Bug#724861: pu: package intel-microcode/1.20130906.1
On Sun, 29 Sep 2013, Cyril Brulebois wrote: There is not much data on what release managers think about rushing upgrades into p-u, but the fact there's no definitive data point on the microcode update, and the fact that it has been available for less than a week seem to point out that letting this update reach p-u before the next point release is highly unlikely. Let it cook for a while if you think its best, it is not like we really know how emergencial these updates are (or are not). wheezy-backports is there to help anyone that requires less latency on microcode updates. However, this stable update was not exactly rushed in the sense that the new package really just changes docs and a data file, so it has negligible chance of extra breakage when compared to what is already in p-u. [1] even if we don't know anything about what the Intel datafile changes *do*. -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130929060427.ga26...@khazad-dum.debian.net
NEW changes in stable-new
Processing changes file: cups_1.5.3-5+deb7u1_armel.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vqay3-0007nm...@franck.debian.org
NEW changes in stable-new
Processing changes file: glusterfs_3.2.7-3+deb7u1_armel.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vqbic-0006th...@franck.debian.org
Processed: block 723569 with 722041 722020 722035 722033 722042 722040 722044 722018 722023, tagging 722018
Processing commands for cont...@bugs.debian.org: block 723569 with 722041 722020 722035 722033 722042 722040 722044 722018 722023 Bug #723569 [release.debian.org] transition: evolution-data-server 3.8 and friends 723569 was blocked by: 722022 723569 was not blocking any bugs. Added blocking bug(s) of 723569: 722040, 722020, 722035, 722042, 722023, 722041, 722044, 722018, and 722033 tags 722018 + jessie sid Bug #722018 [src:evolution-mapi] evolution-mapi: FTBFS agains evolution-data-server 3.8 Added tag(s) sid and jessie. thanks Stopping processing here. Please contact me if you need assistance. -- 722018: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=722018 723569: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723569 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.13804507284835.transcr...@bugs.debian.org
NEW changes in stable-new
Processing changes file: glusterfs_3.2.7-3+deb7u1_mips.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vqezq-cl...@franck.debian.org
Bug#724895: pu: package perspectives-extension/4.3.1-1+deb7u1
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: pu
Hi,
As agreed with the security team and the current maintainer, we’d like
to include this security fix via the upcoming point release, because the
package has a low popcon and requires a very unusual configuration to
trigger the flaw (but with such a configuration, it completely
undermines the security model perspectives attempts to provide).
The proposed update aim to fix the issue disclosed recently on the
upstream project website [1] and the upstream bug tracker [2].
1:
http://perspectives-project.org/2013/09/19/security-alert-incorrect-quorum-with-low-number-of-notaries-andor-low-quorum-percentage/
2: https://github.com/danwent/Perspectives/issues/87
The two upstream commits to fix this issue (cb3d991 and 1f85a52) apply
properly into stable once fe6551e is also applied, thus the three
patches.
Regards
David
P.-S.: The fix “already” made it to Jessie.
-- System Information:
Debian Release: 7.1
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable'), (150, 'testing'), (120, 'unstable'), (110, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru perspectives-extension-4.3.1/debian/changelog perspectives-extension-4.3.1/debian/changelog
--- perspectives-extension-4.3.1/debian/changelog 2012-06-28 16:45:35.0 -0400
+++ perspectives-extension-4.3.1/debian/changelog 2013-09-26 19:47:24.0 -0400
@@ -1,3 +1,11 @@
+perspectives-extension (4.3.1-1+deb7u1) wheezy; urgency=low
+
+ * Backport security fix from 4.3.6.
+Incorrect quorum length with low number of notaries and/or low quorum
+percentage.
+
+ -- David Prévot taf...@debian.org Thu, 26 Sep 2013 19:25:32 -0400
+
perspectives-extension (4.3.1-1) unstable; urgency=low
* New upstream version.
diff -Nru perspectives-extension-4.3.1/debian/patches/0001-Pers_client_policy-Add-checks-against-quorum-size-0.patch perspectives-extension-4.3.1/debian/patches/0001-Pers_client_policy-Add-checks-against-quorum-size-0.patch
--- perspectives-extension-4.3.1/debian/patches/0001-Pers_client_policy-Add-checks-against-quorum-size-0.patch 1969-12-31 20:00:00.0 -0400
+++ perspectives-extension-4.3.1/debian/patches/0001-Pers_client_policy-Add-checks-against-quorum-size-0.patch 2013-09-26 19:23:54.0 -0400
@@ -0,0 +1,50 @@
+From: Dave Schaefer dave.schae...@gmail.com
+Date: Wed, 18 Sep 2013 21:26:48 -0600
+Subject: Pers_client_policy - Add checks against quorum size 0
+
+We should never return true nor report any duration for sizes 1.
+
+Origin: upstream, https://github.com/danwent/Perspectives/commit/cb3d9913217afb0973281275cd4269ed0c1acc2c
+Bug: https://github.com/danwent/Perspectives/issues/87
+---
+ plugin/chrome/content/client_policy.js | 13 +
+ 1 file changed, 13 insertions(+)
+
+diff --git a/plugin/chrome/content/client_policy.js b/plugin/chrome/content/client_policy.js
+index fd74f43..72f31c6 100644
+--- a/plugin/chrome/content/client_policy.js
b/plugin/chrome/content/client_policy.js
+@@ -119,6 +119,10 @@ get_all_key_changes : function(results) {
+ } ,
+
+ check_current_consistency : function(test_key,results,quorum_size,stale_limit_secs,cur_time) {
++ if (quorum_size 1) {
++ Pers_debug.d_print(error, ERROR: quorum size cannot be less than 1.);
++ return false;
++ }
+ //get_all_key_changes(results);
+ var num_valid = Pers_client_policy.get_num_valid_notaries(test_key,results,stale_limit_secs,cur_time);
+ Pers_debug.d_print(policy,
+@@ -127,6 +131,10 @@ check_current_consistency : function(test_key,results,quorum_size,stale_limit_se
+ },
+
+ has_quorum_at_time : function(test_key, results, quorum_size, time) {
++ if (quorum_size 1) {
++ Pers_debug.d_print(error, ERROR: quorum size cannot be less than 1.);
++ return false;
++ }
+ Pers_debug.d_print(policy, testing quorum for time + time +
+ and key: + test_key);
+ var total_valid = 0;
+@@ -156,6 +164,11 @@ has_quorum_at_time : function(test_key, results, quorum_size, time) {
+ // returns duration in seconds - i.e. days * 24 * 3600.
+ get_quorum_duration : function(test_key, results, quorum_size, stale_limit_secs, unixtime) {
+
++ if (quorum_size 1) {
++ Pers_debug.d_print(error, ERROR: quorum size cannot be less than 1.);
++ return false;
++ }
++
+ if(! Pers_client_policy.check_current_consistency(test_key,results,quorum_size,
+ stale_limit_secs,unixtime)) {
+ Pers_debug.d_print(policy,current_consistency_failed);
diff -Nru perspectives-extension-4.3.1/debian/patches/0002-Perspectives-Move-quorum-calculation-to-its-own-func.patch perspectives-extension-4.3.1/debian/patches/0002-Perspectives-Move-quorum-calculation-to-its-own-func.patch
---
Bug#723569: transition: evolution-data-server 3.8 and friends
Hi, Am 21.09.2013 13:13, schrieb Michael Biebl: Am 21.09.2013 12:49, schrieb Michael Biebl: I've filed RM requests for tasks contacts dates evolution-exchange and poked Luca about that. done almanah, obexd and hdate-applet had sourceful uploads in the mean time (either removing EDS support or updating it to the new API). I've prepared an NMU for gnome-phone-manager, uploaded to DELAYED/3, patch/debdiff sent to the maintainer for review. gnome-phone-manager has been built successfully everywhere. jana and glables have been fixed in experimental, maintainers have been poked to upload the package to unstable. jana has been uploaded to unstable, glables upload still pending. Sjoerd is currently looking into the gnome-panel crash that resulted from updating it to the new libgweather API. Sjoerd has made the upload for libgweather and gnome-panel in the mean time. I went through the remaining list, and I'd like to request the removal from testing for the following packages. I checked all of them for reverse (build) dependencies - evolution-mapi (fix available, currently blocked by samba4/samba) - evolution-webcal (we still need to decide if we want to keep that) - syncevolution (new upstream version available which is supposed to fix the FTBFS, a bit too much for an NMU I think) - sflphone (looks like a useful application, with popcon numbers which are a bit to high to simply request its removal) - ruby-revolution (not quite sure about this one, tbh. popcon very low, last upload 2012-06-26, might be RM candidate) - eweouz (Tollef has been updating the package in the past for EDS API changes, so I'd keep it for now) Tollef is currently investigating that. Apparently the package is more or less ready and just needs an upload. - ffgtk (maintainer seems to be active, last upload 2013-06-28) Anything else we can help with? Please let us know, so we can finish this transition as quickly as possible. Cheers, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#723569: transition: evolution-data-server 3.8 and friends
On Sun, Sep 29, 2013 at 16:08:31 +0200, Michael Biebl wrote: Anything else we can help with? Please let us know, so we can finish this transition as quickly as possible. I'm waiting for a decruft of the ood eds binaries. Cheers, Julien signature.asc Description: Digital signature
Proposal of two release goals: honor of the CC and CXX variables + clang as a second compiler for Debian
Hello, I would like to propose two release goals for Jessie (and probably Jessie + 1). First, I would like to propose a release goal which will aim to make sure that the CC and CXX variables are honored. Currently, last time I tried, around 40 % of the packages will not take in account such declaration [1]. CC=/usr/bin/randomcompiler CXX=/usr/bin/randomcompiler++ dpkg-buildpackage This will require fixes in Debian build system and, in some cases, upstream build systems (even if autotools based and cmake based should be fine). This first release goal is interesting for my second item but also for experimentations with other tools like scan-build (and maybe to cross building purposes too). Second, for those who know me, it won't be surprise ;). I would like to propose the support of clang (the compiler based on LLVM) as a second compiler for the Debian archive. Even if this will require some fixes in Debian codes, I am going to take some of the load on LLVM/Clang (One of the way will be to decrease the number of warnings activated by default in Clang and move some errors to warnings: the -O6 error for example). Of course, this release goal depends on the first one (there are workarounds but not very clean). I am going to write the wiki pages probably tomorrow. Regards, Sylvestre [1] Basically, I replaced /usr/bin/gcc* and /usr/bin/g++* by a script like: #!/bin/sh echo This should not be used exit 42 and relaunched a full rebuild -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/524836b8.70...@debian.org
Bug#723569: transition: evolution-data-server 3.8 and friends
Am 29.09.2013 16:15, schrieb Julien Cristau: On Sun, Sep 29, 2013 at 16:08:31 +0200, Michael Biebl wrote: Anything else we can help with? Please let us know, so we can finish this transition as quickly as possible. I'm waiting for a decruft of the ood eds binaries. Ok, this is something for our ftp-masters and they already know about this. Is anything blocking the decrufting of the eds binaries (where we, pkg-gnome, can help with)? Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Re: Bug#723569: transition: evolution-data-server 3.8 and friends
On Sun, Sep 29, 2013 at 16:20:27 +0200, Michael Biebl wrote: Is anything blocking the decrufting of the eds binaries (where we, pkg-gnome, can help with)? No. Cheers, Julien signature.asc Description: Digital signature
Re: Proposal of two release goals: honor of the CC and CXX variables + clang as a second compiler for Debian
On Sun, Sep 29, 2013 at 16:18:32 +0200, Sylvestre Ledru wrote: Hello, I would like to propose two release goals for Jessie (and probably Jessie + 1). First, I would like to propose a release goal which will aim to make sure that the CC and CXX variables are honored. Currently, last time I tried, around 40 % of the packages will not take in account such declaration [1]. CC=/usr/bin/randomcompiler CXX=/usr/bin/randomcompiler++ dpkg-buildpackage I for one don't think package builds should obey random environment variables, so I wouldn't consider a failure of the above command a bug, let alone an important one. And 40% of failures means this isn't even close to achievable as a release goal, even if there was consensus around the idea. What would that buy you over changing /usr/bin/cc and /usr/bin/c++ anyway? Cheers, Julien signature.asc Description: Digital signature
Bug#724849: pu: package perl/5.14.2-21+deb7u1
On Sat, Sep 28, 2013 at 11:07:30PM +0100, Adam D. Barratt wrote: Control: tags -1 + confirmed wheezy On 2013-09-28 19:08, Dominic Hargreaves wrote: Attached are two patches against perl 5.14.2-21 for consideration for the next wheezy point release. The first patch contains mainly functional changes with associated Debian bugs. The second set are correctness/believed-to-be-non-exploitable security issues taken from 5.14.4. Please note that a separate bug report will follow for libdigest-sha-perl, which will need to be released at the same time. Please would you let me know whether I may upload packages including either or both sets of changes? Assuming the resulting packages have been tested on wheezy systems, please feel free to go ahead with both sets of changes; thanks. Yep. Thanks, done. Dominic. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130929153615.gi19...@urchin.earth.li
Bug#724850: pu: package libdigest-sha-perl/5.71-2+deb7u1
On Sat, Sep 28, 2013 at 11:00:14PM +0100, Adam D. Barratt wrote: Control: tags -1 + wheezy confirmed On 2013-09-28 19:14, Dominic Hargreaves wrote: As discussed in #724849, this should be considered for the next wheezy point release. Please go ahead; thanks. Thanks, done. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130929153603.gh19...@urchin.earth.li
Your tntnet {,old}stable uploads
Hi, I noticed that there are tntnet uploads sitting in the stable NEW and oldstable NEW queues, which appear to have been prepared for you. I'm afraid that I'll be rejecting them, at least on the grounds that the version number for the stable upload is 2.1-2+deb6u1, which indicates that it was intended for Debian 6, which is currently oldstable; similarly, the oldstable upload is versioned as 1.6.3-4+deb5u1 - lenny is not oldstable. Two other questions relating to the uploads: - Have they been discussed with the security team, in terms of whether they wish to issue a DSA? There's no indication of such discussion in the bug log for #724746 at least. - What's the plan for getting the bug fixed in unstable? Where bugs apply to both stable and unstable, they should be fixed in unstable first, in order to (hopefully) allow at least serious issues with the patch to be discovered before it reaches stable. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1380472676.4577.21.ca...@jacala.jungle.funky-badger.org
chmsee and education-desktop-lxde
Hi, We're considering removing chmsee from stable due to its non-compatibility with newer iceweasel versions; see #723116. chmsee only has one reverse-dependency in the archive - education-desktop-lxde, which recommends it. Given the nature of the software, I'm not really sure why that recommendation is in place, and I couldn't find any hints in the changelog. Would anyone be able to enlighten me or provide further information? Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1380474039.4577.25.ca...@jacala.jungle.funky-badger.org
NEW changes in oldstable-new
Processing changes file: tntnet_1.6.3-4+deb5u1_amd64.changes REJECT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vqk9f-000794...@franck.debian.org
NEW changes in stable-new
Processing changes file: tntnet_2.1-2+deb6u1_amd64.changes REJECT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vqk9c-000729...@franck.debian.org
automake transition breakages
Hi, recent automake transition to 1.14 broke (FTBFS) at least two of my packages. Would it be possible to coordinate the (next) transition better than uploaddeal with breakages like we do with the rest of our packages? O. -- Ondřej Surý ond...@sury.org Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1380474955.16141.27835205.4f731...@webmail.messagingengine.com
Re: Your tntnet {,old}stable uploads
On Sun, 2013-09-29 at 17:37 +0100, Adam D. Barratt wrote: - Have they been discussed with the security team, in terms of whether they wish to issue a DSA? There's no indication of such discussion in the bug log for #724746 at least. - What's the plan for getting the bug fixed in unstable? Where bugs apply to both stable and unstable, they should be fixed in unstable first, in order to (hopefully) allow at least serious issues with the patch to be discovered before it reaches stable. For the record, Kari confirmed off-list that the security team do not plan to issue a DSA and that the bug does not affect the version of the package in testing / unstable. The packages have been re-uploaded with corrected version numbers and I'll process them soon. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1380482446.4577.33.ca...@jacala.jungle.funky-badger.org
Re: Your tntnet {,old}stable uploads
Hi, * Adam D. Barratt a...@adam-barratt.org.uk [2013-09-29 18:42]: [...] - Have they been discussed with the security team, in terms of whether they wish to issue a DSA? There's no indication of such discussion in the bug log for #724746 at least. Yes, we advised him to fix this particular issue via spu. Cheers Nico -- Nico Golde - XMPP: n...@jabber.ccc.de - GPG: 0xA0A0 pgpZ0_6m3mFmz.pgp Description: PGP signature
Re: DSA concerns for jessie architectures - mips/mipsel
Hi Graham, ]] Graham Whaley sorry if you get an unwanted Cc on this, I'm not sure what, if any of the lists you're reading. I'd like to respond to your call for help regards the release qualification matrix, in particular for hardware (buildd and porter machines), and in particular for mips and mipsel arch. I wish to work with you to remedy some of the listed issues. I've started working with MIPS hardware vendors on availability and pricing of hardware. That's good news, once you have solid numbers, I'd be most interested in seeing them. Feel free to just mail d...@debian.org if the numbers are confidential. Having researched your current mips/mipsel setup and the requirements for jessie, the issues as I see them, and hopefully solutions, are: 1) reliability. Corelli and Gabrielli are unstable. I saw the thread way back where they were investigated, but it seems un-fixable (and the machines are now rather old). Let's work on replacing both of those, and maybe Lucatelli as well, as it appears to be the same hardware (but possibly stable?). I think this makes sense. 2) supportability. We'll work on this to see what the options are. I'm sure we all want boxes that can be maintained/replaced easily. 3) speed. I see 'mips' (but not mipsel in particular) listed as 'too slow'. Sure, Can somebody point me at some indication of the minimum requirement here (not that I'm particularly aiming at the minimum, I just wish to ensure we reach it :-). And, is this just pure single-multi-core/thread-machine speed, or is it a solvable problem by using multiple machines if necessary ? I think others have covered this: the buildds need to be able to keep up, which can be done with multiple machines. In addition the current MIPS machines are currently significantly slower than even armel (so that upgrading packages and running samhain take unreasonably long). These are single-core performance tasks and don't scale with the number of machines. 4) I see there is a note about an 'opcode implementation error' for a mipsel porter box. Sounds like a new machine(s) is needed there as well. Could somebody point me at some data on the opcode issue (more out of interest really...). The mono JIT doesn't work on our MIPS machines due to the machines not implementing the full architecture spec, AIUI. Porter and buildd boxes should not have hardware bugs like that. From the three types of machines I see you currently have I believe there are more modern versions of all of those, and possibly some others. I believe we will be able to locate hardware to solve the issues. That would be great. Ideally, we'd want fast, server class machines with working OOB (both power and console), that use standard hardware (SATA/SAS drives, etc) and that we have some kind of warranty for, so we can get them replaced when they fail. Ideally world-wide, so we can have them hosted where we want. -- Tollef Fog Heen, DSA UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/8761tjz890@qurzaw.varnish-software.com
Re: Proposal of two release goals: honor of the CC and CXX variables + clang as a second compiler for Debian
On 29/09/2013 16:36, Julien Cristau wrote: On Sun, Sep 29, 2013 at 16:18:32 +0200, Sylvestre Ledru wrote: Hello, I would like to propose two release goals for Jessie (and probably Jessie + 1). First, I would like to propose a release goal which will aim to make sure that the CC and CXX variables are honored. Currently, last time I tried, around 40 % of the packages will not take in account such declaration [1]. CC=/usr/bin/randomcompiler CXX=/usr/bin/randomcompiler++ dpkg-buildpackage I for one don't think package builds should obey random environment variables, so I wouldn't consider a failure of the above command a bug, Why ? I am not sure that CC CXX are random variables :) let alone an important one. And 40% of failures means this isn't even close to achievable as a release goal, even if there was consensus around the idea. I will have to double check the number. It might be lower... but it is quite high :( What would that buy you over changing /usr/bin/cc and /usr/bin/c++ anyway? It is pretty much the same. To change /usr/bin/cc, you have to make sure that the packages will be using it... Sylvestre -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/52488d4d.7090...@debian.org
Processed: Re: Bug#724850: pu: package libdigest-sha-perl/5.71-2+deb7u1
Processing control commands: tags -1 + pending Bug #724850 [release.debian.org] pu: package libdigest-sha-perl/5.71-2+deb7u1 Added tag(s) pending. -- 724850: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724850 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b724850.138048706630663.transcr...@bugs.debian.org
Bug#724850: pu: package libdigest-sha-perl/5.71-2+deb7u1
Control: tags -1 + pending On Sun, 2013-09-29 at 16:36 +0100, Dominic Hargreaves wrote: On Sat, Sep 28, 2013 at 11:00:14PM +0100, Adam D. Barratt wrote: On 2013-09-28 19:14, Dominic Hargreaves wrote: As discussed in #724849, this should be considered for the next wheezy point release. Please go ahead; thanks. Thanks, done. Flagged for acceptance; thanks. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1380487055.4577.34.ca...@jacala.jungle.funky-badger.org
Bug#724857: pu: package python-defaults/2.7.3-4
Control: tags -1 + pending On Sat, 2013-09-28 at 23:42 -0400, Scott Kitterman wrote: On Sunday, September 29, 2013 04:14:13 Cyril Brulebois wrote: Scott Kitterman deb...@kitterman.com (2013-09-28): In Wheezy, we inadvertently failed to include /usr/bin/python2. Since the freeze/release, it's become clearer that the use of /usr/bin/python2 in third party scripts is increasing. Leaving aside the sanity of this approach, it is the upstream Python recommendation to provide it and Debian's lack of it is causing problems for users. ... Looks reasonable to me, please upload. Uploaded. Flagged for acceptance. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1380487170.4577.36.ca...@jacala.jungle.funky-badger.org
Processed: Re: Bug#724849: pu: package perl/5.14.2-21+deb7u1
Processing control commands: tags -1 + pending Bug #724849 [release.debian.org] pu: package perl/5.14.2-21+deb7u1 Added tag(s) pending. -- 724849: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724849 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b724849.138048711530786.transcr...@bugs.debian.org
Processed: Re: Bug#724857: pu: package python-defaults/2.7.3-4
Processing control commands: tags -1 + pending Bug #724857 [release.debian.org] pu: package python-defaults/2.7.3-4 Added tag(s) pending. -- 724857: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724857 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b724857.138048717831083.transcr...@bugs.debian.org
Bug#724849: pu: package perl/5.14.2-21+deb7u1
Control: tags -1 + pending On Sun, 2013-09-29 at 16:36 +0100, Dominic Hargreaves wrote: On Sat, Sep 28, 2013 at 11:07:30PM +0100, Adam D. Barratt wrote: On 2013-09-28 19:08, Dominic Hargreaves wrote: Attached are two patches against perl 5.14.2-21 for consideration for the next wheezy point release. The first patch contains mainly functional changes with associated Debian bugs. The second set are correctness/believed-to-be-non-exploitable security issues taken from 5.14.4. Please note that a separate bug report will follow for libdigest-sha-perl, which will need to be released at the same time. Please would you let me know whether I may upload packages including either or both sets of changes? Assuming the resulting packages have been tested on wheezy systems, please feel free to go ahead with both sets of changes; thanks. Yep. Thanks, done. Flagged for acceptance; thanks. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1380487107.4577.35.ca...@jacala.jungle.funky-badger.org
Bug#693216: pu: firebird2.5/2.5.2.26539.ds4-1
Hi Damyan, Damyan Ivanov d...@debian.org (2013-05-28): This all happened, and firebird2.5 version 2.5.2.26540.ds4-1 had 20 days in unstable without new bugs. It migrated to testing after a giveback on sparc (first attempt crashed the compiler). Perhaps it is time to consider it for 7.0.1? looking at it for 7.2 now, sorry it took so long. The last patch, out/crash-create-db-restricted.patch is for a crash that is claimed fixed in upstream Svn, but the actual commit is missing. I have produced it by looking at the surrounding code. Upstream bug is at http://tracker.firebirdsql.org/browse/CORE-3996 Given the current status on this page, I suspect a proper commit is available now, I guess you could double check your fix is alright. Some more comments inline. diff --git a/debian/NEWS b/debian/NEWS new file mode 100644 index 000..2d884bb --- /dev/null +++ b/debian/NEWS @@ -0,0 +1,16 @@ +firebird2.5 (2.5.2.26540.ds4-1) unstable; urgency=low + + Important for big-endian server installations: + + It has been discovered that before Firebird 2.5.2 (as packaged in debian + package version 2.5.2.26539.ds4-1), CHAR_TO_UUID and UUID_TO_CHAR + built-in functions work incorrectly on big-endian servers. On such machines, + bytes/characters are swapped and go in wrong positions when converting. The + bug is fixed in this release, but that means these functions now return + different values than before for the same input parameter. + + Additionally, the CHAR_TO_UUID2/UUID_TO_CHAR2 functions that were added as + fixed variants of the buggy functions in the 2.5.2 development cycle are + dropped in this release. + + -- Damyan Ivanov d...@debian.org Wed, 07 Nov 2012 17:52:10 +0200 Versions aren't consistent, maybe that was due to an intermediate package, or maybe you're just trying to get a lower version than what's in jessie/sid? If you're rebuilding the 2.5.2.26540.ds4-1 package for wheezy, you probably should be adding a changelog entry on top of it, using 2.5.2.26540.ds4-1~deb7u1 as a version number to indicate this is a mere rebuild in wheezy (when adding stuff to a given package in wheezy, we usually use $version_in_stable+deb7u1 instead). From a quick glance at the -1 → -4 changelog, it doesn't look like there should be more things you'd like to consider for wheezy, so -1 should still be the package to be stable-backported? diff --git a/debian/changelog b/debian/changelog index d46c066..eb0b227 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,63 @@ +firebird2.5 (2.5.2.26540.ds4-1) unstable; urgency=low + + * Official 2.5.2 release ++ CORE-3912: segfault in superclassic (Closes: #693192) ++ Restored the on-disk-structure compatibility with 2.5.1 index keys + (Closes: #693193) ++ Fixed broken (working as no-op) sweep in SuperServer (Closes: #693195) ++ CORE-3902: Derived fields may not be optimized via an index + (Closes: #693196) ++ CORE-3895: High memory usage when PSQL code SELECT's from stored + procedure which modified some data (Closes: #693202) ++ CORE-3238: GEN_UUID returns a non-RFC-4122-compliant UUID + (Closes: #693207) ++ CORE-3887: CHAR_TO_UUID and UUID_TO_CHAR works different in big endian + architectures (Closes: #693209) ++ Enabled per-table runtime stats for sweeper ++ Changes not concerning Debian + - CORE-3786: Hangs on MacOSX 10.7 (Lion) on DB create after reboot + - CORE-3911: API entrypoints Bopen and BLOB_open are not visible on Darwin + - CORE-3740: SELECT using IN list with 413 elements causes crash on Mac +(stack overflow with default stack size) + - CORE-3740: optimisation bug in GCC on Darwin Some bug reports above aren't marked in the BTS as affecting stable; it would be nice to add the relevant found versions there if you get a chance. + * Update debian/copyright (two new files, no licensing changes) ACK. + * Add NEWS.Debian about incompatible fix in char↔UUID conversion functions Joys of behavorial changes due to correctness fixes. :/ I guess that fixing and announcing it through NEWS.Debian is the best we can do… + * drop patches included in the upstream release: ++ upstream/r54702-cve-2012-5529.patch ++ upstream/r57728-cve-2013-2429.patch + * refresh separate-file-and-sem-perms.patch to apply cleanly ACK. + * Patches taken from upstream SVN ++ r57516r57773-gbak-y-redirection.patch + make gbak -y work with redirection again (regression from 2.5.1) + http://tracker.firebirdsql.org/browse/CORE-3995 ++ r57707r57710-lots-autonomous-trx-leaks-crash.patch + fix engine crash/memory leak with many autonomous transactions (remote + crash/memory leak) + http://tracker.firebirdsql.org/browse/CORE-3908 ++ r57349-bad-trn-num-logged-during-sweep.patch + fix invalid transaction counters logged during sweep (trivial fix) +
Bug#698502: marked as done (pu: glusterfs/3.2.7-3+deb7u1)
Your message dated Sun, 29 Sep 2013 23:09:08 +0200
with message-id 20130929210907.gb21...@mraw.org
and subject line Re: Bug#698502: unblock: glusterfs/3.2.7-4
has caused the Debian Bug report #698502,
regarding pu: glusterfs/3.2.7-3+deb7u1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
698502: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698502
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package glusterfs
It fixes the security bug #693112 aka CVE-2012-4417.
diff -Naur '--exclude=.svn' 3.2.7-3/debian/changelog 3.2.7-4/debian/changelog
--- 3.2.7-3/debian/changelog2012-11-12 20:37:46.218864002 +0100
+++ 3.2.7-4/debian/changelog2013-01-19 14:10:01.323965193 +0100
@@ -1,3 +1,12 @@
+glusterfs (3.2.7-4) unstable; urgency=medium
+
+ * Add backported upstream patch 04-CVE-2012-4417 to fix CVE-2012-4417:
+glusterfs allows local users to overwrite arbitrary files via a symlink
+attack on temporary files with predictable names.
+Closes: #693112
+
+ -- Patrick Matthäi pmatth...@debian.org Sat, 19 Jan 2013 13:53:18 +0100
+
glusterfs (3.2.7-3) unstable; urgency=low
* Remove duplicated and faulty call of the glusterd daemon from the init
diff -Naur '--exclude=.svn' 3.2.7-3/debian/patches/04-CVE-2012-4417.diff
3.2.7-4/debian/patches/04-CVE-2012-4417.diff
--- 3.2.7-3/debian/patches/04-CVE-2012-4417.diff1970-01-01
01:00:00.0 +0100
+++ 3.2.7-4/debian/patches/04-CVE-2012-4417.diff2013-01-19
14:10:01.323965193 +0100
@@ -0,0 +1,121 @@
+# Backported upstream patch to fix CVE-2012-4417:
+# GlusterFS 3.3.0, as used in Red Hat Storage server 2.0, allows local users to
+# overwrite arbitrary files via a symlink attack on temporary files with
+# predictable names.
+# Closes: #693112
+
+diff -Naur glusterfs-3.2.7.orig/libglusterfs/src/common-utils.h
glusterfs-3.2.7/libglusterfs/src/common-utils.h
+--- glusterfs-3.2.7.orig/libglusterfs/src/common-utils.h 2012-06-10
19:44:15.0 +0200
glusterfs-3.2.7/libglusterfs/src/common-utils.h2013-01-19
13:49:26.415982036 +0100
+@@ -134,6 +134,16 @@
+ } \
+ } while (0);
+
++#define GF_REMOVE_SLASH_FROM_PATH(path, string) \
++do {\
++int i = 0; \
++for (i = 1; i strlen (path); i++) { \
++string[i-1] = path[i]; \
++if (string[i-1] == '/') \
++string[i-1] = '-'; \
++} \
++} while (0)
++
+ #define GF_FILE_CONTENT_REQUESTED(_xattr_req,_content_limit) \
+ (dict_get_uint64 (_xattr_req, glusterfs.content, _content_limit) == 0)
+
+diff -Naur glusterfs-3.2.7.orig/libglusterfs/src/statedump.c
glusterfs-3.2.7/libglusterfs/src/statedump.c
+--- glusterfs-3.2.7.orig/libglusterfs/src/statedump.c 2012-06-10
19:44:15.0 +0200
glusterfs-3.2.7/libglusterfs/src/statedump.c 2013-01-19
13:49:26.415982036 +0100
+@@ -62,15 +62,11 @@
+
+
+ static int
+-gf_proc_dump_open (void)
++gf_proc_dump_open (char *tmpname)
+ {
+-char path[256];
+ int dump_fd = -1;
+
+-memset (path, 0, sizeof (path));
+-snprintf (path, sizeof (path), %s.%d, GF_DUMP_LOGFILE_ROOT, getpid
());
+-
+-dump_fd = open (path, O_CREAT|O_RDWR|O_TRUNC|O_APPEND, 0600);
++dump_fd = mkstemp (tmpname);
+ if (dump_fd 0)
+ return -1;
+
+@@ -408,12 +404,13 @@
+ void
+ gf_proc_dump_info (int signum)
+ {
+-int ret = -1;
+-glusterfs_ctx_t *ctx = NULL;
+-
++int ret = -1;
++glusterfs_ctx_t *ctx = NULL;
++char brick_name[PATH_MAX] = {0,};
++char tmp_dump_name[] = /tmp/dumpXX;
++char path[PATH_MAX] = {0,};
+
+ gf_proc_dump_lock ();
+-ret = gf_proc_dump_open ();
+ if (ret 0)
+ goto out;
+
+@@ -422,23 +419,32 @@
+ if (ret 0)
+ goto out;
+
+-if (GF_PROC_DUMP_IS_OPTION_ENABLED (mem))
+-gf_proc_dump_mem_info ();
+-
+ ctx = glusterfs_ctx_get ();
+
+-
NEW changes in oldstable-new
Processing changes file: tntnet_1.6.3-4+deb6u1_amd64.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vqon8-0003mc...@franck.debian.org
Bug#698778: preapproval of expect/5.45-3
[ Dropping Holger from Cc, jenkins is more or less irrelevant anyway. ] Julien Cristau jcris...@debian.org (2013-03-19): On Tue, Mar 19, 2013 at 13:36:31 +0100, intrigeri wrote: I suggest preparing and proposing a Jenkins dist-upgrade job (either as a patch against an existing appropriate job, or as a new job) to Holger (Cc'd), so that we have an easy way to verify that the Squeeze to Wheezy upgrade is indeed working fine with the proposed change. Does this test random combinations of installed packages? I'm slightly conflicted (no pun intended) about this proposed update. The change looks rather straightforward, and the amount of involved packages isn't too huge (expectk + xsmbrowser, which seems to be confirmed by simulating expectk's removal from oldstable). But adding Breaks or Conflicts sometimes leads to huge side effects as far as upgrade computations are concerned in the package manager land. Julien, any prefered action? Mraw, KiBi. signature.asc Description: Digital signature
Bug#698778: preapproval of expect/5.45-3
Hi Cyril, On Mon, Sep 30, 2013 at 1:37 AM, Cyril Brulebois k...@debian.org wrote: [ Dropping Holger from Cc, jenkins is more or less irrelevant anyway. ] Julien Cristau jcris...@debian.org (2013-03-19): On Tue, Mar 19, 2013 at 13:36:31 +0100, intrigeri wrote: I suggest preparing and proposing a Jenkins dist-upgrade job (either as a patch against an existing appropriate job, or as a new job) to Holger (Cc'd), so that we have an easy way to verify that the Squeeze to Wheezy upgrade is indeed working fine with the proposed change. Does this test random combinations of installed packages? I'm slightly conflicted (no pun intended) about this proposed update. The change looks rather straightforward, and the amount of involved packages isn't too huge (expectk + xsmbrowser, which seems to be confirmed by simulating expectk's removal from oldstable). But adding Breaks or Conflicts sometimes leads to huge side effects as far as upgrade computations are concerned in the package manager land. I've uploaded this change to unstable (and it already hit testing). No complains whatsoever. Cheers! -- Sergei Golovan -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caoq2pxhyw26-hvlwzb2mnz+dodxlyypt5unq2crgipqmbjo...@mail.gmail.com
Bug#699806: unblock: dlocate/1.02+nmu3
Control: tag -1 patch Adam D. Barratt a...@adam-barratt.org.uk (2013-04-28): On Sat, 2013-04-27 at 16:47 +0200, John Paul Adrian Glaubitz wrote: On 04/27/2013 04:45 PM, Adam D. Barratt wrote: Apologies for not getting back to you about this again sooner. Unfortunately it's now too late to get these fixes in to r0, but I do think we should consider whether some of them are appropriate for a stable update at a later point. Sounds like a great idea. So, I should push that to wheezy-proposed-updates after the release? I haven't done any stable updates before, that's why I'm asking :). I think it's worth a review after the release of the requests we've postponed, before we ack them. I'll aim to do that in the couple of weeks after the release (after a couple of days recuperation), but feel free to ping us if you don't hear anything. I've just had a look. I think it looks mostly good to me, I'm just not an expert for the following parts: - PIPESTATUS, - bash completion, so a second pair of eyes would be appreciated for those. It doesn't look like many bugs were reported lately, so I guess we could indeed consider dlocate for wheezy-proposed-updates; since that would be a rebuild of 1.02+nmu3 for wheezy, we would probably welcome a changelog entry on top of the current source package, using the following version: 1.02+nmu3~deb7u1. Mraw, KiBi. signature.asc Description: Digital signature
Processed: Re: Bug#699806: unblock: dlocate/1.02+nmu3
Processing control commands: tag -1 patch Bug #699806 [release.debian.org] pu: dlocate/1.02+deb7u1 Ignoring request to alter tags of bug #699806 to the same tags previously set -- 699806: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699806 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b699806.138049182223607.transcr...@bugs.debian.org
Bug#698778: preapproval of expect/5.45-3
Hi Sergei, Sergei Golovan sgolo...@nes.ru (2013-09-30): I've uploaded this change to unstable (and it already hit testing). No complains whatsoever. yes, I saw that, and that's nice. That doesn't buy us squeeze→wheezy upgrade testing, though, which is what we would like to avoid breaking or worsening. Mraw, KiBi. signature.asc Description: Digital signature
Bug#698778: preapproval of expect/5.45-3
On Mon, Sep 30, 2013 at 1:59 AM, Cyril Brulebois k...@debian.org wrote: Hi Sergei, Sergei Golovan sgolo...@nes.ru (2013-09-30): I've uploaded this change to unstable (and it already hit testing). No complains whatsoever. yes, I saw that, and that's nice. That doesn't buy us squeeze→wheezy upgrade testing, though, which is what we would like to avoid breaking or worsening. True. But as far as I see, the current situation with this upgrade is far from perfect. It silently breaks expectk and packages which depend on it. With conflict the user can choose whether to remove expectk or to retain the old expect. Cheers! -- Sergei Golovan -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caoq2pxf0dwj0ib-2n+q+h5hoiksjaaalrrxh8ewtmc0nzab...@mail.gmail.com
Bug#702278: busybox upload
Control: tag -1 -confirmed Michael Tokarev m...@tls.msk.ru (2013-05-09): Control: reopen -1 05.05.2013 12:00, Michael Tokarev wrote: Control: retitle -1 pu: busybox/1:1.20.0-8 Hmm. I didn't notice the bug has been closed... Reopening it (now re-titled as a pu), instead of submiting a new report, so that all the information is in one place. Thanks, and sorry for all the noize. /mjt For the record, I think I would like to see some automated d-i non-regression tests implemented before touching busybox in stable. Spending more time with -release@ stuff those days, but still spending some with -boot@, so hopefully we're getting those $some_day. Mraw, KiBi. signature.asc Description: Digital signature
Processed: Re: Bug#702278: busybox upload
Processing control commands: tag -1 -confirmed Bug #702278 [release.debian.org] pu: busybox/1:1.20.0-8 Removed tag(s) confirmed. -- 702278: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702278 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b702278.138049255327686.transcr...@bugs.debian.org
Re: Upcoming changes in Tcl/Tk packaging
Hi Matthias, On Wed, Sep 25, 2013 at 5:12 PM, Matthias Klose d...@debian.org wrote: Am 25.09.2013 14:52, schrieb Sergei Golovan: There are 17 packages which build when 8.5 is the default version but fail to build after switching to 8.6. Most of them are patchable, though I'm not sure if they will work properly after that. would be nice to track these in some place. I've created two pages on the wiki: https://wiki.debian.org/Teams/DebianTclTk/UpgradeDefaultTclTkTo86 and https://wiki.debian.org/Teams/DebianTclTk/TclTk84Removal and started to report FTBFS bugs (with fixes if I can propose a fix). The first page contains more than just tracking upgrade to 8.6. It contains FTBFS due to various reasons, sometimes pretty unexpected. Cheers! -- Sergei Golovan -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAOq2pXGPHJx=fyq3he8ftazz8kc14fyk4p1k+e1bequl15_...@mail.gmail.com
Bug#704601: unblock: hdf5/1.8.8-9.1
Andreas Beckmann a...@debian.org (2013-04-03): This update fixes several upgrade issues (see #667599 and duplicates) involving hdf5. While it is not a perfect solution (there are still some upgrade paths failing), it is an improvement over what is currently in wheezy. A better solution would require significant reorganization of the hdf5 package stack. I'm not sure I can possibly review this, and that we can possibly come up with some metrics to find out whether the proposed diff makes the situation strictly better than the current one. Especially since it's already known that it doesn't lead to an ideal situation anyway. Mraw, KiBi. signature.asc Description: Digital signature
Bug#706209: unblock: ejabberd 2.1.10-5
Adam D. Barratt a...@adam-barratt.org.uk (2013-08-19): On Wed, 2013-05-22 at 22:15 +0100, Adam D. Barratt wrote: On Sat, 2013-05-11 at 18:26 +0100, Adam D. Barratt wrote: On Fri, 2013-04-26 at 15:46 +0400, Konstantin Khomoutov wrote: It fixes one important bug [1] which prevents certain (correct) XMPP client implementations (namely, the XMPP library used by git-annex) to authenticate against the ejabberd server while using the SCRAM SHA-1 SASL authentication mechanism. Please go ahead with a stable upload, using 2.1.10-4+deb7u1 as the version and wheezy as the distribution. Any news on that? Ping? Konstantin, it would be nice to have an answer. Otherwise I think we'll just close this pu request and move on. Mraw, KiBi. signature.asc Description: Digital signature
Processed: Re: Bug#706281: t-p-u: libusb/0.1.12-20+nmu2
Processing control commands: tag -1 moreinfo Bug #706281 [release.debian.org] pu: libusb/0.1.12-20+nmu2 Added tag(s) moreinfo. -- 706281: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706281 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b706281.138049345032642.transcr...@bugs.debian.org
Bug#706281: t-p-u: libusb/0.1.12-20+nmu2
Control: tag -1 moreinfo Andreas Beckmann a...@debian.org (2013-06-03): On 2013-05-22 01:57, Cyril Brulebois wrote: I'm not sure about the practical impact, besides “it's not nice to have undeterministic behaviours”. AFAICT, the extra .so doesn't hurt when it's here (you wouldn't suggest shipping it in the package otherwise, right?), and nobody has ever complained about its being missing AFAICT from your bug report. the src:json-c packages in unstable have a similar problem and people are getting spurious libjson0: error while loading shared libraries: libjson.so.0 errors (#709512), maybe that could be attributed to this ldconfig issue: leaving around a dangling SONAME symlink for an indefinite time That's not really an answer to the question about practical impacts. So I guess I'll prefer sticking to the current status quo… Accordingly, that's still true. Mraw, KiBi. signature.asc Description: Digital signature
Bug#706799: pu: net-snmp/5.4.3-3+wheezy1
Last ping before we close this pu request. Mraw, KiBi. Adam D. Barratt a...@adam-barratt.org.uk (2013-08-19): Ping? On Sun, 2013-05-26 at 12:06 +0100, Adam D. Barratt wrote: On Sun, 2013-05-05 at 14:54 +0900, Hideki Yamane wrote: I'd like to upload net-snmp package due to fix piuparts failure with upgrade to newer version. Please check attached debdiff (as I mistake, it contains unnecessary .ex file but not remove it, just as is) If it's not meant to be there, why did you include it in the diff? A few comments on the proposed changes: +net-snmp (5.4.3~dfsg-3+wheezy1) stable-proposed-updates; urgency=low The version needs to be lower than the version in testing, so 5.4.3~dfsg-3~deb7u1. + if [ -h $docdir ]; then + rm -rf $docdir + fi If the directory's a link, you only need rm $docdir. - rm -rf debian/libsnmp-dev/usr/share/doc/libsnmp-dev - rm -rf debian/libsnmp$(LIB_VERSION)-dbg/usr/share/doc/libsnmp$(LIB_VERSION)-dbg - rm -rf debian/libsnmp-perl/usr/share/doc/libsnmp-perl - ln -sf libsnmp$(LIB_VERSION) debian/libsnmp-dev/usr/share/doc/libsnmp-dev - ln -sf libsnmp$(LIB_VERSION) debian/libsnmp$(LIB_VERSION)-dbg/usr/share/doc/libsnmp$(LIB_VERSION)-dbg - ln -sf libsnmp$(LIB_VERSION) debian/libsnmp-perl/usr/share/doc/libsnmp-perl There's also a new preinst for libsnmp15, but under what circumstances would that ever be a symlink? Regards, Adam signature.asc Description: Digital signature
Bug#708521: marked as done (pu: package gcc-4.7/4.7.2-5+deb7u1)
Your message dated Mon, 30 Sep 2013 00:30:38 +0200
with message-id 20130929223038.gl21...@mraw.org
and subject line Re: Bug#708521: pu: package gcc-4.7/4.7.2-5+deb7u1
has caused the Debian Bug report #708521,
regarding pu: package gcc-4.7/4.7.2-5+deb7u1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
708521: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708521
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: pu
Hi,
I'd like to get gcc-4.7 updated in wheezy to add an extra Breaks that
will fix some upgrade paths from squeeze (#690172).
It's mainly about giving apt a small push to remove some obsolete
packages (that existed in squeeze but no longer exist in wheezy) and
therefore properly upgrade all packages and don't 'keep back' that many.
I ve been testing this in piuparts for a long time now without running
into problems, but getting much cleaner upgrade results :-)
I would clearly prefer a maintainer upload (perhaps with some more
cherry-picked fixes) instead of doing a NMU.
Andreas
diff -u gcc-4.7-4.7.2/debian/control gcc-4.7-4.7.2/debian/control
--- gcc-4.7-4.7.2/debian/control
+++ gcc-4.7-4.7.2/debian/control
@@ -18,7 +18,7 @@
Priority: required
Depends: ${misc:Depends}
Replaces: ${base:Replaces}
-Breaks: gcj-4.4-base ( 4.4.6-9~), gnat-4.4-base ( 4.4.6-3~), gcj-4.6-base ( 4.6.1-4~), gnat-4.6 ( 4.6.1-5~), dehydra (= 0.9.hg20110609-2)
+Breaks: gcc-4.4-base ( 4.4.7), gcj-4.4-base ( 4.4.6-9~), gnat-4.4-base ( 4.4.6-3~), gcj-4.6-base ( 4.6.1-4~), gnat-4.6 ( 4.6.1-5~), dehydra (= 0.9.hg20110609-2)
Description: GCC, the GNU Compiler Collection (base package)
This package contains files common to all languages and libraries
contained in the GNU Compiler Collection (GCC).
diff -u gcc-4.7-4.7.2/debian/control.m4 gcc-4.7-4.7.2/debian/control.m4
--- gcc-4.7-4.7.2/debian/control.m4
+++ gcc-4.7-4.7.2/debian/control.m4
@@ -105,7 +105,7 @@
Priority: PRI(required)
Depends: ${misc:Depends}
Replaces: ${base:Replaces}
-Breaks: gcj-4.4-base ( 4.4.6-9~), gnat-4.4-base ( 4.4.6-3~), gcj-4.6-base ( 4.6.1-4~), gnat-4.6 ( 4.6.1-5~), dehydra (= 0.9.hg20110609-2)
+Breaks: gcc-4.4-base ( 4.4.7), gcj-4.4-base ( 4.4.6-9~), gnat-4.4-base ( 4.4.6-3~), gcj-4.6-base ( 4.6.1-4~), gnat-4.6 ( 4.6.1-5~), dehydra (= 0.9.hg20110609-2)
Description: GCC, the GNU Compiler Collection (base package)
This package contains files common to all languages and libraries
contained in the GNU Compiler Collection (GCC).
diff -u gcc-4.7-4.7.2/debian/changelog gcc-4.7-4.7.2/debian/changelog
--- gcc-4.7-4.7.2/debian/changelog
+++ gcc-4.7-4.7.2/debian/changelog
@@ -1,3 +1,10 @@
+gcc-4.7 (4.7.2-5.0anbe0piuparts0gcc47.1) UNRELEASED; urgency=low
+
+ * Non-maintainer upload.
+ * gcc-4.7-base: Add Breaks: gcc-4.4-base ( 4.4.7) (Closes: #690172)
+
+ -- Andreas Beckmann deb...@abeckmann.de Thu, 17 Jan 2013 14:10:12 +0100
+
gcc-4.7 (4.7.2-5) unstable; urgency=low
* Add __gnu_* symbols to the libgcc1 symbols file for armel and armhf.
---End Message---
---BeginMessage---
Julien Cristau jcris...@debian.org (2013-06-03):
On Mon, Jun 3, 2013 at 20:02:45 +0200, Andreas Beckmann wrote:
I'm pretty confident this only has an influence on the upgrades that
didn't upgrade gcc-4.4-base (and kept the version from squeeze).
I can help testing upgrade paths in advance if you can describe some
squeeze package sets you are interested in.
And I'll help debugging+fixing in case there are any unexpected failures
caused by this.
The time to play with/debug/fix the upgrade path is a year ago, not post
release, IMO. For non-critical issues (and a few packages are held
back and need manual handling certainly isn't critical), I don't think
we should be doing anything at this stage. I don't think any amount of
testing is going to convince me otherwise. OMMV.
Same mileage here. Already not happy with situations which are way
easier, so certainly not going to play around with core packages like
those. Closing accordingly.
Mraw,
KiBi.
signature.asc
Description: Digital signature
---End Message---
Processed: tagging 724861, tagging 724895
Processing commands for cont...@bugs.debian.org: tags 724861 + wheezy Bug #724861 [release.debian.org] pu: package intel-microcode/1.20130906.1 Added tag(s) wheezy. tags 724895 + wheezy Bug #724895 [release.debian.org] pu: package perspectives-extension/4.3.1-1+deb7u1 Added tag(s) wheezy. thanks Stopping processing here. Please contact me if you need assistance. -- 724861: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724861 724895: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724895 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.13804942915537.transcr...@bugs.debian.org
Bug#711551: pu: package redmine/1.4.4+dfsg1-2
Control: tag -1 -moreinfo +confirmed Jérémy Lal kapo...@melix.org (2013-06-10): --- redmine-1.4.4+dfsg1/debian/changelog 2013-01-19 15:54:09.0 +0100 +++ redmine-1.4.4+dfsg1/debian/changelog 2013-06-10 01:01:48.0 +0200 @@ -1,3 +1,14 @@ +redmine (1.4.4+dfsg1-2+deb7u1) proposed-updates; urgency=low Even though that would work, I'd be happy to see wheezy in there, which can be useful after a while to figure out which suite was targeted at that point (without having to look at the version number, and its meaning). + [ Ondřej Surý ] + * Pull upstream fixes for Ruby 1.9 as default interpreter: ++ Use DateTime.parse as alternative to ParseDate.parsedate, + fixing time series and schedule SVG graphs. (Closes: #700754) ++ Use ::Time from global namespace, fixing REST Issue API. + (Closes: #79) Assuming the latter change doesn't break the Ruby 1.8 use case (and doesn't need a dance similar to the respond_to one in the former), please upload (with or without an edit for the above mentioned point). Mraw, KiBi. signature.asc Description: Digital signature
Processed: Re: Bug#711551: pu: package redmine/1.4.4+dfsg1-2
Processing control commands: tag -1 -moreinfo +confirmed Bug #711551 [release.debian.org] pu: package redmine/1.4.4+dfsg1-2 Removed tag(s) moreinfo. Bug #711551 [release.debian.org] pu: package redmine/1.4.4+dfsg1-2 Added tag(s) confirmed. -- 711551: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711551 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b711551.13804945227123.transcr...@bugs.debian.org
Bug#714140: pu: package tgt/1.0.17-1
Hi Thomas, Thomas Goirand z...@debian.org (2013-06-26): Dear release team, Wheezy has been released with a version of tgt which doesn't have an init script. I fixed the version in Sid on the 2013-05-21 (adding the missing init.d script). Now, I would like to upload a fix for Wheezy. The debdiff between 1:1.0.17-1 and 1:1.0.17-1.1 is attached. Would you allow me to upload the fixed tgt package into s-p-u? if I get the picture right, that package reached the archive on 2011-06-21 but no bug was reported about that missing init script, and that was only implemented on 2013-05-21. It doesn't appear to have been a huge lack, so I don't think it's worse a stable upload. Waiting a bit to see if other team members disagree. Mraw, KiBi. signature.asc Description: Digital signature
Bug#715552: pu: package nova/2012.1.1-18+deb7u1
Adam D. Barratt a...@adam-barratt.org.uk (2013-08-10): Control: tags -1 + confirmed On Wed, 2013-07-10 at 14:09 +0200, Julien Cristau wrote: this proposed update for nova fixes CVE-2013-2096. AFAIK this is just a DoS, so probably not worth a DSA. The fix for sid is pending NEW processing, AIUI. The fix is now in, apparently; also, it looks like the BTS wants to be told wheezy is affected as well. Please go ahead; sorry for the delay. Ping? :) Mraw, KiBi. signature.asc Description: Digital signature
Bug#716816: pu: package firetray/0.4.6-1~deb7u1
Hi David,
David Prévot taf...@debian.org (2013-07-12):
The recent ice{weasel,dove} upgrade via debian-security broke some
xul-ext-$stuff, and some of them can simply be fixed by updating the
supported versions.
FireTray is not among those, not only it will FTBFS with the
xulrunner-dev coming from wheezy-security (#713526), but it becomes
totally incompatible with the new icedove version (#648890, #678575).
The new upstream version that has just been uploaded to Sid works
already fine in Wheezy, but the 0.4 branch has nothing in common with
the 0.3 one: it’s a complete rewrite in js-ctypes.
On the bright side: it works, and since it became Architecture: All,
FTBFS is a lot less likely to happen again. There is currently no tight
versioned dependency to ice{weasel,dove}.
On the other side, the upstream code doesn’t have anything in common
with the version currently in Wheezy, and the few preferences get lost
on upgrade.
thanks for all the details.
Please find attached the minimalist debdiff of the packaging I was able
to provide while preparing the 0.4.6-0.1 NMU. I ended up adopting the
package, so the actual debdiff is a bit more invasive, mostly removing
useless stuff (e.g. patches, build dependencies) and properly
documenting the copyright).
So would you consider updating firetray to the version currently in Sid
once it spent the necessary amount of time you’ll judge reasonable in
Jessie (I’ll then prepare a ~deb7u1 version built in Wheezy)?
Given the highly suboptimal situation with ice* through security, I
guess the proposed plan looks as reasonable as it gets. Does that
version work with the ice* packages we currently have in stable still?
(Haven't looked at the source package or at the diff at the moment.)
Mraw,
KiBi.
signature.asc
Description: Digital signature
Bug#717445: pu: package ndiswrapper/1.57-1+deb7u1
Control: tag -1 moreinfo
Julian Andres Klode j...@debian.org (2013-07-21):
But it might make sense to include the patch:
* Patch userland for 3.X kernels
While there is no bug report for that, it fixes the ndiswrapper
tool to use modprobe.d and modprobe.conf on 3.X kernels, instead of
modutils/ and modules.conf.
Speaking of which, that only works for 3.x.y kernels:
--- /dev/null
+++ b/debian/patches/Add-support-for-3.x-kernel-versions.patch
@@ -0,0 +1,28 @@
+From 71ec9e8a80b74652d660232b560bbe1dfa7915ba Mon Sep 17 00:00:00 2001
+From: Tim Gardner tim.gard...@canonical.com
+Date: Mon, 13 Feb 2012 14:19:58 -0700
+Subject: [PATCH] Add support for 3.x kernel versions
+
+As suggested by Kano on Freenode #ubuntu-kernel
+
+Signed-off-by: Tim Gardner tim.gard...@canonical.com
+---
+ utils/ndiswrapper | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/utils/ndiswrapper b/utils/ndiswrapper
+index 4bb91f2..ba082a3 100755
+--- a/utils/ndiswrapper
b/utils/ndiswrapper
+@@ -55,7 +55,7 @@ if (@ARGV 1) {
+
+ my $modconf;
+ if (`uname -r` =~ /(\d+)\.(\d+)\.(\d+)/) {
+-if ($2 4) {
++if (($2 4) || ($1 2)) {
The regex isn't anchored (^) and wants 3 components. The third one was
dropped a while ago, but maybe in a version higher than what this module
supports anyway. Just thought I'd mention it…
Mraw,
KiBi.
signature.asc
Description: Digital signature
Processed: Re: Bug#717445: pu: package ndiswrapper/1.57-1+deb7u1
Processing control commands: tag -1 moreinfo Bug #717445 [release.debian.org] pu: package ndiswrapper/1.57-1+deb7u1 Added tag(s) moreinfo. -- 717445: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717445 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b717445.138049605115744.transcr...@bugs.debian.org
Bug#717493: pu: package sympa/6.1.11~dfsg-5.1~deb7u1
Julien Cristau jcris...@debian.org (2013-07-21):
On Sun, Jul 21, 2013 at 15:27:17 +0200, Andreas Beckmann wrote:
On 2013-07-21 15:13, Adam D. Barratt wrote:
Whichever solution was chosen, it looks like this bug is not fixed in
unstable yet?
Yes, I wanted to write a sentence about this as well ...
If the release team considers adding a pre-depends in stable as
acceptable, I would first upload a NMU to sid (same patch, just omitting
the wheezy changelog entry) and later on to wheezy.
Instead of doing NMUs, maintainer uploads would be welcome of course!
I think adding a pre-depends in stable would be worse than this bug.
Indeed.
To reduce user perplexity, I guess we could consider getting sympa to
catch this situation instead, which would reduce side effects. I think
something along the lines of this commit would go in a better direction
that adding a Pre-Depends:
http://anonscm.debian.org/gitweb/?p=collab-maint/sympa.git;a=commitdiff;h=7ab6b9b7de9ec7cd27ebf2d8046f7ea227b583a6
(I'm attaching it for reference.)
Mentioning how to fix the issue would be even nicer.
Mraw,
KiBi.
Description: Raise a warning instead of an error when the CA bundle file is not
readable.
For its internal usage (to make https request and verify smime mail
signatures) Sympa
needs access to the Certificates Authorities installed on the system.
Certificates Authorities are available in the package ca-certificates and
this package also provides a single file with all the CA concatenated.
The location of this file is /etc/ssl/certs/ca-certificates.crt
Sympa package provides a symlink from /usr/share/sympa/default/ca-bundle.crt
to /etc/ssl/certs/ca-certificates.crt
Recently, to fix bug #537051 the ca-certificates package maintainer has
decided to replace the CA bundle generation
(/etc/ssl/certs/ca-certificates.crt) in the postinst by a trigger.
During installation of Sympa, if ca-certificates is not present, it is
installed as a Sympa dependency but the sympa postinst will always be
executed before the ca-certificates triggers.
It means that Sympa start will fail with an error because
/etc/ssl/certs/ca-certificates.crt does not exists (not yet generated by the
ca-certificates trigger).
The following patch tries to detect if the CA bundle configured in sympa is a
symlink to /etc/ssl/certs/ca-certificates.crt. In that case, a warning raised
instead of en error.
This is a purely Debian specific fix, which is quite ugly but it works.
A better patch will be very much appreciated.
Author: Emmanuel Bouthenot kol...@debian.org
Bug-Debian: http://bugs.debian.org/706965
Forwarded: not-needed
Last-Update: 2013-07-02
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/src/lib/Conf.pm
+++ b/src/lib/Conf.pm
@@ -920,7 +920,11 @@
## Check cafile and capath access
if (defined $Conf{'cafile'} $Conf{'cafile'}) {
- unless (-f $Conf{'cafile'} -r $Conf{'cafile'}) {
+ my $debian_ca_bundle = '/etc/ssl/certs/ca-certificates.crt';
+ if (-l $Conf{'cafile'} ! -r $Conf{'cafile'}
readlink($Conf{'cafile'}) == $debian_ca_bundle) {
+ do_log('warning', 'cafile (%s) is a symlink to the Debian CA
certificates bundle (%s) which is not yet installed yet (see #706965)',
$Conf{'cafile'}, $debian_ca_bundle);
+ }
+ elsif (! -f $Conf{'cafile'} || ! -r $Conf{'cafile'}) {
do_log('err', 'Cannot access cafile %s', $Conf{'cafile'});
unless (List::send_notify_to_listmaster('cannot_access_cafile',
$Conf{'domain'}, [$Conf{'cafile'}])) {
do_log('err', 'Unable to send notify cannot access cafile to
listmaster');
signature.asc
Description: Digital signature
Bug#717498: pu: package bootchart/0.10~svn407-4.1~deb7u1
Andreas Beckmann a...@debian.org (2013-07-21): On 2013-07-21 18:11, Adam D. Barratt wrote: On Sun, 2013-07-21 at 16:51 +0200, Andreas Beckmann wrote: the change I suggested for sysvinit (#694252) and got applied in sysvinit/2.88dsf-41+deb7u1 does not fix the bootchart upgrade path lenny-squeeze-wheezy, but instead renders bootchart uninstallable in stable (and sid as well): #717495. Hmmm, I'd rather assumed that was the point, given that the Breaks matches the only version of bootchart in the archive. but it makes a package in stable uninstallable without planning to remove it from stable ... and that does not fix the upgrade issue in sysv-rc Is keeping bootchart around still useful? The last upload of any kind was in 2009, with the last maintainer upload in early 2008. If the package were removed entirely (or at least version -3.3+1 would be forced to rename the initscript), we could have sysv-rc use dpkg-maintscript-helper rm_conffile to get rid of that script ... that would even cover the case where bootchart lenny was installed, removed, the initscript remained and the system would be upgraded to squeeze and wheezy later on. Going back through the history of the sysvinit bug, I have to admit to being rather confused. You state that 0.10~svn407-3.3 was the last existing and therefore broken version in lenny (and on snapshots.d.o). However, the lenny packages files (as on archive.d.o) indicates that lenny contained -3; the fix for #491391 in bootchart was included in -3.1. Please clarify... :-| I think I have mixed up the versions -3 vs. -3.3 at some point, therefore suggesting to add the wrong Breaks against -4, after seeing that a Breaks against -3 was not sufficient to fix that upgrade path. That Breaks actually worked, but it was not sufficient to ensure -3.3 gets configured before sysv-rc, leaving the bad initscript still around. At the time I initially filed the bug I didn't have piuparts ready to easily do upgrade tests with the new --testdebs-repo option, otherwise I might have tried the Breaks approach myself (and seen that it does not work as planned). Entirely new approach to fix this much less intrusively: bootchart.preinst: on upgrade from -4 sed -i 's/rmnologin/$all/' /etc/init.d/bootchart # makes the initscript identical to the new shipped one, so no conffile prompts (unless there were other user modifications) bump version to -4.1 / -4.1~deb7u1 to satisfy initscripts I'm really tempted by not even trying to fix it, adding layers of patches on top of each others, trying to compensate for things that are unmaintained and broken isn't very nice (reminds me of sgml-base…). Adam, what's your take on this one? Mraw, KiBi. signature.asc Description: Digital signature
Bug#716816: pu: package firetray/0.4.6-1~deb7u1
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Cyril, Thanks for getting back to this request. Le 29/09/2013 18:58, Cyril Brulebois a écrit : Does that version work with the ice* packages we currently have in stable still? Just tested again (I think I already did, but since I didn’t mentioned it in my previous longish message, I have a doubt now), and it works fine with the 10.0 versions currently in stable too (and of course with the 17.0 version from stable-security, where it is already used daily on some machines for a while). (Haven't looked at the source package or at the diff at the moment.) That’s a painful thing to do (been there, done that…). Regards David -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJSSLf8AAoJEAWMHPlE9r08VDYIAIfUgITBTx1mW1SYmtORuMZ2 EDof7YrUjPL8E3/7vRKjLOFIGU0VWij0cqpjJNcuusFNgC6XpT+wHzw5lHCNssQw zu8k3cyYPxGNFjC/7/3Q21lW67UQhW/9KJJef4g8eHwuOJ5sIpslgHKTysi/ywwD 63fBGYlcFcq99DbZ+lJ7hmFoEyfagZEhzEO2s5FaW73Ic9QLT6PApKPPufhOXl6H U8T6IvVLtIZeOdqnFl8Q8cfNz+wfz1J0Gn8IrKCdaqrkq9ukMVC//NwwaLosgA9/ 9NMU/77vXKJoLa029SiG0WvJXWuMr440/G9Pn4gSm2/ENmWqnkbyDvPikNUTPUk= =TWVG -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5248b7fc.3020...@debian.org
Bug#719520: pu: package coherence/0.6.6.2-6
Control: tag -1 -patch +confirmed [ We don't use the patch tag for pu requests. ;) ] Hi Eric, Eric Evans eev...@sym-link.com (2013-09-23): [ Cyril Brulebois ] it looks reasonable to me; please post a debdiff with that patch applied on top of 0.6.6.2-6, versioned as 0.6.6.2-6+deb7u1 (I don't mind updated Maintainer/Uploaders in the process), targeting 'wheezy' for a last review. Great; debdiff attached Thanks! -- Eric Evans eev...@sym-link.com diff -Nru coherence-0.6.6.2/debian/changelog coherence-0.6.6.2/debian/changelog --- coherence-0.6.6.2/debian/changelog2011-07-31 21:52:04.0 -0500 +++ coherence-0.6.6.2/debian/changelog2013-09-23 15:41:41.0 -0500 @@ -1,3 +1,9 @@ +coherence (0.6.6.2-6+deb7u1) unstable; urgency=low wheezy, please ;) + + * Patch to fix tracebacks for missing attribute (Closes: #664027). I guess you could mention this fixes incompatibilities in newer Twisted releases. FWIW that's not because we like to nitpick, but because we then use info from changelog to write down oneliners for stable update announces. Otherwise, looks good to me, feel free to upload with the distribution fixed, optionally with a slightly more verbose changelog entry. Mraw, KiBi. signature.asc Description: Digital signature
Processed: Re: Bug#719520: pu: package coherence/0.6.6.2-6
Processing control commands: tag -1 -patch +confirmed Bug #719520 [release.debian.org] pu: package coherence/0.6.6.2-6 Removed tag(s) patch. Bug #719520 [release.debian.org] pu: package coherence/0.6.6.2-6 Added tag(s) confirmed. -- 719520: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719520 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b719520.138049772724381.transcr...@bugs.debian.org
Bug#716816: pu: package firetray/0.4.6-1~deb7u1
David Prévot taf...@debian.org (2013-09-29): Le 29/09/2013 18:58, Cyril Brulebois a écrit : Does that version work with the ice* packages we currently have in stable still? Just tested again (I think I already did, but since I didn’t mentioned it in my previous longish message, I have a doubt now), and it works fine with the 10.0 versions currently in stable too (and of course with the 17.0 version from stable-security, where it is already used daily on some machines for a while). Fine, I think firetray/0.4.6-1~deb7u1 is the best we can hope for then. Thanks for the quick follow-up. Mraw, KiBi. signature.asc Description: Digital signature
Bug#715552: marked as done (pu: package nova/2012.1.1-18+deb7u1)
Your message dated Mon, 30 Sep 2013 01:41:20 +0200
with message-id 20130929234120.gi3...@mraw.org
and subject line Re: Bug#715552: pu: package nova/2012.1.1-18+deb7u1
has caused the Debian Bug report #715552,
regarding pu: package nova/2012.1.1-18+deb7u1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
715552: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=715552
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: n...@packages.debian.org
Hi,
this proposed update for nova fixes CVE-2013-2096. AFAIK this is just a
DoS, so probably not worth a DSA.
The fix for sid is pending NEW processing, AIUI.
diff -Nru nova-2012.1.1/debian/changelog nova-2012.1.1/debian/changelog
--- nova-2012.1.1/debian/changelog 2013-04-10 13:14:21.0 +0200
+++ nova-2012.1.1/debian/changelog 2013-07-10 12:10:00.0 +0200
@@ -1,3 +1,10 @@
+nova (2012.1.1-18+deb7u1) UNRELEASED; urgency=low
+
+ * CVE-2013-2096: Check QCOW2 image size during root disk creation
+(closes: #710157). Apply patch from Jamie Strandboge.
+
+ -- Julien Cristau julien.cris...@logilab.fr Fri, 14 Jun 2013 14:02:42 +0200
+
nova (2012.1.1-18) unstable; urgency=low
* nova-common isn't anymore using /usr/share/doc to store configuration files
diff -Nru nova-2012.1.1/debian/patches/CVE-2013-2096_essex.patch
nova-2012.1.1/debian/patches/CVE-2013-2096_essex.patch
--- nova-2012.1.1/debian/patches/CVE-2013-2096_essex.patch 1970-01-01
01:00:00.0 +0100
+++ nova-2012.1.1/debian/patches/CVE-2013-2096_essex.patch 2013-07-10
12:10:00.0 +0200
@@ -0,0 +1,31 @@
+Author: Jamie Strandboge ja...@canonical.com
+Description: Check QCOW2 image size during root disk creation
+ glance can only tell us the size of the file, not the virtual
+ size of the QCOW2. As such we need to check the virtual size of
+ the image once its cached and ensure it's = to the flavor's
+ root disk size. Based on I833467284126557eb598b8350a84e10c06292fa9
+Bug: https://launchpad.net/bugs/1177830
+
+Index: nova/nova/virt/libvirt/connection.py
+===
+--- nova.orig/nova/virt/libvirt/connection.py
nova/nova/virt/libvirt/connection.py
+@@ -1125,6 +1125,18 @@ class LibvirtConnection(driver.ComputeDr
+ if cow:
+ cow_base = base
+ if size:
++# NOTE(cfb): Having a flavor that sets the root size
to
++#0 and having nova effectively ignore that
++#size and use the size of the image is
++#considered a feature at this time, not a
++#bug.
++if os.path.exists(cow_base) and \
++size disk.get_image_virtual_size(cow_base):
++LOG.error(_(%(base)s virtual size larger than
++flavor root disk size %(size)s %
++{'base': cow_base, 'size': size}))
++raise exception.ImageTooLarge()
++
+ size_gb = size / (1024 * 1024 * 1024)
+ cow_base += _%d % size_gb
+ if not os.path.exists(cow_base):
diff -Nru nova-2012.1.1/debian/patches/series
nova-2012.1.1/debian/patches/series
--- nova-2012.1.1/debian/patches/series 2013-04-10 13:14:21.0 +0200
+++ nova-2012.1.1/debian/patches/series 2013-07-10 12:10:00.0 +0200
@@ -12,3 +12,4 @@
CVE-2013-0335_VNC-unit-tests-fixes.patch
CVE-2013-1838-Nova_DoS_by_allocating_all_Fixed_IPs_essex.patch
Fixed_broken_vncproxy_flush_tokens.patch
+CVE-2013-2096_essex.patch
Cheers,
Julien
--
Julien Cristau julien.cris...@logilab.fr
Logilab http://www.logilab.fr/
Informatique scientifique gestion de connaissances
---End Message---
---BeginMessage---
Cyril Brulebois k...@debian.org (2013-09-30):
Adam D. Barratt a...@adam-barratt.org.uk (2013-08-10):
Control: tags -1 + confirmed
On Wed, 2013-07-10 at 14:09 +0200, Julien Cristau wrote:
this proposed update for nova fixes CVE-2013-2096. AFAIK this is just a
DoS, so probably not worth a DSA.
The fix for sid is pending NEW processing, AIUI.
The fix is now in, apparently; also, it looks like the BTS wants to be told
wheezy is affected as well.
Please go ahead; sorry for
Processed: Re: Bug#720426: pu: package openssl/1.0.1e-2
Processing control commands: tag -1 moreinfo Bug #720426 [release.debian.org] pu: package openssl/1.0.1e-2 Added tag(s) moreinfo. -- 720426: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720426 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b720426.138049839927995.transcr...@bugs.debian.org
Bug#721625: pu: package lvm2/2.02.95-8
Cyril Brulebois k...@debian.org (2013-09-23): ping? The p-u freeze for 7.2 is getting closer: https://lists.debian.org/debian-release/2013/09/msg00477.html It's now 1 week closer. Mraw, KiBi. signature.asc Description: Digital signature
Bug#720426: pu: package openssl/1.0.1e-2
Control: tag -1 moreinfo Kurt Roeckx k...@roeckx.be (2013-09-23): I actually consider the arm assembler and nistp curves to be important, even if the bugs might only be filed at severity level wishlist. The nistp curves are even security related since they are then implemented with constant time removing a side channel attack. Then the BTS should know, and/or you should have mentioned it in your pu request. You also didn't attach the source debdiff we should be considering, and a manual debdiff between -2 and -3 shows unrelated things. Mraw, KiBi. signature.asc Description: Digital signature
Bug#723632: pu: fai/4.0.8 - wheezy point-release update for FAI
Control: tag -1 confirmed Michael Prokop m...@debian.org (2013-09-23): New debdiff attached. Looks good to me, please upload. Mraw, KiBi. signature.asc Description: Digital signature
Processed: Re: Bug#723632: pu: fai/4.0.8 - wheezy point-release update for FAI
Processing control commands: tag -1 confirmed Bug #723632 [release.debian.org] pu: fai/4.0.8 - wheezy point-release update for FAI Added tag(s) confirmed. -- 723632: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723632 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b723632.138049870929611.transcr...@bugs.debian.org
Bug#724895: pu: package perspectives-extension/4.3.1-1+deb7u1
Control: tag -1 confirmed David Prévot taf...@debian.org (2013-09-29): Hi, As agreed with the security team and the current maintainer, we’d like to include this security fix via the upcoming point release, because the package has a low popcon and requires a very unusual configuration to trigger the flaw (but with such a configuration, it completely undermines the security model perspectives attempts to provide). The proposed update aim to fix the issue disclosed recently on the upstream project website [1] and the upstream bug tracker [2]. 1: http://perspectives-project.org/2013/09/19/security-alert-incorrect-quorum-with-low-number-of-notaries-andor-low-quorum-percentage/ 2: https://github.com/danwent/Perspectives/issues/87 The two upstream commits to fix this issue (cb3d991 and 1f85a52) apply properly into stable once fe6551e is also applied, thus the three patches. Regards David P.-S.: The fix “already” made it to Jessie. It would be nice if this could be tracked in the Debian BTS as well, both for users and for pu reviewers. Changes look good to me (as far as I can parse JS anyway), feel free to upload with a closes: added once you have opened a bug report to track this issue. Thanks already. Mraw, KiBi. signature.asc Description: Digital signature
Processed: Re: Bug#724895: pu: package perspectives-extension/4.3.1-1+deb7u1
Processing control commands: tag -1 confirmed Bug #724895 [release.debian.org] pu: package perspectives-extension/4.3.1-1+deb7u1 Added tag(s) confirmed. -- 724895: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724895 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b724895.13804997123067.transcr...@bugs.debian.org
Bug#724895: pu: package perspectives-extension/4.3.1-1+deb7u1
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, Le 29/09/2013 20:08, Cyril Brulebois a écrit : It would be nice if this could be tracked in the Debian BTS as well, #724960 opened. feel free to upload with a closes: added Done, thanks for your quick and positive feedback. Regards David -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJSSNXPAAoJEAWMHPlE9r08UHoH/3K8z4j4x7KIM6RfxeiUWOFv b4HO4c3wzwjt6CCCchiWtb+iR+wzckwfPAWO9Ai0puDRfF1x/gsvYVDWpizBqjb0 T62U0BR5gzqlj8pHCaf+lLfUT2hGIVvaDp6eZ1BxC71/qxau2XOk//6t32rpsuOw MHbzzBpgqLoEJLE9ATgcChZ8y34ercnDV30hGMXIvyVwiCNQfNYDS98yhl5VOgRZ V2JUyBTz5+l1hU/QyulNdBx9PFvqwQ3Ca0SurURu/w1ZqNT8nuFuulrMXb54ki2f RNB1hCwDzXlYdMN/Wh0DXO4D4I1IiofVUzWet9Eta5mpDheU+GHN7LOgD2PyHro= =I059 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5248d5cf.6050...@tilapin.org
Re: automake transition breakages
* Ondřej Surý (ond...@sury.org) wrote: Hi, recent automake transition to 1.14 broke (FTBFS) at least two of my packages. Would it be possible to coordinate the (next) transition better than uploaddeal with breakages like we do with the rest of our packages? Did the transition from automake 1.13 to automake 1.14 cause your package to FTBFS? Can you point me at logs because that's not supposed to happen under the new versioning scheme upstream is following (ie 1.X versions should now be backwards compatible). If you were going from an earlier version to 1.14 (or 1.13) I have seen a few reports of problems with unit test framework. Right now the automake package is always tracking the latest upstream version and new versions sometimes break things. If you're worried about that kind of breakage then build depending on a specific version of automake might be a better bet. If people don't like this current scheme we can discuss if the current scheme is a bad idea. -- Eric Dorland e...@kuroneko.ca ICQ: #61138586, Jabber: ho...@jabber.com signature.asc Description: Digital signature
NEW changes in stable-new
Processing changes file: glusterfs_3.2.7-3+deb7u1_powerpc.changes ACCEPT Processing changes file: libdigest-sha-perl_5.71-2+deb7u1_amd64.changes ACCEPT Processing changes file: libdigest-sha-perl_5.71-2+deb7u1_armel.changes ACCEPT Processing changes file: libdigest-sha-perl_5.71-2+deb7u1_ia64.changes ACCEPT Processing changes file: libdigest-sha-perl_5.71-2+deb7u1_kfreebsd-amd64.changes ACCEPT Processing changes file: libdigest-sha-perl_5.71-2+deb7u1_kfreebsd-i386.changes ACCEPT Processing changes file: libdigest-sha-perl_5.71-2+deb7u1_s390.changes ACCEPT Processing changes file: libdigest-sha-perl_5.71-2+deb7u1_s390x.changes ACCEPT Processing changes file: tntnet_2.1-2+deb7u1_i386.changes ACCEPT Processing changes file: tntnet_2.1-2+deb7u1_kfreebsd-amd64.changes ACCEPT Processing changes file: tntnet_2.1-2+deb7u1_s390.changes ACCEPT Processing changes file: tntnet_2.1-2+deb7u1_s390x.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vquv1-0004vk...@franck.debian.org
NEW changes in oldstable-new
Processing changes file: tntnet_1.6.3-4+deb6u1_i386.changes ACCEPT Processing changes file: tntnet_1.6.3-4+deb6u1_ia64.changes ACCEPT Processing changes file: tntnet_1.6.3-4+deb6u1_kfreebsd-amd64.changes ACCEPT Processing changes file: tntnet_1.6.3-4+deb6u1_kfreebsd-i386.changes ACCEPT Processing changes file: tntnet_1.6.3-4+deb6u1_s390.changes ACCEPT Processing changes file: tntnet_1.6.3-4+deb6u1_sparc.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vquvx-00056l...@franck.debian.org
NEW changes in oldstable-new
Processing changes file: tntnet_1.6.3-4+deb6u1_armel.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vqv9w-00084j...@franck.debian.org
NEW changes in stable-new
Processing changes file: perl_5.14.2-21+deb7u1_amd64.changes ACCEPT Processing changes file: perl_5.14.2-21+deb7u1_s390x.changes ACCEPT Processing changes file: libdigest-sha-perl_5.71-2+deb7u1_sparc.changes ACCEPT Processing changes file: tntnet_2.1-2+deb7u1_ia64.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vqv9u-0007vu...@franck.debian.org
NEW changes in stable-new
Processing changes file: tntnet_2.1-2+deb7u1_armel.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vqvct-00043v...@franck.debian.org
NEW changes in stable-new
Processing changes file: perl_5.14.2-21+deb7u1_s390.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vqvr0-0005y4...@franck.debian.org
NEW changes in stable-new
Processing changes file: tntnet_2.1-2+deb7u1_sparc.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vqw5w-0008n1...@franck.debian.org
