Bug#868517: stretch-pu: package expect/5.45-7+deb9u1 (pre-approval)

2017-07-23 Thread Sergei Golovan 
On Sun, Jul 23, 2017 at 2:29 PM, Adam D. Barratt
 wrote:
> Control: tags -1 + confirmed
>
>
> Please use "stretch" as the changelog distribution and feel free to
> upload.

Done.

-- 
Sergei Golovan

Processed: block 866389 with 869433 869511

2017-07-23 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 866389 with 869433 869511
Bug #866389 [release.debian.org] transition: perl 5.26
866389 was blocked by: 865020 865898 869418 865888 865482 826497 827640 865893 
869383 869504 869318 866315 867210 867984 866944 865034 867213 867046 826505 
865477 826489 869436 869139 865224 866978 865380 865045 826471 826502 865033 
867514 826473 866317 866934 809352 869357
866389 was not blocking any bugs.
Added blocking bug(s) of 866389: 869433 and 869511
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
866389: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866389
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: block 866389 with 869504

2017-07-23 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> # libguestfs: build-depends on linux-image-586, which doesn't exist
> block 866389 with 869504
Bug #866389 [release.debian.org] transition: perl 5.26
866389 was blocked by: 867210 869318 865898 865020 869418 869436 866944 867046 
869139 869383 865477 866317 867514 809352 866934 865893 869357 866315 826471 
865482 865380 826489 827640 865224 826505 865033 826473 826497 865045 865888 
826502 866978 867213 865034 867984
866389 was not blocking any bugs.
Added blocking bug(s) of 866389: 869504
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
866389: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866389
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

NEW changes in oldstable-new

2017-07-23 Thread Debian FTP Masters 
Processing changes file: cups_1.7.5-11+deb8u2_mipsel.changes
  ACCEPT

NEW changes in oldstable-new

2017-07-23 Thread Debian FTP Masters 
Processing changes file: elog_2.9.2+2014.05.11git44800a7-2+deb8u2_mipsel.changes
  ACCEPT

Bug#868684: stretch-pu: package haveged/1.9.1-5+deb9u1

2017-07-23 Thread Jérémy Bobbio 
Adam D. Barratt:
> On Mon, 2017-07-17 at 18:43 +0200, Jérémy Bobbio wrote:
> > Package: release.debian.org
> > User: release.debian@packages.debian.org
> > Usetags: pu
> 
> If you're going to write the metadata by hand, please at least spell it
> correctly. ;-) Fixed.

Oops! Thanks for noticing and cleaning it up. :)

> > I'd like to update the haveged package in stretch. The current version
> > has a bug which is proving to be affecting more computers than it
> > originally seemed. The issue (#858134) is a race that can lead to failed
> > or greatly delayed boots.
> 
> +haveged (1.9.1-5+deb9u1) stable; urgency=medium
> 
> Please use "stretch" as the changelog distribution. With that change,
> feel free to upload.

Uploaded. Thanks for your prompt review!

-- 
Lunar.''`. 
lu...@debian.org: :Ⓐ  :  # apt-get install anarchism
`. `'` 
  `-   


signature.asc
Description: PGP signature

NEW changes in oldstable-new

2017-07-23 Thread Debian FTP Masters 
Processing changes file: cups_1.7.5-11+deb8u2_armel.changes
  ACCEPT
Processing changes file: cups_1.7.5-11+deb8u2_armhf.changes
  ACCEPT

NEW changes in oldstable-new

2017-07-23 Thread Debian FTP Masters 
Processing changes file: cups_1.7.5-11+deb8u2_mips.changes
  ACCEPT
Processing changes file: elog_2.9.2+2014.05.11git44800a7-2+deb8u2_armhf.changes
  ACCEPT

NEW changes in oldstable-new

2017-07-23 Thread Debian FTP Masters 
Processing changes file: cups_1.7.5-11+deb8u2_arm64.changes
  ACCEPT
Processing changes file: cups_1.7.5-11+deb8u2_i386.changes
  ACCEPT
Processing changes file: cups_1.7.5-11+deb8u2_powerpc.changes
  ACCEPT
Processing changes file: cups_1.7.5-11+deb8u2_ppc64el.changes
  ACCEPT
Processing changes file: cups_1.7.5-11+deb8u2_s390x.changes
  ACCEPT
Processing changes file: elog_2.9.2+2014.05.11git44800a7-2+deb8u2_arm64.changes
  ACCEPT
Processing changes file: elog_2.9.2+2014.05.11git44800a7-2+deb8u2_armel.changes
  ACCEPT
Processing changes file: elog_2.9.2+2014.05.11git44800a7-2+deb8u2_mips.changes
  ACCEPT
Processing changes file: 
elog_2.9.2+2014.05.11git44800a7-2+deb8u2_ppc64el.changes
  ACCEPT

NEW changes in oldstable-new

2017-07-23 Thread Debian FTP Masters 
Processing changes file: elog_2.9.2+2014.05.11git44800a7-2+deb8u2_i386.changes
  ACCEPT
Processing changes file: 
elog_2.9.2+2014.05.11git44800a7-2+deb8u2_powerpc.changes
  ACCEPT
Processing changes file: elog_2.9.2+2014.05.11git44800a7-2+deb8u2_s390x.changes
  ACCEPT

Processed: ifeffit: FTBFS with perl 5.26

2017-07-23 Thread Debian Bug Tracking System 
Processing control commands:

> block 866389 by -1
Bug #866389 [release.debian.org] transition: perl 5.26
866389 was blocked by: 866944 867210 867213 865482 826489 869357 866934 865224 
865045 826473 865898 869318 826471 869418 867984 866315 827640 866978 865034 
865477 865033 869139 866317 867514 867046 826497 826505 826502 865380 869383 
865888 865893 865020 809352
866389 was not blocking any bugs.
Added blocking bug(s) of 866389: 869436

-- 
866389: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866389
869436: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869436
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#868809: stretch-pu: package kanatest/0.4.8-3+b1

2017-07-23 Thread Markus Koschany 
Am 23.07.2017 um 13:21 schrieb Adam D. Barratt:
> Control: tags -1 + confirmed
> 
> On Tue, 2017-07-18 at 22:50 +0200, Markus Koschany wrote:
>> I would like to update kanatest in Stretch because of [1]. It is
>> basically unusable at the moment. Unfortunately nobody noticed it in
>> time. The patch removes some compile time options that will prevent
>> implicit pointer conversion and also the segmentation fault at
>> startup.
> 
> jessie has the same version of the package; is it also affected?

No the Jessie version is not affected because it was not recompiled like
the Stretch version (note the +b1). I'm not sure if we saw the same
effect when the package would be recompiled there but in my opinion an
update is not needed.

> 
> Please go ahead.

Uploaded. Thanks.

Regards,

Markus




signature.asc
Description: OpenPGP digital signature

Bug#869434: stretch-pu: package gnutls28/3.5.8-5+deb9u3

2017-07-23 Thread Andreas Metzler 
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

Hello,

gnutls upstream has pointed out that it would make sense to pull
two patches from 3.5.14. These improve interoperability by avoiding
incorrect OCSP verification errors. These errors could become quite
common with growing popularity of ecdsa signatures.

thanks, cu Andreas
diff -Nru gnutls28-3.5.8/debian/changelog gnutls28-3.5.8/debian/changelog
--- gnutls28-3.5.8/debian/changelog	2017-07-08 10:29:05.0 +0200
+++ gnutls28-3.5.8/debian/changelog	2017-07-23 14:28:37.0 +0200
@@ -1,3 +1,14 @@
+gnutls28 (3.5.8-5+deb9u3) stretch; urgency=medium
+
+  * 38_01-OCSP-check-the-subject-public-key-identifier-field-t.patch
+38_02-OCSP-find_signercert-improved-DER-length-calculation.patch from
+gnutls 3.5.14: Fix OCSP verification errors, especially with ecdsa
+signatures.
+https://gitlab.com/gnutls/gnutls/issues/223
+Thanks to Nikos Mavrogiannopoulos for the suggestion.
+
+ -- Andreas Metzler   Sun, 23 Jul 2017 14:28:37 +0200
+
 gnutls28 (3.5.8-5+deb9u2) stretch; urgency=medium
 
   * 37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch from
diff -Nru gnutls28-3.5.8/debian/patches/38_01-OCSP-check-the-subject-public-key-identifier-field-t.patch gnutls28-3.5.8/debian/patches/38_01-OCSP-check-the-subject-public-key-identifier-field-t.patch
--- gnutls28-3.5.8/debian/patches/38_01-OCSP-check-the-subject-public-key-identifier-field-t.patch	1970-01-01 01:00:00.0 +0100
+++ gnutls28-3.5.8/debian/patches/38_01-OCSP-check-the-subject-public-key-identifier-field-t.patch	2017-07-23 13:49:16.0 +0200
@@ -0,0 +1,56 @@
+From 4115dda443f38119ad46262f7f4adc78cfa1bf83 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos 
+Date: Fri, 30 Jun 2017 10:04:01 +0200
+Subject: [PATCH 1/2] OCSP: check the subject public key identifier field to
+ figure issuer
+
+Normally when attempting to match the 'Responder Key ID' in an OCSP response
+against the issuer certificate we check (according to RFC6960) against the
+hash of the SPKI field. However, in few certificates (see commit:
+"added ECDSA OCSP response verification"), that may not be the case. In that
+certificate, that value matches the Subject Public Key identifier field
+but not the hash.
+
+To account for these certificates, we enhance the matching to also consider
+the Subject Public Key identifier field.
+
+Relates: #223
+
+Signed-off-by: Nikos Mavrogiannopoulos 
+---
+ lib/x509/ocsp.c | 17 -
+ 1 file changed, 16 insertions(+), 1 deletion(-)
+
+diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c
+index dcdf435d2..68e721eaa 100644
+--- a/lib/x509/ocsp.c
 b/lib/x509/ocsp.c
+@@ -1923,9 +1923,24 @@ static gnutls_x509_crt_t find_signercert(gnutls_ocsp_resp_t resp)
+ 
+ 	for (i = 0; i < ncerts; i++) {
+ 		if (keyid.data != NULL) {
+-			uint8_t digest[20];
++			uint8_t digest[128]; /* to support longer key IDs */
+ 			gnutls_datum_t spki;
++			size_t digest_size = sizeof(digest);
+ 
++			_gnutls_debug_log("checking key ID against SPK identifier\n");
++
++			/* check subject key identifier as well, some certificates
++			 * match that, but not the hash */
++			rc = gnutls_x509_crt_get_subject_key_id(certs[i], digest, _size, NULL);
++			if (rc >= 0 && digest_size == keyid.size &&
++			memcmp(keyid.data, digest, digest_size) == 0) {
++signercert = certs[i];
++goto quit;
++			}
++
++			_gnutls_debug_log("checking key ID against SPKI hash\n");
++
++			/* continue with checking the hash */
+ 			rc = _gnutls_x509_get_raw_field2(certs[i]->cert, [i]->der,
+ 	  "tbsCertificate.subjectPublicKeyInfo.subjectPublicKey",
+ 	  );
+-- 
+2.13.2
+
diff -Nru gnutls28-3.5.8/debian/patches/38_02-OCSP-find_signercert-improved-DER-length-calculation.patch gnutls28-3.5.8/debian/patches/38_02-OCSP-find_signercert-improved-DER-length-calculation.patch
--- gnutls28-3.5.8/debian/patches/38_02-OCSP-find_signercert-improved-DER-length-calculation.patch	1970-01-01 01:00:00.0 +0100
+++ gnutls28-3.5.8/debian/patches/38_02-OCSP-find_signercert-improved-DER-length-calculation.patch	2017-07-23 13:49:16.0 +0200
@@ -0,0 +1,77 @@
+From 3c36d980d447251b34677c21bd4a141829c045f6 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos 
+Date: Sat, 1 Jul 2017 10:50:57 +0200
+Subject: [PATCH 2/2] OCSP: find_signercert: improved DER length calculation
+
+Previously we were assuming a fixed amount of length bytes which
+is not correct for all possible lengths. Use libtasn1 to decode
+the length field.
+
+Resolves: #223
+
+Signed-off-by: Nikos Mavrogiannopoulos 
+---
+ lib/x509/ocsp.c | 30 --
+ 1 file changed, 24 insertions(+), 6 deletions(-)
+
+diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c
+index 68e721eaa..321a676b3 100644
+--- a/lib/x509/ocsp.c
 b/lib/x509/ocsp.c
+@@ -1923,9 +1923,10

Bug#869419: stretch-pu: package chrony/3.0-4+deb9u1

2017-07-23 Thread Vincent Blut 
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hello,

I’d like to fix #868491 in Stretch to prevent the “if-up” script from 
failing in certain situations (usually at boot when chronyd isn’t fully 
ready) which impede ifupdown from correctly registering the concerned 
network interface in /run/network/ifstate.

Cheers,
Vincent

- -- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), 
LANGUAGE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-BEGIN PGP SIGNATURE-

iQJLBAEBCgA1FiEE/VQBlxWoTJPh4vI5ipzudlpxp4AFAll0k80XHHZpbmNlbnQu
ZGViaWFuQGZyZWUuZnIACgkQipzudlpxp4AcuRAA2n+jALgsb71pdnKK/QoTikpG
HpOJ7x+wdtgP0t4hr/CEu3pNONfq/HZQ+dJCkoKT+Z/pMcSzhVe7A7CQv8HfeDbx
kdNZRxPqbEr8PTlm3T9ZGJbTTpGbY6JiOEsPdiOmpwxJCrb7fuF9gN20Yyerd67+
S3Fh9BFKINSbLl8oxz/WIap1TKAUmEN2yt9eeWTMmOHgPXwIsKczN8KC5EU0TTj7
zf5hX9tAPhD8oxAQir7SDIad6sWZ656UHpMVRT947M2TB7QynMZI6xuCl2uOCQEk
bssbt1kzQUFFwXEXl5KbPnsRyHnwgr1C1jj+QIBuonyegcamHqCP87gquFV9Dww+
iuZ7atbCX9qQqgSeJb5F7bffKc4GxnBmLuV+9VRxlWHpNSeOupEAq3qEZjDa9ZWe
IEzYEtgnSxTGcn437VDXRyh5a6NQMXecD6b16pCfG6LXDOu7jT5NSCAX7sjYO4ak
uTEa4aKfzSkmVlliDPR5oUjqgHPgeQNMZz3dgKStCfKrHSwilnzwMRAevGXFfASC
pNA8g+KCqxwU4UVCzpaXPmm0u6v5lB8Qh8RswcbRTDZC/E5nVtbwoBx1sHc/ilEV
hhGJGendYWZDnC4+QfZvuwyerUkS9RjpCq4364ZVnI4+SC0DXlCsD8VtyX/bXhYa
/K42g7nXGKvV8Mpf8Ns=
=5MtQ
-END PGP SIGNATURE-
diffstat for chrony-3.0 chrony-3.0

 changelog|   15 +++
 chrony.if-up |2 +-
 chrony.ppp.ip-up |2 +-
 3 files changed, 17 insertions(+), 2 deletions(-)

diff -Nru chrony-3.0/debian/changelog chrony-3.0/debian/changelog
--- chrony-3.0/debian/changelog 2017-04-26 17:39:44.0 +0200
+++ chrony-3.0/debian/changelog 2017-07-22 17:24:44.0 +0200
@@ -1,3 +1,18 @@
+chrony (3.0-4+deb9u1) stretch; urgency=medium
+
+  * debian/chrony.if-up:
+- Do not pass the “burst” command to chronyc as the script could return an
+error in certain situations. As a consequence, that would prevent ifupdown
+from writing the current state of the interfaces in /run/network/ifstate.
+Thanks to John Eikenberry  for reporting that issue.
+(Closes: #868491)
+
+  * debian/chrony.ppp.ip-up:
+- Take the same action as for the “chrony.if-up” script as a precautionary
+measure.
+
+ -- Vincent Blut   Sat, 22 Jul 2017 17:24:44 +0200
+
 chrony (3.0-4) unstable; urgency=medium
 
   * debian/patches/*:
diff -Nru chrony-3.0/debian/chrony.if-up chrony-3.0/debian/chrony.if-up
--- chrony-3.0/debian/chrony.if-up  2017-01-16 17:33:37.0 +0100
+++ chrony-3.0/debian/chrony.if-up  2017-07-22 17:23:39.0 +0200
@@ -6,7 +6,7 @@
 
 if [ -e /run/chronyd.pid ] &&
 ip r list dev $IFACE 2> /dev/null | grep -q '^default'; then
-chronyc -m online 'burst 4/10' > /dev/null 2>&1
+chronyc online > /dev/null 2>&1
 else
 exit 0
 fi
diff -Nru chrony-3.0/debian/chrony.ppp.ip-up chrony-3.0/debian/chrony.ppp.ip-up
--- chrony-3.0/debian/chrony.ppp.ip-up  2017-01-16 17:33:37.0 +0100
+++ chrony-3.0/debian/chrony.ppp.ip-up  2017-07-22 17:23:39.0 +0200
@@ -6,6 +6,6 @@
 # Modified by Vincent Blut 
 
 /bin/pidof chronyd > /dev/null || exit 0
-/usr/bin/chronyc -m online 'burst 4/4' > /dev/null 2>&1
+/usr/bin/chronyc online > /dev/null 2>&1
 touch /var/run/chrony-ppp-up
 exit 0

Processed: block 866389 with 869418

2017-07-23 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 866389 with 869418
Bug #866389 [release.debian.org] transition: perl 5.26
866389 was blocked by: 866934 865033 866315 866944 826473 826505 865045 865482 
865888 827640 809352 866978 865224 867514 865898 826489 869357 865893 869318 
866317 867984 867210 865020 869383 865380 867046 869139 826471 865034 867213 
826497 826502 865477
866389 was not blocking any bugs.
Added blocking bug(s) of 866389: 869418
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
866389: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866389
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

NEW changes in oldstable-new

2017-07-23 Thread Debian FTP Masters 
Processing changes file: apache2_2.4.10-10+deb8u10_amd64.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u10_arm64.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u10_armel.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u10_armhf.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u10_i386.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u10_mips.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u10_mipsel.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u10_powerpc.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u10_ppc64el.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u10_s390x.changes
  ACCEPT
Processing changes file: cups_1.7.5-11+deb8u2_amd64.changes
  ACCEPT
Processing changes file: elog_2.9.2+2014.05.11git44800a7-2+deb8u2_amd64.changes
  ACCEPT
Processing changes file: kedpm_1.0+deb8u1_amd64.changes
  ACCEPT

Processed: Re: Bug#868517: stretch-pu: package expect/5.45-7+deb9u1 (pre-approval)

2017-07-23 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + confirmed
Bug #868517 [release.debian.org] stretch-pu: package expect/5.45-7+deb9u1 
(pre-approval)
Added tag(s) confirmed.

-- 
868517: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868517
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#868517: stretch-pu: package expect/5.45-7+deb9u1 (pre-approval)

2017-07-23 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Sun, 2017-07-16 at 13:16 +0300, Sergei Golovan wrote:
> I'd like to update the expect package in stretch. The current version
> has a bug which has been discovered recently, it affects GCC regression
> tests.
> 
> There wasn't a bugreport for this in Debian itself, so you can look at
> a pretty long thread starting from [1]. The interesting part can be
> found at [2].
> 
> In summary, sometimes Expect truncates input data (when EOF flag is
> already set and there's some unprocessed data in an internal buffer).
> 
> And while there are workarounds, it'd be better to fix the bug in Expect
> itself.

+expect (5.45-7+deb9u1) stable; urgency=medium

Please use "stretch" as the changelog distribution and feel free to
upload.

Regards,

Adam

Bug#868809: stretch-pu: package kanatest/0.4.8-3+b1

2017-07-23 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Tue, 2017-07-18 at 22:50 +0200, Markus Koschany wrote:
> I would like to update kanatest in Stretch because of [1]. It is
> basically unusable at the moment. Unfortunately nobody noticed it in
> time. The patch removes some compile time options that will prevent
> implicit pointer conversion and also the segmentation fault at
> startup.

jessie has the same version of the package; is it also affected?

Please go ahead.

Regards,

Adam

Processed: Re: Bug#868809: stretch-pu: package kanatest/0.4.8-3+b1

2017-07-23 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + confirmed
Bug #868809 [release.debian.org] stretch-pu: package kanatest/0.4.8-3+b1
Added tag(s) confirmed.

-- 
868809: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868809
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#868684: stretch-pu: package haveged/1.9.1-5+deb9u1

2017-07-23 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Mon, 2017-07-17 at 18:43 +0200, Jérémy Bobbio wrote:
> Package: release.debian.org
> User: release.debian@packages.debian.org
> Usetags: pu

If you're going to write the metadata by hand, please at least spell it
correctly. ;-) Fixed.

> Tags: stretch
> Severity: normal
> 
> Hi!
> 
> I'd like to update the haveged package in stretch. The current version
> has a bug which is proving to be affecting more computers than it
> originally seemed. The issue (#858134) is a race that can lead to failed
> or greatly delayed boots.

+haveged (1.9.1-5+deb9u1) stable; urgency=medium

Please use "stretch" as the changelog distribution. With that change,
feel free to upload.

Regards,

Adam

Processed: Re: Bug#868684: stretch-pu: package haveged/1.9.1-5+deb9u1

2017-07-23 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + confirmed
Bug #868684 [release.debian.org] stretch-pu: package haveged/1.9.1-5+deb9u1
Added tag(s) confirmed.

-- 
868684: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868684
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#861541: jessie-pu: package kedpm/1.0

2017-07-23 Thread Adam D. Barratt 
Control: tags -1 + pending

On Thu, 2017-07-20 at 17:46 -0400, Antoine Beaupré wrote:
> On 2017-06-27 22:39:23, Cyril Brulebois wrote:
> > Control: tag -1 confirmed
> >
> > Antoine Beaupre  (2017-04-30):
> >> diff -Nru kedpm-1.0/debian/changelog kedpm-1.0+deb8u1/debian/changelog
> >> --- kedpm-1.0/debian/changelog 2012-11-30 15:45:14.0 -0500
> >> +++ kedpm-1.0+deb8u1/debian/changelog  2017-04-26 20:44:11.0 
> >> -0400
> >> @@ -1,3 +1,10 @@
> >> +kedpm (1.0+deb8u1) jessie; urgency=high
> >> +
> >> +  * Non-maintainer upload by the Security Team.
> >> +  * fix information leak via command history file (Closes: #860817)
[...]
> >> ++# Password is not provided with command. Ask user for it
> >
> > I suppose this became a bit of a lie. :) Feel free to replace it with
> > “Always ask the user for the password”, or remove it entirely.
> >
> > With or without the comment fix, feel free to upload.

Flagged for acceptance.

Regards,

Adam

Processed: Re: Bug#861541: jessie-pu: package kedpm/1.0

2017-07-23 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + pending
Bug #861541 [release.debian.org] jessie-pu: package kedpm/1.0
Added tag(s) pending.

-- 
861541: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861541
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#856240: jessie-pu: package elog/2.9.2+2014.05.11git44800a7-2+deb8u1

2017-07-23 Thread Adam D. Barratt 
Control: tags -1 + pending

On Thu, 2017-07-20 at 21:33 +0200, Gianfranco Costamagna wrote:
> Hello,
> > I don't see see your package in jessie-new; the next jessie point release
> > is coming up shortly, so feel free to prod your sponsor again if you want
> > to have a chance of fixing this in jessie. :)
> > 
> sponsored, sorry for the delay

Flagged for acceptance.

Regards,

Adam

Processed: Re: Bug#856240: jessie-pu: package elog/2.9.2+2014.05.11git44800a7-2+deb8u1

2017-07-23 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + pending
Bug #856240 [release.debian.org] jessie-pu: package 
elog/2.9.2+2014.05.11git44800a7-2+deb8u1
Added tag(s) pending.

-- 
856240: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856240
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1

2017-07-23 Thread Adam D. Barratt 
Control: tags -1 + pending

On Fri, 2017-07-21 at 14:59 +0200, Didier 'OdyX' Raboud wrote:
> Le mardi, 27 juin 2017, 20.32:11 h CEST Cyril Brulebois a écrit :
> > Assuming that this was successfully tested (including by setting those
> > two options to restore support for insecure crypto) on a jessie system,
> > and once you've fixed the codename in debian/changelog (you want jessie
> > rather than jessie-security), feel free to upload.
> 
> Uploaded now after testing. I also fixed a typo in the changelog: AllowSSLv3 
> vs AllowSSL3 (superfluous 'v').

Flagged for acceptance.

Regards,

Adam

Processed: Re: Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1

2017-07-23 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + pending
Bug #840643 [release.debian.org] jessie-pu: package cups/1.7.5-11+deb8u1
Added tag(s) pending.

-- 
840643: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840643
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869414: package smplayer/16.11.0~ds0-1+deb9u1

2017-07-23 Thread Mateusz Łukasik 

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

Dear SRMs,

I would like to update smplayer in Stretch to fix #869411, it was 
already fixed in unstable.


The patch has been merged from upstream release.

Full source debdiff attached.


--
 .''`.  Mateusz Łukasik
: :' :  https://l0calh0st.pl
`. `'   Debian Member - mat...@linuxmint.pl
  `-GPG: D93B 0C12 C8D0 4D7A AFBC  FA27 CCD9 1D61 11A0 6851
diff -Nru smplayer-16.11.0~ds0/debian/changelog 
smplayer-16.11.0~ds0/debian/changelog
--- smplayer-16.11.0~ds0/debian/changelog   2016-11-22 17:31:13.0 
+0100
+++ smplayer-16.11.0~ds0/debian/changelog   2017-07-23 12:10:13.0 
+0200
@@ -1,3 +1,9 @@
+smplayer (16.11.0~ds0-1+deb9u1) stable-proposed-updates; urgency=high
+
+  * Merge from upstream fix connections to youtube. (Closes: #869411)
+
+ -- Mateusz Łukasik   Sun, 23 Jul 2017 12:10:13 +0200
+
 smplayer (16.11.0~ds0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru smplayer-16.11.0~ds0/debian/patches/07-fixyoutube.patch 
smplayer-16.11.0~ds0/debian/patches/07-fixyoutube.patch
--- smplayer-16.11.0~ds0/debian/patches/07-fixyoutube.patch 1970-01-01 
01:00:00.0 +0100
+++ smplayer-16.11.0~ds0/debian/patches/07-fixyoutube.patch 2017-07-23 
12:09:51.0 +0200
@@ -0,0 +1,39 @@
+Description: Fix connections to youtube.
+Bug-Debian: http://bugs.debian.org/869411
+
+--- a/src/youtube/sig.cpp
 b/src/youtube/sig.cpp
+@@ -51,9 +51,11 @@
+   qDebug() << "Sig::findFunctions: sts:" << sts;
+ 
+   QString sig_name;
+-  QRegExp rx_sig("\\.sig\\|\\|([a-zA-Z0-9\\$]+)\\(");
++  //QRegExp rx_sig("\\.sig\\|\\|([a-zA-Z0-9\\$]+)\\(");
++  QRegExp rx_sig("([\"\'])signature\\1\\s*,\\s*([a-zA-Z0-9$]+)\\(");
+   if (rx_sig.indexIn(text) != -1) {
+-  sig_name = rx_sig.cap(1);
++  //sig_name = rx_sig.cap(1);
++  sig_name = rx_sig.cap(2);
+   }
+   qDebug() << "Sig::findFunctions: sig_name:" << sig_name;
+ 
+
+--- a/src/youtube/retrieveyoutubeurl.cpp
 b/src/youtube/retrieveyoutubeurl.cpp
+@@ -252,11 +252,12 @@
+   #ifdef YT_USE_SIG
+   QString html5_player;
+   #endif
+-  //QRegExp rxplayer("player-([\\d,\\w,-]+)");
+-  QRegExp rxplayer("jsbin\\/player-([\\d\\w-]+)\\/base\\.js");
++  QRegExp 
rxplayer("jsbin\\/player-([\\d\\w-]+)\\/([a-z]{2}_[A-Z]{2})\\/base\\.js");
+   if (rxplayer.indexIn(replyString) != -1) {
+-  html5_player = rxplayer.cap(1);
+-  qDebug() << "RetrieveYoutubeUrl::videoPageLoaded: html5player:" 
<< html5_player;
++  QString player = rxplayer.cap(1);
++  QString locale = rxplayer.cap(2);
++  qDebug() << "RetrieveYoutubeUrl::videoPageLoaded: html5player:" 
<< player << "locale:" << locale;
++  html5_player = player +"/"+ locale;
+   }
+ 
+   video_page = replyString;
diff -Nru smplayer-16.11.0~ds0/debian/patches/series 
smplayer-16.11.0~ds0/debian/patches/series
--- smplayer-16.11.0~ds0/debian/patches/series  2016-11-21 13:29:44.0 
+0100
+++ smplayer-16.11.0~ds0/debian/patches/series  2017-07-23 12:08:39.0 
+0200
@@ -3,3 +3,4 @@
 05-add-debian-hardening-flags.patch
 06-tryfixplaylist.patch
 01-update-mime-types.patch
+07-fixyoutube.patch

Processed: block 866389 with 826471

2017-07-23 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> # missed this earlier unfortunately
> block 866389 with 826471
Bug #866389 [release.debian.org] transition: perl 5.26
866389 was blocked by: 867210 867046 867984 865888 866944 826505 866317 865380 
869318 826502 865033 865893 867514 826473 827640 866978 865482 865898 869357 
866315 865020 865224 826489 826497 865477 865045 869139 865034 809352 866934 
867213
866389 was not blocking any bugs.
Added blocking bug(s) of 866389: 826471
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
866389: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866389
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: block 866389 with 869383

2017-07-23 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 866389 with 869383
Bug #866389 [release.debian.org] transition: perl 5.26
866389 was blocked by: 867213 826505 826497 867046 867210 826471 866978 865034 
865893 826473 865888 869318 866934 866944 809352 827640 826489 865477 865033 
866317 865898 869139 866315 826502 867984 865224 865380 867514 869357 865020 
865045 865482
866389 was not blocking any bugs.
Added blocking bug(s) of 866389: 869383
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
866389: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866389
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems