Bug#776748: (pre-approval) unblock: libxml2/2.9.1+dfsg1-5 (via t-p-u)
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock jessie-pu libxml2 in Jessie has CVE-2014-3600 pending to be addressed and this update includes the related regression fix as well. Also, I would like to apply some more upstream memory related patches from 2.9.2, mostly NULL checks, because there are quite a lot deeper issues hiding in libxml2's code base and those fixes shall be deemed beneficial to our support cycle. Regards, Aron Xu diff -Nru libxml2-2.9.1+dfsg1/debian/changelog libxml2-2.9.1+dfsg1/debian/changelog --- libxml2-2.9.1+dfsg1/debian/changelog2014-07-09 06:49:45.0 +0800 +++ libxml2-2.9.1+dfsg1/debian/changelog2015-02-01 13:51:11.0 +0800 @@ -1,3 +1,12 @@ +libxml2 (2.9.1+dfsg1-5) testing; urgency=medium + + * Add pkg-config to B-D + * Use -O3 for normal builds + * Cherry-pick upstream memory related fixes +- Including CVE-2014-3660 (Closes: #765722, #768089) + + -- Aron Xu a...@debian.org Sun, 01 Feb 2015 13:48:36 +0800 + libxml2 (2.9.1+dfsg1-4) unstable; urgency=low [ Christian Svensson ] diff -Nru libxml2-2.9.1+dfsg1/debian/control libxml2-2.9.1+dfsg1/debian/control --- libxml2-2.9.1+dfsg1/debian/control 2014-07-09 06:46:15.0 +0800 +++ libxml2-2.9.1+dfsg1/debian/control 2015-02-01 13:42:06.0 +0800 @@ -4,7 +4,7 @@ Maintainer: Debian XML/SGML Group debian-xml-sgml-p...@lists.alioth.debian.org Uploaders: Aron Xu a...@debian.org, YunQiang Su wzss...@gmail.com Standards-Version: 3.9.5 -Build-Depends: debhelper (= 9), dh-autoreconf, autotools-dev, +Build-Depends: debhelper (= 9), dh-autoreconf, autotools-dev, pkg-config, libpython-all-dev, libpython-all-dbg, python-all-dev:any (= 2.7.5-5~), python-all-dbg:any, zlib1g-dev | libz-dev, liblzma-dev diff -Nru libxml2-2.9.1+dfsg1/debian/patches/0001-modify-xml2-config-and-pkgconfig-behaviour.patch libxml2-2.9.1+dfsg1/debian/patches/0001-modify-xml2-config-and-pkgconfig-behaviour.patch --- libxml2-2.9.1+dfsg1/debian/patches/0001-modify-xml2-config-and-pkgconfig-behaviour.patch 2014-07-09 05:31:33.0 +0800 +++ libxml2-2.9.1+dfsg1/debian/patches/0001-modify-xml2-config-and-pkgconfig-behaviour.patch 2015-02-01 13:50:27.0 +0800 @@ -3,11 +3,11 @@ Subject: modify xml2-config and pkgconfig behaviour --- - configure.in |2 +- - libxml-2.0-uninstalled.pc.in |3 ++- - libxml-2.0.pc.in |2 +- - xml2-config.1|4 - xml2-config.in | 22 ++ + configure.in | 2 +- + libxml-2.0-uninstalled.pc.in | 3 ++- + libxml-2.0.pc.in | 2 +- + xml2-config.1| 4 + xml2-config.in | 22 ++ 5 files changed, 18 insertions(+), 15 deletions(-) diff --git a/configure.in b/configure.in diff -Nru libxml2-2.9.1+dfsg1/debian/patches/0002-fix-python-multiarch-includes.patch libxml2-2.9.1+dfsg1/debian/patches/0002-fix-python-multiarch-includes.patch --- libxml2-2.9.1+dfsg1/debian/patches/0002-fix-python-multiarch-includes.patch 2014-07-09 06:46:15.0 +0800 +++ libxml2-2.9.1+dfsg1/debian/patches/0002-fix-python-multiarch-includes.patch 2015-02-01 13:50:27.0 +0800 @@ -3,8 +3,8 @@ Subject: fix python multiarch includes --- - python/Makefile.am |2 +- - python/Makefile.in |2 +- + python/Makefile.am | 2 +- + python/Makefile.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/python/Makefile.am b/python/Makefile.am diff -Nru libxml2-2.9.1+dfsg1/debian/patches/0003-Fix-an-error-in-xmlCleanupParser.patch libxml2-2.9.1+dfsg1/debian/patches/0003-Fix-an-error-in-xmlCleanupParser.patch --- libxml2-2.9.1+dfsg1/debian/patches/0003-Fix-an-error-in-xmlCleanupParser.patch 2014-07-09 06:46:15.0 +0800 +++ libxml2-2.9.1+dfsg1/debian/patches/0003-Fix-an-error-in-xmlCleanupParser.patch 2015-02-01 13:50:27.0 +0800 @@ -8,7 +8,7 @@ xmlResetLastError() but the later reallocate the global data freed by previous call. Just swap the two calls. --- - parser.c |2 +- + parser.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/parser.c b/parser.c diff -Nru libxml2-2.9.1+dfsg1/debian/patches/0004-Fix-missing-break-on-last-function-for-attributes.patch libxml2-2.9.1+dfsg1/debian/patches/0004-Fix-missing-break-on-last-function-for-attributes.patch --- libxml2-2.9.1+dfsg1/debian/patches/0004-Fix-missing-break-on-last-function-for-attributes.patch 2014-07-09 06:46:15.0 +0800 +++ libxml2-2.9.1+dfsg1/debian/patches/0004-Fix-missing-break-on-last-function-for-attributes.patch 2015-02-01 13:50:27.0 +0800 @@ -4,7 +4,7 @@ pointed out by cppcheck --- - python/libxml.c |1 + + python/libxml.c | 1 + 1 file changed, 1 insertion(+) diff --git a/python/libxml.c b/python/libxml.c diff -Nru
Processed: tagging 776767
Processing commands for cont...@bugs.debian.org: tags 776767 + wontfix Bug #776767 {Done: Jonathan Wiltshire j...@debian.org} [release.debian.org] unblock: volumeicon/0.4.6-2.2 Added tag(s) wontfix. thanks Stopping processing here. Please contact me if you need assistance. -- 776767: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776767 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.c.14228014759633.transcr...@bugs.debian.org
Bug#776616: marked as done (unblock: fso stack)
Your message dated Sun, 01 Feb 2015 10:24:06 +0100 with message-id 54cdf0b6.30...@thykier.net and subject line Re: Bug#776616: unblock: fso stack has caused the Debian Bug report #776616, regarding unblock: fso stack to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776616: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776616 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock packages: * fso-datad * fso-deviced * fso-frameworkd * fso-gsmd * fso-usaged * phonefsod Reason: security update regarding dbus configuration. Debdiff: I think it's pointless to include 6 almost identical debdiff files here. The only change in each package is a new patch fixing the DBus configuration. Here is the patch for fso-datad: $ cat debian/patches/fix-dbus-permissions.patch From: Sebastian Reichel s...@debian.org Reported-By: Simon McVittie simon.mcvit...@collabora.co.uk Last-Update: 2015-01-20 Description: Fix Security Problem in DBus Configuration Old configuration allows every local user to send arbitrary D-Bus messages to the path /org/freesmartphone/Framework on *any* D-Bus system service (rough HTTP analogy: send a POST to http://server/org/freesmartphone/Framework on any server). Bug-CVE: https://security-tracker.debian.org/tracker/CVE-2014-8156 Index: fso-datad/data/fsodatad.conf === --- fso-datad.orig/data/fsodatad.conf +++ fso-datad/data/fsodatad.conf @@ -3,8 +3,7 @@ busconfig policy context=default allow own=org.freesmartphone.odatad/ -allow send_path=/org/freesmartphone/Time/ -allow send_destination=org.freesmartphone.odatad/ +allow send_destination=org.freesmartphone.odatad send_path=/org/freesmartphone/Time/ /policy policy context=default allow send_interface=org.freedesktop.DBus.Introspectable/ Commands: unblock fso-datad/0.12.0-3 unblock fso-deviced/0.12.0-5 unblock fso-frameworkd/0.9.5.9+git20110512-5 unblock fso-gsmd/0.12.0-4 unblock fso-usaged/0.12.0-3 unblock phonefsod/0.1+git20121018-2 ---End Message--- ---BeginMessage--- On 2015-01-30 01:37, Sebastian Reichel wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock packages: * fso-datad * fso-deviced * fso-frameworkd * fso-gsmd * fso-usaged * phonefsod Reason: security update regarding dbus configuration. I have unblocked all of these, but I do have a few remarks on: [...] unblock fso-frameworkd/0.9.5.9+git20110512-5 [...] This package has a few changes that do not follow the described pattern: + policy context=default + allow own=org.freesmartphone.ogpsd/ + allow own=org.freedesktop.Gypsy/ +-allow send_path=/org/freedesktop/Gypsy/ + allow send_destination=org.freesmartphone.ogpsd/ + allow send_destination=org.freedesktop.gypsy/ + /policy + policy context=default + allow own=org.freesmartphone.odeviced/ +-allow send_path=// + allow send_destination=org.freesmartphone.odeviced/ + /policy I presumed these to be intended. Thanks, ~Niels---End Message---
Bug#776009: marked as done (unblock: xymon/4.3.17-5)
Your message dated Sun, 01 Feb 2015 10:08:57 +0100 with message-id 54cded29.80...@thykier.net and subject line Re: Bug#776009: unblock: xymon/4.3.17-5 has caused the Debian Bug report #776009, regarding unblock: xymon/4.3.17-5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776009: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776009 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, several updates for xymon have accumulated since the last upload. We'd like to have them in Jessie, so we are asking for approval of the changes below. Changelog: diff -Nru xymon-4.3.17/debian/changelog xymon-4.3.17/debian/changelog --- xymon-4.3.17/debian/changelog 2014-10-23 16:50:53.0 +0200 +++ xymon-4.3.17/debian/changelog 2015-01-22 17:37:30.0 +0100 @@ -1,3 +1,21 @@ +xymon (4.3.17-5) unstable; urgency=medium + + [ Christoph Berg ] + * Restore the lost ROOTFS variable in xymonclient-linux.sh, and patch +xymond/rrd/do_disk.c to ignore duplicate submissions for the / partition. +(Closes: #767901) + * Fix buffer overrun in web/acknowledge.c (Closes: #776007) + * Debconf translations, thanks! ++ pt by Américo Monteiro (Closes: #767840) ++ fr by Jean-Pierre Giraud (Closes: #770168) ++ nl by Frans Spiesschaert (Closes: #771182) + + [ Axel Beckert ] + * Fix aborting installation in cases where a hobbit user exists despite +hobbit-client was not installed before. (LP: #1407498) + + -- Christoph Berg christoph.b...@credativ.de Thu, 22 Jan 2015 17:37:26 +0100 + xymon (4.3.17-4) unstable; urgency=medium * Add debconf question to disable the automatic migration from hobbit to The first patch is the buffer overrun from #776007: diff -Nru xymon-4.3.17/debian/patches/acknowledge-malloc xymon-4.3.17/debian/patches/acknowledge-malloc --- xymon-4.3.17/debian/patches/acknowledge-malloc 1970-01-01 01:00:00.0 +0100 +++ xymon-4.3.17/debian/patches/acknowledge-malloc 2015-01-22 16:49:28.0 +0100 @@ -0,0 +1,11 @@ +--- a/web/acknowledge.c b/web/acknowledge.c +@@ -289,7 +289,7 @@ int main(int argc, char *argv[]) + pcre *dummy; + char *re; + +- re = (char *)malloc(8 + strlen(pagename)); ++ re = (char *)malloc(8 + 2*strlen(pagename)); + sprintf(re, %s$|^%s/.+, pagename, pagename); + dummy = compileregex(re); + if (dummy) { (This is probably exploitable, but the URL for this is only accessible for authenticated admin users, so it's not a very bad security issue.) The next one is the #767901 issue that causes monitoring graphs for the / partition (disk space and inodes) to be broken. The C part accounts for the fact that the df output in the default installations have / listed twice, and suppresses duplicate updates for that partitions (which cause rrd to get confused). The hard-to-read sh diff below merely restores the ROOTFS line that's present in the upstream version of the original file, but got lost during some patch update. diff -Nru xymon-4.3.17/debian/patches/disk-no-duplicate-root xymon-4.3.17/debian/patches/disk-no-duplicate-root --- xymon-4.3.17/debian/patches/disk-no-duplicate-root 1970-01-01 01:00:00.0 +0100 +++ xymon-4.3.17/debian/patches/disk-no-duplicate-root 2015-01-21 16:31:46.0 +0100 @@ -0,0 +1,30 @@ +--- a/xymond/rrd/do_disk.c b/xymond/rrd/do_disk.c +@@ -20,6 +20,7 @@ int do_disk_rrd(char *hostname, char *te + static int ptnsetup = 0; + static pcre *inclpattern = NULL; + static pcre *exclpattern = NULL; ++ int seen_root_fs = 0; + + if (strstr(msg, netapp.pl)) return do_netapp_disk_rrd(hostname, testname, classname, pagepaths, msg, tstamp); + if (strstr(msg, dbcheck.pl)) return do_dbcheck_tablespace_rrd(hostname, testname, classname, pagepaths, msg, tstamp); +@@ -163,6 +164,19 @@ int do_disk_rrd(char *hostname, char *te + + /* Check include/exclude patterns */ + wanteddisk = 1; ++ /* ++ * On some systems, including the Debian Wheezy default setup, ++ * df shows two entries for / (one for rootfs, one for the ++ * real device). Skip the second one or else the rrd files ++ *
Bug#776732: marked as done (unblock: spamassassin/3.4.0-6)
Your message dated Sun, 1 Feb 2015 12:21:37 +0100 with message-id 20150201112137.gc11...@lupin.home.powdarrmonkey.net and subject line Re: Bug#776732: unblock: spamassassin/3.4.0-6 has caused the Debian Bug report #776732, regarding unblock: spamassassin/3.4.0-6 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776732: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776732 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package spamassassin. It includes an update to the bundled rules to remove references to a DNS blacklist that is no longer functional and is returning yes for all requests, significantly raising the changes of false-positives. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774768 for details. Debdiff is attached. Thanks noah unblock spamassassin/3.4.0-6 -- System Information: Debian Release: 7.8 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru spamassassin-3.4.0/debian/changelog spamassassin-3.4.0/debian/changelog --- spamassassin-3.4.0/debian/changelog 2014-11-29 14:29:29.0 -0800 +++ spamassassin-3.4.0/debian/changelog 2015-01-31 11:07:51.0 -0800 @@ -1,3 +1,10 @@ +spamassassin (3.4.0-6) unstable; urgency=medium + + * Remove references to ahbl.org DNSBL, which has ceased operation. +(Closes: #774768) + + -- Noah Meyerhans no...@debian.org Sat, 31 Jan 2015 10:53:22 -0800 + spamassassin (3.4.0-5) unstable; urgency=medium * Import upstream fix for perl_version warnings (Closes: 771408) diff -Nru spamassassin-3.4.0/debian/patches/bug_774768_disable_ahbl spamassassin-3.4.0/debian/patches/bug_774768_disable_ahbl --- spamassassin-3.4.0/debian/patches/bug_774768_disable_ahbl 1969-12-31 16:00:00.0 -0800 +++ spamassassin-3.4.0/debian/patches/bug_774768_disable_ahbl 2015-01-31 11:07:51.0 -0800 @@ -0,0 +1,53 @@ +Index: spamassassin-3.4.0/pkgrules/20_dnsbl_tests.cf +=== +--- spamassassin-3.4.0.orig/pkgrules/20_dnsbl_tests.cf spamassassin-3.4.0/pkgrules/20_dnsbl_tests.cf +@@ -130,12 +130,6 @@ reuse RCVD_IN_PBL + # --- + # Now, single zone BLs follow: + +-# another domain-based blacklist +-header DNS_FROM_AHBL_RHSBL eval:check_rbl_envfrom('ahbl', 'rhsbl.ahbl.org.') +-describe DNS_FROM_AHBL_RHSBLEnvelope sender listed in dnsbl.ahbl.org +-tflags DNS_FROM_AHBL_RHSBL net +-reuse DNS_FROM_AHBL_RHSBL +- + # --- + # NOTE: donation tests, see README file for details + +Index: spamassassin-3.4.0/pkgrules/30_text_de.cf +=== +--- spamassassin-3.4.0.orig/pkgrules/30_text_de.cf spamassassin-3.4.0/pkgrules/30_text_de.cf +@@ -88,7 +88,6 @@ lang de describe RCVD_IN_SORBS_ZOMBIE SO + lang de describe RCVD_IN_SORBS_DUL SORBS: Senderechner nur temporär mit Internet verbunden + lang de describe RCVD_IN_SBL Transportiert via Rechner in SBL-Liste (http://www.spamhaus.org/sbl/) + lang de describe RCVD_IN_XBL Transportiert via Rechner in XBL-Liste (http://www.spamhaus.org/xbl/) +-lang de describe DNS_FROM_AHBL_RHSBL Absenderadresse in Liste von dnsbl.ahbl.org + lang de describe RCVD_IN_BL_SPAMCOP_NET Transportiert via Rechner in Liste von www.spamcop.net + lang de describe RCVD_IN_MAPS_RBL Transportiert via Rechner in Liste von http://www.mail-abuse.org/rbl/ + lang de describe RCVD_IN_MAPS_DUL Transportiert via Rechner in Liste von http://www.mail-abuse.org/dul/ +Index: spamassassin-3.4.0/pkgrules/30_text_pt_br.cf +=== +--- spamassassin-3.4.0.orig/pkgrules/30_text_pt_br.cf spamassassin-3.4.0/pkgrules/30_text_pt_br.cf +@@ -110,7 +110,6 @@ lang pt_BR describe __RCVD_IN_ZEN Recebi + lang pt_BR describe RCVD_IN_SBL Recebida por um relay listado em Spamhaus SBL + lang pt_BR describe RCVD_IN_XBL Recebida por um relay listado em Spamhaus XBL + lang pt_BR describe RCVD_IN_PBL Recebida por um relay listado em Spamhaus PBL +-lang pt_BR describe DNS_FROM_AHBL_RHSBL Envelope sender consta em dnsbl.ahbl.org + lang pt_BR describe RCVD_IN_BL_SPAMCOP_NET Recebida por um relay listado em bl.spamcop.net +
Bug#776762: nmu: mariadb-10.0_10.0.16-1~exp2
Package: release.debian.org Severity: normal Tags: experimental User: release.debian@packages.debian.org Usertags: binnmu nmu mariadb-10.0_10.0.16-1~exp2 . amd64 . experimental . -m Rebuild in a clean environment. The maintainer uploaded package depends on libthrift0, but I cannot find a trace of this package. Andreas -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150201130453.9985.75959.report...@zam581.zam.kfa-juelich.de
Bug#776765: unblock: util-linux/2.25.2-4.2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package util-linux This fixes bug #773354. Sorry I forgot to close the bug report in the changelog. Will do that manually. The breaks is necessary because live-tools in wheezy is broken. It misses a dependency on initramfs-tools. live-tools diverts update-initramfs and calls the original update-initramfs from initramfs-tools in it's version unconditionally, but without having a dependency on initramfs-tools. This dependency was added in version 4.0~alpha17-1, thus fixing the underlying bug. Recent versions of util-linux call update-initramfs in their postinst and without the breaks the postinst may be called before live-tools is updated and thus before initramfs-tools is unpacked. Then the postinst fails. Adding a breaks on the earlier versions of live-tools to util-linux ensures the correct unpack order on upgrades and solves the problem. unblock util-linux/2.25.2-4.2 -- System Information: Debian Release: 8.0 APT prefers testing-proposed-updates APT policy: (500, 'testing-proposed-updates'), (500, 'testing'), (100, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) diff -Nru util-linux-2.25.2/debian/changelog util-linux-2.25.2/debian/changelog --- util-linux-2.25.2/debian/changelog 2015-01-17 17:17:42.0 +0100 +++ util-linux-2.25.2/debian/changelog 2015-02-01 13:19:10.0 +0100 @@ -1,3 +1,10 @@ +util-linux (2.25.2-4.2) unstable; urgency=medium + + * Non-maintainer upload. + * Add Breaks: live-tools (4.0~alpha17-1) + + -- Gaudenz Steinlin gaud...@debian.org Sun, 01 Feb 2015 13:16:26 +0100 + util-linux (2.25.2-4.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru util-linux-2.25.2/debian/control util-linux-2.25.2/debian/control --- util-linux-2.25.2/debian/control 2015-01-17 17:06:40.0 +0100 +++ util-linux-2.25.2/debian/control 2015-02-01 13:18:52.0 +0100 @@ -38,7 +38,7 @@ Depends: initscripts, lsb-base (= 3.0-6), tzdata (=2006c-2), ${misc:Depends} Suggests: dosfstools, kbd | console-tools, util-linux-locales Replaces: bash-completion ( 1:2.1-3) -Breaks: bash-completion ( 1:2.1-3) +Breaks: bash-completion ( 1:2.1-3), live-tools ( 4.0~alpha17-1) Multi-Arch: foreign Description: Miscellaneous system utilities This package contains a number of important utilities, most of which
Bug#776767: marked as done (unblock: volumeicon/0.4.6-2.2)
Your message dated Sun, 1 Feb 2015 15:32:29 +0100 with message-id 20150201143229.gf11...@lupin.home.powdarrmonkey.net and subject line Re: Bug#776767: unblock: volumeicon/0.4.6-2.2 has caused the Debian Bug report #776767, regarding unblock: volumeicon/0.4.6-2.2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776767: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776767 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package volumeicon. It fixes a few bugs which shouldn't be in jessie. unblock volumeicon/0.4.6-2.2 thanks, Mateusz diff -Nru volumeicon-0.4.6/debian/changelog volumeicon-0.4.6/debian/changelog --- volumeicon-0.4.6/debian/changelog 2014-05-06 20:41:27.0 +0200 +++ volumeicon-0.4.6/debian/changelog 2014-10-26 13:33:03.0 +0100 @@ -1,3 +1,16 @@ +volumeicon (0.4.6-2.2) unstable; urgency=high + + * Non-maintainer upload. + * Add patch to replace x-terminal-emulator instead xterm - thanks to +Luca Capello l...@pca.it for the patch. (Closes: #754231) + * Typo in Depends: xfce4-nofityd = xfce4-notifyd. (Closes: #758494) + * Add .desktop file. (Closes: #749324) + * Bump Debian standards to 3.9.6. (no changes needed) + * Use canoninal Vcs fields. + * Bump debhelper version to 9. + + -- Mateusz Łukasik mat...@linuxmint.pl Sun, 26 Oct 2014 13:32:59 +0100 + volumeicon (0.4.6-2.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru volumeicon-0.4.6/debian/control volumeicon-0.4.6/debian/control --- volumeicon-0.4.6/debian/control 2014-05-06 20:34:30.0 +0200 +++ volumeicon-0.4.6/debian/control 2014-10-26 11:27:42.0 +0100 @@ -3,18 +3,18 @@ Priority: optional Maintainer: Andrew Gainer gainer.and...@gmail.com Uploaders: Julien Valroff jul...@debian.org -Build-Depends: debhelper (= 8.0.0~), autotools-dev, +Build-Depends: debhelper (= 9), autotools-dev, libgtk2.0-dev, libasound2-dev, libnotify-dev -Standards-Version: 3.9.3 +Standards-Version: 3.9.6 Homepage: http://softwarebakery.com/maato/volumeicon.html -Vcs-Git: git://git.debian.org/collab-maint/volumeicon.git -Vcs-Browser: http://git.debian.org/?p=collab-maint/volumeicon.git;a=summary +Vcs-Git: git://anonscm.debian.org/collab-maint/volumeicon.git +Vcs-Browser: https://anonscm.debian.org/cgit/collab-maint/volumeicon.git;a=summary Package: volumeicon-alsa Architecture: linux-any Depends: ${misc:Depends}, ${shlibs:Depends} Suggests: alsamixergui | aumix-gtk | kmix | gnome-alsamixer, - notify-osd | xfce4-nofityd | notification-daemon + notify-osd | xfce4-notifyd | notification-daemon Description: systray volume icon for alsa This is a lightweight volume control that sits in your systray. This version is compatible with ALSA. diff -Nru volumeicon-0.4.6/debian/patches/002_replace-hardcoded-xterm.diff volumeicon-0.4.6/debian/patches/002_replace-hardcoded-xterm.diff --- volumeicon-0.4.6/debian/patches/002_replace-hardcoded-xterm.diff 1970-01-01 01:00:00.0 +0100 +++ volumeicon-0.4.6/debian/patches/002_replace-hardcoded-xterm.diff 2014-10-26 10:57:02.0 +0100 @@ -0,0 +1,16 @@ +Description: Replace hardcoded xterm with x-terminal-emulator +Bug-Debian: https://bugs.debian.org/754231 +Author: Luca Capello l...@pca.it +Last-Update: 2014-07-08 + +--- a/src/config.c b/src/config.c +@@ -59,7 +59,7 @@ + static void config_load_default() + { + if(!m_helper_program) +- config_set_helper(xterm -e 'alsamixer'); ++ config_set_helper(x-terminal-emulator -e 'alsamixer'); + if(!m_channel) + config_set_channel(NULL); + if(!m_card) diff -Nru volumeicon-0.4.6/debian/patches/series volumeicon-0.4.6/debian/patches/series --- volumeicon-0.4.6/debian/patches/series 2013-02-16 09:21:30.0 +0100 +++ volumeicon-0.4.6/debian/patches/series 2014-10-26 10:56:21.0 +0100 @@ -1 +1,2 @@ 001_remove-individual-glib-headers.diff +002_replace-hardcoded-xterm.diff diff -Nru volumeicon-0.4.6/debian/volumeicon.desktop volumeicon-0.4.6/debian/volumeicon.desktop --- volumeicon-0.4.6/debian/volumeicon.desktop 1970-01-01 01:00:00.0 +0100 +++ volumeicon-0.4.6/debian/volumeicon.desktop 2014-10-26 11:15:33.0 +0100 @@ -0,0 +1,12 @@ +[Desktop Entry] +Name=Volume Icon +Name[fr]=Icône pour le contrôle du volume +Comment=Lightweight volume control for the systray +Comment[fr]=Simple contrôle du volume pour la barre d'état +Icon=volume
Bug#774737: unblock: libjpeg9/1:9a-2
On 2015-01-29 20:40, Bill Allombert wrote: On Thu, Jan 29, 2015 at 08:32:58PM +0100, Niels Thykier wrote: [...] I am still not convinced that this is sufficient to turn over the decision to only have one libjpeg implementation in Jessie. The two previous Debian releases had several libjpeg implementations. Why this change and why now ? I find rather unfair that I spend time packaging libjpeg9 to be told several month later than it would not be included in stable for some unspecified reason. Cheers, If you disagree with this change then why did you not object to it when you learned of it? You have known at least since the 9th of August that this was the case *and* it would affect your packages[1]. ~Niels [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717076#240 -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54cdf336.4010...@thykier.net
Bug#776616: unblock: fso stack
On Sun, Feb 01, 2015 at 10:24:06AM +0100, Niels Thykier wrote: On 2015-01-30 01:37, Sebastian Reichel wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock packages: * fso-datad * fso-deviced * fso-frameworkd * fso-gsmd * fso-usaged * phonefsod Reason: security update regarding dbus configuration. I have unblocked all of these, Thanks. but I do have a few remarks on: [...] unblock fso-frameworkd/0.9.5.9+git20110512-5 [...] This package has a few changes that do not follow the described pattern: Ah right, I forgot to mention those. Basically upstream data looks a bit different for those lines, so the patch pattern also changes. The important part is to remove all individual standing send_path policy rules, since they also are valid for other destinations, which may not evaluate the path at all. + policy context=default + allow own=org.freesmartphone.ogpsd/ + allow own=org.freedesktop.Gypsy/ +-allow send_path=/org/freedesktop/Gypsy/ + allow send_destination=org.freesmartphone.ogpsd/ + allow send_destination=org.freedesktop.gypsy/ + /policy In this case I just dropped the send_path, since I was not sure about upstreams exact motiviation. Since the additional security gain for the send_path restriction is marginal (send_destination is already unique and there is a very low change of another service using the same destination in the future) I dropped the rule instead of risking broken machines. + policy context=default + allow own=org.freesmartphone.odeviced/ +-allow send_path=// + allow send_destination=org.freesmartphone.odeviced/ + /policy adding the send_path to the send_destination rule does not add further restrictions = drop it. [...] -- Sebastian signature.asc Description: Digital signature
Bug#776762: marked as done (nmu: mariadb-10.0_10.0.16-1~exp2)
Your message dated Sun, 1 Feb 2015 15:10:07 +0100 with message-id 20150201141007.gd11...@lupin.home.powdarrmonkey.net and subject line Re: Bug#776762: nmu: mariadb-10.0_10.0.16-1~exp2 has caused the Debian Bug report #776762, regarding nmu: mariadb-10.0_10.0.16-1~exp2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776762: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776762 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal Tags: experimental User: release.debian@packages.debian.org Usertags: binnmu nmu mariadb-10.0_10.0.16-1~exp2 . amd64 . experimental . -m Rebuild in a clean environment. The maintainer uploaded package depends on libthrift0, but I cannot find a trace of this package. Andreas ---End Message--- ---BeginMessage--- On Sun, Feb 01, 2015 at 02:04:53PM +0100, Andreas Beckmann wrote: The maintainer uploaded package depends on libthrift0, but I cannot find a trace of this package. Scheduled. -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 signature.asc Description: Digital signature ---End Message---
Bug#776759: marked as done (nmu: mia_2.2.3-1)
Your message dated Sun, 1 Feb 2015 15:11:31 +0100 with message-id 20150201141131.ge11...@lupin.home.powdarrmonkey.net and subject line Re: Bug#776759: nmu: mia_2.2.3-1 has caused the Debian Bug report #776759, regarding nmu: mia_2.2.3-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776759: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776759 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal Tags: experimental User: release.debian@packages.debian.org Usertags: binnmu nmu mia_2.2.3-1 . amd64 . experimental . -m Rebuild against libjpeg62-turbo. that package is uninstallable due to a Depends: libjpeg62 Andreas ---End Message--- ---BeginMessage--- On Sun, Feb 01, 2015 at 01:14:59PM +0100, Andreas Beckmann wrote: nmu mia_2.2.3-1 . amd64 . experimental . -m Rebuild against libjpeg62-turbo. that package is uninstallable due to a Depends: libjpeg62 Scheduled. -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 signature.asc Description: Digital signature ---End Message---
Bug#776616: unblock: fso stack
On Sun, 01 Feb 2015 at 11:31:58 +0100, Sebastian Reichel wrote: On Sun, Feb 01, 2015 at 10:24:06AM +0100, Niels Thykier wrote: This package has a few changes that do not follow the described pattern: Ah right, I forgot to mention those. Basically upstream data looks a bit different for those lines, so the patch pattern also changes. I am an upstream and Debian D-Bus maintainer, and the reporter of CVE-2014-8156. If Sebastian's changes for jessie match the ones for wheezy that are attached to #776617, then I confirm that they are reasonable patterns to address CVE-2014-8156. I do not know enough about fso to know whether they will cause fso to regress (disallowing more than they should) or whether they are sufficient to make fso *itself* secure against malicious local users (which is probably not a supported use-case anyway), but they do stop fso from making *other things* insecure. In particular, nothing seems to be allowed that was not already allowed. Regards, S -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/2015020055.ga22...@reptile.pseudorandom.co.uk
Bug#776759: nmu: mia_2.2.3-1
Package: release.debian.org Severity: normal Tags: experimental User: release.debian@packages.debian.org Usertags: binnmu nmu mia_2.2.3-1 . amd64 . experimental . -m Rebuild against libjpeg62-turbo. that package is uninstallable due to a Depends: libjpeg62 Andreas -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150201121459.1250.23236.report...@zam581.zam.kfa-juelich.de
Bug#776761: unblock: live-tools/4.0.2-1.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package live-tools This fixes bug #774915. live-tools removes a diversion of /usr/bin/uptime. The removal has to be done in postinst instead of preinst because the new version of the package which no longer contains live-tools version of uptime needs to be unpacked first. Otherwise dpkg-divert errors out because it would overwrite the old version of uptime still belonging to live-tools. unblock live-tools/4.0.2-1.1 -- System Information: Debian Release: 8.0 APT prefers testing-proposed-updates APT policy: (500, 'testing-proposed-updates'), (500, 'testing'), (100, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) diff -Nru live-tools-4.0.2/debian/changelog live-tools-4.0.2/debian/changelog --- live-tools-4.0.2/debian/changelog 2014-12-10 10:04:17.0 +0100 +++ live-tools-4.0.2/debian/changelog 2015-02-01 01:53:42.0 +0100 @@ -1,3 +1,10 @@ +live-tools (4.0.2-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Move removal of diversion to postinst (Closes: #774915) + + -- Gaudenz Steinlin gaud...@debian.org Sun, 01 Feb 2015 01:53:17 +0100 + live-tools (4.0.2-1) unstable; urgency=low * Removing left-over divertion on procps when upgrading from before diff -Nru live-tools-4.0.2/debian/live-tools.postinst live-tools-4.0.2/debian/live-tools.postinst --- live-tools-4.0.2/debian/live-tools.postinst 1970-01-01 01:00:00.0 +0100 +++ live-tools-4.0.2/debian/live-tools.postinst 2015-02-01 01:40:14.0 +0100 @@ -0,0 +1,14 @@ +#!/bin/sh +set -e + +if [ $1 = configure ] +then + # upgrade from live-tools 4.0.1 + if dpkg-divert --package live-tools --list | grep -F /usr/bin/uptime.orig.procps + then + dpkg-divert --package live-tools --quiet --remove --rename --divert /usr/bin/uptime.orig.procps /usr/bin/uptime + dpkg-divert --package live-tools --quiet --remove --rename --divert /usr/share/man/man1/uptime.orig.procps.1.gz /usr/share/man/man1/uptime.1.gz + fi +fi + +#DEBHELPER# diff -Nru live-tools-4.0.2/debian/live-tools.preinst live-tools-4.0.2/debian/live-tools.preinst --- live-tools-4.0.2/debian/live-tools.preinst 2014-12-10 10:04:17.0 +0100 +++ live-tools-4.0.2/debian/live-tools.preinst 2015-02-01 01:37:39.0 +0100 @@ -8,12 +8,6 @@ dpkg-divert --package live-tools --quiet --add --rename --divert /usr/sbin/update-initramfs.orig.initramfs-tools /usr/sbin/update-initramfs dpkg-divert --package live-tools --quiet --add --rename --divert /usr/share/man/man8/update-initramfs.orig.initramfs-tools.8.gz /usr/share/man/man8/update-initramfs.8.gz - # upgrade from live-tools 4.0.1 - if [ -e /usr/bin/uptime.orig.procps ] - then - dpkg-divert --package live-tools --quiet --remove --rename --divert /usr/bin/uptime.orig.procps /usr/bin/uptime - dpkg-divert --package live-tools --quiet --remove --rename --divert /usr/share/man/man1/uptime.orig.procps.1.gz /usr/share/man/man1/uptime.1.gz - fi ;; abort-upgrade)
Bug#776767: unblock: volumeicon/0.4.6-2.2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package volumeicon. It fixes a few bugs which shouldn't be in jessie. unblock volumeicon/0.4.6-2.2 thanks, Mateusz diff -Nru volumeicon-0.4.6/debian/changelog volumeicon-0.4.6/debian/changelog --- volumeicon-0.4.6/debian/changelog 2014-05-06 20:41:27.0 +0200 +++ volumeicon-0.4.6/debian/changelog 2014-10-26 13:33:03.0 +0100 @@ -1,3 +1,16 @@ +volumeicon (0.4.6-2.2) unstable; urgency=high + + * Non-maintainer upload. + * Add patch to replace x-terminal-emulator instead xterm - thanks to +Luca Capello l...@pca.it for the patch. (Closes: #754231) + * Typo in Depends: xfce4-nofityd = xfce4-notifyd. (Closes: #758494) + * Add .desktop file. (Closes: #749324) + * Bump Debian standards to 3.9.6. (no changes needed) + * Use canoninal Vcs fields. + * Bump debhelper version to 9. + + -- Mateusz Łukasik mat...@linuxmint.pl Sun, 26 Oct 2014 13:32:59 +0100 + volumeicon (0.4.6-2.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru volumeicon-0.4.6/debian/control volumeicon-0.4.6/debian/control --- volumeicon-0.4.6/debian/control 2014-05-06 20:34:30.0 +0200 +++ volumeicon-0.4.6/debian/control 2014-10-26 11:27:42.0 +0100 @@ -3,18 +3,18 @@ Priority: optional Maintainer: Andrew Gainer gainer.and...@gmail.com Uploaders: Julien Valroff jul...@debian.org -Build-Depends: debhelper (= 8.0.0~), autotools-dev, +Build-Depends: debhelper (= 9), autotools-dev, libgtk2.0-dev, libasound2-dev, libnotify-dev -Standards-Version: 3.9.3 +Standards-Version: 3.9.6 Homepage: http://softwarebakery.com/maato/volumeicon.html -Vcs-Git: git://git.debian.org/collab-maint/volumeicon.git -Vcs-Browser: http://git.debian.org/?p=collab-maint/volumeicon.git;a=summary +Vcs-Git: git://anonscm.debian.org/collab-maint/volumeicon.git +Vcs-Browser: https://anonscm.debian.org/cgit/collab-maint/volumeicon.git;a=summary Package: volumeicon-alsa Architecture: linux-any Depends: ${misc:Depends}, ${shlibs:Depends} Suggests: alsamixergui | aumix-gtk | kmix | gnome-alsamixer, - notify-osd | xfce4-nofityd | notification-daemon + notify-osd | xfce4-notifyd | notification-daemon Description: systray volume icon for alsa This is a lightweight volume control that sits in your systray. This version is compatible with ALSA. diff -Nru volumeicon-0.4.6/debian/patches/002_replace-hardcoded-xterm.diff volumeicon-0.4.6/debian/patches/002_replace-hardcoded-xterm.diff --- volumeicon-0.4.6/debian/patches/002_replace-hardcoded-xterm.diff 1970-01-01 01:00:00.0 +0100 +++ volumeicon-0.4.6/debian/patches/002_replace-hardcoded-xterm.diff 2014-10-26 10:57:02.0 +0100 @@ -0,0 +1,16 @@ +Description: Replace hardcoded xterm with x-terminal-emulator +Bug-Debian: https://bugs.debian.org/754231 +Author: Luca Capello l...@pca.it +Last-Update: 2014-07-08 + +--- a/src/config.c b/src/config.c +@@ -59,7 +59,7 @@ + static void config_load_default() + { + if(!m_helper_program) +- config_set_helper(xterm -e 'alsamixer'); ++ config_set_helper(x-terminal-emulator -e 'alsamixer'); + if(!m_channel) + config_set_channel(NULL); + if(!m_card) diff -Nru volumeicon-0.4.6/debian/patches/series volumeicon-0.4.6/debian/patches/series --- volumeicon-0.4.6/debian/patches/series 2013-02-16 09:21:30.0 +0100 +++ volumeicon-0.4.6/debian/patches/series 2014-10-26 10:56:21.0 +0100 @@ -1 +1,2 @@ 001_remove-individual-glib-headers.diff +002_replace-hardcoded-xterm.diff diff -Nru volumeicon-0.4.6/debian/volumeicon.desktop volumeicon-0.4.6/debian/volumeicon.desktop --- volumeicon-0.4.6/debian/volumeicon.desktop 1970-01-01 01:00:00.0 +0100 +++ volumeicon-0.4.6/debian/volumeicon.desktop 2014-10-26 11:15:33.0 +0100 @@ -0,0 +1,12 @@ +[Desktop Entry] +Name=Volume Icon +Name[fr]=Icône pour le contrôle du volume +Comment=Lightweight volume control for the systray +Comment[fr]=Simple contrôle du volume pour la barre d'état +Icon=volume +Exec=volumeicon +Terminal=false +Type=Application +StartupNotify=false +Categories=AudioVideo; +Keywords=audio;sound;mixer;music; diff -Nru volumeicon-0.4.6/debian/volumeicon.install volumeicon-0.4.6/debian/volumeicon.install --- volumeicon-0.4.6/debian/volumeicon.install 1970-01-01 01:00:00.0 +0100 +++ volumeicon-0.4.6/debian/volumeicon.install 2014-10-26 11:14:41.0 +0100 @@ -0,0 +1 @@ +debian/volumeicon.desktop usr/share/applications
Bug#776748: (pre-approval) unblock: libxml2/2.9.1+dfsg1-5 (via t-p-u)
On Sun, Feb 1, 2015 at 4:24 PM, Aron Xu a...@debian.org wrote: libxml2 in Jessie has CVE-2014-3600 pending to be addressed This should be CVE-2014-3660. Regards, Aron -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CAMr=8w7n09xn9bjpz6uxujjghclkajhi4uyj9mi7haqf07g...@mail.gmail.com
Bug#776695: marked as done (unblock: tomcat6/6.0.41-3)
Your message dated Sun, 01 Feb 2015 10:12:13 +0100 with message-id 54cdeded.1010...@thykier.net and subject line Re: Bug#776695: unblock: tomcat6/6.0.41-3 has caused the Debian Bug report #776695, regarding unblock: tomcat6/6.0.41-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776695: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776695 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package tomcat6. This update removes the tomcat6 server but preserves the Servlet API which is still used as a build dependency. Jessie already has Tomcat 7 8 and we don't want to support 3 versions of Tomcat in Jessie. Thank you unblock tomcat6/6.0.41-3 ---End Message--- ---BeginMessage--- On 2015-01-31 10:57, Emmanuel Bourg wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package tomcat6. This update removes the tomcat6 server but preserves the Servlet API which is still used as a build dependency. Jessie already has Tomcat 7 8 and we don't want to support 3 versions of Tomcat in Jessie. Thank you unblock tomcat6/6.0.41-3 Unblocked, thanks. :) ~Niels---End Message---
Bug#776639: marked as done (unblock: rbenv/0.4.0+debian1-3)
Your message dated Sun, 1 Feb 2015 11:16:55 +0100 with message-id 20150201101655.ga23...@ugent.be and subject line Re: Bug#776639: unblock: rbenv/0.4.0+debian1-3 has caused the Debian Bug report #776639, regarding unblock: rbenv/0.4.0+debian1-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776639: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776639 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package rbenv This is documentation update to remove mentions of a feature that is no longer supported in jessie. the debdiff against the package in testing is attached. unblock rbenv/0.4.0+debian1-3 -- System Information: Debian Release: 8.0 APT prefers buildd-unstable APT policy: (500, 'buildd-unstable'), (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- Antonio Terceiro terce...@debian.org diff -Nru rbenv-0.4.0+debian1/debian/changelog rbenv-0.4.0+debian1/debian/changelog --- rbenv-0.4.0+debian1/debian/changelog 2014-02-26 16:26:53.0 -0300 +++ rbenv-0.4.0+debian1/debian/changelog 2015-01-29 17:48:35.0 -0200 @@ -1,3 +1,10 @@ +rbenv (0.4.0+debian1-3) unstable; urgency=medium + + * debian/copyright: remove mention to rbenv-alternatives/ + * manpage: remove mention of rbenv-alternatives + + -- Antonio Terceiro terce...@debian.org Thu, 29 Jan 2015 17:48:33 -0200 + rbenv (0.4.0+debian1-2) unstable; urgency=medium * Remove rbenv-alternatives plugin. The Ruby maintainers do not plan to diff -Nru rbenv-0.4.0+debian1/debian/copyright rbenv-0.4.0+debian1/debian/copyright --- rbenv-0.4.0+debian1/debian/copyright 2014-02-26 13:09:33.0 -0300 +++ rbenv-0.4.0+debian1/debian/copyright 2015-01-29 17:48:35.0 -0200 @@ -6,10 +6,6 @@ Copyright: Copyright (c) 2011 Sam Stephenson License: MIT -Files: rbenv-alternatives/* -Copyright: Copyright © 2011 Antonio Terceiro terce...@debian.org -License: MIT - Files: debian/* Copyright: Copyright © 2011 Antonio Terceiro terce...@debian.org License: MIT diff -Nru rbenv-0.4.0+debian1/debian/rbenv.pod rbenv-0.4.0+debian1/debian/rbenv.pod --- rbenv-0.4.0+debian1/debian/rbenv.pod 2014-02-26 13:09:33.0 -0300 +++ rbenv-0.4.0+debian1/debian/rbenv.pod 2015-01-29 17:48:35.0 -0200 @@ -10,21 +10,19 @@ $ echo 'eval $(rbenv init -)' ~/.bashrc # restart your shell after this -Make the Ruby interpreters installed through APT and configured with the -alternatives system to rbenv: +Install different Ruby interpreters (requires the Iruby-install +package): - $ rbenv alternatives - Added 1.8.7-debian - Added 1.9.2-debian + $ rbenv install 1.9.2-p290 Switch between different Ruby interpreters: - $ rbenv global 1.9.2-debian + $ rbenv global 1.9.2-p290 $ ruby -v ruby 1.9.2p290 (2011-07-09 revision 32553) [x86_64-linux] - $ rbenv global 1.8.7-debian + $ rbenv global system $ ruby -v - ruby 1.8.7 (2011-06-30 patchlevel 352) [x86_64-linux] + ruby [whatever version of Ruby Debian provides by default] The original rbenv README with a more comprehensive documentation, including all of the available commands, is available at signature.asc Description: Digital signature ---End Message--- ---BeginMessage--- Hi, On Fri, Jan 30, 2015 at 09:44:42AM -0200, Antonio Terceiro wrote: Please unblock package rbenv Unblocked. Cheers, Ivo---End Message---
Bug#776657: marked as done (unblock: redmine/3.0~20140825-4)
Your message dated Sun, 1 Feb 2015 11:18:34 +0100 with message-id 20150201101834.gb23...@ugent.be and subject line Re: Bug#776657: unblock: redmine/3.0~20140825-4 has caused the Debian Bug report #776657, regarding unblock: redmine/3.0~20140825-4 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776657: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776657 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package redmine This version includes a documentation update, and changes to debian/tests/* which add a new DEP-8 test case, but have no impact whatsoever on the produced binary packages. The diff against the version currently in testing is attached. unblock redmine/3.0~20140825-4 -- System Information: Debian Release: 8.0 APT prefers buildd-unstable APT policy: (500, 'buildd-unstable'), (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- Antonio Terceiro terce...@debian.org diff --git a/debian/changelog b/debian/changelog index f36fe0c..6bad6fb 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +redmine (3.0~20140825-4) unstable; urgency=medium + + * debian/doc/examples/apache2-passenger-alias.conf: updated example +configuration for Passenger setups under a sub-uri (e.g. /redmine) so that +it actually works. + * debian/tests/* also test apache2-passenger-alias case. + + -- Antonio Terceiro terce...@debian.org Fri, 30 Jan 2015 14:04:38 -0200 + redmine (3.0~20140825-3) unstable; urgency=medium * debian/patches/avoid-crash-on-issues.diff: apply upstream patch to avoid diff --git a/debian/doc/examples/apache2-passenger-alias.conf b/debian/doc/examples/apache2-passenger-alias.conf index 91b7bab..3911794 100644 --- a/debian/doc/examples/apache2-passenger-alias.conf +++ b/debian/doc/examples/apache2-passenger-alias.conf @@ -10,6 +10,10 @@ # apache2 serves public files Alias /redmine/plugin_assets/ /var/cache/redmine/default/plugin_assets/ Alias /redmine /usr/share/redmine/public +Location /redmine +PassengerBaseURI /redmine +PassengerAppRoot /usr/share/redmine +/Location Directory /usr/share/redmine/public Allow from all Options -MultiViews diff --git a/debian/tests/control b/debian/tests/control index 1e94396..a0aaddf 100644 --- a/debian/tests/control +++ b/debian/tests/control @@ -1,11 +1,15 @@ -Test-Command: debian/tests/smoke-test sqlite3 +Test-Command: debian/tests/smoke-test sqlite3 apache2-passenger-host / Depends: redmine-sqlite, redmine, apache2, libapache2-mod-passenger, curl Restrictions: needs-root -Test-Command: debian/tests/smoke-test postgresql +Test-Command: debian/tests/smoke-test postgresql apache2-passenger-host / Depends: postgresql, redmine-pgsql, redmine, apache2, libapache2-mod-passenger, curl Restrictions: needs-root -Test-Command: debian/tests/smoke-test mysql2 +Test-Command: debian/tests/smoke-test mysql2 apache2-passenger-host / Depends: mysql-server, redmine-mysql, redmine, apache2, libapache2-mod-passenger, curl Restrictions: needs-root + +Test-Command: debian/tests/smoke-test sqlite3 apache2-passenger-alias /redmine +Depends: redmine-sqlite, redmine, apache2, libapache2-mod-passenger, curl +Restrictions: needs-root diff --git a/debian/tests/smoke-test b/debian/tests/smoke-test index 1110061..2e9e8e4 100755 --- a/debian/tests/smoke-test +++ b/debian/tests/smoke-test @@ -1,30 +1,18 @@ #!/bin/sh dbadapter=${1:-sqlite3} -webserver=${2:-apache2-passenger} +setup=${2:-apache2-passenger-host} +uri=${3:-/} exec 21 set -eux grep adapter:[[:space:]]*$dbadapter /etc/redmine/default/database.yml -setup_apache2() { - sed -e '/VirtualHost/ a ServerName localhost' /usr/share/doc/redmine/examples/$webserver-host.conf /etc/apache2/sites-enabled/redmine.conf - service apache2 restart -} +a2enmod rewrite -case $webserver in - apache2) -a2enmod rewrite -setup_apache2 -;; - apache2-passenger) -setup_apache2 -;; - *) -set +x -echo Testing under $webserver not supported yet -exit 1 -esac +sed -e '/VirtualHost/ a ServerName localhost' /usr/share/doc/redmine/examples/${setup}.conf /etc/apache2/sites-enabled/redmine.conf -curl -s http://localhost/ | grep
NEW changes in stable-new
Processing changes file: tzdata_2015a-0wheezy1_amd64.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1yhwgp-0007ap...@franck.debian.org
Processed: Re: Bug#776748: (pre-approval) unblock: libxml2/2.9.1+dfsg1-5 (via t-p-u)
Processing control commands: tags -1 + moreinfo Bug #776748 [release.debian.org] (pre-approval) unblock: libxml2/2.9.1+dfsg1-5 (via t-p-u) Added tag(s) moreinfo. -- 776748: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776748 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.b776748.142281081126509.transcr...@bugs.debian.org
Bug#776777: marked as done (unblock: libdatetime-timezone-perl/1:1.75-2+2015a)
Your message dated Sun, 01 Feb 2015 17:18:27 + with message-id 1422811107.14650.7.ca...@adam-barratt.org.uk and subject line Re: Bug#776777: unblock: libdatetime-timezone-perl/1:1.75-2+2015a has caused the Debian Bug report #776777, regarding unblock: libdatetime-timezone-perl/1:1.75-2+2015a to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776777: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776777 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Please unblock package libdatetime-timezone-perl. 1:1.75-2+2015a includes the update to Olson db 2015a, as usual as a quilt patch which only touches the .pm files containing the timezone information. I'm attaching a manually stripped down debdiff. Changelog: libdatetime-timezone-perl (1:1.75-2+2015a) unstable; urgency=high * Update to Olson database version 2015a. Add patch debian/patches/olson-2015a, which updates the timezone *.pm files, using upstream's tools/parse_olson script. * Set urgency to high. A change for America/Cancun becomes effective today. -- gregor herrmann gre...@debian.org Sun, 01 Feb 2015 17:15:22 +0100 Thanks, gregor unblock libdatetime-timezone-perl/1:1.75-2+2015a -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQJ8BAEBCgBmBQJUzlPVXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREMUUxMzE2RTkzQTc2MEE4MTA0RDg1RkFC QjNBNjgwMTg2NDlBQTA2AAoJELs6aAGGSaoG7iMQAL3OnxT+TVuqiOWydbWMv20n RFrNp1FqkVbC4ezSVG5DZwkByPtKSfWK4fjN8eoxhXQ72PpUla7FB1+V1J1w0/ma WBCu7GUJ6YwQRCi2Wj9GwME8qjxyihfyqbgW0vz6QQBoBunIhRhnsJuWlylWdKYo vGLAhhYd6tFqJ4iW6daYTXp48SvThviDPZihECXYb8YGjPnFSA3UJZ3yJD5I4goD UgT38FzgCvuIAXPdOTG2SSn/LtcYf7VJToQr+Jn6qVNlqG9GH4fOK9zPIf7qzTiT PIzok1sr3NS8lFg3GN9WbQ8S3tsRrFY6NFFZcOdwfuiQmWsgn5NE9/yiMCxSUnXG DrBXI1SePPhBv88P5Gu19/nN1gVkreLTpTrEoLYvqw77yMEvL6sz5mVfoBp0Z40M e/rKFGprsOJbECs9Ejz5ptxA30Aplm96mj1E2/j+OStabcDTghHhk16c/xUdY9qv FG3EqcdYUXUbnAYhKQOEHA3QTFenPPNcj1yhdz2ArgY1naRztCunxFiV2oqln9rY ILqP+v063cd1HXAwO83cN9wrwgqSYHw/y0/GIo/vCmy0+EHs87fPUIko3DQn1Dap WQ/GVEmTsKm9VWVMrXBUpCCYoxkj8A2q3ZTKu2zjN+qJEraDMAIlbQp0G9Ticqtd XKMnGc5meSa53+d2Rt5z =5FOC -END PGP SIGNATURE- diff -Nru libdatetime-timezone-perl-1.75/debian/changelog libdatetime-timezone-perl-1.75/debian/changelog --- libdatetime-timezone-perl-1.75/debian/changelog 2014-11-13 15:18:56.0 +0100 +++ libdatetime-timezone-perl-1.75/debian/changelog 2015-02-01 17:17:15.0 +0100 @@ -1,3 +1,13 @@ +libdatetime-timezone-perl (1:1.75-2+2015a) unstable; urgency=high + + * Update to Olson database version 2015a. +Add patch debian/patches/olson-2015a, which updates the timezone *.pm +files, using upstream's tools/parse_olson script. + * Set urgency to high. +A change for America/Cancun becomes effective today. + + -- gregor herrmann gre...@debian.org Sun, 01 Feb 2015 17:15:22 +0100 + libdatetime-timezone-perl (1:1.75-2+2014j) unstable; urgency=high * Update to Olson database version 2014j. diff -Nru libdatetime-timezone-perl-1.75/debian/patches/olson-2015a libdatetime-timezone-perl-1.75/debian/patches/olson-2015a --- libdatetime-timezone-perl-1.75/debian/patches/olson-2015a 1970-01-01 01:00:00.0 +0100 +++ libdatetime-timezone-perl-1.75/debian/patches/olson-2015a 2015-02-01 17:17:15.0 +0100 @@ -0,0 +1,16039 @@ +Description: update to olson db 2015a +Origin: vendor +Author: gregor herrmann gre...@debian.org +Last-Update: 2015-02-01 + +--- a/lib/DateTime/TimeZone/Africa/Abidjan.pm b/lib/DateTime/TimeZone/Africa/Abidjan.pm +@@ -3,7 +3,7 @@ + # DateTime::TimeZone module distribution in the tools/ directory + + # +-# Generated from debian/tzdata/africa. Olson data version 2014j ++# Generated from debian/tzdata/africa. Olson data version 2015a + # + # Do not edit this file directly. + # +@@ -39,11 +39,11 @@ + ], + ]; + +-sub olson_version { '2014j' } ++sub olson_version { '2015a' } + + sub has_dst_changes { 0 } + +-sub _max_year { 2024 } ++sub _max_year { 2025 } + + sub _new_instance + { +--- a/lib/DateTime/TimeZone/America/Cancun.pm b/lib/DateTime/TimeZone/America/Cancun.pm +@@ -3,7 +3,7 @@ + # DateTime::TimeZone module distribution in the tools/ directory + + # +-# Generated from debian/tzdata/northamerica. Olson data version 2014j ++# Generated from debian/tzdata/northamerica. Olson data version 2015a + # + # Do not edit this file directly. + # +@@ -390,283 +390,35 @@ + ], + [ +
Processed: Re: Bug#776734: pu: package spamassassin/3.3.2-5+deb7u3
Processing control commands: tags -1 + confirmed wheezy Bug #776734 [release.debian.org] pu: package spamassassin/3.3.2-5+deb7u3 Added tag(s) wheezy and confirmed. -- 776734: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776734 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.b776734.142281122031449.transcr...@bugs.debian.org
Bug#776733: marked as done (unblock: libsndfile/1.0.25-9.1)
Your message dated Sun, 01 Feb 2015 17:21:20 + with message-id 1422811280.14650.9.ca...@adam-barratt.org.uk and subject line Re: Bug#776733: unblock: libsndfile/1.0.25-9.1 has caused the Debian Bug report #776733, regarding unblock: libsndfile/1.0.25-9.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776733: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776733 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: release.debian.org User: release.debian@packages.debian.org Usertags: unblock Severity: normal Please consider unblocking libsndfile. It fixes buffer overrun issues (bug #774162). unblock libsndfile/1.0.25-9.1 diff -Nru libsndfile-1.0.25/debian/changelog libsndfile-1.0.25/debian/changelog --- libsndfile-1.0.25/debian/changelog 2014-01-29 19:43:08.0 + +++ libsndfile-1.0.25/debian/changelog 2015-01-06 01:19:30.0 + @@ -1,3 +1,10 @@ +libsndfile (1.0.25-9.1) unstable; urgency=high + + * Non-maintainer upload by the Security Team. + * Fix CVE-2014-9496: buffer overread issues (closes: #774162). + + -- Michael Gilbert mgilb...@debian.org Sun, 04 Jan 2015 20:38:25 + + libsndfile (1.0.25-9) unstable; urgency=low * debian/rules: Switch from autotools-dev to dh-autoreconf. diff -Nru libsndfile-1.0.25/debian/patches/CVE-2014-9496.patch libsndfile-1.0.25/debian/patches/CVE-2014-9496.patch --- libsndfile-1.0.25/debian/patches/CVE-2014-9496.patch 1970-01-01 00:00:00.0 + +++ libsndfile-1.0.25/debian/patches/CVE-2014-9496.patch 2015-01-06 01:19:50.0 + @@ -0,0 +1,31 @@ +description: fix buffer overread issues +origin: https://github.com/erikd/libsndfile/commit/dbe14f00030af5d3577f4cabbf9861db59e9c378 + +--- a/src/sd2.c b/src/sd2.c +@@ -513,6 +513,11 @@ sd2_parse_rsrc_fork (SF_PRIVATE *psf) + + rsrc.type_offset = rsrc.map_offset + 30 ; + ++ if (rsrc.map_offset + 28 rsrc.rsrc_len) ++ { psf_log_printf (psf, Bad map offset.\n) ; ++ goto parse_rsrc_fork_cleanup ; ++ } ; ++ + rsrc.type_count = read_rsrc_short (rsrc, rsrc.map_offset + 28) + 1 ; + if (rsrc.type_count 1) + { psf_log_printf (psf, Bad type count.\n) ; +@@ -529,7 +534,12 @@ sd2_parse_rsrc_fork (SF_PRIVATE *psf) + + rsrc.str_index = -1 ; + for (k = 0 ; k rsrc.type_count ; k ++) +- { marker = read_rsrc_marker (rsrc, rsrc.type_offset + k * 8) ; ++ { if (rsrc.type_offset + k * 8 rsrc.rsrc_len) ++ { psf_log_printf (psf, Bad rsrc marker.\n) ; ++ goto parse_rsrc_fork_cleanup ; ++ } ; ++ ++ marker = read_rsrc_marker (rsrc, rsrc.type_offset + k * 8) ; + + if (marker == STR_MARKER) + { rsrc.str_index = k ; diff -Nru libsndfile-1.0.25/debian/patches/series libsndfile-1.0.25/debian/patches/series --- libsndfile-1.0.25/debian/patches/series 2014-01-29 19:43:08.0 + +++ libsndfile-1.0.25/debian/patches/series 2015-01-06 01:19:14.0 + @@ -1,2 +1,3 @@ 00lossy_comp_test-overflow.diff 01_sd2_rsrc_segfault.diff +CVE-2014-9496.patch ---End Message--- ---BeginMessage--- On Sat, 2015-01-31 at 16:48 -0500, Michael Gilbert wrote: Please consider unblocking libsndfile. It fixes buffer overrun issues (bug #774162). Unblocked. Regards, Adam---End Message---
Processed (with 1 errors): Re: Bug#776781: wheezy-pu: package libdatetime-timezone-perl/1:1.58-1+2015a
Processing control commands: tags -1 + confimred Unknown tag/s: confimred. Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid help security upstream pending sarge sarge-ignore experimental d-i confirmed ipv6 lfs fixed-in-experimental fixed-upstream l10n newcomer etch etch-ignore lenny lenny-ignore squeeze squeeze-ignore wheezy wheezy-ignore jessie jessie-ignore stretch stretch-ignore buster buster-ignore. Bug #776781 [release.debian.org] wheezy-pu: package libdatetime-timezone-perl/1:1.58-1+2015a Requested to add no tags; doing nothing. -- 776781: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776781 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.b776781.142281090327363.transcr...@bugs.debian.org
Bug#776734: pu: package spamassassin/3.3.2-5+deb7u3
Control: tags -1 + confirmed wheezy On Sat, 2015-01-31 at 17:07 -0500, Noah Meyerhans wrote: The ruleset bundled with the spamassassin packages in stable contains a reference to a DNS blacklist that is no longer in operation and is answering yes to all queries. This has the effect of elevating a message's spam score and increasing the risk of false positives. Please go ahead. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1422811212.14650.8.ca...@adam-barratt.org.uk
Bug#776781: wheezy-pu: package libdatetime-timezone-perl/1:1.58-1+2015a
Package: release.debian.org Severity: normal Tags: wheezy User: release.debian@packages.debian.org Usertags: pu -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I think we might want to get a new libdatetime-timezone-perl into wheezy, since there are chances to America/Cancun, effective today; either into the next point release or into stable-updates. I've prepared 1:1.58-1+2015a in git, which as usual adds the changes to the Olson db 2015a as a quilt patch. I'm attaching a manually tripped down debdiff. Changelog: libdatetime-timezone-perl (1:1.58-1+2015a) UNRELEASED; urgency=medium * Update to version 2015a of the Olson database. -- gregor herrmann gre...@debian.org Sun, 01 Feb 2015 17:36:15 +0100 Thanks in advance, gregor -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQJ8BAEBCgBmBQJUzlniXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREMUUxMzE2RTkzQTc2MEE4MTA0RDg1RkFC QjNBNjgwMTg2NDlBQTA2AAoJELs6aAGGSaoGvGAQALD7MUy4vGmrQDXgZQeGESMt HBKAppGjT2t7BYaxdjTI8hIrhGkQw/AtWx9jfqmLmaOizqBgn6ESyVsYmJwU606l WD1PFGzu9A7zodb7wsaedSa5TpuD7NYqHnZWVXRkZjwVCzAI3V+1/fjNRTAziRWg /23aysLAsJ0FAGT4YNmqWGyu4LWnkevu6JaB4XfoKqa8iCcHSeEJgc7Tz0GmwOge 3phE9nMpdhJEh3VlozPCwbA/U+5glBsR0GQO5bWwdL/o8vB6xVRsPdoUAuZJUTt4 3TIWGN+7DapT5FF5y7FFw6JUEQM03svWpFgFXfKmoXhKm43Mt/wnHx6UvEq3huHN zGjgdsCbIYWvjsLgjVpLqvLHTUig7p5BohJ1keQ7vnbneTVR4RgdoUm/E72Aw0eq N8t6+wJBY5fEV2k4ZfztdtPpwPofR/etR51PoHW3GOiVq5oi2ZuYk6wZ8ObWZ4RU V52SQyD2jkwb8FiZn3qTcAnrphCXWD+505voQb2swO8qRPHN/tHx5XiSB3IJMibN rBhLfl0wMXArqOqvWJqvAKLkAa+2zjgHKztnTAWlEUh7ZkgjO5HGL3NbCaknfQHD q4SqG3I1iNMk4PN14sxsDwOX30Nag0pYfqA9zUOAsD672u6h1nv1GiFqNfDrlb53 RYYfA0G+JZ/1d8/tGJDO =v1qZ -END PGP SIGNATURE- diff -Nru libdatetime-timezone-perl-1.58/debian/changelog libdatetime-timezone-perl-1.58/debian/changelog --- libdatetime-timezone-perl-1.58/debian/changelog 2015-01-01 18:42:57.0 +0100 +++ libdatetime-timezone-perl-1.58/debian/changelog 2015-02-01 17:36:44.0 +0100 @@ -1,3 +1,9 @@ +libdatetime-timezone-perl (1:1.58-1+2015a) UNRELEASED; urgency=medium + + * Update to version 2015a of the Olson database. + + -- gregor herrmann gre...@debian.org Sun, 01 Feb 2015 17:36:15 +0100 + libdatetime-timezone-perl (1:1.58-1+2014j) stable-proposed-updates; urgency=medium * Update to version(s 2014i and) 2014j of the Olson database. diff -Nru libdatetime-timezone-perl-1.58/debian/patches/olson-2015a libdatetime-timezone-perl-1.58/debian/patches/olson-2015a --- libdatetime-timezone-perl-1.58/debian/patches/olson-2015a 1970-01-01 01:00:00.0 +0100 +++ libdatetime-timezone-perl-1.58/debian/patches/olson-2015a 2015-02-01 17:36:44.0 +0100 @@ -0,0 +1,11772 @@ +--- a/lib/DateTime/TimeZone/Africa/Abidjan.pm b/lib/DateTime/TimeZone/Africa/Abidjan.pm +@@ -3,7 +3,7 @@ + # DateTime::TimeZone module distribution in the tools/ directory + + # +-# Generated from debian/tzdata/africa. Olson data version 2014j ++# Generated from debian/tzdata/africa. Olson data version 2015a + # + # Do not edit this file directly. + # +@@ -42,7 +42,7 @@ + ], + ]; + +-sub olson_version { '2014j' } ++sub olson_version { '2015a' } + + sub has_dst_changes { 0 } + +--- a/lib/DateTime/TimeZone/America/Cancun.pm b/lib/DateTime/TimeZone/America/Cancun.pm +@@ -3,7 +3,7 @@ + # DateTime::TimeZone module distribution in the tools/ directory + + # +-# Generated from debian/tzdata/northamerica. Olson data version 2014j ++# Generated from debian/tzdata/northamerica. Olson data version 2015a + # + # Do not edit this file directly. + # +@@ -393,225 +393,27 @@ + ], + [ + 6354999, #utc_start 2014-10-26 07:00:00 (Sun) +-63563904000, # utc_end 2015-04-05 08:00:00 (Sun) ++63558460800, # utc_end 2015-02-01 08:00:00 (Sun) + 63549968400, # local_start 2014-10-26 01:00:00 (Sun) +-63563882400, #local_end 2015-04-05 02:00:00 (Sun) ++63558439200, #local_end 2015-02-01 02:00:00 (Sun) + -21600, + 0, + 'CST', + ], + [ +-63563904000, #utc_start 2015-04-05 08:00:00 (Sun) +-63581439600, # utc_end 2015-10-25 07:00:00 (Sun) +-63563886000, # local_start 2015-04-05 03:00:00 (Sun) +-63581421600, #local_end 2015-10-25 02:00:00 (Sun) ++63558460800, #utc_start 2015-02-01 08:00:00 (Sun) ++DateTime::TimeZone::INFINITY, # utc_end ++63558442800, # local_start 2015-02-01 03:00:00 (Sun) ++DateTime::TimeZone::INFINITY, #local_end + -18000, +-1, +-'CDT', +-], +-[ +-63581439600, #utc_start 2015-10-25 07:00:00 (Sun) +-63595353600, # utc_end 2016-04-03 08:00:00 (Sun) +-63581418000, # local_start 2015-10-25 01:00:00 (Sun) +-63595332000, #local_end 2016-04-03 02:00:00 (Sun) +--21600, +-0, +-'CST', +-], +-[ +-63595353600, #utc_start 2016-04-03 08:00:00 (Sun) +-63613494000, # utc_end 2016-10-30 07:00:00 (Sun) +-63595335600, # local_start 2016-04-03 03:00:00 (Sun) +-63613476000, #local_end 2016-10-30 02:00:00 (Sun) +--18000, +-1, +-'CDT', +-], +-[
Bug#776723: unblock: winetricks/0.0+20141009+svn1208-2 (pre-approval)
Control: tags -1 + confirmed moreinfo On Sat, 2015-01-31 at 13:52 -0500, Joseph Bisch wrote: Hi, I am requesting an unblock with pre-approval. If granted, my sponsor will upload the new version of winetricks. This version of winetricks would fix a serious bug (#775439) which prevents the Visual C++ 2013 Runtime Libraries from being installed due to a sha1sum mismatch. I am specifically requesting an unblock for this sha1sum mismatch, because the Visual C++ Runtime Libraries are used by many programs that users may want to run using wine. Please go ahead, and remove the moreinfo tag once the package has been accepted. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1422811428.14650.10.ca...@adam-barratt.org.uk
Processed: Re: Bug#776723: unblock: winetricks/0.0+20141009+svn1208-2 (pre-approval)
Processing control commands: tags -1 + confirmed moreinfo Bug #776723 [release.debian.org] unblock: winetricks/0.0+20141009+svn1208-2 (pre-approval) Added tag(s) confirmed and moreinfo. -- 776723: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776723 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.b776723.14228114351317.transcr...@bugs.debian.org
Bug#776787: unblock: intel-microcode/3.20150121.1
Package: release.debian.org Severity: important User: release.debian@packages.debian.org Usertags: unblock Please unblock package intel-microcode Intel botched a microcode update in the 20150107 release, currently in Debian jessie (testing). This broken microcode update causes core hangs and boot issues on boxes with Intel Xeon E5v3 processors (Debian bug #776431). Updated packages were uploaded to Debian unstable a few days ago which fix the grave issue with the Xeon E5v3 microcode, as well as a very minor shell scripting issue found by ShellCheck. This upload was done by Paul Tagliamonte (also a Debian Developer) as I was unable to do it in a short timeframe due to an unfortunate hardware issue on my Debian build box. The new upstream microcode release (20150121) fixed the broken microcode update by reverting that specific microcode to an older release that had been previously distributed (in upstream 20140913). This older (known good) release of the Xeon E5v3 microcode was in Debian unstable/testing for four months, without any reported issues. The known-good microcode is currently in Debian stable. There were no other changes to the upstream microcode data file, just the revert of the problematic microcode update. Other Haswell-E based Intel processors with family 6, model 63, stepping 2 (such as hexa/octa-core Core i7 desktop parts) might also be affected by the broken microcode update, so it could hit desktop users as well, not just servers and workstations. This package update fixes Debian bug #776431 (severity grave). diffstat: changelog |6 debian/changelog | 18 debian/initramfs.hook |2 microcode-20150107.dat |41591 - microcode-20150121.dat |41591 + 5 files changed, 41615 insertions(+), 41593 deletions(-) Abridged debdiff attached (with the upstream microcode data file changes removed, for clarity). Thank you. unblock intel-microcode/3.20150121.1 -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh diff -Nru intel-microcode-3.20150107.1/changelog intel-microcode-3.20150121.1/changelog --- intel-microcode-3.20150107.1/changelog 2015-01-17 23:58:43.0 -0200 +++ intel-microcode-3.20150121.1/changelog 2015-01-29 20:57:13.0 -0200 @@ -1,8 +1,12 @@ +2015-01-21: + * Downgraded microcodes (to a previously shipped revision): +sig 0x000306f2, pf mask 0x6f, 2014-09-03, rev 0x0029, size 28672 + 2015-01-07: * New Microcodes: sig 0x000306d4, pf mask 0xc0, 2014-12-05, rev 0x0018, size 14336 - * Updated Microcodes: + * Updated Microcodes (this update is known to cause issues): sig 0x000306f2, pf mask 0x6f, 2014-11-21, rev 0x002d, size 28672 2014-09-13: diff -Nru intel-microcode-3.20150107.1/debian/changelog intel-microcode-3.20150121.1/debian/changelog --- intel-microcode-3.20150107.1/debian/changelog 2015-01-18 00:30:13.0 -0200 +++ intel-microcode-3.20150121.1/debian/changelog 2015-01-29 20:57:19.0 -0200 @@ -1,3 +1,21 @@ +intel-microcode (3.20150121.1) unstable; urgency=critical + + * New upstream microcode data file 20150121 +* Downgraded microcodes (to a previously shipped revision): + sig 0x000306f2, pf mask 0x6f, 2014-09-03, rev 0x0029, size 28672 +* The microcode downgrade fixes a very nasty regression on Xeon E5v3 + processors (closes: #776431) + * critical urgency: the broken sig 0x306f2, rev 0x2b microcode shipped +in release 20150107 caused CPU core hangs and Linux boot failures. +The upstream fix was to downgrade it to the same microcode revision +that was shipped in release 20140913 + * source: remove superseded upstream data file: 20150107. + * initramfs.hook: do not mix arrays and lists. +Avoid echo foo $@, use echo foo $* instead. This is unlikely +to be expĺoitable, but it makes ShellCheck happier. + + -- Henrique de Moraes Holschuh h...@debian.org Wed, 28 Jan 2015 20:03:20 -0200 + intel-microcode (3.20150107.1) unstable; urgency=high * New upstream microcode data file 20150107 diff -Nru intel-microcode-3.20150107.1/debian/initramfs.hook intel-microcode-3.20150121.1/debian/initramfs.hook --- intel-microcode-3.20150107.1/debian/initramfs.hook 2015-01-17 23:58:33.0 -0200 +++ intel-microcode-3.20150121.1/debian/initramfs.hook 2015-01-29 20:57:13.0 -0200 @@ -29,7 +29,7 @@ verbose() { if [ ${verbose} = y ] ; then - echo intel-microcode: $@ + echo intel-microcode: $* fi : } diff -Nru intel-microcode-3.20150107.1/microcode-20150107.dat intel-microcode-3.20150121.1/microcode-20150107.dat diff -Nru intel-microcode-3.20150107.1/microcode-20150121.dat intel-microcode-3.20150121.1/microcode-20150121.dat
Bug#776021: unblock: cryptsetup/2:1.6.6-5
Hi again, Am 29.01.2015 um 22:51 schrieb Jonas Meurer: Hi, Am 29.01.2015 um 19:26 schrieb Cyril Brulebois: Niels Thykier ni...@thykier.net (2015-01-29): Ack from RT, adding KiBi to CC for a d-i ack. Why isn't the BTS updated with the information contained in the unblock request? It'd be very helpful to avoid having incorrect or insufficient information in the BTS, if at all to avoid wasted efforts… I'm sorry for that. As I tried to explain in the unblock request, bugreport #773456 was not exactly about the critical problem I introduced with 2:1.6.6-4. But I should have opened an RC bug myself before doing the upload to make this more clear to you. I apologize for not doing that. Now it's clear to me that this would be the correct way to go, especially in that phase of release freeze - and that I would have saved some hassle on your side that way. Since we have this: cryptsetup-udeb: /lib/cryptsetup/cryptdisks.functions I'm going to ask whether anyone has tested this new cryptsetup in a d-i context to make sure the fix isn't triggering more fun elsewhere… Failing at least basic testing, I'm not exactly excited with a quick migration to testing. It's a one-line fix for the init scripts. cryptdisks.functions is sourced by the init scripts and by crypdisks_st{art,op}, it's not used anywhere else. I cannot imagine any interference with debian-installer. Actually the only relevant change is that the precheck for a ubuntu-specific upstart initscript changed from invoke-rc.d --quiet cryptdisks-udev status ... to [ -x /sbin/status ] ... The one-character change following in the grep regex is only relevant to upstart-based ubuntu systems anyway. But if you want me to, I could do basic testing. I guess that testing the daily-built images from sid would be the right thing in that case? I did some d-i testing today and for me everything worked as expected. I used the d-i images from http://cdimage.debian.org/cdimage/daily-builds/sid_d-i/current/amd64/iso-cd/ which uses cryptsetup 2:1.6.6-5 udebs. Cheers, jonas -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54ce6ff8.90...@freesources.org
Bug#776781: wheezy-pu: package libdatetime-timezone-perl/1:1.58-1+2015a
Control: tags -1 + confimred On Sun, 2015-02-01 at 17:52 +0100, gregor herrmann wrote: I think we might want to get a new libdatetime-timezone-perl into wheezy, since there are chances to America/Cancun, effective today; either into the next point release or into stable-updates. Indeed, I had pondered that when the tzdata upload was mentioned earlier today. Please go ahead, thanks. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1422810895.14650.6.ca...@adam-barratt.org.uk
Bug#776777: unblock: libdatetime-timezone-perl/1:1.75-2+2015a
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Please unblock package libdatetime-timezone-perl. 1:1.75-2+2015a includes the update to Olson db 2015a, as usual as a quilt patch which only touches the .pm files containing the timezone information. I'm attaching a manually stripped down debdiff. Changelog: libdatetime-timezone-perl (1:1.75-2+2015a) unstable; urgency=high * Update to Olson database version 2015a. Add patch debian/patches/olson-2015a, which updates the timezone *.pm files, using upstream's tools/parse_olson script. * Set urgency to high. A change for America/Cancun becomes effective today. -- gregor herrmann gre...@debian.org Sun, 01 Feb 2015 17:15:22 +0100 Thanks, gregor unblock libdatetime-timezone-perl/1:1.75-2+2015a -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQJ8BAEBCgBmBQJUzlPVXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREMUUxMzE2RTkzQTc2MEE4MTA0RDg1RkFC QjNBNjgwMTg2NDlBQTA2AAoJELs6aAGGSaoG7iMQAL3OnxT+TVuqiOWydbWMv20n RFrNp1FqkVbC4ezSVG5DZwkByPtKSfWK4fjN8eoxhXQ72PpUla7FB1+V1J1w0/ma WBCu7GUJ6YwQRCi2Wj9GwME8qjxyihfyqbgW0vz6QQBoBunIhRhnsJuWlylWdKYo vGLAhhYd6tFqJ4iW6daYTXp48SvThviDPZihECXYb8YGjPnFSA3UJZ3yJD5I4goD UgT38FzgCvuIAXPdOTG2SSn/LtcYf7VJToQr+Jn6qVNlqG9GH4fOK9zPIf7qzTiT PIzok1sr3NS8lFg3GN9WbQ8S3tsRrFY6NFFZcOdwfuiQmWsgn5NE9/yiMCxSUnXG DrBXI1SePPhBv88P5Gu19/nN1gVkreLTpTrEoLYvqw77yMEvL6sz5mVfoBp0Z40M e/rKFGprsOJbECs9Ejz5ptxA30Aplm96mj1E2/j+OStabcDTghHhk16c/xUdY9qv FG3EqcdYUXUbnAYhKQOEHA3QTFenPPNcj1yhdz2ArgY1naRztCunxFiV2oqln9rY ILqP+v063cd1HXAwO83cN9wrwgqSYHw/y0/GIo/vCmy0+EHs87fPUIko3DQn1Dap WQ/GVEmTsKm9VWVMrXBUpCCYoxkj8A2q3ZTKu2zjN+qJEraDMAIlbQp0G9Ticqtd XKMnGc5meSa53+d2Rt5z =5FOC -END PGP SIGNATURE- diff -Nru libdatetime-timezone-perl-1.75/debian/changelog libdatetime-timezone-perl-1.75/debian/changelog --- libdatetime-timezone-perl-1.75/debian/changelog 2014-11-13 15:18:56.0 +0100 +++ libdatetime-timezone-perl-1.75/debian/changelog 2015-02-01 17:17:15.0 +0100 @@ -1,3 +1,13 @@ +libdatetime-timezone-perl (1:1.75-2+2015a) unstable; urgency=high + + * Update to Olson database version 2015a. +Add patch debian/patches/olson-2015a, which updates the timezone *.pm +files, using upstream's tools/parse_olson script. + * Set urgency to high. +A change for America/Cancun becomes effective today. + + -- gregor herrmann gre...@debian.org Sun, 01 Feb 2015 17:15:22 +0100 + libdatetime-timezone-perl (1:1.75-2+2014j) unstable; urgency=high * Update to Olson database version 2014j. diff -Nru libdatetime-timezone-perl-1.75/debian/patches/olson-2015a libdatetime-timezone-perl-1.75/debian/patches/olson-2015a --- libdatetime-timezone-perl-1.75/debian/patches/olson-2015a 1970-01-01 01:00:00.0 +0100 +++ libdatetime-timezone-perl-1.75/debian/patches/olson-2015a 2015-02-01 17:17:15.0 +0100 @@ -0,0 +1,16039 @@ +Description: update to olson db 2015a +Origin: vendor +Author: gregor herrmann gre...@debian.org +Last-Update: 2015-02-01 + +--- a/lib/DateTime/TimeZone/Africa/Abidjan.pm b/lib/DateTime/TimeZone/Africa/Abidjan.pm +@@ -3,7 +3,7 @@ + # DateTime::TimeZone module distribution in the tools/ directory + + # +-# Generated from debian/tzdata/africa. Olson data version 2014j ++# Generated from debian/tzdata/africa. Olson data version 2015a + # + # Do not edit this file directly. + # +@@ -39,11 +39,11 @@ + ], + ]; + +-sub olson_version { '2014j' } ++sub olson_version { '2015a' } + + sub has_dst_changes { 0 } + +-sub _max_year { 2024 } ++sub _max_year { 2025 } + + sub _new_instance + { +--- a/lib/DateTime/TimeZone/America/Cancun.pm b/lib/DateTime/TimeZone/America/Cancun.pm +@@ -3,7 +3,7 @@ + # DateTime::TimeZone module distribution in the tools/ directory + + # +-# Generated from debian/tzdata/northamerica. Olson data version 2014j ++# Generated from debian/tzdata/northamerica. Olson data version 2015a + # + # Do not edit this file directly. + # +@@ -390,283 +390,35 @@ + ], + [ + 6354999, #utc_start 2014-10-26 07:00:00 (Sun) +-63563904000, # utc_end 2015-04-05 08:00:00 (Sun) ++63558460800, # utc_end 2015-02-01 08:00:00 (Sun) + 63549968400, # local_start 2014-10-26 01:00:00 (Sun) +-63563882400, #local_end 2015-04-05 02:00:00 (Sun) ++63558439200, #local_end 2015-02-01 02:00:00 (Sun) + -21600, + 0, + 'CST', + ], + [ +-63563904000, #utc_start 2015-04-05 08:00:00 (Sun) +-63581439600, # utc_end 2015-10-25 07:00:00 (Sun) +-63563886000, # local_start 2015-04-05 03:00:00 (Sun) +-63581421600, #local_end 2015-10-25 02:00:00 (Sun) ++63558460800, #utc_start 2015-02-01 08:00:00 (Sun) ++DateTime::TimeZone::INFINITY, # utc_end ++63558442800, # local_start 2015-02-01 03:00:00 (Sun) ++DateTime::TimeZone::INFINITY, #local_end + -18000, +-1, +-'CDT', +-], +-[ +-63581439600, #utc_start 2015-10-25
Bug#776748: (pre-approval) unblock: libxml2/2.9.1+dfsg1-5 (via t-p-u)
Control: tags -1 + moreinfo On Sun, 2015-02-01 at 16:24 +0800, Aron Xu wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock jessie-pu The -pu tags are for stable updates, rather than tpu. libxml2 in Jessie has CVE-2014-3600 pending to be addressed and this update includes the related regression fix as well. Also, I would like to apply some more upstream memory related patches from 2.9.2, mostly NULL checks, because there are quite a lot deeper issues hiding in libxml2's code base and those fixes shall be deemed beneficial to our support cycle. The changes to patches that haven't materially changed are quite noisy, given the amount of actual changes. +libxml2 (2.9.1+dfsg1-5) testing; urgency=medium + + * Add pkg-config to B-D + * Use -O3 for normal builds Could you expand on the rationale for introducing those now? Particularly as neither appears to be mentioned in the changelogs for the uploads to unstable. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1422810803.14650.5.ca...@adam-barratt.org.uk
Bug#776721: unblock: lftp/4.6.0-1+deb8u1
Control: tags -1 + moreinfo On Sat, 2015-01-31 at 19:36 +0100, Noël Köthe wrote: Please unblock package lftp lftp in jessie/testing accepts adds ssh host keys (fish/sftp) hardcoded. This is fixed by the upstream patch. As far as I can see, that patch is not yet in unstable. In general, where an issue affects both unstable and testing, it should be fixed in unstable first and then in testing, either directly or via t-p-u; new fixes should not be initially added directly via t-p-u. Please remove the moreinfo tag once the upload to unstable has occurred. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1422811935.14650.14.ca...@adam-barratt.org.uk
Processed: tagging 776781
Processing commands for cont...@bugs.debian.org: tags 776781 + confirmed Bug #776781 [release.debian.org] wheezy-pu: package libdatetime-timezone-perl/1:1.58-1+2015a Added tag(s) confirmed. thanks Stopping processing here. Please contact me if you need assistance. -- 776781: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776781 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.c.14228119757527.transcr...@bugs.debian.org
Processed: Re: Bug#776721: unblock: lftp/4.6.0-1+deb8u1
Processing control commands: tags -1 + moreinfo Bug #776721 [release.debian.org] unblock: lftp/4.6.0-1+deb8u1 Added tag(s) moreinfo. -- 776721: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776721 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.b776721.14228119437313.transcr...@bugs.debian.org
Bug#776799: unblock: systemd/215-11
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock systemd 215-11 hit unstable three days ago with some important/safe fixes. So far there have been no regression reports. I attach the full debdiff between 215-10 and -11, but as usual I also link to the individual commits on anonscm. Note that there are zero changes for udev and hence the udebs (for d-i). Annotated changelog: | [ Martin Pitt ] | * escape-beef-up-new-systemd-escape-tool.patch: Avoid creating a danling | symlink, to work around regression in recent patch (see #776257). That's an RC bug in patch, but easily worked around in systemd, so that we can actually upload new versions until it gets fixed. patch still needs to be fixed properly to unbreak glibc and a bunch of other affected packages, of course. http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?id=492416 Sorry for the typo in the changelog! (Fixed in git). | * Order ifup@.service and networking.service after network-pre.target. | (Closes: #766938) network-pre.target in Debian's shipped units only occurs in one package [1]; so this will make no practical difference on most systems, but will make ifup@.service actually behave according to documentation and fix pyroman's startup order to really start the firewall before bringing up network interfaces. http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?id=b29acf [1] http://codesearch.debian.net/results/network-pre.target | * Tone down Network interface NamePolicy= disabled on kernel commandline, | ignoring info message to debug, as we expect this while we disable | net.ifnames by default. (Closes: #762101, LP: #1411992) Confusing, and trivial. http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?id=9cc4d0745 | * logind: handle closing sessions over daemon restarts. (Closes: #759515, | LP: #1415104) This is admittedly a bit intrusive, but still relatively straightforward; I'm happy to answer further questions about it. I've heard this error (also on Ubuntu) from a lot of users by now, and it essentially breaks your running desktop sessions on installing package upgrades so I'd really like to fix this for Jessie. I have tested it fairly thoroughly. If you object or have doubts, I'm ok with backing this out again in -12. http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?id=37ce19d | * logind: Fix sd_eviocrevoke ioctl call, to make forced input device release | after log out actually work. This is quite an obvious fix of the ioctl; calling this security is a stretch as we don't really use this feature in Debian yet. But it's an interesting thing if you have a multi-seat system and use Wayland instead of X. Again, if you object I'd be okay with backing this out if you object. http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?id=2d0f077 | * debian/patches/series: Move upstreamed patches into the appropriate | section. No actual run-time effect, this just clarifies the status of our patches. http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?id=0d5964 | [ Michael Biebl ] | * Make sure we run debian-fixup.service after /var has been mounted if /var | is on a separate partition. Otherwise we might end up creating the | /var/lock and /var/run symlink in the underlying root filesystem. | (Closes: #768644) http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?id=a09ebde9 Trivial and obvious fix; that bug can break your system pretty badly if you hit the race. Thanks for considering! Martin unblock systemd/215-11 -- Martin Pitt| http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) signature.asc Description: Digital signature
Bug#773796: wheezy-pu: package mercurial/2.2.2-4
On Fri, Jan 02, 2015 at 08:49:31PM +, Adam D. Barratt wrote: Control: tags -1 +confirmed -moreinfo On Tue, 2014-12-23 at 15:24 +, Adam D. Barratt wrote: On 2014-12-23 14:55, Javi Merino wrote: On Tue, Dec 23, 2014 at 01:20:10PM +, Adam D. Barratt wrote: The patches look okay, but it appears that this hasn't been fixed in unstable yet. Is that correct? If so then we generally prefer to get unstable fixed first, so that the changes can get some testing there. That's correct, I'm preparing an upload for jessie. If I upload the same fix to unstable, it would be unblocked? I'd be inclined to do so assuming it was in the near future, yes. Please file a separate unblock bug for that. That happened now, so please feel free to go ahead with the p-u upload (bearing in mind that the window for getting fixes in to the 7.8 point release closes during this weekend). Sorry, it fell through the cracks. I've uploaded it now, better late than never. Cheers, Javi signature.asc Description: Digital signature
Bug#774737: unblock: libjpeg9/1:9a-2
On Fri, Jan 23, 2015 at 08:02:38AM +0100, Niels Thykier wrote: I am afraid I do not see how removing libjpeg9 from testing is inconsistent with the tech-ctte decision. You need to reread the full decision in context. The very first item of their resolution text states that: 1. [...] The release team does not want to have more than one libjpeg implementation. This is in the Whereas part, not in the Therefore. Thus this is what the release team want, but not necessarily what the TC has decided. Then further down, they follow up with: 10. The Technical Committee resolves that libjpeg-turbo should become the libjpeg implementation in Debian, [...] And this is the case now. However the TC did not say all other libjpeg implementations need to be removed from testing. Indeed wheezy includes both libjpeg6b and libjpeg8 so there is a precedent for that. At the very least it is customary to provide old libraries in the next release as part of the oldlibs section. Then the TC gives a detailed view fo what should happens: 12. Implementing the decision in 10 above will require removing Provides: libjpeg-dev from libjpeg8, since such a virtual package must be provided by only one real package at a time. Therefore the Provides should be removed from the libjpeg8 package - in accordance with the transition plan - notwithstanding the libjpeg8 maintainer's preference that libjpeg8 should remain as the default libjpeg. This change should be made by the libjpeg8 maintainer; if the change is not made within a reasonable time it should be done in an NMU by the libjpeg-turbo maintainer. This is an unambiguous statement that they only intent the Provides: libjpeg-dev of libjpeg8 to be removed and not the whole package, otherwise they would have stated it directly (in particular since removing libjpeg8 automatically remove the Provides making it a non-issue). The text shows they anticipate the existence of multiple 'real libjpeg*-dev packages' but only one providing libjpeg-dev. And in any case, the release team never communicated to me their intent to remove libjpeg6b, libjpeg8 and libjpeg9 from jessie. I only learned about it in January from the archive notification. And so far no rationale has been given. Cheers, -- Bill. ballo...@debian.org Imagine a large red swirl here. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150201230435.GA4545@yellowpig
Bug#776803: unblock: nova/2014.1.3-10
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, This is a one liner fix so that the administrative credential of Neutron inside nova.conf are really applied correctly. The issue was that the function taking care of it was never called. Debdiff attached. Please unblock nova/2014.1.3-10. Cheers, Thomas Goirand (zigo) diff -Nru nova-2014.1.3/debian/changelog nova-2014.1.3/debian/changelog --- nova-2014.1.3/debian/changelog 2015-01-08 16:07:07.0 + +++ nova-2014.1.3/debian/changelog 2015-02-01 16:04:06.0 + @@ -1,3 +1,10 @@ +nova (2014.1.3-10) unstable; urgency=medium + + * Now calling read_neutron_config() in the postinst, for some reason, it was +never called. + + -- Thomas Goirand z...@debian.org Sun, 01 Feb 2015 17:03:39 +0100 + nova (2014.1.3-9) unstable; urgency=medium * Rebuilt with openstack-pkg-tools (= 22~): starts daemons on first install. diff -Nru nova-2014.1.3/debian/nova-common.postinst.in nova-2014.1.3/debian/nova-common.postinst.in --- nova-2014.1.3/debian/nova-common.postinst.in 2015-01-08 16:07:07.0 + +++ nova-2014.1.3/debian/nova-common.postinst.in 2015-02-01 16:04:06.0 + @@ -81,6 +81,8 @@ manage_nova_my_ip_field manage_keystone_auth_fields + read_neutron_config + # Needed, because in some cases, it's owned by root:root, # which makes the nova-manage db sync fail. touch /var/log/nova/nova-manage.log
Bug#776748: (pre-approval) unblock: libxml2/2.9.1+dfsg1-5 (via t-p-u)
On Mon, Feb 2, 2015 at 1:13 AM, Adam D. Barratt a...@adam-barratt.org.uk wrote: Control: tags -1 + moreinfo On Sun, 2015-02-01 at 16:24 +0800, Aron Xu wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock jessie-pu The -pu tags are for stable updates, rather than tpu. I see, thanks. libxml2 in Jessie has CVE-2014-3600 pending to be addressed and this update includes the related regression fix as well. Also, I would like to apply some more upstream memory related patches from 2.9.2, mostly NULL checks, because there are quite a lot deeper issues hiding in libxml2's code base and those fixes shall be deemed beneficial to our support cycle. The changes to patches that haven't materially changed are quite noisy, given the amount of actual changes. +libxml2 (2.9.1+dfsg1-5) testing; urgency=medium + + * Add pkg-config to B-D + * Use -O3 for normal builds Could you expand on the rationale for introducing those now? Particularly as neither appears to be mentioned in the changelogs for the uploads to unstable. These are directly picked from the 2.9.2 upload, which stuck for RC bug. At that time the change was quite big (major release) so those aren't documented in very detail but are in the git for quite some time. Regards, Aron -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CAMr=8w5JspY+O=+ov3lo18aqe759zkjmk0mcgumoh0pdc-2...@mail.gmail.com