Bug#877043: stretch-pu: package weechat/1.6-1+deb9u2
Hi Adam, On Thu, Sep 28, 2017 at 06:43:59AM +0100, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Thu, 2017-09-28 at 05:02 +0200, Salvatore Bonaccorso wrote: > > weechat in stretch is affected by CVE-2017-14727, tracked as #876553. > > > > > * logger: call strftime before replacing buffer local variables > > > (CVE-2017-14727) (Closes: #876553) > > > > https://weechat.org/news/98/20170923-Version-1.9.1-security-release/ > > > > Attached proposed debdiff for the stretch point release. > > > > There's quite a bit of noise in such a small diff. :-( I appreciate > why, though. Yes I can understand, you are a bit unahppy with me with that regard. I followed upstream, which renamed several of the mask_* pointers and added a new one for one more operation and shuffled around. I prefered to rather follow upstream here, hope I can convince you. or did you mean something else? > Please go ahead. Done, despite maybe the above raises questions. In case of such, feel free to reject the upload and we can do a turnaround. Salvatore
Bug#877045: jessie-pu: package weechat/1.0.1-1+deb8u2
On Thu, Sep 28, 2017 at 06:44:28AM +0100, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Thu, 2017-09-28 at 05:15 +0200, Salvatore Bonaccorso wrote: > > weechat in jessie is affected by CVE-2017-14727, tracked as #876553. > > > > > * logger: call strftime before replacing buffer local variables > > > (CVE-2017-14727) (Closes: #876553) > > > > https://weechat.org/news/98/20170923-Version-1.9.1-security-release/ > > > > Please go ahead. Thank you, uploaded. Salvatore
Bug#876949: stretch-pu: package postfix/3.1.6-0+deb9u1
Control: tags -1 + moreinfo On Wed, 2017-09-27 at 01:14 -0400, Scott Kitterman wrote: > This upload is intended to solve several problems. While it's > somewhat > unusual, since it includes new upstream releases, the upstream > changes are > very targetted and all things that I believe are appropriate to fix > in a > stable update: > [...] > Additionally, there's a packaging fix for a bug that broke multi- > instance. > The latter (#873957) doesn't appear to have been applied in unstable yet. Are the upstream fixes relevant to unstable and applied there? Regards, Adam
Processed: Re: Bug#876949: stretch-pu: package postfix/3.1.6-0+deb9u1
Processing control commands: > tags -1 + moreinfo Bug #876949 [release.debian.org] stretch-pu: package postfix/3.1.6-0+deb9u1 Added tag(s) moreinfo. -- 876949: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876949 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#876706: stretch-pu: package liblouis/3.0.0-3
Processing control commands: > tags -1 + confirmed Bug #876706 [release.debian.org] stretch-pu: package liblouis/3.0.0-3 Added tag(s) confirmed. -- 876706: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876706 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#876706: stretch-pu: package liblouis/3.0.0-3
Control: tags -1 + confirmed On Mon, 2017-09-25 at 01:31 +0200, Samuel Thibault wrote: > Several CVEs have been reported against liblouis in Bug#874302. The > upstream fixes have been tested for 6 days in Debian unstable then 5 > days in Debian testing. > It might be nice to have slightly more descriptive changelog entries. In any case, please feel free to upload. Regards, Adam
Bug#877045: jessie-pu: package weechat/1.0.1-1+deb8u2
Control: tags -1 + confirmed On Thu, 2017-09-28 at 05:15 +0200, Salvatore Bonaccorso wrote: > weechat in jessie is affected by CVE-2017-14727, tracked as #876553. > > > * logger: call strftime before replacing buffer local variables > > (CVE-2017-14727) (Closes: #876553) > > https://weechat.org/news/98/20170923-Version-1.9.1-security-release/ > Please go ahead. Regards, Adam
Processed: Re: Bug#877045: jessie-pu: package weechat/1.0.1-1+deb8u2
Processing control commands: > tags -1 + confirmed Bug #877045 [release.debian.org] jessie-pu: package weechat/1.0.1-1+deb8u2 Added tag(s) confirmed. -- 877045: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877045 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#877043: stretch-pu: package weechat/1.6-1+deb9u2
Processing control commands: > tags -1 + confirmed Bug #877043 [release.debian.org] stretch-pu: package weechat/1.6-1+deb9u2 Added tag(s) confirmed. -- 877043: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877043 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#877043: stretch-pu: package weechat/1.6-1+deb9u2
Control: tags -1 + confirmed On Thu, 2017-09-28 at 05:02 +0200, Salvatore Bonaccorso wrote: > weechat in stretch is affected by CVE-2017-14727, tracked as #876553. > > > * logger: call strftime before replacing buffer local variables > > (CVE-2017-14727) (Closes: #876553) > > https://weechat.org/news/98/20170923-Version-1.9.1-security-release/ > > Attached proposed debdiff for the stretch point release. > There's quite a bit of noise in such a small diff. :-( I appreciate why, though. Please go ahead. Regards, Adam
Processed: Re: Bug#877045: jessie-pu: package weechat/1.0.1-1+deb8u2
Processing control commands: > tags -1 + confirmed Bug #877045 [release.debian.org] jessie-pu: package weechat/1.0.1-1+deb8u2 Ignoring request to alter tags of bug #877045 to the same tags previously set -- 877045: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877045 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#867814: stretch-pu: package ncurses/6.0+20161126-1+deb9u1
Processing control commands: > tags -1 + pending Bug #867814 [release.debian.org] stretch-pu: package ncurses/6.0+20161126-1+deb9u1 Added tag(s) pending. -- 867814: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867814 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#872441: stretch-pu: package gsoap/2.8.35-4+deb9u1
Processing control commands: > tags -1 + pending Bug #872441 [release.debian.org] stretch-pu: package gsoap/2.8.35-4+deb9u1 Added tag(s) pending. -- 872441: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872441 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#872441: stretch-pu: package gsoap/2.8.35-4+deb9u1
Control: tags -1 + pending On Sat, 2017-09-23 at 18:24 +0100, Jonathan Wiltshire wrote: > Control: tag -1 confirmed > > On Fri, Aug 18, 2017 at 11:35:09AM +0200, Mattias Ellert wrote: [...] > > diff -Nru gsoap-2.8.35/debian/changelog gsoap- > > 2.8.35/debian/changelog > > --- gsoap-2.8.35/debian/changelog 2016-12-06 > > 09:32:36.0 +0100 > > +++ gsoap-2.8.35/debian/changelog 2017-08-16 > > 11:58:11.0 +0200 > > @@ -1,3 +1,9 @@ > > +gsoap (2.8.35-4+deb9u1) stretch; urgency=medium > > + > > + * Fix for CVE-2017-9765 > > + > > + -- Mattias EllertWed, 16 Aug > > 2017 11:58:11 +0200 > > Please go ahead, but a little more detail in your changelog (what is > CVE-2017-9765 and what changed to fix it?) is always appreciated. > Uploaded and flagged for acceptance. Regards, Adam
Bug#867814: stretch-pu: package ncurses/6.0+20161126-1+deb9u1
Control: tags -1 + pending On Sun, 2017-09-24 at 09:16 +0200, Sven Joachim wrote: > On 2017-09-23 19:59 +0100, Adam D. Barratt wrote: > > > Control: tags -1 -moreinfo +confirmed > > > > On Thu, 2017-09-07 at 19:06 +0200, Cyril Brulebois wrote: > > > Sven Joachim(2017-09-06): > > > > Meanwhile seven new CVEs in the tic library and programs have > > > > been > > > > reported, and I would like to fix those as well, see the > > > > attached > > > > new > > > > debdiff. It contains all the library changes from the 20170826 > > > > upstream > > > > patchlevel and the program fixes of the 20170902 patchlevel. I > > > > have > > > > also attached the test cases for the 13 bugs reported in the > > > > Red > > > > Hat > > > > bugtracker. > > > > > > > > > > > I'd be okay with this, but it will need a kibi-ack due to > > > > > > > the > > > > > > > udeb. > > > > > > > > > > > > The changes do not touch the tinfo library which is all > > > > > > that > > > > > > shipped in > > > > > > the udeb. > > > > > > > > > > To elaborate on that, ncurses/tinfo/{alloc,parse}_entry.c are > > > > > compiled > > > > > into the tic library while progs/dump_entry.c is for the > > > > > infocmp > > > > > and tic > > > > > programs. Building 6.0+20161126-1 and 6.0+20161126-1+deb9u1 > > > > > in a > > > > > stretch chroot produced identical libtinfo.so.5.9 files. > > > > > > > > This is unfortunately no longer the case, since strings.c and > > > > trim_sgr0.c are compiled into the tinfo library. However, the > > > > changes > > > > to these files are small. > > > > > > I have no straightforward way to double check things still run > > > smoothly > > > with stretch's d-i, so I'll follow whatever decision the release > > > team > > > makes; if regressions pop up, we'll figure out how to fix them. > > > > > > > Let's go with it and keep our fingers crossed that any issues show > > up > > quickly. > > Thanks, uploaded. > Flagged for acceptance, thanks. Regards, Adam
Processed: Re: Bug#875777: stretch-pu: package ecl/15.3.7+dfsg1-2+deb9u1
Processing control commands: > tags -1 + pending Bug #875777 [release.debian.org] stretch-pu: package ecl/15.3.7+dfsg1-2+deb9u1 Added tag(s) pending. -- 875777: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875777 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#863734: unblock: gnupg2/2.1.18-8
Control: tags -1 + pending On Tue, 2017-09-26 at 01:11 -0400, Daniel Kahn Gillmor wrote: > On Sat 2017-09-23 19:46:42 +0100, Adam D. Barratt wrote: > > On Wed, 2017-09-20 at 23:07 -0400, Daniel Kahn Gillmor wrote: > > > I've built this against a stretch system and tested it on a > > > stretch > > > system, and it still works. > > > > > > Please advise me whether i should make an upload. > > > > With a slightly more definite changelog stanza, please go ahead. :- > > ) > > Thanks, I've uploaded. > Flagged for acceptance. Regards, Adam
Processed: Re: Bug#863734: unblock: gnupg2/2.1.18-8
Processing control commands: > tags -1 + pending Bug #863734 [release.debian.org] stretch-pu: gnupg2 Added tag(s) pending. -- 863734: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863734 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#876629: stretch-pu: package db5.3/5.3.28-12+deb9u1
Control: tags -1 + pending On Sun, 2017-09-24 at 18:27 +0200, Salvatore Bonaccorso wrote: > Hi Jonathan, > > On Sun, Sep 24, 2017 at 02:52:03PM +0100, Jonathan Wiltshire wrote: > > Control: tag -1 confirmed > > > > Hi, > > > > On Sun, Sep 24, 2017 at 09:52:06AM +0200, Salvatore Bonaccorso > > wrote: > > > db5.3 in stretch is affected by the CVE-2017-10140 ("Berkeley DB > > > reads > > > DB_CONFIG from cwd)", #872436. The NMU to unstable back on end of > > > august has not raised any regression reports we would be aware > > > of. We > > > though think it's still safer to have it via point release > > > > Please go ahead. > > Thanks, uploaded. > Flagged for acceptance into p-u, thanks. Regards, Adam
Processed: Re: Bug#876629: stretch-pu: package db5.3/5.3.28-12+deb9u1
Processing control commands: > tags -1 + pending Bug #876629 [release.debian.org] stretch-pu: package db5.3/5.3.28-12+deb9u1 Added tag(s) pending. -- 876629: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876629 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#875777: stretch-pu: package ecl/15.3.7+dfsg1-2+deb9u1
Control: tags -1 + pending On Mon, 2017-09-25 at 14:05 +0200, Sébastien Villemot wrote: > On Sat, Sep 23, 2017 at 05:25:15PM +0100, Jonathan Wiltshire wrote: > > > On Thu, Sep 14, 2017 at 02:45:16PM +0200, Sébastien Villemot wrote: > > > I have prepared a stretch-pu for ecl. The debdiff is attached. It > > > simply fixes > > > #873091 by adding the dependency on libffi-dev. > > > > Please go ahead. > > Thanks, uploaded. Flagged for acceptance. Regards, Adam
Bug#866537: stretch-pu: package cross-gcc/113
Control: tags -1 + pending On Sat, 2017-09-23 at 19:55 +0100, Adam D. Barratt wrote: > Control: tags -1 -moreinfo +confirmed > > On Sat, 2017-07-22 at 02:06 +0100, Wookey wrote: > > New patch attached with suggested changes. Is this OK? > > > > Please go ahead. > > Uploaded and flagged for acceptance. Regards, Adam
Processed: Re: Bug#866537: stretch-pu: package cross-gcc/113
Processing control commands: > tags -1 + pending Bug #866537 [release.debian.org] stretch-pu: package cross-gcc/113 Added tag(s) pending. -- 866537: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866537 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#877045: jessie-pu: package weechat/1.0.1-1+deb8u2
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu Hi weechat in jessie is affected by CVE-2017-14727, tracked as #876553. > * logger: call strftime before replacing buffer local variables >(CVE-2017-14727) (Closes: #876553) https://weechat.org/news/98/20170923-Version-1.9.1-security-release/ Attached proposed debdiff for the jessie point release. Regards, Salvatore diff -Nru weechat-1.0.1/debian/changelog weechat-1.0.1/debian/changelog --- weechat-1.0.1/debian/changelog 2017-04-25 07:01:43.0 +0200 +++ weechat-1.0.1/debian/changelog 2017-09-27 21:27:15.0 +0200 @@ -1,3 +1,11 @@ +weechat (1.0.1-1+deb8u2) jessie; urgency=medium + + * Non-maintainer upload. + * logger: call strftime before replacing buffer local variables +(CVE-2017-14727) (Closes: #876553) + + -- Salvatore BonaccorsoWed, 27 Sep 2017 21:27:15 +0200 + weechat (1.0.1-1+deb8u1) jessie-security; urgency=high * Non-maintainer upload by the Security Team. diff -Nru weechat-1.0.1/debian/patches/0001-logger-call-strftime-before-replacing-buffer-local-v.patch weechat-1.0.1/debian/patches/0001-logger-call-strftime-before-replacing-buffer-local-v.patch --- weechat-1.0.1/debian/patches/0001-logger-call-strftime-before-replacing-buffer-local-v.patch 1970-01-01 01:00:00.0 +0100 +++ weechat-1.0.1/debian/patches/0001-logger-call-strftime-before-replacing-buffer-local-v.patch 2017-09-27 21:27:15.0 +0200 @@ -0,0 +1,152 @@ +From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= +Date: Sat, 23 Sep 2017 09:36:09 +0200 +Subject: logger: call strftime before replacing buffer local variables +Origin: https://github.com/weechat/weechat/commit/f105c6f0b56fb5687b2d2aedf37cb1d1b434d556 +Bug-Debian: https://bugs.debian.org/876553 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-14727 + +--- + src/plugins/logger/logger.c | 88 ++--- + 2 files changed, 51 insertions(+), 44 deletions(-) + + +--- a/src/plugins/logger/logger.c b/src/plugins/logger/logger.c +@@ -316,71 +316,71 @@ logger_get_mask_for_buffer (struct t_gui + char * + logger_get_mask_expanded (struct t_gui_buffer *buffer, const char *mask) + { +-char *mask2, *mask_decoded, *mask_decoded2, *mask_decoded3, *mask_decoded4; +-char *mask_decoded5; ++char *mask2, *mask3, *mask4, *mask5, *mask6, *mask7; + const char *dir_separator; + int length; + time_t seconds; + struct tm *date_tmp; + + mask2 = NULL; +-mask_decoded = NULL; +-mask_decoded2 = NULL; +-mask_decoded3 = NULL; +-mask_decoded4 = NULL; +-mask_decoded5 = NULL; ++mask3 = NULL; ++mask4 = NULL; ++mask5 = NULL; ++mask6 = NULL; ++mask7 = NULL; + + dir_separator = weechat_info_get ("dir_separator", ""); + if (!dir_separator) + return NULL; + ++/* replace date/time specifiers in mask */ ++length = strlen (mask) + 256 + 1; ++mask2 = malloc (length); ++if (!mask2) ++goto end; ++seconds = time (NULL); ++date_tmp = localtime (); ++mask2[0] = '\0'; ++if (strftime (mask2, length - 1, mask, date_tmp) == 0) ++mask2[0] = '\0'; ++ + /* + * we first replace directory separator (commonly '/') by \01 because + * buffer mask can contain this char, and will be replaced by replacement + * char ('_' by default) + */ +-mask2 = weechat_string_replace (mask, dir_separator, "\01"); +-if (!mask2) ++mask3 = weechat_string_replace (mask2, dir_separator, "\01"); ++if (!mask3) + goto end; + +-mask_decoded = weechat_buffer_string_replace_local_var (buffer, mask2); +-if (!mask_decoded) ++mask4 = weechat_buffer_string_replace_local_var (buffer, mask3); ++if (!mask4) + goto end; + +-mask_decoded2 = weechat_string_replace (mask_decoded, +-dir_separator, +-weechat_config_string (logger_config_file_replacement_char)); +-if (!mask_decoded2) ++mask5 = weechat_string_replace (mask4, ++dir_separator, ++weechat_config_string (logger_config_file_replacement_char)); ++if (!mask5) + goto end; + + #ifdef __CYGWIN__ +-mask_decoded3 = weechat_string_replace (mask_decoded2, "\\", +-weechat_config_string (logger_config_file_replacement_char)); ++mask6 = weechat_string_replace (mask5, "\\", ++weechat_config_string (logger_config_file_replacement_char)); + #else +-mask_decoded3 = strdup (mask_decoded2); ++mask6 = strdup (mask5); + #endif +-if (!mask_decoded3) ++if (!mask6) + goto end; + + /* restore directory separator */ +-mask_decoded4 =
Bug#877043: stretch-pu: package weechat/1.6-1+deb9u2
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi weechat in stretch is affected by CVE-2017-14727, tracked as #876553. > * logger: call strftime before replacing buffer local variables >(CVE-2017-14727) (Closes: #876553) https://weechat.org/news/98/20170923-Version-1.9.1-security-release/ Attached proposed debdiff for the stretch point release. Regards, Salvatore diff -Nru weechat-1.6/debian/changelog weechat-1.6/debian/changelog --- weechat-1.6/debian/changelog2017-04-29 16:31:58.0 +0200 +++ weechat-1.6/debian/changelog2017-09-27 20:53:31.0 +0200 @@ -1,3 +1,11 @@ +weechat (1.6-1+deb9u2) stretch; urgency=medium + + * Non-maintainer upload. + * logger: call strftime before replacing buffer local variables +(CVE-2017-14727) (Closes: #876553) + + -- Salvatore BonaccorsoWed, 27 Sep 2017 20:53:31 +0200 + weechat (1.6-1+deb9u1) stretch; urgency=medium * Non-maintainer upload. diff -Nru weechat-1.6/debian/patches/03_logger-call-strftime-before-replacing-buffer-local-v.patch weechat-1.6/debian/patches/03_logger-call-strftime-before-replacing-buffer-local-v.patch --- weechat-1.6/debian/patches/03_logger-call-strftime-before-replacing-buffer-local-v.patch 1970-01-01 01:00:00.0 +0100 +++ weechat-1.6/debian/patches/03_logger-call-strftime-before-replacing-buffer-local-v.patch 2017-09-27 20:53:31.0 +0200 @@ -0,0 +1,158 @@ +From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= +Date: Sat, 23 Sep 2017 09:36:09 +0200 +Subject: logger: call strftime before replacing buffer local variables +Origin: https://github.com/weechat/weechat/commit/f105c6f0b56fb5687b2d2aedf37cb1d1b434d556 +Bug-Debian: https://bugs.debian.org/876553 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-14727 + +--- + src/plugins/logger/logger.c | 88 ++--- + 2 files changed, 51 insertions(+), 44 deletions(-) + + +diff --git a/src/plugins/logger/logger.c b/src/plugins/logger/logger.c +index 1abc3efc7..347f1d5a6 100644 +--- a/src/plugins/logger/logger.c b/src/plugins/logger/logger.c +@@ -295,71 +295,71 @@ logger_get_mask_for_buffer (struct t_gui_buffer *buffer) + char * + logger_get_mask_expanded (struct t_gui_buffer *buffer, const char *mask) + { +-char *mask2, *mask_decoded, *mask_decoded2, *mask_decoded3, *mask_decoded4; +-char *mask_decoded5; ++char *mask2, *mask3, *mask4, *mask5, *mask6, *mask7; + const char *dir_separator; + int length; + time_t seconds; + struct tm *date_tmp; + + mask2 = NULL; +-mask_decoded = NULL; +-mask_decoded2 = NULL; +-mask_decoded3 = NULL; +-mask_decoded4 = NULL; +-mask_decoded5 = NULL; ++mask3 = NULL; ++mask4 = NULL; ++mask5 = NULL; ++mask6 = NULL; ++mask7 = NULL; + + dir_separator = weechat_info_get ("dir_separator", ""); + if (!dir_separator) + return NULL; + ++/* replace date/time specifiers in mask */ ++length = strlen (mask) + 256 + 1; ++mask2 = malloc (length); ++if (!mask2) ++goto end; ++seconds = time (NULL); ++date_tmp = localtime (); ++mask2[0] = '\0'; ++if (strftime (mask2, length - 1, mask, date_tmp) == 0) ++mask2[0] = '\0'; ++ + /* + * we first replace directory separator (commonly '/') by \01 because + * buffer mask can contain this char, and will be replaced by replacement + * char ('_' by default) + */ +-mask2 = weechat_string_replace (mask, dir_separator, "\01"); +-if (!mask2) ++mask3 = weechat_string_replace (mask2, dir_separator, "\01"); ++if (!mask3) + goto end; + +-mask_decoded = weechat_buffer_string_replace_local_var (buffer, mask2); +-if (!mask_decoded) ++mask4 = weechat_buffer_string_replace_local_var (buffer, mask3); ++if (!mask4) + goto end; + +-mask_decoded2 = weechat_string_replace (mask_decoded, +-dir_separator, +-weechat_config_string (logger_config_file_replacement_char)); +-if (!mask_decoded2) ++mask5 = weechat_string_replace (mask4, ++dir_separator, ++weechat_config_string (logger_config_file_replacement_char)); ++if (!mask5) + goto end; + + #ifdef __CYGWIN__ +-mask_decoded3 = weechat_string_replace (mask_decoded2, "\\", +-weechat_config_string (logger_config_file_replacement_char)); ++mask6 = weechat_string_replace (mask5, "\\", ++weechat_config_string (logger_config_file_replacement_char)); + #else +-mask_decoded3 = strdup (mask_decoded2); ++mask6 = strdup (mask5); + #endif /* __CYGWIN__ */ +-if (!mask_decoded3) ++if (!mask6) +
Bug#868558: transition: r-api-3.4 [was Re: Bug#868558: nmu: multiple r-* packages]
On 24 September 2017 at 15:36, Sébastien Villemotwrote: > title = "r-api-3.4"; > is_affected = .depends ~ /r-api-3(\.4)?/; > is_good = .depends ~ /r-api-3\.4/; > is_bad = .depends ~ /r-api-3\b/; I had some trouble with this in Ubuntu until Stefano Rivera suggested: is_bad = .depends ~ /r-api-3(,|$)/; Interesting thing is that r-cran-nlp doesn't show up in the Debian tracker. It must have missed a binNMU to pick up a dependency on 'r-api-3' in the first place. I wonder if there are other packages like this. Maybe we need 'r-base-core' in is_affected as well?
Bug#877025: marked as done (nmu: dlib_18.18-2)
Your message dated Thu, 28 Sep 2017 00:30:04 +0200 with message-id <2021e0fd-763d-c66b-bd59-8810a732a...@debian.org> and subject line Re: Bug#877025: nmu: dlib_18.18-2 has caused the Debian Bug report #877025, regarding nmu: dlib_18.18-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 877025: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877025 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Control: affects -1 src:plastimatch The latest plastimatch binNMU did FTBFS due to libdlib-dev exposing the full path to libblas.so in CMake files, which changed with the recent BLAS multiarchification. nmu dlib_18.18-2 . ANY . unstable . -m "rebuild with multiarch libblas3" gb plastimatch_1.6.5+dfsg.1-1 . amd64 i386 . --extra-depends "libdlib-dev (>= 18.18-2+b1)" --- End Message --- --- Begin Message --- On 27/09/17 22:57, Adrian Bunk wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: binnmu > Control: affects -1 src:plastimatch > > The latest plastimatch binNMU did FTBFS due to libdlib-dev exposing > the full path to libblas.so in CMake files, which changed with the > recent BLAS multiarchification. > > nmu dlib_18.18-2 . ANY . unstable . -m "rebuild with multiarch libblas3" > gb plastimatch_1.6.5+dfsg.1-1 . amd64 i386 . --extra-depends "libdlib-dev (>= > 18.18-2+b1)" Scheduled. Emilio--- End Message ---
Processed: Re: Bug#868558: transition: r-api-3.4 [was Re: Bug#868558: nmu: multiple r-* packages]
Processing control commands: > forwarded -1 https://release.debian.org/transitions/html/r-base-3.4.html Bug #868558 [release.debian.org] transition: r-api-3.4 Set Bug forwarded-to-address to 'https://release.debian.org/transitions/html/r-base-3.4.html'. > tags -1 confirmed Bug #868558 [release.debian.org] transition: r-api-3.4 Added tag(s) confirmed. -- 868558: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868558 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#868558: transition: r-api-3.4 [was Re: Bug#868558: nmu: multiple r-* packages]
Control: forwarded -1 https://release.debian.org/transitions/html/r-base-3.4.html Control: tags -1 confirmed On 24/09/17 15:36, Sébastien Villemot wrote: > Control: reopen -1 > Control: retitle -1 transition: r-api-3.4 > Control: user release.debian@packages.debian.org > Control: usertags -1 = transition > > On Sun, Sep 10, 2017 at 04:15:00PM +, Niels Thykier wrote: > >> To be perfectly, honest, I would prefer if you did a proper ABI-like >> transition over the Breaks. At this scale, Breaks seems too fragile and >> too likely for people to get wrong. > > The latest upload of r-base, versioned 3.4.1.20170921-1, has bumped the ABI > pseudo package from "r-api-3" to "r-api-3.4", as requested. > > Please therefore schedule rebuilds as necessary. Will do so. Cheers, Emilio
Bug#875542: marked as done (nmu: slepc_3.7.4+dfsg1-2+b1)
Your message dated Thu, 28 Sep 2017 00:28:36 +0200 with message-id <36475e61-e6c9-f4e7-5751-8a4ecc4c3...@debian.org> and subject line Re: Bug#875542: nmu: slepc_3.7.4+dfsg1-2+b1 has caused the Debian Bug report #875542, regarding nmu: slepc_3.7.4+dfsg1-2+b1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 875542: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875542 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Once petsc is rebuilt against scalapack2 on powerpc (binNMU #875407), slepc will also need to be rebuilt. dw slepc_3.7.4+dfsg1-2 . powerpc . unstable . -m "libpetsc3.7-dev (>= petsc_3.7.6+dfsg1-3+b2)" nmu slepc_3.7.4+dfsg1-2+b1 . powerpc . unstable . -m "Rebuild for scalapack 2.0.2." -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.12.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) --- End Message --- --- Begin Message --- On 12/09/17 06:19, Drew Parsons wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: binnmu > > Once petsc is rebuilt against scalapack2 on powerpc (binNMU #875407), > slepc will also need to be rebuilt. > > dw slepc_3.7.4+dfsg1-2 . powerpc . unstable . -m "libpetsc3.7-dev (>= > petsc_3.7.6+dfsg1-3+b2)" > nmu slepc_3.7.4+dfsg1-2+b1 . powerpc . unstable . -m "Rebuild for scalapack > 2.0.2." Scheduled. Emilio--- End Message ---
Bug#877025: nmu: dlib_18.18-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Control: affects -1 src:plastimatch The latest plastimatch binNMU did FTBFS due to libdlib-dev exposing the full path to libblas.so in CMake files, which changed with the recent BLAS multiarchification. nmu dlib_18.18-2 . ANY . unstable . -m "rebuild with multiarch libblas3" gb plastimatch_1.6.5+dfsg.1-1 . amd64 i386 . --extra-depends "libdlib-dev (>= 18.18-2+b1)"
Processed: nmu: dlib_18.18-2
Processing control commands: > affects -1 src:plastimatch Bug #877025 [release.debian.org] nmu: dlib_18.18-2 Added indication that 877025 affects src:plastimatch -- 877025: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877025 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#873519: jessie-pu: package freerdp/1.1.0~git20140921.1.440916e+dfsg1-4+deb8u2
Hi, On Mo 28 Aug 2017 19:05:59 CEST, Mike Gabriel wrote: Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu This request for accepting a freerdp jessie-pu correlates to https://bugs.debian.org/871943 Quoting my self from the stretch-pu: ``` We received a helpful patch from FreeRDP upstream for the still support FreeRDP 1.1 version we ship in Debian. [PATCH 1/1] enable TLS 1+ Currently TLS version 1.0 is used implicitly by using the TLSv1_method. To be able to also use TLS 1.1 and later use SSLv23_client_method instead. To make sure SSLv2 or SSLv3 isn't used disable them. A .debdiff has been attached. A +/- identical upload could be done for jessie-updates, too. The upstream versions are the same, the patch level is slightly different. Shall I file an extra bug report for that? ``` Tiny reminder ping on this one. Any ETA for an ACK or NOACK? Thanks! Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby mobile: +49 (1520) 1976 148 landline: +49 (4354) 8390 139 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpCCfRiRbTm6.pgp Description: Digitale PGP-Signatur
Bug#876958: marked as done (nmu: trilinos_12.10.1-4)
Your message dated Wed, 27 Sep 2017 11:32:45 +0200 with message-id <6d4a67c7-d454-36d3-e2f6-551abbb31...@debian.org> and subject line Re: Bug#876958: nmu: trilinos_12.10.1-4 has caused the Debian Bug report #876958, regarding nmu: trilinos_12.10.1-4 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 876958: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876958 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu X-Debbugs-Cc: debian-science-maintain...@lists.alioth.debian.org Dear Release Team Lapack recently switched to multiarch and Trilinos needs to be rebuilt in order to pick up the new locations of liblapack.so and libblas.so. This causes deal.ii (its only reverse-dependency) to FTBFS (see #876509). Please schedule the following binNMU: nmu trilinos_12.10.1-4 . ANY . -m 'Rebuild against multiarch lapack' Regards Graham --- End Message --- --- Begin Message --- On 27/09/17 07:33, Graham Inggs wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: binnmu > X-Debbugs-Cc: debian-science-maintain...@lists.alioth.debian.org > > Dear Release Team > > Lapack recently switched to multiarch and Trilinos needs to be rebuilt > in order to pick up the new locations of liblapack.so and libblas.so. > This causes deal.ii (its only reverse-dependency) to FTBFS (see > #876509). Please schedule the following binNMU: > > nmu trilinos_12.10.1-4 . ANY . -m 'Rebuild against multiarch lapack' Scheduled. Emilio--- End Message ---