Bug#701610: unblock: pktstat/1.8.5-3 + urgency bump
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, Please unblock and bump the urgency of package pktstat. It fixes security issue CVE-2013-0350; #701211: left over debug code caused both a temp file race and information leak. unblock pktstat/1.8.5-3 age-days 2 pktstat/1.8.5-3 Thanks, Thijs -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130225084936.29332.48894.report...@incagijs.uvt.nl
Debian #660492: libgts-dev: gts-config helper return incorect cflags
Hi, I can confirm that rebuilding gts (#660492) fixed the build of gerris (#652258). Maybe binNMUs of gts on all arches is the right thing for wheezy? All binary packages are arch specific, except for libgts-doc which can be kept as is. (But another sourceful upload would have a similar effect.) Rising the severity of #660492 since it blocks #652258 (serious). Thanks, Roland -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/512b400a.4090...@antcom.de
Re: unblock-udeb for xorg-server
Adam D. Barratt a...@adam-barratt.org.uk (24/02/2013): I unblocked xorg-server for a kSBD fix to make the recent qt4-x11 security fix work on that platform. Could I have a udeb ack to go with it, please? As expected, no obvious regressions on linux, so d-i ack. Mraw, KiBi. signature.asc Description: Digital signature
Re: lvm2 and grub2 udeb unblocks
Julien Cristau jcris...@debian.org (18/02/2013): grub2 and lvm2 in sid fix RC bugs, can I haz an ack for their unblock-udebs? Both look OK to me, ack. Mraw, KiBi. signature.asc Description: Digital signature
Re: unblock-udeb for xorg-server
On 25.02.2013 12:58, Cyril Brulebois wrote: Adam D. Barratt a...@adam-barratt.org.uk (24/02/2013): I unblocked xorg-server for a kSBD fix to make the recent qt4-x11 security fix work on that platform. Could I have a udeb ack to go with it, please? As expected, no obvious regressions on linux, so d-i ack. Thanks; unblock-udebbed. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/30cb5ebf75a4ce4844b6fe0456e02...@mail.adsl.funky-badger.org
Re: udeb unblock for libgcrypt11
Andreas Metzler ametz...@downhill.at.eu.org (24/02/2013): FYI I have uploaded 1.5.0-5 about 30 minutes after 1.5.0-4, it adds another important fix. Looks like the upload happened at same time as the mirror push, delaying ACCEPT, otherwise there should not have been any duplicate work. Sorry. Just echoing from IRC: I'd like to perform basic testing with updated packages, which should happen in a few hours, maybe days. If you need to bump the urgency for the bug fixes, yell at me and I'll see if I can test sooner. Mraw, KiBi. signature.asc Description: Digital signature
Re: lvm2 and grub2 udeb unblocks
On Mon, Feb 25, 2013 at 14:04:28 +0100, Cyril Brulebois wrote: Julien Cristau jcris...@debian.org (18/02/2013): grub2 and lvm2 in sid fix RC bugs, can I haz an ack for their unblock-udebs? Both look OK to me, ack. Thanks, hints added. Cheers, Julien signature.asc Description: Digital signature
Re: unblock-udeb for udev 175-7.1
Steve Langasek vor...@debian.org (06/02/2013):
Apologies for taking as long as I have to get around to sending this mail.
Ditto for the reply.
I would like to request an unblock of the udev udeb at version 175-7.1.
unblock-udeb udev/175-7.1
This package is a prerequisite for having a useful version of upstart in
wheezy (bug #686387), and the change should be a no-op with respect to the
installer:
$ debdiff ~/ftp/pool/main/u/udev/udev-udeb_175-7{,.1}_i386.udeb
File lists identical (after any substitutions)
Control files: lines which differ (wdiff format)
Installed-Size: [-427-] {+422+}
Version: [-175-7-] {+175-7.1+}
$
Are there any objections from the d-i side to letting this package into
testing?
The source diff looks OK too, and I saw no obvious regressions from
some quick tests, so that's fine with me.
Mraw,
KiBi.
signature.asc
Description: Digital signature
Re: pixman udeb unblock
Adam D. Barratt a...@adam-barratt.org.uk (18/02/2013):
pixman has a small fix for a security issue (CVE-2013-1591) and a udeb.
Please could I have an {n,}ack for an unblock-udeb?
No obvious regression spotted in the graphical installer, d-i ack.
(Also, feel free to prod me more aggressively when dealing with
security fixes.)
Mraw,
KiBi.
signature.asc
Description: Digital signature
Bug#701624: unblock: dbus-glib/0.100.2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please consider unblocking package dbus-glib: unblock dbus-glib/0.100.2-1 Versions 0.100 and 0.100.1 were released with outdated generated files in the doc/ subdirectory of the tarball. As a result, the API documentation built by the package was very incomplete (#701623). I have resolved this upstream by releasing a new 0.100.2 tarball built in a clean directory. The diffstat (below) is considerable, but most of it is the generated documentation (which is in the tarball, and is also re-generated during build) becoming more complete. The only real source change is 2 lines in configure.ac to change the version number, and the debian/changelog entry. Regards, S +dbus-glib (0.100.2-1) unstable; urgency=low + + * New upstream release +- respin upstream tarball to fix the HTML documentation (Closes: #701623) +- no source changes + + -- Simon McVittie s...@debian.org Mon, 25 Feb 2013 12:58:58 + ChangeLog| 124 config.guess | 49 config.sub | 74 configure| 20 configure.ac |2 debian/changelog |8 depcomp | 190 - doc/reference/dbus-glib-sections.txt | 264 - doc/reference/dbus-glib.types|1 doc/reference/html/ch01.html |2 doc/reference/html/ch02.html | 29 doc/reference/html/ch03.html |6 doc/reference/html/dbus-binding-tool.html|8 doc/reference/html/dbus-glib-DBus-GLib-low-level.html| 248 + doc/reference/html/dbus-glib-DBus-GObject-related-functions.html | 308 + doc/reference/html/dbus-glib-DBusGConnection.html| 388 ++ doc/reference/html/dbus-glib-DBusGError.html | 239 + doc/reference/html/dbus-glib-DBusGMessage.html | 155 doc/reference/html/dbus-glib-DBusGMethod.html| 239 + doc/reference/html/dbus-glib-DBusGProxy.html | 1069 + doc/reference/html/dbus-glib-Specializable-GType-System.html | 1900 +++ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130225134122.ga22...@reptile.pseudorandom.co.uk
Re: pixman udeb unblock
On 25.02.2013 13:39, Cyril Brulebois wrote:
Adam D. Barratt a...@adam-barratt.org.uk (18/02/2013):
pixman has a small fix for a security issue (CVE-2013-1591) and a
udeb.
Please could I have an {n,}ack for an unblock-udeb?
No obvious regression spotted in the graphical installer, d-i ack.
Thanks. unblock-udeb added.
Regards,
Adam
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/ffb7626c7c729eb6aefd0173b1989...@mail.adsl.funky-badger.org
Re: [Pkg-mediawiki-devel] Bug#700595: mediawiki: Upstream bug: Bug 39635 - PostgreSQL LOCK IN SHARE MODE option is a syntax error
Thorsten Glaser schreef op 2013-02-18 14:34: On Mon, 18 Feb 2013, Hans Spaans wrote: I saw I quoted the wrong patchset, it should be Gerrit change #21606 and I have the patch now running on multiple installations. But as this affects the Well, the patch from BZ#39635 in any case. Package 1.19.3-2 seems to be fixing everything and is stable for me. So to the release team the request to unblock this package to allow mediawiki with postgresql to work correctly for others on Wheezy. running of mediawiki on PostgreSQL I included the Release Team in this e-mail to give them a notice. OK. As a notice in advance I'm also preparing another bugreport as the upgrade statements for PostgreSQL are incomplete as it look now. But I need to confirm Hmm. I already added appropriate patches for that, if it’s about BZ#29635 (log_log_id_seq/logging_log_id_seq issue). Or is that something new entirely (which I didn’t hit in my 283 or so wikis)? The upgrade from Squeeze to Wheezy now appears to going correctly. That is the danger from backporting some packages yourself, but this can be ignored. Thank you for the time. With kind regards, Hans -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/8c3c4708c7c65e956c5bb2aeafde4...@imap-proxy.nexit.nl
Bug#700798: unblock: live-tools/3.0.18-1
On 02/24/2013 04:46 PM, Adam D. Barratt wrote: Even as a filtered diff, that's still a reasonably large set of changes. :-( Sorry about that. A few comments / queries: --- live-tools.orig/bin/live-persistence 1970-01-01 01:00:00.0 +0100 +++ live-tools/bin/live-persistence 2013-02-15 10:42:34.619868805 +0100 [...] +Most options correspond to the persistence-* options of live-boot, and will +override the corresponging options parsed from the kernel command-line. corresponding Fixed in git. Thanks. --- live-tools.orig/bin/live-update-initramfs 1970-01-01 01:00:00.0 +0100 +++ live-tools/bin/live-update-initramfs 2013-02-15 09:38:30.324657057 +0100 [...] + # FIXME: needs to exclude initrd backup files + if [ $(ls /boot/initrd.img-* | wc -l) -gt 1 ] + then + _NUMBER=1 + + for _INITRD in /boot/initrd.img-* FIXMEs in apparently final(ish) code always make me slightly wary. What's the real-world effect of the loop picking up backup files? It would appear the intent of this code is to ensure when running in a live system, results of a real update-initramfs are copied to the live medium safely (i.e. copied first to ensure we have space, then renamed to a shorter name, presumably because some supported filesystems are limited in length of filename that is supported). If a backup filename exists (i.e. initrd.img-* with some additional suffix), then assuming there is no corresponding vmlinuz-* with the same suffix, the cp of that kernel will fail and no further kernels will be processed. Real-world effects: - any initrd/kernel pairs for kernel versions preceding encountering the initrd backup will have been successfully copied (at least the first real initrd/kernel will have been copied) - any initrd/kernel pairs including the backup and following will not be copied to the live media Please note that prior to introduction of this code, it was not possible for users to update their kernel and initrd in a live system with writable live media. Also, the code will not run except on a live system. Also, the failure does not leave the system unbootable, just without second and subsequent kernels actually updated. Possible user recovery: - removal of the backup files (I have not seen any of these. Who creates such files?) should allow live-update-initramfs to operate properly The other questions are harder. I will investigate further and get back to you. Thanks, Ben -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/512b75cc.1040...@sanctuary.nslug.ns.ca
Re: unblock-udeb for udev 175-7.1
On Mon, Feb 25, 2013 at 02:01:09PM +0100, Cyril Brulebois wrote:
Steve Langasek vor...@debian.org (06/02/2013):
Apologies for taking as long as I have to get around to sending this mail.
Ditto for the reply.
I would like to request an unblock of the udev udeb at version 175-7.1.
unblock-udeb udev/175-7.1
This package is a prerequisite for having a useful version of upstart in
wheezy (bug #686387), and the change should be a no-op with respect to the
installer:
$ debdiff ~/ftp/pool/main/u/udev/udev-udeb_175-7{,.1}_i386.udeb
File lists identical (after any substitutions)
Control files: lines which differ (wdiff format)
Installed-Size: [-427-] {+422+}
Version: [-175-7-] {+175-7.1+}
$
Are there any objections from the d-i side to letting this package into
testing?
The source diff looks OK too, and I saw no obvious regressions from
some quick tests, so that's fine with me.
Thanks, udeb unblock added!
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developerhttp://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
signature.asc
Description: Digital signature
Bug#701132: marked as done (unblock: openjdk-7/7u3-2.1.6-1 and icedtea-web/1.3.1-2.1)
Your message dated Mon, 25 Feb 2013 19:58:56 + with message-id 1361822336.30628.1.ca...@jacala.jungle.funky-badger.org and subject line Re: Bug#701132: unblock: openjdk-7/7u3-2.1.6-1 and icedtea-web/1.3.1-2.1 has caused the Debian Bug report #701132, regarding unblock: openjdk-7/7u3-2.1.6-1 and icedtea-web/1.3.1-2.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 701132: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701132 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock please unblock openjdk-7/7u3-2.1.6-1 and icedtea-web/1.3.1-2.1. The openjdk-7 uploads includes two batches of security issues from Feb 2013. The package stops building for mips and mipsel to have an option to update to a more recent openjdk-7 version (which fails to build on mipsen since mid 2012). icedtea-web was updated not to build for mipsen anymore, and octave-java needs removal of binary packages (#701090, #701122). icedtea-web (1.3.1-3) unstable; urgency=low * Team upload. * Remove mips and mipsel from architectures. (Closes: #701091) openjdk-7 (7u3-2.1.6-1) unstable; urgency=high * IcedTea7 2.1.5 release: * Security fixes: - S6563318, CVE-2013-0424: RMI data sanitization. - S6664509, CVE-2013-0425: Add logging context. - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time. - S6776941: CVE-2013-0427: Improve thread pool shutdown. - S7141694, CVE-2013-0429: Improving CORBA internals. - S7173145: Improve in-memory representation of splashscreens. - S7186945: Unpack200 improvement. - S7186946: Refine unpacker resource usage. - S7186948: Improve Swing data validation. - S7186952, CVE-2013-0432: Improve clipboard access. - S7186954: Improve connection performance. - S7186957: Improve Pack200 data validation. - S7192392, CVE-2013-0443: Better validation of client keys. - S7192393, CVE-2013-0440: Better Checking of order of TLS Messages. - S7192977, CVE-2013-0442: Issue in toolkit thread. - S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies. - S7200491: Tighten up JTable layout code. - S7200493, CVE-2013-0444: Improve cache handling. - S7200499: Better data validation for options. - S7200500: Launcher better input validation. - S7201064: Better dialogue checking. - S7201066, CVE-2013-0441: Change modifiers on unused fields. - S7201068, CVE-2013-0435: Better handling of UI elements. - S7201070: Serialization to conform to protocol. - S7201071, CVE-2013-0433: InetSocketAddress serialization issue. - S8000210: Improve JarFile code quality. - S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class. - S8000539, CVE-2013-0431: Introspect JMX data handling. - S8000540, CVE-2013-1475: Improve IIOP type reuse management. - S8000631, CVE-2013-1476: Restrict access to class constructor. - S8001235, CVE-2013-0434: Improve JAXP HTTP handling. - S8001242: Improve RMI HTTP conformance. - S8001307: Modify ACC_SUPER behavior. - S8001972, CVE-2013-1478: Improve image processing. - S8002325, CVE-2013-1480: Improve management of images. * Backports: - S7054590: (JSR-292) MethodHandleProxies.asInterfaceInstance() accepts private/protected nested interfaces. - S7175616: Port fix for TimeZone from JDK 8 to JDK 7. - S8002068: Build broken: corba code changes unable to use new JDK 7 classes. - S8004341: Two JCK tests fails with 7u11 b06. - S8005615: Java Logger fails to load tomcat logger implementation (JULI). * IcedTea7 2.1.6 release: * Security fixes: - S8004937, CVE-2013-1484: Improve proxy construction. - S8006439, CVE-2013-1485: Improve MethodHandles coverage. - S8006446, CVE-2013-1486: Restrict MBeanServer access. - S8006777, CVE-2013-0169: Improve TLS handling of invalid messages. - S8007688: Blacklist known bad certificate. * Backports: - S7123519: problems with certification path. - S8007393: Possible race condition after JDK-6664509. - S8007611: logging behavior in applet changed. * Fix font suggestion for indic fonts in wheezy. * Fix fontconfig definitions for japanese and korean fonts, fixing compilation of the fontconfig file. * Add Built-Using: rhino attribute for the -lib package. * Don't use concurrent features to rewrite the rhino jar file. * Enable class data sharing for the hotspot server
Bug#701663: pre-approve unblock: tryton-server/2.2.7-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Dear release managers, please approve the upload of tryton-server_2.2.7-1. There were several bugfix releases in Tryton, that are out since a considerable time and thus are well tested. I am filing this unblock request for the server first to know if it finds the approval of the release team. Once it is accepted I will file the unblock requests for the client and 16 modules. Those fixes are generally quite smaller than this one. Upstream VCS of tryton-server is at [1]. The new version contains the following fixes: * Fix documentation about child * http://hg.tryton.org/2.2/trytond/rev/c9909a4825d1 * Fix domain concatenation between list and tuple * http://hg.tryton.org/2.2/trytond/rev/518c047f560e * Set domain_get mode correctly * http://hg.tryton.org/2.2/trytond/rev/2027979de6eb * Fix read related values of reference fields * http://hg.tryton.org/2.2/trytond/rev/bc728fcb3c49 * fix use of password not in ASCII * http://hg.tryton.org/2.2/trytond/rev/0b7f360ee251 * Add missing context when filling cache from search * http://hg.tryton.org/2.2/trytond/rev/6841eaa2a624 * local_cache and model2ids must depend on datetime * http://hg.tryton.org/2.2/trytond/rev/89d4d6c8c19a Additionally * Updating to Standards-Version: 3.9.4, no changes needed. * Removing obsolete Dm-Upload-Allowed to get the package lintian clean [2]. [1] http://hg.tryton.org/2.2/trytond [2] http://lintian.debian.org/maintainer/maintain...@debian.tryton.org.html#tryton-server debdiff attached unblock: tryton-server/2.2.7-1 diff -Nru tryton-server-2.2.4/CHANGELOG tryton-server-2.2.7/CHANGELOG --- tryton-server-2.2.4/CHANGELOG 2012-09-10 18:06:36.0 +0200 +++ tryton-server-2.2.7/CHANGELOG 2013-02-12 18:12:09.0 +0100 @@ -1,3 +1,12 @@ +Version 2.2.7 - 2013-02-12 +* Bug fixes (see mercurial logs for details) + +Version 2.2.6 - 2012-12-23 +* Bug fixes (see mercurial logs for details) + +Version 2.2.5 - 2012-11-05 +* Bug fixes (see mercurial logs for details) + Version 2.2.4 - 2012-09-10 * Bug fixes (see mercurial logs for details) diff -Nru tryton-server-2.2.4/COPYRIGHT tryton-server-2.2.7/COPYRIGHT --- tryton-server-2.2.4/COPYRIGHT 2012-09-10 18:06:35.0 +0200 +++ tryton-server-2.2.7/COPYRIGHT 2013-02-12 18:12:08.0 +0100 @@ -1,7 +1,7 @@ Copyright (C) 2004-2008 Tiny SPRL. -Copyright (C) 2007-2012 Cédric Krier. +Copyright (C) 2007-2013 Cédric Krier. Copyright (C) 2007-2011 Bertrand Chenal. -Copyright (C) 2008-2012 B2CK SPRL. +Copyright (C) 2008-2013 B2CK SPRL. Copyright (C) 2011 Openlabs Technologies Consulting (P) Ltd. This program is free software: you can redistribute it and/or modify diff -Nru tryton-server-2.2.4/debian/changelog tryton-server-2.2.7/debian/changelog --- tryton-server-2.2.4/debian/changelog 2012-10-03 21:52:54.0 +0200 +++ tryton-server-2.2.7/debian/changelog 2013-02-24 22:14:47.0 +0100 @@ -1,3 +1,15 @@ +tryton-server (2.2.7-1) unstable; urgency=low + + * Merging upstream version 2.2.5. + * Merging upstream version 2.2.6. + * Merging upstream version 2.2.7. + * Refreshing 02-support-pywebdav-0.9.8 patch. + * Updating to Standards-Version: 3.9.4, no changes needed. + * Removing obsolete Dm-Upload-Allowed + * Updating copyright. + + -- Mathias Behrle mathi...@m9s.biz Sun, 24 Feb 2013 22:14:23 +0100 + tryton-server (2.2.4-1) unstable; urgency=low * Merging upstream version 2.2.4. diff -Nru tryton-server-2.2.4/debian/control tryton-server-2.2.7/debian/control --- tryton-server-2.2.4/debian/control 2012-09-11 19:41:40.0 +0200 +++ tryton-server-2.2.7/debian/control 2013-02-24 22:01:37.0 +0100 @@ -3,9 +3,8 @@ Priority: optional Maintainer: Debian Tryton Maintainers maintain...@debian.tryton.org Uploaders: Daniel Baumann dan...@debian.org, Mathias Behrle mathi...@m9s.biz -Dm-Upload-Allowed: yes Build-Depends: debhelper (= 9), python (= 2.6.6-3~), python-setuptools -Standards-Version: 3.9.3 +Standards-Version: 3.9.4 Homepage: http://www.tryton.org/ Vcs-Browser: http://debian.tryton.org/gitweb/?p=packages/tryton-server.git Vcs-Git: git://debian.tryton.org/git/packages/tryton-server.git diff -Nru tryton-server-2.2.4/debian/copyright tryton-server-2.2.7/debian/copyright --- tryton-server-2.2.4/debian/copyright 2012-09-11 19:41:40.0 +0200 +++ tryton-server-2.2.7/debian/copyright 2013-02-24 22:07:39.0 +0100 @@ -2,10 +2,10 @@ Files: * Copyright: 2004-2008 Tiny SPRL - 2007-2012 Cedric Krier + 2007-2013 Cédric Krier 2007-2011 Bertrand Chenal - 2008-2012 B2CK SPRL - 2011 Openlabs Technologies Consulting (P) Ltd. + 2008-2013 B2CK SPRL + 2011 Openlabs Technologies Consulting (P) Ltd License: GPL-3+ Files: doc/* diff -Nru tryton-server-2.2.4/debian/patches/02-support-pywebdav-0.9.8
