Bug#689147: unblock: gajim/0.15.1-1
On 12/12/2012 01:37 AM, intrigeri wrote:
Hi,
Yann Leboulanger wrote (14 Oct 2012 16:35:07 GMT) :
On 10/14/2012 06:18 PM, Jakub Wilk wrote:
FWIW, it _is_ packaged as python-gnupg.
right, but we have a small change in it for logging:
logger = logging.getLogger('gajim.c.gnupg')
Looks like this should be added to the embedded code copies list,
regardless of the minor diff:
https://wiki.debian.org/EmbeddedCodeCopies
This can also be in Gajim itself, and I'll do that for next release.
--
Yann
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/50c838ea.9090...@lagaule.org
Bug#689588: Please unblock cracklib2/2.8.19-2
Control: tags -1 moreinfo
On 2012-12-08 12:25, Jan Dittberner wrote:
retitle 689588 unblock: cracklib2/2.8.19-2
thanks
Dear release managers,
please unblock cracklib2/2.8.19-2 that I uploaded to unstable. See the
debdiff that is already attached to the bug. The change is minimal and
backward compatible. The test suite runs without problems with all supported
Python versions (2.6, 2.7, 3.2).
Best regards
Jan
Hi,
I have to admit, I would have appreciated if this change had been
upstreamed. Anyhow, I guess that will be your headache and not mine... :)
In regards to the actual changes, I suspect they are flawed in the
error-path, see cracklib2.review.
~Niels
+-const char *result;
++int result;
++char *errmsg;
^^
Uninitialized, but almost certainly not NULL
[...]
+ LOCK();
+-result = FascistCheck(candidate, dict ? dict : defaultdict);
++result = __DEBIAN_SPECIFIC__SafeFascistCheck(candidate,
++ dict ? dict : defaultdict, errmsg);
Passed as char * and not char **, so the call will not change
to which string errmsg is pointing (but could change the content).
Note that __DEBIAN_SPECIFIC__SafeFascistCheck is trying to use it
by assigning to errmsg (see below), so I suspect you wanted to use
errmsg here (and the changed below).
+ UNLOCK();
++ if (errmsg != NULL)
++ {
++ PyErr_SetString(PyExc_ValueError, errmsg);
^^
Use of uninitialized pointer...
++int
++__DEBIAN_SPECIFIC__SafeFascistCheck(password, path, errstr)
++const char *password;
++const char *path;
++char *errstr;
^
I think this should have been char **errstr;
++errstr = FascistLook(pwp, pwtrunced);
^^
... and this should have been:
*errstr = FascistLook(pwp, pwtrunced);
Processed: Re: Bug#689588: Please unblock cracklib2/2.8.19-2
Processing control commands: tags -1 moreinfo Bug #689588 [release.debian.org] unblock: cracklib2/2.8.19-2 Added tag(s) moreinfo. -- 689588: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689588 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b689588.135529944725272.transcr...@bugs.debian.org
Bug#689588: Please unblock cracklib2/2.8.19-2
On 2012-12-12 09:04, Niels Thykier wrote: Control: tags -1 moreinfo On 2012-12-08 12:25, Jan Dittberner wrote: retitle 689588 unblock: cracklib2/2.8.19-2 thanks Dear release managers, please unblock cracklib2/2.8.19-2 that I uploaded to unstable. See the debdiff that is already attached to the bug. The change is minimal and backward compatible. The test suite runs without problems with all supported Python versions (2.6, 2.7, 3.2). Best regards Jan Hi, I have to admit, I would have appreciated if this change had been upstreamed. Anyhow, I guess that will be your headache and not mine... :) [...] I just saw your original mail from Oct. 4th, so never mind the above comment. I think the use of __DEBIAN_SPECIFIC__SafeFascistCheck will be okay for Wheezy (considering it avoids an API transition). Sorry for the delay in getting back to you (on your mail from Oct.), ~Niels -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/50c83f99.6020...@thykier.net
Bug#695748: unblock: ferm/2.1-4
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package ferm
Hi,
I fixed two nasty bugs (I think at least #694334 is RC) in 2.1-4.
#694334: ferm: modifies files under /etc:
if an admin decided to have different permissions for
/etc/ferm those will be overwritten with the wheezy update
#695677: domain within a function produces syntax error
having a function where domain (ip ip6) is used is rejected
by the version in wheezy which is a regression, the patch got
backported from upstreams git.
The fixes are both oneliners and I think having them in wheezy would
be good. The debdiff is attached.
diff --git a/debian/changelog b/debian/changelog
index e1109cc..d5ba908 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+ferm (2.1-4) unstable; urgency=low
+
+ * [4ede608] Backport a patch that fixes a regression in functions containing
+ip and ip6 domains
+(Closes: #695677)
+ * [22d4a48] don't modify permissions on /etc/ferm during upgrade
+(Closes: #694334)
+
+ -- Alexander Wirt formo...@debian.org Tue, 11 Dec 2012 22:59:18 +0100
+
ferm (2.1-3) unstable; urgency=low
[ Salvatore Bonaccorso ]
diff --git a/debian/ferm.postinst b/debian/ferm.postinst
index 0f8ea64..ab50cb2 100644
--- a/debian/ferm.postinst
+++ b/debian/ferm.postinst
@@ -43,7 +43,7 @@ if [ $action = configure ]; then
sed -i s/^ENABLED=.*$/ENABLED=\$VALUE\/ /etc/default/ferm
# make the firewall configuration readable only by root and group adm
-if [ -d /etc/ferm ]; then
+if [ -d /etc/ferm ] [ -z $version ]; then
chown -R root:adm /etc/ferm
chmod 2750 /etc/ferm
fi
diff --git a/src/ferm b/src/ferm
index b83048d..2214969 100755
--- a/src/ferm
+++ b/src/ferm
@@ -2052,7 +2052,7 @@ sub enter($$) {
new_level(%inner, \%rule);
set_domain(%inner, $domain) or next;
$script-{tokens} = [ @$tokens ];
-enter($lev, \%inner);
+enter(0, \%inner);
}
$script-{tokens} = $old_tokens;
unblock ferm/2.1-4
Thanks in advance
Alex
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/20121212092116.5745.71675.report...@hawking.credativ.lan
Bug#693351: RM: kismet/2008-05-R1-4.3
On Wed, 12 Dec 2012 04:18:18 +0100 Nick Andrik nick.and...@gmail.com wrote: First of all I also CC the DD that follows my work on packaging the new version, since I am not an expert on all debian procedures yet. About removing kismet or not, I don't know what are the arguments for and against. I need to know the exact implications in order to give an informed answer. If we include it, what is the disadvantage? The Debian package is not available for new installations. It doesn't show up in apt-cache searches. The advantage is that the poor quality of the package no longer reflects badly on Debian - as it does currently. It is not installed by default anyway, and I don't expect anyone to be using the version shipped with debian. So remove it already. The upstream also provides a .deb which works quite well and my estimation is that everybody uses that one. This means, I don't think anyone will file any new bugs, functionality wise. It also means that there's no loss by removing it. If we remove the package, do we also lose all the bugs filed against it? No. Bugs which only apply to the version(s) in testing or unstable will be closed by the removal, bugs found in versions in oldstable and stable will remain open. (oldstable until the next stable freeze starts). Packages are not removed from stable or oldstable. Bugs are never deleted (except spam ones) - the bug will be closed and archived but it can always be unarchived and reopened (in that order). Some of them are still valid issues which will be addressed in the new package. If the package is reintroduced, the old bugs will be available to be re-opened and tested with the new version. The bug numbers remain the same and because there is a version of the package in stable, the index page for the package will remain too. It is trivial to switch that page to looking at archived bugs instead of the default unarchived. For the functionality bugs, I plan to give a notice to try the new package once it is released and close the ones I get no answer after some period (e.g. 1-2 months) Does that mean you will be adopting kismet as maintainer after the Wheezy release? Also, I think the procedures for uploading new/heavily updated packages is different. During a release freeze, yes - major changes and new packages should be uploaded to experimental only. Outside the freeze, major changes and new packages can go to either experimental or unstable. One should pass through the new queue, the other through experimental. No. A package which has been removed will always go back through NEW if it is reintroduced. After going through the NEW queue, it can go into either experimental or unstable. If the package has not been removed, a new upload won't go through NEW whether it's aimed at experimental or unstable. -- Neil Williams = http://www.linux.codehelp.co.uk/ pgpjYa2hGRc9I.pgp Description: PGP signature
Bug#695355: marked as done (unblock: libwmf/0.2.8.4-10.2)
Your message dated Wed, 12 Dec 2012 10:39:35 +0100
with message-id 50c850d7.70...@thykier.net
and subject line Re: Bug#695355: unblock: libwmf/0.2.8.4-10.2
has caused the Debian Bug report #695355,
regarding unblock: libwmf/0.2.8.4-10.2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
695355: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695355
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package libwmf
The version in unstable fixes
* #685802 RC. Failure to load fonts.
* #677786 missing Multi-Arch blocks ia32-libs-gtk.
Please find a debdiff from wheezy to sid attached. Observe that the only
two files changed are debian/changelog and debian/control.
unblock libwmf/0.2.8.4-10.2
Helmut
diff -Nru libwmf-0.2.8.4/debian/changelog libwmf-0.2.8.4/debian/changelog
--- libwmf-0.2.8.4/debian/changelog 2012-01-06 00:53:36.0 +0100
+++ libwmf-0.2.8.4/debian/changelog 2012-11-29 17:28:35.0 +0100
@@ -1,3 +1,20 @@
+libwmf (0.2.8.4-10.2) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Add Multi-Arch headers. (Closes: #677786)
+The support was basically there. libwmf0.2-7 already ships libraries in
+/usr/lib/triplet. No changes besides adding headers were necessary.
+
+ -- Helmut Grohne hel...@subdivi.de Thu, 29 Nov 2012 17:26:47 +0100
+
+libwmf (0.2.8.4-10.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * debian/control
+- libwmf-bin: Depends: gsfonts fixes font load error (Closes: #685802)
+
+ -- Hideki Yamane henr...@debian.org Thu, 20 Sep 2012 13:09:11 +0900
+
libwmf (0.2.8.4-10) unstable; urgency=low
* Read libwmf binary package name from control in rules.
diff -Nru libwmf-0.2.8.4/debian/control libwmf-0.2.8.4/debian/control
--- libwmf-0.2.8.4/debian/control 2012-01-06 00:29:18.0 +0100
+++ libwmf-0.2.8.4/debian/control 2012-11-29 17:26:39.0 +0100
@@ -22,6 +22,7 @@
Pre-Depends: ${misc:Pre-Depends}
Depends: ${misc:Depends}, ${shlibs:Depends}
Recommends: gsfonts
+Multi-Arch: same
Description: Windows metafile conversion library
Windows metafile (WMF) is a picture format used by many Windows
programs, e.g. Microsoft Word. libwmf is a library for interpreting
@@ -34,6 +35,8 @@
Section: graphics
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends}
+Recommends: gsfonts
+Multi-Arch: foreign
Description: Windows metafile conversion tools
Windows metafile (WMF) is a picture format used by many Windows
programs, e.g. Microsoft Word. libwmf is a library for interpreting
---End Message---
---BeginMessage---
On 2012-12-07 15:29, Helmut Grohne wrote:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package libwmf
The version in unstable fixes
* #685802 RC. Failure to load fonts.
* #677786 missing Multi-Arch blocks ia32-libs-gtk.
Please find a debdiff from wheezy to sid attached. Observe that the only
two files changed are debian/changelog and debian/control.
unblock libwmf/0.2.8.4-10.2
Helmut
Unblocked, thanks.
~Niels---End Message---
Question on proposed integration of MediaWiki 1.19.3 in wheezy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Dear release managers, today, I chose to fix RC bug #694998. It is a security issue with MediaWiki 1.19.2 currently in testing, and there are two ways of fixing this issue. The easiest would be to get the new upstream version 1.19.3 into testing. I created the new package and a debdiff [2]. This diff is quite large because the update also incorporates tons of translation updates. The other possibility is to backport the changes for the security fixes to 1.19.2, which is also non-problematic. I prepared a debdiff for that as well [3]. The question is if the release team would grant a freeze exception for the new upstream version 1.19.3, maybe considering the translation changes non-critical? Looking forward to your feedback, Nik [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694998 [2] http://shore.naturalnet.de/~nik/mediawiki_1.19.2-2_1.19.3-0.1.debdiff [3] http://shore.naturalnet.de/~nik/mediawiki_1.19.2-2_1.19.2-2.1.debdiff - -- * mirabilos is handling my post-1990 smartphone * mirabilos Aaah, it vibrates! Wherefor art thou, daemonic device?? PGP fingerprint: 2086 9A4B E67D 1DCD FFF6 F6C1 59FC 8E1D 6F2A 8001 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) iQFOBAEBCAA4BQJQyFTLMRpodHRwczovL3d3dy5kb21pbmlrLWdlb3JnZS5kZS9n cGctcG9saWN5LnR4dC5hc2MACgkQWfyOHW8qgAGdNQgAjgT7dKHee7zBD+PD5991 PmNTsx+r84ynlUaibX8i5R7OUErC8h5wRraAe/XYHEeHSRyjYnEFatbMbYvKRzZD CZxBlbNNvDcTV/UjhgBMIaNfaQZxYoxCktuMVuhdDrFv6A6T7flAJPNEmh7ATS+Q fci4QLLtZg2F1v1y+8NyWQHk8CwEoXtOplZBR9kHgVTZMWVBUI//wsJr0wIAY11A 5c9yhaUFUHIWAx1c2zw74+MaqMAbBiYav3LGXBdTbMscihFcxtql4/s8+xgVHeCn aYrSsHE984MdjI1BiYqygiBWNWjBiEc4hTGZI2GPWByORJMBM1QjqZUha3KzSZ5Z +w== =xOmo -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.deb.2.02.1212121002080.5...@keks.naturalnet.de
Re: Question on proposed integration of MediaWiki 1.19.3 in wheezy
On 2012-12-12 10:58, Dominik George wrote: Dear release managers, today, I chose to fix RC bug #694998. It is a security issue with MediaWiki 1.19.2 currently in testing, and there are two ways of fixing this issue. The easiest would be to get the new upstream version 1.19.3 into testing. I created the new package and a debdiff [2]. This diff is quite large because the update also incorporates tons of translation updates. The other possibility is to backport the changes for the security fixes to 1.19.2, which is also non-problematic. I prepared a debdiff for that as well [3]. The question is if the release team would grant a freeze exception for the new upstream version 1.19.3, maybe considering the translation changes non-critical? Looking forward to your feedback, Nik [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694998 [2] http://shore.naturalnet.de/~nik/mediawiki_1.19.2-2_1.19.3-0.1.debdiff [3] http://shore.naturalnet.de/~nik/mediawiki_1.19.2-2_1.19.2-2.1.debdiff Hi, If 1.19.3 is just the security fix + translations, I'd be willing to allow the translations as well. If there is more changes beyond that then it depends (defaulting to no). Can you provide us with a filtered debfiff of the 1.19.3? Just remember to let us know what filtering you used (e.g. filterdiff -x '*/messages/Messages*.php' ). ~Niels -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/50c85c0a.7020...@thykier.net
Bug#691115: unblock libdvdread/4.2.0+20120521-3
Hi, Dmitry Smirnov wrote (12 Dec 2012 01:16:15 GMT) : There were no reply from maintainer in #688574 so perhaps it would be better to set Daniel as owner of this bug... Please do it if you feel it's useful. A full new upstream version was uploaded to unstable since then, so an update in testing would now have to go through t-p-u. Given the crash fixed by 4.2.0+20120521-3 has severity normal, I'm unsure it's worth the effort. Dmitry, you filed the unblock request that is now outdated, what do you think? IMHO even if fix is not implemented properly it is still prevent certain crashes which can't be worse than what's in testing right now. I'm not sure this would be worse than what's in testing right now, but let's acknowledge that the fix has potential for future regressions, and does not only bring good: using internal implementation details of other libraries results in code that can break without notice, in the future, when the depended upon library is updated. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85txrr8sw9@boum.org
Re: Question on proposed integration of MediaWiki 1.19.3 in wheezy
On Wed, 12 Dec 2012, Niels Thykier wrote: On 2012-12-12 10:58, Dominik George wrote: Dear release managers, today, I chose to fix RC bug #694998. It is a security issue with To be exact, I asked Dominik whether he can have a look at it and review it (and ask the Release Team) because I currently lack time to do that in-depth and he’s eager to help RC bug fixing… MediaWiki 1.19.2 currently in testing, and there are two ways of fixing this issue. The easiest would be to get the new upstream version 1.19.3 into testing. From the pkg-mw side this would of course be preferred because it would make later fixes easier, and the MW upstream sort of agreed to support 1.19 longer for us, when we in turn keep MW in good shape in Debian ;-) I created the new package and a debdiff [2]. This diff is quite large because the update also incorporates tons of translation updates. I suggested to use diff -wup and exclude the translations; I’ve already done that for 1.19.2. If 1.19.3 is just the security fix + translations, I'd be willing to allow the translations as well. OK, thanks. Let’s hope it’ll be just fixes. Thanks Dominik for having a look. bye, //mirabilos -- tarent solutions GmbH Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/ Tel: +49 228 54881-393 • Fax: +49 228 54881-314 HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941 Geschäftsführer: Boris Esser, Sebastian Mancke -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.deb.2.02.1212121130150.2...@tglase.lan.tarent.de
Processed: tagging 662513
Processing commands for cont...@bugs.debian.org: tags 662513 - moreinfo Bug #662513 [release.debian.org] RM: emboss/6.3.1-6 Removed tag(s) moreinfo. thanks Stopping processing here. Please contact me if you need assistance. -- 662513: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662513 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.135530836822481.transcr...@bugs.debian.org
Bug#689147: unblock: gajim/0.15.1-1
Hi, Yann Leboulanger wrote (12 Dec 2012 07:57:30 GMT) : On 12/12/2012 01:37 AM, intrigeri wrote: Looks like this should be added to the embedded code copies list, regardless of the minor diff: https://wiki.debian.org/EmbeddedCodeCopies This can also be in Gajim itself, and I'll do that for next release. Great! However, given this next release is highly unlikely to be in Wheezy, it looks like Wheezy will ship with a Gajim that *has* a python-gnupg embedded code copy -- and perhaps Squeeze has too? Regardless of the future (much welcome!) upstream fixes, information about the existing code duplication needs to be put on the dedicated list, so that the security team can react appropriately in case a security issue is discovered in the duplicated library. (Adding secure-testing-team into the loop, keeping the unblock bug in the Cc list too, as I doubt the package should be unblocked without having a clear view of what's happening with the embedded python-gnupg.) Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85lid38sf9@boum.org
Bug#693351: RM: kismet/2008-05-R1-4.3
Hi, Neil Williams wrote (12 Dec 2012 09:16:52 GMT) : One should pass through the new queue, the other through experimental. No. A package which has been removed will always go back through NEW if it is reintroduced. After going through the NEW queue, it can go into either experimental or unstable. Since the discussion has drifted to full removal from the archive, I'd like to point out that a removal from testing only was requested. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85ehiv8s1l@boum.org
Re: [Pkg-mediawiki-devel] Question on proposed integration of MediaWiki 1.19.3 in wheezy
On 2012-12-12 10:33, Thorsten Glaser wrote: On Wed, 12 Dec 2012, Niels Thykier wrote: If 1.19.3 is just the security fix + translations, I'd be willing to allow the translations as well. OK, thanks. Let’s hope it’ll be just fixes. In general we have been able to trust upstream security releases to be well-targeted, so there should be minimal problems for migration to Wheezy. Thanks Dominik for having a look. Indeed, thanks! Please make sure you take the credit in debian/changelog and one of us can sponsor the package. -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 directhex i have six years of solaris sysadmin experience, from 8-10. i am well qualified to say it is made from bonghits layered on top of bonghits -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1ee6dad6051392610d0932a8a120f...@hogwarts.powdarrmonkey.net
Re: Question on proposed integration of MediaWiki 1.19.3 in wheezy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
Can you provide us with a filtered debfiff of the 1.19.3? Just
remember to let us know what filtering you used (e.g. filterdiff -x
'*/messages/Messages*.php' ).
find attached the filtered diff. It was created using:
filterdiff \
-x '*/includes/installer/Installer.i18n.php' \
-x '*/languages/messages/Messages*.php' \
-x '*/tests/phpunit/languages/*.php' \
mediawiki_1.19.2-2_1.19.3-0.1.debdiff \
mediawiki_1.19.2-2_1.19.3-0.1_wo_translations.diff
I'd really appreciate your acknowledgement of 1.19.3 because it would
really ease life for everyone involved.
Cheers,
Nik
- --
* mirabilos is handling my post-1990 smartphone *
mirabilos Aaah, it vibrates! Wherefor art thou, daemonic device??
PGP fingerprint: 2086 9A4B E67D 1DCD FFF6 F6C1 59FC 8E1D 6F2A 8001
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.19 (GNU/Linux)
iQFOBAEBCAA4BQJQyF7VMRpodHRwczovL3d3dy5kb21pbmlrLWdlb3JnZS5kZS9n
cGctcG9saWN5LnR4dC5hc2MACgkQWfyOHW8qgAHh1gf/S/DBIbBnYJrsamSeU07g
/6rETCAfm2f0EnumpiV6AG8M9+mW8f9u4OmNna3btAErgtg/H+WlN0clTK32/AB/
k3JD7hSwTmG4nTAP7jabPVZO6zdDjpPn1vk4CiKrqKDdf+lr+LrEmgliIjc3Bk21
CQllneMniT7JSpMQoDxb+Ywrwno1XTFfmZrw3RxavhxmV4rxEWLCYBWQP+HpPnNq
+cnprcg3iEd+sDJT7SqWvcmV+jrmN2RfPwKOn3dlIQaNsfyGqayl+fUkn15ClCKG
/hGZ5kKFiFASx6F0qon+QF7/02qpbHE6q1QXEuyuvJ9PIRe2ewuxzUFqZW75H3q3
0w==
=vsZB
-END PGP SIGNATURE-diff -Nru mediawiki-1.19.2/debian/changelog mediawiki-1.19.3/debian/changelog
--- mediawiki-1.19.2/debian/changelog 2012-10-02 14:09:51.0 +0200
+++ mediawiki-1.19.3/debian/changelog 2012-12-12 09:47:27.0 +0100
@@ -1,3 +1,14 @@
+mediawiki (1:1.19.3-0.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * New upstream version fixes security issues (Closes: 694998).
++ Prevent session fixation in Special:UserLogin (CVE-2012-5391)
+ https://bugzilla.wikimedia.org/show_bug.cgi?id=40995
++ Prevent linker regex from exceeding PCRE backtrack limit
+ https://bugzilla.wikimedia.org/show_bug.cgi?id=41400
+
+ -- Dominik George n...@naturalnet.de Wed, 12 Dec 2012 09:44:08 +0100
+
mediawiki (1:1.19.2-2) unstable; urgency=low
* debian/watch: mangle the epoch away so DDPO is green again
diff -Nru mediawiki-1.19.2/includes/DefaultSettings.php mediawiki-1.19.3/includes/DefaultSettings.php
--- mediawiki-1.19.2/includes/DefaultSettings.php 2012-08-31 00:25:34.0 +0200
+++ mediawiki-1.19.3/includes/DefaultSettings.php 2012-11-29 19:36:12.0 +0100
@@ -33,7 +33,7 @@
/** @endcond */
/** MediaWiki version number */
-$wgVersion = '1.19.2';
+$wgVersion = '1.19.3';
/** Name of the site. It must be changed in LocalSettings.php */
$wgSitename = 'MediaWiki';
diff -Nru mediawiki-1.19.2/includes/GlobalFunctions.php mediawiki-1.19.3/includes/GlobalFunctions.php
--- mediawiki-1.19.2/includes/GlobalFunctions.php 2012-08-31 00:25:34.0 +0200
+++ mediawiki-1.19.3/includes/GlobalFunctions.php 2012-11-29 19:36:12.0 +0100
@@ -3293,6 +3293,23 @@
}
/**
+ * Check if there is sufficent entropy in php's built-in session generation
+ * PHP's built-in session entropy is enabled if:
+ * - entropy_file is set or you're on Windows with php 5.3.3+
+ * - AND entropy_length is 0
+ * We treat it as disabled if it doesn't have an entropy length of at least 32
+ *
+ * @return bool true = there is sufficient entropy
+ */
+function wfCheckEntropy() {
+ return (
+ ( wfIsWindows() version_compare( PHP_VERSION, '5.3.3', '=' ) )
+ || ini_get( 'session.entropy_file' )
+ )
+ intval( ini_get( 'session.entropy_length' ) ) = 32;
+}
+
+/**
* Override session_id before session startup if php's built-in
* session generation code is not secure.
*/
@@ -3302,16 +3319,8 @@
return;
}
- // PHP's built-in session entropy is enabled if:
- // - entropy_file is set or you're on Windows with php 5.3.3+
- // - AND entropy_length is 0
- // We treat it as disabled if it doesn't have an entropy length of at least 32
- $entropyEnabled = (
- ( wfIsWindows() version_compare( PHP_VERSION, '5.3.3', '=' ) )
- || ini_get( 'session.entropy_file' )
- )
- intval( ini_get( 'session.entropy_length' ) ) = 32;
-
+ $entropyEnabled = wfCheckEntropy();
+
// If built-in entropy is not enabled or not sufficient override php's built in session id generation code
if ( !$entropyEnabled ) {
wfDebug( __METHOD__ . : PHP's built in entropy is disabled or not sufficient, overriding session id generation using our cryptrand source.\n );
diff -Nru mediawiki-1.19.2/includes/installer/Installer.i18n.php mediawiki-1.19.3/includes/installer/Installer.i18n.php
diff -Nru mediawiki-1.19.2/includes/installer/Installer.php mediawiki-1.19.3/includes/installer/Installer.php
--- mediawiki-1.19.2/includes/installer/Installer.php 2012-08-31 00:25:34.0 +0200
+++ mediawiki-1.19.3/includes/installer/Installer.php 2012-11-29 19:36:12.0 +0100
@@ -756,6 +756,11 @@
/**
* Environment check for the PCRE module.
+ *
+ * @note
Re: Question on proposed integration of MediaWiki 1.19.3 in wheezy
On 2012-12-12 11:39, Dominik George wrote: Hi, Can you provide us with a filtered debfiff of the 1.19.3? Just remember to let us know what filtering you used (e.g. filterdiff -x '*/messages/Messages*.php' ). find attached the filtered diff. It was created using: filterdiff \ -x '*/includes/installer/Installer.i18n.php' \ -x '*/languages/messages/Messages*.php' \ -x '*/tests/phpunit/languages/*.php' \ mediawiki_1.19.2-2_1.19.3-0.1.debdiff \ mediawiki_1.19.2-2_1.19.3-0.1_wo_translations.diff I'd really appreciate your acknowledgement of 1.19.3 because it would really ease life for everyone involved. Cheers, The filtered diff looks reasonable, feel free to upload 1.19.3-0.1 to unstable. Please file an unblock bug for it after it has been in unstable for some time. ~Niels -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/50c863e0.2050...@thykier.net
Bug#695755: release.debian.org: RM: vserver-debiantools/0.8.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Hi, I'm requesting removal of vserver-debiantools from Wheezy. Background is at #693275. Maintainer's approval is in message #22 there. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/857gon8rg8@boum.org
Bug#689588: Please unblock cracklib2/2.8.19-2
Niels,
On 12/12/2012 09:04 AM, Niels Thykier wrote:
In regards to the actual changes, I suspect they are flawed in the
error-path, see cracklib2.review.
Doh! You are absolutely right. Nice catch, thanks.
I can confirm that I (still) get the correct error message with your
suggested changes (from python, in case of a missing dict, that is):
exception thrown: [Errno 2] No such file or directory:
'/var/cache/cracklib/cracklib_dict.pwd'
That is on my usual work machine (amd64) as well as on a kirkwood
(armv5tel) (both on Debian wheezy).
(I'm surprised it worked before. It certainly did work as expected on
the amd64 system... extensive use of compiler magic, I guess).
The modified patch is attached, as I tested it. I'm sorry for not
getting this correct the first time.
Regards
Markus Wanner
Subject: add a safer check variant
Author: Markus Wanner mar...@bluegap.ch
Bug-Debian: http://bugs.debian.org/682735
--- a/lib/fascist.c
+++ b/lib/fascist.c
@@ -879,6 +879,48 @@
return res;
}
+/* This Debian specific method is a work-around for Debian #682735. Please
+ do not rely on it being available in future verisons of cracklib2. */
+int
+__DEBIAN_SPECIFIC__SafeFascistCheck(password, path, errstr)
+const char *password;
+const char *path;
+char **errstr;
+{
+PWDICT *pwp;
+char pwtrunced[STRINGSIZE];
+
+/* If passed null for the path, use a compiled-in default */
+if ( ! path )
+{
+ path = DEFAULT_CRACKLIB_DICT;
+}
+
+/* security problem: assume we may have been given a really long
+ password (buffer attack) and so truncate it to a workable size;
+ try to define workable size as something from which we cannot
+ extend a buffer beyond its limits in the rest of the code */
+
+strncpy(pwtrunced, password, TRUNCSTRINGSIZE);
+pwtrunced[TRUNCSTRINGSIZE - 1] = '\0'; /* enforce */
+
+/* perhaps someone should put something here to check if password
+ is really long and syslog() a message denoting buffer attacks? */
+
+if (!(pwp = PWOpen(path, r)))
+{
+ return 0;
+}
+
+/* sure seems like we should close the database, since we're only likely to check one password */
+*errstr = FascistLook(pwp, pwtrunced);
+
+PWClose(pwp);
+pwp = (PWDICT *)0;
+
+return 1;
+}
+
const char *
GetDefaultCracklibDict()
{
--- a/python/_cracklibmodule.c
+++ b/python/_cracklibmodule.c
@@ -42,6 +42,7 @@
#ifdef HAVE_LIBINTL_H
#include libintl.h
#endif
+#include errno.h
#ifdef HAVE_PTHREAD_H
static pthread_mutex_t cracklib_mutex = PTHREAD_MUTEX_INITIALIZER;
@@ -74,7 +75,8 @@
{
char *candidate, *dict;
char *defaultdict = NULL;
-const char *result;
+int result;
+char *errmsg;
struct stat st;
char *keywords[] = {pw, dictpath, NULL};
char *dictfile;
@@ -148,7 +150,8 @@
#endif
LOCK();
-result = FascistCheck(candidate, dict ? dict : defaultdict);
+result = __DEBIAN_SPECIFIC__SafeFascistCheck(candidate,
+ dict ? dict : defaultdict, errmsg);
UNLOCK();
if (defaultdict != NULL)
@@ -156,11 +159,26 @@
free(defaultdict);
}
-if (result != NULL)
+if (result)
{
- PyErr_SetString(PyExc_ValueError, result);
-return NULL;
+ if (errmsg != NULL)
+ {
+ PyErr_SetString(PyExc_ValueError, errmsg);
+ return NULL;
+ }
+} else {
+ if (errno == 0)
+ {
+ PyErr_SetString(PyExc_RuntimeError, Unable to read cracklib dictionary.);
+ return NULL;
+ }
+ else
+ {
+ PyErr_SetFromErrnoWithFilename(PyExc_ValueError, /var/cache/cracklib_dict.*);
+ return NULL;
+ }
}
+
return Py_BuildValue(s, candidate);
}
--- a/lib/crack.h
+++ b/lib/crack.h
@@ -15,6 +15,14 @@
extern const char *FascistCheck(const char *pw, const char *dictpath);
+/* This Debian specific method is a work-around for Debian #682735. Please
+ do not rely on it being available in future verisons of cracklib2.
+ Returns 1 (true) for success and 0 (false) in case an error occurred
+ opening or reading the dictionary. In the later case, please check
+ errno. */
+extern int __DEBIAN_SPECIFIC__SafeFascistCheck(const char *pw,
+const char *dictpath, char **errmsg);
+
/* This function returns the compiled in value for DEFAULT_CRACKLIB_DICT.
*/
extern const char *GetDefaultCracklibDict(void);
--- a/lib/packlib.c
+++ b/lib/packlib.c
@@ -16,6 +16,7 @@
#ifdef HAVE_STDINT_H
#include stdint.h
#endif
+#include errno.h
#include packer.h
static const char vers_id[] = packlib.c : v2.3p2 Alec Muffett 18 May 1993;
@@ -156,6 +157,7 @@
if (!fread((char *) pdesc.header, sizeof(pdesc.header), 1, ifp))
{
fprintf(stderr, %s: error reading header\n, prefix);
+ errno = 0;
pdesc.header.pih_magic = 0;
fclose(ifp);
@@ -179,6 +181,7 @@
if (!fread((char *) pdesc64.header, sizeof(pdesc64.header), 1, ifp))
{
fprintf(stderr, %s: error reading header\n, prefix);
+errno =
Processed: block 693275 with 695755
Processing commands for cont...@bugs.debian.org: block 693275 with 695755 Bug #693275 [release.debian.org] RM: util-vserver/0.30.216-pre2864-2.1 693275 was not blocked by any bugs. 693275 was not blocking any bugs. Added blocking bug(s) of 693275: 695755 thanks Stopping processing here. Please contact me if you need assistance. -- 693275: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693275 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.13553103394033.transcr...@bugs.debian.org
Processed: retitle 695755 to RM: vserver-debiantools/0.8.1
Processing commands for cont...@bugs.debian.org: retitle 695755 RM: vserver-debiantools/0.8.1 Bug #695755 [release.debian.org] release.debian.org: RM: vserver-debiantools/0.8.1 Changed Bug title to 'RM: vserver-debiantools/0.8.1' from 'release.debian.org: RM: vserver-debiantools/0.8.1' thanks Stopping processing here. Please contact me if you need assistance. -- 695755: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695755 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.13553103043753.transcr...@bugs.debian.org
Bug#693275: RM: util-vserver/0.30.216-pre2864-2.1
Ola Lundqvist wrote (12 Dec 2012 05:35:25 GMT) : Please remove vserver-debiantools as well. Requested in #695755, thanks. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85zk1j7coh@boum.org
Bug#695756: unblock: ample/0.5.7-7
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package ample
The new version moves the pidfile to /var/run/ample.pid and drops
privileges in ample itself (instead of via start-stop-daemon), both to
fix #689769)
Debdiff is attached.
unblock ample/0.5.7-7
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (600, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.3.4-1-suspendconsole (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
diff -u ample-0.5.7/debian/init.d ample-0.5.7/debian/init.d
--- ample-0.5.7/debian/init.d
+++ ample-0.5.7/debian/init.d
@@ -17,8 +17,8 @@
DESC=AMPLE mp3 server
NAME=ample
DAEMON=/usr/bin/$NAME
-DAEMON_ARGS=-c /etc/ample/ample.conf -i /var/run/ample/$NAME.pid
-PIDFILE=/var/run/ample/$NAME.pid
+DAEMON_ARGS=-c /etc/ample/ample.conf -i /var/run/$NAME.pid
+PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
# Exit if the package is not installed
@@ -36,29 +36,22 @@
fi
if [ $DEFUSER -a $DEFGROUP ] ; then
- CHUID=--chuid $DEFUSER:$DEFGROUP
+ DAEMON_ARGS=$DAEMON_ARGS -u $DEFUSER -g $DEFGROUP
fi
test $STARTAMPLE = yes || exit 0
. /lib/lsb/init-functions
-if ! [ -d /var/run/ample ] ; then
- mkdir -p /var/run/ample || true
- if [ -d /var/run/ample ] ; then
- chown ${DEFUSER:-nobody}:${DEFGROUP:-nogroup} /var/run/ample
- fi
-fi
-
do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
- start-stop-daemon --start $CHUID --pidfile $PIDFILE --exec $DAEMON --test /dev/null \
+ start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON --test /dev/null \
|| return 1
- start-stop-daemon --start $CHUID --pidfile $PIDFILE --exec $DAEMON -- \
+ start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON -- \
$DAEMON_ARGS \
|| return 2
}
diff -u ample-0.5.7/debian/changelog ample-0.5.7/debian/changelog
--- ample-0.5.7/debian/changelog
+++ ample-0.5.7/debian/changelog
@@ -1,3 +1,12 @@
+ample (0.5.7-7) unstable; urgency=low
+
+ * QA upload.
+ * Move pidfile to /var/run/ample.pid (Closes: #689769)
+ * Drop privileges in ample, not with start-stop-daemon, so that pidfile can
+be created without being owned by nobody:nogroup.
+
+ -- Michael Stapelberg stapelb...@debian.org Tue, 04 Dec 2012 22:05:44 +0100
+
ample (0.5.7-6.1) unstable; urgency=low
* Non-maintainer upload.
diff -u ample-0.5.7/debian/postrm ample-0.5.7/debian/postrm
--- ample-0.5.7/debian/postrm
+++ ample-0.5.7/debian/postrm
@@ -3,12 +3,7 @@
set -e
case $1 in
-purge|remove)
-if [ -d /var/run/ample ]; then
-rmdir /var/run/ample || true
-fi
-;;
-upgrade|abort-upgrade|failed-upgrade|abort-install|disapper)
+purge|remove|upgrade|abort-upgrade|failed-upgrade|abort-install|disapper)
;;
*)
diff -u ample-0.5.7/debian/control ample-0.5.7/debian/control
--- ample-0.5.7/debian/control
+++ ample-0.5.7/debian/control
@@ -1,7 +1,7 @@
Source: ample
Section: sound
Priority: optional
-Maintainer: Rene Mayorga rmayo...@debian.org.sv
+Maintainer: Debian QA Group packa...@qa.debian.org
Build-Depends: debhelper (= 7), libwrap0-dev, quilt, lsb-base (= 3.0-6)
Standards-Version: 3.8.0
Homepage: http://ample.sourceforge.net
diff -u ample-0.5.7/debian/patches/series ample-0.5.7/debian/patches/series
--- ample-0.5.7/debian/patches/series
+++ ample-0.5.7/debian/patches/series
@@ -4,2 +4,3 @@
add_pidfile_option.patch
+add_user_group.patch
#add_i_option_to_manpage.patch
only in patch2:
unchanged:
--- ample-0.5.7.orig/debian/patches/add_user_group.patch
+++ ample-0.5.7/debian/patches/add_user_group.patch
@@ -0,0 +1,80 @@
+diff --git i/src/ample.c w/src/ample.c
+index da14086..622a152 100644
+--- i/src/ample.c
w/src/ample.c
+@@ -54,6 +54,8 @@
+ int allow_severity = LOG_INFO;
+ int deny_severity = LOG_WARNING;
+ #endif
++#include pwd.h
++#include grp.h
+
+
+ #include ample.h
+@@ -502,6 +504,23 @@ main(int argc, char *argv[])
+ /**/
+
+ preparelog();
++
++if(gconf.group) {
++struct group *pwent = getgrnam(gconf.group);
++if (pwent == NULL)
++die(No such group);
++if (setgid(pwent-gr_gid) != 0)
++die(Could not setgid());
++}
++
++if(gconf.user) {
++struct passwd *pwent = getpwnam(gconf.user);
++if (pwent == NULL)
++die(No such user);
++if (setuid(pwent-pw_uid) != 0)
++die(Could not change to specified user);
++}
++
+ if(!gconf.inetd)
+ logmsg(Ample/%s started\n, AMPLE_VERSION);
+
+diff --git i/src/ample.h w/src/ample.h
+index 68f0f90..297f9d7 100644
+--- i/src/ample.h
w/src/ample.h
+@@ -37,6 +37,8 @@ struct global_config
Bug#689588: Please unblock cracklib2/2.8.19-2
On Wed, Dec 12, 2012 at 11:55:14AM +0100, Markus Wanner wrote: Niels, On 12/12/2012 09:04 AM, Niels Thykier wrote: In regards to the actual changes, I suspect they are flawed in the error-path, see cracklib2.review. Doh! You are absolutely right. Nice catch, thanks. I can confirm that I (still) get the correct error message with your suggested changes (from python, in case of a missing dict, that is): exception thrown: [Errno 2] No such file or directory: '/var/cache/cracklib/cracklib_dict.pwd' That is on my usual work machine (amd64) as well as on a kirkwood (armv5tel) (both on Debian wheezy). (I'm surprised it worked before. It certainly did work as expected on the amd64 system... extensive use of compiler magic, I guess). The modified patch is attached, as I tested it. I'm sorry for not getting this correct the first time. Thanks for the updated patch. I'll create an updated package and send a new debdiff ASAP. Best regards Jan -- Jan Dittberner - Debian Developer GPG-key: 4096R/558FB8DD 2009-05-10 B2FF 1D95 CE8F 7A22 DF4C F09B A73E 0055 558F B8DD http://www.dittberner.info/ signature.asc Description: Digital signature
Bug#690075: unblock: dnsmasq/2.63-4
Hi, intrigeri wrote (14 Nov 2012 23:58:44 GMT) : Simon Kelley wrote (12 Nov 2012 21:05:35 GMT) : I'd strongly suggest moving to 2.63-4, rather than backporting. The changes for the security fix are not trivial, and probablity of introducing a bug backporting is much larger that the probablity that there's an un-found bug in 2.63 which is not in 2.62. There are no intended backwards incompatibilities between 2.63 and 2.62, and no un-intended ones have been found in the three months since 2.63 was released. Then, this matter goes way out of the scope of my humble help the release team with a few easy reviews effort. A new upstream release was uploaded to unstable since then, so this unblock request can't be satisfied as is. Please either update or close it. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85pq2f7cfj@boum.org
Re: [Pkg-mediawiki-devel] Question on proposed integration of MediaWiki 1.19.3 in wheezy
If 1.19.3 is just the security fix + translations, I'd be willing to allow the translations as well. OK, thanks. Let’s hope it’ll be just fixes. Thanks Dominik for having a look. From the changelog of 1.19.3: +=== Changes since 1.19.2 === +* (bug 40995) Prevent session fixation in Special:UserLogin (CVE-2012-5391) +* (bug 41400) Prevent linker regex from exceeding PCRE backtrack limit +* Increase permitted runtime for testParserTest (only used for continuous + integration). +* Updated messages translations from http://translatewiki.net/ There's also a change in an error path (b45cb08) which could or could not be related to the pcre changes (same author). The Increase permitted runtime for testParserTest is a comment in the docblock to tag the test as slow (67c844ca). Specifically, it's unrelated to the change in LanguageTest.php which was needed due to the localisation update to the time abbreviatures (8319670). The changes can be viewed with: git diff 1.19.2 1.19.3 | filterdiff -x */languages/messages/Messages*.php -x */includes/installer/Installer.i18n.php -x */tests/phpunit/languages/LanguageTest.php -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/50c863bd.4040...@gmail.com
Bug#693275: marked as done (RM: util-vserver/0.30.216-pre2864-2.1)
Your message dated Wed, 12 Dec 2012 12:19:53 +0100 with message-id 50c86859.9080...@thykier.net and subject line Re: Bug#693275: RM: util-vserver/0.30.216-pre2864-2.1 has caused the Debian Bug report #693275, regarding RM: util-vserver/0.30.216-pre2864-2.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 693275: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693275 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Hi, I'm requesting removal of util-vserver from wheezy. Due to the fact that the kernel team decided not to provide Linux-Vserver patches, I have not updated the user-space utilities. As a result, the version that is in wheezy now is the same as is in squeeze. It is too late to update them to a newer upstream version due to the freeze, so I am requesting the removal as this version is too old to be useful for anyone. Micah -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash ---End Message--- ---BeginMessage--- On 2012-12-12 12:05, intrigeri wrote: Ola Lundqvist wrote (12 Dec 2012 05:35:25 GMT) : Please remove vserver-debiantools as well. Requested in #695755, thanks. Removal hint for both packages added, thanks. ~Niels---End Message---
Bug#695755: marked as done (RM: vserver-debiantools/0.8.1)
Your message dated Wed, 12 Dec 2012 12:18:06 +0100 with message-id 50c867ee.5020...@thykier.net and subject line Re: Bug#695755: release.debian.org: RM: vserver-debiantools/0.8.1 has caused the Debian Bug report #695755, regarding RM: vserver-debiantools/0.8.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 695755: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695755 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Hi, I'm requesting removal of vserver-debiantools from Wheezy. Background is at #693275. Maintainer's approval is in message #22 there. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ---End Message--- ---BeginMessage--- On 2012-12-12 12:01, intrig...@debian.org wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Hi, I'm requesting removal of vserver-debiantools from Wheezy. Background is at #693275. Maintainer's approval is in message #22 there. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc Removal hint added, thanks. ~Niels---End Message---
Bug#695756: marked as done (unblock: ample/0.5.7-7)
Your message dated Wed, 12 Dec 2012 12:22:08 +0100
with message-id 50c868e0.6030...@thykier.net
and subject line Re: Bug#695756: unblock: ample/0.5.7-7
has caused the Debian Bug report #695756,
regarding unblock: ample/0.5.7-7
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
695756: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695756
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package ample
The new version moves the pidfile to /var/run/ample.pid and drops
privileges in ample itself (instead of via start-stop-daemon), both to
fix #689769)
Debdiff is attached.
unblock ample/0.5.7-7
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (600, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.3.4-1-suspendconsole (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
diff -u ample-0.5.7/debian/init.d ample-0.5.7/debian/init.d
--- ample-0.5.7/debian/init.d
+++ ample-0.5.7/debian/init.d
@@ -17,8 +17,8 @@
DESC=AMPLE mp3 server
NAME=ample
DAEMON=/usr/bin/$NAME
-DAEMON_ARGS=-c /etc/ample/ample.conf -i /var/run/ample/$NAME.pid
-PIDFILE=/var/run/ample/$NAME.pid
+DAEMON_ARGS=-c /etc/ample/ample.conf -i /var/run/$NAME.pid
+PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
# Exit if the package is not installed
@@ -36,29 +36,22 @@
fi
if [ $DEFUSER -a $DEFGROUP ] ; then
- CHUID=--chuid $DEFUSER:$DEFGROUP
+ DAEMON_ARGS=$DAEMON_ARGS -u $DEFUSER -g $DEFGROUP
fi
test $STARTAMPLE = yes || exit 0
. /lib/lsb/init-functions
-if ! [ -d /var/run/ample ] ; then
- mkdir -p /var/run/ample || true
- if [ -d /var/run/ample ] ; then
- chown ${DEFUSER:-nobody}:${DEFGROUP:-nogroup} /var/run/ample
- fi
-fi
-
do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
- start-stop-daemon --start $CHUID --pidfile $PIDFILE --exec $DAEMON --test /dev/null \
+ start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON --test /dev/null \
|| return 1
- start-stop-daemon --start $CHUID --pidfile $PIDFILE --exec $DAEMON -- \
+ start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON -- \
$DAEMON_ARGS \
|| return 2
}
diff -u ample-0.5.7/debian/changelog ample-0.5.7/debian/changelog
--- ample-0.5.7/debian/changelog
+++ ample-0.5.7/debian/changelog
@@ -1,3 +1,12 @@
+ample (0.5.7-7) unstable; urgency=low
+
+ * QA upload.
+ * Move pidfile to /var/run/ample.pid (Closes: #689769)
+ * Drop privileges in ample, not with start-stop-daemon, so that pidfile can
+be created without being owned by nobody:nogroup.
+
+ -- Michael Stapelberg stapelb...@debian.org Tue, 04 Dec 2012 22:05:44 +0100
+
ample (0.5.7-6.1) unstable; urgency=low
* Non-maintainer upload.
diff -u ample-0.5.7/debian/postrm ample-0.5.7/debian/postrm
--- ample-0.5.7/debian/postrm
+++ ample-0.5.7/debian/postrm
@@ -3,12 +3,7 @@
set -e
case $1 in
-purge|remove)
-if [ -d /var/run/ample ]; then
-rmdir /var/run/ample || true
-fi
-;;
-upgrade|abort-upgrade|failed-upgrade|abort-install|disapper)
+purge|remove|upgrade|abort-upgrade|failed-upgrade|abort-install|disapper)
;;
*)
diff -u ample-0.5.7/debian/control ample-0.5.7/debian/control
--- ample-0.5.7/debian/control
+++ ample-0.5.7/debian/control
@@ -1,7 +1,7 @@
Source: ample
Section: sound
Priority: optional
-Maintainer: Rene Mayorga rmayo...@debian.org.sv
+Maintainer: Debian QA Group packa...@qa.debian.org
Build-Depends: debhelper (= 7), libwrap0-dev, quilt, lsb-base (= 3.0-6)
Standards-Version: 3.8.0
Homepage: http://ample.sourceforge.net
diff -u ample-0.5.7/debian/patches/series ample-0.5.7/debian/patches/series
--- ample-0.5.7/debian/patches/series
+++ ample-0.5.7/debian/patches/series
@@ -4,2 +4,3 @@
add_pidfile_option.patch
+add_user_group.patch
#add_i_option_to_manpage.patch
only in patch2:
unchanged:
--- ample-0.5.7.orig/debian/patches/add_user_group.patch
+++ ample-0.5.7/debian/patches/add_user_group.patch
@@ -0,0 +1,80 @@
+diff --git i/src/ample.c w/src/ample.c
+index da14086..622a152 100644
+--- i/src/ample.c
w/src/ample.c
+@@ -54,6 +54,8 @@
+ int allow_severity = LOG_INFO;
+ int deny_severity = LOG_WARNING;
+ #endif
++#include pwd.h
++#include grp.h
+
+
+ #include ample.h
+@@ -502,6 +504,23 @@ main(int argc, char *argv[])
+ /**/
+
+ preparelog();
Bug#689147: unblock: gajim/0.15.1-1
On 12/12/2012 11:40, intrigeri wrote: Hi, Yann Leboulanger wrote (12 Dec 2012 07:57:30 GMT) : On 12/12/2012 01:37 AM, intrigeri wrote: Looks like this should be added to the embedded code copies list, regardless of the minor diff: https://wiki.debian.org/EmbeddedCodeCopies This can also be in Gajim itself, and I'll do that for next release. Great! However, given this next release is highly unlikely to be in Wheezy, it looks like Wheezy will ship with a Gajim that *has* a python-gnupg embedded code copy -- and perhaps Squeeze has too? Regardless of the future (much welcome!) upstream fixes, information about the existing code duplication needs to be put on the dedicated list, so that the security team can react appropriately in case a security issue is discovered in the duplicated library. (Adding secure-testing-team into the loop, keeping the unblock bug in the Cc list too, as I doubt the package should be unblocked without having a clear view of what's happening with the embedded python-gnupg.) Ok then we wait for an answer from secure-testing-team? I don't think I need to do somthing, do I? note that the version of GnuPG in Gajim also handles some more errors like KEYEXPIRED and SIGEXPIRED. -- Yann -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/50c86f81.7050...@lagaule.org
Bug#695761: unblock: debian-edu/1.702 and debian-edu-config/1.702
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock x-debbugs-cc: debian-...@lists.debian.org Hi, please unblock debian-edu/1.702 and debian-edu-config/1.702 even though the changes don't match the release policy, however, in previous years Debian Edu packages were allowed to still migrate anyway, as these changes can only harm the Debian Edu wheezy release (and because Debian Edu is a distro within Debian). Just as a change this time I'm asking for unblocks before the changelog diff alone has reached 100 lines ;-) The current state of the Debian Edu wheezy release (=the diff to Debian wheezy) can be seen here: http://ftp.skolelinux.org/skolelinux/wheezy_needs_love.html debian-edu (1.702) unstable; urgency=low [ Andreas Tille ] * debian/control.stub: - Fix VCS fields. - Bump Standards-Version to 3.9.3 (no changes needed) - Versioned Build-Depends blends-dev (= 0.6.15) (because lower versions might cause upgrading problems). [ Petter Reinholdtsen ] * Change education-tasks to work with tasksel in wheezy, depend on tasksel (= 3.00) and build-depend on blends-dev (= 0.6.16.2), to make sure our tasks show up in tasksel and is installable by tasksel. (Closes: #694895) * Update tasksel tasks and meta package content to match the package content currently available in Debian/Wheezy. -- Petter Reinholdtsen p...@debian.org Tue, 04 Dec 2012 12:43:37 +0100 debian-edu-config (1.702) unstable; urgency=low [ Mike Gabriel ] * In gosa-create script: Invalidate libnss cache before applying chown on new home directories. Fixes multiple failures during mass user import into GOsa². * password-fix-squeeze-r0: allow home[0-9] as home directory. * Fix smbaddclient.sh, use ,,set +e'' instead of non-bash-syntax ,,unset -e''. -- Petter Reinholdtsen p...@debian.org Sun, 02 Dec 2012 12:20:39 +0100 Please note that debian-edu 1.702 needs blends/0.6.16-2 to build, for which a seperate unblock request (#693700) has been filed. Thanks, Holger signature.asc Description: This is a digitally signed message part.
Re: Question on proposed integration of MediaWiki 1.19.3 in wheezy
On Wed, 12 Dec 2012, Niels Thykier wrote: The filtered diff looks reasonable, feel free to upload 1.19.3-0.1 to unstable. Please file an unblock bug for it after it has been in unstable for some time. Thanks Niels. Dominik, please commit the changes needed, version as 1:1.19.3-1 and mark as “* Team upload”, then Jonathan or I can build and upload it, now that you’re in the Alioth team. I’ll even squeeze in some testing in a fusionforge setting ;-) bye, //mirabilos -- tarent solutions GmbH Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/ Tel: +49 228 54881-393 • Fax: +49 228 54881-314 HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941 Geschäftsführer: Boris Esser, Sebastian Mancke -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.deb.2.02.1212121347000.2...@tglase.lan.tarent.de
Bug#695764: unblock: packagekit/0.7.6-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package packagekit
The new PackageKit revision contains very important fixes for the PK Aptcc
backend.
The bugs found lead to wrong behaviour of the Aptcc backend, e.g. marking
packages as auto-installed if they aren't or emitting/not emitting information
about packages from untrusted sources.
Also, a locking issue is removed, causing packagekitd not to release archive
locks immediately.
It would be great if these patches go into Wheezy, because they fix serious
malfunctions.
Of course, no public API is touched. All patches are available upstream too and
are tested.
At time, because of the DM-permission-migration, the package is not yet
uploaded, but I will be available in unstable this week. (I thought notifying
about this earlier is a good idea)
A full debdiff between the two revisions is attached.
Kind regards,
Matthias
unblock packagekit/0.7.6-2
-- System Information:
Debian Release: wheezy/sid
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.5.0-19-generic (SMP w/2 CPU cores)
diff -Nru packagekit-0.7.6/debian/changelog packagekit-0.7.6/debian/changelog
--- packagekit-0.7.6/debian/changelog 2012-08-21 16:46:20.0 +0200
+++ packagekit-0.7.6/debian/changelog 2012-12-10 20:26:59.0 +0100
@@ -1,3 +1,13 @@
+packagekit (0.7.6-2) unstable; urgency=low
+
+ * aptcc: Release remaining lock on the archive after
+ a transaction has completed
+ * aptcc: Fix trusted/untrusted package handling
+ * aptcc: Don't accidentially mark packages as auto-installed
+ * Removed some unused build dependencies
+
+ -- Matthias Klumpp matth...@tenstral.net Mon, 10 Dec 2012 19:16:33 +0100
+
packagekit (0.7.6-1) unstable; urgency=low
* New upstream bugfix release: 0.7.6
diff -Nru packagekit-0.7.6/debian/control packagekit-0.7.6/debian/control
--- packagekit-0.7.6/debian/control 2012-08-21 16:46:20.0 +0200
+++ packagekit-0.7.6/debian/control 2012-12-10 20:26:59.0 +0100
@@ -14,7 +14,6 @@
gtk-doc-tools,
libapt-pkg-dev (= 0.8.14),
libarchive-dev,
- libcppunit-dev,
libgirepository1.0-dev (= 0.10.1),
libglib2.0-dev (= 2.24),
libgstreamer-plugins-base0.10-dev,
@@ -22,8 +21,6 @@
libgtk2.0-dev (= 2.24),
libnm-glib-dev [linux-any],
libnspr4-dev,
- libpam0g-dev,
- libpolkit-backend-1-dev,
libpolkit-gobject-1-dev,
libqt4-dev,
libsqlite3-dev,
diff -Nru packagekit-0.7.6/debian/patches/01_aptcc_untrusted-trusted-pkgs.patch packagekit-0.7.6/debian/patches/01_aptcc_untrusted-trusted-pkgs.patch
--- packagekit-0.7.6/debian/patches/01_aptcc_untrusted-trusted-pkgs.patch 1970-01-01 01:00:00.0 +0100
+++ packagekit-0.7.6/debian/patches/01_aptcc_untrusted-trusted-pkgs.patch 2012-12-10 20:26:59.0 +0100
@@ -0,0 +1,51 @@
+From 580ad4fc6269a8ab85e9136a00d3738037ec0303 Mon Sep 17 00:00:00 2001
+From: Daniel Nicoletti dantt...@gmail.com
+Date: Fri, 30 Nov 2012 19:25:15 -0200
+Subject: [PATCH] aptcc: Fix trusted packages not being emitted when an untrusted package was available
+ Backported to PackageKit 0.7.x series by Matthias Klumpp matth...@tenstral.net
+
+---
+ backends/aptcc/apt-intf.cpp | 27 +--
+ 1 files changed, 17 insertions(+), 10 deletions(-)
+
+--- a/backends/aptcc/apt-intf.cpp
b/backends/aptcc/apt-intf.cpp
+@@ -1430,21 +1430,26 @@
+ if (untrusted.empty()) {
+ return true;
+ } else if (simulating) {
++// We are just simulating and have untrusted packages emit them
++// and return true to continue processing
+ emitPackages(untrusted, PK_FILTER_ENUM_NONE, PK_INFO_ENUM_UNTRUSTED);
+-}
++} else if (pk_backend_get_bool(m_backend, only_trusted)) {
++ // We are NOT simulating and have untrusted packages
++ // fail the transaction.
++ string warning(The following packages cannot be authenticated:\n);
++ warning += UntrustedList;
++ pk_backend_error_code(m_backend,
++ PK_ERROR_ENUM_CANNOT_INSTALL_REPO_UNSIGNED,
++ warning.c_str());
++ _error-Discard();
+
+-if (pk_backend_get_bool(m_backend, only_trusted) == false) {
+-g_debug (Authentication warning overridden.\n);
+-return true;
++ return false;
++} else {
++ // We are NOT simulating and have untrusted packages
++ // But the user didn't set ONLY_TRUSTED flag
++ g_debug (Authentication warning overridden.\n);
++ return true;
+ }
+-
+-string warning(The following packages cannot be authenticated:\n);
+-warning += UntrustedList;
+-pk_backend_error_code(m_backend,
+-
Bug#685663: Upload to t-p-u
Hi! Since there was an RC bug reported against version 2.0.0-3 (some missing Replaces/Breaks), allowing this version back in to testing again would not be a good idea. I created a 2.0.0-3+wheezy1 version with the same fix that is in 2.0.0-5 and uploaded it to testing-proposed-updates. Mattias signature.asc Description: This is a digitally signed message part
Bug#695768: unblock globus-common/14.7-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: freeze-exception unblock globus-common/14.7-2 globus-common 14.7-2 implements a fix for an RC bug (#694392) that also affects the current version in testing (14.6-1). The changes between the 14.6 and 14.7 upstream source versions - ignoring the autotools generated files (aclocal.m4, Makefile.in, config.guess, config.sub, configure, install-sh, ltmain.sh, missing) - only consist of the addition of doxygen documentation to some previously undocumented functions and changing the version number. So no actual code changes. Mattias signature.asc Description: This is a digitally signed message part
Bug#695769: unblock: mlterm/3.1.2-1.3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Dear release team, Please unblock mlterm 3.1.2-1.3. It fixes a piuparts upgrade test failure (bugs #688603, #688604, #688605, #688606, #694153). The previous fix (in -1.2) creates new problems (hence bug #694153). It seems something (dpkg?) gets confused and follows the symlink when removing the files from the old package on upgrade. This removes files from the -common package (see the piuparts log attached to bug #694153). My fix just copies the relevant part from the postinst of mlterm and mlterm-tiny for the other packages. With this change (and a revert of the changes in -1.2), the piuparts upgrade test works fine. The attached debdiff is against version -1.1, which is currently in wheezy. unblock mlterm/3.1.2-1.3 Thanks for all your work on the release! Ivo diff -Nru mlterm-3.1.2/debian/changelog mlterm-3.1.2/debian/changelog --- mlterm-3.1.2/debian/changelog 2012-09-08 16:18:20.0 +0200 +++ mlterm-3.1.2/debian/changelog 2012-12-12 00:34:48.0 +0100 @@ -1,3 +1,19 @@ +mlterm (3.1.2-1.3) unstable; urgency=low + + * Non-maintainer upload. + * Don't delete docs in preinst. Create correct symlinks in postinst. +(closes: #688603, #688604, #688605, #688606, 694153). + + -- Ivo De Decker ivo.dedec...@ugent.be Wed, 12 Dec 2012 00:34:33 +0100 + +mlterm (3.1.2-1.2) unstable; urgency=medium + + * Non-maintainer upload. + * Remove previous documentation directories prior to package installation +(closes: #688603, #688604, #688605, #688606). + + -- Michael Gilbert mgilb...@debian.org Sun, 18 Nov 2012 07:18:33 + + mlterm (3.1.2-1.1) unstable; urgency=low * Non-maintainer upload. diff -Nru mlterm-3.1.2/debian/mlterm-im-ibus.postinst mlterm-3.1.2/debian/mlterm-im-ibus.postinst --- mlterm-3.1.2/debian/mlterm-im-ibus.postinst 1970-01-01 01:00:00.0 +0100 +++ mlterm-3.1.2/debian/mlterm-im-ibus.postinst 2012-12-12 00:12:38.0 +0100 @@ -0,0 +1,19 @@ +#! /bin/sh + +set -e + +if [ $1 = configure ]; then +# Replace documentation directory with symlink +docdir=/usr/share/doc/mlterm-im-ibus +if [ -d $docdir -a ! -L $docdir ]; then +if rmdir $docdir 2/dev/null; then +ln -sf /usr/share/doc/mlterm-common $docdir +fi +fi +fi + +#DEBHELPER# + +exit 0 + + diff -Nru mlterm-3.1.2/debian/mlterm-im-m17nlib.postinst mlterm-3.1.2/debian/mlterm-im-m17nlib.postinst --- mlterm-3.1.2/debian/mlterm-im-m17nlib.postinst 1970-01-01 01:00:00.0 +0100 +++ mlterm-3.1.2/debian/mlterm-im-m17nlib.postinst 2012-12-12 00:12:38.0 +0100 @@ -0,0 +1,19 @@ +#! /bin/sh + +set -e + +if [ $1 = configure ]; then +# Replace documentation directory with symlink +docdir=/usr/share/doc/mlterm-im-m17nlib +if [ -d $docdir -a ! -L $docdir ]; then +if rmdir $docdir 2/dev/null; then +ln -sf /usr/share/doc/mlterm-common $docdir +fi +fi +fi + +#DEBHELPER# + +exit 0 + + diff -Nru mlterm-3.1.2/debian/mlterm-im-scim.postinst mlterm-3.1.2/debian/mlterm-im-scim.postinst --- mlterm-3.1.2/debian/mlterm-im-scim.postinst 1970-01-01 01:00:00.0 +0100 +++ mlterm-3.1.2/debian/mlterm-im-scim.postinst 2012-12-12 00:12:38.0 +0100 @@ -0,0 +1,19 @@ +#! /bin/sh + +set -e + +if [ $1 = configure ]; then +# Replace documentation directory with symlink +docdir=/usr/share/doc/mlterm-im-scim +if [ -d $docdir -a ! -L $docdir ]; then +if rmdir $docdir 2/dev/null; then +ln -sf /usr/share/doc/mlterm-common $docdir +fi +fi +fi + +#DEBHELPER# + +exit 0 + + diff -Nru mlterm-3.1.2/debian/mlterm-im-uim.postinst mlterm-3.1.2/debian/mlterm-im-uim.postinst --- mlterm-3.1.2/debian/mlterm-im-uim.postinst 1970-01-01 01:00:00.0 +0100 +++ mlterm-3.1.2/debian/mlterm-im-uim.postinst 2012-12-12 00:12:38.0 +0100 @@ -0,0 +1,19 @@ +#! /bin/sh + +set -e + +if [ $1 = configure ]; then +# Replace documentation directory with symlink +docdir=/usr/share/doc/mlterm-im-uim +if [ -d $docdir -a ! -L $docdir ]; then +if rmdir $docdir 2/dev/null; then +ln -sf /usr/share/doc/mlterm-common $docdir +fi +fi +fi + +#DEBHELPER# + +exit 0 + + diff -Nru mlterm-3.1.2/debian/mlterm-tools.postinst mlterm-3.1.2/debian/mlterm-tools.postinst --- mlterm-3.1.2/debian/mlterm-tools.postinst 1970-01-01 01:00:00.0 +0100 +++ mlterm-3.1.2/debian/mlterm-tools.postinst 2012-12-12 00:12:38.0 +0100 @@ -0,0 +1,19 @@ +#! /bin/sh + +set -e + +if [ $1 = configure ]; then +# Replace documentation directory with symlink +docdir=/usr/share/doc/mlterm-tools +if [ -d $docdir -a ! -L $docdir ]; then +if rmdir $docdir 2/dev/null; then +ln -sf /usr/share/doc/mlterm-common $docdir +fi +fi +fi + +#DEBHELPER# + +exit 0 + +
Bug#695768: marked as done (unblock globus-common/14.7-2)
Your message dated Wed, 12 Dec 2012 15:13:04 +0100 with message-id 50c890f0.6080...@thykier.net and subject line Re: Bug#695768: unblock globus-common/14.7-2 has caused the Debian Bug report #695768, regarding unblock globus-common/14.7-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 695768: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695768 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: freeze-exception unblock globus-common/14.7-2 globus-common 14.7-2 implements a fix for an RC bug (#694392) that also affects the current version in testing (14.6-1). The changes between the 14.6 and 14.7 upstream source versions - ignoring the autotools generated files (aclocal.m4, Makefile.in, config.guess, config.sub, configure, install-sh, ltmain.sh, missing) - only consist of the addition of doxygen documentation to some previously undocumented functions and changing the version number. So no actual code changes. Mattias signature.asc Description: This is a digitally signed message part ---End Message--- ---BeginMessage--- On 2012-12-12 14:01, Mattias Ellert wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: freeze-exception unblock globus-common/14.7-2 globus-common 14.7-2 implements a fix for an RC bug (#694392) that also affects the current version in testing (14.6-1). The changes between the 14.6 and 14.7 upstream source versions - ignoring the autotools generated files (aclocal.m4, Makefile.in, config.guess, config.sub, configure, install-sh, ltmain.sh, missing) - only consist of the addition of doxygen documentation to some previously undocumented functions and changing the version number. So no actual code changes. Mattias Unblocked, thanks. ~Niels---End Message---
Bug#695673: unblock: apt-show-versions/0.20
Control: tag -1 + moreinfo Hi, Christoph Martin wrote (11 Dec 2012 15:00:45 GMT) : Please unblock package apt-show-versions it contains debconf translations and updates, fixes a bug in parallel build mode and completes the list of official suites in Debian. Sorry, I don't get how this satisfies the current freeze policy: http://release.debian.org/wheezy/freeze_policy.html Also, any pointer to the place where I can learn about the testing-updates suite? Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85ip874aa1@boum.org
Processed: Re: Bug#695673: unblock: apt-show-versions/0.20
Processing control commands: tag -1 + moreinfo Bug #695673 [release.debian.org] unblock: apt-show-versions/0.20 Added tag(s) moreinfo. -- 695673: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695673 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b695673.135532241326564.transcr...@bugs.debian.org
Bug#693351: RM: kismet/2008-05-R1-4.3
No. A package which has been removed will always go back through NEW if it is reintroduced. After going through the NEW queue, it can go into either experimental or unstable. Since the discussion has drifted to full removal from the archive, I'd like to point out that a removal from testing only was requested. Ah OK, this clears the things up. I don't have strong feelings in any case, I don't expect someone to be using this version of the package nowadays. On the other hand, I don't also see the clear benefits from removing it. I'm planning to adopt the package anyway, and I have prepared a package with the latest upstream. The actual upload (in experimental anyway) will take some time, since kismet is a huge package that has to be thoroughly tested before sponsored. Nick -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CANn5kOtP3pChU=XE5g6=ihf-p+thgj0nxatxqtuipten1zi...@mail.gmail.com
Processed: Re: Bug#695637: unblock: synaptic/0.75.13
Processing control commands: tag -1 + moreinfo Bug #695637 [release.debian.org] unblock: synaptic/0.75.13 Added tag(s) moreinfo. -- 695637: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695637 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b695637.135532292330062.transcr...@bugs.debian.org
Bug#695637: unblock: synaptic/0.75.13
Control: tag -1 + moreinfo Hi, Bob Bib wrote (11 Dec 2012 00:52:28 GMT) : Please unblock package synaptic. Quick changelog: * debian/synaptic.menu: - use x-terminal-emulator -e synaptic-pkexec to support systems that do not have a GUI policykit agent running (closes: #678847) * include all origins in the origin filter not just the first one * show all archives in the origins view even if they are shadowed by another one Please clarify how this satisfies the current freeze policy [1], and if it does not, why this package should be treated differently. [1] http://release.debian.org/wheezy/freeze_policy.html (Cc'ing the maintainer, who may have his opinion on the matter.) Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/854njr49xj@boum.org
Processed: Bug#689973: unblock: mimedefang/2.71-3 TPU pre-approval
Processing commands for cont...@bugs.debian.org: # the requested patch for tpu was provided tags 689973 - moreinfo Bug #689973 [release.debian.org] unblock: mimedefang/2.73-2 Removed tag(s) moreinfo. retitle 689973 unblock: mimedefang/2.71-3 (TPU pre-approval) Bug #689973 [release.debian.org] unblock: mimedefang/2.73-2 Changed Bug title to 'unblock: mimedefang/2.71-3 (TPU pre-approval)' from 'unblock: mimedefang/2.73-2' thanks Stopping processing here. Please contact me if you need assistance. -- 689973: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689973 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.135532302830718.transcr...@bugs.debian.org
Bug#689147: unblock: gajim/0.15.1-1
Hi, Yann Leboulanger wrote (12 Dec 2012 11:50:25 GMT) : Ok then we wait for an answer from secure-testing-team? I think so. I don't think I need to do somthing, do I? I think you don't, now that I added them to the loop myself. Which means we can now get back to why this update of an embedded library should be unblocked. Why is this update needed? Is the version embedded in testing / in unstable (based on) the same as the one packaged in python-gnupg? Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85txrr2uyy@boum.org
Bug#693351: RM: kismet/2008-05-R1-4.3
Hi, Nick Andrik wrote (12 Dec 2012 14:32:35 GMT) : I don't have strong feelings in any case, I don't expect someone to be using this version of the package nowadays. On the other hand, I don't also see the clear benefits from removing it. OK. I think the key question then becomes: as the upcoming maintainer of kismet in Debian, do you want to commit to maintain 2008-05-R1-4.3 in stable once Wheezy is released? (as in: dealing with security issues, fixing RC bugs through stable updates, answering bug reports, etc.) Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85fw3b2u39@boum.org
Bug#693351: RM: kismet/2008-05-R1-4.3
2012/12/12 intrigeri intrig...@debian.org: Hi, Nick Andrik wrote (12 Dec 2012 14:32:35 GMT) : I don't have strong feelings in any case, I don't expect someone to be using this version of the package nowadays. On the other hand, I don't also see the clear benefits from removing it. OK. I think the key question then becomes: as the upcoming maintainer of kismet in Debian, do you want to commit to maintain 2008-05-R1-4.3 in stable once Wheezy is released? (as in: dealing with security issues, fixing RC bugs through stable updates, answering bug reports, etc.) If there are any bugs reported on functionality (which I doubt) then it makes no sense trying to fix the 2008 version. All other bugs are OK. BTW, I guess there is no chance to have the new package in wheezy once it gets released, is this correct? If we need to fix anything then I will have to keep different branches, i.e. one for stable and one for testing, right? -- =Do- N.AND -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CANn5kOvHgsrMkeGL+aBN9RhaL4FzEOX1YwGJHDv=hr6e3n4...@mail.gmail.com
Bug#695152: t-p-u pre-approval lftp/4.3.6-1+deb7u1
On Mon, Dec 10, 2012 at 10:44:43PM +0100, Julien Cristau wrote: On Tue, Dec 4, 2012 at 18:21:25 +0100, Ivo De Decker wrote: diff -Nru lftp-4.3.6/debian/patches/lftp_sys-stdint-kfreebsd.patch lftp-4.3.6/debian/patches/lftp_sys-stdint-kfreebsd.patch --- lftp-4.3.6/debian/patches/lftp_sys-stdint-kfreebsd.patch 1970-01-01 01:00:00.0 +0100 +++ lftp-4.3.6/debian/patches/lftp_sys-stdint-kfreebsd.patch 2012-12-01 17:42:44.0 +0100 @@ -0,0 +1,18 @@ +Description: prevent sys/_stdint.h from redefining intptr_t et.al. +Author: Andreas Henriksson andr...@fatal.se +Bug-Debian: http://bugs.debian.org/677861 +Forwarded: no + +--- lftp-4.3.6.orig/lib/stdint.in.h lftp-4.3.6/lib/stdint.in.h +@@ -75,6 +75,10 @@ + _@GUARD_PREFIX@_STDINT_H is defined. + The include_next requires a split double-inclusion guard. */ + # @INCLUDE_NEXT@ @NEXT_STDINT_H@ ++#ifdef __FreeBSD_kernel__ ++// prevent sys/_stdint.h from being included and redefine intptr_t et.al. ++#define _SYS__STDINT_H_ ++#endif + #endif + + #if ! defined _@GUARD_PREFIX@_STDINT_H ! defined _GL_JUST_INCLUDE_SYSTEM_STDINT_H That is rather horrible. I probably don't want to know why this is necessary. Reluctant ack, go ahead with the upload. Sorry for sharing some insight despite you not wanting to know ;P I fully agree with it being horrible, that's why I didn't want to upload it myself. On the other hand, since the maintainer acked Ivos NMU it's not my place to disagree either. A much better solution would have been to actually fix the kFreeBSD system headers! (The details are available in the original lftp bug report referenced in the patch headers.) Unfortunately noone seems interested in doing that. On the other hand, I guess it could also be considered a bug in portability layers like gnulib to not correctly handle the brokenness (even after kFreeBSD headers potentially gets fixed) so someone should work with upstream gnulib to find a suitable longterm- maintainable fix! (Completely blocking a system header isn't very nice. Even though that header today just contain redundant crap, that could potentially change in the future.) This patch is a from my point of view a double workaround. Work around kFreeBSD brokenness and work around the release teams need to punish all (Linux) users of lftp with a removal because of kFreeBSD brokenness. I would not want to carry a patch like this in a package I maintain. I hope noone will blame me later for this patch, because please remember that I did not upload it and take no responsability for it. -- Andreas Henriksson -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121212153137.ga19...@amd64.fatal.se
Bug#695673: unblock: apt-show-versions/0.20
On 12.12.2012 14:25, intrigeri wrote: Also, any pointer to the place where I can learn about the testing-updates suite? Nowhere. :-) I did at least implicitly suggest in an earlier discussion that it not be included: quote I don't expect testing-updates to ever be used, at least under that name - again, the real suite in this case is wheezy-updates, which has been created in advance of the release. That makes it technically testing-updates currently, but there won't be any packages in it until it becomes stable-updates. /quote Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/02ff3331ce0299a13d0673c641deb...@mail.adsl.funky-badger.org
Bug#689147: unblock: gajim/0.15.1-1
On 12/12/2012 03:41 PM, intrigeri wrote:
Hi,
Yann Leboulanger wrote (12 Dec 2012 11:50:25 GMT) :
Ok then we wait for an answer from secure-testing-team?
I think so.
I don't think I need to do somthing, do I?
I think you don't, now that I added them to the loop myself.
Which means we can now get back to why this update of an embedded
library should be unblocked. Why is this update needed? Is the version
embedded in testing / in unstable (based on) the same as the one
packaged in python-gnupg?
this version of Gajim doesn't only fix this embedded library
But the version embedded fixes some unhandeled errors, as I told you in
the previous mail. Full diff against python-gnupg-0.3.0 attached
--
Yann
--- /usr/share/pyshared/gnupg.py 2012-10-23 01:42:18.0 +0200
+++ gnupg.py 2012-12-02 19:43:09.0 +0100
@@ -64,7 +64,7 @@
except NameError:
_py3k = True
-logger = logging.getLogger(__name__)
+logger = logging.getLogger('gajim.c.gnupg')
if not logger.handlers:
logger.addHandler(NullHandler())
@@ -435,6 +435,7 @@
self.gpg = gpg
self.type = None
self.fingerprint = None
+self.status = ''
def __nonzero__(self):
return self.fingerprint is not None
@@ -448,6 +449,8 @@
if key in (USERID_HINT, NEED_PASSPHRASE, BAD_PASSPHRASE,
GOOD_PASSPHRASE, BEGIN_SIGNING, CARDCTRL):
pass
+elif key in (KEYEXPIRED, SIGEXPIRED):
+self.status = 'key expired'
elif key == SIG_CREATED:
(self.type,
algo, hashalgo, cls,
Bug#693351: RM: kismet/2008-05-R1-4.3
Hi, Nick Andrik wrote (12 Dec 2012 15:18:54 GMT) : 2012/12/12 intrigeri intrig...@debian.org: OK. I think the key question then becomes: as the upcoming maintainer of kismet in Debian, do you want to commit to maintain 2008-05-R1-4.3 in stable once Wheezy is released? (as in: dealing with security issues, fixing RC bugs through stable updates, answering bug reports, etc.) If there are any bugs reported on functionality (which I doubt) then it makes no sense trying to fix the 2008 version. All other bugs are OK. I'm not sure I understand what you mean by bugs reported on functionality. If you mean feature requests, then they are not appropriate for packages shipped in a stable release, so indeed it does not make sense, and then I gather your answer was a yes. If you mean anything else, please clarify :) FYI, the stable suite update policy can be found on the Release Team homepage [1]. [1] http://release.debian.org/ BTW, I guess there is no chance to have the new package in wheezy once it gets released, is this correct? This is correct. The current freeze policy can be read there: http://release.debian.org/wheezy/freeze_policy.html If we need to fix anything then I will have to keep different branches, i.e. one for stable and one for testing, right? This is indeed one common way to organize your packaging VCS. In any case, please refrain from pushing to unstable stuff that is not meant for Wheezy, until it is released. You'll rather want to push to experimental in the meantime. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/8562471a0y@boum.org
Bug#693351: RM: kismet/2008-05-R1-4.3
If you mean feature requests, then they are not appropriate for packages shipped in a stable release, so indeed it does not make sense, and then I gather your answer was a yes. Then, yes it is :) If you mean anything else, please clarify :) If we need to fix anything then I will have to keep different branches, i.e. one for stable and one for testing, right? This is indeed one common way to organize your packaging VCS. In any case, please refrain from pushing to unstable stuff that is not meant for Wheezy, until it is released. You'll rather want to push to experimental in the meantime. Kismet would go to experimental anyway, since it is a huge update. As of curiosity, even if I push anything to unstable it will not move to testing because of the freeze policy, no? Nikos -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cann5kotzw1wfy1os8qrar3qjyto7trfiqdm5k5jskrzkrvr...@mail.gmail.com
Processed: Re: Bug#693351: RM: kismet/2008-05-R1-4.3
Processing control commands: tag -1 - moreinfo Bug #693351 [release.debian.org] RM: kismet/2008-05-R1-4.3 Removed tag(s) moreinfo. -- 693351: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693351 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b693351.13553327973584.transcr...@bugs.debian.org
Bug#693351: RM: kismet/2008-05-R1-4.3
Control: tag -1 - moreinfo Hi, Nick Andrik wrote (12 Dec 2012 17:07:14 GMT) : Then, yes it is :) OK, thanks for the clarification. So, I think this removal request should be closed. As of curiosity, even if I push anything to unstable it will not move to testing because of the freeze policy, no? Yes. But it's better to leave room in unstable for potential bugfixed packages that are meant for Wheezy (at least so that they can mature in there, get some exposure to testing, before the unblock request is considered). Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85pq2fyyqk@boum.org
Bug#688966: tagging 688966
On Wed, Dec 12, 2012 at 01:30:14 +0100, intrigeri wrote: Hi, Julien Cristau wrote (01 Dec 2012 12:59:46 GMT) : tags 688966 + moreinfo FWIW, it's unclear to me what additional information is being requested, so it might be unclear for the submitter too: he was asked to provide a debdiff, and subsequently did. Sorry if I missed something. That debdiff was too big so it didn't show up on the list AFAICT. Cheers, Julien signature.asc Description: Digital signature
Status of some open security issues in Wheezy
Hi, I made a systematic trackdown of open security issues in Wheezy and would like to summarise some issues in this mail. Some security blocks might be lost in the backlog, it would be nice if someone go through this list: bacula / CVE-2012-4430 This was fixed in testing-proposed-updates in 5.2.6+dfsg-2.1 There's a larger unblock discussion with more changes in #689003 Please either unblock the revised package from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689003#80 or the tpu security fix. icecast2 / CVE-2011-4612 I prepared a tpu backport a month ago. Can I go ahead and upload? (691186) pcp /CVE-2012-3418 CVE-2012-3419 CVE-2012-3420 CVE-2012-3421 CVE-2012-5530 Huge fix made in unstable (but many changes needed to fix the issue). Updated package introduces shlibs changes (686868). No rdeps and low popcon. Could also be removed IMO. dnsmasq / CVE-2012-3411 There's a longstanding unblock request (690075). However, since this is of low impact and would require additional fixes in libvirt, I'm inclined to leave it as-is for Wheezy. Agreed? weechat / CVE-2012-5534 / CVE-2012-5854 There's a tpu request in #693702 cityhash / CVE-2012-6051 Given the circumstances (694999) I think removal from Wheezy is the way to go forward. gimp / CVE-2012-5576 Blocked by missing s390x build. I've contacted the buildd maints, but got no reponse. Can anyone of you trigger a giveback? yui / CVE-2012-5881 CVE-2012-5882 CVE-2012-5883 This package is a complete mess, for Jessie we'll need to migrate all packages to yui3. For Wheezy we're stuck with two additional DFSG bugs. If they're wheezy-ignored I can fix the security issues in a NMU. qt4-x11 / CVE-2012-4929 The transition of the fix is blocked by the ia64 build failure. No idea where that is coming from? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121212182147.GA11016@pisco.westfalen.local
Processed: Re: Bug#683311: unblock: htop/1.0.1-2
Processing commands for cont...@bugs.debian.org: close 683311 Bug #683311 [release.debian.org] unblock: htop/1.0.1-2 Marked Bug as done quit Stopping processing here. Please contact me if you need assistance. -- 683311: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683311 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.135533864413818.transcr...@bugs.debian.org
Processed: Re: Bug#691186: unblock: icecast2/2.3.2-9+deb7u2
Processing control commands: tags -1 + confirmed Bug #691186 [release.debian.org] unblock: icecast2/2.3.2-9+deb7u2 Added tag(s) confirmed. -- 691186: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=691186 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b691186.135533915617001.transcr...@bugs.debian.org
Bug#691186: unblock: icecast2/2.3.2-9+deb7u2
Control: tags -1 + confirmed On Mon, 2012-10-22 at 20:53 +0200, Moritz Muehlenhoff wrote: Ok to upload to t-p-u with the attached debdiff? This fixes CVE-2011-4612 / #652663) Much as I dislike wheel re-inventing, I'm assuming the patch matches how upstream decided to resolve the issue; please go ahead. A more descriptive changelog entry would be good. ;-) Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1355339044.13966.4.ca...@jacala.jungle.funky-badger.org
Bug#693702: tpu: weechat/0.3.8-2 (pre-approval)
Control: tags -1 + confirmed Apologies for the delay in getting back to you about this. On Mon, 2012-11-19 at 14:53 +0100, Emmanuel Bouthenot wrote: I'd like to get your approval about the upload of weechat 0.3.8-2 to testing-proposed-updates in order to fix 2 security issues: 0.3.8-1+deb7u1 would be more conventional as a version number; other than that, please go ahead. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1355339406.13966.7.ca...@jacala.jungle.funky-badger.org
Processed: Re: Bug#693702: tpu: weechat/0.3.8-2 (pre-approval)
Processing control commands: tags -1 + confirmed Bug #693702 [release.debian.org] tpu: weechat/0.3.8-2 (pre-approval) Added tag(s) confirmed. -- 693702: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693702 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b693702.135533951419522.transcr...@bugs.debian.org
Re: Status of some open security issues in Wheezy
On Wed, 2012-12-12 at 19:21 +0100, Moritz Muehlenhoff wrote: I made a systematic trackdown of open security issues in Wheezy and would like to summarise some issues in this mail. Some security blocks might be lost in the backlog, it would be nice if someone go through this list: Thanks for the list. Cherry-picking a little: icecast2 / CVE-2011-4612 I prepared a tpu backport a month ago. Can I go ahead and upload? (691186) Replied. weechat / CVE-2012-5534 / CVE-2012-5854 There's a tpu request in #693702 Replied. cityhash / CVE-2012-6051 Given the circumstances (694999) I think removal from Wheezy is the way to go forward. Removal hint added. gimp / CVE-2012-5576 Blocked by missing s390x build. I've contacted the buildd maints, but got no reponse. Can anyone of you trigger a giveback? dpkg-shlibdeps: error: dpkg-query --control-path libc6:s390x shlibs died from signal 6 That doesn't look too healthy. :-/ Given back; let's see what happens. qt4-x11 / CVE-2012-4929 The transition of the fix is blocked by the ia64 build failure. No idea where that is coming from? It often happens, we generally end up with a pile of give-backs which eventually work. The maintainers have raised it at https://lists.debian.org/debian-ia64/2012/12/msg8.html Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1355340029.13966.13.ca...@jacala.jungle.funky-badger.org
Bug#683311: unblock: htop/1.0.1-2
On Wed, Dec 12, 2012 at 08:57:59PM +0200, Eugene V. Lyubimkin wrote: close 683311 quit Hi all, On 2012-12-12 01:12, intrigeri wrote: [...] Can I still please ask for unblock for -2 as a part of asking to unblock -4? Please fix the bugs that were pointed in review... Ping? Thanks for ping. I didn't receive the 'please fix' email not being in recipients there. It's clear now that the original Josh-proposed plan 'just cherry-pick the upstream patch' is not accepted. Therefore, having no interest in maintaining modified upstream patch (let alone for the issue I didn't even original consider worth for passing the freeze) I'm closing this bug. Thanks everyone for the time/considering. I meant to respond to the original mail with the same comment: it doesn't seem worth maintaining a modified version of the upstream patch here, so since the upstream patch didn't work out, I agree with just closing this. - Josh Triplett -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121212193505.GA2993@jtriplet-mobl1
Bug#694452: unblock: gjs/1.32.0-3
Control: retitle -1 unblock: gjs/1.32.0-4 Le mardi 11 décembre 2012 à 23:04 +0100, Niels Thykier a écrit : I’ll reupload with that additional patch. http://git.gnome.org/browse/gjs/commit/?id=5c90e776ce3c Please go ahead. Done as 1.32.0-4 (it’s the only change). Cheers, -- .''`. Josselin Mouette : :' : `. `' `- -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1355341209.6659.1.camel@tomoyo
Processed: Re: Bug#694452: unblock: gjs/1.32.0-3
Processing control commands: retitle -1 unblock: gjs/1.32.0-4 Bug #694452 [release.debian.org] unblock: gjs/1.32.0-3 Changed Bug title to 'unblock: gjs/1.32.0-4' from 'unblock: gjs/1.32.0-3' -- 694452: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694452 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b694452.135534121829944.transcr...@bugs.debian.org
Processed: Re: Bug#695174: t-p-u pre-approval owncloud/4.0.4debian2-3.1
Processing control commands: tags -1 + moreinfo Bug #695174 [release.debian.org] t-p-u pre-approval owncloud/4.0.4debian2-3.1 Added tag(s) moreinfo. -- 695174: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695174 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b695174.135534158632512.transcr...@bugs.debian.org
Bug#695174: t-p-u pre-approval owncloud/4.0.4debian2-3.1
Control: tags -1 + moreinfo
On Mon, 2012-12-10 at 20:14 +0100, Julien Cristau wrote:
On Wed, Dec 5, 2012 at 22:18:54 +0100, Michael Banck wrote:
On Wed, Dec 05, 2012 at 10:55:56AM +0100, Julien Cristau wrote:
As far as I can tell this escapeHTML function is not defined in the
current version? Upstream git has it in core/js/js.js.
Attached is a new candidate debdiff.
Assuming this is tested, go ahead.
+Index: owncloud-4.0.4debian2/core/js/js.js
[...]
++function escapeHTML(s) {
[...]
+Index: owncloud-4.0.4debian2/3rdparty/fullcalendar/js/fullcalendar.js
[...]
+- span class='fc-event-title' + event.title +
/span +
++ span class='fc-event-title' +
htmlEscape(event.title) + /span +
Should the htmlEscape() call in that last hunk be escapeHTML()?
Regards,
Adam
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/1355341478.13966.16.ca...@jacala.jungle.funky-badger.org
Re: Status of some open security issues in Wheezy
Dear Moritz, On Wed, Dec 12, 2012 at 07:21:47PM +0100, Moritz Muehlenhoff wrote: gimp / CVE-2012-5576 Blocked by missing s390x build. I've contacted the buildd maints, but got no reponse. I beg to differ: pkern@grieg /org/buildd.debian.org/mbox (git)-[master] % grep 'gimp' s390* 1 pkern@grieg /org/buildd.debian.org/mbox (git)-[master] % grep 'j...@debian.org' s390* 1 pkern@grieg /org/buildd.debian.org/mbox (git)-[master] % Kind regards Philipp Kern signature.asc Description: Digital signature
Bug#695174: t-p-u pre-approval owncloud/4.0.4debian2-3.1
On Wed, Dec 12, 2012 at 19:44:38 +, Adam D. Barratt wrote:
Control: tags -1 + moreinfo
On Mon, 2012-12-10 at 20:14 +0100, Julien Cristau wrote:
On Wed, Dec 5, 2012 at 22:18:54 +0100, Michael Banck wrote:
On Wed, Dec 05, 2012 at 10:55:56AM +0100, Julien Cristau wrote:
As far as I can tell this escapeHTML function is not defined in the
current version? Upstream git has it in core/js/js.js.
Attached is a new candidate debdiff.
Assuming this is tested, go ahead.
+Index: owncloud-4.0.4debian2/core/js/js.js
[...]
++function escapeHTML(s) {
[...]
+Index: owncloud-4.0.4debian2/3rdparty/fullcalendar/js/fullcalendar.js
[...]
+- span class='fc-event-title' + event.title
+ /span +
++ span class='fc-event-title' +
htmlEscape(event.title) + /span +
Should the htmlEscape() call in that last hunk be escapeHTML()?
iirc fullcalendar has its own preexisting escape function, with a
different name.
Cheers,
Julien
signature.asc
Description: Digital signature
Re: Bug#695715: fixed in cflow 1:1.4+dfsg1-1
On Wed, 2012-12-12 at 19:32 +, Serafeim Zanikolas wrote: cflow (1:1.4+dfsg1-1) unstable; urgency=high . * Repackage with non DFSG-free texinfo files stripped out of the source and binary package (closes: #695715). Thanks for fixing this. Unfortunately, the fact that you also made this change: * Raise debhelper compatibility level to 9 and update the debhelper version dependency, to enable security hardening means the package is unlikely to get unblocked. fwiw, this is explicitly mentioned in rule #1 on http://release.debian.org/wheezy/freeze_policy.html Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1355343750.13966.28.ca...@jacala.jungle.funky-badger.org
Processed: Re: Bug#695471: unblock: bootchart2/0.14.4-2
Processing control commands: tags -1 - moreinfo Bug #695471 [release.debian.org] unblock: bootchart2/0.14.4-2 Removed tag(s) moreinfo. -- 695471: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695471 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b695471.135534427619998.transcr...@bugs.debian.org
Bug#695471: unblock: bootchart2/0.14.4-2
Control: tags -1 - moreinfo On Mon, 10 Dec 2012 20:10:43 +, Adam D. Barratt wrote: On Sat, 2012-12-08 at 19:47 +0100, David Paleino wrote: I just uploaded bootchart2/0.14.4-2 to unstable. This upload fixes RC bug #694403 -- the package shipped a systemd unit, but no classic initscript. +# Define LSB log_* functions. +# Depend on lsb-base (= 3.0-6) to ensure that this file is present. +. /lib/lsb/init-functions As far as I can see, bootchart2 doesn't depend on lsb-base at all? (I realise it's basically guaranteed to be present.) Uops. Uploaded -3 to sid. Thanks for noticing this! :) David -- . ''`. Debian developer | http://wiki.debian.org/DavidPaleino : :' : Linuxer #334216 --|-- http://www.hanskalabs.net/ `. `'` GPG: 1392B174 | http://deb.li/dapal `- 2BAB C625 4E66 E7B8 450A C3E1 E6AA 9017 1392 B174 signature.asc Description: PGP signature
Bug#695804: unblock: moodle/2.2.3.dfsg-2.6~wheezy0
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
Please unblock package moodle
I am about to get new version of the package uploaded to
testing-proposed-updates. The new version fixes a security issue that is
forwarded but not yet fixed upstream.
diff -Nru moodle-2.2.3.dfsg/debian/changelog
moodle-2.2.3.dfsg/debian/changelog
--- moodle-2.2.3.dfsg/debian/changelog 2012-11-16 09:07:18.0 +0100
+++ moodle-2.2.3.dfsg/debian/changelog 2012-12-12 19:19:22.0 +0100
@@ -1,3 +1,11 @@
+moodle (2.2.3.dfsg-2.6~wheezy1) testing-proposed-updates; urgency=low
+
+ * Fix possible security issue for curl in 3-rd party libraries:
+* phpCAS (CVE-2012-5583)
+* amazon-s3-php-class
+
+ -- Tomasz Muras nexor1...@gmail.com Tue, 27 Nov 2012 23:15:45 +0100
+
moodle (2.2.3.dfsg-2.6~wheezy0) testing-proposed-updates; urgency=low
* Re-upload -2.6 towards Wheezy.
diff -Nru
moodle-2.2.3.dfsg/debian/patches/0021-MDL-36818-Wrong-value-for-CURLOPT_SSL_VERIFYHOST.patch
moodle-2.2.3.dfsg/debian/patches/0021-MDL-36818-Wrong-value-for-CURLOPT_SSL_VERIFYHOST.patch
---
moodle-2.2.3.dfsg/debian/patches/0021-MDL-36818-Wrong-value-for-CURLOPT_SSL_VERIFYHOST.patch
1970-01-01 01:00:00.0 +0100
+++
moodle-2.2.3.dfsg/debian/patches/0021-MDL-36818-Wrong-value-for-CURLOPT_SSL_VERIFYHOST.patch
2012-12-12 19:20:03.0 +0100
@@ -0,0 +1,49 @@
+From: Tomasz Muras tom...@muras.eu
+Last-Update: 2012-12-12
+Bug: http://tracker.moodle.org/browse/MDL-36818
+Bug-amazon-s3-php-class:
https://github.com/tpyo/amazon-s3-php-class/pull/36
+Bug-phpCAS: https://github.com/Jasig/phpCAS/pull/58
+Forwarded: yes
+Description: Fix the value of CURLOPT_SSL_VERIFYHOST option.
+ Wrong use of CURLOPT_SSL_VERIFYHOST is a potential security issue.
+ The bug was reported by Alessandro Ghedini gh...@debian.org, patch
+ created by Tomasz Muras and forwarded to Moodle and Moodle's upstream -
+ amazon-s3-php-class and phpCAS. There is no Debian bug or CVE issued yet
+ but Debian Security Team has been notified. CVE for phpCAS is
CVE-2012-5583.
+ The bug is not fixed in Moodle upstream yet.
+
+diff --git a/auth/cas/CAS/CAS/client.php b/auth/cas/CAS/CAS/client.php
+index 74d6893..d5c4212 100644
+--- a/auth/cas/CAS/CAS/client.php
b/auth/cas/CAS/CAS/client.php
+@@ -2160,7 +2160,7 @@ class CASClient
+ if ($this-_cas_server_cert != '' $this-_cas_server_ca_cert
!= '') {
+ // This branch added by IDMS. Seems phpCAS implementor got a bit
confused about the curl options CURLOPT_SSLCERT and CURLOPT_CAINFO
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
+- curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
++ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
+ curl_setopt($ch, CURLOPT_SSLCERT,
$this-_cas_server_cert);
+ curl_setopt($ch, CURLOPT_CAINFO,
$this-_cas_server_ca_cert);
+ curl_setopt($ch, CURLOPT_VERBOSE, '1');
+@@ -2172,7 +2172,7 @@ class CASClient
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
+ curl_setopt($ch, CURLOPT_CAINFO,
$this-_cas_server_ca_cert);
+ } else {
+- curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
++ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+ }
+
+diff --git a/repository/s3/S3.php b/repository/s3/S3.php
+index dadfb5a..b5a11b6 100644
+--- a/repository/s3/S3.php
b/repository/s3/S3.php
+@@ -1140,7 +1140,7 @@ final class S3Request {
+ curl_setopt($curl, CURLOPT_USERAGENT, 'S3/php');
+
+ if (S3::$useSSL) {
+- curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 1);
++ curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
+ curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 1);
+ }
+
diff -Nru moodle-2.2.3.dfsg/debian/patches/series
moodle-2.2.3.dfsg/debian/patches/series
--- moodle-2.2.3.dfsg/debian/patches/series 2012-11-10
16:09:16.0 +0100
+++ moodle-2.2.3.dfsg/debian/patches/series 2012-11-29
18:00:57.0 +0100
@@ -18,3 +18,4 @@
0018-MDL-34448-mod-data-Fixing-separate-groups-viewing-al.patch
0019-MDL-33791-Portfolio-Fixed-security-issue-with-passin.patch
0020-MDL-35558-mod_data-Show-only-own-entries-while-there.patch
+0021-MDL-36818-Wrong-value-for-CURLOPT_SSL_VERIFYHOST.patch
unblock moodle/2.2.3.dfsg-2.6~wheezy1
Tomasz Muras
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/50c8eb67.8060...@gmail.com
Re: Bug#695715: fixed in cflow 1:1.4+dfsg1-1
On Wed, Dec 12, 2012 at 08:22:30PM +, Adam D. Barratt wrote: On Wed, 2012-12-12 at 19:32 +, Serafeim Zanikolas wrote: cflow (1:1.4+dfsg1-1) unstable; urgency=high . * Repackage with non DFSG-free texinfo files stripped out of the source and binary package (closes: #695715). Thanks for fixing this. Unfortunately, the fact that you also made this change: * Raise debhelper compatibility level to 9 and update the debhelper version dependency, to enable security hardening means the package is unlikely to get unblocked. fwiw, this is explicitly mentioned in rule #1 on http://release.debian.org/wheezy/freeze_policy.html oh sorry about that :-/ Shall I target the new release to unstable or testing-proposed-updates? (in the case of the latter, I'll post a diff before doing the upload). thanks, sez -- Every great idea is worthless without someone to do the work. --Neil Williams -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121212203951.GA13612@mobee
Bug#695806: RM: balazar/0.3.4.ds1-6.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Hi, please remove balazar from wheezy. It is a game and the RC bug #692753 was not fixed for a month now. There is also the important bug #630946 that causes the game to crash unless sound is deactivated. The last upload of the package by the maintainer was in 2009. The consensus in #692753 was that removal of the package is the best way to resolve the bug. Best regards, Tobias Hansen -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121212205009.6091.72274.reportbug@dicker.tobinet
Bug#695471: marked as done (unblock: bootchart2/0.14.4-2)
Your message dated Wed, 12 Dec 2012 20:53:38 + with message-id 1355345618.13966.29.ca...@jacala.jungle.funky-badger.org and subject line Re: Bug#695471: unblock: bootchart2/0.14.4-2 has caused the Debian Bug report #695471, regarding unblock: bootchart2/0.14.4-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 695471: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695471 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hello RT, I just uploaded bootchart2/0.14.4-2 to unstable. This upload fixes RC bug #694403 -- the package shipped a systemd unit, but no classic initscript. I'm attaching a git diff -- please note that this is a particular initscript, since starting it effectively *stops* the daemon -- and that's why it's started after all the other services (i.e. stop collecting boot info as soon as all other initscripts did their job). unblock bootchart2/0.14.4-2 Thanks, David -- . ''`. Debian developer | http://wiki.debian.org/DavidPaleino : :' : Linuxer #334216 --|-- http://www.hanskalabs.net/ `. `'` GPG: 1392B174 | http://deb.li/dapal `- 2BAB C625 4E66 E7B8 450A C3E1 E6AA 9017 1392 B174 diff --git a/debian/bootchart2.bootchart-done.init b/debian/bootchart2.bootchart-done.init new file mode 100644 index 000..da3f590 --- /dev/null +++ b/debian/bootchart2.bootchart-done.init @@ -0,0 +1,58 @@ +#! /bin/sh + +### BEGIN INIT INFO +# Provides: bootchart2 +# Required-Start:$remote_fs $all +# Required-Stop: +# Default-Start: 1 2 3 4 5 +# Default-Stop: +# Short-Description: Stop bootchartd +# Description: This script stops the bootchartd daemon after the +#system booted. +### END INIT INFO + +# Author: David Paleino da...@debian.org + +# Do NOT set -e + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC=boot process analyser +NAME=bootchartd +DAEMON=/sbin/$NAME +DAEMON_ARGS= +PIDFILE=/var/run/$NAME.pid +SCRIPTNAME=/etc/init.d/bootchart2 + +# Exit if the package is not installed +[ -x $DAEMON ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/bootchartd.conf ] . /etc/bootchartd.conf + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (= 3.0-6) to ensure that this file is present. +. /lib/lsb/init-functions + +case $1 in + start) + [ $VERBOSE != no ] log_daemon_msg Stopping $DESC $NAME + $DAEMON stop + case $? in + 0|1) [ $VERBOSE != no ] log_end_msg 0 ;; + 2) [ $VERBOSE != no ] log_end_msg 1 ;; + esac + ;; + stop|restart|force-reload) + # do nothing + ;; + *) + echo Usage: $SCRIPTNAME start 2 + exit 3 + ;; +esac + +: diff --git a/debian/changelog b/debian/changelog index 9876687..a769a35 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +bootchart2 (0.14.4-2) unstable; urgency=low + + * Acknowledge NMU. + * Provide also an initscript (Closes: #694403) + + -- David Paleino da...@debian.org Sat, 08 Dec 2012 19:35:08 +0100 + bootchart2 (0.14.4-1.1) unstable; urgency=low * Non-maintainer upload. diff --git a/debian/rules b/debian/rules index 0b97af1..158f0dc 100755 --- a/debian/rules +++ b/debian/rules @@ -13,3 +13,8 @@ override_dh_installchangelogs: override_dh_auto_test: +override_dh_installinit: + dh_installinit \ + --name=bootchart-done \ + --no-start \ + --update-rcd-params=start 99 1 2 3 4 5 6 . stop 99 0 . signature.asc Description: PGP signature ---End Message--- ---BeginMessage--- On Wed, 2012-12-12 at 21:31 +0100, David Paleino wrote: On Mon, 10 Dec 2012 20:10:43 +, Adam D. Barratt wrote: +# Define LSB log_* functions. +# Depend on lsb-base (= 3.0-6) to ensure that this file is present. +. /lib/lsb/init-functions As far as I can see, bootchart2 doesn't depend on lsb-base at all? (I realise it's basically guaranteed to be present.) Uops. Uploaded -3 to sid. Thanks for noticing this! :) Unblocked; thanks. Regards, Adam---End Message---
Bug#695806: marked as done (RM: balazar/0.3.4.ds1-6.1)
Your message dated Wed, 12 Dec 2012 20:58:37 + with message-id 1355345917.13966.30.ca...@jacala.jungle.funky-badger.org and subject line Re: Bug#695806: RM: balazar/0.3.4.ds1-6.1 has caused the Debian Bug report #695806, regarding RM: balazar/0.3.4.ds1-6.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 695806: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695806 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Hi, please remove balazar from wheezy. It is a game and the RC bug #692753 was not fixed for a month now. There is also the important bug #630946 that causes the game to crash unless sound is deactivated. The last upload of the package by the maintainer was in 2009. The consensus in #692753 was that removal of the package is the best way to resolve the bug. Best regards, Tobias Hansen -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash ---End Message--- ---BeginMessage--- On Wed, 2012-12-12 at 21:50 +0100, Tobias Hansen wrote: please remove balazar from wheezy. It is a game and the RC bug #692753 was not fixed for a month now. There is also the important bug #630946 that causes the game to crash unless sound is deactivated. The last upload of the package by the maintainer was in 2009. The consensus in #692753 was that removal of the package is the best way to resolve the bug. Removal hint added. Regards, Adam---End Message---
Bug#695808: RM: gnat-4.4/4.4.6-6
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Hi, please remove gnat-4.4 from wheezy. It FTBFS (RC bug #669513) and since the only feasible way to fix this is updating to the new upstream version, Ludovic Brenta, one of its maintainers, agreed in that bug report that it should be removed from testing. There should be no reverse dependencies in testing. The reverse dependency ghdl that was mentioned in the bug was removed from wheezy some time ago. Best regards, Tobias Hansen -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121212215036.6565.25959.reportbug@dicker.tobinet
Bug#689588: Please unblock cracklib2/2.8.19-2
On Wed, Dec 12, 2012 at 09:26:01AM +0100, Niels Thykier wrote:
On 2012-12-12 09:04, Niels Thykier wrote:
Control: tags -1 moreinfo
On 2012-12-08 12:25, Jan Dittberner wrote:
please unblock cracklib2/2.8.19-2 that I uploaded to unstable. See the
debdiff that is already attached to the bug. The change is minimal and
backward compatible. The test suite runs without problems with all
supported
Python versions (2.6, 2.7, 3.2).
Best regards
Jan
I have to admit, I would have appreciated if this change had been
upstreamed. Anyhow, I guess that will be your headache and not mine... :)
[...]
I just saw your original mail from Oct. 4th, so never mind the above
comment. I think the use of __DEBIAN_SPECIFIC__SafeFascistCheck will be
okay for Wheezy (considering it avoids an API transition).
Sorry for the delay in getting back to you (on your mail from Oct.),
I just uploaded an updated package with Markus' updated patch
(cracklib2_2.8.19-3) to unstable. The debdiffs from the version in testing
(2.8.19-1) and the version you already looked at (2.8.19-2) are attached to
this mail.
Please unblock the new version.
Best regards
Jan
--
Jan Dittberner - Debian Developer
GPG-key: 4096R/558FB8DD 2009-05-10
B2FF 1D95 CE8F 7A22 DF4C F09B A73E 0055 558F B8DD
http://www.dittberner.info/
diff -Nru cracklib2-2.8.19/debian/changelog cracklib2-2.8.19/debian/changelog
--- cracklib2-2.8.19/debian/changelog 2012-05-20 01:24:15.0 +0200
+++ cracklib2-2.8.19/debian/changelog 2012-12-12 22:57:15.0 +0100
@@ -1,3 +1,20 @@
+cracklib2 (2.8.19-3) unstable; urgency=low
+
+ * update debian/patches/libcrack2-error-safer-check-variant.patch with
+fixed version from http://bugs.debian.org/cgi-
+bin/bugreport.cgi?bug=689588#29
+
+ -- Jan Dittberner ja...@debian.org Wed, 12 Dec 2012 22:56:46 +0100
+
+cracklib2 (2.8.19-2) unstable; urgency=low
+
+ * add debian/patches/libcrack2-error-safer-check-variant.patch to provide
+__DEBIAN_SPECIFIC__SafeFascistCheck that does not call exit (Closes:
+#682735)
+ * add __DEBIAN_SPECIFIC__SafeFascistCheck to debian/libcrack2.symbols
+
+ -- Jan Dittberner ja...@debian.org Tue, 02 Oct 2012 09:15:16 +0200
+
cracklib2 (2.8.19-1) unstable; urgency=low
* New upstream version
diff -Nru cracklib2-2.8.19/debian/libcrack2.symbols
cracklib2-2.8.19/debian/libcrack2.symbols
--- cracklib2-2.8.19/debian/libcrack2.symbols 2012-05-20 01:24:15.0
+0200
+++ cracklib2-2.8.19/debian/libcrack2.symbols 2012-12-12 22:57:15.0
+0100
@@ -27,3 +27,4 @@
Trim@Base 2.8.12
Uppercase@Base 2.8.12
GetDefaultCracklibDict@Base 2.8.14
+ __DEBIAN_SPECIFIC__SafeFascistCheck@Base 2.8.19-2~
diff -Nru
cracklib2-2.8.19/debian/patches/libcrack2-error-safer-check-variant.patch
cracklib2-2.8.19/debian/patches/libcrack2-error-safer-check-variant.patch
--- cracklib2-2.8.19/debian/patches/libcrack2-error-safer-check-variant.patch
1970-01-01 01:00:00.0 +0100
+++ cracklib2-2.8.19/debian/patches/libcrack2-error-safer-check-variant.patch
2012-12-12 22:57:15.0 +0100
@@ -0,0 +1,189 @@
+Subject: add a safer check variant
+Author: Markus Wanner mar...@bluegap.ch
+Bug-Debian: http://bugs.debian.org/682735
+--- a/lib/fascist.c
b/lib/fascist.c
+@@ -879,6 +879,48 @@
+ return res;
+ }
+
++/* This Debian specific method is a work-around for Debian #682735. Please
++ do not rely on it being available in future verisons of cracklib2. */
++int
++__DEBIAN_SPECIFIC__SafeFascistCheck(password, path, errstr)
++const char *password;
++const char *path;
++char **errstr;
++{
++PWDICT *pwp;
++char pwtrunced[STRINGSIZE];
++
++/* If passed null for the path, use a compiled-in default */
++if ( ! path )
++{
++ path = DEFAULT_CRACKLIB_DICT;
++}
++
++/* security problem: assume we may have been given a really long
++ password (buffer attack) and so truncate it to a workable size;
++ try to define workable size as something from which we cannot
++ extend a buffer beyond its limits in the rest of the code */
++
++strncpy(pwtrunced, password, TRUNCSTRINGSIZE);
++pwtrunced[TRUNCSTRINGSIZE - 1] = '\0'; /* enforce */
++
++/* perhaps someone should put something here to check if password
++ is really long and syslog() a message denoting buffer attacks? */
++
++if (!(pwp = PWOpen(path, r)))
++{
++ return 0;
++}
++
++/* sure seems like we should close the database, since we're only likely
to check one password */
++*errstr = FascistLook(pwp, pwtrunced);
++
++PWClose(pwp);
++pwp = (PWDICT *)0;
++
++return 1;
++}
++
+ const char *
+ GetDefaultCracklibDict()
+ {
+--- a/python/_cracklibmodule.c
b/python/_cracklibmodule.c
+@@ -42,6 +42,7 @@
+ #ifdef HAVE_LIBINTL_H
+ #include libintl.h
+ #endif
++#include errno.h
+
+ #ifdef HAVE_PTHREAD_H
+ static pthread_mutex_t cracklib_mutex = PTHREAD_MUTEX_INITIALIZER;
+@@ -74,7
Bug#691115: unblock libdvdread/4.2.0+20120521-3
On Wed, 12 Dec 2012 21:30:14 intrigeri wrote: Dmitry Smirnov wrote (12 Dec 2012 01:16:15 GMT) : There were no reply from maintainer in #688574 so perhaps it would be better to set Daniel as owner of this bug... Please do it if you feel it's useful. Waht would you do? A full new upstream version was uploaded to unstable since then, so an update in testing would now have to go through t-p-u. Thank you, I didn't notice that new libdvdread was uploaded. Given the crash fixed by 4.2.0+20120521-3 has severity normal, I'm unsure it's worth the effort. I'm not sure if normal is an adequate severity for crash. For example handbrake (not in testing) was unusable (crashing on DVD open) with libdvdread prior to 4.2.0+20120521-3. Dmitry, you filed the unblock request that is now outdated, what do you think? We can close it if you think that's the right thing to do. What else we can do? IMHO even if fix is not implemented properly it is still prevent certain crashes which can't be worse than what's in testing right now. I'm not sure this would be worse than what's in testing right now, but let's acknowledge that the fix has potential for future regressions, and does not only bring good: using internal implementation details of other libraries results in code that can break without notice, in the future, when the depended upon library is updated. I'm with you. Indeed that's choosing between bad and the worse. However decision making here is simple -- on one hand we have a certain (confirmed) crash when on the other we have potential for regressions that may or may not be manifested. To me crash is too serious to ignore because the whole functionality of the package is compromised. Regards, Dmitry. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201212130940.05955.only...@member.fsf.org
Bug#693351: RM: kismet/2008-05-R1-4.3
On Wednesday, December 12, 2012 10:18:54, Nick Andrik wrote: 2012/12/12 intrigeri intrig...@debian.org: Hi, Nick Andrik wrote (12 Dec 2012 14:32:35 GMT) : I don't have strong feelings in any case, I don't expect someone to be using this version of the package nowadays. On the other hand, I don't also see the clear benefits from removing it. OK. I think the key question then becomes: as the upcoming maintainer of kismet in Debian, do you want to commit to maintain 2008-05-R1-4.3 in stable once Wheezy is released? (as in: dealing with security issues, fixing RC bugs through stable updates, answering bug reports, etc.) If there are any bugs reported on functionality (which I doubt) then it makes no sense trying to fix the 2008 version. Ubuntu has several SIGSEGV crashes reported on kismet 2008-05-R1-4.3: https://launchpad.net/ubuntu/+source/kismet/+bugs Upstream (Mike Kershaw, who I see at MHVLUG meetings) is frustrated by the fact that this old version of kismet is still being shipped in Ubuntu, because he regularly gets bugs reported to him directly from users that he isn't able to help with because the version is ancient. I'm adding Mike to the list of recipients so that he can have a chance to offer an opinion on whether 2008-06-R1-4.3 should be shipped in Wheezy (and thus shipped for another two years in Debian). It'll be good to get a newer Kismet package in Unstable, since Ubuntu is based on Unstable. All other bugs are OK. BTW, I guess there is no chance to have the new package in wheezy once it gets released, is this correct? To get a new version in it would have had to have been in Unstable before the freeze in June. Around that time I made a newer Kismet package using debhelper v9, but it wasn't ready before the freeze and the package I made still needs a couple of tweaks, which is why I hadn't tried to file an ITA. Nick -- let me know if you'd like to see what I did re: /debian/* files. The main thing that needs tweaking in the package I came up with had to do with the menu shortcut and how to handle access permissions correctly. If we need to fix anything then I will have to keep different branches, i.e. one for stable and one for testing, right? Maybe. There will be different package versions, but branches implies using a version control system which isn't a requirement AFAIK. -- Chris -- Chris Knadle chris.kna...@coredump.us signature.asc Description: This is a digitally signed message part.
Bug#693351: RM: kismet/2008-05-R1-4.3
If there are any bugs reported on functionality (which I doubt) then it makes no sense trying to fix the 2008 version. Ubuntu has several SIGSEGV crashes reported on kismet 2008-05-R1-4.3: https://launchpad.net/ubuntu/+source/kismet/+bugs I think that the ubuntu situation is orthogonal to the debian one. Since ubuntu takes its packages from unstable, whether or not we remove the package from stable is irrelevant. Removing it from unstable is a different story. Upstream (Mike Kershaw, who I see at MHVLUG meetings) is frustrated by the fact that this old version of kismet is still being shipped in Ubuntu, because he regularly gets bugs reported to him directly from users that he isn't able to help with because the version is ancient. I'm adding Mike to the list of recipients so that he can have a chance to offer an opinion on whether 2008-06-R1-4.3 should be shipped in Wheezy (and thus shipped for another two years in Debian). It'll be good to get a newer Kismet package in Unstable, since Ubuntu is based on Unstable. My package is almost ready, I expect only minor comments from the review process which will take quite much time since the package is huge and the changes really extensive. All other bugs are OK. BTW, I guess there is no chance to have the new package in wheezy once it gets released, is this correct? To get a new version in it would have had to have been in Unstable before the freeze in June. Around that time I made a newer Kismet package using debhelper v9, but it wasn't ready before the freeze and the package I made still needs a couple of tweaks, which is why I hadn't tried to file an ITA. OK, this opportunity has passed, but at least I can aim to have the package in unstable in time for the ubuntu 13.04 release. This is first week of March, 2013. Nick -- let me know if you'd like to see what I did re: /debian/* files. The main thing that needs tweaking in the package I came up with had to do with the menu shortcut and how to handle access permissions correctly. Thanks for your offer, but I think I'm ok for now. I think I have already taken care of these two things. If we need to fix anything then I will have to keep different branches, i.e. one for stable and one for testing, right? Maybe. There will be different package versions, but branches implies using a version control system which isn't a requirement AFAIK. Branches can be even two directories in my disk :) In any case, I'm planning to put the package in a VCS after the review process is finished. BTW, something I'm curious in, is how many people will keep using the old 2008 version in stable (if it is shipped after all) if ubuntu and unstable/testing have the most recent one. What would be your estimation? Is there any way to get statistics for usage (popcon) depending on the release? Would a response like please use the recent version in testing be acceptable? Nick -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CANn5kOt+=jxrzfmnjasvafkugy77crsmfqexxi+an7ru4cj...@mail.gmail.com
Re: Bug#693351: RM: kismet/2008-05-R1-4.3
On Wednesday, December 12, 2012 18:50:45, Nick Andrik wrote: If there are any bugs reported on functionality (which I doubt) then it makes no sense trying to fix the 2008 version. Ubuntu has several SIGSEGV crashes reported on kismet 2008-05-R1-4.3: https://launchpad.net/ubuntu/+source/kismet/+bugs I think that the ubuntu situation is orthogonal to the debian one. Since ubuntu takes its packages from unstable, whether or not we remove the package from stable is irrelevant. The bugs for the kismet package in Ubuntu are irrelevant IFF the package in Wheezy doesn't have these SIGSEGV bugs. ;-) [The package versions are essentially identical, and Ubuntu starts with the packages in Debian.] Removing it from unstable is a different story. Concerning Unstable I'm only suggesting updating the version of Kismet, which is what you've already been working on. ;-) [Thanks for this, BTW.] Upstream (Mike Kershaw, who I see at MHVLUG meetings) is frustrated by the fact that this old version of kismet is still being shipped in Ubuntu, because he regularly gets bugs reported to him directly from users that he isn't able to help with because the version is ancient. I'm adding Mike to the list of recipients so that he can have a chance to offer an opinion on whether 2008-06-R1-4.3 should be shipped in Wheezy (and thus shipped for another two years in Debian). It'll be good to get a newer Kismet package in Unstable, since Ubuntu is based on Unstable. My package is almost ready, I expect only minor comments from the review process which will take quite much time since the package is huge and the changes really extensive. Yes, I got bogged down trying to understand the .diff in the existing package (and that's before even trying to do a diff between the old and new package), so I know what you mean. All other bugs are OK. BTW, I guess there is no chance to have the new package in wheezy once it gets released, is this correct? To get a new version in it would have had to have been in Unstable before the freeze in June. Around that time I made a newer Kismet package using debhelper v9, but it wasn't ready before the freeze and the package I made still needs a couple of tweaks, which is why I hadn't tried to file an ITA. OK, this opportunity has passed, but at least I can aim to have the package in unstable in time for the ubuntu 13.04 release. This is first week of March, 2013. That looks like the feature freeze date, yes. Nick -- let me know if you'd like to see what I did re: /debian/* files. The main thing that needs tweaking in the package I came up with had to do with the menu shortcut and how to handle access permissions correctly. Thanks for your offer, but I think I'm ok for now. I think I have already taken care of these two things. Ok, cool. If we need to fix anything then I will have to keep different branches, i.e. one for stable and one for testing, right? Maybe. There will be different package versions, but branches implies using a version control system which isn't a requirement AFAIK. Branches can be even two directories in my disk :) Well... /usually/ the versions of a package in Unstable, Testing, and Stable are all slightly different. snapshot.debian.org keeps a copy of all of these versions, so you effectively automatically get these branches in a way. For instance for kismet: http://snapshot.debian.org/package/kismet/ In any case, I'm planning to put the package in a VCS after the review process is finished. BTW, something I'm curious in, is how many people will keep using the old 2008 version in stable (if it is shipped after all) if ubuntu and unstable/testing have the most recent one. What would be your estimation? Popcon shows 1472 installs of the current package, and 4 kismet installs of a newer version that is not in sid (I'm one of the latter). Is there any way to get statistics for usage (popcon) depending on the release? Sort of -- this deliniation is not reported on popcon.debian.org, but I believe these are statistics that do exist within Debian internally. This recently came up in tech-ctte bug #688772: https://lists.debian.org/debian-ctte/2012/09/msg00077.html https://lists.debian.org/debian-ctte/2012/09/msg00090.html Would a response like please use the recent version in testing be acceptable? IMHO, no. To install the package in Testing on a Stable box requires switching Debian trees temporarily and usually ends up requiring upgrading other packages due to version dependencies, and thus results in the box being in a mixed tree state; then the admin switches trees back to Stable, whereby the box doesn't get security updates for the packages that came from Testing. [I occasionally do this, and so far I've gotten away with it, but it wouldn't be something I'd advise someone else to do.] A better plan for this, IMHO, would be to
Bug#693351: RM: kismet/2008-05-R1-4.3
I think that the ubuntu situation is orthogonal to the debian one. Since ubuntu takes its packages from unstable, whether or not we remove the package from stable is irrelevant. The bugs for the kismet package in Ubuntu are irrelevant IFF the package in Wheezy doesn't have these SIGSEGV bugs. ;-) [The package versions are essentially identical, and Ubuntu starts with the packages in Debian.] I was referring to the status of being shipped/removed with the current distributions. Of course I expect the same segfaults in both of them. Removing it from unstable is a different story. Concerning Unstable I'm only suggesting updating the version of Kismet, which is what you've already been working on. ;-) [Thanks for this, BTW.] You're very welcome. I'm also doing a favour to me here :) Branches can be even two directories in my disk :) Well... /usually/ the versions of a package in Unstable, Testing, and Stable are all slightly different. snapshot.debian.org keeps a copy of all of these versions, so you effectively automatically get these branches in a way. For instance for kismet: http://snapshot.debian.org/package/kismet/ That's something I didn't know, thanks! Popcon shows 1472 installs of the current package, and 4 kismet installs of a newer version that is not in sid (I'm one of the latter). Is there any way to get statistics for usage (popcon) depending on the release? Sort of -- this deliniation is not reported on popcon.debian.org, but I believe these are statistics that do exist within Debian internally. This recently came up in tech-ctte bug #688772: https://lists.debian.org/debian-ctte/2012/09/msg00077.html https://lists.debian.org/debian-ctte/2012/09/msg00090.html OK, it's not that important. I was just curious to know how many people are actually using the old version. Would a response like please use the recent version in testing be acceptable? IMHO, no. To install the package in Testing on a Stable box requires switching Debian trees temporarily and usually ends up requiring upgrading other packages due to version dependencies, and thus results in the box being in a mixed tree state; then the admin switches trees back to Stable, whereby the box doesn't get security updates for the packages that came from Testing. [I occasionally do this, and so far I've gotten away with it, but it wouldn't be something I'd advise someone else to do.] A better plan for this, IMHO, would be to use backports.debian.org for having an upgraded package for Stable available, which could thus stick with the packages in Stable as much as possible, and thus continue to get security updates. Sure, backport is fine. Or provide they can always take the source from testing and build it themselves. I usually do this in Ubuntu: I have the deb-src of the next release in order to package the backports I need myself. Nick -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CANn5kOuWmXkidfp8jRfC1f3=ythada1vk2gqccrv6dsbvwq...@mail.gmail.com
Re: emacsen-common 2.0.4 - acceptable for wheezy?
Adam D. Barratt a...@adam-barratt.org.uk writes: On Sun, 2012-12-09 at 17:03 -0600, Rob Browning wrote: And when I submit 2.0.5 here, should I include the debdiff against 2.0.4, or the full debdiff against what's currently in wheezy (i.e including the 2.0.4 and 2.0.5 diffs)? We'd like at least the latter for review purposes; feel free to include an incremental debdiff as well if you think it'd help / be useful. OK, so here's the new version (2.0.5). Note that the new (2.0.5 specific) changes have also been examined and tested by Sébastien Villemot, which you can see at the end of the bug thread here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693472 Please let me know if I you think I should proceed with an upload to unstable (for wheezy). diff -Nru emacsen-common-2.0.3/debian/changelog emacsen-common-2.0.5/debian/changelog --- emacsen-common-2.0.3/debian/changelog 2012-05-22 22:55:35.0 -0500 +++ emacsen-common-2.0.5/debian/changelog 2012-12-12 20:21:04.0 -0600 @@ -1,3 +1,42 @@ +emacsen-common (2.0.5) unstable; urgency=low + + * Don't ignore dependency install scripts in emacs-package-install. The +previous code didn't actually update the script name properly in the +loop where it was trying to install all of an add-on package's +dependencies. As a result, none of the dependencies' install scripts +were actually invoked. Thanks to Sébastien Villemot +sebast...@debian.org for tracking down the problem, and providing +the patch. (closes: #693472) + + * Invoke each add-on install script correctly as new-style or old-style. +Previously, emacs-package-install would invoke all of the add-on +install scripts in a dependency chain as either old-style or +new-style, based solely on whether or not the package that triggered +the install was old-style or new-style. Now it should invoke each +package's install script based on whether or not the package itself is +new-style or old-style, as determined by the presence or absence of +the policy-required /usr/lib/emacsen-common/packages/compat/PACAKGE +file. Thanks to Sébastien Villemot sebast...@debian.org for the +report. (closes: #693472) + + -- Rob Browning r...@defaultvalue.org Wed, 12 Dec 2012 20:15:05 -0600 + +emacsen-common (2.0.4) unstable; urgency=low + + * Don't use the obsolete calc package as a policy example. +Thanks to A. N. Other a.n.other.deb...@gmail.com for the report. +(closes: #674181) + + * Don't override /usr/local/* load-path entries in debian-run-directories. +Previously, debian-run-directories would prepend all of the add-on +package paths to load-path, which meant that (in violation of Debian +policy) /usr/local wouldn't preceed the other entries. +Thanks to Hendrik Tews hend...@askra.de for the report and Kevin +Ryde use...@zip.com.au for an initial suggested patch -- posted to +#454778. (closes: #676424) + + -- Rob Browning r...@defaultvalue.org Sun, 02 Dec 2012 16:03:18 -0600 + emacsen-common (2.0.3) unstable; urgency=low * Move #DEBHEPLER# up in the postinst to avoid an emacs complaint about diff -Nru emacsen-common-2.0.3/debian-emacs-policy emacsen-common-2.0.5/debian-emacs-policy --- emacsen-common-2.0.3/debian-emacs-policy 2012-05-14 19:00:38.0 -0500 +++ emacsen-common-2.0.5/debian-emacs-policy 2012-05-27 12:20:49.0 -0500 @@ -312,11 +312,9 @@ It's been suggested, and is probably a good idea that maintainers switch to using autoload rather than load when possible in their - site-start.d files. - - For example, instead of (load some-package), you should use - autoloads for all the top level, user visible functions. Currently - the calc package has a good example of this. + site-start.d files. For example, instead of (load some-package), + you should use autoloads for all the top level, user visible + functions. diff -Nru emacsen-common-2.0.3/debian-startup.el emacsen-common-2.0.5/debian-startup.el --- emacsen-common-2.0.3/debian-startup.el 2012-02-11 16:06:54.0 -0600 +++ emacsen-common-2.0.5/debian-startup.el 2012-12-02 19:20:28.0 -0600 @@ -73,14 +73,14 @@ (nreverse result))) (defun debian-run-directories (rest dirs) - Load each file of the form XXfilename.el or XXfilename.elc in any of the dirs, where XX must be a number. The files will be run in alphabetical order. If a file appears in more than one of the dirs, then the earlier dir takes precedence, and a .elc file always supercedes a .el file of the same name. - (let* ((paths dirs) + (let* ((paths (mapcar 'copy-sequence dirs)) ; Ensure we have unique objects. + ;; Get a list of all the files in all the specified ;; directories that match the pattern. (files @@ -89,10 +89,9 @@ (lambda (dir) (directory-files dir nil ^[0-9][0-9].*\\.elc?$ t)) paths))) - +
