Bug#862783: marked as done (unblock: readline/7.0-3)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 05:47:00 +
with message-id <4390b264-f1e6-be87-36fb-cd4936206...@thykier.net>
and subject line Re: Bug#862783: unblock: readline/7.0-3
has caused the Debian Bug report #862783,
regarding unblock: readline/7.0-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862783: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862783
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please consider unblocking readline/7.0-3, applying two upstream updates, fixing
RC issue #852750 by one of them.
--- End Message ---
--- Begin Message ---
Matthias Klose:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please consider unblocking readline/7.0-3, applying two upstream updates, 
> fixing
> RC issue #852750 by one of them.
> 

Unblocked, thanks.

~Niels--- End Message ---

Bug#862784: marked as done (unblock: debian-edu-config/1.927)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 05:45:00 +
with message-id <04bf09a8-2c2a-7b0a-ba2b-0850a3438...@thykier.net>
and subject line Re: Bug#862784: unblock: debian-edu-config/1.927
has caused the Debian Bug report #862784,
regarding unblock: debian-edu-config/1.927
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862784: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862784
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
x-debbugs-cc: debian-...@lists.debian.org

Please unblock package debian-edu-config to fix the serious bug #862652 which
is a broken exim4 configuration due the security update for CVE-2016-151 in
exim4. Additional changes are minor cleanups to our testsuite.

unblock debian-edu-config/1.927

The full changelog is:

debian-edu-config (1.927) unstable; urgency=medium

  [ Wolfgang Schweer ]
  * Fix broken exim4 configuration, enable security. (Closes: #862652).
- Add usr/share/debian-edu-config/tools/exim4-create-cert.
- Add usr/share/debian-edu-config/tools/exim4-create-environment.
- Adjust cf/cf.exim to use both scripts.
- Adjust etc/exim4/exim-ldap-server-v4.conf.
  + Make it work after the exim4 security fix for CVE-2016-1531.
  + Improve security: create certificate to enable TLS, re-enable
identity check via Kerberos; now only system mail to postmaster
is enabled unconditionally; see #794602.
  * Fix typo in testsuite/network to use the correct LTSP-Server profile name.
  * Drop ddcprobe and ddccontrol related code from testsuite/hardware.
- ddcprobe is part of the package xresprobe, not available in stretch.
- ddccontrol belongs to package ddccontrol (monitor database unmaintained
  since > 10 years) which isn't installed by default.

 -- Holger Levsen   Mon, 15 May 2017 18:15:45 +0200

$ debdiff debian-edu-config_1.926.dsc debian-edu-config_1.927.dsc|diffstat
 cf/cf.exim |5 +++
 debian/changelog   |   20 ++
 etc/exim4/exim-ldap-server-v4.conf |   17 +++-
 share/debian-edu-config/tools/exim4-create-cert|   23 +
 share/debian-edu-config/tools/exim4-create-environment |   18 +
 testsuite/hardware |8 -
 testsuite/network  |2 -
 7 files changed, 82 insertions(+), 11 deletions(-)

The full debdiff is attached.

Thanks for your work on Stretch!


-- 
cheers,
Holger
diff -Nru debian-edu-config-1.926/cf/cf.exim debian-edu-config-1.927/cf/cf.exim
--- debian-edu-config-1.926/cf/cf.exim	2017-01-13 13:11:08.0 +0100
+++ debian-edu-config-1.927/cf/cf.exim	2017-05-15 12:24:33.0 +0200
@@ -16,6 +16,11 @@
 shellcommands:
 
 
+  debian.server.installation::
+
+  "/usr/share/debian-edu-config/tools/exim4-create-cert"
+  "/usr/share/debian-edu-config/tools/exim4-create-environment"
+
   debian.installation::
 
 "/usr/sbin/exim4 -qff"
diff -Nru debian-edu-config-1.926/debian/changelog debian-edu-config-1.927/debian/changelog
--- debian-edu-config-1.926/debian/changelog	2017-04-27 19:23:11.0 +0200
+++ debian-edu-config-1.927/debian/changelog	2017-05-15 18:15:45.0 +0200
@@ -1,3 +1,23 @@
+debian-edu-config (1.927) unstable; urgency=medium
+
+  [ Wolfgang Schweer ]
+  * Fix broken exim4 configuration, enable security. (Closes: #862652).
+- Add usr/share/debian-edu-config/tools/exim4-create-cert.
+- Add usr/share/debian-edu-config/tools/exim4-create-environment.
+- Adjust cf/cf.exim to use both scripts.
+- Adjust etc/exim4/exim-ldap-server-v4.conf.
+  + Make it work after the exim4 security fix for CVE-2016-1531.
+  + Improve security: create certificate to enable TLS, re-enable
+identity check via Kerberos; now only system mail to postmaster
+is enabled unconditionally; see #794602.
+  * Fix typo in testsuite/network to use the correct LTSP-Server profile name.
+  * Drop ddcprobe and ddccontrol related code from testsuite/hardware.
+- ddcprobe is part of the package xresprobe, not available in stretch.
+- ddccontrol belongs to package ddccontrol (monitor database unmaintained
+  since > 10 years) which isn't installed by default.
+
+ -- Holger Levsen   Mon, 15 May 2017 18:15:45 +0200
+
 debian-edu-config (1.926) unstable; urgency=medium
 
   [ Holger

Bug#862746: marked as done (unblock: simple-cdd/0.6.5)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 05:41:00 +
with message-id <1b92d737-1951-9c2f-3ea2-e8c6881c3...@thykier.net>
and subject line Re: Bug#862746: unblock: simple-cdd/0.6.5
has caused the Debian Bug report #862746,
regarding unblock: simple-cdd/0.6.5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862746: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862746
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: debian-b...@lists.debian.org, 
simple-cdd-de...@lists.alioth.debian.org

Thanks for all your work on the Release Team!

Please unblock package simple-cdd

With the recent announcement shutting down public FTP services:

  https://lists.debian.org/debian-announce/2017/msg1.html

This requires some significant changes in simple-cdd, as simple-cdd
relied on Debian's FTP mirrors for downloading files discovered by FTP
directory listing.

Now simple-cdd uses http://deb.debian.org/debian/extrafiles, an
inline-signed list of checksums for various content in the archive
(notably, tools/*, docs/*). This also allows signature and checksum
verification of all downloaded files, which is a huge security
improvement.

The default mirror is now switched to deb.debian.org using the http
protocol.


A fix was added to add packages of priority required, important and
standard from security, updates and proposed-updates repositories to
the locally generated repository. Otherwise packages with strict
versioned dependencies would end up uninstallable (e.g. vim-tiny
depends on vim-common ( =$version), but only vim-common would get
updated, resulting in vim-tiny being uninstallable).


Kernel selection for i386 on jessie and stretch also required
updating, as the linux-image-486 packages were removed from the
archive.


No changes were made to the simple-cdd-profiles udeb, so should not
have any impact on debian-installer.


diff -Nru simple-cdd-0.6.4/build-simple-cdd simple-cdd-0.6.5/build-simple-cdd
--- simple-cdd-0.6.4/build-simple-cdd   2017-01-16 13:40:32.0 -0800
+++ simple-cdd-0.6.5/build-simple-cdd   2017-05-15 13:21:24.0 -0700
@@ -235,7 +235,11 @@
 for a in self.env.get("ARCHES"):
 if a == "alpha": self.env.append("kernel_packages", 
kernel_base + "alpha-generic")
 elif a == "armhf": self.env.append("kernel_packages", 
kernel_base + "armmp")
-elif a == "i386": self.env.append("kernel_packages", 
kernel_base + "486")
+elif a == "i386":
+if self.env.get("CODENAME") == "jessie":
+self.env.append("kernel_packages", kernel_base + 
"586")
+else:
+self.env.append("kernel_packages", kernel_base + 
"686")
 elif a == "sparc": self.env.append("kernel_packages", 
kernel_base + "sparc64")
 elif a in ("amd64", "arm64", "sparc64") or 
a.startswith("powerpc") or a.startswith("s390"):
 self.env.append("kernel_packages", kernel_base + a)
diff -Nru simple-cdd-0.6.4/debian/changelog simple-cdd-0.6.5/debian/changelog
--- simple-cdd-0.6.4/debian/changelog   2017-01-17 15:10:07.0 -0800
+++ simple-cdd-0.6.5/debian/changelog   2017-05-15 14:10:37.0 -0700
@@ -1,3 +1,22 @@
+simple-cdd (0.6.5) unstable; urgency=medium
+
+  [ Vagrant Cascadian ]
+  * Switch to using urllib instead of calling wget.
+- Only re-download files if known checksums do not match.
+- Explicitly set http_proxy in the environment.
+- Verify "mirror_files" to download with archive's "extrafiles", a
+  signed list of checksums.
+- Switch default mirror to deb.debian.org and default protocol to
+  http (Closes: #861198).
+- Many thanks to Enrico Zini for code review and improvements.
+  * Update kernel package selection for i386.
+  * Add stanzas to pull in required, important and standard packages for
+security, updates and proposed-updates when enabled.
+  * Fix bug causing tracebacks when checksum or file size verifications
+fail.
+
+ -- Vagrant Cascadian   Mon, 15 May 2017 14:10:37 -0700
+
 simple-cdd (0.6.4) unstable; urgency=medium
 
   [ Vagrant Cascadian ]
diff -Nru simple-cdd-0.6.4/profiles/ltsp.downloads 
simple-cdd-0.6.5/profiles/ltsp.downloads
--- simple-cdd-0.6.4/profiles/ltsp.downloads2016-07-21 10:03:54.0 
-0700
+++ simple-cdd-0.6.5/profiles/ltsp.downloads

Processed: Re: Bug#862693: unblock: postfix/3.1.4-5

2017-05-16 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 moreinfo
Bug #862693 [release.debian.org] unblock: postfix/3.1.4-5
Added tag(s) moreinfo.

-- 
862693: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862693
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862693: unblock: postfix/3.1.4-5

2017-05-16 Thread Niels Thykier 
Control: tags -1 moreinfo

Scott Kitterman:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package postfix
> 
> This upload fixes two significant bugs and makes it possible for a user to
> recover from a third without hand editing configuration files:
> 
> 1.  Postfix-cdb will no longer fail to work after upgrade from jessie due to
> upgrade ordering issues.
> 
> 2.  Postfix should wait to start until the network and DNS are actually
> available, so it won't fail to start on boot.
> 
> 3.  If an upgrade is performed from a not fully updated system and the
> dynamic maps locations are incorred in dynamicmaps.cf, dpkg-reconfigure
> postfix (and whatever postfix map types are installed) will fix it.
> 
> Note: The last one will be followed by a bug to release-notes to mention this
> (it seems way better than a release note explaining how to hand edit files).
> 
> unblock postfix/3.1.4-5
> 

Hi,

Thanks for working on fixing postfix.

One remark / question about the following snippet:

"""
-
+if dpkg --compare-versions $new lt 3.1.4-5~; then
+# This turned out to be the wrong way to solve the problem.
+rm -rf /etc/systemd/system/postfix.service.d
+fi
"""


Given the script only seemed to create
/etc/systemd/system/postfix.service.d/override.conf, shouldn't it only
remove that file (and possibly the directory iff it is empty)?  Also,
what if the admin has changed the file locally?

Thanks,
~Niels

Bug#862713: marked as done (unblock: nodm/0.13-1.3)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 05:28:00 +
with message-id <5de4c890-844e-d127-eb1d-ebf8e6166...@thykier.net>
and subject line Re: Bug#862713: unblock: nodm/0.13-1.3
has caused the Debian Bug report #862713,
regarding unblock: nodm/0.13-1.3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862713: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862713
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package nodm. This fixes RC bug #861771, and also fixes two
normal-severity bugs that seemed straightforward and low-risk.

unblock nodm/0.13-1.3

Here is a breakdown of the diffstat:

> patches/nodm.service-Don-t-respawn-or-fail-if-disabled-in-et.patch |   28 
> ++
> patches/series |1¯

Fixes #861771 (grave) on systemd-booted systems

> nodm.init  |5 -

Fixes #861717 (normal, although perhaps should be higher severity) and
maybe also #770219 (normal), both on non-systemd-booted systems, by removing
dead code

> nodm.postinst  |2¯

Fixes #861899 (normal) by adding >&2 to one line

Thanks for considering,
S
--- End Message ---
--- Begin Message ---
Simon McVittie:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package nodm. This fixes RC bug #861771, and also fixes two
> normal-severity bugs that seemed straightforward and low-risk.
> 
> unblock nodm/0.13-1.3
> 
> Here is a breakdown of the diffstat:
> 
>> patches/nodm.service-Don-t-respawn-or-fail-if-disabled-in-et.patch |   28 
>> ++
>> patches/series |1¯
> 
> Fixes #861771 (grave) on systemd-booted systems
> 
>> nodm.init  |5 -
> 
> Fixes #861717 (normal, although perhaps should be higher severity) and
> maybe also #770219 (normal), both on non-systemd-booted systems, by removing
> dead code
> 
>> nodm.postinst  |2¯
> 
> Fixes #861899 (normal) by adding >&2 to one line
> 
> Thanks for considering,
> S
> 


Unblocked, thanks.

~Niels--- End Message ---

Bug#862243: marked as done (unblock: linux/4.9.25-1)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 05:25:00 +
with message-id <8a496a67-e98c-74ee-4836-3badfef76...@thykier.net>
and subject line Re: Bug#862243: unblock: linux/4.9.25-1
has caused the Debian Bug report #862243,
regarding unblock: linux/4.9.25-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862243: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862243
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi

Please unblock package linux

The update includes stable releases 4.9.19 up to 4.9.25 with many
improvements, bugfixes, security issues fixed. On top of the stable
release the following additional changes were made:

>   [ Ben Hutchings ]
>   * w1: Really enable W1_MASTER_GPIO as module (Closes: #858975)
>   * debian/rules.real: Undefine $LANGUAGE, which can break debug symbols for
> vDSOs (Closes: #859807)
>   * Bump ABI to 3
>   * [s390x] Set NR_CPUS=256 (Closes: #858731)
>   * [x86] usbip: Increase USBIP_VHCI_NR_HCS to 8 and USBIP_VHCI_HC_PORTS to 31
> (Closes: #859641)
>   * [powerpc/powerpc64,ppc64*] target: Enable SCSI_IBMVSCSIS as module
>   * cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores
> (Closes: #859978)
>   * udeb: Include all AHCI drivers in sata-modules (Closes: #860335)
>   * [powerpc/powerpc64,ppc64] Set NR_CPUS=2048, matching ppc64el
>   * [powerpc*/*64*] Enable CPUMASK_OFFSTACK to reduce stack usage
>   * [mips*el/loongson-3] Set NR_CPUS=16 to allow for Loongson 3B2000
>   * [mips*/octeon] Set NR_CPUS=64 to allow for Cavium CN7890
>   * [arm64] Set NR_CPUS=256 to allow for multi-SoC systems (Closes: #861209)
>   * [powerpc/powerpc-smp,powerpcspe] Explicitly set NR_CPUS=4
>   * Move debug symbols back to the main archive, to avoid problems with the
> current handling in dak
>   * linux-image: Disable signing until it's supported in dak
>   * [rt] Update to 4.9.20-rt16:
> - rtmutex: Make lock_killable work
> - rtmutex: Provide rt_mutex_lock_state()
> - rtmutex: Provide locked slowpath
> - rwsem/rt: Lift single reader restriction
>   * PCI: Enable PCIE_PTM (except on armel/marvell)
>   * 6lowpan: Enable Generic Header Compression modules
>   * net/sched: Enable NET_ACT_SKBMOD as module
>   * ethernet: Enable NFP_NETVF as module
>   * net/phy: Enable MICROSEMI_PHY as module
>   * input/tablet: Enable TABLET_USB_PEGASUS as module
>   * [x86] input/touchscreen: Enable TOUCHSCREEN_SURFACE3_SPI as module
>   * serial/8250: Enable SERIAL_8250_MOXA as module
>   * [x86] gpio: Enable GPIO_AMDPT as module
>   * [x86] thermal: Enable INT3406_THERMAL as module
>   * watchdog: Enable WATCHDOG_SYSFS
>   * integrity: Enable IMA, IMA_DEFAULT_HASH_SHA256, IMA_APPRAISE,
> IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY, IMA_BLACKLIST_KEYRING
> (except on armel/marvell) (Closes: #788290)
>   * media: Enable VIDEO_TW5864, VIDEO_TW686X as modules
>   * [x86] amdgpu,sound/soc: Enable DRM_AMD_ACP; enable SND_SOC_AMD_ACP as 
> module
>   * hda: Set SND_HDA_PREALLOC_SIZE=2048 as recommended for PulseAudio
>   * HID: Enable HID_SENSOR_CUSTOM_SENSOR as module
>   * leds,USB: Enable USB_LEDS_TRIGGER_USBPORT as module
>   * usbip: Enable USBIP_VUDC as module
>   * USB/misc: Enable UCSI as module
>   * leds: Enable LEDS_TRIGGER_DISK, LEDS_TRIGGER_MTD, LEDS_TRIGGER_PANIC
>   * IB: Enable INFINIBAND_HFI1, INFINIBAND_I40IW, INFINIBAND_QEDR, RDMA_RXE
> as modules
>   * [amd64] EDAC: Enable EDAC_SKX as module
>   * [x86] comedi: Enable COMEDI_ADV_PCI1720, COMEDI_ADV_PCI1760 as modules
>   * [x86] platform: Enable INTEL_HID_EVENT as module
>   * [x86] hwtracing: Enable INTEL_TH, INTEL_TH_PCI, INTEL_TH_GTH, 
> INTEL_TH_MSU,
> INTEL_TH_PTI as modules
>   * [rt] tracing: Enable HWLAT_TRACER
>   * [x86] crypto: Enable CRYPTO_DEV_QAT_C3XXX, CRYPTO_DEV_QAT_C62X,
> CRYPTO_DEV_QAT_C3XXXVF, CRYPTO_DEV_QAT_C62XVF as modules
>   * crypto: Enable CRYPTO_DEV_CHELSIO as module
>   * [arm64] Enable ARMV8_DEPRECATED, SWP_EMULATION, CP15_BARRIER_EMULATION,
> SETEND_EMULATION (Closes: #861384)
>   * udeb: Add tifm_7xx1 to mmc-modules (Closes: #861195)
>   * leds: Enable LEDS_GPIO as module for all configurations with GPIOs
> (Closes: #860569)
>   * selinux: Set SECURITY_SELINUX_CHECKREQPROT_VALUE=0, per default.
> This may break some old applications if SELinux is enabled, and can be
> reverted using the kernel parameter: checkreqprot=1
>   * udeb: Move mfd-core to kernel-image, as both input-modules and
>

Bug#862220: marked as done (unblock: at-spi2-core/2.22.0-6)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 05:26:00 +
with message-id <4e0f9df4-7401-0464-2563-f56652faf...@thykier.net>
and subject line Re: Bug#862220: unblock: at-spi2-core/2.22.0-6
has caused the Debian Bug report #862220,
regarding unblock: at-spi2-core/2.22.0-6
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862220: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862220
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello,

Upstream of at-spi has released some serious fixes for at-spi2-core,
which I have uploaded as at-spi2-core 2.22.0-6, and attached to this
mail.

git-329ef2c4ebcb3aec6dcfcac15357fd583a60c969 is reported to help fixing
https://bugzilla.gnome.org/show_bug.cgi?id=767074
Orca would sometimes hang or crash when closing an application, thus
leaving blind users without access to the computer, and have to restart
Orca blindly.  It seems there are still some cases where the crash
happens, but only after upgrading at-spi2-atk to version 2.24, which we
do not have in Debian yet.

git-eba079f3e72e61e6b55d81727ab50c85d505d296 fixes crashes in Orca too
when getting the Position property fails.

These would probably help with the grave orca Bug#862008

Samuel

unblock at-spi2-core/2.22.0-6

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), 
(500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 
'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- 
Samuel
 Battery 1: charging, 90%, charging at zero rate - will never fully charge.
 -+- acpi - et pourtant, ca monte -+-
diff -Nru at-spi2-core-2.22.0/debian/changelog 
at-spi2-core-2.22.0/debian/changelog
--- at-spi2-core-2.22.0/debian/changelog2016-12-27 19:14:48.0 
+0100
+++ at-spi2-core-2.22.0/debian/changelog2017-05-09 21:44:08.0 
+0200
@@ -1,3 +1,13 @@
+at-spi2-core (2.22.0-6) unstable; urgency=medium
+
+  * patches/git-329ef2c4ebcb3aec6dcfcac15357fd583a60c969:
+clear root accessible's ref to the app, fixes Orca sometimes hanging when
+apps are quit.
+  * patches/git-eba079f3e72e61e6b55d81727ab50c85d505d296:
+atspi_table_cell_get_position: don't crash on error
+
+ -- Samuel Thibault   Tue, 09 May 2017 21:44:08 +0200
+
 at-spi2-core (2.22.0-5) unstable; urgency=medium
 
   * patches/register-client-early: Replace by upstream proposed fix:
diff -Nru 
at-spi2-core-2.22.0/debian/patches/git-329ef2c4ebcb3aec6dcfcac15357fd583a60c969 
at-spi2-core-2.22.0/debian/patches/git-329ef2c4ebcb3aec6dcfcac15357fd583a60c969
--- 
at-spi2-core-2.22.0/debian/patches/git-329ef2c4ebcb3aec6dcfcac15357fd583a60c969 
1970-01-01 01:00:00.0 +0100
+++ 
at-spi2-core-2.22.0/debian/patches/git-329ef2c4ebcb3aec6dcfcac15357fd583a60c969 
2017-05-09 21:44:08.0 +0200
@@ -0,0 +1,20 @@
+commit 329ef2c4ebcb3aec6dcfcac15357fd583a60c969
+Author: Mike Gorse 
+Date:   Tue Jan 24 18:10:52 2017 -0600
+
+atspi_application_dispose: clear root accessible's ref to the app
+
+Hoping that this might fix 
https://bugzilla.gnome.org/show_bug.cgi?id=767074
+
+diff --git a/atspi/atspi-application.c b/atspi/atspi-application.c
+index 65cabdc..f7dd225 100644
+--- a/atspi/atspi-application.c
 b/atspi/atspi-application.c
+@@ -58,6 +58,7 @@ atspi_application_dispose (GObject *object)
+ 
+   if (application->root)
+   {
++g_clear_object (>root->parent.app);
+ g_object_unref (application->root);
+ application->root = NULL;
+   }
diff -Nru 
at-spi2-core-2.22.0/debian/patches/git-eba079f3e72e61e6b55d81727ab50c85d505d296 
at-spi2-core-2.22.0/debian/patches/git-eba079f3e72e61e6b55d81727ab50c85d505d296
--- 
at-spi2-core-2.22.0/debian/patches/git-eba079f3e72e61e6b55d81727ab50c85d505d296 
1970-01-01 01:00:00.0 +0100
+++ 
at-spi2-core-2.22.0/debian/patches/git-eba079f3e72e61e6b55d81727ab50c85d505d296 
2017-05-09 21:42:44.0 +0200
@@ -0,0 +1,24 @@
+commit eba079f3e72e61e6b55d81727ab50c85d505d296
+Author: Mike Gorse 
+Date:   Mon Mar 27 12:57:35 2017 -0500
+
+atspi_table_cell_get_position: don't crash on error
+
+diff --git

Bug#862219: marked as done (unblock: at-spi2-atk/2.22.0-2)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 05:25:00 +
with message-id <94cd9eec-7de1-5b94-26ac-febb140dd...@thykier.net>
and subject line Re: Bug#862219: unblock: at-spi2-atk/2.22.0-2
has caused the Debian Bug report #862219,
regarding unblock: at-spi2-atk/2.22.0-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862219: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862219
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello,

Upstream of at-spi has released some serious fixes for at-spi2-atk,
which I have uploaded as at-spi2-atk 2.22.0-2, and attached to this
mail.

git-7cdc1f91c9802b0b8ecd2afea38c1717b1921736 fixes a memory corruption
reported by valgrind, which could make basically any application crash
when the Orca screen reader is running, when processing events. It does
so by just using the right glib function for what the buggy code meant
to do.

git-8d3cc68f7bc62c7015d986212be0d5d776920ee2 fixes memory references
after dropping a refcount from the object (thus potentially freed), also
leading to potential crash of any application when the Orca screen
reader is running.

unblock at-spi2-atk/2.22.0-2

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), 
(500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 
'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- 
Samuel
if (argc > 1 && strcmp(argv[1], "-advice") == 0) {
printf("Don't Panic!\n");
exit(42);
}
-- Arnold Robbins in the LJ of February '95, describing RCS
diff -Nru at-spi2-atk-2.22.0/debian/changelog 
at-spi2-atk-2.22.0/debian/changelog
--- at-spi2-atk-2.22.0/debian/changelog 2016-10-01 22:09:42.0 +0200
+++ at-spi2-atk-2.22.0/debian/changelog 2017-05-09 21:35:33.0 +0200
@@ -1,3 +1,12 @@
+at-spi2-atk (2.22.0-2) unstable; urgency=medium
+
+  * patches/git-7cdc1f91c9802b0b8ecd2afea38c1717b1921736: Fix GList handling
+resulting in memory corruption.
+  * patches/git-8d3cc68f7bc62c7015d986212be0d5d776920ee2: Fix use after free
+when returned objects hold only one ref.
+
+ -- Samuel Thibault   Tue, 09 May 2017 21:35:33 +0200
+
 at-spi2-atk (2.22.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru 
at-spi2-atk-2.22.0/debian/patches/git-7cdc1f91c9802b0b8ecd2afea38c1717b1921736 
at-spi2-atk-2.22.0/debian/patches/git-7cdc1f91c9802b0b8ecd2afea38c1717b1921736
--- 
at-spi2-atk-2.22.0/debian/patches/git-7cdc1f91c9802b0b8ecd2afea38c1717b1921736  
1970-01-01 01:00:00.0 +0100
+++ 
at-spi2-atk-2.22.0/debian/patches/git-7cdc1f91c9802b0b8ecd2afea38c1717b1921736  
2017-05-09 21:35:33.0 +0200
@@ -0,0 +1,101 @@
+commit 7cdc1f91c9802b0b8ecd2afea38c1717b1921736
+Author: Rui Matos 
+Date:   Mon Apr 24 14:39:05 2017 +0200
+
+atk-adaptor/bridge: Fix GList handling resulting in memory corruption
+
+As pointed out by this valgrind log:
+
+==2809== Thread 1:
+==2809== Invalid write of size 8
+==2809==at 0x18FCF001: remove_events (bridge.c:759)
+==2809==by 0x18FCF001: handle_event_listener_deregistered 
(bridge.c:788)
+==2809==by 0x18FCF001: signal_filter (bridge.c:827)
+==2809==by 0x200ECDFD: dbus_connection_dispatch 
(dbus-connection.c:4631)
+==2809==by 0x1FEBD0F4: ??? (in /usr/lib64/libatspi.so.0.0.1)
+==2809==by 0xFD8D4C8: g_main_dispatch (gmain.c:3201)
+==2809==by 0xFD8D4C8: g_main_context_dispatch (gmain.c:3854)
+==2809==by 0xFD8D817: g_main_context_iterate.isra.21 (gmain.c:3927)
+==2809==by 0xFD8DAE9: g_main_loop_run (gmain.c:4123)
+==2809==by 0xDFF84B4: gtk_main (in /usr/lib64/libgtk-3.so.0.2200.10)
+==2809==by 0x403DE0: main (in /usr/bin/evolution)
+==2809==  Address 0x29f22540 is 16 bytes inside a block of size 24 free'd
+==2809==at 0x4C2ACDD: free (vg_replace_malloc.c:530)
+==2809==by 0xFD92BCD: g_free (gmem.c:189)
+==2809==by 0xFDAA518: g_slice_free1 (gslice.c:1136)
+==2809==by 0xFD89463: g_list_remove (glist.c:521)
+==2809==by 0x18FCF000: remove_events

Bug#862746: unblock: simple-cdd/0.6.5

2017-05-16 Thread Cyril Brulebois 
Vagrant Cascadian  (2017-05-16):
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: debian-b...@lists.debian.org, 
> simple-cdd-de...@lists.alioth.debian.org
> 
> Thanks for all your work on the Release Team!
> 
> Please unblock package simple-cdd
> 
> With the recent announcement shutting down public FTP services:
> 
>   https://lists.debian.org/debian-announce/2017/msg1.html
> 
> This requires some significant changes in simple-cdd, as simple-cdd
> relied on Debian's FTP mirrors for downloading files discovered by FTP
> directory listing.
> 
> Now simple-cdd uses http://deb.debian.org/debian/extrafiles, an
> inline-signed list of checksums for various content in the archive
> (notably, tools/*, docs/*). This also allows signature and checksum
> verification of all downloaded files, which is a huge security
> improvement.

The introduction of this file is indeed great news.

[…]

> No changes were made to the simple-cdd-profiles udeb, so should not
> have any impact on debian-installer.

ACK. TBF I was surprised to even get this mail in the first place. ;)

[Reminds me I really should try simple-cdd one day, but too many birds,
too little time.]


KiBi.


signature.asc
Description: Digital signature

Bug#862784: unblock: debian-edu-config/1.927

2017-05-16 Thread Holger Levsen 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
x-debbugs-cc: debian-...@lists.debian.org

Please unblock package debian-edu-config to fix the serious bug #862652 which
is a broken exim4 configuration due the security update for CVE-2016-151 in
exim4. Additional changes are minor cleanups to our testsuite.

unblock debian-edu-config/1.927

The full changelog is:

debian-edu-config (1.927) unstable; urgency=medium

  [ Wolfgang Schweer ]
  * Fix broken exim4 configuration, enable security. (Closes: #862652).
- Add usr/share/debian-edu-config/tools/exim4-create-cert.
- Add usr/share/debian-edu-config/tools/exim4-create-environment.
- Adjust cf/cf.exim to use both scripts.
- Adjust etc/exim4/exim-ldap-server-v4.conf.
  + Make it work after the exim4 security fix for CVE-2016-1531.
  + Improve security: create certificate to enable TLS, re-enable
identity check via Kerberos; now only system mail to postmaster
is enabled unconditionally; see #794602.
  * Fix typo in testsuite/network to use the correct LTSP-Server profile name.
  * Drop ddcprobe and ddccontrol related code from testsuite/hardware.
- ddcprobe is part of the package xresprobe, not available in stretch.
- ddccontrol belongs to package ddccontrol (monitor database unmaintained
  since > 10 years) which isn't installed by default.

 -- Holger Levsen   Mon, 15 May 2017 18:15:45 +0200

$ debdiff debian-edu-config_1.926.dsc debian-edu-config_1.927.dsc|diffstat
 cf/cf.exim |5 +++
 debian/changelog   |   20 ++
 etc/exim4/exim-ldap-server-v4.conf |   17 +++-
 share/debian-edu-config/tools/exim4-create-cert|   23 +
 share/debian-edu-config/tools/exim4-create-environment |   18 +
 testsuite/hardware |8 -
 testsuite/network  |2 -
 7 files changed, 82 insertions(+), 11 deletions(-)

The full debdiff is attached.

Thanks for your work on Stretch!


-- 
cheers,
Holger
diff -Nru debian-edu-config-1.926/cf/cf.exim debian-edu-config-1.927/cf/cf.exim
--- debian-edu-config-1.926/cf/cf.exim	2017-01-13 13:11:08.0 +0100
+++ debian-edu-config-1.927/cf/cf.exim	2017-05-15 12:24:33.0 +0200
@@ -16,6 +16,11 @@
 shellcommands:
 
 
+  debian.server.installation::
+
+  "/usr/share/debian-edu-config/tools/exim4-create-cert"
+  "/usr/share/debian-edu-config/tools/exim4-create-environment"
+
   debian.installation::
 
 "/usr/sbin/exim4 -qff"
diff -Nru debian-edu-config-1.926/debian/changelog debian-edu-config-1.927/debian/changelog
--- debian-edu-config-1.926/debian/changelog	2017-04-27 19:23:11.0 +0200
+++ debian-edu-config-1.927/debian/changelog	2017-05-15 18:15:45.0 +0200
@@ -1,3 +1,23 @@
+debian-edu-config (1.927) unstable; urgency=medium
+
+  [ Wolfgang Schweer ]
+  * Fix broken exim4 configuration, enable security. (Closes: #862652).
+- Add usr/share/debian-edu-config/tools/exim4-create-cert.
+- Add usr/share/debian-edu-config/tools/exim4-create-environment.
+- Adjust cf/cf.exim to use both scripts.
+- Adjust etc/exim4/exim-ldap-server-v4.conf.
+  + Make it work after the exim4 security fix for CVE-2016-1531.
+  + Improve security: create certificate to enable TLS, re-enable
+identity check via Kerberos; now only system mail to postmaster
+is enabled unconditionally; see #794602.
+  * Fix typo in testsuite/network to use the correct LTSP-Server profile name.
+  * Drop ddcprobe and ddccontrol related code from testsuite/hardware.
+- ddcprobe is part of the package xresprobe, not available in stretch.
+- ddccontrol belongs to package ddccontrol (monitor database unmaintained
+  since > 10 years) which isn't installed by default.
+
+ -- Holger Levsen   Mon, 15 May 2017 18:15:45 +0200
+
 debian-edu-config (1.926) unstable; urgency=medium
 
   [ Holger Levsen ]
diff -Nru debian-edu-config-1.926/etc/exim4/exim-ldap-server-v4.conf debian-edu-config-1.927/etc/exim4/exim-ldap-server-v4.conf
--- debian-edu-config-1.926/etc/exim4/exim-ldap-server-v4.conf	2016-05-18 19:44:48.0 +0200
+++ debian-edu-config-1.927/etc/exim4/exim-ldap-server-v4.conf	2017-05-15 12:54:29.0 +0200
@@ -7,8 +7,20 @@
 # Upgrade from v3 version by Maximilian Wilhelm 
 #  -- Sat, 11 Jun 2005 02:44:08 +0200
 #
+# Adjusted to work after the exim4 security fix for CVE-2016-1531.
+# Also improve security some more: enable TLS, re-enable identity check;
+# only system mail to postmaster is enabled unconditionally; see #794602.
+# -- Wolfgang Schweer , 2017-05-13.
 
 ##
+keep_environment = KRB5_KTNAME : PWD : ^LDAP
+tls_advertise_hosts = *
+tls_certificate = /etc/exim4/exim.crt

Bug#862785: unblock: apt/1.4.4

2017-05-16 Thread Julian Andres Klode 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package apt

Follow up to 1.4.2 and 1.4.3 that fixes odd shell parsing
stuff for the lock file descriptor ($LOCKFD>&- was parsed
as $LOCKFD >&- -- see #862567). This caused unattended-upgrades
to crash, as it could not write output.

You'll find that the locking code is now much nicer to look
at than in 1.4.2.

(Diff against 1.4.1 with -w, and full against 1.4.3
 attached)

unblock apt/1.4.4

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (900, 'unstable'), (500, 'unstable-debug'), (500, 
'buildd-unstable'), (500, 'testing'), (100, 'experimental'), (1, 
'experimental-debug')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

-- 
Debian Developer - deb.li/jak | jak-linux.org - free software dev
  |  Ubuntu Core Developer |
When replying, only quote what is necessary, and write each reply
directly below the part(s) it pertains to ('inline').  Thank you.
diff -Nru -w apt-1.4.1/CMakeLists.txt apt-1.4.4/CMakeLists.txt
--- apt-1.4.1/CMakeLists.txt	2017-04-24 18:47:55.0 +0200
+++ apt-1.4.4/CMakeLists.txt	2017-05-16 23:19:50.0 +0200
@@ -172,7 +172,7 @@
 # Configure some variables like package, version and architecture.
 set(PACKAGE ${PROJECT_NAME})
 set(PACKAGE_MAIL "APT Development Team ")
-set(PACKAGE_VERSION "1.4.1")
+set(PACKAGE_VERSION "1.4.4")
 
 if (NOT DEFINED DPKG_DATADIR)
   execute_process(COMMAND ${PERL_EXECUTABLE} -MDpkg -e "print $Dpkg::DATADIR;"
diff -Nru -w apt-1.4.1/completions/bash/apt apt-1.4.4/completions/bash/apt
--- apt-1.4.1/completions/bash/apt	2017-04-24 18:47:55.0 +0200
+++ apt-1.4.4/completions/bash/apt	2017-05-16 23:19:50.0 +0200
@@ -158,7 +158,7 @@
 ' -- "$cur" ) )
 return 0
 ;;
-clean|autocleean)
+clean|autoclean)
 COMPREPLY=( $( compgen -W '
 -s --simulate --dry-run
 ' -- "$cur" ) )
diff -Nru -w apt-1.4.1/debian/apt-daily.service apt-1.4.4/debian/apt-daily.service
--- apt-1.4.1/debian/apt-daily.service	2017-04-24 18:47:55.0 +0200
+++ apt-1.4.4/debian/apt-daily.service	2017-05-16 23:19:50.0 +0200
@@ -1,9 +1,9 @@
 [Unit]
-Description=Daily apt activities
+Description=Daily apt download activities
 Documentation=man:apt(8)
 ConditionACPower=true
 
 [Service]
 Type=oneshot
-ExecStart=/usr/lib/apt/apt.systemd.daily
+ExecStart=/usr/lib/apt/apt.systemd.daily update
 
diff -Nru -w apt-1.4.1/debian/apt-daily.timer apt-1.4.4/debian/apt-daily.timer
--- apt-1.4.1/debian/apt-daily.timer	2017-04-24 18:47:55.0 +0200
+++ apt-1.4.4/debian/apt-daily.timer	2017-05-16 23:19:50.0 +0200
@@ -1,11 +1,11 @@
 [Unit]
-Description=Daily apt activities
+Description=Daily apt download activities
 After=network-online.target
 Wants=network-online.target
 
 [Timer]
-OnCalendar=*-*-* 6:00
-RandomizedDelaySec=60m
+OnCalendar=*-*-* 6,18:00
+RandomizedDelaySec=12h
 Persistent=true
 
 [Install]
diff -Nru -w apt-1.4.1/debian/apt-daily-upgrade.service apt-1.4.4/debian/apt-daily-upgrade.service
--- apt-1.4.1/debian/apt-daily-upgrade.service	1970-01-01 01:00:00.0 +0100
+++ apt-1.4.4/debian/apt-daily-upgrade.service	2017-05-16 23:19:50.0 +0200
@@ -0,0 +1,9 @@
+[Unit]
+Description=Daily apt upgrade and clean activities
+Documentation=man:apt(8)
+ConditionACPower=true
+After=apt-daily.service
+
+[Service]
+Type=oneshot
+ExecStart=/usr/lib/apt/apt.systemd.daily install
diff -Nru -w apt-1.4.1/debian/apt-daily-upgrade.timer apt-1.4.4/debian/apt-daily-upgrade.timer
--- apt-1.4.1/debian/apt-daily-upgrade.timer	1970-01-01 01:00:00.0 +0100
+++ apt-1.4.4/debian/apt-daily-upgrade.timer	2017-05-16 23:19:50.0 +0200
@@ -0,0 +1,11 @@
+[Unit]
+Description=Daily apt upgrade and clean activities
+After=apt-daily.timer
+
+[Timer]
+OnCalendar=*-*-* 6:00
+RandomizedDelaySec=60m
+Persistent=true
+
+[Install]
+WantedBy=timers.target
diff -Nru -w apt-1.4.1/debian/apt.systemd.daily apt-1.4.4/debian/apt.systemd.daily
--- apt-1.4.1/debian/apt.systemd.daily	2017-04-24 18:47:55.0 +0200
+++ apt-1.4.4/debian/apt.systemd.daily	2017-05-16 23:19:50.0 +0200
@@ -291,6 +291,23 @@
 }
 
 #  main 
+if [ "$1" = "lock_is_held" ]; then
+shift
+else
+# Maintain a lock on fd 3, so we can't run the script twice at the same
+# time.
+eval $(apt-config shell StateDir Dir::State/d)
+exec 3>${StateDir}/daily_lock
+if ! flock -w 3600 3; then
+echo "E: Could not acquire lock" >&2
+exit 1
+fi
+
+# We hold the lock.  Rerun this script as a child

Bug#862783: unblock: readline/7.0-3

2017-05-16 Thread Matthias Klose 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please consider unblocking readline/7.0-3, applying two upstream updates, fixing
RC issue #852750 by one of them.

Bug#862243: Just a kind reminder to release team - unblock linux kernel

2017-05-16 Thread Julien Aubin 
Hi,

Just a kind reminder to release team, as d-i release manager has ack the
fixes by Salvatore could you please unblock the kernel update ?

As of now Debian testing users are at risk because of many security issues
which are fixed in this newer kernel release.

The fixed security issues are mentionned there :
https://security-tracker.debian.org/tracker/source-package/linux

Thanks a lot !

Bug#862414: marked as done (jessie-pu: package ed/1.10-2.1~deb8u1)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Tue, 16 May 2017 23:37:30 +0300
with message-id <20170516203729.2vrsikgu6dr76khh@localhost>
and subject line Martin is planning an ed jessie-pu update with additional fixes
has caused the Debian Bug report #862414,
regarding jessie-pu: package ed/1.10-2.1~deb8u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862414: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862414
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

The only patch in the package (that was previously not applied)
is the following to fix "ed: ships /usr/share/info/dir.gz on arm64":

--- ed~/Makefile.in 2013-05-05 12:43:38.0 +0200
+++ ed/Makefile.in  2013-05-05 13:44:02.841303992 +0200
@@ -57,7 +57,7 @@
 check : all
@$(VPATH)/testsuite/check.sh $(VPATH)/testsuite $(pkgversion)
 
-install : install-bin install-info install-man
+install : install-bin install-man
 
 install-bin : all
if [ ! -d "$(DESTDIR)$(bindir)" ] ; then $(INSTALL_DIR) 
"$(DESTDIR)$(bindir)" ; fi



 changelog |   15 +++
 rules |3 +++
 2 files changed, 18 insertions(+)

diff -u ed-1.10/debian/changelog ed-1.10/debian/changelog
--- ed-1.10/debian/changelog
+++ ed-1.10/debian/changelog
@@ -1,3 +1,18 @@
+ed (1.10-2.1~deb8u1) jessie; urgency=medium
+
+  * Non-maintainer upload.
+  * Rebuild for jessie.
+
+ -- Adrian Bunk   Fri, 12 May 2017 16:17:58 +0300
+
+ed (1.10-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * debian/rules: add build-arch target to ensure patches
+get applied (Closes: #799702)
+
+ -- Jonathan Wiltshire   Sat, 20 Feb 2016 12:49:56 +
+
 ed (1.10-2) unstable; urgency=medium
 
   * enable DEB_BUILD_MAINT_OPTIONS = hardening=+all
diff -u ed-1.10/debian/rules ed-1.10/debian/rules
--- ed-1.10/debian/rules
+++ ed-1.10/debian/rules
@@ -22,6 +22,9 @@
 build: patch-stamp
dh build
 
+build-arch: patch-stamp
+   dh build
+
 clean: unpatch
dh clean
dh_clean Makefile config.status *.o ed red
--- End Message ---
--- Begin Message ---
Martin is planning an ed jessie-pu update with additional fixes,
closing the bug for mine.

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed--- End Message ---

Bug#862773: unblock: bash/4.4-5

2017-05-16 Thread Matthias Klose 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please consider unblocking bash, applying one upstream patch, fixing:

When -N is used, the input is not supposed to be split using $IFS, but
leading and trailing IFS whitespace was still removed.

Bug#862772: unblock: imagemagick/8:6.9.7.4+dfsg-8

2017-05-16 Thread Bastien Roucariès 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package imagemagick

This fix more than 10 security bugs and a RC bug due to built-using

unblock imagemagick/8:6.9.7.4+dfsg-8

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-rt-amd64 (SMP w/8 CPU cores; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#862186: marked as done (unblock: cryptsetup/2:1.7.3-4)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Tue, 16 May 2017 17:21:00 +
with message-id 
and subject line Re: Bug#862186: unblock: cryptsetup/2:1.7.3-4
has caused the Debian Bug report #862186,
regarding unblock: cryptsetup/2:1.7.3-4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862186: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862186
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi there,

cryptsetup/2:1.7.3-4 closes RC bug #861074.  Quoting myself from Message
#15,

initramfs-tools 0.130 landed into testing on May 1st, and as of
2:1.7.3-3 the cryptroot hook doesn't detect resume devices with the
new logic from initramfs-tools >=0.129:

  * setting RESUME under in an initramfs-tools configuration file
other than /etc/initramfs-tools/conf.d/resume isn't supported
  * setting RESUME=none yields a (harmless) warning
  * setting RESUME=auto (or leaving the variable undefined) might
result into an unresumable device: the initrd is then configured
to resume from the largest swap partition, which might not be
unlocked in time

2:1.7.3-4 also closes #861802 (license mismatch) as well as #847620
(drop obsolete update-rc.d parameters).  Debdiff attached.

Thanks for considering its inclusion in Stretch!
Cheers,
-- 
Guilhem.
diff -Nru cryptsetup-1.7.3/debian/changelog cryptsetup-1.7.3/debian/changelog
--- cryptsetup-1.7.3/debian/changelog   2016-12-09 01:18:17.0 +0100
+++ cryptsetup-1.7.3/debian/changelog   2017-05-09 13:50:59.0 +0200
@@ -1,3 +1,16 @@
+cryptsetup (2:1.7.3-4) unstable; urgency=high
+
+  [ Guilhem Moulin ]
+  * Drop obsolete update-rc.d parameters.  Thanks to Michael Biebl for the
+patch. (Closes: #847620)
+  * debian/copyright: Fix license mismatch (docs/examples/*
+lib/crypto_backend/* lib/loopaes/* lib/tcrypt/* lib/verity/* python/* are
+LGPL-2.1+ not GPL-2+). (Closes: #861802)
+  * debian/initramfs/cryptroot-hook: honor RESUME={none,auto} as documented in
+initramfs.conf(5) by initramfs-tools >=0.129. (Closes: #861074)
+
+ -- Jonas Meurer   Tue, 09 May 2017 13:50:59 +0200
+
 cryptsetup (2:1.7.3-3) unstable; urgency=medium
 
   [ Jonas Meurer ]
diff -Nru cryptsetup-1.7.3/debian/control cryptsetup-1.7.3/debian/control
--- cryptsetup-1.7.3/debian/control 2016-12-09 01:18:17.0 +0100
+++ cryptsetup-1.7.3/debian/control 2017-05-09 13:50:59.0 +0200
@@ -13,7 +13,7 @@
 Package: cryptsetup
 Architecture: linux-any
 Depends: ${shlibs:Depends}, ${misc:Depends}, dmsetup, cryptsetup-bin (>= 
2:1.6.0)
-Recommends: kbd, console-setup, initramfs-tools (>= 0.91) | 
linux-initramfs-tool, busybox | busybox-static
+Recommends: kbd, console-setup, initramfs-tools (>= 0.129) | 
linux-initramfs-tool, busybox | busybox-static
 Suggests: dosfstools, liblocale-gettext-perl, keyutils
 Provides: cryptsetup-luks
 Conflicts: cryptsetup-luks
diff -Nru cryptsetup-1.7.3/debian/copyright cryptsetup-1.7.3/debian/copyright
--- cryptsetup-1.7.3/debian/copyright   2016-12-09 01:18:17.0 +0100
+++ cryptsetup-1.7.3/debian/copyright   2017-05-09 13:50:59.0 +0200
@@ -40,6 +40,23 @@
 Copyright: © 2005 Canonical Ltd.
 License: GPL-2+
 
+Files: docs/examples/*
+Copyright: © 2011 Red Hat, Inc.
+License: LGPL-2.1+
+
+Files: lib/crypto_backend/* lib/loopaes/* lib/tcrypt/* lib/verity/* python/*
+Copyright: © 2009-2014 Red Hat, Inc.
+   © 2010-2015 Milan Broz 
+License: LGPL-2.1+
+
+Files: lib/crypto_backend/crc32.c
+Copyright: © 1986 Gary S. Brown
+License: public-domain
+ Gary S. Brown's licence is as follows:
+ .
+ You may use this program, or code or tables extracted from it, as
+ desired without restriction.
+
 License: GPL-2+
  This package is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
@@ -57,3 +74,22 @@
  .
  On Debian systems, the complete text of the GNU General Public
  License v2 can be found in `/usr/share/common-licenses/GPL-2'.
+
+License: LGPL-2.1+
+ This package is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published
+ by the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even

Bug#862674: marked as done (unblock: libconfig-model-perl/2.097-2)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Tue, 16 May 2017 16:45:47 +
with message-id 
and subject line unblock libconfig-model-perl
has caused the Debian Bug report #862674,
regarding unblock: libconfig-model-perl/2.097-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862674: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862674
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello

Please unblock package libconfig-model-perl

This new version fixes 2 security issues:
 * add patch to remove 'use lib' (CVE-2017-0373)
 * add patch to remove '.' in @INC emulation (CVE-2017-0374)

debian/rules was modified to add '.' in @INC so the tests don't fail.

You can find there the 2 patches in a format slightly more readable than the 
attached debdiff:

https://anonscm.debian.org/cgit/pkg-perl/packages/libconfig-model-perl.git/tree/debian/patches/remove-use-lib?h=debian/2.097-2
https://anonscm.debian.org/cgit/pkg-perl/packages/libconfig-model-perl.git/tree/debian/patches/remove-inc-dot-emulation?h=debian/2.097-2

Links to the CVEs:
https://security-tracker.debian.org/tracker/CVE-2017-0373
https://security-tracker.debian.org/tracker/CVE-2017-0374

Thanks

unblock libconfig-model-perl/2.097-2

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru libconfig-model-perl-2.097/debian/changelog 
libconfig-model-perl-2.097/debian/changelog
--- libconfig-model-perl-2.097/debian/changelog 2016-12-22 19:18:27.0 
+0100
+++ libconfig-model-perl-2.097/debian/changelog 2017-05-14 18:20:55.0 
+0200
@@ -1,3 +1,12 @@
+libconfig-model-perl (2.097-2) unstable; urgency=medium
+
+  * add patch to remove 'use lib' (CVE-2017-0373)
+  * add patch to remove '.' in @INC emulation (CVE-2017-0374)
+  * rules: add '.' in @INC for tests
+  * package for stretch release only
+
+ -- Dominique Dumont   Sun, 14 May 2017 18:20:55 +0200
+
 libconfig-model-perl (2.097-1) unstable; urgency=medium
 
   * New upstream version 2.097
diff -Nru libconfig-model-perl-2.097/debian/patches/remove-inc-dot-emulation 
libconfig-model-perl-2.097/debian/patches/remove-inc-dot-emulation
--- libconfig-model-perl-2.097/debian/patches/remove-inc-dot-emulation  
1970-01-01 01:00:00.0 +0100
+++ libconfig-model-perl-2.097/debian/patches/remove-inc-dot-emulation  
2017-05-14 18:20:55.0 +0200
@@ -0,0 +1,47 @@
+Description: Remove inc dot emulation
+ Using '.' in @INC while loading models and model snippts allows to
+ run arbitrary code by specially crafted models placed in the current
+ working directory (as an aftermath of the fixes for the removal of
+ '.' in @INC in perl).
+.
+ This patch removes the search in '.' and fixes the collateral
+ damage. Note that tests must be run with PERL5LIB=. variable so model
+ files can be searched in '.' only during tests.
+Bug: https://security-tracker.debian.org/tracker/CVE-2017-0374
+Author: Dominique Dumont 
+Origin: upstream
+Applied-Upstream: v2.102
+--- a/lib/Config/Model.pm
 b/lib/Config/Model.pm
+@@ -1198,7 +1198,7 @@
+ # look for additional model information
+ my %model_graft_by_name;
+ my %done;  # avoid loading twice the same snippet (where system version 
may clobber dev version)
+-foreach my $inc (@INC,'.') {
++foreach my $inc (@INC) {
+ foreach my $name ( keys %models_by_name ) {
+ my $snippet_path = $name;
+ $snippet_path =~ s/::/\//g;
+@@ -1206,6 +1206,13 @@
+ get_logger("Model::Loader")->trace("looking for snippet in 
$snippet_dir");
+ if ( -d $snippet_dir ) {
+ foreach my $snippet_file ( glob("$snippet_dir/*.pl") ) {
++
++# $snippet_file is constructed from @INC content
++# (i.e. $inc). Since _load_model_in_hash uses 'do'
++# (which searches in @INC), the file path passed
++# to _load_model_in_hash must be relative to $inc.
++$snippet_file = substr $snippet_file, length($inc) + 1;
++
+ my $done_key = $name . ':' . $snippet_file;
+ next if $done{$done_key};
+

Bug#862686: marked as done (unblock: golang-github-armon-go-metrics/0.0~git20160307.0.f303b03-2)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Tue, 16 May 2017 16:46:20 +
with message-id 
and subject line unblock golang-github-armon-go-metrics
has caused the Debian Bug report #862686,
regarding unblock: golang-github-armon-go-metrics/0.0~git20160307.0.f303b03-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862686: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862686
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package golang-github-armon-go-metrics

This is part of the fix for Debian bug #860608: Go library packages
should not use the Built-Using tag at all, and a few packages are
still referencing a long-removed broken version of the golang package
via a Built-Using tag.

Hence, I uploaded a new version without the tag:

% debdiff 
golang-github-armon-go-metrics_0.0~git20160307.0.f303b03-1_amd64.changes 
golang-github-armon-go-metrics_0.0~git20160307.0.f303b03-2_amd64.changes
File lists identical (after any substitutions)

Control files: lines which differ (wdiff format)

[-Built-Using: golang-1.7 (= 1.7.4-2), golang-github-beorn7-perks (= 
0.0~git20160804.0.4c0e845-1), golang-github-datadog-datadog-go (= 
0.0~git20150930.0.b050cd8-2), golang-github-prometheus-client-golang (= 
0.8.0-1), golang-github-prometheus-client-model (= 
0.0.2+git20150212.12.fa8ad6f-2), golang-github-prometheus-common (= 
0+git20161002.85637ea-2), golang-goprotobuf (= 0.0~git20161116.0.224aaba-3), 
golang-procfs (= 0+git20161206.fcdb11c-1), golang-protobuf-extensions (= 
1.0.0-2)-]
Version: [-0.0~git20160307.0.f303b03-1-] {+0.0~git20160307.0.f303b03-2+}


unblock golang-github-armon-go-metrics/0.0~git20160307.0.f303b03-2

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'unstable')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386, armel, mipsel, arm64

Kernel: Linux 4.9.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Unblocked golang-github-armon-go-metrics.--- End Message ---

Bug#862608: marked as done (unblock: golang-github-hashicorp-go-msgpack/0.0~git20150518.0.fa3f638-2)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Tue, 16 May 2017 16:41:35 +
with message-id 
and subject line unblock golang-github-hashicorp-go-msgpack
has caused the Debian Bug report #862608,
regarding unblock: 
golang-github-hashicorp-go-msgpack/0.0~git20150518.0.fa3f638-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862608: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862608
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package golang-github-hashicorp-go-msgpack

This is part of the fix for Debian bug #860608: Go library packages
should not use the Built-Using tag at all, and a few packages are
still referencing a long-removed broken version of the golang package
via a Built-Using tag.

Hence, I uploaded a new version without the tag:

% debdiff 
golang-github-hashicorp-go-msgpack_0.0~git20150518.0.fa3f638-1_amd64.changes 
golang-github-hashicorp-go-msgpack_0.0~git20150518.0.fa3f638-2_amd64.changes
File lists identical (after any substitutions)

Control files: lines which differ (wdiff format)

[-Built-Using: golang-1.7 (= 1.7.4-2)-]
Version: [-0.0~git20150518.0.fa3f638-1-] {+0.0~git20150518.0.fa3f638-2+}

unblock golang-github-hashicorp-go-msgpack/0.0~git20150518.0.fa3f638-2

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'unstable')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386, armel, mipsel, arm64

Kernel: Linux 4.9.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Unblocked golang-github-hashicorp-go-msgpack.--- End Message ---

Bug#862660: marked as done (unblock: smb4k/1.2.1-2)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Tue, 16 May 2017 16:44:34 +
with message-id 
and subject line unblock smb4k
has caused the Debian Bug report #862660,
regarding unblock: smb4k/1.2.1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862660: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862660
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear release team,

I've just uploaded smb4k in order to fix CVE-2017-8849 (#862505). It has 
already built in all the release architectures, you find the corresponding 
debdiff attached to this report.

Happy hacking,

Please unblock package smb4k

unblock smb4k/1.2.1-2

[1]: https://security-tracker.debian.org/tracker/CVE-2017-8849

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 
'testing'), (500, 'stable'), (50, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
diff -Nru smb4k-1.2.1/debian/changelog smb4k-1.2.1/debian/changelog
--- smb4k-1.2.1/debian/changelog2016-03-25 16:26:46.0 +0100
+++ smb4k-1.2.1/debian/changelog2017-05-15 12:18:34.0 +0200
@@ -1,3 +1,11 @@
+smb4k (1.2.1-2) unstable; urgency=medium
+
+  * Team upload.
+  * Cherry pick "Find the mount/umount commands in the helper"
+This fixes CVE-2017-8849 (Closes: 862505)
+
+ -- Maximiliano Curia   Mon, 15 May 2017 12:18:34 +0200
+
 smb4k (1.2.1-1) unstable; urgency=medium
 
   * Team upload.
diff -Nru 
smb4k-1.2.1/debian/patches/Find-the-mount-umount-commands-in-the-helper.patch 
smb4k-1.2.1/debian/patches/Find-the-mount-umount-commands-in-the-helper.patch
--- 
smb4k-1.2.1/debian/patches/Find-the-mount-umount-commands-in-the-helper.patch   
1970-01-01 01:00:00.0 +0100
+++ 
smb4k-1.2.1/debian/patches/Find-the-mount-umount-commands-in-the-helper.patch   
2017-05-15 12:18:34.0 +0200
@@ -0,0 +1,362 @@
+From: Alexander Reinholdt 
+Date: Wed, 10 May 2017 10:23:34 +0200
+Subject: Find the mount/umount commands in the helper
+
+Instead of trusting what we get passed in
+CVE-2017-8849
+---
+ core/smb4kglobal.cpp | 65 +++-
+ core/smb4kglobal.h   | 16 -
+ core/smb4kmounter_p.cpp  | 78 
+ helpers/CMakeLists.txt   |  6 +++-
+ helpers/smb4kmounthelper.cpp | 51 +++--
+ 5 files changed, 139 insertions(+), 77 deletions(-)
+
+diff --git a/core/smb4kglobal.cpp b/core/smb4kglobal.cpp
+index 172016f..818a78a 100644
+--- a/core/smb4kglobal.cpp
 b/core/smb4kglobal.cpp
+@@ -2,7 +2,7 @@
+ smb4kglobal  -  This is the global namespace for Smb4K.
+  ---
+ begin: Sa Apr 2 2005
+-copyright: (C) 2005-2014 by Alexander Reinholdt
++copyright: (C) 2005-2017 by Alexander Reinholdt
+ email: alexander.reinho...@kdemail.net
+  ***/
+ 
+@@ -851,3 +851,66 @@ QStringList Smb4KGlobal::whitelistedMountArguments()
+ #endif
+ 
+ 
++const QString Smb4KGlobal::findMountExecutable()
++{
++  QString mount;
++  QStringList paths;
++  paths << "/bin";
++  paths << "/sbin";
++  paths << "/usr/bin";
++  paths << "/usr/sbin";
++  paths << "/usr/local/bin";
++  paths << "/usr/local/sbin";
++
++  for (int i = 0; i < paths.size(); ++i)
++  {
++#if defined(Q_OS_LINUX)
++mount = KGlobal::dirs()->findExe("mount.cifs", paths.at(i));
++#elif defined(Q_OS_FREEBSD) || defined(Q_OS_NETBSD)
++mount = KGlobal::dirs()->findExe("mount_smbfs", paths.at(i));
++#endif
++
++if (!mount.isEmpty())
++{
++  break;
++}
++else
++{
++  continue;
++}
++  }
++  
++  return mount;
++}
++
++
++const QString Smb4KGlobal::findUmountExecutable()
++{
++  // Find the umount program.
++  QString umount;
++  QStringList paths;
++  paths << "/bin";
++  paths << "/sbin";
++  paths << "/usr/bin";
++  paths << "/usr/sbin";
++  paths << "/usr/local/bin";
++  paths << "/usr/local/sbin";
++
++  for ( int i = 0; i < paths.size(); ++i )
++  {
++umount =

Bug#862614: marked as done (unblock: linux-latest/80)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Tue, 16 May 2017 16:43:40 +
with message-id 
and subject line unblock linux-latest
has caused the Debian Bug report #862614,
regarding unblock: linux-latest/80
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862614: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862614
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi

Please unblock package linux-latest

Together with an unblock of src:linux since there is an ABI bump there
should be an unblock fof linux-latest as well. I'm attaching the
complete debdiff for reference against the version 79 in testing.

unblock linux-latest/80

Regards,
Salvatore
diff -Nru linux-latest-79/debian/bin/gencontrol.py linux-latest-80/debian/bin/gencontrol.py
--- linux-latest-79/debian/bin/gencontrol.py	2016-12-18 03:31:55.0 +0100
+++ linux-latest-80/debian/bin/gencontrol.py	2017-03-07 16:26:27.0 +0100
@@ -99,10 +99,6 @@
 desc.append(config_description['part-long-' + part])
 desc.append_short(config_description.get('part-short-' + part, ''))
 
-if self.config.merge('xen', arch, featureset, flavour):
-makeflags['XEN'] = True
-templates.extend(self.templates["control.xen-linux-system.latest"])
-
 packages_flavour = []
 
 packages_flavour.append(self.process_real_image(templates[0], image_fields, vars))
diff -Nru linux-latest-79/debian/changelog linux-latest-80/debian/changelog
--- linux-latest-79/debian/changelog	2017-02-18 18:03:12.0 +0100
+++ linux-latest-80/debian/changelog	2017-05-04 17:33:51.0 +0200
@@ -1,3 +1,11 @@
+linux-latest (80) unstable; urgency=medium
+
+  * Re-introduce xen-linux-system-amd64 *again* as transitional package
+(Closes: #857039)
+  * Update to 4.9.0-3
+
+ -- Ben Hutchings   Thu, 04 May 2017 16:33:51 +0100
+
 linux-latest (79) unstable; urgency=medium
 
   * Update to 4.9.0-2
diff -Nru linux-latest-79/debian/control linux-latest-80/debian/control
--- linux-latest-79/debian/control	2017-02-18 18:03:12.0 +0100
+++ linux-latest-80/debian/control	2017-05-04 17:33:51.0 +0200
@@ -4,7 +4,7 @@
 Maintainer: Debian Kernel Team 
 Uploaders: Bastian Blank , Frederik Schüler , Ben Hutchings 
 Standards-Version: 3.9.8
-Build-Depends: debhelper (>= 9), linux-support-4.9.0-2, linux-headers-4.9.0-2-all
+Build-Depends: debhelper (>= 9), linux-support-4.9.0-3, linux-headers-4.9.0-3-all
 Vcs-Browser: https://anonscm.debian.org/cgit/kernel/linux-latest.git
 Vcs-Git: https://anonscm.debian.org/git/kernel/linux-latest.git
 
@@ -32,8 +32,8 @@
 
 Package: linux-image-alpha-generic
 Architecture: alpha
-Provides: linux-latest-modules-4.9.0-2-alpha-generic
-Depends: linux-image-4.9.0-2-alpha-generic, ${misc:Depends}
+Provides: linux-latest-modules-4.9.0-3-alpha-generic
+Depends: linux-image-4.9.0-3-alpha-generic, ${misc:Depends}
 Description: Linux for Alpha (meta-package)
  This package depends on the latest Linux kernel and modules for use on DEC
  Alpha systems with extended kernel start address (Wildfire, Titan,
@@ -41,7 +41,7 @@
 
 Package: linux-headers-alpha-generic
 Architecture: alpha
-Depends: linux-headers-4.9.0-2-alpha-generic, ${misc:Depends}
+Depends: linux-headers-4.9.0-3-alpha-generic, ${misc:Depends}
 Description: Header files for Linux alpha-generic configuration (meta-package)
  This package depends on the architecture-specific header files for the
  latest Linux kernel alpha-generic configuration.
@@ -51,15 +51,15 @@
 Section: debug
 Priority: extra
 Provides: linux-latest-image-dbg
-Depends: linux-image-4.9.0-2-alpha-generic-dbgsym, ${misc:Depends}
+Depends: linux-image-4.9.0-3-alpha-generic-dbgsym, ${misc:Depends}
 Description: Debug symbols for Linux alpha-generic configuration (meta-package)
  This package depends on the detached debugging symbols for the latest
  Linux kernel alpha-generic configuration.
 
 Package: linux-image-alpha-smp
 Architecture: alpha
-Provides: linux-latest-modules-4.9.0-2-alpha-smp
-Depends: linux-image-4.9.0-2-alpha-smp, ${misc:Depends}
+Provides: linux-latest-modules-4.9.0-3-alpha-smp
+Depends: linux-image-4.9.0-3-alpha-smp, ${misc:Depends}
 Description: Linux for Alpha SMP (meta-package)
  This package depends on the latest Linux kernel and modules for use on DEC
  Alpha SMP systems

Bug#862610: marked as done (unblock: golang-pty/0.0~git20151007.0.f7ee69f-2)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Tue, 16 May 2017 16:42:44 +
with message-id 
and subject line unblock golang-pty
has caused the Debian Bug report #862610,
regarding unblock: golang-pty/0.0~git20151007.0.f7ee69f-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862610: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862610
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package golang-pty

This is part of the fix for Debian bug #860608: Go library packages
should not use the Built-Using tag at all, and a few packages are
still referencing a long-removed broken version of the golang package
via a Built-Using tag.

Hence, I uploaded a new version without the tag:
% debdiff golang-pty_0.0\~git20151007.0.f7ee69f-1_amd64.changes 
golang-pty_0.0\~git20151007.0.f7ee69f-2_amd64.changes   
   
File lists identical (after any substitutions)

Control files of package golang-github-kr-pty-dev: lines which differ (wdiff 
format)

[-Built-Using: golang-1.7 (= 1.7.4-2)-]
Version: [-0.0~git20151007.0.f7ee69f-1-] {+0.0~git20151007.0.f7ee69f-2+}

Control files of package golang-pty-dev: lines which differ (wdiff format)
--
Version: [-0.0~git20151007.0.f7ee69f-1-] {+0.0~git20151007.0.f7ee69f-2+}

unblock golang-pty/0.0~git20151007.0.f7ee69f-2

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'unstable')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386, armel, mipsel, arm64

Kernel: Linux 4.9.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Unblocked golang-pty.--- End Message ---

Bug#862609: marked as done (unblock: golang-objx/0.0~git20150928.0.1a9d0bb-2)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Tue, 16 May 2017 16:42:08 +
with message-id 
and subject line unblock golang-objx
has caused the Debian Bug report #862609,
regarding unblock: golang-objx/0.0~git20150928.0.1a9d0bb-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862609: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862609
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package golang-objx

This is part of the fix for Debian bug #860608: Go library packages
should not use the Built-Using tag at all, and a few packages are
still referencing a long-removed broken version of the golang package
via a Built-Using tag.

Hence, I uploaded a new version without the tag:

% debdiff golang-objx_0.0\~git20150928.0.1a9d0bb-1_amd64.changes 
golang-objx_0.0\~git20150928.0.1a9d0bb-2_amd64.changes  
   
File lists identical (after any substitutions)

Control files of package golang-github-stretchr-objx-dev: lines which differ 
(wdiff format)
---
[-Built-Using: golang-1.7 (= 1.7.4-2)-]
Version: [-0.0~git20150928.0.1a9d0bb-1-] {+0.0~git20150928.0.1a9d0bb-2+}

Control files of package golang-objx-dev: lines which differ (wdiff format)
---
Version: [-0.0~git20150928.0.1a9d0bb-1-] {+0.0~git20150928.0.1a9d0bb-2+}


unblock golang-objx/0.0~git20150928.0.1a9d0bb-2

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'unstable')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386, armel, mipsel, arm64

Kernel: Linux 4.9.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Unblocked golang-objx.--- End Message ---

Bug#862565: marked as done (unblock: packer/0.10.2+dfsg-5)

2017-05-16 Thread Debian Bug Tracking System 
Your message dated Tue, 16 May 2017 16:15:07 +
with message-id 
and subject line unblock packer
has caused the Debian Bug report #862565,
regarding unblock: packer/0.10.2+dfsg-5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862565: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862565
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package packer

This release add a patch to handle ABI change of
golang-golang-x-crypto-dev, which result FTBFS in all ARCHs.
After the patch, build is fixed.

Enclosed is the debdiff against the package in testing.
Thanks!

unblock packer/0.10.2+dfsg-5
diff -Nru packer-0.10.2+dfsg/debian/changelog 
packer-0.10.2+dfsg/debian/changelog
--- packer-0.10.2+dfsg/debian/changelog 2017-04-05 15:18:59.0 +0900
+++ packer-0.10.2+dfsg/debian/changelog 2017-05-15 00:51:19.0 +0900
@@ -1,3 +1,15 @@
+packer (0.10.2+dfsg-5) unstable; urgency=medium
+
+  * Team upload.
+  * deb/patches:
++ Add patch to handle ABI change of golang-golang-x-crypto-dev,
+  due to CVE security fix. (Closes: #861282)
+  * deb/control:
++ Bump up version of golang-golang-x-crypto-dev in Build-Depends
+  and Depends.
+
+ -- Roger Shimizu   Mon, 15 May 2017 00:51:19 +0900
+
 packer (0.10.2+dfsg-4) unstable; urgency=medium
 
   * deb/rules: disable a flaky test in packer/rpc/mux_broker_test.go
diff -Nru packer-0.10.2+dfsg/debian/control packer-0.10.2+dfsg/debian/control
--- packer-0.10.2+dfsg/debian/control   2016-11-16 02:14:02.0 +0900
+++ packer-0.10.2+dfsg/debian/control   2017-05-15 00:34:39.0 +0900
@@ -36,7 +36,7 @@
golang-github-pkg-sftp-dev,
golang-github-rackspace-gophercloud-dev (>= 
1.0.0+git20160416.884.c54bbac~),
golang-github-ugorji-go-codec-dev,
-   golang-golang-x-crypto-dev,
+   golang-golang-x-crypto-dev (>= 
1:0.0~git20170407.0.55a552f+REALLY.0.0~git20161012.0.5f31782),
golang-golang-x-oauth2-dev (>= 0.0~git20161103.0.36bc617-2),
golang-golang-x-oauth2-google-dev,
golang-google-api-dev (>= 0.0~git20160408~),
@@ -84,7 +84,7 @@
  golang-github-pkg-sftp-dev,
  golang-github-rackspace-gophercloud-dev (>= 
1.0.0+git20160416.884.c54bbac~),
  golang-github-ugorji-go-codec-dev,
- golang-golang-x-crypto-dev,
+ golang-golang-x-crypto-dev (>= 
1:0.0~git20170407.0.55a552f+REALLY.0.0~git20161012.0.5f31782),
  golang-golang-x-oauth2-dev (>= 0.0~git20161103.0.36bc617-2),
  golang-golang-x-oauth2-google-dev,
  golang-google-api-dev (>= 0.0~git20160408~),
diff -Nru 
packer-0.10.2+dfsg/debian/patches/handle-ABI-change-of-golang-golang-x-crypto-dev.patch
 
packer-0.10.2+dfsg/debian/patches/handle-ABI-change-of-golang-golang-x-crypto-dev.patch
--- 
packer-0.10.2+dfsg/debian/patches/handle-ABI-change-of-golang-golang-x-crypto-dev.patch
 1970-01-01 09:00:00.0 +0900
+++ 
packer-0.10.2+dfsg/debian/patches/handle-ABI-change-of-golang-golang-x-crypto-dev.patch
 2017-05-15 00:46:25.0 +0900
@@ -0,0 +1,42 @@
+From: Roger Shimizu 
+Date: Sun, 14 May 2017 23:54:04 +0900
+Subject: handle ABI change of golang-golang-x-crypto-dev
+
+That ABI change was due to CVE security fix
+
+Fix is picked from upstream of golang-golang-x-crypto-dev:
+  
https://github.com/golang/crypto/commit/e4e2799dd7aab89f583e1d898300d96367750991
+
+Closes: #861282
+---
+ communicator/ssh/communicator_test.go | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/communicator/ssh/communicator_test.go 
b/communicator/ssh/communicator_test.go
+index b0bc035..7010800 100644
+--- a/communicator/ssh/communicator_test.go
 b/communicator/ssh/communicator_test.go
+@@ -132,6 +132,7 @@ func TestNew_Invalid(t *testing.T) {
+   Auth: []ssh.AuthMethod{
+   ssh.Password("i-am-invalid"),
+   },
++  HostKeyCallback: ssh.InsecureIgnoreHostKey(),
+   }
+ 
+   address := newMockLineServer(t)
+@@ -160,6 +161,7 @@ func TestStart(t *testing.T) {
+   Auth: []ssh.AuthMethod{
+   ssh.Password("pass"),
+   },
++  HostKeyCallback: ssh.InsecureIgnoreHostKey(),
+   }
+ 
+   address := newMockLineServer(t)
+@@ -195,6 +197,7 @@ func TestHandshakeTimeout(t *testing.T) {
+

Bug#862746: unblock: simple-cdd/0.6.5

2017-05-16 Thread Vagrant Cascadian 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: debian-b...@lists.debian.org, 
simple-cdd-de...@lists.alioth.debian.org

Thanks for all your work on the Release Team!

Please unblock package simple-cdd

With the recent announcement shutting down public FTP services:

  https://lists.debian.org/debian-announce/2017/msg1.html

This requires some significant changes in simple-cdd, as simple-cdd
relied on Debian's FTP mirrors for downloading files discovered by FTP
directory listing.

Now simple-cdd uses http://deb.debian.org/debian/extrafiles, an
inline-signed list of checksums for various content in the archive
(notably, tools/*, docs/*). This also allows signature and checksum
verification of all downloaded files, which is a huge security
improvement.

The default mirror is now switched to deb.debian.org using the http
protocol.


A fix was added to add packages of priority required, important and
standard from security, updates and proposed-updates repositories to
the locally generated repository. Otherwise packages with strict
versioned dependencies would end up uninstallable (e.g. vim-tiny
depends on vim-common ( =$version), but only vim-common would get
updated, resulting in vim-tiny being uninstallable).


Kernel selection for i386 on jessie and stretch also required
updating, as the linux-image-486 packages were removed from the
archive.


No changes were made to the simple-cdd-profiles udeb, so should not
have any impact on debian-installer.


diff -Nru simple-cdd-0.6.4/build-simple-cdd simple-cdd-0.6.5/build-simple-cdd
--- simple-cdd-0.6.4/build-simple-cdd   2017-01-16 13:40:32.0 -0800
+++ simple-cdd-0.6.5/build-simple-cdd   2017-05-15 13:21:24.0 -0700
@@ -235,7 +235,11 @@
 for a in self.env.get("ARCHES"):
 if a == "alpha": self.env.append("kernel_packages", 
kernel_base + "alpha-generic")
 elif a == "armhf": self.env.append("kernel_packages", 
kernel_base + "armmp")
-elif a == "i386": self.env.append("kernel_packages", 
kernel_base + "486")
+elif a == "i386":
+if self.env.get("CODENAME") == "jessie":
+self.env.append("kernel_packages", kernel_base + 
"586")
+else:
+self.env.append("kernel_packages", kernel_base + 
"686")
 elif a == "sparc": self.env.append("kernel_packages", 
kernel_base + "sparc64")
 elif a in ("amd64", "arm64", "sparc64") or 
a.startswith("powerpc") or a.startswith("s390"):
 self.env.append("kernel_packages", kernel_base + a)
diff -Nru simple-cdd-0.6.4/debian/changelog simple-cdd-0.6.5/debian/changelog
--- simple-cdd-0.6.4/debian/changelog   2017-01-17 15:10:07.0 -0800
+++ simple-cdd-0.6.5/debian/changelog   2017-05-15 14:10:37.0 -0700
@@ -1,3 +1,22 @@
+simple-cdd (0.6.5) unstable; urgency=medium
+
+  [ Vagrant Cascadian ]
+  * Switch to using urllib instead of calling wget.
+- Only re-download files if known checksums do not match.
+- Explicitly set http_proxy in the environment.
+- Verify "mirror_files" to download with archive's "extrafiles", a
+  signed list of checksums.
+- Switch default mirror to deb.debian.org and default protocol to
+  http (Closes: #861198).
+- Many thanks to Enrico Zini for code review and improvements.
+  * Update kernel package selection for i386.
+  * Add stanzas to pull in required, important and standard packages for
+security, updates and proposed-updates when enabled.
+  * Fix bug causing tracebacks when checksum or file size verifications
+fail.
+
+ -- Vagrant Cascadian   Mon, 15 May 2017 14:10:37 -0700
+
 simple-cdd (0.6.4) unstable; urgency=medium
 
   [ Vagrant Cascadian ]
diff -Nru simple-cdd-0.6.4/profiles/ltsp.downloads 
simple-cdd-0.6.5/profiles/ltsp.downloads
--- simple-cdd-0.6.4/profiles/ltsp.downloads2016-07-21 10:03:54.0 
-0700
+++ simple-cdd-0.6.5/profiles/ltsp.downloads2017-04-28 15:46:08.0 
-0700
@@ -2,4 +2,3 @@
 xorg
 udev 
 ltsp-server-standalone
-linux-image-486
diff -Nru simple-cdd-0.6.4/setup.py simple-cdd-0.6.5/setup.py
--- simple-cdd-0.6.4/setup.py   2016-11-27 17:05:05.0 -0800
+++ simple-cdd-0.6.5/setup.py   2017-05-15 13:59:12.0 -0700
@@ -3,7 +3,7 @@
 from setuptools import setup
 
 setup(name="simple-cdd",
-  version="0.6.1",
+  version="0.6.5",
   description="create custom debian-installer CDs",
   long_description="""simple-cdd is a limited though relatively easy tool 
to create a customized debian-installer CD.
 
diff -Nru simple-cdd-0.6.4/simple_cdd/gnupg.py 
simple-cdd-0.6.5/simple_cdd/gnupg.py
--- simple-cdd-0.6.4/simple_cdd/gnupg.py2016-11-27 17:05:05.0 
-0800
+++ simple-cdd-0.6.5/simple_cdd/gnupg.py2017-05-15

Re: Coordinating Debian Stretch & Tails 3.0 releases?

2017-05-16 Thread intrigeri 
Hi,

here's one (and last) gentle ping about what follows:

> Tails 3.0 will be the first Tails release based on Stretch.
> It's currently scheduled for June 13, but we are somewhat flexible
> and would love to try and coordinate with the release of Debian
> Stretch: this would be interesting for communication and publicity,
> both for Debian and for Tails IMO. More precisely, if Debian Stretch
> is going to be release between June 10 and July 2, then we can
> probably release Tails 3.0 at the same time.

> I understand that Debian release date is not announced publicly in
> advance, and I think I understand why. So I guess this discussion
> needs to happen privately. On the Tails side, the only people who
> really need to be in the loop are ano...@riseup.net (my fellow Tails
> release manager) and myself. If that's fine with you, then I'll have
> anonym swear secrecy, and we will do our best to avoid leaking the
> info any further.

> If you prefer not to add this variable to the Debian release schedule
> equation: understood, don't bother, fine :)

> I also understand that this proposal may be premature at this point,
> and I can come back to it in a month if you prefer.

Cheers,
-- 
intrigeri

Bug#862186: unblock: cryptsetup/2:1.7.3-4

2017-05-16 Thread Cyril Brulebois 
Niels Thykier  (2017-05-12):
> Guilhem Moulin:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: unblock
> > 
> > Hi there,
> > 
> > cryptsetup/2:1.7.3-4 closes RC bug #861074.  Quoting myself from Message
> > #15,
> > 
> > initramfs-tools 0.130 landed into testing on May 1st, and as of
> > 2:1.7.3-3 the cryptroot hook doesn't detect resume devices with the
> > new logic from initramfs-tools >=0.129:
> > 
> >   * setting RESUME under in an initramfs-tools configuration file
> > other than /etc/initramfs-tools/conf.d/resume isn't supported
> >   * setting RESUME=none yields a (harmless) warning
> >   * setting RESUME=auto (or leaving the variable undefined) might
> > result into an unresumable device: the initrd is then configured
> > to resume from the largest swap partition, which might not be
> > unlocked in time
> > 
> > 2:1.7.3-4 also closes #861802 (license mismatch) as well as #847620
> > (drop obsolete update-rc.d parameters).  Debdiff attached.
> > 
> > Thanks for considering its inclusion in Stretch!
> > Cheers,
> > 
> 
> Ack from here, CC'ing KiBi for a d-i ack.

No objections, sorry for the lag.


KiBi.


signature.asc
Description: Digital signature

Bug#862713: unblock: nodm/0.13-1.3

2017-05-16 Thread Simon McVittie 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package nodm. This fixes RC bug #861771, and also fixes two
normal-severity bugs that seemed straightforward and low-risk.

unblock nodm/0.13-1.3

Here is a breakdown of the diffstat:

> patches/nodm.service-Don-t-respawn-or-fail-if-disabled-in-et.patch |   28 
> ++
> patches/series |1¯

Fixes #861771 (grave) on systemd-booted systems

> nodm.init  |5 -

Fixes #861717 (normal, although perhaps should be higher severity) and
maybe also #770219 (normal), both on non-systemd-booted systems, by removing
dead code

> nodm.postinst  |2¯

Fixes #861899 (normal) by adding >&2 to one line

Thanks for considering,
S

Processed: retitle 862598 to unblock: udfclient/0.8.8-1

2017-05-16 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> retitle 862598 unblock: udfclient/0.8.8-1
Bug #862598 [release.debian.org] unblock: udfclient/0.8.7-1
Changed Bug title to 'unblock: udfclient/0.8.8-1' from 'unblock: 
udfclient/0.8.7-1'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
862598: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862598
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Re: Bug#860608: [pkg-golang-devel] Bug#860608: Bug#860608: golang: FTBFS: Go version is "go1.6.1", ignoring -next /<>/api/next.txt

2017-05-16 Thread Michael Stapelberg 
On Tue, May 16, 2017 at 6:46 AM, Steve Langasek  wrote:

> On Mon, May 15, 2017 at 03:17:03PM -0700, Steve Langasek wrote:
> > On Mon, May 15, 2017 at 08:56:08AM +0200, Michael Stapelberg wrote:
> > > >> Package: golang-github-gosexy-gettext-dev
>
> > > > vorlon, can we file for removal of this package? It wasn’t touched
> since
> > > > 2013 and has no rdepends.
>
> > > Done: https://bugs.debian.org/862612
>
> > Thanks for filing, 100% agreed.
>
> So, I double checked and:
>
> $ dak rm -R -n -s unstable golang-github-gosexy-gettext
> Will remove the following packages from unstable:
>
> golang-github-gosexy-gettext | 0~git20130221-1 | source
> golang-github-gosexy-gettext-dev | 0~git20130221-1 | all
>
> Maintainer: Steve Langasek 
>
> --- Reason ---
>
> --
>
> Checking reverse dependencies...
> # Broken Build-Depends:
> snapd: golang-github-gosexy-gettext-dev
>

Thanks for checking. I just realized I only checked using “apt rdepends”,
which of course won’t consider build-deps. Doh.


>
> Dependency problem found.
>
> $
>
> It certainly appears that we are still using this package, so I'm closing
> the bug report.  (I wouldn't expect the ftpmasters to act on it in its
> current state anyway.)
>
> And I've uploaded a no-change rebuild of golang-github-gosexy-gettext-dev.
>
> --
> Steve Langasek   Give me a lever long enough and a Free OS
> Debian Developer   to set it on, and I can move the world.
> Ubuntu Developerhttp://www.debian.org/
> slanga...@ubuntu.com vor...@debian.org
>



-- 
Best regards,
Michael

Processed: tagging 861580

2017-05-16 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> # maintainer replied with more information
> tags 861580 - moreinfo
Bug #861580 [release.debian.org] (pre-approval) unblock: 
mysql-connector-python/2.1.6
Removed tag(s) moreinfo.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
861580: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861580
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems