-5 (pre-approval)

[Thijs Kinkhorst]

On Wed, October 10, 2012 22:43, Adam D. Barratt wrote:
 On Thu, 2012-08-30 at 22:13 +0100, Adam D. Barratt wrote:
 On Mon, 2012-08-27 at 23:00 -0400, David Prévot wrote:
  Can someone from the release team please confirm that you would
 consider
  unblocking such an upload of gnupg, knowing that a udeb is involved
 too?

 After a chat with KiBi the proposed changes shouldn't have any effect on
 the content / behaviour of the udeb, so please go ahead.

 Ping?

There was some confusion about who would actually make the upload, but
this has been cleared up and I will do so this week.


Cheers,
Thijs


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/f0375553c0c3dc8b71cd20b3b17a2ad6.squir...@aphrodite.kinkhorst.nl

Processed: reopening 689606

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 reopen 689606
Bug #689606 {Done: Adam D. Barratt a...@adam-barratt.org.uk} 
[release.debian.org] unblock: mdp/3.3-1
Bug reopened
Ignoring request to alter fixed versions of bug #689606 to the same values 
previously set
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
689606: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689606
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.134994420129701.transcr...@bugs.debian.org

Bug#689606: marked as done (unblock: mdp/3.3-1)

[Debian Bug Tracking System]

Your message dated Thu, 11 Oct 2012 09:57:22 +0100
with message-id 94b9a03a6a76c3cda374462588c84...@mail.adsl.funky-badger.org
and subject line Re: reopening 689606
has caused the Debian Bug report #689606,
regarding unblock: mdp/3.3-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
689606: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689606
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package mdp

Dear Release Team,

mdp/3.3-1 fixes two FTBFS bugs -- #687408 and #689027 -- and enables
full use of python-sklearn 0.11.0 version now in wheezy -- only
versions up to 0.10 were supported until now -- see #689028.

All changes in the attached debdiff are related to the above
mentioned problems. The relatively long diff for the file CHANGES
can be safely ignored, most of those changes are already present in
mdp/3.2+git78-g7db3c50 currently in wheezy. A number of hunks
are whitespace-only changes introduced by the new python-mode in
emacs: upstream didn't feel like rebasing a public github repo just
to expunge them.

The package features a quite extensive unittests battery which is
run at build time. It passes successfully even across different
Debian and Ubuntu releases (tested on the NeuroDebian buildbots).
This gives me enough confidence to ask for the package to be
released with wheezy.

Please allow mdp/3.3-1 in testing.

Thanks,

Tiziano Zito

unblock mdp/3.3-1

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru mdp-3.2+git78-g7db3c50/CHANGES mdp-3.3/CHANGES
--- mdp-3.2+git78-g7db3c50/CHANGES	2012-04-05 16:01:52.0 +0200
+++ mdp-3.3/CHANGES	2012-09-28 14:48:39.0 +0200
@@ -1,3 +1,148 @@
+MDP-3.3:
+2012-09-19: FIX: fix error in automatic testing for MultinomialNB.
+2012-09-19: ERF: make sklearn nodes automatic testing more robust The previous
+solution was actually ignoring the special definitions in NODES.
+
+2012-09-19: FIX: disable pp support if server can not start Being able to
+import pp is not enough to be sure that pp works. For example in a
+low memory situation, the following can happen:
+
+ import pp
+ server = pp.Server()
+[...] OSError: [Errno 12] Cannot allocate memory
+
+This fix just disables pp support if the server can not be
+started.
+
+2012-06-18: FIX: Fix wrapping of sklearn 0.11 classifiers
+2012-04-17: FIX: make test_SFA2Node even more robust
+2012-04-16: FIX: make FastICANode test more robust
+2012-04-16: FIX: make test_SFA2Node more robust
+2012-04-05: FIX: fix pp_tests when run multiple times. pp tests were failing
+when run twice in a row. hugly work-around, but it seems to
+work...
+
+2012-04-05: FIX: fixed broken test_reload. test_reload was failing when called
+twice in a row.
+
+2012-04-05: FIX: fix random seed tests. The tests were failing when called
+twice in a row:
+ import mdp
+ mdp.test()
+ mdp.test() the first call was working, the second one was
+giving failures.
+
+2012-04-01: ERF: added tests for learning of bias parameters
+2012-03-26: FIX: replace third remaing test for pp_monkeypatch_dirname 
+Hopefully this will fix test suite failures.
+
+2012-03-22: FIX: Decrease the noise level in the DiscreteHopfieldClassifier.
+2012-03-22: FIX: honor MDP_DISABLE_SHOGUN env variable
+2012-03-19: FIX: fix left-over directories from testing pp. I do not know why,
+but this simple change fixes the leftover directories problem when
+testig with python-pp and pp monkey-patching. It should have
+worked even as it was before, but apparently some race condition 
+happens.
+
+2012-03-06: FIX: fix determinant of random rotation matrix determinant sign
+was wrong if dimensions of rotation matrix were odd. Thanks to
+Philip DeBoer. Actual Fix.
+
+2012-03-06: FIX: fix determinant of random rotation matrix determinant sign
+was wrong if dimensions of rotation matrix were odd. Thanks to
+Philip DeBoer. Failing Test.
+
+2012-02-13: ENH: remove 

Bug#685790: marked as done (release.debian.org: Clarify scope of missing evince mime entry RCness)

[Debian Bug Tracking System]

Your message dated Thu, 11 Oct 2012 10:48:31 +0100
with message-id 20121011094831.gi6...@halon.org.uk
and subject line 
has caused the Debian Bug report #685790,
regarding release.debian.org: Clarify scope of missing evince mime entry RCness
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
685790: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685790
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: serious

As recorded in #681687 The TC has made the following decision:

1. The Technical Committee agrees with Neil McGovern's analysis of
   the situation regarding evince's missing mime type entry.

2. If changes are desirable to our system for dealing with mime
   type entries and desktop files, including changes to policy or
   additional automation, these should be made via the usual
   development and policy amendment processes.

3. We defer to the Release Team's decision that it is now too late
   to deploy such automation in wheezy.

4. We do not disagree with the Release Team's assessment that
   the failure of the evince package to provide a mime type
   entry is a release critical bug.

5. We therefore decline to overrule the Release Team.  The bug
   remains RC against evince.

6. The release team should clarify which mime types the RC-bugginess
   applies to.  We recommend that the starting point should be those
   mime types advertised by evince via the mime system in squeeze.

Accordingly, I'm filing this bug on behalf of the TC to request that
the release team make the clarification requested in point 6.  I will
set this bug to block #658139 (the bug against evince).

Severity justification: priority inheritance from #658139.

Ian.
---End Message---
---BeginMessage---
658...@bugs.debian.org
Cc: 
Bcc: 
Subject: Clarify mime requirements
Reply-To: 

unarchive 658139
reopen 658139
thanks

Apologies for the delay in replying to this.

I'm happy with point 6 of tech-ctte resolution, that the starting point
should be those mime types advertised by evince via the mime system in
squeeze.

I attach both mime type files as a convience, for evince and evince-gtk.
If there's a reason why any particular mime type is better served by
another application in the default install, I'll be happy to hear it.

Thanks,
Neil
application/pdf; evince %s; test=test -n $DISPLAY; nametemplate=%s.pdf; 
priority=5
application/x-pdf; evince %s; test=test -n $DISPLAY; nametemplate=%s.pdf; 
priority=5
application/x-bzpdf; evince %s; test=test -n $DISPLAY; 
nametemplate=%s.pdf.bz2; priority=5
application/x-gzpdf; evince %s; test=test -n $DISPLAY; 
nametemplate=%s.pdf.gz; priority=5
application/postscript; evince %s; test=test -n $DISPLAY; nametemplate=%s.ps; 
priority=5
application/x-bzpostscript; evince %s; test=test -n $DISPLAY; 
nametemplate=%s.ps.bz2; priority=5
application/x-gzpostscript; evince %s; test=test -n $DISPLAY; 
nametemplate=%s.ps.gz; priority=5
image/x-eps; evince %s; test=test -n $DISPLAY; nametemplate=%s.eps; priority=5
image/x-bzeps; evince %s; test=test -n $DISPLAY; nametemplate=%s.eps.bz2; 
priority=5
image/x-gzeps; evince %s; test=test -n $DISPLAY; nametemplate=%s.eps.gz; 
priority=5
application/x-dvi; evince %s; test=test -n $DISPLAY; nametemplate=%s.dvi; 
priority=5
application/x-gzdvi; evince %s; test=test -n $DISPLAY; 
nametemplate=%s.dvi.gz; priority=5
application/x-bzdvi; evince %s; test=test -n $DISPLAY; 
nametemplate=%s.dvi.bz2; priority=5
image/vnd.djvu; evince %s; test=test -n $DISPLAY; nametemplate=%s.djvu; 
priority=5
image/tiff; evince %s; test=test -n $DISPLAY; nametemplate=%s.tiff; priority=5
application/x-cbr; evince %s; test=test -n $DISPLAY; nametemplate=%s.cbr; 
priority=5
application/x-cbt; evince %s; test=test -n $DISPLAY; nametemplate=%s.cbt; 
priority=5
application/x-cbz; evince %s; test=test -n $DISPLAY; nametemplate=%s.cbz; 
priority=5
application/x-cb7; evince %s; test=test -n $DISPLAY; nametemplate=%s.cb7; 
priority=5
application/vnd.sun.xml.impress; evince %s; test=test -n $DISPLAY; 
nametemplate=%s.sxd; priority=5
application/vnd.oasis.opendocument.presentation; evince %s; test=test -n 
$DISPLAY; nametemplate=%s.odp; priority=5

image/*; evince %s; test=test -n $DISPLAY; nametemplate=%s.dummy; priority=5
application/pdf; evince %s; test=test -n $DISPLAY; nametemplate=%s.pdf; 
priority=5
application/x-pdf; evince %s; test=test -n $DISPLAY; nametemplate=%s.pdf; 
priority=5
application/x-bzpdf; evince %s; test=test -n $DISPLAY; 
nametemplate=%s.pdf.bz2; 

Re: unblock boinc/7.0.34+dfsg-2

[Guo Yixuan]

Control: retitle -1 unblock boinc/7.0.36+dfsg-1

On 10/11/2012 04:41 AM, Steffen Möller wrote:
 Hello Julien,
 
 thank you for your reply.
 
  Original-Nachricht 
 Datum: Wed, 10 Oct 2012 22:16:56 +0200
 Von: Julien Cristau jcris...@debian.org
 
 On Sat, Sep  1, 2012 at 21:09:28 +0800, Guo Yixuan wrote:

 Hi,

 Is there any progress for this unblock request?

 boinc is in NEW, and we've responded to FTP Masters' (Luca and
 Ansgar) request by doing some fixes, updating boinc to 7.0.34+dfsg-2
 which conforms to FTP Masters' requirement. Now we (FTP Masters and
 BOINC team) are waiting for you comment on our unblock request.

 As the package isn't in testing I don't think ftpmaster need to wait on
 us.
 
 boinc-app-seti is (sadly) not in testing, as you said. boinc instead
 is in testing - just in a somewhat oldish (7.0.27, 5 month ago) version
 now. We would very much like to update that. 7.0.3x is tested extensively
 in the Ubuntu community, which is sharing the git repository with us. 
 Quite some user-sensative bugs are fixed in that version.

Yes, even if boinc-app-seti doen't have much hope to get into wheezy, we
still hope to have an update for boinc.

 It just feels bad when the Debian folks are doing the packaging work 
 and the Ubuntu users profit from it, not even in unstable. And we cannot
 get it into backports either.

Cheers,

Guo Yixuan


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/5076a156.9020...@gmail.com

Processed: Re: unblock boinc/7.0.34+dfsg-2

[Debian Bug Tracking System]

Processing control commands:

 retitle -1 unblock boinc/7.0.36+dfsg-1
Bug #685248 [release.debian.org] unblock: boinc/7.0.33-1 and 
boinc-app-seti/6.12~svn1385-1
Changed Bug title to 'unblock boinc/7.0.36+dfsg-1' from 'unblock: 
boinc/7.0.33-1 and boinc-app-seti/6.12~svn1385-1'

-- 
685248: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685248
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.b685248.134995183222578.transcr...@bugs.debian.org

Bug#690248: unblock: yforth/0.2.1-1

[Bdale Garbee]

Package: release.debian.org
Severity: normal

Please unblock package yforth.  This version is a new upstream release
that fixes bug #687348 which was originally filed as RC but which I
downgraded to important.  The claim was that yforth had a non-free
license, which I did not completely agree with.  But the upstream author
offered to re-license from a home-grown license to GPL v3 to eliminate
any ambiguity in his intentions.

The only other changes made by upstream were to roll in various patches
I and others had provided in the many years since the last yforth
upstream release, including a few suggestions I made on improvements to
the Makefile to allow me to enable hardening build flags, etc.

Since yforth is a leaf package that nothing else depends on, I hope you
will agree that allowing it in to wheezy even if for no other reason
than to eliminate the license freedom ambiguity pointed out in #687348
despite my downgrading of that bug to a non-RC severity is a good idea.

Thanks for considering this!

Regards,

Bdale


pgpA9rbIFtvQ6.pgp
Description: PGP signature

Bug#681717: unblock: openjpeg/1.3+dfsg-4.4

[Julien Cristau]

On Wed, Sep 26, 2012 at 20:50:52 +0200, Julien Cristau wrote:

 On Wed, Sep 19, 2012 at 01:27:15 -0400, Michael Gilbert wrote:
 
  On Thu, Aug 16, 2012 at 5:18 AM, Jon Severinsson wrote:
   Release note that this bug blocks sound from working in wine and other 
   i386
   applications on amd64 in wheezy for many configurations (including mine).
  
   That is because libopenjpeg2 is required by libavcodec53 which is 
   required by
   libasound2-plugins, which I need in both amd64 and i386 flavours to get 
   sound
   to work in both 64 and 32 bit applications.
  
  Trying this one more time since I would really like the wine sound
  situation to be of high quality with the wheezy release.
  
  Attached is a patch (diffed against testing) that reverts back to
  debhelper 5 but otherwise retains the multiarch conversion, which is
  needed to resolve said sound situation.
  
  I know this is late, and its been late, but multiarch openjpeg has
  been in unstable for over 60 days without issue related to multiarch.
  So, in my opinion its far less risky than it may seem.  But anyway I
  certainly respect alternative viewpoints.
  
  Anyway, the patch attached is for review and I will not upload without
  pre-approval.
  
 This approach looks ok to me.  I'm guessing it needs an additional patch
 for CVE-2012-3535 though.  One thing I don't understand is the comment
 about the -dbg package in the changelog.  Care to explain what the
 problem is?
 
Ping.  Does anyone still want this in wheezy, or should I just close
this bug?

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#686604: unblock (pre-approval): ipython 0.13.1

[Julien Cristau]

On Mon, Sep  3, 2012 at 20:01:12 +0200, Julian Taylor wrote:

 Hi,
 ipython upstream is going to release a bugfix only release soon which
 fixes a couple important and many minor bugs. I would like to have this
 release in wheezy if you allow it.
 Attached a debdiff of the current 0.13.1 branch which is likely not
 going change much until the release.
 
Looks fine to me.

[...]
 When the final release is done I will ping you again with the changes
 since this request.
 
I take it this hasn't happened yet?

Cheers,
Julien


signature.asc
Description: Digital signature

Re: Request for update of package capi4hylafax (with debdiff)

[Joachim Wiedorn]

Hello Julien,

Julien Cristau wrote on 2012-10-11 00:18:

 No.  For a conffile change, you modify the file that's shipped in the
 package, and dpkg handles what happens with it on install.

Then there is no way to only change the old log path into new log path.
All the other options in this file are usually changed from the admin.

Perhaps the package could give a hint about this useful change while
starting the init script? Or give a hint while upgrading?

 You still haven't explained what exact warning you're talking about...

Now I have checked this topic in detail. The warning is:

udevd-work [428]: kernel-provided name 'capi' and NAME='capi20' disagree,
 please use SYMLINK= or change the kernel to provide the proper name

But finally I have found this warning only comes in Debian Squeeze. In
Testing/Wheezy the file /lib/udev/rules.d/50-udev-default.rules does 
not have the line for capi anymore and the warning is gone. But I am
wondering why the udev config file of capi4hylafax does not triggering
the same warning.

For your info: the /dev/capi20 device will be created in the init script
of the package capiutils.

Because of this situation it would useful to create the needed link 
/dev/faxCAPI in the init script of capi4hylafax, too. And then the
capi-fax solution can be used directly after capi4hylafax were installed.

---
Have a nice day.

Joachim (Germany)


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20121011203738.77539...@jupiter.home

Bug#687614: unblock: gdebi/0.8.6 (pre-approval)

[Luca Falavigna]

tags 687614 - moreinfo
thanks


2012/10/6 Niels Thykier ni...@thykier.net:
 In the 0.8.5 code, there are a couple of places where GDebiCli.install
 returns False on error[1], which I believe python translates to 0
 leading to exit 0 with errors (and I suspect that is not what you wanted).

Good catch!
I'm attaching a new debdiff implementing a fix for the return value.


0.8.6.debdiff
Description: Binary data

Processed: tagging 687614

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 tags 687614 - moreinfo
Bug #687614 [release.debian.org] unblock: gdebi/0.8.6 (pre-approval)
Removed tag(s) moreinfo.
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
687614: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687614
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.134998251913606.transcr...@bugs.debian.org

Bug#683684: Subject: unblock: cacti/0.8.8a-4

[Paul Gevers]

On 10-10-12 21:41, Julien Cristau wrote:
 Moving things away from /usr/share/cacti/site/plugins manually means any
 update to the package won't be effective.  Is there really no better way
 of handling this?

And one more thing related to the unblock request, just in case it was
not clear already. In the current 0.8.8a-3 package, there is already the
important softlink present, but it fails to work, as the reverse
softlinks are not there and I can not create them. That is why I think
it is better to NOT provide the link, but document the situation. So
this unblock request is really to prevent failures. But do you suggest
to not ship my proposed documentation and let sys-admins install in
/usr/share/cacti/site/plugins?

Paul



signature.asc
Description: OpenPGP digital signature

Bug#687614: unblock: gdebi/0.8.6 (pre-approval)

[Niels Thykier]

On 2012-10-11 21:08, Luca Falavigna wrote:
 tags 687614 - moreinfo
 thanks
 
 
 2012/10/6 Niels Thykier ni...@thykier.net:
 In the 0.8.5 code, there are a couple of places where GDebiCli.install
 returns False on error[1], which I believe python translates to 0
 leading to exit 0 with errors (and I suspect that is not what you wanted).
 
 Good catch!
 I'm attaching a new debdiff implementing a fix for the return value.

Looks better.  :)  Feel free to go ahead.  Please ping us when it has
been in unstable for a couple of days.

~Niels


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/50771a1f.8060...@thykier.net

Re: Request for update of package capi4hylafax (with debdiff)

[Julien Cristau]

On Thu, Oct 11, 2012 at 20:37:38 +0200, Joachim Wiedorn wrote:

 Hello Julien,
 
 Julien Cristau wrote on 2012-10-11 00:18:
 
  No.  For a conffile change, you modify the file that's shipped in the
  package, and dpkg handles what happens with it on install.
 
 Then there is no way to only change the old log path into new log path.
 All the other options in this file are usually changed from the admin.
 
 Perhaps the package could give a hint about this useful change while
 starting the init script? Or give a hint while upgrading?
 
Let dpkg's conffile prompt handle that...

  You still haven't explained what exact warning you're talking about...
 
 Now I have checked this topic in detail. The warning is:
 
 udevd-work [428]: kernel-provided name 'capi' and NAME='capi20' disagree,
  please use SYMLINK= or change the kernel to provide the proper name
 
So you could leave the SYMLINK in place if you like, and drop the NAME=
bit?

Cheers,
Julien


signature.asc
Description: Digital signature

Processed: Re: Bug#686868: unblock: pcp/3.6.5

[Debian Bug Tracking System]

Processing control commands:

 tag -1 moreinfo
Bug #686868 [release.debian.org] unblock: pcp/3.6.5
Added tag(s) moreinfo.

-- 
686868: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686868
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.b686868.134998775813793.transcr...@bugs.debian.org

Bug#686868: unblock: pcp/3.6.5

[Julien Cristau]

Control: tag -1 moreinfo

On Thu, Sep  6, 2012 at 22:05:41 +0200, Moritz Muehlenhoff wrote:

 Package: release.debian.org
 Severity: normal
 
 Hi,
 please unblock pcp 3.6.5. It fixes several security issues. 
 
The shlibs information for libpcp-pmda3 needs to be updated for the new
pmdaEventNewActiveQueue function.

Cheers,
Julien


signature.asc
Description: Digital signature

Re: Bug#687049: please support EPG for freesat/ UK (BBC, ITV, etc.)

[Julien Cristau]

On Sun, Sep  9, 2012 at 00:15:43 +0100, Darren Salt wrote:

 I demand that Stefan Lippers-Hollmann may or may not have written...
 
 [snip]
  Channels on Astra 28.2°E only show EPG info for $current and $next. The
  full EPG info for the upcoming 7 days uses a different encoding scheme not
  supported by vdr. For scheduling timers or even just getting an overview of
  the current programme list, it would be very helpful to get support for
  these.
 
  I can confirm that the patch listed here
  http://linuxtv.org/pipermail/vdr/2012-April/026061.html
  http://www.realh.co.uk/vdr_freesat_freeviewhd.patch.gz
  adds support for decoding UK EPG for BBC, ITV, etc. and fills in EPG
  listings for the upcoming 7-8 days. It applies without problems to the vdr
  1.7.28-1 package and cooperates nicely with Astra 19.2°E and german/ dutch
  DVB-T channels.
 
 I can confirm that it works for Freeview HD, and I recently added it to the
 vdr packaging repository. I doubt that it'll get a freeze exception, although
 I don't see that it shouldn't on the grounds that the programme names and
 descriptions are what looks like random junk without this patch.
 
This is not the way to request a freeze exception.  Open a bug against
release.debian.org with a proposed patch and we'll look at it.

Cheers,
Julien


signature.asc
Description: Digital signature

Re: [squeeze] Re: ecm: file conflict with gmp-ecm

[Julien Cristau]

On Sun, Sep  9, 2012 at 12:44:11 -0700, Jonathan Nieder wrote:

 Bart Martens wrote:
  On Sun, Sep 09, 2012 at 11:56:16AM -0700, Jonathan Nieder wrote:
  In January, Jonathan Nieder wrote:
  Bart Martens wrote:
 
 * Renamed ecm to ecm-compress and unecm to ecm-uncompress.  Closes: 
  #580548.
 
  Is this worth fixing in squeeze?
 
  My feeling is no --- it's too risky to be renaming binaries in a
  stable release this late.  Perhaps there could be a Conflicts relation
  to warn people about the bug, though.  What do you think?
 
  I don't mind doing the renaming in squeeze as well.  On the other hand I 
  don't
  see hundreds of squeeze users complaining about this.  What is the opinion 
  of
  the Stable Release Managers ?
 
 Cc-ing them to find out.
 
Not a SRM, but I share the no feeling.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#687220: unblock: xz-utils/5.1.1alpha+20120614-2

[Julien Cristau]

On Mon, Sep 10, 2012 at 16:26:27 -0700, Jonathan Nieder wrote:

 Package: release.debian.org
 User: release.debian@packages.debian.org
 Usertags: unblock
 Tags: wheezy
 
 Hi,
 
 Unfortunately there has not been a stable release on the 5.1.y branch
 of XZ Utils.  This update is an attempt to make the best of what we
 have, by:
 
  - in existing features, matching behavior of the upstream master
branch as closely as possible
 
  - not adding any new features
 
  - documenting the relationship to upstream (patches applied
and patches not applied) in README.Debian
 
 I've been using these changes for a couple of months now.  Not
 uploaded yet, so I can make small tweaks if you have good ideas for
 some.  Diffstat with patches applied, excluding debian/patches:
 
Looks fine.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#687248: marked as done (unblock: dmraid/1.0.0.rc16-4.2)

[Debian Bug Tracking System]

Your message dated Thu, 11 Oct 2012 22:55:48 +0200
with message-id 20121011205548.gg17...@radis.cristau.org
and subject line Re: Bug#687248: unblock: dmraid/1.0.0.rc16-4.2
has caused the Debian Bug report #687248,
regarding unblock: dmraid/1.0.0.rc16-4.2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
687248: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687248
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package dmraid

This upload fixes #677450 by calling udevadm settle from
/scripts/function in the initramfs. This is a rather small and simple
fix but seems to be necessary for OP.

Other scripts in local-top currently use the same technique.

unblock dmraid/1.0.0.rc16-4.2

The debdiff between 1.0.0.rc16-4.1 (wheezy) and 1.0.0.rc16-4.2 (sid):

diff -u dmraid-1.0.0.rc16/debian/changelog dmraid-1.0.0.rc16/debian/changelog
--- dmraid-1.0.0.rc16/debian/changelog
+++ dmraid-1.0.0.rc16/debian/changelog
@@ -1,3 +1,11 @@
+dmraid (1.0.0.rc16-4.2) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Call udevadm settle before activating dmraid devices
+(Closes: #677450)
+
+ -- Ulrich Dangel u...@debian.org  Mon, 10 Sep 2012 17:35:50 +0100
+
 dmraid (1.0.0.rc16-4.1) unstable; urgency=low
 
   * Non-maintainer upload.
diff -u dmraid-1.0.0.rc16/debian/initramfs/dmraid.initramfs-local-top/dmraid 
dmraid-1.0.0.rc16/debian/initramfs/dmraid.initramfs-local-top/dmraid
--- dmraid-1.0.0.rc16/debian/initramfs/dmraid.initramfs-local-top/dmraid
+++ dmraid-1.0.0.rc16/debian/initramfs/dmraid.initramfs-local-top/dmraid
@@ -16,6 +16,9 @@
;;
 esac
 
+. /scripts/functions
+wait_for_udev 30
+
 # Activate any dmraid arrays that were not identified by udev and vol_id.
 
 if devices=$(dmraid -r -c); then


-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.5-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
---End Message---
---BeginMessage---
On Tue, Sep 11, 2012 at 08:15:00 +0100, Ulrich Dangel wrote:

 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: unblock
 
 Please unblock package dmraid
 
 This upload fixes #677450 by calling udevadm settle from
 /scripts/function in the initramfs. This is a rather small and simple
 fix but seems to be necessary for OP.
 
 Other scripts in local-top currently use the same technique.
 
 unblock dmraid/1.0.0.rc16-4.2
 
That has been in testing for a couple of weeks, closing.

Cheers,
Julien


signature.asc
Description: Digital signature
---End Message---

Bug#687487: pre-approve unblock: manpages-de/1.2-1

[Julien Cristau]

On Thu, Sep 13, 2012 at 10:23:08 +0200, Tobias Quathamer wrote:

 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: unblock
 
 Dear release managers,
 
 I'd like to upload a new upstream version of the German translation of 
 various manpages. I've added a check in the configure script to ensure 
 that the required program po4a is installed on the system. Would you 
 accept such a change for a freeze exception as well? If not, I'd revert 
 that patch upstream and release a version with translation updates only.
 
That's fine, go ahead with the upload.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#687666: unblock pre-approval: qt4-x11/4:4.8.2-3

[Julien Cristau]

On Sat, Sep 15, 2012 at 15:39:57 -0300, Lisandro Damián Nicanor Pérez Meyer 
wrote:

 On Sat 15 Sep 2012 14:21:40 Julien Cristau escribió:
  On Fri, Sep 14, 2012 at 18:05:02 -0300, Lisandro Damián Nicanor Pérez Meyer 
 wrote:
 
 [snip]
 
  I don't understand the explanation here...  
 
 OK, I'll start by stating the full history here.
 
 = Current problem
 
 There is currently a circular dependency between qdbus and libqt4-dbus. While 
 apt in Wheezy can handle this (explaining why it didn't showed before, see 
 below), apt in squeeze can't, thus making the upgrade of many qt-related 
 packages fail (RC bug #669278).
 
I find it rather hard to believe that a simple loop involving two
packages is that taxing on apt.  What's so special about this case?

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#687980: marked as done (unblock: nss-pam-ldapd/0.8.10-2)

[Debian Bug Tracking System]

Your message dated Thu, 11 Oct 2012 23:10:51 +0200
with message-id 20121011211051.gj17...@radis.cristau.org
and subject line Re: Bug#687980: unblock: nss-pam-ldapd/0.8.10-2
has caused the Debian Bug report #687980,
regarding unblock: nss-pam-ldapd/0.8.10-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
687980: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687980
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package nss-pam-ldapd.

Dear release team,

I've made an upload of nss-pam-ldapd 0.8.10-2 that includes the
following changes (from debian/changelog):

  * fix typo in comment (thanks Caleb Callaway)
  * install a ldapns.ldif in nslcd doc directory (closes: #674591)
  * ensure that time is set before starting k5start to ensure that Kerberos
ticket is granted (closes: #659227)
  * properly parse and write configuration options with an optional map
parameter during debconf configuration (LP: #1029062)

The first two points should be simple and minor changes. The third is
also a simple change that shouldn't affect the boot order too much.

The last one is the trickiest one but also the most important one. The
changes are in nslcd.config and nslcd.postinst and the changes ensure
that the base statement isn't changed when using a map-specific option.
So this isn't matched and changed any more:
  base passwd ou=people,dc=example,dc=com
but this is:
  base dc=example,dc=com
I've tested it pretty thoroughly and it should work correctly.

Attached is a debdiff between 0.8.10-1 currently in testing and
0.8.10-2.

Thanks.

unblock nss-pam-ldapd/0.8.10-2

-- 
-- arthur - adej...@debian.org - http://people.debian.org/~adejong --
diff -Nru nss-pam-ldapd-0.8.10/debian/changelog nss-pam-ldapd-0.8.10/debian/changelog
--- nss-pam-ldapd-0.8.10/debian/changelog	2012-06-29 12:29:18.0 +0200
+++ nss-pam-ldapd-0.8.10/debian/changelog	2012-08-31 23:43:09.0 +0200
@@ -1,6 +1,17 @@
+nss-pam-ldapd (0.8.10-2) unstable; urgency=low
+
+  * fix typo in comment (thanks Caleb Callaway)
+  * install a ldapns.ldif in nslcd doc directory (closes: #674591)
+  * ensure that time is set before starting k5start to ensure that Kerberos
+ticket is granted (closes: #659227)
+  * properly parse and write configuration options with an optional map
+parameter during debconf configuration (LP: #1029062)
+
+ -- Arthur de Jong adej...@debian.org  Fri, 31 Aug 2012 23:30:00 +0200
+
 nss-pam-ldapd (0.8.10-1) unstable; urgency=low
 
-  * New upstream release:
+  * new upstream release:
 - documentation improvements
 - fix a problem that causes the PAM module to prompt for a new password
   even though the old one was wrong
@@ -38,7 +49,7 @@
 - fix a problem in the handling of PAM requests in nslcd (closes: #670419)
 - install the ldapns.schema in nslcd docs (closes: #669680)
   * use the configuration file contents to determine the authentication
-type, not the debconf database (closes: #670133)
+type, not the debconf database (closes: #670133) (LP: #1000205)
   * switch PAM account type to primary because it now does all the
 authorisation checks that pam_unix also does
   * drop functionality to check whether shadow information is exposed
diff -Nru nss-pam-ldapd-0.8.10/debian/ldapns.ldif nss-pam-ldapd-0.8.10/debian/ldapns.ldif
--- nss-pam-ldapd-0.8.10/debian/ldapns.ldif	1970-01-01 01:00:00.0 +0100
+++ nss-pam-ldapd-0.8.10/debian/ldapns.ldif	2012-08-31 12:37:15.0 +0200
@@ -0,0 +1,15 @@
+# LDAP Name Service Additional Schema
+# Source: pam_ldap package by Luke Howard converted to LDIF by Slavko
+# Has not been published in Internet Draft or RFC.
+
+dn: cn=ldapns,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: ldapns
+olcAttributeTypes: {0}( 1.3.6.1.4.1.5322.17.2.1 NAME 'authorizedService' DESC
+ 'IANA GSS-API authorized service name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.
+ 1.4.1.1466.115.121.1.15{256} )
+olcObjectClasses: {0}( 1.3.6.1.4.1.5322.17.1.1 NAME 'authorizedServiceObject'
+ DESC 'Auxiliary object class for adding authorizedService attribute' SUP top
+ AUXILIARY MAY authorizedService )
+olcObjectClasses: {1}( 1.3.6.1.4.1.5322.17.1.2 NAME 'hostObject' DESC 'Auxilia
+ ry object class for adding host attribute' SUP top AUXILIARY MAY host )
diff -Nru nss-pam-ldapd-0.8.10/debian/libnss-ldapd.config nss-pam-ldapd-0.8.10/debian/libnss-ldapd.config
--- nss-pam-ldapd-0.8.10/debian/libnss-ldapd.config	2012-01-20 

Bug#682172: unblock: couchdb/1.2.0-2

[Julien Cristau]

On Sat, Sep 15, 2012 at 20:10:46 +0200, Julien Cristau wrote:

 On Tue, Aug 21, 2012 at 22:07:56 +, Laszlo Boszormenyi (GCS) wrote:
 
  On Fri, 2012-07-27 at 22:55 +0200, Julien Cristau wrote:
   On Thu, Jul 19, 2012 at 23:43:56 +, Laszlo Boszormenyi (GCS) wrote:
On new installs /var/run/couchdb is created to store the pidfile in, but
as root:root . Then the couchdb user can't store its pid there, due to
owner problems. Filed as important, but can be RC as couchdb fails to
start if can't store the pidfile.
The fix is oneliner:
+++ couchdb-1.2.0/etc/init/couchdb.tpl.in
 mkdir -p $RUN_DIR
+chown -R $COUCHDB_USER $RUN_DIR
 command=$COUCHDB -b

   Can't the pidfile be written to before dropping privs?  chown -R feels
   rather ick, I can't see why the -R should be necessary and I can see a
   few ways it could be bad.
   Agree, -R can be problematic. What about
  [ -d $RUN_DIR ] || (mkdir -p $RUN_DIR; chown $COUCHDB_USER $RUN_DIR)
  ? It would change ownership only at creation time, own that dir only to
  $COUCHDB_USER . Doesn't change anything below that directory and in
  fact, after its creation it'll be empty anyway.
  
 I guess that could work.  Can't say I like it much, but there's
 precedent for non-root-owned /var/log subdirectories, so...
 
Ping.  Is this getting fixed?

Cheers,
Julien


signature.asc
Description: Digital signature

Re: [squeeze] Re: ecm: file conflict with gmp-ecm

[Philipp Kern]

On Thu, Oct 11, 2012 at 10:43:30PM +0200, Julien Cristau wrote:
 On Sun, Sep  9, 2012 at 12:44:11 -0700, Jonathan Nieder wrote:
  Bart Martens wrote:
   On Sun, Sep 09, 2012 at 11:56:16AM -0700, Jonathan Nieder wrote:
   In January, Jonathan Nieder wrote:
   Bart Martens wrote:
  * Renamed ecm to ecm-compress and unecm to ecm-uncompress.  Closes: 
   #580548.
   Is this worth fixing in squeeze?
   My feeling is no --- it's too risky to be renaming binaries in a
   stable release this late.  Perhaps there could be a Conflicts relation
   to warn people about the bug, though.  What do you think?
   I don't mind doing the renaming in squeeze as well.  On the other hand I 
   don't
   see hundreds of squeeze users complaining about this.  What is the 
   opinion of
   the Stable Release Managers ?
  Cc-ing them to find out.
 Not a SRM, but I share the no feeling.

In any case a rename would not be acceptable. The alternative would be a policy
violating conflicts.

Interestingly gmp-ecm does conflict with ecm in wheezy, even though the file
conflict is solved.

Kind regards
Philipp Kern


signature.asc
Description: Digital signature

Re: [squeeze] Re: ecm: file conflict with gmp-ecm

[Jonathan Nieder]

Philipp Kern wrote:

 Interestingly gmp-ecm does conflict with ecm in wheezy, even though the file
 conflict is solved.

Oh, excellent.  The Conflicts is even present in squeeze.

Would you mind tagging 580548 squeeze-ignore to get it off the radar?
Then I'll file a bug for gmp-ecm to make the conflicts in wheezy
versioned.

Thanks for noticing.
Jonathan


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20121011220639.GC28947@elie.Belkin

Bug#687666: unblock pre-approval: qt4-x11/4:4.8.2-3

[Lisandro Damián Nicanor Pérez Meyer]

On Thu 11 Oct 2012 18:03:14 Julien Cristau escribió:
[snip] 
  There is currently a circular dependency between qdbus and libqt4-dbus.
  While apt in Wheezy can handle this (explaining why it didn't showed
  before, see below), apt in squeeze can't, thus making the upgrade of
  many qt-related packages fail (RC bug #669278).
 
 I find it rather hard to believe that a simple loop involving two
 packages is that taxing on apt.  What's so special about this case?

To tell you the truth, we needed to get to David Kalnischkies to understand 
the root of the problem. He proposed to solve this by breaking the circular 
dependency, I implemented and tried it and worked (and got stopped by another 
circular dependency, but this time not in our packages it seems).

If we need to get more data on why this is happening, then we need to contact 
the apt guys.

Kinds regards, Lisandro.

-- 
Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/


signature.asc
Description: This is a digitally signed message part.

Bug#687666: unblock pre-approval: qt4-x11/4:4.8.2-3

[Lisandro Damián Nicanor Pérez Meyer]

On Thu 11 Oct 2012 19:27:56 Lisandro Damián Nicanor Pérez Meyer escribió:
[snip]
  I find it rather hard to believe that a simple loop involving two
  packages is that taxing on apt.  What's so special about this case?
 
 To tell you the truth, we needed to get to David Kalnischkies to understand
 the root of the problem. He proposed to solve this by breaking the circular
 dependency, I implemented and tried it and worked (and got stopped by
 another circular dependency, but this time not in our packages it seems).
 
 If we need to get more data on why this is happening, then we need to
 contact the apt guys.

lisandro DonKult: remmeber the phonon-backend-[xine,vlc] problem svuorela 
and I were having?
lisandro well, I fixed the circular dependency and, contrary to what I 
though at first, it worked
lisandro but now jcristau is asking me how can this be happening, and I was 
justogoing to reply him: I don't know, we may need to ask apt guys :)
DonKult the only thing I remember is that -xine is gone in wheezy, but if 
everything works thats okay with me ;)
lisandro so, it seems that circular dependencies are making the squeeze → 
wheezy upgrade fail
DonKult as said earlier, changes in the dependency tree can have a dramatic 
effect on the scoring and therefore on which package wins a one and one fight. 
So everything is possible.
lisandro I just hitted another one when I fixed the qt stuff
lisandro ok

-- 
17: Cual es la funcion inicial de un antivirus
* Desarrollar virus para vender el producto
Damian Nadales
http://mx.grulic.org.ar/lurker/message/20080307.141449.a70fb2fc.es.html

Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/


signature.asc
Description: This is a digitally signed message part.

Bug#690277: unblock: claws-mail/3.8.1-2

[Ricardo Mones]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package claws-mail

This upload fixes CVE-2012-4507 (bug #690151) and includes
backported patches for 3 segfaults discovered after 3.8.1
release. Debdiff attached.

thanks in advance,

unblock claws-mail/3.8.1-2

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru claws-mail-3.8.1/debian/changelog claws-mail-3.8.1/debian/changelog
--- claws-mail-3.8.1/debian/changelog	2012-06-28 01:28:06.0 +0200
+++ claws-mail-3.8.1/debian/changelog	2012-10-12 00:13:21.0 +0200
@@ -1,3 +1,16 @@
+claws-mail (3.8.1-2) unstable; urgency=medium
+
+  * patches/99_fix_CVE-2012-4507.patch
+  - Added fix for CVE-2012-4507 from 3.8.1cvs82 (Closes: #690151),
+raised urgency because of grave bug
+  * patches/98_fix_segfault_no_utf_gpgme_strerror.patch,
+patches/97_fix_segfault_parse_parameters.patch,
+patches/96_fix_segfault_viewing_signature_info.patch
+  - Backported patches from upstream CVS fixing segfaults discovered
+after 3.8.1 release
+
+ -- Ricardo Mones mo...@debian.org  Fri, 12 Oct 2012 00:04:03 +0200
+
 claws-mail (3.8.1-1) unstable; urgency=low
 
   * New upstream release
diff -Nru claws-mail-3.8.1/debian/patches/96_fix_segfault_viewing_signature_info.patch claws-mail-3.8.1/debian/patches/96_fix_segfault_viewing_signature_info.patch
--- claws-mail-3.8.1/debian/patches/96_fix_segfault_viewing_signature_info.patch	1970-01-01 01:00:00.0 +0100
+++ claws-mail-3.8.1/debian/patches/96_fix_segfault_viewing_signature_info.patch	2012-10-12 00:13:21.0 +0200
@@ -0,0 +1,17 @@
+Subject: fix segfault viewing PGP/SMIME signature information
+From: Ricardo Mones rica...@mones.org
+Bug: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2689
+Applied-Upstream: 3.8.1cvs12
+
+diff -purN claws-mail-3.8.1.orig/src/plugins/pgpcore/sgpgme.c claws-mail-3.8.1/src/plugins/pgpcore/sgpgme.c
+--- claws-mail-3.8.1.orig/src/plugins/pgpcore/sgpgme.c	2012-06-27 11:05:23.0 +0200
 claws-mail-3.8.1/src/plugins/pgpcore/sgpgme.c	2012-10-11 23:34:46.0 +0200
+@@ -326,7 +326,7 @@ gchar *sgpgme_sigstat_info_full(gpgme_ct
+ j++;
+ user = user-next;
+ 			}
+-			g_string_append_printf(siginfo,
++			g_string_append(siginfo,
+ _(Primary key fingerprint:));
+ 			const char* primary_fpr = NULL;
+ 			if (key  key-subkeys  key-subkeys-fpr)
diff -Nru claws-mail-3.8.1/debian/patches/97_fix_segfault_parse_parameters.patch claws-mail-3.8.1/debian/patches/97_fix_segfault_parse_parameters.patch
--- claws-mail-3.8.1/debian/patches/97_fix_segfault_parse_parameters.patch	1970-01-01 01:00:00.0 +0100
+++ claws-mail-3.8.1/debian/patches/97_fix_segfault_parse_parameters.patch	2012-10-12 00:13:21.0 +0200
@@ -0,0 +1,17 @@
+Subject: fix segfault in parse_parameters() for some attachments
+From: Mikhail Efremov mikh...@gmail.com
+Bug: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2697
+Applied-Upstream: 3.8.1cvs15
+
+diff -purN claws-mail-3.8.1.orig/src/procmime.c claws-mail-3.8.1/src/procmime.c
+--- claws-mail-3.8.1.orig/src/procmime.c	2012-06-27 11:05:22.0 +0200
 claws-mail-3.8.1/src/procmime.c	2012-10-11 23:15:23.0 +0200
+@@ -1704,7 +1704,7 @@ static void parse_parameters(const gchar
+ 			(g_slist_find_custom(concatlist, down_attr, g_strcmp0) == NULL))
+ concatlist = g_slist_prepend(concatlist, g_strdup(tmpattr));
+ 
+-			if (convert  (g_slist_find_custom(convlist, down_attr, g_strcmp0) == NULL))
++			if (convert  (g_slist_find_custom(convlist, tmpattr, g_strcmp0) == NULL))
+ convlist = g_slist_prepend(convlist, g_strdup(tmpattr));
+ 
+ 			g_free(tmpattr);
diff -Nru claws-mail-3.8.1/debian/patches/98_fix_segfault_no_utf_gpgme_strerror.patch claws-mail-3.8.1/debian/patches/98_fix_segfault_no_utf_gpgme_strerror.patch
--- claws-mail-3.8.1/debian/patches/98_fix_segfault_no_utf_gpgme_strerror.patch	1970-01-01 01:00:00.0 +0100
+++ claws-mail-3.8.1/debian/patches/98_fix_segfault_no_utf_gpgme_strerror.patch	2012-10-12 00:13:21.0 +0200
@@ -0,0 +1,47 @@
+Subject: fix segfault when gpgme_strerror() returns a non UTF-8 string
+From: Colin Leroy co...@colino.net
+Bug: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2650
+Applied-Upstream: 3.8.1cvs41
+ 
+diff -purN claws-mail-3.8.1.orig/src/plugins/pgpcore/sgpgme.c claws-mail-3.8.1/src/plugins/pgpcore/sgpgme.c
+--- claws-mail-3.8.1.orig/src/plugins/pgpcore/sgpgme.c	2012-06-27 11:05:23.0 +0200
 claws-mail-3.8.1/src/plugins/pgpcore/sgpgme.c	2012-10-11 23:04:52.0 +0200
+@@ -610,13 +610,36 @@ bail:
+ 
+ void sgpgme_init()
+ {
++	gchar *ctype_locale = NULL, *messages_locale = NULL;
++	

Re: [squeeze] Re: ecm: file conflict with gmp-ecm

[Philipp Kern]

tag 580548 + squeeze-ignore
thanks

On Thu, Oct 11, 2012 at 03:06:39PM -0700, Jonathan Nieder wrote:
 Philipp Kern wrote:
  Interestingly gmp-ecm does conflict with ecm in wheezy, even though the file
  conflict is solved.
 Oh, excellent.  The Conflicts is even present in squeeze.
 Would you mind tagging 580548 squeeze-ignore to get it off the radar?

Nope, done. ;-)

 Thanks for noticing.

Thanks for caring
Philipp Kern


signature.asc
Description: Digital signature

Bug#686868: unblock: pcp/3.6.5

[Nathan Scott]

Hi guys!

- Original Message -
 Control: tag -1 moreinfo
 
 On Thu, Sep  6, 2012 at 22:05:41 +0200, Moritz Muehlenhoff wrote:
 
  Package: release.debian.org
  Severity: normal
  
  Hi,
  please unblock pcp 3.6.5. It fixes several security issues.

BTW, there was a comment earlier saying that 3.6.5 only fixes
security issues - that's a misunderstanding, I believe.  This
was a regular PCP minor release, and included those security
fixes (just happened to be the next bug-fix point release).

I did backport the fixes to squeeze, although I can't offer to
do that again (its time consuming, and I don't have spare time
atm).  Others might prefer that approach, and could take on a
similar backport.  I wouldn't recommend that approach however,
as alot of testing is required ( has been done on 3.6.5).

 The shlibs information for libpcp-pmda3 needs to be updated for the
 new pmdaEventNewActiveQueue function.

Strictly speaking that is certainly correct, and should be fixed
in a future PCP update.  However, this NewActiveQueue function
is for a special/experimental use-case.  From the changelog:

- ...
- Added an interface to allow PMDAs to register event queues
  with existing clients (pmdaEventNewActiveQueue).
- Initial version of the (experimental) bash tracing PMDA.

This bash tracing PMDA is the only code using that interface,
and it is a new, experimental PMDA (only optional to use).

So, if you're looking for a maintainer opinion, my preference
is to go with 3.6.5 as is.  A separate bug should be opened for
the new symbol shlibs issue (a patch would be lovely too ;)

Thanks for following up on this Moritz, it'd completely fallen
off my radar.

cheers.

--
Nathan


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/2123337810.10709895.1349995973811.javamail.r...@redhat.com

Bug#681717: unblock: openjpeg/1.3+dfsg-4.4

[Michael Gilbert]

On Wed, Sep 26, 2012 at 2:50 PM, Julien Cristau wrote:
 On Wed, Sep 19, 2012 at 01:27:15 -0400, Michael Gilbert wrote:

 On Thu, Aug 16, 2012 at 5:18 AM, Jon Severinsson wrote:
  Release note that this bug blocks sound from working in wine and other i386
  applications on amd64 in wheezy for many configurations (including mine).
 
  That is because libopenjpeg2 is required by libavcodec53 which is required 
  by
  libasound2-plugins, which I need in both amd64 and i386 flavours to get 
  sound
  to work in both 64 and 32 bit applications.

 Trying this one more time since I would really like the wine sound
 situation to be of high quality with the wheezy release.

 Attached is a patch (diffed against testing) that reverts back to
 debhelper 5 but otherwise retains the multiarch conversion, which is
 needed to resolve said sound situation.

 I know this is late, and its been late, but multiarch openjpeg has
 been in unstable for over 60 days without issue related to multiarch.
 So, in my opinion its far less risky than it may seem.  But anyway I
 certainly respect alternative viewpoints.

 Anyway, the patch attached is for review and I will not upload without
 pre-approval.

 This approach looks ok to me.  I'm guessing it needs an additional patch
 for CVE-2012-3535 though.  One thing I don't understand is the comment
 about the -dbg package in the changelog.  Care to explain what the
 problem is?

Apologies for the delay, I've been too busy lately.

So, the -dbg issue has to do with way in which debug files are
compared betwen different arch m-a:same packages.  At compat level 9
hashes of the paths are used vs. actual file contents at lower compt
levels.  Consequently, debug packages cannot be m-a:same at lower
compat levels.

Anyway, I'll look at applying the patch for CVE-2012-3535 and
uploading to unstable in the next couple days, if that is reasonable?

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MPxL_GALLCg0fWv3i9Y-TWMSAB=c_o16rkhq23j35n...@mail.gmail.com

Bug#690281: unblock: file-mmagic/1.29-1

[NOKUBI Takatsugu]

Package: release.debian.org
Severity: wishlist
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package file-mmagic

Old file-mmagic uses deprecated perl syntax, so I want to unblock it.
The follwing is diff (really small changes):
http://cvs.namazu.org/Subversion/MMagic/trunk/MMagic.pm?r1=286r2=279

unblock file-mmagic/1.29-1

-- System Information:
Debian Release: 6.0.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.38-bpo.2-686-bigmem (SMP w/4 CPU cores)
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20121012005228.15792.57142.reportbug@putia

Bug#687220: proposed upload: xz-utils/5.1.1alpha+20120614-2

[Jonathan Nieder]

Hi Mohammed, Thorsten, et al,

I am looking to upload version 5.1.1alpha+20120614-2 of xz-utils
to unstable.  The package can be found on alioth.debian.org:

- 
http://alioth.debian.org/~jrnieder-guest/temp/xz-utils/xz-utils_5.1.1alpha+20120614-2.dsc
- git://git.debian.org/collab-maint/xz.git master

It is a pretty quiet update.  All the changes should look familiar by
now.  Patches cherry-picked from upstream:

 * Check that the first byte of range encoded data is zero to catch
   broken files sooner.
 * xz.1: Document the new minimum xz version to decompress field
   in xz --robot -lvv output.
 * xz -lvv: The minimum xz version needed to decompress blocks with
   zero-length uncompressed data is 5.0.2, not 5.0.3.

The only other change is a list of patch descriptions in
xz-utils/README.Debian.  The hope is that this can help satisfy the
curiosity of people wondering about differences between the upstream
and packaged tools and library.

Julien Cristau wrote:

 Looks fine.

so this is release team approved™.  I'd be happy if you have a
chance to look it over.

Thanks,
Jonathan


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20121012010036.GD28947@elie.Belkin

Bug#690283: some packages testing migration link is missing (no contrib package?)

[Hideki Yamane]

Package: release.debian.org
Severity: normal

Hi,

 http://packages.qa.debian.org/r/ruby-pgplot.html says problems
 The package has not yet entered testing even though the 10-day delay is over. 
Check why.

 However, link to 
http://release.debian.org/migration/testing.pl?package=ruby-pgplot
 is missing. Not Found The requested URL 
/migration/testing.pl?package=ruby-pgplot was not found on this server.

 It seems to be not checked with contrib package but I cannot find such
 limitation note for it, and it helps to check contrib (maybe non-free)
 package migration to testing.
 

-- 
Regards,

 Hideki Yamane henrich @ debian.or.jp/org
 http://wiki.debian.org/HidekiYamane


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/20121012104128.bf6000525277daf0d560e...@debian.or.jp

Bug#690285: unblock: amd64-microcode/1.20120910-2

[Henrique de Moraes Holschuh]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package amd64-microcode

Unfortunately, both amd64-microcode and intel-microcode can trigger a very
nasty bug in initramfs-tools that renders the initramfs unusable, and
therefore may make the system unbootable.

It will only happen when initramfs-tools is incapable of creating ORDER
files (e.g. because of noexec $TMPDIR or noexec /tmp with $TMPDIR unset),
so it should be pretty rare.  But still, the consequences are dire...
kinda like some of the processor errata the packages fix, I suppose :-)

This has bitten an user of intel-microcode.  Please refer to bug #689301
and #688794.

This upload works around the bug in initramfs-tools, which is the safest
way to go about it (especially considering backports).

debdiff attached.  diffstat:
 changelog   |9 +
 initramfs.init-premount |2 +-
 rules   |7 +--
 3 files changed, 15 insertions(+), 3 deletions(-)

unblock amd64-microcode/1.20120910-2

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'testing-proposed-updates'), (500, 
'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.31+ (SMP w/8 CPU cores)
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

-- 
  One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie. -- The Silicon Valley Tarot
  Henrique Holschuh
diff -Nru amd64-microcode-1.20120910/debian/changelog 
amd64-microcode-1.20120910/debian/changelog
--- amd64-microcode-1.20120910/debian/changelog 2012-09-14 16:50:50.0 
-0300
+++ amd64-microcode-1.20120910/debian/changelog 2012-10-09 08:18:25.0 
-0300
@@ -1,3 +1,12 @@
+amd64-microcode (1.20120910-2) unstable; urgency=medium
+
+  * initramfs: work around initramfs-tools bug #688794.
+Use _ in place of +-. for the initramfs script name.  This works
+around a PANIC during boot when the initramfs was created in a system
+with noexec $TMPDIR.
+
+ -- Henrique de Moraes Holschuh h...@debian.org  Tue, 09 Oct 2012 08:18:01 
-0300
+
 amd64-microcode (1.20120910-1) unstable; urgency=medium
 
   * AMD microcode release 20120910
diff -Nru amd64-microcode-1.20120910/debian/initramfs.init-premount 
amd64-microcode-1.20120910/debian/initramfs.init-premount
--- amd64-microcode-1.20120910/debian/initramfs.init-premount   2012-09-14 
12:27:31.0 -0300
+++ amd64-microcode-1.20120910/debian/initramfs.init-premount   2012-10-09 
08:17:36.0 -0300
@@ -9,7 +9,7 @@
 
 # dependencies: firmware loader, microcode kernel support (built-in/module)
 
-PREREQ=udev
+PREREQ=
 
 prereqs()
 {
diff -Nru amd64-microcode-1.20120910/debian/rules 
amd64-microcode-1.20120910/debian/rules
--- amd64-microcode-1.20120910/debian/rules 2012-09-14 12:27:31.0 
-0300
+++ amd64-microcode-1.20120910/debian/rules 2012-10-09 08:17:36.0 
-0300
@@ -10,6 +10,9 @@
 # DebHelper control
 export DH_ALWAYS_EXCLUDE=CVS:.svn:.git
 
+# Work around Debian bug #688794
+INITRAMFS_NAME := $(subst -,_,$(subst +,_,$(subst .,_,$(PACKAGE
+
 build-indep:
 
 build-arch:
@@ -30,10 +33,10 @@
 
mkdir -p $(PKGDIR)/usr/share/initramfs-tools/hooks
install -m 755 $(DEBDIR)/initramfs.hook \
-   $(PKGDIR)/usr/share/initramfs-tools/hooks/$(PACKAGE)
+   $(PKGDIR)/usr/share/initramfs-tools/hooks/$(INITRAMFS_NAME)
mkdir -p $(PKGDIR)/usr/share/initramfs-tools/scripts/init-premount
install -m 755 $(DEBDIR)/initramfs.init-premount \
-   
$(PKGDIR)/usr/share/initramfs-tools/scripts/init-premount/$(PACKAGE)
+   
$(PKGDIR)/usr/share/initramfs-tools/scripts/init-premount/$(INITRAMFS_NAME)
 
 binary: install
dh_testdir

Bug#690286: unblock: intel-microcode/1.20120606.v2.2

[Henrique de Moraes Holschuh]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package intel-microcode

Unfortunately, both amd64-microcode and intel-microcode can trigger a very
nasty bug in initramfs-tools that renders the initramfs unusable, and
therefore may make the system unbootable.

It will only happen when initramfs-tools is incapable of creating ORDER
files (e.g. because of noexec $TMPDIR or noexec /tmp with $TMPDIR unset),
so it should be pretty rare.  But still, the consequences are dire...
kinda like some of the processor errata the packages fix, I suppose :-)

This has bitten an user of intel-microcode.  Please refer to bug #689301
and #688794.

This upload works around the bug in initramfs-tools, which is the safest
way to go about it (especially considering backports).

It also fixes the previous microcode update(!): Intel did a very strange
upstream release, even naming the microcode bundle v2, which they had
never done before.  They added microcode for seriously enterprise-class
hardware (Xeon E7) and updated again the same microcodes they had updated in
the previous release (for very widely used i5 and i7/Xeon E5 processors).

The file removals (see difstat) are a safe reduction of the size of the
*source* package, and don't change *anything* on the binary packages (I have
triple-checked this), as all microcodes in those files were superseded.

Cleaned up debdiff attached (without the microcode-*.dat hunks), because the
full debdiff is ~10MiB due to the file removals.

diffstat:
 changelog  |9 
 debian/changelog   |   25 
 debian/initramfs.init-premount |3 
 debian/rules   |7 
 microcode-20080401.dat |24693 
 microcode-20090330.dat |25910 --
 microcode-20090927.dat |28154 -
 microcode-20100209.dat |30272 ---
 microcode-20110428.dat |27177 ---
 microcode-2010.dat |28971 --
 microcode-20120606.dat |30317 ---
 microcode-20120606.v2.dat  |31086 +
 12 files changed, 31127 insertions(+), 195497 deletions(-)

unblock intel-microcode/1.20120606.v2.2

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'testing-proposed-updates'), (500, 
'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.31+ (SMP w/8 CPU cores)
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

-- 
  One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie. -- The Silicon Valley Tarot
  Henrique Holschuh
diff -Nru intel-microcode-1.20120606.6/changelog 
intel-microcode-1.20120606.v2.2/changelog
--- intel-microcode-1.20120606.6/changelog  2012-07-15 18:44:22.0 
-0300
+++ intel-microcode-1.20120606.v2.2/changelog   2012-10-08 20:57:05.0 
-0300
@@ -1,3 +1,12 @@
+2012-06-06-v2 (2012-10-01):
+  * Updated Microcodes:
+sig 0x000206d6, pf mask 0x6d, 2012-05-22, rev 0x0619, size 16384
+sig 0x000206d7, pf mask 0x6d, 2012-05-22, rev 0x070d, size 16384
+sig 0x000306a9, pf mask 0x12, 2012-07-16, rev 0x0013, size 11264
+
+  * Updated Microcodes (recently removed):
+sig 0x000206f2, pf mask 0x05, 2012-04-12, rev 0x0036, size 12288
+
 2012-06-06:
   * New Microcodes:
 sig 0x00020661, pf mask 0x02, 2011-07-18, rev 0x0105, size 5120
diff -Nru intel-microcode-1.20120606.6/debian/changelog 
intel-microcode-1.20120606.v2.2/debian/changelog
--- intel-microcode-1.20120606.6/debian/changelog   2012-09-04 
20:04:54.0 -0300
+++ intel-microcode-1.20120606.v2.2/debian/changelog2012-10-09 
08:01:08.0 -0300
@@ -1,3 +1,28 @@
+intel-microcode (1.20120606.v2.2) unstable; urgency=medium
+
+  * initramfs: work around initramfs-tools bug #688794.
+Use _ in place of +-. for the initramfs script name.  This works
+around a PANIC during boot when the initramfs was created in a system
+with noexec $TMPDIR.
+
+ -- Henrique de Moraes Holschuh h...@debian.org  Tue, 09 Oct 2012 07:43:37 
-0300
+
+intel-microcode (1.20120606.v2.1) unstable; urgency=medium
+
+  * New upstream microcode data file 20120606-v2 (2012-10-01)
++ Updated Microcodes:
+  sig 0x000206d6, pf mask 0x6d, 2012-05-22, rev 0x0619, size 16384
+  sig 0x000206d7, pf mask 0x6d, 2012-05-22, rev 0x070d, size 16384
+  sig 0x000306a9, pf mask 0x12, 2012-07-16, rev 0x0013, size 11264
++ Updated Microcodes (recently removed):
+  sig 0x000206f2, pf mask 0x05, 2012-04-12, rev 0x0036, size 12288
+  * Remove from the source package some unused 

Re: Bug#609004: cgroup-bin: the kernel configuration file haven't changed yet

[Ben Hutchings]

On Thu, 2012-10-11 at 00:03 +0200, Julien Cristau wrote:
 On Sun, Sep  2, 2012 at 22:26:53 +0100, Ben Hutchings wrote:
 
  On Sat, 2012-09-01 at 15:04 +0400, Alexander V. Kudrevatykh wrote:
   В Вск, 15/07/2012 в 22:34 -0400, Jon Bernard пишет: 
* Alexander V. Kudrevatykh kudrevat...@gmail.com wrote:
 Any news? Bug is still present in testing/sid.

I've not heard anything. I think the right thing to do is file a bug 
against the
kernel, or perhaps reassign this bug to the linux-image package. I'll 
look into
that this week, if you don't get to it first.

   
   Hello. As I can see bug still not assigned to kernel and not cgroup-bin
   not work with kernel from testing/sid/experimental.
  
  This is now marked as blocked by #588200, which is assigned to
  src:linux.
  
  I think we can afford to make the config changes (CONFIG_CONNECTOR=y,
  CONFIG_PROC_EVENTS=y) on all configurations as even the ARM platforms
  with very small partitions for vmlinuz have more than 10K to spare.
  
  However, making such a configuration change during the freeze would need
  to be approved by the release team.
  
 I think this would be fine.

Thanks.  This change is now pending in svn.

Ben.

-- 
Ben Hutchings
Kids!  Bringing about Armageddon can be dangerous.  Do not attempt it in
your own home. - Terry Pratchett and Neil Gaiman, `Good Omens'


signature.asc
Description: This is a digitally signed message part

Bug#690283: some packages testing migration link is missing (no contrib package?)

[Adam D. Barratt]

Control: forcemerge 678242 -1

On Fri, 2012-10-12 at 10:41 +0900, Hideki Yamane wrote:
  http://packages.qa.debian.org/r/ruby-pgplot.html says problems
  The package has not yet entered testing even though the 10-day delay is 
 over. Check why.
 
  However, link to 
 http://release.debian.org/migration/testing.pl?package=ruby-pgplot
  is missing. Not Found The requested URL 
 /migration/testing.pl?package=ruby-pgplot was not found on this server.
 
  It seems to be not checked with contrib package but I cannot find such
  limitation note for it, and it helps to check contrib (maybe non-free)
  package migration to testing.

Merging with the existing report.

Regards,

Adam


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/1350017633.10097.10.ca...@jacala.jungle.funky-badger.org

Processed: Re: Bug#690283: some packages testing migration link is missing (no contrib package?)

[Debian Bug Tracking System]

Processing control commands:

 forcemerge 678242 -1
Bug #678242 [release.debian.org] qa.debian.org: Package with a problem link to 
a broken link: check why
Bug #690283 [release.debian.org] some packages testing migration link is 
missing (no contrib package?)
Severity set to 'minor' from 'normal'
Added indication that 690283 affects qa.debian.org
Merged 678242 690283

-- 
678242: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678242
690283: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690283
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.b690283.135001772712659.transcr...@bugs.debian.org

Bug#690277: marked as done (unblock: claws-mail/3.8.1-2)

[Debian Bug Tracking System]

Your message dated Fri, 12 Oct 2012 05:51:26 +0100
with message-id 1350017486.10097.9.ca...@jacala.jungle.funky-badger.org
and subject line Re: Bug#690277: unblock: claws-mail/3.8.1-2
has caused the Debian Bug report #690277,
regarding unblock: claws-mail/3.8.1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
690277: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690277
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package claws-mail

This upload fixes CVE-2012-4507 (bug #690151) and includes
backported patches for 3 segfaults discovered after 3.8.1
release. Debdiff attached.

thanks in advance,

unblock claws-mail/3.8.1-2

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru claws-mail-3.8.1/debian/changelog claws-mail-3.8.1/debian/changelog
--- claws-mail-3.8.1/debian/changelog	2012-06-28 01:28:06.0 +0200
+++ claws-mail-3.8.1/debian/changelog	2012-10-12 00:13:21.0 +0200
@@ -1,3 +1,16 @@
+claws-mail (3.8.1-2) unstable; urgency=medium
+
+  * patches/99_fix_CVE-2012-4507.patch
+  - Added fix for CVE-2012-4507 from 3.8.1cvs82 (Closes: #690151),
+raised urgency because of grave bug
+  * patches/98_fix_segfault_no_utf_gpgme_strerror.patch,
+patches/97_fix_segfault_parse_parameters.patch,
+patches/96_fix_segfault_viewing_signature_info.patch
+  - Backported patches from upstream CVS fixing segfaults discovered
+after 3.8.1 release
+
+ -- Ricardo Mones mo...@debian.org  Fri, 12 Oct 2012 00:04:03 +0200
+
 claws-mail (3.8.1-1) unstable; urgency=low
 
   * New upstream release
diff -Nru claws-mail-3.8.1/debian/patches/96_fix_segfault_viewing_signature_info.patch claws-mail-3.8.1/debian/patches/96_fix_segfault_viewing_signature_info.patch
--- claws-mail-3.8.1/debian/patches/96_fix_segfault_viewing_signature_info.patch	1970-01-01 01:00:00.0 +0100
+++ claws-mail-3.8.1/debian/patches/96_fix_segfault_viewing_signature_info.patch	2012-10-12 00:13:21.0 +0200
@@ -0,0 +1,17 @@
+Subject: fix segfault viewing PGP/SMIME signature information
+From: Ricardo Mones rica...@mones.org
+Bug: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2689
+Applied-Upstream: 3.8.1cvs12
+
+diff -purN claws-mail-3.8.1.orig/src/plugins/pgpcore/sgpgme.c claws-mail-3.8.1/src/plugins/pgpcore/sgpgme.c
+--- claws-mail-3.8.1.orig/src/plugins/pgpcore/sgpgme.c	2012-06-27 11:05:23.0 +0200
 claws-mail-3.8.1/src/plugins/pgpcore/sgpgme.c	2012-10-11 23:34:46.0 +0200
+@@ -326,7 +326,7 @@ gchar *sgpgme_sigstat_info_full(gpgme_ct
+ j++;
+ user = user-next;
+ 			}
+-			g_string_append_printf(siginfo,
++			g_string_append(siginfo,
+ _(Primary key fingerprint:));
+ 			const char* primary_fpr = NULL;
+ 			if (key  key-subkeys  key-subkeys-fpr)
diff -Nru claws-mail-3.8.1/debian/patches/97_fix_segfault_parse_parameters.patch claws-mail-3.8.1/debian/patches/97_fix_segfault_parse_parameters.patch
--- claws-mail-3.8.1/debian/patches/97_fix_segfault_parse_parameters.patch	1970-01-01 01:00:00.0 +0100
+++ claws-mail-3.8.1/debian/patches/97_fix_segfault_parse_parameters.patch	2012-10-12 00:13:21.0 +0200
@@ -0,0 +1,17 @@
+Subject: fix segfault in parse_parameters() for some attachments
+From: Mikhail Efremov mikh...@gmail.com
+Bug: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2697
+Applied-Upstream: 3.8.1cvs15
+
+diff -purN claws-mail-3.8.1.orig/src/procmime.c claws-mail-3.8.1/src/procmime.c
+--- claws-mail-3.8.1.orig/src/procmime.c	2012-06-27 11:05:22.0 +0200
 claws-mail-3.8.1/src/procmime.c	2012-10-11 23:15:23.0 +0200
+@@ -1704,7 +1704,7 @@ static void parse_parameters(const gchar
+ 			(g_slist_find_custom(concatlist, down_attr, g_strcmp0) == NULL))
+ concatlist = g_slist_prepend(concatlist, g_strdup(tmpattr));
+ 
+-			if (convert  (g_slist_find_custom(convlist, down_attr, g_strcmp0) == NULL))
++			if (convert  (g_slist_find_custom(convlist, tmpattr, g_strcmp0) == NULL))
+ convlist = g_slist_prepend(convlist, g_strdup(tmpattr));
+ 
+ 			g_free(tmpattr);
diff -Nru claws-mail-3.8.1/debian/patches/98_fix_segfault_no_utf_gpgme_strerror.patch claws-mail-3.8.1/debian/patches/98_fix_segfault_no_utf_gpgme_strerror.patch
--- 

Bug#685837: unblock: tomcat-native/1.1.24-1

[tony mancill]

On 10/10/2012 01:41 PM, Adam D. Barratt wrote:
 On Mon, 2012-08-27 at 21:48 -0700, tony mancill wrote:
 On 08/25/2012 06:15 PM, Cyril Brulebois wrote:
 Looking at the diff (please bear in mind I know little to nothing in
 java/jni, so those are naïve questions):
  - is tcn_socket_t for internal use only or is it exposed outside the
library?
  - same question for tcn_pollset_t.
  - is it ok to get rid of some functions, like update_ttl?

 If answers are 2*internal+yes, we should be able to unblock it.
 [...]
 Here is the change you're referring to:

 -static void update_ttl(tcn_pollset_t *p, const apr_pollfd_t *fd, 
 apr_time_t t)
 +static void update_last_active(tcn_pollset_t *p, const apr_pollfd_t *fd, 
 apr_time_t t)

 update_ttl() (and it's replacement, update_last_active()) are only used
 in poll.c and is declared as static, so I don't see how that would
 change users of the library.
 
 Apologies for the delay in getting back to you again.
 
 Looking through the earlier conversation, I couldn't see a final answer
 regarding whether tcn_socket_t is exported by the library. The reason
 for the query being:
 
  tcn_nlayer_t *net;
 +apr_time_t  last_active;
 +apr_interval_time_t timeout;
  } tcn_socket_t;

Hi Adam,

Okay, I understand the reason for the question better.  Thanks for the
follow-up.  Sorry I'm not able to answer right off; I'm not much with C.

If tcn_socket_t were exported by the library wouldn it show up in a
symbol dump?  The following doesn't return any anything.

$ nm -a libtcnative-1.a | grep -i tcn_socket

Also, there the source package contains a file tcn_api.h that carries
this comment:

/**
 * @file tcn_api.h
 * @brief
 *
 * Tomcat Native Public API
 */

The tcn_tocket_t doesn't appear in any of the prototypes in that file.

I realize the comment isn't definitive.  Is there something else I
should check in the resulting library?

Thank you,
tony



signature.asc
Description: OpenPGP digital signature

Bug#682172: unblock: couchdb/1.2.0-2

[Laszlo Boszormenyi (GCS)]

On Thu, 2012-10-11 at 23:18 +0200, Julien Cristau wrote:
[ about CouchDB storing its PID file as root ]
 Ping.  Is this getting fixed?
 Upstream knows about this issue, promised a fix which won't be easy as
I can remember. Now they are busy with releasing 1.3.0 and a bugfix
branch of 1.2.0 . Don't know exactly if it's included, but will ping
them.

Laszlo/GCS


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/1350019343.25403.12.camel@julia

Bug#690290: unblock: fprobe-ulog/1.1-7.3

[Salvatore Bonaccorso]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi Release Team

Please unblock package fprobe-ulog

I have prepared a NMU upload for #687942 in fprobe-ulog: modifies
conffiles (policy 10.7.3): /etc/default/fprobe-ulog.

I used the approach which was already used for the similar bugs about
policy 10.7.3 violations.

Attached is the debdiff against current version in testing.

unblock fprobe-ulog/1.1-7.3

Many thanks

Salvatore

- -- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJQd6z9AAoJEHidbwV/2GP+rwQQAJUy4BRJ8iBiYdZ3xk+zN/SO
Vd+R/P3wIAXmwkpgwDvBx7mcSBKsGFao2MNn1vPpzs2MtiV66vh6m0DSdyFsvnDW
b2I29z3CbaY57xL3zNpXivYWBXQATMLY4omMArsfyE55rGTLbtoGtnP2eSoRoG48
VpULSeI3jQwJ7TW1M3M9Raf16OsfBn36qBKWuKEnJx55EwJfpzsFgwhMbwdxpC4F
qAx7wwnjP3SWaV0ranLHOkZxcICBsJv8OBUw36VpMOW4WAI2NZYsi3Uf4wb14z3J
4yd8sk6/apbeA+gEMGgfSXWTdw/AnuzAVN5Eyee9ezXGt1iPypObNMM2+RZ8ectQ
9ExM6GAPAKdJS6W5q4R3iG1iCYhsSm34e753G68JblvBZPqw4vegPbF2jOYLD016
lRvvjktxVOlSOr/JAhOmEmqdLmGwE5xLaxXAh9St4JkuRraVZ5MtQf5h3qrk+oXX
SgXe1NrWLrLGMIs8umZY3QLJ5Ofz1s0H3DuhN/qRHx47bbVocD5A7m4uJeSM1B8P
22Gpq7PyhOD2W/tw5YYiZ2R+b0BISQ4K4t955j9xGn3aIh1U3WmwHgZL5I0lpZWr
eDKRfOGbz84FxR5zT8a7tC1HdZPfUvELNP/azh6TOmWitJ9HKZsudNaQDLP9ue4G
whtk/BYrDfXTP+hPPOJD
=atTO
-END PGP SIGNATURE-
Base version: fprobe-ulog_1.1-7.2 from testing
Target version: fprobe-ulog_1.1-7.3 from unstable

No hints in place.

 debian/default   |6 --
 debian/postrm|9 +
 fprobe-ulog-1.1/debian/changelog |   18 ++
 fprobe-ulog-1.1/debian/config|8 
 fprobe-ulog-1.1/debian/postinst  |   24 ++--
 5 files changed, 57 insertions(+), 8 deletions(-)

diff -u fprobe-ulog-1.1/debian/changelog fprobe-ulog-1.1/debian/changelog
--- fprobe-ulog-1.1/debian/changelog
+++ fprobe-ulog-1.1/debian/changelog
@@ -1,3 +1,21 @@
+fprobe-ulog (1.1-7.3) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fix modifies conffiles (policy 10.7.3): /etc/default/fprobe-ulog
+(Closes: #687942).
+- Don't install /etc/default/fprobe-ulog via dh_installinit
+- Read /etc/default/fprobe-ulog in fprobe-ulog.config.
+  Read /etc/default/fprobe-ulog into Debconf in fprobe-ulog.config
+  if the file exists.
+- Create /etc/default/fprobe-ulog in postinst.
+  Create /etc/default/fprobe-ulog if it does not yet exists in
+  postinst. If admin furthermore deleted or commented some variables
+  but then set them via debconf, (re-)add them to the configuration
+  file in postinst.
+- Remove configuration file on purge in postrm script
+
+ -- Salvatore Bonaccorso car...@debian.org  Mon, 08 Oct 2012 01:07:43 +0200
+
 fprobe-ulog (1.1-7.2) unstable; urgency=low
 
   * Non-maintainer upload.
reverted:
--- fprobe-ulog-1.1/debian/default
+++ fprobe-ulog-1.1.orig/debian/default
@@ -1,6 +0,0 @@
-#fprobe-ulog default configuration file
-
-
-INTERFACE=eth0:100
-FLOW_COLLECTOR=localhost:2055	
-OTHER_ARGS=
diff -u fprobe-ulog-1.1/debian/config fprobe-ulog-1.1/debian/config
--- fprobe-ulog-1.1/debian/config
+++ fprobe-ulog-1.1/debian/config
@@ -7,6 +7,14 @@
 # Use debconf.
 . /usr/share/debconf/confmodule
 
+# Load config file, if it exists.
+if [ -e /etc/default/fprobe-ulog ]; then
+   . /etc/default/fprobe-ulog || true
+
+   # Store values from config file into debconf db.
+   db_set fprobe-ulog/interface $INTERFACE
+   db_set fprobe-ulog/collector $FLOW_COLLECTOR
+fi
 
 db_input high fprobe-ulog/interface || true
 db_input high fprobe-ulog/collector || true
diff -u fprobe-ulog-1.1/debian/postinst fprobe-ulog-1.1/debian/postinst
--- fprobe-ulog-1.1/debian/postinst
+++ fprobe-ulog-1.1/debian/postinst
@@ -4,10 +4,30 @@
 # Use debconf.
 . /usr/share/debconf/confmodule
 
-if [ $1 = configure ]  [ -z $2 ]; then 	  
+# generate default file if it doesn't exist
+if [ ! -e /etc/default/fprobe-ulog ]; then
+	cat  /etc/default/fprobe-ulog -END
+	#fprobe-ulog default configuration file
+	
+	
+	INTERFACE=eth0:100
+	FLOW_COLLECTOR=localhost:2055
+	OTHER_ARGS=
+	END
+fi
+
+if [ $1 = configure ]; then
 db_get fprobe-ulog/interface  interface=$RET
 db_get fprobe-ulog/collector  collector=$RET
-		
+
+# If the admin deleted or commented some variables but then set
+# them via debconf, (re-)add them to the conffile.
+test -z $interface || grep -Eq '^ *INTERFACE=' /etc/default/fprobe-ulog || \
+   echo INTERFACE=  /etc/default/fprobe-ulog
+test -z $collector || grep -Eq '^ *FLOW_COLLECTOR=' /etc/default/fprobe-ulog || \
+   echo FLOW_COLLECTOR=