NEW changes in stable-new

2016-03-19 Thread Debian FTP Masters 
Processing changes file: 
cinnamon-settings-daemon_2.2.4.repack-7+deb8u1_arm64.changes
  ACCEPT
Processing changes file: 
cinnamon-settings-daemon_2.2.4.repack-7+deb8u1_mips.changes
  ACCEPT

NEW changes in stable-new

2016-03-19 Thread Debian FTP Masters 
Processing changes file: 
cinnamon-settings-daemon_2.2.4.repack-7+deb8u1_armel.changes
  ACCEPT
Processing changes file: 
cinnamon-settings-daemon_2.2.4.repack-7+deb8u1_armhf.changes
  ACCEPT
Processing changes file: 
cinnamon-settings-daemon_2.2.4.repack-7+deb8u1_mipsel.changes
  ACCEPT
Processing changes file: 
cinnamon-settings-daemon_2.2.4.repack-7+deb8u1_s390x.changes
  ACCEPT

NEW changes in stable-new

2016-03-19 Thread Debian FTP Masters 
Processing changes file: 
cinnamon-settings-daemon_2.2.4.repack-7+deb8u1_i386.changes
  ACCEPT
Processing changes file: 
cinnamon-settings-daemon_2.2.4.repack-7+deb8u1_powerpc.changes
  ACCEPT

Bug#818104: Possible MBF: Packages depending on iceweasel but not firefox/firefox-esr

2016-03-19 Thread David Prévot 
Le 18/03/2016 18:06, Josh Triplett a écrit :

> I would suggest that Firefox addon packages should depend on "firefox |
> firefox-esr"

Most of those packages are mozilla-devscripts for the build and just
need to be rebuilt to get fixed. Even if our infrastructure has all the
needed tools to binNMU all of them as a proper transition, some
limitations on the way arch:all binNMU are handled currently prevents us
from having most of them already fixed, see #818104.

What is currently needed if the arch:all binNMU doesn’t get fixed, is
“just” to upload all of them. I’m currently dragged into doing that for
hundred of PHP classes packages because of this no arch:all binNMU
limitation, so I hope someone else from the Debian Mozilla Extension
Maintainers could take the lead on it (new members are welcome ;).

Regards

David



signature.asc
Description: OpenPGP digital signature

Bug#818615: jessie-pu: package gtk+2.0

2016-03-19 Thread Adam D. Barratt 
Control: tags -1 + moreinfo

On Fri, 2016-03-18 at 19:33 +0100, Moritz Muehlenhoff wrote:
> I'd like to fix a security issue in GTK, which doesn't really warrant
> a DSA. Debdiff below, I've been running this on my jessie
> workstation for a day now.
> 
> Cheers,
> Moritz
> 
> diff -Nru gtk+2.0-2.24.25/debian/changelog gtk+2.0-2.24.25/debian/changelog
> --- gtk+2.0-2.24.25/debian/changelog  2015-03-03 19:39:59.0 +0100
> +++ gtk+2.0-2.24.25/debian/changelog  2016-03-17 23:20:16.0 +0100
> @@ -1,3 +1,9 @@
> +gtk+2.0 (2.24.25-3+deb8u1) jessie; urgency=medium
> +
> +  * CVE-2013-7447 (Closes: #799275)

The Security Tracker suggests that this isn't fixed in the version of
gtk+2.0 in unstable; is that correct?

Regards,

Adam

Re: Qt and OpenSSL transition metadata in relation to Mumble package

2016-03-19 Thread Chris Knadle 
Emilio Pozuelo Monfort:
> On 19/03/16 19:23, Chris Knadle wrote:
>> Greetings.
>>
>> Executive summary:
>> I'd like to know if there is metadata that can be added to the Qt4 and Qt5
>> packages (qt4-x11 and qtbase-opensource-src) which will indicate that they
>> need to be binNMUed for OpenSSL transitions at nearly the same time that
>> Mumble gets binNMUed.
[...]
>> Is this possible?
> 
> There's no way to express that kind of relationship. Not unless you get into
> complex territory which isn't really worth it in this case. Normally binNMUs
> are scheduled at the same time, so in theory this shouldn't be such a big
> issue. And it would only affect unstable users, only for a short amount of
> time.

Ehhh... okay.  The last OpenSSL binNMU had an 11-day difference between
Mumble getting rebuilt and qt4-x11 being rebuilt in Sid.  That's a short
time in release terms, but a long time in terms of users finding Mumble
broken and waiting for it to be fixed.

Either way I have my answer.  Thank you very much.

   -- Chris

-- 
Chris Knadle
chris.kna...@coredump.us

Bug#784679: jessie-pu: package rdesktop/1.8.2-3+deb8u1

2016-03-19 Thread Adam D. Barratt 
Control: tags -1 + pending

On Mon, 2016-03-14 at 21:16 +0100, László Böszörményi wrote:
> On Mon, Mar 14, 2016 at 7:29 PM, Julien Cristau  wrote:
> > On Mon, Mar 14, 2016 at 14:30:43 +0100, László Böszörményi wrote:
> >>  It's fallen through the cracks. :-( If it's still allowed, I'd like
> >> to upload it.
> >>
> > Sure.
>  Thanks, uploaded.

Flagged for acceptance.

Regards,

Adam

Bug#818615: jessie-pu: package gtk+2.0

2016-03-19 Thread Moritz Muehlenhoff 
Package: release.debian.org
Severity: normal

Hi,
I'd like to fix a security issue in GTK, which doesn't really warrant
a DSA. Debdiff below, I've been running this on my jessie
workstation for a day now.

Cheers,
Moritz

diff -Nru gtk+2.0-2.24.25/debian/changelog gtk+2.0-2.24.25/debian/changelog
--- gtk+2.0-2.24.25/debian/changelog2015-03-03 19:39:59.0 +0100
+++ gtk+2.0-2.24.25/debian/changelog2016-03-17 23:20:16.0 +0100
@@ -1,3 +1,9 @@
+gtk+2.0 (2.24.25-3+deb8u1) jessie; urgency=medium
+
+  * CVE-2013-7447 (Closes: #799275)
+
+ -- Moritz M�hlenhoff   Thu, 17 Mar 2016 00:17:18 +0100
+
 gtk+2.0 (2.24.25-3) unstable; urgency=medium
 
   * 0002-gdk-Fix-GdkWindowFilter-internal-refcounting.patch
diff -Nru gtk+2.0-2.24.25/debian/patches/099_CVE-2013-7447.patch 
gtk+2.0-2.24.25/debian/patches/099_CVE-2013-7447.patch
--- gtk+2.0-2.24.25/debian/patches/099_CVE-2013-7447.patch  1970-01-01 
01:00:00.0 +0100
+++ gtk+2.0-2.24.25/debian/patches/099_CVE-2013-7447.patch  2016-03-17 
23:15:42.0 +0100
@@ -0,0 +1,30 @@
+From 894b1ae76a32720f4bb3d39cf460402e3ce331d6 Mon Sep 17 00:00:00 2001
+From: Matthias Clasen 
+Date: Sat, 29 Jun 2013 22:06:54 -0400
+Subject: Avoid integer overflow
+
+Use g_malloc_n in gdk_cairo_set_source_pixbuf when allocating
+a large block of memory, to avoid integer overflow.
+
+Pointed out by Bert Massop in
+https://bugzilla.gnome.org/show_bug.cgi?id=703220
+---
+ gdk/gdkcairo.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gdk/gdkcairo.c b/gdk/gdkcairo.c
+index 19bed04..2e1d8dc 100644
+--- a/gdk/gdkcairo.c
 b/gdk/gdkcairo.c
+@@ -213,7 +213,7 @@ gdk_cairo_set_source_pixbuf (cairo_t *cr,
+ format = CAIRO_FORMAT_ARGB32;
+ 
+   cairo_stride = cairo_format_stride_for_width (format, width);
+-  cairo_pixels = g_malloc (height * cairo_stride);
++  cairo_pixels = g_malloc_n (height, cairo_stride);
+   surface = cairo_image_surface_create_for_data ((unsigned char 
*)cairo_pixels,
+  format,
+  width, height, cairo_stride);
+-- 
+cgit v0.12
+
diff -Nru gtk+2.0-2.24.25/debian/patches/series 
gtk+2.0-2.24.25/debian/patches/series
--- gtk+2.0-2.24.25/debian/patches/series   2015-03-03 19:36:04.0 
+0100
+++ gtk+2.0-2.24.25/debian/patches/series   2016-03-17 23:17:03.0 
+0100
@@ -14,3 +14,4 @@
 061_use_pdf_as_default_printing_standard.patch
 065_gir_set_packages.patch
 098_multiarch_module_path.patch
+099_CVE-2013-7447.patch

Bug#818532: jessie-pu: package libdatetime-timezone-perl/1.75-2+2016b

2016-03-19 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Thu, 2016-03-17 at 20:47 +0100, gregor herrmann wrote:
> I've prepared an update for libdatetime-timezone-perl in jessie with
> the data from the Olson db 2016b. As usual, the only change is a
> quilt patch which adjusts the pm files containing the timezone data.
> (Plus a typo fix in the changelog this time.)

Please go ahead.

Regards,

Adam

Bug#818483: marked as done (nmu: haskell-network-protocol-xmpp_0.4.8-2)

2016-03-19 Thread Debian Bug Tracking System 
Your message dated Fri, 18 Mar 2016 11:12:04 +0100
with message-id <56ebd474.4090...@debian.org>
and subject line Re: Bug#818483: nmu: haskell-network-protocol-xmpp_0.4.8-2
has caused the Debian Bug report #818483,
regarding nmu: haskell-network-protocol-xmpp_0.4.8-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
818483: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818483
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

in order to fix #814055 and #813078, and prevent auto-removal of
git-annex in testing, without waiting for the current Haskell
transition, I believe it should help to binNMU
haskell-network-protocol-xmpp in testing:

nmu haskell-network-protocol-xmpp_0.4.8-2 . ANY . stretch . -m "rebuild against 
libgnutls30"

Thanks,
Joachim

- -- System Information:
Debian Release: stretch/sid
  APT prefers buildd-unstable
  APT policy: (500, 'buildd-unstable'), (500, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.3.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iEYEARECAAYFAlbqwl0ACgkQ9ijrk0dDIGxXaQCgjolWPuNlRYGBsUCD3+8xG572
YlYAoKWu6krw/4yAwr6id0Q9AMkFsb6N
=jRoK
-END PGP SIGNATURE-
--- End Message ---
--- Begin Message ---
On 17/03/16 19:29, Emilio Pozuelo Monfort wrote:
> On 17/03/16 15:42, Joachim Breitner wrote:
>> in order to fix #814055 and #813078, and prevent auto-removal of
>> git-annex in testing, without waiting for the current Haskell
>> transition, I believe it should help to binNMU
>> haskell-network-protocol-xmpp in testing:
>>
>> nmu haskell-network-protocol-xmpp_0.4.8-2 . ANY . stretch . -m "rebuild 
>> against libgnutls30"
> 
> The only architecture still at 0.4.8-2 in unstable is mips64el which is not 
> in 
> testing, so that's not a problem.
> 
> Scheduled:
> 
> https://buildd.debian.org/status/package.php?p=haskell-network-protocol-xmpp=stretch
>  

And accepted:

libghc-network-protocol-xmpp-dev | 0.4.8-2+b1  | testing
 | amd64, arm64, armhf, i386, mips, mipsel, powerpc, ppc64el, s390x

Cheers,
Emilio--- End Message ---

Bug#818532: jessie-pu: package libdatetime-timezone-perl/1.75-2+2016b

2016-03-19 Thread gregor herrmann 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

I've prepared an update for libdatetime-timezone-perl in jessie with
the data from the Olson db 2016b. As usual, the only change is a
quilt patch which adjusts the pm files containing the timezone data.
(Plus a typo fix in the changelog this time.)

Manually stripped down debdiff attached.

Cheers,
gregor

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJW6wntXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREMUUxMzE2RTkzQTc2MEE4MTA0RDg1RkFC
QjNBNjgwMTg2NDlBQTA2AAoJELs6aAGGSaoGRHgP/jnZNENC7B4FdmlhzVlSn+AS
ONitgz+BOf0VgvYVlK9YSCIinyeed4cjuT5QTKoDShKtbesiNnRawkMl8wJ90dmT
ISceY4XCJyhtPJWWb7xq9Im6cHypFzX/D1NVPHlgt/nzhIgAa7ilf8jnhqDnt4uG
DI+Cspy8vLySpiXsdnSnN30rQJOL/GPeGkOpP9XW67vaMzATsf7wgxreAPeZoxiT
WWrSdjVzxNlezzDkzSAT6PS5F9c33SECEBhJQSg4viX9ezU3w4BxHJ1hCFrbS7Af
rTizspiOWkswl4Cb1JCWJ9TsWdO6RbdGcb/OcPoueT0IvxF1x3aHLaIkHu/lNKyV
NzJ17yyR35LqeEZFZgA+FVPJ1kiajQ+64dtKBg9gpR7x6PcTAaZ2lj0e4aqtCT7l
pnO2RH+QNH6T/ndwl88h4OqKGXnTL4GPqw4VmmNoqIXdo2frxO3O8381WvTAb3PQ
zBdtwt/Fmo3OFAD6Me7RXB9Bswhy/5PPYGbunRtgpme2hIWgnWOKtLc2ACI3tkd+
E0czGo9xtlwgZfKd+JymOaLja/6LaRsHl2E8bJr8uCIdXbqSSMASwfPnIBFh0jnh
SEE+6k6Fs2LuAUdB6CGrkVNWWoXOZXtZ7uf96I7QfgEUUkDcenFPhnAJLcvmyFUI
dEzPt2J2srCcdMfp7L/L
=sTXA
-END PGP SIGNATURE-
diff -Nru libdatetime-timezone-perl-1.75/debian/changelog libdatetime-timezone-perl-1.75/debian/changelog
--- libdatetime-timezone-perl-1.75/debian/changelog	2016-02-03 20:43:20.0 +0100
+++ libdatetime-timezone-perl-1.75/debian/changelog	2016-03-17 20:23:04.0 +0100
@@ -1,10 +1,22 @@
+libdatetime-timezone-perl (1:1.75-2+2016b) UNRELEASED; urgency=medium
+
+  * Update to Olson database version 2016b.
+Add patch debian/patches/olson-2016b, which updates the timezone *.pm
+files, using upstream's tools/parse_olson script.
+This update contains contemporary changes for Russia, Haiti, and
+Palestine.
+  * Fix spelling of Chita in the previous changelog entry.
+Thanks to Stepan Golosunov for the bug report. (Closes: #813631)
+
+ -- gregor herrmann   Thu, 17 Mar 2016 20:22:46 +0100
+
 libdatetime-timezone-perl (1:1.75-2+2016a) jessie; urgency=medium
 
   * Update to Olson database version 2016a.
 Add patch debian/patches/olson-2016a, which updates the timezone *.pm
 files, using upstream's tools/parse_olson script.
 This update contains contemporary changes for the Cayman Islands, Iran,
-and Chrita, Russia.
+and Chita, Russia.
 
  -- gregor herrmann   Wed, 03 Feb 2016 20:40:57 +0100
 
diff -Nru libdatetime-timezone-perl-1.75/debian/patches/olson-2016b libdatetime-timezone-perl-1.75/debian/patches/olson-2016b
--- libdatetime-timezone-perl-1.75/debian/patches/olson-2016b	1970-01-01 01:00:00.0 +0100
+++ libdatetime-timezone-perl-1.75/debian/patches/olson-2016b	2016-03-17 20:23:04.0 +0100
@@ -0,0 +1,13321 @@
+Description: update to olson db 2016b
+Origin: vendor
+Author: gregor herrmann 
+Last-Update: 2016-03-17
+
+--- a/lib/DateTime/TimeZone/Africa/Abidjan.pm
 b/lib/DateTime/TimeZone/Africa/Abidjan.pm
+@@ -3,7 +3,7 @@
+ # DateTime::TimeZone module distribution in the tools/ directory
+ 
+ #
+-# Generated from debian/tzdata/africa.  Olson data version 2016a
++# Generated from debian/tzdata/africa.  Olson data version 2016b
+ #
+ # Do not edit this file directly.
+ #
+@@ -39,7 +39,7 @@
+ ],
+ ];
+ 
+-sub olson_version { '2016a' }
++sub olson_version { '2016b' }
+ 
+ sub has_dst_changes { 0 }
+ 
+--- a/lib/DateTime/TimeZone/Catalog.pm
 b/lib/DateTime/TimeZone/Catalog.pm
+@@ -179,6 +179,7 @@
+   Asia/Baghdad
+   Asia/Baku
+   Asia/Bangkok
++  Asia/Barnaul
+   Asia/Beirut
+   Asia/Bishkek
+   Asia/Brunei
+@@ -270,6 +271,7 @@
+   EST5EDT
+   Europe/Amsterdam
+   Europe/Andorra
++  Europe/Astrakhan
+   Europe/Athens
+   Europe/Belgrade
+   Europe/Berlin
+@@ -303,6 +305,7 @@
+   Europe/Stockholm
+   Europe/Tallinn
+   Europe/Tirane
++  Europe/Ulyanovsk
+   Europe/Uzhgorod
+   Europe/Vienna
+   Europe/Vilnius
+@@ -551,6 +554,7 @@
+ Baghdad
+ Baku
+ Bangkok
++Barnaul
+ Beirut
+ Bishkek
+ Brunei
+@@ -643,6 +647,7 @@
+   'Europe' => [ qw(
+ Amsterdam
+ Andorra
++Astrakhan
+ Athens
+ Belgrade
+ Berlin
+@@ -676,6 +681,7 @@
+ Stockholm
+ Tallinn
+ Tirane
++Ulyanovsk
+ Uzhgorod
+ Vienna
+ Vilnius
+@@ -763,15 +769,15 @@
+ ) ],
+   'aq' => [ qw(
+ Antarctica/McMurdo
+-Antarctica/Rothera
+-Antarctica/Palmer
+-Antarctica/Mawson
+-Antarctica/Davis
+ Antarctica/Casey
+-Antarctica/Vostok
++Antarctica/Davis
+ Antarctica/DumontDUrville
++Antarctica/Mawson
++Antarctica/Palmer
++Antarctica/Rothera
+ Antarctica/Syowa
+ Antarctica/Troll
++Antarctica/Vostok
+ ) ],
+   'ar'

Re: Qt and OpenSSL transition metadata in relation to Mumble package

2016-03-19 Thread Emilio Pozuelo Monfort 

On 19/03/16 19:23, Chris Knadle wrote:

Greetings.

Executive summary:
I'd like to know if there is metadata that can be added to the Qt4 and Qt5
packages (qt4-x11 and qtbase-opensource-src) which will indicate that they
need to be binNMUed for OpenSSL transitions at nearly the same time that
Mumble gets binNMUed.



More detail:

Qt (both 4 and 5) use dlopen() to load libssl/libcrypto libraries [see lines
634-654]:


https://github.com/qtproject/qtbase/blob/dev/src/network/ssl/qsslsocket_openssl_symbols.cpp#L624-L727

and as a result during OpenSSL transitions where there's a library rename,
two different copies of libssl/libcrypto can get loaded when running
Mumble... one version Qt is compiled with, and one version Mumble is
compiled with, and they may have ABI differences.

This situation is non-trivial and caused Mumble to break (#804363) because
the SSL library wasn't getting initialized, and we believe the patch that
was used to fix this bug may be initializing both copies of SSL during the
transition period, and because of the unknown of what this might cause,
Mumble upstream is likely to implement code to disallow Mumble to continue
running when two different copies of libssl/libcrypto are loaded:

https://github.com/mumble-voip/mumble/pull/2124

We're hoping that there's some way that metadata could be added (somewhere)
such that the Qt source packages and Mumble can be binNMUed/rebuilt around
the same time for OpenSSL transitions.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804487#97

Is this possible?


There's no way to express that kind of relationship. Not unless you get into 
complex territory which isn't really worth it in this case. Normally binNMUs are 
scheduled at the same time, so in theory this shouldn't be such a big issue. And 
it would only affect unstable users, only for a short amount of time.


Cheers,
Emilio

Bug#818666: transition: pypy

2016-03-19 Thread Emilio Pozuelo Monfort 

On 19/03/16 15:06, Andreas Beckmann wrote:

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Hi,

looks like pypy 5.0 started a transition, the virtual package
pypy-abi-26 changed to pypy-abi-41. There are some uninstallable
rdepends now: pypy-dulwich, pypy-zmq.

Maybe it's sufficient to just binNMU them (but I didn't test this):

nmu dulwich_0.12.0-1 . ANY . -m "Rebuild against pypy 5.0"
nmu pyzmq_15.1.0-1 . ANY . -m "Rebuild against pypy 5.0"


pypy needs to build on every release architecture first...

Emilio

Bug#813916: marked as done (transition: gdal)

2016-03-19 Thread Debian Bug Tracking System 
Your message dated Sun, 20 Mar 2016 00:09:27 +0100
with message-id <56eddc27.1050...@debian.org>
and subject line Re: Bug#813916: transition: gdal
has caused the Debian Bug report #813916,
regarding transition: gdal
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
813916: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813916
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

For the Debian GIS team I'd like to transition to the recently released
GDAL 1.11.4. Only the packages using C++ symbols need to be rebuilt.

GDAL 2.0.2 was released along with 1.11.4, but we still don't have
support for GDAL 2.0 in all reverse dependencies. Since the transition
to GDAL 1.11.3, support for GDAL 2.0 was added to all reverse
depedencies except Fiona [0]. Upstream has recently included changes for
GDAL 2.0, but these differ from the initial GDAL 2.0 changes available
as a patch in #802808. The improved GDAL 2.0 changes are entangled with
other changes for the upcoming Fiona 1.7 release, which I've not been
able to successfully backport. This will not be a blocker for the GDAL
2.0 transition, as discussed with the maintainer on the debian-gis list
[1].

Because the transition for GDAL 1.11.4 is ready now, I'd like to do that
first before preparing the transition to GDAL 2.0. All reverse
dependencies rebuilt successfully with GDAL 1.11.4, the summary of
rebuilds is included below.

The spatialite->postgis->gdal->spatialite circular dependency was
initially preventing the rebuild of the reverse dependencies with the
new GDAL. Because this was causing more issues [3][4], I've dropped the
liblwgeom dependency from spatialite in 4.3.0a-5.

Because of the postgis->sfcgal->openscenegraph dependency chain, it's
important to rebuild openscenegraph with the new gdal before rebuilding
postgis, otherwise the old gdal will be pulled in via openscenegraph.

osrm (4.9.1+ds-1~exp1) only needs to be rebuilt in experimental.

libgdal-grass (1.11.3-3) doesn't need to be rebuilt, 1.11.4-1 will be
uploaded instead. It requires liblas & grass to be rebuilt first.

[0] 
https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=gdal-2.0;users=debian-...@lists.debian.org
[1] https://lists.debian.org/debian-gis/2016/02/msg00018.html
[2] https://lists.debian.org/debian-gis/2016/02/msg00023.html
[3] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808606
[4] 
https://lists.alioth.debian.org/pipermail/pkg-grass-devel/2016-January/thread.html


Only the virtual ABI package changed, so there is no automatically
created transition tracker. 

Ben file:

title = "gdal";
is_affected = .depends ~ /libgdal\.so\.1-1\.11\.[34]/;
is_good = .depends ~ /libgdal\.so\.1-1\.11\.4/;
is_bad = .depends ~ /libgdal\.so\.1-1\.11\.3/;


Transition: gdal

 libgdal1i (1.11.3+dfsg-2) -> libgdal1i (1.11.4+dfsg-1~exp1)
 libgdal.so.1-1.11.3   -> libgdal.so.1-1.11.4

The status of the most recent rebuilds is as follows.

 dans-gdal-scripts (0.23-4)   OK
 fiona (1.6.3-1)  OK
 gazebo(6.5.0+dfsg-2) OK
 gmt   (5.2.1+dfsg-3) OK
 imposm(2.6.0+ds-2)   OK
 libcitygml(2.0-1)OK
 liblas(1.8.0-7)  OK
 libosmium (2.5.4-1)  OK
 mapcache  (1.4.0-4)  OK
 mapnik(3.0.9+ds-1)   OK
 mapserver (7.0.0-9)  OK
 merkaartor(0.18.2-5) OK
 mysql-workbench   (6.3.4+dfsg-3) OK
 ncl   (6.3.0-6)  OK
 node-srs  (0.4.8+dfsg-2) OK
 openscenegraph(3.2.1-9)  OK
 osmium(0.0~20160124-b30afd3-1)   OK
 osrm  (4.9.1+ds-1~exp1)  OK
 postgis   (2.2.1+dfsg-2) OK
 pprepair  (0.0~20150624-82a2019-1)   OK
 prepair   (0.7-4)OK
 qlandkartegt  (1.8.1+ds-4)   OK
 qmapshack (1.5.1-1)  OK
 rasterio  (0.31.0-2) OK
 saga  (2.2.3+dfsg-1) OK
 sumo  (0.25.0+dfsg1-2)   OK
 thuban(1.2.2-9)  OK
 vtk6

Bug#818615: jessie-pu: package gtk+2.0

2016-03-19 Thread Salvatore Bonaccorso 
HI Adam,

Not Moritz here but can answer the question as well:

On Fri, Mar 18, 2016 at 07:22:34PM +, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
> 
> On Fri, 2016-03-18 at 19:33 +0100, Moritz Muehlenhoff wrote:
> > I'd like to fix a security issue in GTK, which doesn't really warrant
> > a DSA. Debdiff below, I've been running this on my jessie
> > workstation for a day now.
> > 
> > Cheers,
> > Moritz
> > 
> > diff -Nru gtk+2.0-2.24.25/debian/changelog gtk+2.0-2.24.25/debian/changelog
> > --- gtk+2.0-2.24.25/debian/changelog2015-03-03 19:39:59.0 
> > +0100
> > +++ gtk+2.0-2.24.25/debian/changelog2016-03-17 23:20:16.0 
> > +0100
> > @@ -1,3 +1,9 @@
> > +gtk+2.0 (2.24.25-3+deb8u1) jessie; urgency=medium
> > +
> > +  * CVE-2013-7447 (Closes: #799275)
> 
> The Security Tracker suggests that this isn't fixed in the version of
> gtk+2.0 in unstable; is that correct?

Yes it is as well unfixed there. I just have proposed a NMU in
https://bugs.debian.org/799275#39

Hope this helps,

Regards,
Salvatore

NEW changes in stable-new

2016-03-19 Thread Debian FTP Masters 
Processing changes file: amd64-microcode_2.20160316.1~deb8u1_multi.changes
  ACCEPT
Processing changes file: 
cinnamon-settings-daemon_2.2.4.repack-7+deb8u1_amd64.changes
  ACCEPT
Processing changes file: libdatetime-timezone-perl_1.75-2+2016b_amd64.changes
  ACCEPT
Processing changes file: xvba-video_0.8.0-9+deb8u1_source.changes
  ACCEPT

Bug#818710: wheezy-pu: package amd64-microcode/1.20160316.1

2016-03-19 Thread Henrique de Moraes Holschuh 
Package: release.debian.org
Severity: normal
Tags: wheezy security
User: release.debian@packages.debian.org
Usertags: pu

This is the non-free oldstable companion update for the same issue reported
in #818689:

Unfortunately, the microcode for the earlier AMD Piledriver processors being
distributed in the amd64-microcode packages currently in non-free oldstable,
stable, testing and unstable has been found to be extremely dangerous.

More details:
http://seclists.org/oss-sec/2016/q1/450
http://www.theregister.co.uk/2016/03/06/amd_microcode_6000836_fix/
https://www.reddit.com/r/linux/comments/47s8a8/new_amd_microcode_vulnerability_from_unprivileged/

I would like to update the packages in oldstable with the new microcode.

Thank you!

debdiff output:
diffstat for amd64-microcode-1.20141028.1 amd64-microcode-1.20160316.1

 README   |   14 ++
 debian/changelog |   27 +++
 microcode_amd_fam15h.bin |binary
 microcode_amd_fam15h.bin.asc |   14 +++---
 4 files changed, 48 insertions(+), 7 deletions(-)

diff -Nru amd64-microcode-1.20141028.1/debian/changelog 
amd64-microcode-1.20160316.1/debian/changelog
--- amd64-microcode-1.20141028.1/debian/changelog   2015-01-20 
11:05:42.0 -0200
+++ amd64-microcode-1.20160316.1/debian/changelog   2016-03-19 
19:10:26.0 -0300
@@ -1,3 +1,30 @@
+amd64-microcode (1.20160316.1) oldstable; urgency=critical
+
+  * Upstream release 20160316 built from linux-firmware:
++ Updated Microcodes:
+  sig 0x00600f20, patch id 0x0600084f, 2016-01-25
++ This microcode updates fixes a critical erratum on NMI handling
+  introduced by microcode patch id 0x6000832 from the 20141028 update.
+  The erratum is also present on microcode patch id 0x6000836.
++ THIS IS A CRITICAL STABILITY AND SECURITY UPDATE FOR THE EARLIER
+  AMD PILEDRIVER PROCESSORS, including:
+  + AMD Opteron 3300, 4300, 6300
+  + AMD FX "Vishera" (43xx, 63xx, 83xx, 93xx, 95xx)
+  + AMD processors with family 21, model 2, stepping 0
+  * Robert Święcki, while fuzzing the kernel using the syzkaller tool,
+uncovered very strange behavior on an AMD FX-8320, later reproduced on
+other AMD Piledriver model 2, stepping 0 processors including the Opteron
+6300.  Robert discovered, using his proof-of-concept exploit code, that
+the incorrect behavior allows an unpriviledged attacker on an unpriviledged
+VM to corrupt the return stack of the host kernel's NMI handler.  At best,
+this results in unpredictable host behavior.  At worst, it allows for an
+unpriviledged user on unpriviledged VM to carry a sucessful host-kernel
+ring 0 code injection attack.
+  * The erratum is timing-dependant, easily triggered by workloads that
+cause a high number of NMIs, such as running the "perf" tool.
+
+ -- Henrique de Moraes Holschuh   Sat, 19 Mar 2016 19:10:20 
-0300
+
 amd64-microcode (1.20141028.1) stable; urgency=medium
 
   * Upstream release 20141028 built from linux-firmware
Binary files 
/tmp/LkCOI20qcl/amd64-microcode-1.20141028.1/microcode_amd_fam15h.bin and 
/tmp/SRBRsoU9Tp/amd64-microcode-1.20160316.1/microcode_amd_fam15h.bin differ
diff -Nru amd64-microcode-1.20141028.1/microcode_amd_fam15h.bin.asc 
amd64-microcode-1.20160316.1/microcode_amd_fam15h.bin.asc
--- amd64-microcode-1.20141028.1/microcode_amd_fam15h.bin.asc   2015-01-14 
11:56:07.0 -0200
+++ amd64-microcode-1.20160316.1/microcode_amd_fam15h.bin.asc   2016-03-19 
19:06:27.0 -0300
@@ -1,11 +1,11 @@
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1
 
-iQEcBAABAgAGBQJUTqLvAAoJEOS+UznzKK5zyaIIAKZcXmU+sBO4YGH5Aq2SdRYe
-rlwE5oeYNh+AdzzLm9EqHwSC+MciFI7HqQz8PvKAsfaoD17mQjonIXga8l2/w3OW
-/vIJjJnu9QB2C9XpjAiQCxS5QaMtIfEEjVld+MeHs6Ld3PwGuAXCkxKcJ2sHLZd3
-UcwwHxcm98KYouogjVZoJeb226cjz6fzUVJK9t9yi2S+SWmIvkjSZEI6W0WFoFCL
-x0jM7lFNcusGtg5K6UsyAdwPwvfbBN5FoV29/DaP+/HA4GP/W/cgbQxS72skDJg5
-c/icP0ntAND2iprtTQXF9//mWdX2FLYD55eu+pShZmO8t4Qvq4tJgiVz3hJiK+U=
-=KBP3
+iQEcBAABAgAGBQJW6d1MAAoJEOS+UznzKK5zSxkH+gJLffKGRM9BHe0D0/fkb0Gs
+FZVp0eUNREOQoYwHJq9Ms1RebaZJkaUnd8SXCODJrqxDsxqUgunUtP6Qfh3Ru6fV
+n0wgFVISKSQVLDP+I/ANFbWA2KhV5e4LuLQp5cDSItv6916kmNlM5kxtJ5QBrNXu
+kr5bNReYgYTl7PSoCPuPfVILToG0ltZQMdKI1GImRCMVrYjGMbv8EyUC3r8ZbChG
+Lv6K0AsULA81lXBAW0JYlxu6cNv1MJ3mxttwCswaJNcd+Y11ZQA8r2sjJoWbNSlS
+nsDPLsUKE/RsW9MlMxiI2Jqo9PrZz923bu/cWMU1FPp+cJII0T7idWGUTVhQjc8=
+=MTxP
 -END PGP SIGNATURE-
diff -Nru amd64-microcode-1.20141028.1/README 
amd64-microcode-1.20160316.1/README
--- amd64-microcode-1.20141028.1/README 2015-01-14 11:56:07.0 -0200
+++ amd64-microcode-1.20160316.1/README 2016-03-19 19:06:27.0 -0300
@@ -1,5 +1,19 @@
 This amd64-microcode release was based on the linux-firmware tree.
 
+From: Sherry Hurwitz 
+Subject: [PATCH 1/1] linux-firmware: Update AMD microcode patch firmware
+Date: 2016-03-17 06:56:11 GMT
+
+linux-firmware: Update AMD

NEW changes in oldstable-new

2016-03-19 Thread Debian FTP Masters 
Processing changes file: git_1.7.10.4-1+wheezy3_amd64.changes
  ACCEPT
Processing changes file: git_1.7.10.4-1+wheezy3_armel.changes
  ACCEPT
Processing changes file: git_1.7.10.4-1+wheezy3_armhf.changes
  ACCEPT
Processing changes file: git_1.7.10.4-1+wheezy3_i386.changes
  ACCEPT
Processing changes file: git_1.7.10.4-1+wheezy3_ia64.changes
  ACCEPT
Processing changes file: git_1.7.10.4-1+wheezy3_kfreebsd-amd64.changes
  ACCEPT
Processing changes file: git_1.7.10.4-1+wheezy3_kfreebsd-i386.changes
  ACCEPT
Processing changes file: git_1.7.10.4-1+wheezy3_mips.changes
  ACCEPT
Processing changes file: git_1.7.10.4-1+wheezy3_mipsel.changes
  ACCEPT
Processing changes file: git_1.7.10.4-1+wheezy3_powerpc.changes
  ACCEPT
Processing changes file: git_1.7.10.4-1+wheezy3_s390.changes
  ACCEPT
Processing changes file: git_1.7.10.4-1+wheezy3_s390x.changes
  ACCEPT
Processing changes file: git_1.7.10.4-1+wheezy3_sparc.changes
  ACCEPT

Bug#818620: jessie-pu: package cinnamon-settings-daemon/2.2.4.repack-7+deb8u1

2016-03-19 Thread Adam D. Barratt 
Control: tags -1 + pending

On Fri, 2016-03-18 at 19:50 +, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Fri, 2016-03-18 at 20:40 +0100, Margarita Manterola wrote:
> > Moritz from the security team brought to the attention of the cinnamon team
> > that cinnamon-settings-daemon in stable contains a minor security issue 
> > that has
> > already been fixed in upstream.
> > 
> > This issue doesn't warrant a DSA, as it's only a circumvention of policykit
> > restrictions, but it would be good to fix it in a future point release.
> 
> Please go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Processed: Re: Bug#818531: wheezy-pu: package libdatetime-timezone-perl/1.58-1+2016b

2016-03-19 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + confirmed
Bug #818531 [release.debian.org] wheezy-pu: package 
libdatetime-timezone-perl/1.58-1+2016b
Added tag(s) confirmed.

-- 
818531: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818531
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#818531: wheezy-pu: package libdatetime-timezone-perl/1.58-1+2016b

2016-03-19 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + pending
Bug #818531 [release.debian.org] wheezy-pu: package 
libdatetime-timezone-perl/1.58-1+2016b
Added tag(s) pending.

-- 
818531: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818531
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#815520: jessie-pu: package fglrx-driver/1:15.9-4~deb8u2 xvba-video_0.8.0-9+deb8u1

2016-03-19 Thread Adam D. Barratt 
Control: tags -1 + pending

On Mon, 2016-02-22 at 13:23 +, Adam D. Barratt wrote:
[...]
> On 2016-02-22 1:05, Andreas Beckmann wrote:
> > the last fglrx-driver update in jessie brought a small regression:
> > updates with xvba-va-driver installed fail due to a file overwrite
> > conflict (#813427).
> > xvba-va-driver is currently uninstallable in jessie.
> > xvba-va-driver is no longer needed as a separate package, instead
> > libfglrx-amdxvba1 brings equivalent files.
> > 
> > We need to update both packages to fix this issue.
[...]
> > Let's do the discussion with this one bug here and clone it once it
> > reached confirmed state.
> 
> Looks okay to me.
> 
> Assuming that the install and upgrade paths have been tested (I imagine 
> they have :-), please go ahead.

xvba-video uploaded and flagged for acceptance.

Regards,

Adam

Bug#818531: wheezy-pu: package libdatetime-timezone-perl/1.58-1+2016b

2016-03-19 Thread Adam D. Barratt 
Control: tags -1 + pending

On Thu, 2016-03-17 at 22:20 +0100, gregor herrmann wrote:
> On Thu, 17 Mar 2016 21:06:20 +, Adam D. Barratt wrote:
> 
> > On Thu, 2016-03-17 at 20:47 +0100, gregor herrmann wrote:
> > > I've prepared an update for libdatetime-timezone-perl in wheezy with 
> > > the data from the Olson db 2016b. As usual, the only change is a
> > > quilt patch which adjusts the pm files containing the timezone data.
> > Please go ahead.
> 
> Thanks, uploaded.

Flagged for acceptance.

Regards,

Adam

NEW changes in stable-new

2016-03-19 Thread Debian FTP Masters 
Processing changes file: git_2.1.4-2.1+deb8u2_allonly.changes
  ACCEPT
Processing changes file: git_2.1.4-2.1+deb8u2_amd64.changes
  ACCEPT
Processing changes file: git_2.1.4-2.1+deb8u2_arm64.changes
  ACCEPT
Processing changes file: git_2.1.4-2.1+deb8u2_armel.changes
  ACCEPT
Processing changes file: git_2.1.4-2.1+deb8u2_armhf.changes
  ACCEPT
Processing changes file: git_2.1.4-2.1+deb8u2_i386.changes
  ACCEPT
Processing changes file: git_2.1.4-2.1+deb8u2_mips.changes
  ACCEPT
Processing changes file: git_2.1.4-2.1+deb8u2_mipsel.changes
  ACCEPT
Processing changes file: git_2.1.4-2.1+deb8u2_powerpc.changes
  ACCEPT
Processing changes file: git_2.1.4-2.1+deb8u2_ppc64el.changes
  ACCEPT
Processing changes file: git_2.1.4-2.1+deb8u2_s390x.changes
  ACCEPT

Processed: Re: Bug#815520: jessie-pu: package fglrx-driver/1:15.9-4~deb8u2 xvba-video_0.8.0-9+deb8u1

2016-03-19 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + pending
Bug #815520 [release.debian.org] jessie-pu: package fglrx-driver/1:15.9-4~deb8u2
Added tag(s) pending.

-- 
815520: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815520
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#818532: jessie-pu: package libdatetime-timezone-perl/1.75-2+2016b

2016-03-19 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + pending
Bug #818532 [release.debian.org] jessie-pu: package 
libdatetime-timezone-perl/1.75-2+2016b
Added tag(s) pending.

-- 
818532: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818532
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#818689: jessie-pu: package amd64-microcode/2.20160316.1~deb8u1

2016-03-19 Thread Adam D. Barratt 
Control: tags -1 + pending

On Sat, 2016-03-19 at 16:30 -0300, Henrique de Moraes Holschuh wrote:
> On Sat, 19 Mar 2016, Adam D. Barratt wrote:
> > On Sat, 2016-03-19 at 15:50 -0300, Henrique de Moraes Holschuh wrote:
> > > Unfortunately, the microcode for the earlier AMD Piledriver processors 
> > > being
> > > distributed in the amd64-microcode packages currently in non-free 
> > > oldstable,
> > > stable, testing and unstable has been found to be extremely dangerous.
> > [...]
> > > I would like to update the packages in stable, with basically the same
> > > package that was already uploaded to unstable.  The only difference is an
> > > extra debian/changelog entry for the stable upload.
> > 
> > Please go ahead.
> 
> Thank you Adam!  Uploaded!

and flagged for acceptance in to p-u.

Regards,

Adam

Bug#818532: jessie-pu: package libdatetime-timezone-perl/1.75-2+2016b

2016-03-19 Thread Adam D. Barratt 
Control: tags -1 + pending

On Thu, 2016-03-17 at 21:04 +, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Thu, 2016-03-17 at 20:47 +0100, gregor herrmann wrote:
> > I've prepared an update for libdatetime-timezone-perl in jessie with
> > the data from the Olson db 2016b. As usual, the only change is a
> > quilt patch which adjusts the pm files containing the timezone data.
> > (Plus a typo fix in the changelog this time.)
> 
> Please go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Processed: Re: Bug#818620: jessie-pu: package cinnamon-settings-daemon/2.2.4.repack-7+deb8u1

2016-03-19 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + pending
Bug #818620 [release.debian.org] jessie-pu: package 
cinnamon-settings-daemon/2.2.4.repack-7+deb8u1
Added tag(s) pending.

-- 
818620: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818620
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#818689: jessie-pu: package amd64-microcode/2.20160316.1~deb8u1

2016-03-19 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + pending
Bug #818689 [release.debian.org] jessie-pu: package 
amd64-microcode/2.20160316.1~deb8u1
Added tag(s) pending.

-- 
818689: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818689
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#818531: wheezy-pu: package libdatetime-timezone-perl/1.58-1+2016b

2016-03-19 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Thu, 2016-03-17 at 20:47 +0100, gregor herrmann wrote:
> I've prepared an update for libdatetime-timezone-perl in wheezy with 
> the data from the Olson db 2016b. As usual, the only change is a
> quilt patch which adjusts the pm files containing the timezone data.

Please go ahead.

Regards,

Adam

Processed: Re: Bug#784679: jessie-pu: package rdesktop/1.8.2-3+deb8u1

2016-03-19 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + pending
Bug #784679 [release.debian.org] jessie-pu: package rdesktop/1.8.2-3+deb8u1
Added tag(s) pending.

-- 
784679: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784679
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#818689: jessie-pu: package amd64-microcode/2.20160316.1~deb8u1

2016-03-19 Thread Henrique de Moraes Holschuh 
On Sat, 19 Mar 2016, Adam D. Barratt wrote:
> On Sat, 2016-03-19 at 15:50 -0300, Henrique de Moraes Holschuh wrote:
> > Unfortunately, the microcode for the earlier AMD Piledriver processors being
> > distributed in the amd64-microcode packages currently in non-free oldstable,
> > stable, testing and unstable has been found to be extremely dangerous.
> [...]
> > I would like to update the packages in stable, with basically the same
> > package that was already uploaded to unstable.  The only difference is an
> > extra debian/changelog entry for the stable upload.
> 
> Please go ahead.

Thank you Adam!  Uploaded!

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Bug#818689: jessie-pu: package amd64-microcode/2.20160316.1~deb8u1

2016-03-19 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Sat, 2016-03-19 at 15:50 -0300, Henrique de Moraes Holschuh wrote:
> Unfortunately, the microcode for the earlier AMD Piledriver processors being
> distributed in the amd64-microcode packages currently in non-free oldstable,
> stable, testing and unstable has been found to be extremely dangerous.
[...]
> I would like to update the packages in stable, with basically the same
> package that was already uploaded to unstable.  The only difference is an
> extra debian/changelog entry for the stable upload.

Please go ahead.

Regards,

Adam

Processed: Re: Bug#818689: jessie-pu: package amd64-microcode/2.20160316.1~deb8u1

2016-03-19 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + confirmed
Bug #818689 [release.debian.org] jessie-pu: package 
amd64-microcode/2.20160316.1~deb8u1
Added tag(s) confirmed.

-- 
818689: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818689
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#818689: jessie-pu: package amd64-microcode/2.20160316.1~deb8u1

2016-03-19 Thread Henrique de Moraes Holschuh 
Package: release.debian.org
Severity: normal
Tags: jessie security
User: release.debian@packages.debian.org
Usertags: pu

Unfortunately, the microcode for the earlier AMD Piledriver processors being
distributed in the amd64-microcode packages currently in non-free oldstable,
stable, testing and unstable has been found to be extremely dangerous.

More details:
http://seclists.org/oss-sec/2016/q1/450
http://www.theregister.co.uk/2016/03/06/amd_microcode_6000836_fix/
https://www.reddit.com/r/linux/comments/47s8a8/new_amd_microcode_vulnerability_from_unprivileged/

An urgency=critical upload to unstable is already installed, and waiting for
the next mirror pulse.

I would like to update the packages in stable, with basically the same
package that was already uploaded to unstable.  The only difference is an
extra debian/changelog entry for the stable upload.

Thank you!


debdiff output:
diffstat for amd64-microcode-2.20141028.1 amd64-microcode-2.20160316.1~deb8u1

 README   |   14 ++
 debian/changelog |   33 +
 debian/control   |2 +-
 microcode_amd_fam15h.bin |binary
 microcode_amd_fam15h.bin.asc |   14 +++---
 5 files changed, 55 insertions(+), 8 deletions(-)

diff -Nru amd64-microcode-2.20141028.1/debian/changelog 
amd64-microcode-2.20160316.1~deb8u1/debian/changelog
--- amd64-microcode-2.20141028.1/debian/changelog   2014-12-18 
13:36:29.0 -0200
+++ amd64-microcode-2.20160316.1~deb8u1/debian/changelog2016-03-19 
14:22:44.0 -0300
@@ -1,3 +1,36 @@
+amd64-microcode (2.20160316.1~deb8u1) stable; urgency=critical
+
+  * This is exactly the same release as 2.20160316.1
+
+ -- Henrique de Moraes Holschuh   Sat, 19 Mar 2016 14:21:54 
-0300
+
+amd64-microcode (2.20160316.1) unstable; urgency=critical
+
+  * Upstream release 20160316 built from linux-firmware:
++ Updated Microcodes:
+  sig 0x00600f20, patch id 0x0600084f, 2016-01-25
++ This microcode updates fixes a critical erratum on NMI handling
+  introduced by microcode patch id 0x6000832 from the 20141028 update.
+  The erratum is also present on microcode patch id 0x6000836.
++ THIS IS A CRITICAL STABILITY AND SECURITY UPDATE FOR THE EARLIER
+  AMD PILEDRIVER PROCESSORS, including:
+  + AMD Opteron 3300, 4300, 6300
+  + AMD FX "Vishera" (43xx, 63xx, 83xx, 93xx, 95xx)
+  + AMD processors with family 21, model 2, stepping 0
+  * Robert Święcki, while fuzzing the kernel using the syzkaller tool,
+uncovered very strange behavior on an AMD FX-8320, later reproduced on
+other AMD Piledriver model 2, stepping 0 processors including the Opteron
+6300.  Robert discovered, using his proof-of-concept exploit code, that
+the incorrect behavior allows an unpriviledged attacker on an unpriviledged
+VM to corrupt the return stack of the host kernel's NMI handler.  At best,
+this results in unpredictable host behavior.  At worst, it allows for an
+unpriviledged user on unpriviledged VM to carry a sucessful host-kernel
+ring 0 code injection attack.
+  * The erratum is timing-dependant, easily triggered by workloads that cause
+a high number of NMIs, such as running the "perf" tool.
+
+ -- Henrique de Moraes Holschuh   Sat, 19 Mar 2016 14:02:44 
-0300
+
 amd64-microcode (2.20141028.1) unstable; urgency=medium
 
   * Upstream release 20141028 built from linux-firmware:
diff -Nru amd64-microcode-2.20141028.1/debian/control 
amd64-microcode-2.20160316.1~deb8u1/debian/control
--- amd64-microcode-2.20141028.1/debian/control 2014-12-18 13:29:09.0 
-0200
+++ amd64-microcode-2.20160316.1~deb8u1/debian/control  2016-03-19 
14:21:48.0 -0300
@@ -10,7 +10,7 @@
 XS-Autobuild: yes
 
 Package: amd64-microcode
-Architecture: i386 amd64
+Architecture: i386 amd64 x32
 Depends: ${misc:Depends}
 Breaks: intel-microcode (<< 2)
 Description: Processor microcode firmware for AMD CPUs
Binary files 
/tmp/fBt3hF3hZL/amd64-microcode-2.20141028.1/microcode_amd_fam15h.bin and 
/tmp/Xa6pgjObby/amd64-microcode-2.20160316.1~deb8u1/microcode_amd_fam15h.bin 
differ
diff -Nru amd64-microcode-2.20141028.1/microcode_amd_fam15h.bin.asc 
amd64-microcode-2.20160316.1~deb8u1/microcode_amd_fam15h.bin.asc
--- amd64-microcode-2.20141028.1/microcode_amd_fam15h.bin.asc   2014-12-17 
18:30:04.0 -0200
+++ amd64-microcode-2.20160316.1~deb8u1/microcode_amd_fam15h.bin.asc
2016-03-19 14:21:48.0 -0300
@@ -1,11 +1,11 @@
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1
 
-iQEcBAABAgAGBQJUTqLvAAoJEOS+UznzKK5zyaIIAKZcXmU+sBO4YGH5Aq2SdRYe
-rlwE5oeYNh+AdzzLm9EqHwSC+MciFI7HqQz8PvKAsfaoD17mQjonIXga8l2/w3OW
-/vIJjJnu9QB2C9XpjAiQCxS5QaMtIfEEjVld+MeHs6Ld3PwGuAXCkxKcJ2sHLZd3
-UcwwHxcm98KYouogjVZoJeb226cjz6fzUVJK9t9yi2S+SWmIvkjSZEI6W0WFoFCL
-x0jM7lFNcusGtg5K6UsyAdwPwvfbBN5FoV29/DaP+/HA4GP/W/cgbQxS72skDJg5

Qt and OpenSSL transition metadata in relation to Mumble package

2016-03-19 Thread Chris Knadle 
Greetings.

Executive summary:
I'd like to know if there is metadata that can be added to the Qt4 and Qt5
packages (qt4-x11 and qtbase-opensource-src) which will indicate that they
need to be binNMUed for OpenSSL transitions at nearly the same time that
Mumble gets binNMUed.



More detail:

Qt (both 4 and 5) use dlopen() to load libssl/libcrypto libraries [see lines
634-654]:


https://github.com/qtproject/qtbase/blob/dev/src/network/ssl/qsslsocket_openssl_symbols.cpp#L624-L727

and as a result during OpenSSL transitions where there's a library rename,
two different copies of libssl/libcrypto can get loaded when running
Mumble... one version Qt is compiled with, and one version Mumble is
compiled with, and they may have ABI differences.

This situation is non-trivial and caused Mumble to break (#804363) because
the SSL library wasn't getting initialized, and we believe the patch that
was used to fix this bug may be initializing both copies of SSL during the
transition period, and because of the unknown of what this might cause,
Mumble upstream is likely to implement code to disallow Mumble to continue
running when two different copies of libssl/libcrypto are loaded:

   https://github.com/mumble-voip/mumble/pull/2124

We're hoping that there's some way that metadata could be added (somewhere)
such that the Qt source packages and Mumble can be binNMUed/rebuilt around
the same time for OpenSSL transitions.

   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804487#97

Is this possible?
Thanks much.

P.S. Please To/CC me as I'm not on the [debian-release] mailing list.

   -- Chris

-- 
Chris Knadle
chris.kna...@coredump.us

Bug#818620: jessie-pu: package cinnamon-settings-daemon/2.2.4.repack-7+deb8u1

2016-03-19 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Fri, 2016-03-18 at 20:40 +0100, Margarita Manterola wrote:
> Moritz from the security team brought to the attention of the cinnamon team
> that cinnamon-settings-daemon in stable contains a minor security issue that 
> has
> already been fixed in upstream.
> 
> This issue doesn't warrant a DSA, as it's only a circumvention of policykit
> restrictions, but it would be good to fix it in a future point release.

Please go ahead.

Regards,

Adam

Bug#814936: marked as done (transition: mpi-defaults)

2016-03-19 Thread Debian Bug Tracking System 
Your message dated Thu, 17 Mar 2016 00:55:53 +0100
with message-id <56e9f289.50...@debian.org>
and subject line Re: Bug#814936: transition: mpi-defaults
has caused the Debian Bug report #814936,
regarding transition: mpi-defaults
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
814936: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=814936
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: transition
Tags: confirmed

Last week I switched the default openmpi implementation on s390x from
mpich to openmpi.

Now the default MPI implementation is the same in all release
architectures, which is nice per se.

From what I can see in the past there were no rebuilds for this, but (as
also others pointed out elsewhere) it would only make sense.
There are also packages already failing to build due to dependencies
being built against mpich but now building against openmpi.

According to my grepping the packages affected are a strict subset of
the ones doing the openmpi transition.
Though maybe a ben tracker is better for this job.  I try here to forge
a valid thing, but I'm not sure of what I'm writing:

is_affected = .build-depends ~ /mpi-default-dev/ & ( .depends ~ /libmpich.*/ | 
/libopenmpi.*/ )
is_good = .depends ~ /libopenmpi.*/
is_bad = .depends ~ /libmpich.*/

I expect at least the packages listed in the attachment in #813128#135.


A handful need sourceful changes, I already done a couple and I'll do
the rest too.

I welcome any comments on the plan, or please schedule the
appropriated rebuilds.


I'm sorry this caused more mess and noise than what I originally
planned, but from what I can see everything goes smoothly, at least
(except for the noise itself).

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  http://mapreri.org  : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---

On 01/03/16 00:04, Emilio Pozuelo Monfort wrote:

On 29/02/16 20:10, Mattia Rizzolo wrote:


ok, it looks good.
Except for mpi4py and nwchem that FTBFS, I find this transition to be
cool.

Do you notice something that should be take care of?
Otherwise I'd call this over.


Those are the remaining ones yes.


As discussed on IRC, mpi4py is now good, and nwchem is sid only. So let's close 
this.


Cheers,
Emilio--- End Message ---

Bug#816198: jessie-pu: package php-dompdf/0.6.1+dfsg-2

2016-03-19 Thread Markus Frosch 
On 19.03.2016 17:57, Julien Cristau wrote:
> Yes please.

Here is the current debdiff.

Cheers
Markus Frosch
-- 
mar...@lazyfrosch.de / lazyfro...@debian.org
http://www.lazyfrosch.de
diff -Nru php-dompdf-0.6.1+dfsg/debian/changelog 
php-dompdf-0.6.1+dfsg/debian/changelog
--- php-dompdf-0.6.1+dfsg/debian/changelog  2014-04-23 21:24:29.0 
+0200
+++ php-dompdf-0.6.1+dfsg/debian/changelog  2016-03-19 18:42:01.0 
+0100
@@ -1,3 +1,17 @@
+php-dompdf (0.6.1+dfsg-2+deb8u1) stable-proposed-updates; urgency=medium
+
+  * Non-maintainer upload.
+  * [22610bd] Add 0.6.2 hotfix patch (Closes: #813849)
+
+Fixes CVE:
+* CVE-2014-5011
+* CVE-2014-5012
+* CVE-2014-5013
+
+This update bundles CVE hotfixes from 0.6.2 upstream release.
+
+ -- Markus Frosch   Sat, 19 Mar 2016 18:40:34 +0100
+
 php-dompdf (0.6.1+dfsg-2) unstable; urgency=medium
 
   * Document security issue fixed in last upstream version, and upload to
diff -Nru php-dompdf-0.6.1+dfsg/debian/patches/0100-0.6.2-hotfix.patch 
php-dompdf-0.6.1+dfsg/debian/patches/0100-0.6.2-hotfix.patch
--- php-dompdf-0.6.1+dfsg/debian/patches/0100-0.6.2-hotfix.patch
1970-01-01 01:00:00.0 +0100
+++ php-dompdf-0.6.1+dfsg/debian/patches/0100-0.6.2-hotfix.patch
2016-03-19 18:36:53.0 +0100
@@ -0,0 +1,713 @@
+Description: Hotfix based on 0.6.2
+ This patch fixes:
+ * CVE-2014-2383
+ * CVE-2014-5011
+ * CVE-2014-5012
+ * CVE-2014-5013
+ .
+ The patch bundles code changes from 0.6.2
+Author: Brian Sweeney 
+Origin: upstream
+Applied-Upstream: 0.6.2
+Reviewed-by: Markus Frosch 
+Last-Update: 2016-02-27
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/dompdf.php
 b/dompdf.php
+@@ -130,6 +130,8 @@
+ $sapi = php_sapi_name();
+ $options = array();
+ 
++$dompdf = new DOMPDF();
++
+ switch ( $sapi ) {
+ 
+  case "cli":
+@@ -169,7 +171,7 @@
+ if ( $file === "-" )
+   $outfile = "dompdf_out.pdf";
+ else
+-  $outfile = str_ireplace(array(".html", ".htm", ".php"), "", $file) . 
".pdf";
++  $outfile = str_ireplace(array(".html", ".htm"), "", $file) . ".pdf";
+   }
+ 
+   if ( isset($opts["v"]) )
+@@ -194,6 +196,8 @@
+ 
+  default:
+ 
++  $dompdf->set_option('enable_php', false);
++  
+   if ( isset($_GET["input_file"]) )
+ $file = rawurldecode($_GET["input_file"]);
+   else
+@@ -220,26 +224,12 @@
+   
+   $file_parts = explode_url($file);
+   
+-  /* Check to see if the input file is local and, if so, that the base path 
falls within that specified by DOMDPF_CHROOT */
+-  if(($file_parts['protocol'] == '' || $file_parts['protocol'] === 
'file://')) {
+-$file = realpath($file);
+-if ( strpos($file, DOMPDF_CHROOT) !== 0 ) {
+-  throw new DOMPDF_Exception("Permission denied on $file. The file could 
not be found under the directory specified by DOMPDF_CHROOT.");
+-}
+-  }
+-  
+-  if($file_parts['protocol'] === 'php://') {
+-throw new DOMPDF_Exception("Permission denied on $file. This script does 
not allow PHP streams.");
+-  }
+-  
+   $outfile = "dompdf_out.pdf"; # Don't allow them to set the output file
+   $save_file = false; # Don't save the file
+   
+   break;
+ }
+ 
+-$dompdf = new DOMPDF();
+-
+ if ( $file === "-" ) {
+   $str = "";
+   while ( !feof(STDIN) )
+--- a/dompdf_config.custom.inc.php
 b/dompdf_config.custom.inc.php
+@@ -1,6 +1,7 @@
+-https://github.com/dompdf/dompdf/wiki
++ */
++//define("DOMPDF_CHROOT", DOMPDF_DIR);
++//define("DOMPDF_ENABLE_PHP", false);
++//define("DOMPDF_ENABLE_REMOTE", false);
+--- a/include/abstract_renderer.cls.php
 b/include/abstract_renderer.cls.php
+@@ -100,7 +100,7 @@
+ //Therefore read dimension directly from file, instead of creating gd 
object first.
+ //$img_w = imagesx($src); $img_h = imagesy($src);
+ 
+-list($img_w, $img_h) = dompdf_getimagesize($img);
++list($img_w, $img_h) = dompdf_getimagesize($img, 
$this->_dompdf->get_http_context());
+ if (!isset($img_w) || $img_w == 0 || !isset($img_h) || $img_h == 0) {
+   return;
+ }
+--- a/include/cpdf_adapter.cls.php
 b/include/cpdf_adapter.cls.php
+@@ -604,7 +604,7 @@
+   }
+ 
+   function image($img, $x, $y, $w, $h, $resolution = "normal") {
+-list($width, $height, $type) = dompdf_getimagesize($img);
++list($width, $height, $type) = dompdf_getimagesize($img, 
$this->_dompdf->get_http_context());
+ 
+ $debug_png = $this->_dompdf->get_option("debug_png");
+ 
+--- a/include/dompdf.cls.php
 b/include/dompdf.cls.php
+@@ -184,6 +184,25 @@
+* @var bool
+*/
+   private $_quirksmode = false;
++  
++  /**
++   * Protocol whitelist
++   *
++   * Protocols and PHP wrappers allowed in URLs. Full support is not 
++   * guarantee for the protocols/wrappers contained in this array.
++   *
++   * @var array
++   */
++  private $_allowed_protocols = array(null, "", "file://", "http://;, 
"https://;);
++  
++  /**
++   * Local file

Processed: Re: Bug#818620: jessie-pu: package cinnamon-settings-daemon/2.2.4.repack-7+deb8u1

2016-03-19 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + confirmed
Bug #818620 [release.debian.org] jessie-pu: package 
cinnamon-settings-daemon/2.2.4.repack-7+deb8u1
Added tag(s) confirmed.

-- 
818620: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818620
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#816198: jessie-pu: package php-dompdf/0.6.1+dfsg-2

2016-03-19 Thread Julien Cristau 
On Tue, Mar 15, 2016 at 11:13:19 +0100, Markus Frosch wrote:

> I can update the diff if you like, difference only in the changelog and patch 
> summary.
> 
Yes please.

Cheers,
Julien

Bug#818679: jessie-pu: package sus/7.20160312~deb8u1

2016-03-19 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Hi,

sus is a downloader package and one of the external tarballs being
downloaded has changed, again.

This is a rebuild of the package from sid for jessie.


Andreas
diff -Nru sus-7.20160107~deb8u1/debian/changelog sus-7.20160312~deb8u1/debian/changelog
--- sus-7.20160107~deb8u1/debian/changelog	2016-01-16 01:05:52.0 +0100
+++ sus-7.20160312~deb8u1/debian/changelog	2016-03-19 17:10:15.0 +0100
@@ -1,3 +1,20 @@
+sus (7.20160312~deb8u1) jessie; urgency=medium
+
+  * Non-maintainer upload.
+  * Rebuild for jessie.
+
+ -- Andreas Beckmann   Sat, 19 Mar 2016 17:08:44 +0100
+
+sus (7.20160312) unstable; urgency=medium
+
+  * The upstream tarball for SUSv4 TC1 changed; update checksum
+(Closes: #817819)
+  * urgency=medium since susv4 is no longer installable
+  * debian/control:
+- Bump Standards-Version to 3.9.7 (No changes needed)
+
+ -- David Weinehall   Sat, 12 Mar 2016 03:27:19 +0200
+
 sus (7.20160107~deb8u1) jessie; urgency=medium
 
   * Non-maintainer upload.
diff -Nru sus-7.20160107~deb8u1/debian/control sus-7.20160312~deb8u1/debian/control
--- sus-7.20160107~deb8u1/debian/control	2014-09-18 01:05:33.0 +0200
+++ sus-7.20160312~deb8u1/debian/control	2016-03-12 02:25:59.0 +0100
@@ -3,7 +3,7 @@
 Priority: extra
 Maintainer: David Weinehall 
 Build-Depends-Indep: debhelper (>= 9)
-Standards-Version: 3.9.6
+Standards-Version: 3.9.7
 
 Package: susv2
 Architecture: all
diff -Nru sus-7.20160107~deb8u1/debian/susv4.postinst sus-7.20160312~deb8u1/debian/susv4.postinst
--- sus-7.20160107~deb8u1/debian/susv4.postinst	2016-01-07 11:21:53.0 +0100
+++ sus-7.20160312~deb8u1/debian/susv4.postinst	2016-03-10 18:35:07.0 +0100
@@ -8,7 +8,7 @@
 wget -P $TEMPDIR http://pubs.opengroup.org/onlinepubs/9699919799/download/susv4tc1.tar.bz2
 
 echo Verifying SHA512 checksum...
-SHA512SUM="1cb8dc3db53508c1929ac17feb09a2b0722192900c685c4e66ccca01c1a1362a6a9356366c6070fd71b334ff38ba0515beaff46278e59195fc9454b5a558b577"
+SHA512SUM="a646544074cb13b891b71d83fbe65dc23665e4bce1fdef09931f3025229eb7225e2ff620f05646d48a0256d53c12c39282d155eba2d7bba3831ab1b87d7e640b"
 [ x"$(sha512sum $TEMPDIR/susv4tc1.tar.bz2 | cut -f1 -d\ )" = x"$SHA512SUM" ] || (rm -rf $TEMPDIR; exit 1)
 
 echo Untarring...

Bug#818672: jessie-pu: package pgplot5/5.2.2-19+deb8u1

2016-03-19 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Hi,

pgplot5 FTBFS in jessie due to a hardcoded non-multiarch path to
zconf.h.

This is a backport of the 5.2.2-19.1 NMU to sid excluding the spurious
addition of some .f files in debian/.


Andreas
diff -Nru pgplot5-5.2.2/debian/changelog pgplot5-5.2.2/debian/changelog
--- pgplot5-5.2.2/debian/changelog	2012-03-05 05:48:13.0 +0100
+++ pgplot5-5.2.2/debian/changelog	2016-03-19 16:11:09.0 +0100
@@ -1,3 +1,11 @@
+pgplot5 (5.2.2-19+deb8u1) jessie; urgency=medium
+
+  * Non-maintainer upload.
+  * Use multiarch path to zconf.h  (Closes: #784783)
+(thanks to Edmund Grimley Evans and Vincent McIntyre)
+
+ -- Andreas Beckmann   Sat, 19 Mar 2016 16:09:24 +0100
+
 pgplot5 (5.2.2-19) unstable; urgency=low
 
   * Change Suggests to libpng-dev instead of libpng12-dev.
diff -Nru pgplot5-5.2.2/debian/patches/linker-specific-changes pgplot5-5.2.2/debian/patches/linker-specific-changes
--- pgplot5-5.2.2/debian/patches/linker-specific-changes	2011-11-19 06:45:51.0 +0100
+++ pgplot5-5.2.2/debian/patches/linker-specific-changes	2015-09-10 18:36:43.0 +0200
@@ -5,9 +5,11 @@
 
 Last-Update: 2011-11-18
 
 a/makemake
-+++ b/makemake
-@@ -658,6 +658,8 @@
+Index: pgplot5-5.2.2/makemake
+===
+--- pgplot5-5.2.2.orig/makemake
 pgplot5-5.2.2/makemake
+@@ -658,6 +658,8 @@ CPGPLOT_LIB=$CPGPLOT_LIB
  #
  SHARED_LIB=$SHARED_LIB
  SHARED_LD=$SHARED_LD
@@ -16,7 +18,7 @@
  #
  # The libraries that the shared PGPLOT library depends upon.
  # This is for systems that allow one to specify what libraries
-@@ -667,6 +669,7 @@
+@@ -667,6 +669,7 @@ SHARED_LD=$SHARED_LD
  # libraries when they link their executables.
  #
  SHARED_LIB_LIBS=$SHARED_LIB_LIBS
@@ -24,7 +26,7 @@
  #
  # Ranlib command if required
  #
-@@ -806,7 +809,8 @@
+@@ -806,7 +809,8 @@ grexec.o: grexec.f
  # libraries.
  #---
  
@@ -34,7 +36,7 @@
  
  libpgplot.a : $(PG_ROUTINES) $(PG_NON_STANDARD) $(GR_ROUTINES) \
  	   $(DISPATCH_ROUTINE) $(DRIVERS) $(SYSTEM_ROUTINES)
-@@ -816,6 +820,16 @@
+@@ -816,6 +820,16 @@ libpgplot.a : $(PG_ROUTINES) $(PG_NON_ST
  		$(DRIVERS) $(SYSTEM_ROUTINES) | sort | uniq`
  	$(RANLIB) libpgplot.a
  
@@ -51,7 +53,7 @@
  EOD
  
  # Emit the shared library dependency if requested.
-@@ -824,7 +838,7 @@
+@@ -824,7 +838,7 @@ if test -n "$SHARED_LIB" -a -n "$SHARED_
  cat >> makefile << \EOD
  $(SHARED_LIB): $(PG_ROUTINES) $(PG_NON_STANDARD) \
  	$(GR_ROUTINES) $(DISPATCH_ROUTINE) $(DRIVERS) $(SYSTEM_ROUTINES)
@@ -60,16 +62,24 @@
  	$(PG_NON_STANDARD) $(GR_ROUTINES) $(DISPATCH_ROUTINE) \
  	$(DRIVERS) $(SYSTEM_ROUTINES) | sort | uniq` $(SHARED_LIB_LIBS)
  EOD
-@@ -1025,7 +1039,7 @@
+@@ -1019,13 +1033,15 @@ EOD
+ 
+ cat >> makefile << \EOD
+ 
++DEB_HOST_MULTIARCH=$(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
++
+ # Miscellaneous include files required by drivers
+ 
+ griv00.o : $(DRVDIR)/gadef.h $(DRVDIR)/gmdef.h $(DRVDIR)/gphdef.h
  grivas.o : $(DRVDIR)/gadef.h
  grtv00.o : $(DRVDIR)/imdef.h
  pgxwin.o : $(DRVDIR)/pgxwin.h
 -pndriv.o : ./png.h ./pngconf.h ./zlib.h ./zconf.h
-+pndriv.o : /usr/include/png.h /usr/include/pngconf.h /usr/include/zlib.h /usr/include/zconf.h
++pndriv.o : /usr/include/png.h /usr/include/pngconf.h /usr/include/zlib.h /usr/include/$(DEB_HOST_MULTIARCH)/zconf.h
  
  x2driv.o figdisp_comm.o: $(DRVDIR)/commands.h
  
-@@ -1039,6 +1053,8 @@
+@@ -1039,6 +1055,8 @@ cpg:	libcpgplot.a cpgplot.h cpgdemo
  	@echo 'will be needed.'
  	@echo ' '
  
@@ -78,7 +88,7 @@
  pgbind: $(SRC)/cpg/pgbind.c
  	$(CCOMPL) $(CFLAGC) $(SRC)/cpg/pgbind.c -o pgbind
  
-@@ -1050,6 +1066,13 @@
+@@ -1050,6 +1068,13 @@ libcpgplot.a cpgplot.h: $(PG_SOURCE) pgb
  	$(RANLIB) libcpgplot.a
  	rm -f cpg*.o

NEW changes in stable-new

2016-03-19 Thread Debian FTP Masters 
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u4_amd64.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u4_arm64.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u4_armhf.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u4_i386.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u4_mips.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u4_powerpc.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u4_ppc64el.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u5_amd64.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u5_arm64.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u5_armel.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u5_armhf.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u5_i386.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u5_mips.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u5_mipsel.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u5_powerpc.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u5_ppc64el.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u5_s390x.changes
  ACCEPT

Bug#785053: jessie-pu: package nss-pam-ldapd/0.9.4-3+deb8u1

2016-03-19 Thread Jérôme Lebleu 
On Sat, 2016-03-19 at 15:47 +0100, Adam D. Barratt wrote :
> If you're expecting the package to have magically appeared in stable
> already, that only happens at a point release. The next is planned for
> early April, as per
> https://lists.debian.org/debian-project/2016/03/msg00027.html

Thanks for those explanations, and sorry by the way for my last message.
I've misunderstanding the proposed-updates queue...

Jérôme

Bug#785053: jessie-pu: package nss-pam-ldapd/0.9.4-3+deb8u1

2016-03-19 Thread Adam D. Barratt 
On Sat, 2016-03-19 at 15:10 +0100, Jérôme Lebleu wrote:
> Hi,
> 
> On Sat, 13 Feb 2016 12:27:51 + "Adam D. Barratt"
>  wrote:
> > It was actually nearer a month, but it got uploaded and I've just
> > flagged it for acceptance.
> 
> Thanks, glad to know that things are moving on! Unfortunately, nothing
> changes on one month again... Any hope to see this bug fixed before the
> release of Stretch please? :)

I'm not really sure what you mean here. The package was uploaded to the
proposed-updates queue and accepted, and is currently available in
proposed-updates. If you're happy to install packages from there then
you're welcome to test whether the uploaded fix works for you, as per
https://www.debian.org/releases/proposed-updates

If you're expecting the package to have magically appeared in stable
already, that only happens at a point release. The next is planned for
early April, as per
https://lists.debian.org/debian-project/2016/03/msg00027.html

Regards,

Adam

Bug#785053: jessie-pu: package nss-pam-ldapd/0.9.4-3+deb8u1

2016-03-19 Thread Jérôme Lebleu 
Hi,

On Sat, 13 Feb 2016 12:27:51 + "Adam D. Barratt"
 wrote:
> It was actually nearer a month, but it got uploaded and I've just
> flagged it for acceptance.

Thanks, glad to know that things are moving on! Unfortunately, nothing
changes on one month again... Any hope to see this bug fixed before the
release of Stretch please? :)

Thank you in advance!

Jérôme

Bug#818666: transition: pypy

2016-03-19 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Hi,

looks like pypy 5.0 started a transition, the virtual package
pypy-abi-26 changed to pypy-abi-41. There are some uninstallable
rdepends now: pypy-dulwich, pypy-zmq.

Maybe it's sufficient to just binNMU them (but I didn't test this):

nmu dulwich_0.12.0-1 . ANY . -m "Rebuild against pypy 5.0"
nmu pyzmq_15.1.0-1 . ANY . -m "Rebuild against pypy 5.0"


Ben file:

title = "pypy";
is_affected = .depends ~ /pypy-abi/;
is_good = .depends ~ "pypy-abi-41";
is_bad = .depends ~ "pypy-abi-26";


Andreas

Bug#818483: nmu: haskell-network-protocol-xmpp_0.4.8-2

2016-03-19 Thread Joachim Breitner 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

in order to fix #814055 and #813078, and prevent auto-removal of
git-annex in testing, without waiting for the current Haskell
transition, I believe it should help to binNMU
haskell-network-protocol-xmpp in testing:

nmu haskell-network-protocol-xmpp_0.4.8-2 . ANY . stretch . -m "rebuild against 
libgnutls30"

Thanks,
Joachim

- -- System Information:
Debian Release: stretch/sid
  APT prefers buildd-unstable
  APT policy: (500, 'buildd-unstable'), (500, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.3.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iEYEARECAAYFAlbqwl0ACgkQ9ijrk0dDIGxXaQCgjolWPuNlRYGBsUCD3+8xG572
YlYAoKWu6krw/4yAwr6id0Q9AMkFsb6N
=jRoK
-END PGP SIGNATURE-

Processed: your mail

2016-03-19 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 813916 pending
Bug #813916 [release.debian.org] transition: gdal
Added tag(s) pending.
> tags 815260 pending
Bug #815260 [release.debian.org] transition: libpgm
Added tag(s) pending.
> tags 815931 pending
Bug #815931 [release.debian.org] transition: cfitsio
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
813916: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813916
815260: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815260
815931: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815931
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#813542: marked as done (transition: nvidia-cuda-toolkit)

2016-03-19 Thread Debian Bug Tracking System 
Your message dated Sat, 19 Mar 2016 13:03:09 +0100
with message-id <56ed3ffd.8030...@debian.org>
and subject line Re: Bug#813542: transition: nvidia-cuda-toolkit
has caused the Debian Bug report #813542,
regarding transition: nvidia-cuda-toolkit
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
813542: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813542
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Forwarded: 
https://release.debian.org/transitions/html/auto-nvidia-cuda-toolkit.html

I'd like to move nvidia-cuda-toolkit 7.0 from experimental to unstable
to make room for working on 7.5.

The rdepends have been tested with the new toolkit.
Since they cannot be autobuilt (B-D in non-free) this will require
maintainer-provided binNMUs (or sourceful uploads), we are ready to do
this.

* boinc is a false positive, it depends on a long list of cuda
  alternatives, no action required for 7.0
* starpu-contrib overlaps with the openmpi transition, but would require a
  manual binNMU/upload anyway for that
* eztrace-contrib (sid-only) may have to wait for 7.5.
* hwloc-contrib, pycuda are ready

(just verified again myself that hwloc-contrib, pycuda, starpu-contrib
successfully build with nvidia-cuda-toolkit (>= 7) (and openmpi 1.10.x))

There may be a few RMs be needed in sid since i386 is no longer
supported, but most i386 rdepends binaries should be gone already.

Ben file: the autogenerated one looks good

Andreas
--- End Message ---
--- Begin Message ---

On 03/02/16 00:23, Emilio Pozuelo Monfort wrote:

Control: tags -1 confirmed

On 02/02/16 23:58, Andreas Beckmann wrote:

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Forwarded: 
https://release.debian.org/transitions/html/auto-nvidia-cuda-toolkit.html

I'd like to move nvidia-cuda-toolkit 7.0 from experimental to unstable
to make room for working on 7.5.

The rdepends have been tested with the new toolkit.
Since they cannot be autobuilt (B-D in non-free) this will require
maintainer-provided binNMUs (or sourceful uploads), we are ready to do
this.

* boinc is a false positive, it depends on a long list of cuda
   alternatives, no action required for 7.0
* starpu-contrib overlaps with the openmpi transition, but would require a
   manual binNMU/upload anyway for that
* eztrace-contrib (sid-only) may have to wait for 7.5.
* hwloc-contrib, pycuda are ready

(just verified again myself that hwloc-contrib, pycuda, starpu-contrib
successfully build with nvidia-cuda-toolkit (>= 7) (and openmpi 1.10.x))

There may be a few RMs be needed in sid since i386 is no longer
supported, but most i386 rdepends binaries should be gone already.


Ack.


This finished a while ago. Closing.

Emilio--- End Message ---

Bug#815782: marked as done (transition: libmatio)

2016-03-19 Thread Debian Bug Tracking System 
Your message dated Sat, 19 Mar 2016 13:03:52 +0100
with message-id <56ed4028.4040...@debian.org>
and subject line Re: Bug#815782: transition: libmatio
has caused the Debian Bug report #815782,
regarding transition: libmatio
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
815782: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815782
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Control: forwarded -1 
https://release.debian.org/transitions/html/auto-libmatio.html

Dear Release Team,

Please schedule a transition for libmatio, whose new version (1.5.6-1) stands
in experimental.

All reverse deps seems to build fine, so this should normally be a smooth ride.

Cheers,

-- 
 .''`.Sébastien Villemot
: :' :Debian Developer
`. `' http://sebastien.villemot.name
  `-  GPG Key: 4096R/381A7594


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---

On 24/02/16 20:32, Sébastien Villemot wrote:

Le mercredi 24 février 2016 à 18:14 +0100, Emilio Pozuelo Monfort a
écrit :

On 24/02/16 13:36, Sébastien Villemot wrote:

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Control: forwarded -1 https://release.debian.org/transitions/html/a
uto-libmatio.html

Dear Release Team,

Please schedule a transition for libmatio, whose new version
(1.5.6-1) stands
in experimental.

All reverse deps seems to build fine, so this should normally be a
smooth ride.


Go ahead.


Uploaded.


This is done.

Emilio--- End Message ---

Bug#817184: marked as done (transition: sndio)

2016-03-19 Thread Debian Bug Tracking System 
Your message dated Sat, 19 Mar 2016 13:05:13 +0100
with message-id <56ed4079.40...@debian.org>
and subject line Re: Bug#817184: transition: sndio
has caused the Debian Bug report #817184,
regarding transition: sndio
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
817184: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817184
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

libsndio has undergone a minor SONAME bump in the latest release; there is 
however no consequential change in the public API that I'm aware of. The 
updated package is already in experimental, and all rdeps still build. There 
should be no action necessary for rdeps other than a rebuild.

There are two rdeps in common with libcdio, which also has a transition staged 
in experimental; there is no reason libsndio shouldn't wait a while if that 
makes things easier. At least one rdep would like to wait to fix an RC bug 
anyway.

For reference, reverse-dependencies of libsndio6.0 in unstable are:

 * sndiod, sndio-tools: Same source package as libsndio6.0, non-issue
 * libsdl2: maintainers would like to fix an RC bug first rather than binNMU
 * mpv, audacious-plugins: should need only a rebuild
--- End Message ---
--- Begin Message ---

On 09/03/16 12:49, Gianfranco Costamagna wrote:

Hi




Please go ahead.


done a few seconds ago.


and this is over.

Emilio--- End Message ---

Bug#761128: marked as done (transition: oce)

2016-03-19 Thread Debian Bug Tracking System 
Your message dated Sat, 19 Mar 2016 13:09:49 +0100
with message-id <56ed418d.9060...@debian.org>
and subject line Re: Bug#761128: Processed: closing 761128
has caused the Debian Bug report #761128,
regarding transition: oce
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
761128: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=761128
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: transition
Severity: normal

Hello,

I would like to upload oce 0.16 into unstable, it is currently in
experimental. This source package provides several development
libraries, their soname version have been bumped.

The following packages build-depend on oce and have been successfully
rebuilt without source changes:
  gmsh  2.8.5+dfsg-1.1
  freecad   0.14.3702+dfsg-2
  netgen4.9.13.dfsg-8

Ben file:

title = "oce";
is_affected = .build-depends ~ /liboce-.*-dev/;
is_good = .depends ~ /liboce-foundation9/;
is_bad = .depends ~ /liboce-foundation8/;

Thanks,
Denis
--- End Message ---
--- Begin Message ---

On 09/02/16 21:21, Emilio Pozuelo Monfort wrote:

Control: reopen -1

On 07/02/16 17:18, Debian Bug Tracking System wrote:

Processing commands for cont...@bugs.debian.org:


close 761128

Bug #761128 [release.debian.org] transition: oce
Marked Bug as done


This isn't finished yet; the old libraries are still in testing.


Those got out of testing. Closing.

Emilio--- End Message ---

Processed: Re: Bug#818615: jessie-pu: package gtk+2.0

2016-03-19 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + moreinfo
Bug #818615 [release.debian.org] jessie-pu: package gtk+2.0
Added tag(s) moreinfo.

-- 
818615: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818615
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#818483: nmu: haskell-network-protocol-xmpp_0.4.8-2

2016-03-19 Thread Emilio Pozuelo Monfort 

On 17/03/16 15:42, Joachim Breitner wrote:

in order to fix #814055 and #813078, and prevent auto-removal of
git-annex in testing, without waiting for the current Haskell
transition, I believe it should help to binNMU
haskell-network-protocol-xmpp in testing:

nmu haskell-network-protocol-xmpp_0.4.8-2 . ANY . stretch . -m "rebuild against 
libgnutls30"


The only architecture still at 0.4.8-2 in unstable is mips64el which is not in 
testing, so that's not a problem.


Scheduled:

https://buildd.debian.org/status/package.php?p=haskell-network-protocol-xmpp=stretch

I trust that you will look at haskell so packages can migrate again soon ;)

Cheers,
Emilio

Bug#818531: wheezy-pu: package libdatetime-timezone-perl/1.58-1+2016b

2016-03-19 Thread gregor herrmann 
Package: release.debian.org
Severity: normal
Tags: wheezy
User: release.debian@packages.debian.org
Usertags: pu

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

I've prepared an update for libdatetime-timezone-perl in wheezy with 
the data from the Olson db 2016b. As usual, the only change is a
quilt patch which adjusts the pm files containing the timezone data.

Manually stripped down debdiff attached.

Cheers,
gregor

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJW6wnoXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREMUUxMzE2RTkzQTc2MEE4MTA0RDg1RkFC
QjNBNjgwMTg2NDlBQTA2AAoJELs6aAGGSaoGHSEP+QGHXGXEt87l1ZP2LNv5ygtj
98UIOnkTM0Cnx6pWM/mT64YOMQk5HnTiBOfZvBSuayrplvGyqufSNZs4iE1eHSES
W2/2cNk+oaIT8pSs9932qgblFlGxQgWiUwCYdH4UX706xLY3KHnZNDQsIMK9r/AN
i1J4pFjvY6gvY7dNz+/QHO31/2SAvkV/PJd4gOk9l1hwbiaFtaLsXsA9di6O/Q4S
TZvbpAukAcotRwmbbLeJYVW4GF9MdBtqvjxRuiFPdLGeaWeFn4nH/rvfPVdVgBVi
OIjoBLbaYg4SkJmOgiaXAml7SkWu/3n1ncs6GvByQVF46i7bIT8Ibr8mnuUyAp+S
aFLcHUZE43F3U0FDPU7+PD4Pj54LrJOjHkPMuuAaVuF3Ead/Aj/2aSxb9Rx4t3Sy
gp+jupQ9T7dMtKZ0BMsa5ifCBAcj08g19Ek5ZgSTfn9sCPgpEUnCIrw+zljZpL7X
jrt4HDp8JxMjBgyyiBxNT7tbSSY0NdeclM8+7WVbYFEQ7JlKrf4BEkl8TiiaIWNA
TQrGM9Zxnhs1kgTMZOuBcIWqRG6VqaOH8BYuS65uHIqyXDPZUieLW+Mi/+yf8uVe
XXFXpbeRW7r40hiMNOkeHxaoBxFzBFqvlWDI9NM3sNaAcp76t0ltkGnzbih4MIEX
mNomwhA5kE9s2n03sv2B
=8qxS
-END PGP SIGNATURE-
diff -Nru libdatetime-timezone-perl-1.58/debian/changelog libdatetime-timezone-perl-1.58/debian/changelog
--- libdatetime-timezone-perl-1.58/debian/changelog	2016-02-03 20:45:11.0 +0100
+++ libdatetime-timezone-perl-1.58/debian/changelog	2016-03-17 20:35:07.0 +0100
@@ -1,3 +1,9 @@
+libdatetime-timezone-perl (1:1.58-1+2016b) UNRELEASED; urgency=medium
+
+  * Update to Olson database version 2016b.
+
+ -- gregor herrmann   Thu, 17 Mar 2016 20:34:48 +0100
+
 libdatetime-timezone-perl (1:1.58-1+2016a) wheezy; urgency=medium
 
   * Update to Olson database version 2016a.
diff -Nru libdatetime-timezone-perl-1.58/debian/patches/olson-2016b libdatetime-timezone-perl-1.58/debian/patches/olson-2016b
--- libdatetime-timezone-perl-1.58/debian/patches/olson-2016b	1970-01-01 01:00:00.0 +0100
+++ libdatetime-timezone-perl-1.58/debian/patches/olson-2016b	2016-03-17 20:35:07.0 +0100
@@ -0,0 +1,13179 @@
+Description: Update to Olson database version 2016b.
+Origin: vendor
+Author: gregor herrmann 
+Last-Update: 2016-03-17
+
+--- a/lib/DateTime/TimeZone/Africa/Abidjan.pm
 b/lib/DateTime/TimeZone/Africa/Abidjan.pm
+@@ -3,7 +3,7 @@
+ # DateTime::TimeZone module distribution in the tools/ directory
+ 
+ #
+-# Generated from debian/tzdata/africa.  Olson data version 2016a
++# Generated from debian/tzdata/africa.  Olson data version 2016b
+ #
+ # Do not edit this file directly.
+ #
+@@ -42,7 +42,7 @@
+ ],
+ ];
+ 
+-sub olson_version { '2016a' }
++sub olson_version { '2016b' }
+ 
+ sub has_dst_changes { 0 }
+ 
+--- a/lib/DateTime/TimeZone/Catalog.pm
 b/lib/DateTime/TimeZone/Catalog.pm
+@@ -182,6 +182,7 @@
+   Asia/Baghdad
+   Asia/Baku
+   Asia/Bangkok
++  Asia/Barnaul
+   Asia/Beirut
+   Asia/Bishkek
+   Asia/Brunei
+@@ -273,6 +274,7 @@
+   EST5EDT
+   Europe/Amsterdam
+   Europe/Andorra
++  Europe/Astrakhan
+   Europe/Athens
+   Europe/Belgrade
+   Europe/Berlin
+@@ -306,6 +308,7 @@
+   Europe/Stockholm
+   Europe/Tallinn
+   Europe/Tirane
++  Europe/Ulyanovsk
+   Europe/Uzhgorod
+   Europe/Vienna
+   Europe/Vilnius
+@@ -554,6 +557,7 @@
+ Baghdad
+ Baku
+ Bangkok
++Barnaul
+ Beirut
+ Bishkek
+ Brunei
+@@ -646,6 +650,7 @@
+   'Europe' => [ qw(
+ Amsterdam
+ Andorra
++Astrakhan
+ Athens
+ Belgrade
+ Berlin
+@@ -679,6 +684,7 @@
+ Stockholm
+ Tallinn
+ Tirane
++Ulyanovsk
+ Uzhgorod
+ Vienna
+ Vilnius
+@@ -766,15 +772,15 @@
+ ) ],
+   'aq' => [ qw(
+ Antarctica/McMurdo
+-Antarctica/Rothera
+-Antarctica/Palmer
+-Antarctica/Mawson
+-Antarctica/Davis
+ Antarctica/Casey
+-Antarctica/Vostok
++Antarctica/Davis
+ Antarctica/DumontDUrville
++Antarctica/Mawson
++Antarctica/Palmer
++Antarctica/Rothera
+ Antarctica/Syowa
+ Antarctica/Troll
++Antarctica/Vostok
+ ) ],
+   'ar' => [ qw(
+ America/Argentina/Buenos_Aires
+@@ -907,11 +913,11 @@
+ America/Thunder_Bay
+ America/Iqaluit
+ America/Pangnirtung
+-America/Resolute
+ America/Atikokan
+-America/Rankin_Inlet
+ America/Winnipeg
+ America/Rainy_River
++America/Resolute
++America/Rankin_Inlet
+ America/Regina
+ America/Swift_Current
+ America/Edmonton
+@@ -1425,10 +1431,13 @@
+ Europe/Moscow
+ Europe/Simferopol
+ Europe/Volgograd
++Europe/Astrakhan
+ Europe/Samara
++Europe/Ulyanovsk
+ Asia/Yekaterinburg
+ Asia/Omsk
+ Asia/Novosibirsk
++Asia/Barnaul
+ Asia/Novokuznetsk
+ Asia/Krasnoyarsk
+ Asia/Irkutsk
+@@ -1870,7 +1879,7

Bug#818549: jessie-pu: package icedtea-web/1.5.3-1

2016-03-19 Thread Moritz Muehlenhoff 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Hi,
I'd like to update icedtea-web in jessie to 1.5.3 in the next
jessie point release. This fixes two security issues (CVE-2015-5234,
CVE-2015-5235), which are not easily backportable, so I rather made
the update to the minor point update which fixes those (similar
to what we do with openjdk-7 itself).

I've tested this on a jessie with various web applets I could
find (fortunately finding these in the wild is becoming increasingly
difficult!).

The debdiff is here: https://people.debian.org/~jmm/icedtea-web.debdiff
(the actual change to the debian/ directory is just the changelog
entry bump). Ubuntu has also updated to those point bugfix updates
in USNs for a while now.

Cheers,
Moritz

NEW changes in stable-new

2016-03-19 Thread Debian FTP Masters 
Processing changes file: rdesktop_1.8.2-3+deb8u1_mips.changes
  ACCEPT

Re: Reduce required age for src:linux

2016-03-19 Thread Julien Cristau 
On Sat, Mar 19, 2016 at 03:19:20 +, Ben Hutchings wrote:

> Linux 4.4 has been kept out of testing due to regressions, most notably
> in EFI support on amd64.  These should all be resolved in the current
> unstable version, 4.4.6-1, and I would like to get this into testing as
> soon as possible, making way for 4.5 in unstable.
> 
> Please consider reducing the required age to 2 days.
> 
Done.

Cheers,
Julien

Bug#818620: jessie-pu: package cinnamon-settings-daemon/2.2.4.repack-7+deb8u1

2016-03-19 Thread Margarita Manterola 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Hi!

Moritz from the security team brought to the attention of the cinnamon team
that cinnamon-settings-daemon in stable contains a minor security issue that has
already been fixed in upstream.

This issue doesn't warrant a DSA, as it's only a circumvention of policykit
restrictions, but it would be good to fix it in a future point release.

I'm attaching the debdiff between the version currently in stable and the
proposed package for the point release.

Thanks!

-- System Information:
Debian Release: 8.2
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru cinnamon-settings-daemon-2.2.4.repack/debian/changelog cinnamon-settings-daemon-2.2.4.repack/debian/changelog
--- cinnamon-settings-daemon-2.2.4.repack/debian/changelog	2014-10-25 16:14:33.0 +0200
+++ cinnamon-settings-daemon-2.2.4.repack/debian/changelog	2016-03-18 20:32:16.0 +0100
@@ -1,3 +1,10 @@
+cinnamon-settings-daemon (2.2.4.repack-7+deb8u1) stable; urgency=medium
+
+  * Add debian/patches/csd-datetime-polkit-auth to fix a minor security bug.
+http://www.openwall.com/lists/oss-security/2015/10/28/3
+
+ -- Margarita Manterola   Fri, 18 Mar 2016 20:13:36 +0100
+
 cinnamon-settings-daemon (2.2.4.repack-7) unstable; urgency=medium
 
   [ Fabio Fantoni ]
diff -Nru cinnamon-settings-daemon-2.2.4.repack/debian/patches/csd-datetime-polkit-auth cinnamon-settings-daemon-2.2.4.repack/debian/patches/csd-datetime-polkit-auth
--- cinnamon-settings-daemon-2.2.4.repack/debian/patches/csd-datetime-polkit-auth	1970-01-01 01:00:00.0 +0100
+++ cinnamon-settings-daemon-2.2.4.repack/debian/patches/csd-datetime-polkit-auth	2016-03-18 20:32:16.0 +0100
@@ -0,0 +1,21 @@
+Description: csd-datetime forgets to authorize users
+Author: https://github.com/leigh123linux
+Origin: upstream, ac5e0be8c1817616dbdb056b6881cfc4660f57a8
+Bug: http://www.openwall.com/lists/oss-security/2015/10/28/3
+Last-Update: 2016-03-14
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: cinnamon-settings-daemon/plugins/datetime/csd-datetime-mechanism.c
+===
+--- cinnamon-settings-daemon.orig/plugins/datetime/csd-datetime-mechanism.c	2016-03-14 20:18:33.588428169 +0100
 cinnamon-settings-daemon/plugins/datetime/csd-datetime-mechanism.c	2016-03-14 20:26:56.302535208 +0100
+@@ -354,6 +354,9 @@
+ int exit_status;
+ GError *error;
+ 
++if (!_check_polkit_for_action (mechanism, context))
++return FALSE;
++
+ date_str = g_strdup_printf ("%02d/%02d/%d", month, day, year);
+ error = NULL;
+ 
diff -Nru cinnamon-settings-daemon-2.2.4.repack/debian/patches/series cinnamon-settings-daemon-2.2.4.repack/debian/patches/series
--- cinnamon-settings-daemon-2.2.4.repack/debian/patches/series	2014-10-25 16:14:33.0 +0200
+++ cinnamon-settings-daemon-2.2.4.repack/debian/patches/series	2016-03-18 20:32:16.0 +0100
@@ -2,3 +2,4 @@
 power-manager-upower-0.99-support
 calculator-mediakey.patch
 enable-3finger-tap.patch
+csd-datetime-polkit-auth

Bug#815153: marked as done (transition: libvigraimpex)

2016-03-19 Thread Debian Bug Tracking System 
Your message dated Fri, 18 Mar 2016 12:01:58 +0100
with message-id <56ebe026.4080...@debian.org>
and subject line Re: Bug#815153: transition: libvigraimpex
has caused the Debian Bug report #815153,
regarding transition: libvigraimpex
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
815153: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815153
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Hello,

I want to register a transition of libvigraimpex[1] because there are changes
in the ABI.

The new version of the package has been uploaded to experimental now,
it's 1.10.0+git20160211.167be93-1. The new binary package of the shared library
is libvigraimpex6, and there's an SONAME bump involved)[2].

But the ABI changes are related to the package in testing (1.10.0+dfsg-11). The
package currently in unstable (1.10.0+git20160120.803d5d4-1) isn't optimal, I've
missed the ABI changes (additions but not the changes are mentioned in the
changelog) and the SONAME bump[3], that doesn't happen again.

Unfortunately the old version couldn't be reuploaded nor backported for unstable
because there was a FTBFS with updated Numpy[3], maybe you have a suggestion 
what
could be done here.

There are no further ABI diffs between 1.10.0+git20160120.803d5d4-1 (unstable)
and 1.10.0+git20160211.167be93-1 (the packaging of branch 1-11-rc in 
experimental),
and we've already test build the reverse dependencies (please see [4] on that).

However, libvigraimpex currently doesn't build on all official supported archs,
I'm on this to get solved and upload one more package in experimental soon.

Thank you,
Daniel Stender

Ben file:

title = "libvigraimpex";
is_affected = .build_depends ~ "libvigraimpex-dev";
is_good = .depends ~ "libvigraimpex6";
is_bad = .depends ~ "libvigraimpex5v5";

[1]: https://packages.qa.debian.org/libv/libvigraimpex.html

[2]: http://www.danielstender.com/uploads/compat_report.html

[3]: https://bugs.debian.org/811370 (libvigraimpex: FTBFS in sid: test suite 
failure due to pynum 1.10)

[4]: https://bugs.debian.org/813415 (libvigraimpex5v5: soname bump without 
package name change)

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.3.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---

On 24/02/16 20:13, Emilio Pozuelo Monfort wrote:

Now, the transition is started but your package still fails to build on a few
release architectures. That needs fixing.


This transition just finished.

Cheers,
Emilio--- End Message ---

Bug#810568: marked as done (transition: openexr)

2016-03-19 Thread Debian Bug Tracking System 
Your message dated Fri, 18 Mar 2016 12:01:16 +0100
with message-id <56ebdffc.4050...@debian.org>
and subject line Re: Bug#810568: transition: openexr
has caused the Debian Bug report #810568,
regarding transition: openexr
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
810568: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810568
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Hi

I'd like to request a transition for openexr (and ilmbase).

Ben file:

title = "openexr";
is_affected = .depends ~ "libopenexr6v5" | .depends ~ "libopenexr6";
is_good = .depends ~ "libopenexr22";
is_bad = .depends ~ "libopenexr6v5";
--- End Message ---
--- Begin Message ---

On 09/01/16 22:59, Mathieu Malaterre wrote:

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Hi

I'd like to request a transition for openexr (and ilmbase).


These were waiting for libvigraimpex, and just finished.

Cheers,
Emilio--- End Message ---

NEW changes in oldstable-new

2016-03-19 Thread Debian FTP Masters 
Processing changes file: wireshark_1.8.2-5wheezy18_amd64.changes
  ACCEPT
Processing changes file: wireshark_1.8.2-5wheezy18_armel.changes
  ACCEPT
Processing changes file: wireshark_1.8.2-5wheezy18_armhf.changes
  ACCEPT
Processing changes file: wireshark_1.8.2-5wheezy18_i386.changes
  ACCEPT
Processing changes file: wireshark_1.8.2-5wheezy18_ia64.changes
  ACCEPT
Processing changes file: wireshark_1.8.2-5wheezy18_kfreebsd-amd64.changes
  ACCEPT
Processing changes file: wireshark_1.8.2-5wheezy18_kfreebsd-i386.changes
  ACCEPT
Processing changes file: wireshark_1.8.2-5wheezy18_mips.changes
  ACCEPT
Processing changes file: wireshark_1.8.2-5wheezy18_mipsel.changes
  ACCEPT
Processing changes file: wireshark_1.8.2-5wheezy18_powerpc.changes
  ACCEPT
Processing changes file: wireshark_1.8.2-5wheezy18_s390.changes
  ACCEPT
Processing changes file: wireshark_1.8.2-5wheezy18_s390x.changes
  ACCEPT
Processing changes file: wireshark_1.8.2-5wheezy18_sparc.changes
  ACCEPT

Processed: Re: Bug#818532: jessie-pu: package libdatetime-timezone-perl/1.75-2+2016b

2016-03-19 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + confirmed
Bug #818532 [release.debian.org] jessie-pu: package 
libdatetime-timezone-perl/1.75-2+2016b
Added tag(s) confirmed.

-- 
818532: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818532
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

NEW changes in stable-new

2016-03-19 Thread Debian FTP Masters 
Processing changes file: rdesktop_1.8.2-3+deb8u1_armel.changes
  ACCEPT
Processing changes file: rdesktop_1.8.2-3+deb8u1_armhf.changes
  ACCEPT
Processing changes file: rdesktop_1.8.2-3+deb8u1_s390x.changes
  ACCEPT