Bug#863287: unblock: pymssql/2.1.3+dfsg-1

2017-05-24 Thread Geoffrey Thomas 

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi release team!

I'd like to get an unblock for pymssql/2.1.3+dfsg-1. This is a new 
upstream release: the current version in oldstable, stable, and testing is 
broken against the version of freetds (the underlying C library for 
talking to MS-SQL servers) in Debian. See https://bugs.debian.org/648230 
and https://bugs.debian.org/709210 .


It will be more supportable for Stretch to package the new upstream 
version: it's a rewrite using Cython, and 1.x is unmaintained now. Because 
of the above problem, I think nobody is using the current Jessie/Stretch 
package (or if they are, they're modifying it). Meanwhile, I've used this 
packaging at my previous employer to build pymssql 2.1.1 in November 2015, 
and that's been working fine in production, so the 2.x package is 
well-tested.


It's also a leaf package (its only reverse-dependencies are as Suggests of 
python-sqlalchemy, python-sqlobject, and pyrit, alongside other backends 
for free software databases like MySQL and Postgres) so there shouldn't be 
a risk of regressions despite it being late in the release cycle.


The full debdiff is at https://ldpreload.com/tmp/pymssql_2.1.3+dfsg-1.debdiff
(not attaching it because it's 700 kB and debian-python is Cc'd).
It's probably easier to browse the full changes via
https://anonscm.debian.org/cgit/python-modules/packages/pymssql.git
but here's the changelog entry:

pymssql (2.1.3+dfsg-1) unstable; urgency=medium

  * Team upload.

  [ Ondřej Nový ]
  * Fixed VCS URL (https)

  [ Geoffrey Thomas ]
  * New upstream release (Closes: #648230), with DFSG repack to avoid
embedded freetds binaries.
- Be compatible with newer versions of freetds (Closes: #709210).
- Consistently respect as_dict (Closes: #590548).
- setup.py: Don't require setuptools_git.
  * Packaging cleanups:
- Switch from CDBS to dh sequencer, and bump d/compat to 9.
- Build for both Python 2 and 3 using pybuild.
- Update Standards-Version to 3.9.8 (no changes).
- Update copyright and follow machine-readable copyright spec.
- Switch to source format 3.0 (quilt).
- Use uscan and Files-Excluded in debian/copyright to simplify the
  DFSG repack target, and drop debian/rules get-orig-source (just
  call `uscan --rename`).
  * Add myself to Uploaders.

 -- Geoffrey Thomas   Wed, 24 May 2017 14:16:13 -0400

If you don't want to take the new upstream release, I could try applying 
the random patch on GitHub to the current 1.x package, but I'd probably 
prefer that we just remove it from Stretch (so that users use the upstream 
release or something) instead of supporting the 1.x release for the entire 
Stretch lifecycle.


unblock pymssql/2.1.3+dfsg-1

Thanks,
--
Geoffrey Thomas
https://ldpreload.com
geo...@ldpreload.com

Bug#863284: marked as done (unblock: quadrapassel/1:3.22.0-1.1)

2017-05-24 Thread Debian Bug Tracking System 
Your message dated Wed, 24 May 2017 21:52:18 +
with message-id 
and subject line unblock quadrapassel
has caused the Debian Bug report #863284,
regarding unblock: quadrapassel/1:3.22.0-1.1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863284: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863284
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

Dear Release Team,

Please consider unblocking quadrapassel 1:3.22.0-1.1:

  quadrapassel (1:3.22.0-1.1) unstable; urgency=medium

 * Non-maintainer upload.
 * Fix segfault when unpausing a paused game that has finished.
   (Closes: #863106)

The full debdiff is attached.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
diffstat for quadrapassel-3.22.0 quadrapassel-3.22.0

 changelog|8 
+
 patches/0001_fix-segfault-when-unpausing-a-paused-finished-game.diff |   16 
++
 patches/series   |1 
 3 files changed, 25 insertions(+)

diff -Nru quadrapassel-3.22.0/debian/changelog 
quadrapassel-3.22.0/debian/changelog
--- quadrapassel-3.22.0/debian/changelog2016-09-21 22:13:51.0 
+0100
+++ quadrapassel-3.22.0/debian/changelog2017-05-23 19:48:01.0 
+0100
@@ -1,3 +1,11 @@
+quadrapassel (1:3.22.0-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix segfault when unpausing a paused game that has finished.
+(Closes: #863106)
+
+ -- Chris Lamb   Tue, 23 May 2017 19:48:01 +0100
+
 quadrapassel (1:3.22.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru 
quadrapassel-3.22.0/debian/patches/0001_fix-segfault-when-unpausing-a-paused-finished-game.diff
 
quadrapassel-3.22.0/debian/patches/0001_fix-segfault-when-unpausing-a-paused-finished-game.diff
--- 
quadrapassel-3.22.0/debian/patches/0001_fix-segfault-when-unpausing-a-paused-finished-game.diff
 1970-01-01 01:00:00.0 +0100
+++ 
quadrapassel-3.22.0/debian/patches/0001_fix-segfault-when-unpausing-a-paused-finished-game.diff
 2017-05-23 19:48:01.0 +0100
@@ -0,0 +1,16 @@
+Description: Fix segfault when unpausing a paused game that has finished
+Author: Chris Lamb 
+Debian-Bug: #863106
+Last-Update: 2017-05-23
+
+--- quadrapassel-3.22.0.orig/src/game.vala
 quadrapassel-3.22.0/src/game.vala
+@@ -261,6 +261,8 @@ public class Game : Object
+ set
+ {
+ _paused = value;
++if (game_over)
++return;
+ if (has_started)
+ setup_drop_timer ();
+ pause_changed ();
diff -Nru quadrapassel-3.22.0/debian/patches/series 
quadrapassel-3.22.0/debian/patches/series
--- quadrapassel-3.22.0/debian/patches/series   1970-01-01 01:00:00.0 
+0100
+++ quadrapassel-3.22.0/debian/patches/series   2017-05-23 19:48:01.0 
+0100
@@ -0,0 +1 @@
+0001_fix-segfault-when-unpausing-a-paused-finished-game.diff
--- End Message ---
--- Begin Message ---
Unblocked quadrapassel.--- End Message ---

Bug#863284: unblock: quadrapassel/1:3.22.0-1.1

2017-05-24 Thread Chris Lamb 
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

Dear Release Team,

Please consider unblocking quadrapassel 1:3.22.0-1.1:

  quadrapassel (1:3.22.0-1.1) unstable; urgency=medium

 * Non-maintainer upload.
 * Fix segfault when unpausing a paused game that has finished.
   (Closes: #863106)

The full debdiff is attached.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
diffstat for quadrapassel-3.22.0 quadrapassel-3.22.0

 changelog|8 
+
 patches/0001_fix-segfault-when-unpausing-a-paused-finished-game.diff |   16 
++
 patches/series   |1 
 3 files changed, 25 insertions(+)

diff -Nru quadrapassel-3.22.0/debian/changelog 
quadrapassel-3.22.0/debian/changelog
--- quadrapassel-3.22.0/debian/changelog2016-09-21 22:13:51.0 
+0100
+++ quadrapassel-3.22.0/debian/changelog2017-05-23 19:48:01.0 
+0100
@@ -1,3 +1,11 @@
+quadrapassel (1:3.22.0-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix segfault when unpausing a paused game that has finished.
+(Closes: #863106)
+
+ -- Chris Lamb   Tue, 23 May 2017 19:48:01 +0100
+
 quadrapassel (1:3.22.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru 
quadrapassel-3.22.0/debian/patches/0001_fix-segfault-when-unpausing-a-paused-finished-game.diff
 
quadrapassel-3.22.0/debian/patches/0001_fix-segfault-when-unpausing-a-paused-finished-game.diff
--- 
quadrapassel-3.22.0/debian/patches/0001_fix-segfault-when-unpausing-a-paused-finished-game.diff
 1970-01-01 01:00:00.0 +0100
+++ 
quadrapassel-3.22.0/debian/patches/0001_fix-segfault-when-unpausing-a-paused-finished-game.diff
 2017-05-23 19:48:01.0 +0100
@@ -0,0 +1,16 @@
+Description: Fix segfault when unpausing a paused game that has finished
+Author: Chris Lamb 
+Debian-Bug: #863106
+Last-Update: 2017-05-23
+
+--- quadrapassel-3.22.0.orig/src/game.vala
 quadrapassel-3.22.0/src/game.vala
+@@ -261,6 +261,8 @@ public class Game : Object
+ set
+ {
+ _paused = value;
++if (game_over)
++return;
+ if (has_started)
+ setup_drop_timer ();
+ pause_changed ();
diff -Nru quadrapassel-3.22.0/debian/patches/series 
quadrapassel-3.22.0/debian/patches/series
--- quadrapassel-3.22.0/debian/patches/series   1970-01-01 01:00:00.0 
+0100
+++ quadrapassel-3.22.0/debian/patches/series   2017-05-23 19:48:01.0 
+0100
@@ -0,0 +1 @@
+0001_fix-segfault-when-unpausing-a-paused-finished-game.diff

Bug#863220: marked as done (unblock: screen/4.5.0-6)

2017-05-24 Thread Debian Bug Tracking System 
Your message dated Wed, 24 May 2017 22:42:50 +0200
with message-id <20170524204248.ga9...@ugent.be>
and subject line Re: unblock: screen/4.5.0-6
has caused the Debian Bug report #863220,
regarding unblock: screen/4.5.0-6
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863220: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863220
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear Release Team, Dear D-I Release Manager,

please unblock package screen/4.5.0-6.

Daniel Kahn Gillmor (beside others upstream) noticed that in 4.5.0 the
-L commandline option was subtly broken in a way that -L is documented
to have an optional parameter, but in fact, the parameter becomes
non-optional if further commandline options (i.e. parameters are
starting with a dash) are given as the next parameter after -L (if
existing) is unconditionally treated as log file name and screen bails
out if a log file name starts with a dash.

This leads to breakage in screen's commandline API: Some option
combinations are no more possible (due to potential positional
parameters after all options) without explicitly giving an log file
name as parameter to -L.

But in previous screen versions -L didn't accept any parameter, so any
potential parameter would have been treated like a positional
parameter. This makes screen behaving severly different with the same
parameters depending on the version. Namely it works as expected in
all versions except 4.5.0 since upstream has fixed that API breakage
in 4.5.1 (already in experimental).

So I cherry-picked the first and simplest commit in 4.5.1 targeting
this issue. It was later rewritten for the final 4.5.1 release to add
additional options and further logic, but it already fixed most of the
API breakage. While testing the patch I noticed that upstream forgot
to revert anticipatorily incremented/decremented counters (ac, av) if
the next argument starts with a dash. I've added two lines ("av--;"
and "ac++;") and that's the only difference between the patch in
4.5.0-6 and upstream's variant at
http://git.savannah.gnu.org/cgit/screen.git/commit/?h=screen-v4=c14e05e7c36c64d85198ed0fc89177427ece48d4

I must admit, I haven't tested it inside D-I, but since I haven't
heard of any D-I breakage due to that unplanned CLI API change in
4.5.0, I don't expect any breakage when I'm fixing that API breakage.

Full debdiff between 4.5.0-5 in testing and 4.5.0-6 in unstable:

diff -Nru screen-4.5.0/debian/changelog screen-4.5.0/debian/changelog
--- screen-4.5.0/debian/changelog   2017-04-04 01:14:01.0 +0200
+++ screen-4.5.0/debian/changelog   2017-05-23 01:57:09.0 +0200
@@ -1,3 +1,12 @@
+screen (4.5.0-6) unstable; urgency=low
+
+  * Cherry-pick c14e05e7 to fix -L parsing regression. (Closes: #863095)
++ Modify patch to revert anticipatorily incremented/decremented
+  counters if next argument starts with a dash.
++ Refresh line-numbers in 80_session_creation_docs.patch.
+
+ -- Axel Beckert   Tue, 23 May 2017 01:57:09 +0200
+
 screen (4.5.0-5) unstable; urgency=low
 
   * Replace all occurrences of /var/run/ in packaging with /run/. (Closes:
diff -Nru 
screen-4.5.0/debian/patches/64-cherry-pick-c14e05e7-to-fix-cli-api-regression.patch
 
screen-4.5.0/debian/patches/64-cherry-pick-c14e05e7-to-fix-cli-api-regression.patch
--- 
screen-4.5.0/debian/patches/64-cherry-pick-c14e05e7-to-fix-cli-api-regression.patch
 1970-01-01 01:00:00.0 +0100
+++ 
screen-4.5.0/debian/patches/64-cherry-pick-c14e05e7-to-fix-cli-api-regression.patch
 2017-05-23 01:56:25.0 +0200
@@ -0,0 +1,65 @@
+Origin: c14e05e7c36c64d85198ed0fc89177427ece48d4
+Author: Alexander Naumov 
+Description: Ignore logfile's name that begins with the "-" symbol
+ This fixes the API:
+ .
+ To enable logging we use -L option. But in case of
+ default logfile name (screenlog.0) we will need to
+ define it anyway. Because screen will try to interpret
+ next option as a parameter for -L option (which is
+ logfile name). It will fails ALWAYS, because next
+ parameter will always start with "-" symbol...
+ what is not permited for logfile name of course.
+ .   
+ For example:
+ .
+ $ screen -L -D -m ./configure
+ .
+ In this case logfile name is screenlog.0, because "-D"
+ will not be interpreted by screen as a name of logfile.
+Bug-Debian: https://bugs.debian.org/863095
+Bug: https://savannah.gnu.org/bugs/?50440
+Reviewd-By: Axel Beckert

Bug#863222: marked as done (unblock: bilibop/0.5.2.1)

2017-05-24 Thread Debian Bug Tracking System 
Your message dated Wed, 24 May 2017 22:41:47 +0200
with message-id <20170524204145.ga9...@ugent.be>
and subject line Re: unblock: bilibop/0.5.2.1
has caused the Debian Bug report #863222,
regarding unblock: bilibop/0.5.2.1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863222: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863222
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi,

Please unblock package bilibop, as it meets the
following unblock requirements:

Version 0.5.2 (currently in testing) is affected
by a bug [1] with severity "important", which now
is fixed in version 0.5.2.1 (currently in unstable).

The package is optional, and builds fine on all
applicable architectures, as shown there [2].

Also please consider the attached debdiff.

[1] https://bugs.debian.org/861685
[2] https://buildd.debian.org/status/package.php?p=bilibop

unblock bilibop/0.5.2.1

-- System Information:
Debian Release: 8.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
diff -Nru bilibop-0.5.2/debian/changelog bilibop-0.5.2.1/debian/changelog
--- bilibop-0.5.2/debian/changelog	2017-01-17 00:29:07.0 +0100
+++ bilibop-0.5.2.1/debian/changelog	2017-05-18 17:20:24.0 +0200
@@ -1,3 +1,11 @@
+bilibop (0.5.2.1) unstable; urgency=high
+
+  * bilibop-common:
+- modify underlying_device_from_aufs() to support multiple read-only
+  branches. Closes: #861685.
+
+ -- Yann Amar   Thu, 18 May 2017 15:20:24 +
+
 bilibop (0.5.2) unstable; urgency=low
 
   * bilibop-rules: add brazilian portuguese translation for debconf templates.
diff -Nru bilibop-0.5.2/lib/bilibop/common.sh bilibop-0.5.2.1/lib/bilibop/common.sh
--- bilibop-0.5.2/lib/bilibop/common.sh	2015-12-07 17:19:52.0 +0100
+++ bilibop-0.5.2.1/lib/bilibop/common.sh	2017-05-18 17:17:24.0 +0200
@@ -513,24 +513,31 @@
 # branch of an aufs mountpoint given as argument. We assume that there is only
 # and at least one physical device used to build the aufs (but the directory
 # is not necessarly the mountpoint of this device), other branch(s) being
-# virtual fs.
+# virtual fs. Note that if there are more than one readonly branch, the first
+# block device found wins.
 underlying_device_from_aufs() {
 ${DEBUG} && echo "> underlying_device_from_aufs $@" >&2
-local   dir="$(aufs_readonly_branch "${1}")"
-local   dev="$(device_id_of_file "${dir}")"
-case "${dev}" in
-"")
-;;
-0:*)
-# aufs mounts can't be nested; but this may be btrfs
-dev="$(underlying_device_from_file "${dir}")"
-;;
-*)
-dev="$(device_node_from_major_minor "${dev}")"
-;;
-esac
-
-[ -b "${dev}" ] && readlink -f "${dev}"
+local dev dir
+for dir in $(aufs_readonly_branch "${1}"); do
+dev="$(device_id_of_file "${dir}")"
+case "${dev}" in
+"")
+continue
+;;
+0:*)
+# aufs mounts can't be nested; but this may be btrfs
+dev="$(underlying_device_from_file "${dir}")"
+;;
+*)
+dev="$(device_node_from_major_minor "${dev}")"
+;;
+esac
+if [ -b "${dev}" ]; then
+readlink -f "${dev}"
+return 0
+fi
+done
+return 1
 }
 # ===}}}
 # underlying_device_from_overlayfs() {{{
--- End Message ---
--- Begin Message ---
Hi,

On Tue, May 23, 2017 at 11:47:21PM +0200, quidame wrote:
> Subject: unblock: bilibop/0.5.2.1

Unblocked by Niels.

Cheers,

Ivo--- End Message ---

Bug#862410: marked as done (unblock: mysql-transitional/5.5.9999+default)

2017-05-24 Thread Debian Bug Tracking System 
Your message dated Wed, 24 May 2017 20:45:00 +
with message-id <9e5dbb3d-9b9f-c6b6-bf34-8789d8a80...@thykier.net>
and subject line Re: Bug#862410: unblock: mysql-transitional/5.5.+default
has caused the Debian Bug report #862410,
regarding unblock: mysql-transitional/5.5.+default
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862410: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862410
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package mysql-transitional

Dear release team,

as agreed upon in <7f872a85-0d08-6bd1-f731-52e26a769...@thykier.net>
the MySQL packaging team needs to upload src:mysql-transitional
directly into stretch to fix the smooth upgrade issues.

This goes hand in hand with mariadb-10.1_10.1.23-7 update, but I'll
update the existing unblock bug separately.

unblock mysql-transitional/5.5.+default

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.4.0-67-generic (SMP w/24 CPU cores)
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
On Sat, 20 May 2017 13:01:20 +0200 =?utf-8?Q?Ond=C5=99ej=20Sur=C3=BD?=
 wrote:
> Control: tags -1 -moreinfo
> 
> Hi Niels,
> 
> uploaded, I didn't want to make the upload without explicit permission
> to do so.
> 
> Cheers,
> [...]
> 

Unblocked, thanks.

~Niels--- End Message ---

Bug#863184: marked as done (unblock: opendmarc/1.3.2-2)

2017-05-24 Thread Debian Bug Tracking System 
Your message dated Wed, 24 May 2017 20:12:27 +
with message-id 
and subject line unblock opendmarc
has caused the Debian Bug report #863184,
regarding unblock: opendmarc/1.3.2-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863184: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863184
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package opendmarc

This upload fixes a policy violation about forced conffile removal and I think
we would be better off to have the change in stretch.  It isn't only a
theoretical problem.  As it is, if someone is using systemd and then switches
to sysv init the daemon will fail to start.

Scott K

unblock opendmarc/1.3.2-2
diff -u opendmarc-1.3.2/debian/changelog opendmarc-1.3.2/debian/changelog
--- opendmarc-1.3.2/debian/changelog
+++ opendmarc-1.3.2/debian/changelog
@@ -1,3 +1,10 @@
+opendmarc (1.3.2-2) unstable; urgency=medium
+
+  * Do not remove /etc/default/opendkim on upgrade since it is a conffile
+because policy 10.7.3 (Closes: #863173)
+
+ -- Scott Kitterman   Mon, 22 May 2017 18:11:58 -0400
+
 opendmarc (1.3.2-1) unstable; urgency=medium
 
   * New upstream release
diff -u opendmarc-1.3.2/debian/opendmarc.postinst opendmarc-1.3.2/debian/opendmarc.postinst
--- opendmarc-1.3.2/debian/opendmarc.postinst
+++ opendmarc-1.3.2/debian/opendmarc.postinst
@@ -38,9 +38,6 @@
 
 	# Upgrade /etc/default to systemd override files
 	if [ -d /run/systemd/system ] && [ -f /etc/default/opendmarc ]; then
-		if /lib/opendmarc/opendmarc.service.generate; then
-			rm -f /etc/default/opendmarc
-		fi
 		if [ -f /etc/tmpfiles.d/opendmarc.conf ]; then
 			systemd-tmpfiles --create /etc/tmpfiles.d/opendmarc.conf
 		fi
--- End Message ---
--- Begin Message ---
Unblocked opendmarc.--- End Message ---

Bug#861668: marked as done (unblock pre-approval: python-jenkins/0.4.11-1)

2017-05-24 Thread Debian Bug Tracking System 
Your message dated Wed, 24 May 2017 22:04:08 +0200
with message-id <20170524200406.ga9...@ugent.be>
and subject line Re: Bug#861668: unblock pre-approval: python-jenkins/0.4.11-1
has caused the Debian Bug report #861668,
regarding unblock pre-approval: python-jenkins/0.4.11-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
861668: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861668
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock


Dear release team,

Antoine Musso reported #861656, and claims it is RC. To adress it, he
suggested upgrading to upstream release 0.4.12. I checked the diff,
which I attached to this mail. If removing the tests, then the change
are very small. I have therefore attached 2 diff: one with only the
change to the library code, and one diff containing all the changes
between 0.4.11 and 0.4.12.

At this point, would the release team accept an upgrade to upstream
version 0.4.12? Do you agree than #861656 should be considered RC?

Cheers,

Thomas Goirand (zigo)
diff --git a/.gitreview b/.gitreview
index fbfb964..1630945 100644
--- a/.gitreview
+++ b/.gitreview
@@ -1,4 +1,4 @@
 [gerrit]
 host=review.openstack.org
 port=29418
-project=stackforge/python-jenkins.git
+project=openstack/python-jenkins.git
diff --git a/README.rst b/README.rst
index 6a37401..f87ff22 100644
--- a/README.rst
+++ b/README.rst
@@ -44,11 +44,11 @@ Bug report:
 
 Repository:
 
-* https://git.openstack.org/cgit/stackforge/python-jenkins
+* https://git.openstack.org/cgit/openstack/python-jenkins
 
 Cloning:
 
-* git clone https://git.openstack.org/stackforge/python-jenkins
+* git clone https://git.openstack.org/openstack/python-jenkins
 
 Patches are submitted via Gerrit at:
 
diff --git a/doc/source/examples.rst b/doc/source/examples.rst
index d20dbb8..812343e 100644
--- a/doc/source/examples.rst
+++ b/doc/source/examples.rst
@@ -104,6 +104,21 @@ This is an example showing how to add, configure, enable and delete Jenkins node
 server.disable_node('slave1')
 server.enable_node('slave1')
 
+# create node with parameters
+params = {
+'port': '22',
+'username': 'juser',
+'credentialsId': '10f3a3c8-be35-327e-b60b-a3e5edb0e45f',
+'host': 'my.jenkins.slave1'
+}
+server.create_node(
+'slave1',
+nodeDescription='my test slave',
+remoteFS='/home/juser',
+labels='precise',
+exclusive=True,
+launcher=jenkins.LAUNCHER_SSH,
+launcher_params=params)
 
 Example 6: Working with Jenkins Build Queue
 ---
diff --git a/jenkins/__init__.py b/jenkins/__init__.py
index 65f8b6a..34cae71 100644
--- a/jenkins/__init__.py
+++ b/jenkins/__init__.py
@@ -240,7 +240,10 @@ class Jenkins(object):
 def _build_url(self, format_spec, variables=None):
 
 if variables:
-url_path = format_spec % self._get_encoded_params(variables)
+if format_spec == CREATE_NODE:
+url_path = format_spec % urlencode(self._get_encoded_params(variables))
+else:
+url_path = format_spec % self._get_encoded_params(variables)
 else:
 url_path = format_spec
 
@@ -453,7 +456,7 @@ class Jenkins(object):
 u'name': u'my_job'}
 
 """
-url = "/".join((item, INFO))
+url = '/'.join((item, INFO)).lstrip('/')
 if query:
 url += query
 try:
diff --git a/setup.cfg b/setup.cfg
index 7abf945..0294a71 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -7,7 +7,7 @@ maintainer = OpenStack Infrastructure Team
 maintainer_email = openst...@lists.launchpad.net
 description-file = README.rst
 license = BSD
-home-page = http://git.openstack.org/cgit/stackforge/python-jenkins
+home-page = http://git.openstack.org/cgit/openstack/python-jenkins
 classifier =
 Topic :: Utilities
 Intended Audience :: Developers
diff --git a/tests/base.py b/tests/base.py
index b5583ca..86a8180 100644
--- a/tests/base.py
+++ b/tests/base.py
@@ -1,6 +1,7 @@
 import sys
 
 from six.moves.urllib.request import build_opener
+from testscenarios import TestWithScenarios
 
 import jenkins
 
@@ -10,18 +11,26 @@ else:
 import unittest
 
 
-class JenkinsTestBase(unittest.TestCase):
+class JenkinsTestBase(TestWithScenarios, unittest.TestCase):
 
 crumb_data = {
 "crumb": "dab177f483b3dd93483ef6716d8e792d",
 "crumbRequestField": ".crumb",
 }
 
+scenarios = [
+

Bug#863183: marked as done (unblock: opendkim/2.11.0~alpha-10)

2017-05-24 Thread Debian Bug Tracking System 
Your message dated Wed, 24 May 2017 20:11:52 +
with message-id 
and subject line unblock opendkim
has caused the Debian Bug report #863183,
regarding unblock: opendkim/2.11.0~alpha-10
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863183: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863183
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package opendkim

This upload fixes a policy violation about forced conffile removal and I think
we would be better off to have the change in stretch.  It isn't only a
theoretical problem.  As it is, if someone is using systemd and then switches
to sysv init the daemon will fail to start.

Scott K

unblock opendkim/2.11.0~alpha-10
diff -Nru opendkim-2.11.0~alpha/debian/changelog opendkim-2.11.0~alpha/debian/changelog
--- opendkim-2.11.0~alpha/debian/changelog	2017-01-25 10:00:10.0 -0500
+++ opendkim-2.11.0~alpha/debian/changelog	2017-05-22 18:10:16.0 -0400
@@ -1,3 +1,10 @@
+opendkim (2.11.0~alpha-10) unstable; urgency=medium
+
+  * Do not remove /etc/default/opendkim on upgrade since it is a conffile
+because policy 10.7.3 (Closes: #863055)
+
+ -- Scott Kitterman   Mon, 22 May 2017 18:08:41 -0400
+
 opendkim (2.11.0~alpha-9) unstable; urgency=medium
 
   * Set umask to 0007 in opendkim.service so opendkim socket is group readable
diff -Nru opendkim-2.11.0~alpha/debian/opendkim.postinst opendkim-2.11.0~alpha/debian/opendkim.postinst
--- opendkim-2.11.0~alpha/debian/opendkim.postinst	2016-11-07 09:07:21.0 -0500
+++ opendkim-2.11.0~alpha/debian/opendkim.postinst	2017-05-22 18:08:37.0 -0400
@@ -42,9 +42,6 @@
 
 	# Upgrade /etc/default to systemd override files
 	if [ -d /run/systemd/system ] && [ -f /etc/default/opendkim ]; then
-		if /lib/opendkim/opendkim.service.generate; then
-			rm -f /etc/default/opendkim
-		fi
 		if [ -f /etc/tmpfiles.d/opendkim.conf ]; then
 			systemd-tmpfiles --create /etc/tmpfiles.d/opendkim.conf
 		fi
--- End Message ---
--- Begin Message ---
Unblocked opendkim.--- End Message ---

Bug#863085: marked as done (unblock: dante/1.4.1+dfsg-5 [preapproval, RC])

2017-05-24 Thread Debian Bug Tracking System 
Your message dated Wed, 24 May 2017 19:47:01 +
with message-id 
and subject line unblock dante
has caused the Debian Bug report #863085,
regarding unblock: dante/1.4.1+dfsg-5 [preapproval, RC]
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863085: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863085
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi,

This is a pre-approval request for dante to fix a long-standing
bug that makes the first installation of the dante-server binary
package fail, since the dante-server service cannot possibly be
started with the default config file.  The bug - #862988 - was
reported as "important", but I raised its priority to "serious",
and I should have fixed it a long time ago.

I'm attaching the proposed debdiff, a targeted fix that lets
the initial installation succeed even though the service fails
to start.  If it is approved, I'll upload the package and let
you know when the time comes to really unblock it.

Thanks in advance for your time!

G'luck,
Peter

-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru dante-1.4.1+dfsg/debian/changelog dante-1.4.1+dfsg/debian/changelog
--- dante-1.4.1+dfsg/debian/changelog   2017-01-12 13:07:24.0 +0200
+++ dante-1.4.1+dfsg/debian/changelog   2017-05-21 17:23:27.0 +0300
@@ -1,3 +1,12 @@
+dante (1.4.1+dfsg-5) unstable; urgency=medium
+
+  * Add an error handler to the post-install startup of dante-server so
+that it doesn't make the package installation fail if danted.conf
+has not been customized yet (i.e. always on first installation).
+Closes: #862988
+
+ -- Peter Pentchev   Sun, 21 May 2017 17:23:27 +0300
+
 dante (1.4.1+dfsg-4) unstable; urgency=medium
 
   * Add the 25-path-max patch as a temporary band-aid for building Dante
diff -Nru dante-1.4.1+dfsg/debian/dante-server.postinst 
dante-1.4.1+dfsg/debian/dante-server.postinst
--- dante-1.4.1+dfsg/debian/dante-server.postinst   1970-01-01 
02:00:00.0 +0200
+++ dante-1.4.1+dfsg/debian/dante-server.postinst   2017-05-21 
12:20:51.0 +0300
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+set -e
+
+dante_service_error()
+{
+   local res="$?" conffile='/etc/danted.conf' notfound='' var
+   for var in internal external; do
+   if ! egrep -qe '^[[:space:]]*'"$var"'[[:space:]]*:' -- 
"$conffile"; then
+   notfound="$notfound $var"
+   fi
+   done
+   if [ -n "$notfound" ]; then
+   echo "Please edit the Dante server config file $conffile and 
specify at least the following directives:$notfound" 1>&2
+   else
+   # The required directives are specified, so propagate the error
+   exit "$res"
+   fi
+}
+
+#DEBHELPER#
diff -Nru dante-1.4.1+dfsg/debian/dante-server.prerm 
dante-1.4.1+dfsg/debian/dante-server.prerm
--- dante-1.4.1+dfsg/debian/dante-server.prerm  1970-01-01 02:00:00.0 
+0200
+++ dante-1.4.1+dfsg/debian/dante-server.prerm  2017-05-21 12:21:12.0 
+0300
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+set -e
+
+dante_service_error()
+{
+   exit "$?"
+}
+
+#DEBHELPER#
diff -Nru dante-1.4.1+dfsg/debian/rules dante-1.4.1+dfsg/debian/rules
--- dante-1.4.1+dfsg/debian/rules   2017-01-09 16:54:21.0 +0200
+++ dante-1.4.1+dfsg/debian/rules   2017-05-21 12:14:31.0 +0300
@@ -53,7 +53,7 @@
dh_installchangelogs NEWS
 
 override_dh_installinit:
-   dh_installinit -pdante-server --init-script=danted
+   dh_installinit -pdante-server --init-script=danted 
--error-handler=dante_service_error
 
 %:
dh '$@' --without systemd


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Unblocked dante.--- End Message ---

Bug#863275: unblock: enigmail/2:1.9.7-2

2017-05-24 Thread Daniel Kahn Gillmor 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package enigmail

enigmail 1.9.7 rolls up some minor upstream bugfixes for the enigmail
stable branch and closes #863273, which is an annoying failure mode
for one specific workflow.

Enigmail upstream has kept the stable branch quite stable -- as a
bugfix-only branch -- and tracking that stable release in what will
become debian stable seems reasonable to me.

debdiff is attached.

unblock enigmail/2:1.9.7-2

-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (200, 
'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#863272: unblock: tomcat7/7.0.78-1

2017-05-24 Thread Emmanuel Bourg 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package tomcat7. The version 7.0.78-1 has no modification
compared to the one in testing (in stretch the package now only builds
the Servlet API 3.0 and it never changes), but this update will allow us
to refresh the backports for jessie and wheezy.

Thank you,

Emmanuel Bourg

Bug#863268: marked as done (unblock: samba/2:4.5.8+dfsg-2)

2017-05-24 Thread Debian Bug Tracking System 
Your message dated Wed, 24 May 2017 16:54:58 +
with message-id 
and subject line unblock samba
has caused the Debian Bug report #863268,
regarding unblock: samba/2:4.5.8+dfsg-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863268: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863268
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package samba

It (only) includes a fix for critical CVE-2017-7494 (rpc_server3: Refuse to
open pipe names with / inside)

Debdiff attached.

Regards

Mathieu Parent

unblock samba/2:4.5.8+dfsg-2

-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru samba-4.5.8+dfsg/debian/changelog samba-4.5.8+dfsg/debian/changelog
--- samba-4.5.8+dfsg/debian/changelog   2017-04-01 20:39:17.0 +0200
+++ samba-4.5.8+dfsg/debian/changelog   2017-05-18 11:53:47.0 +0200
@@ -1,3 +1,9 @@
+samba (2:4.5.8+dfsg-2) unstable; urgency=high
+
+  * CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside
+
+ -- Mathieu Parent   Thu, 18 May 2017 11:53:47 +0200
+
 samba (2:4.5.8+dfsg-1) unstable; urgency=high
 
   * New upstream version
diff -Nru samba-4.5.8+dfsg/debian/patches/CVE-2017-7494.patch 
samba-4.5.8+dfsg/debian/patches/CVE-2017-7494.patch
--- samba-4.5.8+dfsg/debian/patches/CVE-2017-7494.patch 1970-01-01 
01:00:00.0 +0100
+++ samba-4.5.8+dfsg/debian/patches/CVE-2017-7494.patch 2017-05-18 
11:53:47.0 +0200
@@ -0,0 +1,33 @@
+From d2bc9f3afe23ee04d237ae9f4511fbe59a27ff54 Mon Sep 17 00:00:00 2001
+From: Volker Lendecke 
+Date: Mon, 8 May 2017 21:40:40 +0200
+Subject: [PATCH] CVE-2017-7494: rpc_server3: Refuse to open pipe names with /
+ inside
+
+Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780
+
+Signed-off-by: Volker Lendecke 
+Reviewed-by: Jeremy Allison 
+Reviewed-by: Stefan Metzmacher 
+---
+ source3/rpc_server/srv_pipe.c | 5 +
+ 1 file changed, 5 insertions(+)
+
+diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
+index 0633b5f..c3f0cd8 100644
+--- a/source3/rpc_server/srv_pipe.c
 b/source3/rpc_server/srv_pipe.c
+@@ -475,6 +475,11 @@ bool is_known_pipename(const char *pipename, struct 
ndr_syntax_id *syntax)
+ {
+   NTSTATUS status;
+ 
++  if (strchr(pipename, '/')) {
++  DEBUG(1, ("Refusing open on pipe %s\n", pipename));
++  return false;
++  }
++
+   if (lp_disable_spoolss() && strequal(pipename, "spoolss")) {
+   DEBUG(10, ("refusing spoolss access\n"));
+   return false;
+-- 
+1.9.1
diff -Nru samba-4.5.8+dfsg/debian/patches/series 
samba-4.5.8+dfsg/debian/patches/series
--- samba-4.5.8+dfsg/debian/patches/series  2017-04-01 20:39:17.0 
+0200
+++ samba-4.5.8+dfsg/debian/patches/series  2017-05-18 11:53:47.0 
+0200
@@ -15,3 +15,4 @@
 Add-documentation-to-systemd-Unit-files.patch
 fix_kill_path_in_units.patch
 nmbd-requires-a-working-network.patch
+CVE-2017-7494.patch
--- End Message ---
--- Begin Message ---
Unblocked samba.--- End Message ---

Bug#863261: marked as done (unblock: lapack/3.7.0-2)

2017-05-24 Thread Debian Bug Tracking System 
Your message dated Wed, 24 May 2017 16:52:30 +
with message-id 
and subject line unblock lapack
has caused the Debian Bug report #863261,
regarding unblock: lapack/3.7.0-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863261: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863261
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear Release Team,

Please unblock lapack 3.7.0-2.

This version fixes a regression in libblas.a, which was empty (#863258). By the
way, it also updates the metadata of two Debian patches.

The debdiff is attached.

unblock lapack/3.7.0-2

Thanks,

-- 
 .''`.Sébastien Villemot
: :' :Debian Developer
`. `' http://sebastien.villemot.name
  `-  GPG Key: 4096R/381A7594
diff -Nru lapack-3.7.0/debian/changelog lapack-3.7.0/debian/changelog
--- lapack-3.7.0/debian/changelog	2016-12-29 17:26:38.0 +0100
+++ lapack-3.7.0/debian/changelog	2017-05-24 16:24:37.0 +0200
@@ -1,3 +1,14 @@
+lapack (3.7.0-2) unstable; urgency=medium
+
+  * Fix regression in libblas.a, which was empty since 3.6.1-1.
+The bug has been introduced in the fix for #813309: the $(shell LC_ALL=C ls
+tmp/*.o) construct used to have a consistent ordering of object files is
+evaluated too early, and results in an empty list. Replace it by a $$(env …)
+construct, which is evaluated after the object files have been created.
+(Closes: #863258)
+
+ -- Sébastien Villemot   Wed, 24 May 2017 16:24:37 +0200
+
 lapack (3.7.0-1) unstable; urgency=medium
 
   * New upstream version 3.7.0
diff -Nru lapack-3.7.0/debian/patches/fix-typos.patch lapack-3.7.0/debian/patches/fix-typos.patch
--- lapack-3.7.0/debian/patches/fix-typos.patch	2016-12-29 16:47:22.0 +0100
+++ lapack-3.7.0/debian/patches/fix-typos.patch	2016-12-29 21:31:55.0 +0100
@@ -1,6 +1,7 @@
 Description: Fix various typos
 Author: Sébastien Villemot 
 Forwarded: https://github.com/Reference-LAPACK/lapack/pull/104
+Applied-Upstream: https://github.com/Reference-LAPACK/lapack/commit/c77258510e861765109d99270f54fecd583a0301
 Last-Update: 2016-12-29
 ---
 This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
diff -Nru lapack-3.7.0/debian/patches/test-numbering.patch lapack-3.7.0/debian/patches/test-numbering.patch
--- lapack-3.7.0/debian/patches/test-numbering.patch	2016-12-29 16:48:43.0 +0100
+++ lapack-3.7.0/debian/patches/test-numbering.patch	2016-12-29 21:31:31.0 +0100
@@ -2,6 +2,7 @@
  The numbering of tests had been broken in commit ed4e95e.
 Author: Sébastien Villemot 
 Forwarded: https://github.com/Reference-LAPACK/lapack/pull/104
+Applied-Upstream: https://github.com/Reference-LAPACK/lapack/commit/6c3b79b35e83df36e30bd2ceadc9b927a3287740
 Last-Update: 2016-12-29
 ---
 This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
diff -Nru lapack-3.7.0/debian/rules lapack-3.7.0/debian/rules
--- lapack-3.7.0/debian/rules	2016-12-29 10:16:27.0 +0100
+++ lapack-3.7.0/debian/rules	2017-05-24 16:15:47.0 +0200
@@ -141,7 +141,7 @@
 	ar d librefblas.a xerbla.o # We want to use the xerbla.o from libcblas.a
 	mkdir -p tmp
 	cd tmp && ar x ../librefblas.a && ar x ../libcblas.a
-	ar r libblas.a $(shell LC_ALL=C ls tmp/*.o)
+	ar r libblas.a $$(env LC_ALL=C ls tmp/*.o)
 	rm -rf tmp
 
 	# Build the test programs, in order to avoid FTBFS if DEB_BUILD_OPTIONS contains nocheck


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Unblocked lapack.--- End Message ---

Bug#863238: marked as done (unblock: mash/1.1.1-2)

2017-05-24 Thread Debian Bug Tracking System 
Your message dated Wed, 24 May 2017 16:50:12 +
with message-id 
and subject line unblock mash
has caused the Debian Bug report #863238,
regarding unblock: mash/1.1.1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863238: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863238
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock mash. The version currently in unstable fixes an issue with
parallel building that sometimes leads to an FTBFS.

The changes w.r.t. v1.1.1-1 currently in testing are minimal and only
introduce the patch, which was kindly provided by Adrian Bunk.

unblock mash/1.1.1-2

Please find attached to this email a debdiff with the relevant changes.

Many thanks
Sascha
diff -Nru mash-1.1.1/debian/changelog mash-1.1.1/debian/changelog
--- mash-1.1.1/debian/changelog 2016-08-27 08:48:34.0 +
+++ mash-1.1.1/debian/changelog 2017-05-24 08:43:17.0 +
@@ -1,3 +1,10 @@
+mash (1.1.1-2) unstable; urgency=medium
+
+  * Fix parallel building FTBFS. Thanks to Adrian Bunk for the patch.
+Closes: #863208
+
+ -- Sascha Steinbiss   Wed, 24 May 2017 08:43:17 +
+
 mash (1.1.1-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru mash-1.1.1/debian/patches/parallel.patch 
mash-1.1.1/debian/patches/parallel.patch
--- mash-1.1.1/debian/patches/parallel.patch1970-01-01 00:00:00.0 
+
+++ mash-1.1.1/debian/patches/parallel.patch2017-05-24 08:10:13.0 
+
@@ -0,0 +1,20 @@
+Description: Fix parallel build failures
+ "capnp compile" ran twice, and in parallel builds twice in parallel.
+ This resulted in occasional build failures caused by corrupt output files.
+ .
+ Fix the Makefile to only run "capnp compile" once.
+Author: Adrian Bunk 
+
+--- mash-1.1.1.orig/Makefile.in
 mash-1.1.1/Makefile.in
+@@ -46,7 +46,9 @@ libmash.a : $(OBJECTS)
+ %.o : %.c++
+   $(CXX) -c $(CXXFLAGS) $(CPPFLAGS) -o $@ $<
+ 
+-src/mash/capnp/MinHash.capnp.c++ src/mash/capnp/MinHash.capnp.h : 
src/mash/capnp/MinHash.capnp
++src/mash/capnp/MinHash.capnp.c++ : src/mash/capnp/MinHash.capnp.h
++
++src/mash/capnp/MinHash.capnp.h : src/mash/capnp/MinHash.capnp
+   cd src/mash/capnp;export PATH=@capnp@/bin/:${PATH};capnp compile -I 
@capnp@/include -oc++ MinHash.capnp
+ 
+ install : mash
diff -Nru mash-1.1.1/debian/patches/series mash-1.1.1/debian/patches/series
--- mash-1.1.1/debian/patches/series2016-07-22 08:13:36.0 +
+++ mash-1.1.1/debian/patches/series2017-05-24 08:10:13.0 +
@@ -2,3 +2,4 @@
 use_debian_mathjax.patch
 drop_memcpy_wrapper.patch
 link_dynamically_against_capnp.patch
+parallel.patch
--- End Message ---
--- Begin Message ---
Unblocked mash.--- End Message ---

Bug#863237: marked as done (unblock: puppet/4.8.2-5)

2017-05-24 Thread Debian Bug Tracking System 
Your message dated Wed, 24 May 2017 16:47:57 +
with message-id 
and subject line unblock puppet
has caused the Debian Bug report #863237,
regarding unblock: puppet/4.8.2-5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863237: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863237
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear release team,

Please unblock package puppet.

The version in unstable fixes a security issue (remote code execution), 
please see #863212 for more details.

Full source debdiff attached.

Thanks,
Apollon

unblock puppet/4.8.2-5
diff -Nru puppet-4.8.2/debian/changelog puppet-4.8.2/debian/changelog
--- puppet-4.8.2/debian/changelog	2017-04-28 17:38:26.0 +0300
+++ puppet-4.8.2/debian/changelog	2017-05-23 23:17:46.0 +0300
@@ -1,3 +1,10 @@
+puppet (4.8.2-5) unstable; urgency=high
+
+  * master: accept facts only in PSON format (CVE-2017-2295) (Closes:
+#863212).
+
+ -- Apollon Oikonomopoulos   Tue, 23 May 2017 23:17:46 +0300
+
 puppet (4.8.2-4) unstable; urgency=medium
 
   * Handle creation and removal of /var/cache/puppet/state (Closes: #855923)
diff -Nru puppet-4.8.2/debian/patches/0008-CVE-2017-2295.patch puppet-4.8.2/debian/patches/0008-CVE-2017-2295.patch
--- puppet-4.8.2/debian/patches/0008-CVE-2017-2295.patch	1970-01-01 02:00:00.0 +0200
+++ puppet-4.8.2/debian/patches/0008-CVE-2017-2295.patch	2017-05-22 10:47:55.0 +0300
@@ -0,0 +1,101 @@
+From b29fd533913786ef1e7de421c6128239b839fb5f Mon Sep 17 00:00:00 2001
+From: Josh Cooper 
+Date: Fri, 28 Apr 2017 12:09:11 -0700
+Subject: [PATCH] (PUP-7483) Reject all fact formats except PSON
+
+Previously, an authenticated user could cause the master to execute
+YAML.load on user-specified input, as well as MessagePack.unpack if the
+msgpack gem was installed.
+
+Since 3.2.2, agents have always sent facts as PSON. There is no reason
+to support other formats, so reject all fact formats except PSON.
+
+(cherry picked from commit 06d8c51367ca932b9da5d9b01958cfc0adf0f2ea)
+---
+ lib/puppet/indirector/catalog/compiler.rb |  6 +++--
+ spec/unit/indirector/catalog/compiler_spec.rb | 36 ---
+ 2 files changed, 36 insertions(+), 6 deletions(-)
+
+diff --git a/lib/puppet/indirector/catalog/compiler.rb b/lib/puppet/indirector/catalog/compiler.rb
+index e4e60ce54..16c83533e 100644
+--- a/lib/puppet/indirector/catalog/compiler.rb
 b/lib/puppet/indirector/catalog/compiler.rb
+@@ -25,9 +25,11 @@ class Puppet::Resource::Catalog::Compiler < Puppet::Indirector::Code
+   # in Network::HTTP::Handler will automagically deserialize the value.
+   if text_facts.is_a?(Puppet::Node::Facts)
+ facts = text_facts
+-  else
++  elsif format == 'pson'
+ # We unescape here because the corresponding code in Puppet::Configurer::FactHandler escapes
+-facts = Puppet::Node::Facts.convert_from(format, CGI.unescape(text_facts))
++facts = Puppet::Node::Facts.convert_from('pson', CGI.unescape(text_facts))
++  else
++raise ArgumentError, "Unsupported facts format"
+   end
+ 
+   unless facts.name == request.key
+diff --git a/spec/unit/indirector/catalog/compiler_spec.rb b/spec/unit/indirector/catalog/compiler_spec.rb
+index b134c9094..d31eaeeef 100644
+--- a/spec/unit/indirector/catalog/compiler_spec.rb
 b/spec/unit/indirector/catalog/compiler_spec.rb
+@@ -255,10 +255,10 @@ describe Puppet::Resource::Catalog::Compiler do
+   @facts = Puppet::Node::Facts.new('hostname', "fact" => "value", "architecture" => "i386")
+ end
+ 
+-def a_request_that_contains(facts)
++def a_request_that_contains(facts, format = :pson)
+   request = Puppet::Indirector::Request.new(:catalog, :find, "hostname", nil)
+-  request.options[:facts_format] = "pson"
+-  request.options[:facts] = CGI.escape(facts.render(:pson))
++  request.options[:facts_format] = format.to_s
++  request.options[:facts] = CGI.escape(facts.render(format))
+   request
+ end
+ 
+@@ -277,7 +277,7 @@ describe Puppet::Resource::Catalog::Compiler do
+   expect(facts.timestamp).to eq(time)
+ end
+ 
+-it "should convert the facts into a fact instance and save it" do
++it "accepts PSON facts" do
+   request = a_request_that_contains(@facts)
+ 
+   options = {
+@@ -289,6 +289,34 @@ describe Puppet::Resource::Catalog::Compiler

Bug#863268: unblock: samba/2:4.5.8+dfsg-2

2017-05-24 Thread Mathieu Parent 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package samba

It (only) includes a fix for critical CVE-2017-7494 (rpc_server3: Refuse to
open pipe names with / inside)

Debdiff attached.

Regards

Mathieu Parent

unblock samba/2:4.5.8+dfsg-2

-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru samba-4.5.8+dfsg/debian/changelog samba-4.5.8+dfsg/debian/changelog
--- samba-4.5.8+dfsg/debian/changelog   2017-04-01 20:39:17.0 +0200
+++ samba-4.5.8+dfsg/debian/changelog   2017-05-18 11:53:47.0 +0200
@@ -1,3 +1,9 @@
+samba (2:4.5.8+dfsg-2) unstable; urgency=high
+
+  * CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside
+
+ -- Mathieu Parent   Thu, 18 May 2017 11:53:47 +0200
+
 samba (2:4.5.8+dfsg-1) unstable; urgency=high
 
   * New upstream version
diff -Nru samba-4.5.8+dfsg/debian/patches/CVE-2017-7494.patch 
samba-4.5.8+dfsg/debian/patches/CVE-2017-7494.patch
--- samba-4.5.8+dfsg/debian/patches/CVE-2017-7494.patch 1970-01-01 
01:00:00.0 +0100
+++ samba-4.5.8+dfsg/debian/patches/CVE-2017-7494.patch 2017-05-18 
11:53:47.0 +0200
@@ -0,0 +1,33 @@
+From d2bc9f3afe23ee04d237ae9f4511fbe59a27ff54 Mon Sep 17 00:00:00 2001
+From: Volker Lendecke 
+Date: Mon, 8 May 2017 21:40:40 +0200
+Subject: [PATCH] CVE-2017-7494: rpc_server3: Refuse to open pipe names with /
+ inside
+
+Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780
+
+Signed-off-by: Volker Lendecke 
+Reviewed-by: Jeremy Allison 
+Reviewed-by: Stefan Metzmacher 
+---
+ source3/rpc_server/srv_pipe.c | 5 +
+ 1 file changed, 5 insertions(+)
+
+diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
+index 0633b5f..c3f0cd8 100644
+--- a/source3/rpc_server/srv_pipe.c
 b/source3/rpc_server/srv_pipe.c
+@@ -475,6 +475,11 @@ bool is_known_pipename(const char *pipename, struct 
ndr_syntax_id *syntax)
+ {
+   NTSTATUS status;
+ 
++  if (strchr(pipename, '/')) {
++  DEBUG(1, ("Refusing open on pipe %s\n", pipename));
++  return false;
++  }
++
+   if (lp_disable_spoolss() && strequal(pipename, "spoolss")) {
+   DEBUG(10, ("refusing spoolss access\n"));
+   return false;
+-- 
+1.9.1
diff -Nru samba-4.5.8+dfsg/debian/patches/series 
samba-4.5.8+dfsg/debian/patches/series
--- samba-4.5.8+dfsg/debian/patches/series  2017-04-01 20:39:17.0 
+0200
+++ samba-4.5.8+dfsg/debian/patches/series  2017-05-18 11:53:47.0 
+0200
@@ -15,3 +15,4 @@
 Add-documentation-to-systemd-Unit-files.patch
 fix_kill_path_in_units.patch
 nmbd-requires-a-working-network.patch
+CVE-2017-7494.patch

Bug#863261: unblock: lapack/3.7.0-2

2017-05-24 Thread Sébastien Villemot 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear Release Team,

Please unblock lapack 3.7.0-2.

This version fixes a regression in libblas.a, which was empty (#863258). By the
way, it also updates the metadata of two Debian patches.

The debdiff is attached.

unblock lapack/3.7.0-2

Thanks,

-- 
 .''`.Sébastien Villemot
: :' :Debian Developer
`. `' http://sebastien.villemot.name
  `-  GPG Key: 4096R/381A7594
diff -Nru lapack-3.7.0/debian/changelog lapack-3.7.0/debian/changelog
--- lapack-3.7.0/debian/changelog	2016-12-29 17:26:38.0 +0100
+++ lapack-3.7.0/debian/changelog	2017-05-24 16:24:37.0 +0200
@@ -1,3 +1,14 @@
+lapack (3.7.0-2) unstable; urgency=medium
+
+  * Fix regression in libblas.a, which was empty since 3.6.1-1.
+The bug has been introduced in the fix for #813309: the $(shell LC_ALL=C ls
+tmp/*.o) construct used to have a consistent ordering of object files is
+evaluated too early, and results in an empty list. Replace it by a $$(env …)
+construct, which is evaluated after the object files have been created.
+(Closes: #863258)
+
+ -- Sébastien Villemot   Wed, 24 May 2017 16:24:37 +0200
+
 lapack (3.7.0-1) unstable; urgency=medium
 
   * New upstream version 3.7.0
diff -Nru lapack-3.7.0/debian/patches/fix-typos.patch lapack-3.7.0/debian/patches/fix-typos.patch
--- lapack-3.7.0/debian/patches/fix-typos.patch	2016-12-29 16:47:22.0 +0100
+++ lapack-3.7.0/debian/patches/fix-typos.patch	2016-12-29 21:31:55.0 +0100
@@ -1,6 +1,7 @@
 Description: Fix various typos
 Author: Sébastien Villemot 
 Forwarded: https://github.com/Reference-LAPACK/lapack/pull/104
+Applied-Upstream: https://github.com/Reference-LAPACK/lapack/commit/c77258510e861765109d99270f54fecd583a0301
 Last-Update: 2016-12-29
 ---
 This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
diff -Nru lapack-3.7.0/debian/patches/test-numbering.patch lapack-3.7.0/debian/patches/test-numbering.patch
--- lapack-3.7.0/debian/patches/test-numbering.patch	2016-12-29 16:48:43.0 +0100
+++ lapack-3.7.0/debian/patches/test-numbering.patch	2016-12-29 21:31:31.0 +0100
@@ -2,6 +2,7 @@
  The numbering of tests had been broken in commit ed4e95e.
 Author: Sébastien Villemot 
 Forwarded: https://github.com/Reference-LAPACK/lapack/pull/104
+Applied-Upstream: https://github.com/Reference-LAPACK/lapack/commit/6c3b79b35e83df36e30bd2ceadc9b927a3287740
 Last-Update: 2016-12-29
 ---
 This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
diff -Nru lapack-3.7.0/debian/rules lapack-3.7.0/debian/rules
--- lapack-3.7.0/debian/rules	2016-12-29 10:16:27.0 +0100
+++ lapack-3.7.0/debian/rules	2017-05-24 16:15:47.0 +0200
@@ -141,7 +141,7 @@
 	ar d librefblas.a xerbla.o # We want to use the xerbla.o from libcblas.a
 	mkdir -p tmp
 	cd tmp && ar x ../librefblas.a && ar x ../libcblas.a
-	ar r libblas.a $(shell LC_ALL=C ls tmp/*.o)
+	ar r libblas.a $$(env LC_ALL=C ls tmp/*.o)
 	rm -rf tmp
 
 	# Build the test programs, in order to avoid FTBFS if DEB_BUILD_OPTIONS contains nocheck


signature.asc
Description: PGP signature

Bug#863238: unblock: mash/1.1.1-2

2017-05-24 Thread Sascha Steinbiss 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock mash. The version currently in unstable fixes an issue with
parallel building that sometimes leads to an FTBFS.

The changes w.r.t. v1.1.1-1 currently in testing are minimal and only
introduce the patch, which was kindly provided by Adrian Bunk.

unblock mash/1.1.1-2

Please find attached to this email a debdiff with the relevant changes.

Many thanks
Sascha
diff -Nru mash-1.1.1/debian/changelog mash-1.1.1/debian/changelog
--- mash-1.1.1/debian/changelog 2016-08-27 08:48:34.0 +
+++ mash-1.1.1/debian/changelog 2017-05-24 08:43:17.0 +
@@ -1,3 +1,10 @@
+mash (1.1.1-2) unstable; urgency=medium
+
+  * Fix parallel building FTBFS. Thanks to Adrian Bunk for the patch.
+Closes: #863208
+
+ -- Sascha Steinbiss   Wed, 24 May 2017 08:43:17 +
+
 mash (1.1.1-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru mash-1.1.1/debian/patches/parallel.patch 
mash-1.1.1/debian/patches/parallel.patch
--- mash-1.1.1/debian/patches/parallel.patch1970-01-01 00:00:00.0 
+
+++ mash-1.1.1/debian/patches/parallel.patch2017-05-24 08:10:13.0 
+
@@ -0,0 +1,20 @@
+Description: Fix parallel build failures
+ "capnp compile" ran twice, and in parallel builds twice in parallel.
+ This resulted in occasional build failures caused by corrupt output files.
+ .
+ Fix the Makefile to only run "capnp compile" once.
+Author: Adrian Bunk 
+
+--- mash-1.1.1.orig/Makefile.in
 mash-1.1.1/Makefile.in
+@@ -46,7 +46,9 @@ libmash.a : $(OBJECTS)
+ %.o : %.c++
+   $(CXX) -c $(CXXFLAGS) $(CPPFLAGS) -o $@ $<
+ 
+-src/mash/capnp/MinHash.capnp.c++ src/mash/capnp/MinHash.capnp.h : 
src/mash/capnp/MinHash.capnp
++src/mash/capnp/MinHash.capnp.c++ : src/mash/capnp/MinHash.capnp.h
++
++src/mash/capnp/MinHash.capnp.h : src/mash/capnp/MinHash.capnp
+   cd src/mash/capnp;export PATH=@capnp@/bin/:${PATH};capnp compile -I 
@capnp@/include -oc++ MinHash.capnp
+ 
+ install : mash
diff -Nru mash-1.1.1/debian/patches/series mash-1.1.1/debian/patches/series
--- mash-1.1.1/debian/patches/series2016-07-22 08:13:36.0 +
+++ mash-1.1.1/debian/patches/series2017-05-24 08:10:13.0 +
@@ -2,3 +2,4 @@
 use_debian_mathjax.patch
 drop_memcpy_wrapper.patch
 link_dynamically_against_capnp.patch
+parallel.patch

Bug#863237: unblock: puppet/4.8.2-5

2017-05-24 Thread Apollon Oikonomopoulos 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear release team,

Please unblock package puppet.

The version in unstable fixes a security issue (remote code execution), 
please see #863212 for more details.

Full source debdiff attached.

Thanks,
Apollon

unblock puppet/4.8.2-5
diff -Nru puppet-4.8.2/debian/changelog puppet-4.8.2/debian/changelog
--- puppet-4.8.2/debian/changelog	2017-04-28 17:38:26.0 +0300
+++ puppet-4.8.2/debian/changelog	2017-05-23 23:17:46.0 +0300
@@ -1,3 +1,10 @@
+puppet (4.8.2-5) unstable; urgency=high
+
+  * master: accept facts only in PSON format (CVE-2017-2295) (Closes:
+#863212).
+
+ -- Apollon Oikonomopoulos   Tue, 23 May 2017 23:17:46 +0300
+
 puppet (4.8.2-4) unstable; urgency=medium
 
   * Handle creation and removal of /var/cache/puppet/state (Closes: #855923)
diff -Nru puppet-4.8.2/debian/patches/0008-CVE-2017-2295.patch puppet-4.8.2/debian/patches/0008-CVE-2017-2295.patch
--- puppet-4.8.2/debian/patches/0008-CVE-2017-2295.patch	1970-01-01 02:00:00.0 +0200
+++ puppet-4.8.2/debian/patches/0008-CVE-2017-2295.patch	2017-05-22 10:47:55.0 +0300
@@ -0,0 +1,101 @@
+From b29fd533913786ef1e7de421c6128239b839fb5f Mon Sep 17 00:00:00 2001
+From: Josh Cooper 
+Date: Fri, 28 Apr 2017 12:09:11 -0700
+Subject: [PATCH] (PUP-7483) Reject all fact formats except PSON
+
+Previously, an authenticated user could cause the master to execute
+YAML.load on user-specified input, as well as MessagePack.unpack if the
+msgpack gem was installed.
+
+Since 3.2.2, agents have always sent facts as PSON. There is no reason
+to support other formats, so reject all fact formats except PSON.
+
+(cherry picked from commit 06d8c51367ca932b9da5d9b01958cfc0adf0f2ea)
+---
+ lib/puppet/indirector/catalog/compiler.rb |  6 +++--
+ spec/unit/indirector/catalog/compiler_spec.rb | 36 ---
+ 2 files changed, 36 insertions(+), 6 deletions(-)
+
+diff --git a/lib/puppet/indirector/catalog/compiler.rb b/lib/puppet/indirector/catalog/compiler.rb
+index e4e60ce54..16c83533e 100644
+--- a/lib/puppet/indirector/catalog/compiler.rb
 b/lib/puppet/indirector/catalog/compiler.rb
+@@ -25,9 +25,11 @@ class Puppet::Resource::Catalog::Compiler < Puppet::Indirector::Code
+   # in Network::HTTP::Handler will automagically deserialize the value.
+   if text_facts.is_a?(Puppet::Node::Facts)
+ facts = text_facts
+-  else
++  elsif format == 'pson'
+ # We unescape here because the corresponding code in Puppet::Configurer::FactHandler escapes
+-facts = Puppet::Node::Facts.convert_from(format, CGI.unescape(text_facts))
++facts = Puppet::Node::Facts.convert_from('pson', CGI.unescape(text_facts))
++  else
++raise ArgumentError, "Unsupported facts format"
+   end
+ 
+   unless facts.name == request.key
+diff --git a/spec/unit/indirector/catalog/compiler_spec.rb b/spec/unit/indirector/catalog/compiler_spec.rb
+index b134c9094..d31eaeeef 100644
+--- a/spec/unit/indirector/catalog/compiler_spec.rb
 b/spec/unit/indirector/catalog/compiler_spec.rb
+@@ -255,10 +255,10 @@ describe Puppet::Resource::Catalog::Compiler do
+   @facts = Puppet::Node::Facts.new('hostname', "fact" => "value", "architecture" => "i386")
+ end
+ 
+-def a_request_that_contains(facts)
++def a_request_that_contains(facts, format = :pson)
+   request = Puppet::Indirector::Request.new(:catalog, :find, "hostname", nil)
+-  request.options[:facts_format] = "pson"
+-  request.options[:facts] = CGI.escape(facts.render(:pson))
++  request.options[:facts_format] = format.to_s
++  request.options[:facts] = CGI.escape(facts.render(format))
+   request
+ end
+ 
+@@ -277,7 +277,7 @@ describe Puppet::Resource::Catalog::Compiler do
+   expect(facts.timestamp).to eq(time)
+ end
+ 
+-it "should convert the facts into a fact instance and save it" do
++it "accepts PSON facts" do
+   request = a_request_that_contains(@facts)
+ 
+   options = {
+@@ -289,6 +289,34 @@ describe Puppet::Resource::Catalog::Compiler do
+ 
+   @compiler.extract_facts_from_request(request)
+ end
++
++it "rejects YAML facts" do
++  request = a_request_that_contains(@facts, :yaml)
++
++  options = {
++:environment => request.environment,
++:transaction_uuid => request.options[:transaction_uuid],
++  }
++
++  expect {
++@compiler.extract_facts_from_request(request)
++  }.to raise_error(ArgumentError, /Unsupported facts format/)
++end
++
++it "rejects unknown fact formats" do
++  request = a_request_that_contains(@facts)
++  request.options[:facts_format] = 'unknown-format'
++
++  options = {
++:environment => request.environment,
++:transaction_uuid => request.options[:transaction_uuid],
++  }
++
++  expect {
++

Bug#863222: unblock: bilibop/0.5.2.1

2017-05-24 Thread intrigeri 
Hi,

quidame:
> Version 0.5.2 (currently in testing) is affected
> by a bug [1] with severity "important", which now
> is fixed in version 0.5.2.1 (currently in unstable).

FWIW, this bug was discovered as it affected Tails, and we're shipping
the proposed diff there; it works fine for us :)

Cheers,
-- 
intrigeri