NEW changes in stable-new
Processing changes file: postgresql-9.6_9.6.8-0+deb9u1_mipsel.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: postgresql-9.4_9.4.17-0+deb8u1_mipsel.changes ACCEPT
NEW changes in stable-new
Processing changes file: postgresql-9.6_9.6.8-0+deb9u1_mips64el.changes ACCEPT
NEW changes in stable-new
Processing changes file: postgresql-9.6_9.6.8-0+deb9u1_armel.changes ACCEPT Processing changes file: postgresql-9.6_9.6.8-0+deb9u1_armhf.changes ACCEPT Processing changes file: postgresql-9.6_9.6.8-0+deb9u1_mips.changes ACCEPT
NEW changes in stable-new
Processing changes file: discover_2.1.2-7.1+deb9u1_ppc64el.changes ACCEPT Processing changes file: postgresql-9.6_9.6.8-0+deb9u1_ppc64el.changes ACCEPT
NEW changes in stable-new
Processing changes file: discover_2.1.2-7.1+deb9u1_armel.changes ACCEPT Processing changes file: discover_2.1.2-7.1+deb9u1_armhf.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: postgresql-9.4_9.4.17-0+deb8u1_armel.changes ACCEPT Processing changes file: postgresql-9.4_9.4.17-0+deb8u1_armhf.changes ACCEPT Processing changes file: postgresql-9.4_9.4.17-0+deb8u1_mips.changes ACCEPT
NEW changes in stable-new
Processing changes file: postgresql-9.6_9.6.8-0+deb9u1_arm64.changes ACCEPT
NEW changes in stable-new
Processing changes file: postgresql-9.6_9.6.8-0+deb9u1_amd64.changes ACCEPT Processing changes file: postgresql-9.6_9.6.8-0+deb9u1_i386.changes ACCEPT Processing changes file: postgresql-9.6_9.6.8-0+deb9u1_s390x.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: postgresql-9.4_9.4.17-0+deb8u1_arm64.changes ACCEPT Processing changes file: postgresql-9.4_9.4.17-0+deb8u1_i386.changes ACCEPT
NEW changes in stable-new
Processing changes file: 2ping_3.2.1-1+deb9u1_all.changes ACCEPT Processing changes file: debian-security-support_2018.01.29~deb9u1_all.changes ACCEPT Processing changes file: disc-cover_1.5.6-2+deb9u1_all.changes ACCEPT Processing changes file: discover_2.1.2-7.1+deb9u1_amd64.changes ACCEPT Processing changes file: discover_2.1.2-7.1+deb9u1_arm64.changes ACCEPT Processing changes file: discover_2.1.2-7.1+deb9u1_i386.changes ACCEPT Processing changes file: discover_2.1.2-7.1+deb9u1_mips.changes ACCEPT Processing changes file: discover_2.1.2-7.1+deb9u1_mips64el.changes ACCEPT Processing changes file: discover_2.1.2-7.1+deb9u1_mipsel.changes ACCEPT Processing changes file: discover_2.1.2-7.1+deb9u1_s390x.changes ACCEPT Processing changes file: postgresql-9.6_9.6.8-0+deb9u1_all.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: postgresql-9.4_9.4.17-0+deb8u1_powerpc.changes ACCEPT Processing changes file: postgresql-9.4_9.4.17-0+deb8u1_ppc64el.changes ACCEPT Processing changes file: postgresql-9.4_9.4.17-0+deb8u1_s390x.changes ACCEPT
Bug#892505: transition: openexr
Control: tags -1 confirmed On 10/03/18 20:20, Matteo F. Vescovi wrote: > Hi! > > On 2018-03-10 at 16:35 (+0100), Emilio Pozuelo Monfort wrote: > > [...] > >>> while vips on some weird missing dependencies where openexr is not >>> involved, it seems. >> >> Can you file a bug for this? > > Gonna do it asap. > >> BTW I see in your changelog: >> >> openexr (2.2.1-2) experimental; urgency=medium >> >> * debian/: SONAME bump 22 -> 23 >> * debian/control: add Breaks and Replaces for library replacement >> >> So IIUC, you upgraded 2.2.1-1, which bumped the SONAME, without bumping the >> binary package name. Then you uploaded 2.2.1-2 with updated package name for >> the >> bumped SONAME. However since both libopenexr22_2.2.1-1 and >> libopenexr23_2.2.1-2 >> ship libopenexr.so.23, you had to add some Breaks/Replaces. But you added: >> >> Package: libopenexr23 >> Version: 2.2.1-2 >> Replaces: libopenexr22 (<< 2.2.1-2) >> Breaks: libopenexr22 (<< 2.2.1-2) >> >> That's unnecessarily broad, as it breaks against libopenexr22_2.2.0-11.1 >> that we >> have in testing, when it shouldn't. That will cause pain during the >> transition. >> Can you instead update the Breaks/Replaces to something like >> >> libopenexr22 (= 2.2.1-1) >> >> or >> >> libopenexr22 (>= 2.2.1) >> >> That should still conflict against the bad versions but not against the good >> ones. >> >> Basically if you can install libopenexr22/testing with libopenexr23, then >> we're >> good to go. > > That's what I've done now: I've just uploaded -3 revision that fixes the > Breaks/Replaces with the first option you provided. And I've tested the > co-installability of libopenexr22 from testing and libopenexr23 from > experimental. Good, that means this can be a 'smooth' transition, i.e. the new library package can migrate while keeping the old one in testing at the same time, so the two packages that fail to build are not really blockers (they are in order to finish the transition, but they are not in order to move the rest of the packages to testing). Thus please go ahead. Cheers, Emilio
Processed: Re: Bug#892505: transition: openexr
Processing control commands: > tags -1 confirmed Bug #892505 [release.debian.org] transition: openexr Added tag(s) confirmed. -- 892505: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892505 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
NEW changes in stable-new
Processing changes file: 2ping_3.2.1-1+deb9u1_source.changes ACCEPT Processing changes file: debian-security-support_2018.01.29~deb9u1_source.changes ACCEPT Processing changes file: disc-cover_1.5.6-2+deb9u1_source.changes ACCEPT Processing changes file: discover_2.1.2-7.1+deb9u1_source.changes ACCEPT Processing changes file: isc-dhcp_4.3.5-3+deb9u1_sourceonly.changes ACCEPT Processing changes file: isc-dhcp_4.3.5-3+deb9u1_amd64.changes ACCEPT Processing changes file: isc-dhcp_4.3.5-3+deb9u1_arm64.changes ACCEPT Processing changes file: isc-dhcp_4.3.5-3+deb9u1_armel.changes ACCEPT Processing changes file: isc-dhcp_4.3.5-3+deb9u1_armhf.changes ACCEPT Processing changes file: isc-dhcp_4.3.5-3+deb9u1_i386.changes ACCEPT Processing changes file: isc-dhcp_4.3.5-3+deb9u1_mips.changes ACCEPT Processing changes file: isc-dhcp_4.3.5-3+deb9u1_mips64el.changes ACCEPT Processing changes file: isc-dhcp_4.3.5-3+deb9u1_mipsel.changes ACCEPT Processing changes file: isc-dhcp_4.3.5-3+deb9u1_ppc64el.changes ACCEPT Processing changes file: isc-dhcp_4.3.5-3+deb9u1_s390x.changes ACCEPT Processing changes file: postgresql-9.6_9.6.8-0+deb9u1_source.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: dovecot_2.2.13-12~deb8u4_amd64.changes ACCEPT Processing changes file: dovecot_2.2.13-12~deb8u4_arm64.changes ACCEPT Processing changes file: dovecot_2.2.13-12~deb8u4_armel.changes ACCEPT Processing changes file: dovecot_2.2.13-12~deb8u4_armhf.changes ACCEPT Processing changes file: dovecot_2.2.13-12~deb8u4_i386.changes ACCEPT Processing changes file: dovecot_2.2.13-12~deb8u4_mips.changes ACCEPT Processing changes file: dovecot_2.2.13-12~deb8u4_mipsel.changes ACCEPT Processing changes file: dovecot_2.2.13-12~deb8u4_powerpc.changes ACCEPT Processing changes file: dovecot_2.2.13-12~deb8u4_ppc64el.changes ACCEPT Processing changes file: dovecot_2.2.13-12~deb8u4_s390x.changes ACCEPT Processing changes file: drupal7_7.32-1+deb8u10_amd64.changes ACCEPT Processing changes file: freexl_1.0.0g-1+deb8u5_amd64.changes ACCEPT Processing changes file: freexl_1.0.0g-1+deb8u5_arm64.changes ACCEPT Processing changes file: freexl_1.0.0g-1+deb8u5_armel.changes ACCEPT Processing changes file: freexl_1.0.0g-1+deb8u5_armhf.changes ACCEPT Processing changes file: freexl_1.0.0g-1+deb8u5_i386.changes ACCEPT Processing changes file: freexl_1.0.0g-1+deb8u5_mips.changes ACCEPT Processing changes file: freexl_1.0.0g-1+deb8u5_mipsel.changes ACCEPT Processing changes file: freexl_1.0.0g-1+deb8u5_powerpc.changes ACCEPT Processing changes file: freexl_1.0.0g-1+deb8u5_ppc64el.changes ACCEPT Processing changes file: freexl_1.0.0g-1+deb8u5_s390x.changes ACCEPT Processing changes file: isc-dhcp_4.3.1-6+deb8u3_allonly.changes ACCEPT Processing changes file: isc-dhcp_4.3.1-6+deb8u3_amd64.changes ACCEPT Processing changes file: isc-dhcp_4.3.1-6+deb8u3_arm64.changes ACCEPT Processing changes file: isc-dhcp_4.3.1-6+deb8u3_armel.changes ACCEPT Processing changes file: isc-dhcp_4.3.1-6+deb8u3_armhf.changes ACCEPT Processing changes file: isc-dhcp_4.3.1-6+deb8u3_i386.changes ACCEPT Processing changes file: isc-dhcp_4.3.1-6+deb8u3_mips.changes ACCEPT Processing changes file: isc-dhcp_4.3.1-6+deb8u3_mipsel.changes ACCEPT Processing changes file: isc-dhcp_4.3.1-6+deb8u3_powerpc.changes ACCEPT Processing changes file: isc-dhcp_4.3.1-6+deb8u3_ppc64el.changes ACCEPT Processing changes file: isc-dhcp_4.3.1-6+deb8u3_s390x.changes ACCEPT Processing changes file: libvpx_1.3.0-3+deb8u1_amd64.changes ACCEPT Processing changes file: libvpx_1.3.0-3+deb8u1_arm64.changes ACCEPT Processing changes file: libvpx_1.3.0-3+deb8u1_armel.changes ACCEPT Processing changes file: libvpx_1.3.0-3+deb8u1_armhf.changes ACCEPT Processing changes file: libvpx_1.3.0-3+deb8u1_i386.changes ACCEPT Processing changes file: libvpx_1.3.0-3+deb8u1_mips.changes ACCEPT Processing changes file: libvpx_1.3.0-3+deb8u1_mipsel.changes ACCEPT Processing changes file: libvpx_1.3.0-3+deb8u1_powerpc.changes ACCEPT Processing changes file: libvpx_1.3.0-3+deb8u1_ppc64el.changes ACCEPT Processing changes file: libvpx_1.3.0-3+deb8u1_s390x.changes ACCEPT Processing changes file: lucene-solr_3.6.2+dfsg-5+deb8u1_amd64.changes ACCEPT Processing changes file: postgresql-9.4_9.4.17-0+deb8u1_amd64.changes ACCEPT Processing changes file: simplesamlphp_1.13.1-2+deb8u1_amd64.changes ACCEPT Processing changes file: xmltooling_1.5.3-2+deb8u3_i386.changes ACCEPT Processing changes file: xmltooling_1.5.3-2+deb8u3_amd64.changes ACCEPT Processing changes file: xmltooling_1.5.3-2+deb8u3_arm64.changes ACCEPT Processing changes file: xmltooling_1.5.3-2+deb8u3_armel.changes ACCEPT Processing changes file: xmltooling_1.5.3-2+deb8u3_armhf.changes ACCEPT Processing changes file: xmltooling_1.5.3-2+deb8u3_mips.changes ACCEPT Processing changes file: xmltooling_1.5.3-2+deb8u3_mipsel.changes ACCEPT Processing changes file: xmltooling_1.5.3-2+deb8u3_powerpc.changes ACCEPT Processing changes file: xmltooling_1.5.3-2+deb8u3_ppc64el.changes ACCEPT Processing changes file: xmltooling_1.5.3-2+deb8u3_s390x.changes ACCEPT
Processed: Re: Bug#891576: stretch-pu: package discover/2.1.2-7.1+deb9u1
Processing control commands: > tags -1 + pending Bug #891576 [release.debian.org] stretch-pu: package discover/2.1.2-7.1+deb9u1 Added tag(s) pending. -- 891576: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891576 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891576: stretch-pu: package discover/2.1.2-7.1+deb9u1
Control: tags -1 + pending On Sat, 2018-03-03 at 14:27 +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Mon, 2018-02-26 at 21:45 +0200, Adrian Bunk wrote: > > * Use correct type for the length parameter of the getline() > > call, > > thanks to Anatoly Borodin and Simon Quigley for writing and > > for > > forwarding the patch (Closes: #876388, LP: #1718687). > > Please go ahead. > Uploaded and flagged for acceptance. Regards, Adam
Bug#891563: stretch-pu: package disc-cover/1.5.6-2+deb9u1
Control: tags -1 + pending On Sat, 2018-03-03 at 14:36 +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Mon, 2018-02-26 at 19:56 +0200, Adrian Bunk wrote: > > * Fix perl error when running disc-cover, > > thanks to Frédéric Boiteux. (Closes: #879961) > > Please go ahead. > Uploaded and flagged for acceptance. Regards, Adam
Processed: Re: Bug#891563: stretch-pu: package disc-cover/1.5.6-2+deb9u1
Processing control commands: > tags -1 + pending Bug #891563 [release.debian.org] stretch-pu: package disc-cover/1.5.6-2+deb9u1 Added tag(s) pending. -- 891563: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891563 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#888766: stretch-pu: package debian-security-support/2018.01.29~deb9u1
Control: tags -1 + pending On Mon, 2018-03-05 at 17:32 +0100, Guido Günther wrote: > On Fri, Mar 02, 2018 at 05:38:18PM +, Adam D. Barratt wrote: > > Control: tags -1 + confirmed > > > > On Mon, 2018-01-29 at 17:36 +0100, Guido Günther wrote: > > > This update brings debian-security-support in line with unstable. > > > Most notably in stable this affects swftools since security > > > support > > > for it is now limited. > > > > > > > --- a/debian/changelog > > +++ b/debian/changelog > > @@ -1,3 +1,44 @@ > > +debian-security-support (2018.01.29~deb9u1) stable-proposed- > > updates; urgency=medium > > > > Please use "stretch" as the changelog distribution and feel free to > > upload. > > Changed and uploaded now. Thanks > Flagged for acceptance; thanks. Regards, Adam
Processed: Re: Bug#888766: stretch-pu: package debian-security-support/2018.01.29~deb9u1
Processing control commands: > tags -1 + pending Bug #888766 [release.debian.org] stretch-pu: package debian-security-support/2018.01.29~deb9u1 Added tag(s) pending. -- 888766: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888766 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#891466: stretch-pu: package 2ping/3.2.1-1+deb9u1
Processing control commands: > tags -1 + pending Bug #891466 [release.debian.org] stretch-pu: package 2ping/3.2.1-1+deb9u1 Added tag(s) pending. -- 891466: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891466 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891466: stretch-pu: package 2ping/3.2.1-1+deb9u1
Control: tags -1 + pending On Sat, 2018-03-03 at 14:33 +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sun, 2018-02-25 at 21:59 +0200, Adrian Bunk wrote: > > * Add the missing dependency on python-pkg-resources. > > (Closes: #855972) > > Please go ahead. > Uploaded and flagged for acceptance. Regards, Adam
Processed: Re: Bug#888909: stretch-pu: package nvidia-graphics-drivers/384.111-4~deb9u1
Processing control commands: > tags -1 + pending Bug #888909 [release.debian.org] stretch-pu: package nvidia-graphics-drivers/384.111-4~deb9u1 Ignoring request to alter tags of bug #888909 to the same tags previously set -- 888909: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888909 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#888909: stretch-pu: package nvidia-graphics-drivers/384.111-4~deb9u1
Control: tags -1 + pending On Sat, 2018-03-10 at 09:23 +, Adam D. Barratt wrote: > Control: reopen -1 > > On Sat, 2018-03-03 at 21:27 +, Adam D. Barratt wrote: > > On Sat, 2018-03-03 at 21:36 +0100, Andreas Beckmann wrote: > > > On 2018-03-03 11:51, Adam D. Barratt wrote: > > > > Uploaded and flagged for acceptance. > > Actually, it wasn't. I can only assume that I got confused while > processing the pile of nvidia uploads. :-( It's now really in p-u. Regards, Adam
Bug#892505: transition: openexr
Hi! On 2018-03-10 at 16:35 (+0100), Emilio Pozuelo Monfort wrote: [...] >> while vips on some weird missing dependencies where openexr is not >> involved, it seems. > > Can you file a bug for this? Gonna do it asap. > BTW I see in your changelog: > > openexr (2.2.1-2) experimental; urgency=medium > > * debian/: SONAME bump 22 -> 23 > * debian/control: add Breaks and Replaces for library replacement > > So IIUC, you upgraded 2.2.1-1, which bumped the SONAME, without bumping the > binary package name. Then you uploaded 2.2.1-2 with updated package name for > the > bumped SONAME. However since both libopenexr22_2.2.1-1 and > libopenexr23_2.2.1-2 > ship libopenexr.so.23, you had to add some Breaks/Replaces. But you added: > > Package: libopenexr23 > Version: 2.2.1-2 > Replaces: libopenexr22 (<< 2.2.1-2) > Breaks: libopenexr22 (<< 2.2.1-2) > > That's unnecessarily broad, as it breaks against libopenexr22_2.2.0-11.1 that > we > have in testing, when it shouldn't. That will cause pain during the > transition. > Can you instead update the Breaks/Replaces to something like > > libopenexr22 (= 2.2.1-1) > > or > > libopenexr22 (>= 2.2.1) > > That should still conflict against the bad versions but not against the good > ones. > > Basically if you can install libopenexr22/testing with libopenexr23, then > we're > good to go. That's what I've done now: I've just uploaded -3 revision that fixes the Breaks/Replaces with the first option you provided. And I've tested the co-installability of libopenexr22 from testing and libopenexr23 from experimental. Cheers. -- Matteo F. Vescovi || Debian Developer GnuPG KeyID: 4096R/0x8062398983B2CF7A signature.asc Description: PGP signature
Bug#892487: transition: gnome-desktop3/mutter 3.27
Control: tags -1 confirmed On 09/03/18 16:06, Jeremy Bicha wrote: > Oh, I forgot to mention 2 things: > > 1. I would like to do the mutter/gnome-shell transition simultaneously > with gnome-desktop3: > > https://release.debian.org/transitions/html/auto-mutter.html > > All 3 affected packages need sourceful uploads. I have permission from > the budgie-desktop maintainer to do its NMU. The others are Debian > GNOME packages which I will also upload. Go ahead. > 2. I will wait to do the libgweather transition requested at > https://bugs.debian.org/890322 later. OK. Cheers, Emilio
Processed: Re: Bug#892487: transition: gnome-desktop3/mutter 3.27
Processing control commands: > tags -1 confirmed Bug #892487 [release.debian.org] transition: gnome-desktop3 3.27 Added tag(s) confirmed. -- 892487: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892487 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#892505: transition: openexr
On 10/03/18 16:05, Matteo F. Vescovi wrote: > Hi Emilio! > > On 2018-03-10 at 10:27 (+0100), Emilio Pozuelo Monfort wrote: > > [...] > >>> ### Dependency level 3 ### >>> * gmic_1.7.9+zart-4 => FTBFS (not openexr related) >>> * gst-plugins-bad1.0_1.8.3-1 => FTBFS (not openexr related) >> >> unstable has gst-plugins-bad1.0 1.12.4-2. >> Did you really check with 1.8.3-1? > > Gosh, reverse-depends from ubuntu-dev-tools package brought that version > in my list, no idea why. Anyway, I've checked gst-plugins-bad1.0 > 1.12.4-2 and: > > * gst-plugins-bad1.0 1.12.4-2 => OK Ok, good. > >> Can you also check the other packages that failed to build (gmic and >> vips)? > > Unfortunately, both were built on the right versions and they fail; gmic > with: > > = = = = = = = >8 = = = = = = > dh_install: Cannot find (any matches for) "etc/bash_completion.d/gmic" > (tried in ., debian/tmp) > > dh_install: gmic missing files: etc/bash_completion.d/gmic > dh_install: missing files, aborting > = = = = = = = >8 = = = = = = That's #892123. > while vips on some weird missing dependencies where openexr is not > involved, it seems. Can you file a bug for this? BTW I see in your changelog: openexr (2.2.1-2) experimental; urgency=medium * debian/: SONAME bump 22 -> 23 * debian/control: add Breaks and Replaces for library replacement So IIUC, you upgraded 2.2.1-1, which bumped the SONAME, without bumping the binary package name. Then you uploaded 2.2.1-2 with updated package name for the bumped SONAME. However since both libopenexr22_2.2.1-1 and libopenexr23_2.2.1-2 ship libopenexr.so.23, you had to add some Breaks/Replaces. But you added: Package: libopenexr23 Version: 2.2.1-2 Replaces: libopenexr22 (<< 2.2.1-2) Breaks: libopenexr22 (<< 2.2.1-2) That's unnecessarily broad, as it breaks against libopenexr22_2.2.0-11.1 that we have in testing, when it shouldn't. That will cause pain during the transition. Can you instead update the Breaks/Replaces to something like libopenexr22 (= 2.2.1-1) or libopenexr22 (>= 2.2.1) That should still conflict against the bad versions but not against the good ones. Basically if you can install libopenexr22/testing with libopenexr23, then we're good to go. Cheers, Emilio
Bug#888531: transition: ruby2.5 - binNMU round #5, and next steps
On 09/03/18 15:53, Antonio Terceiro wrote: > Hi, > > Please binNMU: > > obexftp > ruby-bcrypt-pbkdf > > Now we need to discuss what to do wrt the few pending packages. > > weechat: #892072 [S|+| ] [src:weechat] weechat: build against ruby2.5 That's got a patch, and should be fixed. > uwsgi: #892074 [S | ] [src:uwsgi] uwsgi: FTBFS with ruby2.5 as default I gave a clue about this one on the bug. Easy to fix. > graphviz: is missing on armel, because guile-2.2-dev is missing on armel. I > asked on #debian-buildd and Julien told me that guile-2.2-dev brings the > buildds down. Yeah, this is a problem. > ruby-prof: I just uploaded an update that will make it build fine on s390x. Good. > ruby-pgplot: it's in contrib and has a dependency on a non-free package, > so it can't be built on buildds. I could do binary uploads myself now, > or ask someone who cares about it to do that, but then when it's time to > drop ruby2.3 I would need to do that again, and I would prefer to do it > just once. I just reported a serious bugs about this. Already fixed (thanks Andreas!) > My suggestion would be to remove weechat, uwsgi and ruby-pgplot from > testing, remove graphviz from testing on armel, and unblock the > transition. But, of course, this is your call. No, we should fix weechat and uwsgi. The only real problem is with guile-2.2 on armel. I'll see what can be done there. Cheers, Emilio
Bug#892505: transition: openexr
Hi Emilio! On 2018-03-10 at 10:27 (+0100), Emilio Pozuelo Monfort wrote: [...] >> ### Dependency level 3 ### >> * gmic_1.7.9+zart-4 => FTBFS (not openexr related) >> * gst-plugins-bad1.0_1.8.3-1 => FTBFS (not openexr related) > > unstable has gst-plugins-bad1.0 1.12.4-2. > Did you really check with 1.8.3-1? Gosh, reverse-depends from ubuntu-dev-tools package brought that version in my list, no idea why. Anyway, I've checked gst-plugins-bad1.0 1.12.4-2 and: * gst-plugins-bad1.0 1.12.4-2 => OK > Can you also check the other packages that failed to build (gmic and > vips)? Unfortunately, both were built on the right versions and they fail; gmic with: = = = = = = = >8 = = = = = = dh_install: Cannot find (any matches for) "etc/bash_completion.d/gmic" (tried in ., debian/tmp) dh_install: gmic missing files: etc/bash_completion.d/gmic dh_install: missing files, aborting = = = = = = = >8 = = = = = = while vips on some weird missing dependencies where openexr is not involved, it seems. Hope this helps. Cheers. -- Matteo F. Vescovi || Debian Developer GnuPG KeyID: 4096R/0x8062398983B2CF7A signature.asc Description: PGP signature
Bug#888531: transition: ruby2.5 - binNMU round #5, and next steps
On Sat, Mar 10, 2018 at 04:26:03AM +0100, Andreas Beckmann wrote: > On Fri, 9 Mar 2018 11:53:17 -0300 Antonio Terceiro> wrote: > > ruby-pgplot: it's in contrib and has a dependency on a non-free package, > > so it can't be built on buildds. I could do binary uploads myself now, > > or ask someone who cares about it to do that, but then when it's time to > > drop ruby2.3 I would need to do that again, and I would prefer to do it > > just once. I just reported a serious bugs about this. > > If you have the infrastructure ready to do contrib/non-free binNMUs (and > some experience with it), this is not really much work. Uploaded a +b1 > binNMU. Please ping me once you need the ruby2.5-only binNMU. I have neither the infra ready nor the experience, so thank you lot for your help with this! :-) signature.asc Description: PGP signature
Processed: reopening 888909
Processing commands for cont...@bugs.debian.org: > # Gah automation > reopen 888909 Bug #888909 {Done: "Adam D. Barratt"} [release.debian.org] stretch-pu: package nvidia-graphics-drivers/384.111-4~deb9u1 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No longer marked as fixed in versions 9.4. > thanks Stopping processing here. Please contact me if you need assistance. -- 888909: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888909 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: limit package to release.debian.org, closing 886482, closing 886589, closing 886593, closing 886636 ...
Processing commands for cont...@bugs.debian.org: > # These updates were all included in today's stretch point release > limit package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > close 886482 9.4 Bug #886482 [release.debian.org] stretch-pu: package global/6.5.6-2 There is no source info for the package 'release.debian.org' at version '9.4' with architecture '' Unable to make a source version for version '9.4' Marked as fixed in versions 9.4. Bug #886482 [release.debian.org] stretch-pu: package global/6.5.6-2 Marked Bug as done > close 886589 9.4 Bug #886589 [release.debian.org] stretch-pu: package mapproxy/1.9.0-3+deb9u1 There is no source info for the package 'release.debian.org' at version '9.4' with architecture '' Unable to make a source version for version '9.4' Marked as fixed in versions 9.4. Bug #886589 [release.debian.org] stretch-pu: package mapproxy/1.9.0-3+deb9u1 Marked Bug as done > close 886593 9.4 Bug #886593 [release.debian.org] stretch-pu: package qtpass/1.1.6-1 There is no source info for the package 'release.debian.org' at version '9.4' with architecture '' Unable to make a source version for version '9.4' Marked as fixed in versions 9.4. Bug #886593 [release.debian.org] stretch-pu: package qtpass/1.1.6-1 Marked Bug as done > close 886636 9.4 Bug #886636 [release.debian.org] stretch-pu: package gnumail/1.2.2-1.1+deb9u1 There is no source info for the package 'release.debian.org' at version '9.4' with architecture '' Unable to make a source version for version '9.4' Marked as fixed in versions 9.4. Bug #886636 [release.debian.org] stretch-pu: package gnumail/1.2.2-1.1+deb9u1 Marked Bug as done > close 886877 9.4 Bug #886877 [release.debian.org] stretch-pu: package gosa-plugin-pwreset/0.99.4-1+deb9u1 There is no source info for the package 'release.debian.org' at version '9.4' with architecture '' Unable to make a source version for version '9.4' Marked as fixed in versions 9.4. Bug #886877 [release.debian.org] stretch-pu: package gosa-plugin-pwreset/0.99.4-1+deb9u1 Marked Bug as done > close 887311 9.4 Bug #887311 [release.debian.org] stretch-pu: package libperlx-assert-perl/0.904-1+deb9u1 There is no source info for the package 'release.debian.org' at version '9.4' with architecture '' Unable to make a source version for version '9.4' Marked as fixed in versions 9.4. Bug #887311 [release.debian.org] stretch-pu: package libperlx-assert-perl/0.904-1+deb9u1 Marked Bug as done > close 887352 9.4 Bug #887352 [release.debian.org] stretch-pu: package mpi4py/2.0.0-2.1+deb9u1 There is no source info for the package 'release.debian.org' at version '9.4' with architecture '' Unable to make a source version for version '9.4' Marked as fixed in versions 9.4. Bug #887352 [release.debian.org] stretch-pu: package mpi4py/2.0.0-2.1+deb9u1 Marked Bug as done > close 887359 9.4 Bug #887359 [release.debian.org] stretch-pu: package slic3r/1.2.9+dfsg-9~deb9u1 There is no source info for the package 'release.debian.org' at version '9.4' with architecture '' Unable to make a source version for version '9.4' Marked as fixed in versions 9.4. Bug #887359 [release.debian.org] stretch-pu: package slic3r/1.2.9+dfsg-9~deb9u1 Marked Bug as done > close 887589 9.4 Bug #887589 [release.debian.org] stretch-pu: package grilo-plugins/0.3.3-1 There is no source info for the package 'release.debian.org' at version '9.4' with architecture '' Unable to make a source version for version '9.4' Marked as fixed in versions 9.4. Bug #887589 [release.debian.org] stretch-pu: package grilo-plugins/0.3.3-1 Marked Bug as done > close 887855 9.4 Bug #887855 [release.debian.org] stretch-pu: package libvirt/3.0.0-4+deb9u2 There is no source info for the package 'release.debian.org' at version '9.4' with architecture '' Unable to make a source version for version '9.4' Marked as fixed in versions 9.4. Bug #887855 [release.debian.org] stretch-pu: package libvirt/3.0.0-4+deb9u2 Marked Bug as done > close 887999 9.4 Bug #887999 [release.debian.org] stretch-pu: package libhibernate-validator-java/4.3.3-1 There is no source info for the package 'release.debian.org' at version '9.4' with architecture '' Unable to make a source version for version '9.4' Marked as fixed in versions 9.4. Bug #887999 [release.debian.org] stretch-pu: package libhibernate-validator-java/4.3.3-1 Marked Bug as done > close 888006 9.4 Bug #888006 [release.debian.org] stretch-pu: package salt/2016.11.2+ds-1 There is no source info for the package 'release.debian.org' at version '9.4' with architecture '' Unable to make a source version for version '9.4' Marked as fixed in versions 9.4. Bug #888006 [release.debian.org] stretch-pu: package salt/2016.11.2+ds-1 Marked Bug as done > close 888488 9.4 Bug #888488 [release.debian.org] stretch-pu: package w3m/0.5.3-34+deb9u1 There is no source info for the package 'release.debian.org' at version
Bug#885027: marked as done (stretch-pu: package mosquitto/1.4.10-3+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #885027, regarding stretch-pu: package mosquitto/1.4.10-3+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 885027: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885027 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu This patch fixes CVS-2017-0868 for mosquitto. The security team does not believe it is worthy of a DSA and suggest a point release instead. -- System Information: Debian Release: stretch/sid APT prefers xenial-updates APT policy: (500, 'xenial-updates'), (500, 'xenial-security'), (500, 'xenial'), (100, 'xenial-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.4.0-97-generic (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system) diff -Nru mosquitto-1.4.10/debian/changelog mosquitto-1.4.10/debian/changelog --- mosquitto-1.4.10/debian/changelog 2017-05-29 14:38:36.0 +0100 +++ mosquitto-1.4.10/debian/changelog 2017-12-22 21:29:50.0 + @@ -1,3 +1,12 @@ +mosquitto (1.4.10-3+deb9u1) stretch; urgency=medium + + * SECURITY UPDATE: Mosquitto persistence file is world readable. +- debian/patches/mosquitto-1.4.x_cve-2017-9868.patch: Set umask to limit + read permissions. +- CVE-2017-9868 + + -- Roger A. LightFri, 22 Dec 2017 08:19:25 + + mosquitto (1.4.10-3) unstable; urgency=high * SECURITY UPDATE: Pattern ACL can be bypassed by using a username/client id diff -Nru mosquitto-1.4.10/debian/patches/mosquitto-1.4.x_cve-2017-9868.patch mosquitto-1.4.10/debian/patches/mosquitto-1.4.x_cve-2017-9868.patch --- mosquitto-1.4.10/debian/patches/mosquitto-1.4.x_cve-2017-9868.patch 1970-01-01 01:00:00.0 +0100 +++ mosquitto-1.4.10/debian/patches/mosquitto-1.4.x_cve-2017-9868.patch 2017-06-26 09:41:10.0 +0100 @@ -0,0 +1,17 @@ +Description: Fix for CVE-207-9868. +Author: Roger Light +Forwarded: not-needed +Origin: upstream, https://mosquitto.org/files/cve/2017-9868/mosquitto-1.4.x_cve-2017-9868.patch +--- a/src/persist.c b/src/persist.c +@@ -362,6 +362,10 @@ + _mosquitto_log_printf(NULL, MOSQ_LOG_INFO, "Error saving in-memory database, out of memory."); + return MOSQ_ERR_NOMEM; + } ++ ++ /* Restrict access to persistence file. */ ++ umask(0077); ++ + snprintf(outfile, len, "%s.new", db->config->persistence_filepath); + outfile[len] = '\0'; + diff -Nru mosquitto-1.4.10/debian/patches/series mosquitto-1.4.10/debian/patches/series --- mosquitto-1.4.10/debian/patches/series 2017-05-29 13:47:08.0 +0100 +++ mosquitto-1.4.10/debian/patches/series 2017-12-22 08:23:41.0 + @@ -8,3 +8,4 @@ hurd-errno.patch mosquitto-1.4.10_cve-2017-7650.patch allow_ipv6_bridges.patch +mosquitto-1.4.x_cve-2017-9868.patch --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#884606: marked as done (stretch-pu: package espeakup/1:0.80-5+b2)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #884606, regarding stretch-pu: package espeakup/1:0.80-5+b2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 884606: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884606 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: k...@debian.org Hello, Several blind users have reported that the Debian Installer speech synthesis was not working on their computer, thus making it unusable for them. It happens that this is due to odd numbering of sound cards by ALSA on those computers. We have fixed this in buster, it has been successfully tested on the reported systems, so I propose to include the fix in Stretch too, I have attached the diff. I'm also Cc-ing Kibi for his opinion on this. Samuel -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'stable-debug'), (500, 'oldoldstable'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) diff --git a/debian/changelog b/debian/changelog index a908870..7a19a8d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +espeakup (1:0.80-5+deb9u1) stretch; urgency=medium + + * debian/espeakup-udeb.start: Fix case where card 0 does not have an id or +where cards have non-contiguous indexes. + * debian/espeakup-udeb.finish-install: Use card id in installed system +to avoid issues with card detection ordering. + + -- Samuel ThibaultSun, 17 Dec 2017 16:35:19 +0100 + espeakup (1:0.80-5) unstable; urgency=medium * Use canonical anonscm vcs URL. diff --git a/debian/espeakup-udeb.finish-install b/debian/espeakup-udeb.finish-install index 00e7e84..17c9182 100644 --- a/debian/espeakup-udeb.finish-install +++ b/debian/espeakup-udeb.finish-install @@ -12,4 +12,4 @@ apt-install espeakup alsa-utils || true cp /usr/share/espeakup-udeb/espeakup.default /target/etc/default/espeakup sed -i -e "s/^VOICE=.*/VOICE=$VOICE/" /target/etc/default/espeakup -[ -z "$ALSA_CARD" ] || sed -i -e "s/^# ALSA_CARD=.*/ALSA_CARD=\"$ALSA_CARD\"/" /target/etc/default/espeakup +[ -z "$ALSA_CARD" ] || sed -i -e "s/^# ALSA_CARD=.*/ALSA_CARD=\"`cat /sys/class/sound/card$ALSA_CARD/id`\"/" /target/etc/default/espeakup diff --git a/debian/espeakup-udeb.start b/debian/espeakup-udeb.start index d187d77..2f5db6a 100644 --- a/debian/espeakup-udeb.start +++ b/debian/espeakup-udeb.start @@ -1,7 +1,15 @@ +BASE=/sys/class/sound + +strip () { + cardid=${1#$BASE/card} + echo ${cardid%/id} +} + if lsmod | grep -q speakup_soft; then # Give drivers some time to detect boards :/ sleep 2 - N=$(ls /sys/class/sound/card*/id | wc -l) + IDS=$(echo $BASE/card*/id) + N=$(echo $IDS | wc -w) case $N in 0) echo No sound card detected, can not do software speech synthesis... Press enter to continue anyway. @@ -9,17 +17,18 @@ if lsmod | grep -q speakup_soft; then ;; 1) # Just one card, can not be wrong - echo 0 > /var/run/espeakup.card - /usr/bin/espeakup > /var/log/espeakup.log 2>&1 + echo $(strip $IDS) > /var/run/espeakup.card + /usr/bin/espeakup -V en > /var/log/espeakup.log 2>&1 ;; *) # Several cards, make the user choose CARD=none while [ "$CARD" = none ] do - for i in $( seq 0 $(($N-1)) ) + for ID in $IDS do - ALSA_CARD=$(cat /sys/class/sound/card$i/id) /usr/bin/espeakup >> /var/log/espeakup.log 2>&1 +
Bug#885184: marked as done (stretch-pu: package agenda.app/0.42.2-1+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #885184, regarding stretch-pu: package agenda.app/0.42.2-1+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 885184: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885184 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi SRMs, Would you approve an update for agenda.app to fix #884098? Proposed change was tested on a stretch machine; debdiff attached. (Note that jessie is not affected; it has the same agenda.app version but an older gnustep-gui version that doesn't exhibit the bug.) -- System Information: Debian Release: 9.3 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-debug'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 4.9.0-4-686-pae (SMP w/1 CPU core) Locale: LANG=bg_BG.UTF-8, LC_CTYPE=bg_BG.UTF-8 (charmap=UTF-8), LANGUAGE=bg_BG.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) diff -Nru agenda.app-0.42.2/debian/changelog agenda.app-0.42.2/debian/changelog --- agenda.app-0.42.2/debian/changelog 2012-05-29 18:00:21.0 +0300 +++ agenda.app-0.42.2/debian/changelog 2017-12-25 22:09:00.0 +0200 @@ -1,3 +1,11 @@ +agenda.app (0.42.2-1+deb9u1) stretch; urgency=medium + + * debian/patches/fix-editors-exception.patch: New, fixes creation of +tasks and appointments (Closes: #884098). + * debian/patches/series: New file. + + -- Yavor DoganovMon, 25 Dec 2017 22:09:00 +0200 + agenda.app (0.42.2-1) unstable; urgency=low * New upstream release: diff -Nru agenda.app-0.42.2/debian/patches/fix-editors-exception.patch agenda.app-0.42.2/debian/patches/fix-editors-exception.patch --- agenda.app-0.42.2/debian/patches/fix-editors-exception.patch 1970-01-01 02:00:00.0 +0200 +++ agenda.app-0.42.2/debian/patches/fix-editors-exception.patch 2017-12-25 22:09:00.0 +0200 @@ -0,0 +1,40 @@ +Description: Fix NSException when creating a new task or appointment. + Upstream is uncertain that this is the right fix; I concur. It looks + like the problem stems from the fact that TaskEditor/AppointmentEditor + are window controllers but don't derive from NSWindowController and + thus do not inherit the -document method. Upstream doesn't remember + why he opted to subclass NSObject; it's not feasible to change the + superclass now. +Origin: upstream, commit:fa5ccf2 +Bug-Debian: https://bugs.debian.org/884098 +Last-Update: 2017-12-25 +--- + +--- agenda.app.orig/AppointmentEditor.m agenda.app/AppointmentEditor.m +@@ -38,6 +38,11 @@ + return self; + } + ++- (id)document ++{ ++ return nil; ++} ++ + - (id)initWithEvent:(Event *)event + { + StoreManager *sm = [StoreManager globalManager]; +--- agenda.app.orig/TaskEditor.m agenda.app/TaskEditor.m +@@ -33,6 +33,11 @@ + return self; + } + ++- (id)document ++{ ++ return nil; ++} ++ + - (id)initWithTask:(Task *)task + { + StoreManager *sm = [StoreManager globalManager]; diff -Nru agenda.app-0.42.2/debian/patches/series agenda.app-0.42.2/debian/patches/series --- agenda.app-0.42.2/debian/patches/series 1970-01-01 02:00:00.0 +0200 +++ agenda.app-0.42.2/debian/patches/series 2017-12-25 22:09:00.0 +0200 @@ -0,0 +1 @@ +fix-editors-exception.patch --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#885531: marked as done (stretch-pu: package soundtouch/1.9.2-2+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #885531, regarding stretch-pu: package soundtouch/1.9.2-2+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 885531: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885531 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi, This soundtouch update fixes 3 no-DSA security bugs: #870854, #870856, and #870857. I have tested the package on stretch and with the attached debdiff, soundstretch still works and the proof of concepts for the 3 security issues behave correctly now. The patch under debian/patches uses DOS line endings because the file it modifies also uses DOS line endings. Thanks, James -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) diff -Nru soundtouch-1.9.2/debian/changelog soundtouch-1.9.2/debian/changelog --- soundtouch-1.9.2/debian/changelog 2015-09-28 15:13:28.0 +0100 +++ soundtouch-1.9.2/debian/changelog 2017-12-27 16:34:15.0 + @@ -1,3 +1,13 @@ +soundtouch (1.9.2-2+deb9u1) stretch; urgency=medium + + [ Gabor Karsay ] + * Add patch to fix +- CVE-2017-9258 (Closes: #870854) +- CVE-2017-9259 (Closes: #870856) +- CVE-2017-9260 (Closes: #870857) + + -- James CowgillWed, 27 Dec 2017 16:34:15 + + soundtouch (1.9.2-2) unstable; urgency=medium * Upload to unstable. diff -Nru soundtouch-1.9.2/debian/patches/cve-2017-92xx.patch soundtouch-1.9.2/debian/patches/cve-2017-92xx.patch --- soundtouch-1.9.2/debian/patches/cve-2017-92xx.patch 1970-01-01 01:00:00.0 +0100 +++ soundtouch-1.9.2/debian/patches/cve-2017-92xx.patch 2017-12-27 16:34:15.0 + @@ -0,0 +1,36 @@ +Description: Fix CVE-2017-9258, CVE-2017-9259, CVE-2017-9260 + Based on an upstream commit, original commit message was: "Added sanity + checks against illegal input audio stream parameters e.g. wildly excessive + samplerate". + . + There is no reference to CVEs or bugs, the commit was made after disclosure + of the CVEs and all three proofs of concept (crafted wav files) fail after + this commit. + . + The commit was made after version 2.0.0, so that version is also vulnerable. + . + Unrelated changes were stripped away by patch author, upstream commit author + is Olli Parviainen . +Author: Gabor Karsay +Origin: upstream, https://sourceforge.net/p/soundtouch/code/256/ +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870854 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870856 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870857 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/source/SoundTouch/TDStretch.cpp b/source/SoundTouch/TDStretch.cpp +@@ -128,7 +128,12 @@ + int aSeekWindowMS, int aOverlapMS) + { + // accept only positive parameter values - if zero or negative, use old values instead +-if (aSampleRate > 0) this->sampleRate = aSampleRate; ++if (aSampleRate > 0) ++{ ++if (aSampleRate > 192000) ST_THROW_RT_ERROR("Error: Excessive samplerate"); ++this->sampleRate = aSampleRate; ++} ++ + if (aOverlapMS > 0)this->overlapMs = aOverlapMS; + + if (aSequenceMS > 0) diff -Nru soundtouch-1.9.2/debian/patches/series soundtouch-1.9.2/debian/patches/series --- soundtouch-1.9.2/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ soundtouch-1.9.2/debian/patches/series 2017-12-27 16:34:15.0 + @@ -0,0 +1 @@ +cve-2017-92xx.patch signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#885086: marked as done (stretch-pu: package kildclient/3.1.0-1+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #885086, regarding stretch-pu: package kildclient/3.1.0-1+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 885086: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885086 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu I'd like to upload an update to kildclient to fix bug #885007 / CVE-2017-17511: | KildClient 3.1.0 does not validate strings before launching the program | specified by the BROWSER environment variable, which might allow remote | attackers to conduct argument-injection attacks via a crafted URL, | related to prefs.c and worldgui.c. This issue is of minimal impact, and the security team considered that a DSA is not necessary, but there is a simple fix that avoids the use of a user- specified command or $BROWSER, and I'd like to include it in the next point release. The debdiff is attached. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (900, 'testing'), (50, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) diff -Nru kildclient-3.1.0/debian/changelog kildclient-3.1.0/debian/changelog --- kildclient-3.1.0/debian/changelog 2016-12-04 20:46:22.0 -0200 +++ kildclient-3.1.0/debian/changelog 2017-12-23 08:40:07.0 -0200 @@ -1,3 +1,10 @@ +kildclient (3.1.0-1+deb9u1) stretch; urgency=low + + * Fix for CVE-2017-17511. New dependency 'gvfs' required in order to use +GTK+ function for opening URLs. Closes: #885007 + + -- Eduardo M KalinowskiSat, 23 Dec 2017 08:40:07 -0200 + kildclient (3.1.0-1) unstable; urgency=low * New upstream version: 3.1.0. diff -Nru kildclient-3.1.0/debian/control kildclient-3.1.0/debian/control --- kildclient-3.1.0/debian/control 2016-12-04 20:46:22.0 -0200 +++ kildclient-3.1.0/debian/control 2017-12-17 09:42:44.0 -0200 @@ -10,7 +10,7 @@ Package: kildclient Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, libjson-perl +Depends: ${shlibs:Depends}, ${misc:Depends}, libjson-perl, gvfs Suggests: kildclient-doc, libgtk3-perl Description: powerful MUD client with a built-in Perl interpreter KildClient is a MUD Client written with the GTK+ windowing toolkit. diff -Nru kildclient-3.1.0/debian/NEWS.Debian kildclient-3.1.0/debian/NEWS.Debian --- kildclient-3.1.0/debian/NEWS.Debian 2016-12-04 20:46:22.0 -0200 +++ kildclient-3.1.0/debian/NEWS.Debian 2017-12-17 09:43:58.0 -0200 @@ -1,3 +1,10 @@ +kildclient (3.1.0-1+deb9u1) stretch-security; urgency=high + + * The option to define the command used to run a web browser has been +removed; the default browser (as selected by gvfs) is now used. + + -- Eduardo M Kalinowski Sun, 17 Dec 2017 09:42:23 -0200 + kildclient (2.8.1-1) experimental; urgency=low The HTML manual is now in the package kildclient-doc. diff -Nru kildclient-3.1.0/debian/patches/cve-2017-17511.patch kildclient-3.1.0/debian/patches/cve-2017-17511.patch --- kildclient-3.1.0/debian/patches/cve-2017-17511.patch1969-12-31 21:00:00.0 -0300 +++ kildclient-3.1.0/debian/patches/cve-2017-17511.patch2017-12-17 09:56:25.0 -0200 @@ -0,0 +1,183 @@ +Description: Fix for CVE-2017-17511 + Uses a GTK+ function to open URLs, instead of using a command + supplied by the user or $BROWSER. +Author: Eduardo M KALINOWSKI +Last-Update: 2017-12-17 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/doc/C/kildclient.xml b/doc/C/kildclient.xml +@@ -1233,20 +1233,16 @@ + + + +-In this section you can configure the command that will be run +-when you right-click in a URL that appears in the MUD window and +-select Open Link. The command will be executed, +-with %s replaced with the URL's address. The +-ampersand () in the end means that the command +-is to be executed in the background, so that you can continue using +-KildClient while browsing the URL. +- +-You can also set a command used to play audio files (see In this section you can set a command used to play audio files (see ). Enter the
Bug#885582: marked as done (stretch-pu: package ncurses/6.0+20161126-1+deb9u2)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #885582, regarding stretch-pu: package ncurses/6.0+20161126-1+deb9u2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 885582: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885582 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch d-i User: release.debian@packages.debian.org Usertags: pu I would like to fix bug #882620 aka CVE-2017-16879 in stretch, a buffer overflow in the _nc_write_entry function. While this touches the tinfo library used in the installer, _nc_write_entry() is only used by tic as far as I am aware. Cheers, Sven diff -Nru ncurses-6.0+20161126/debian/changelog ncurses-6.0+20161126/debian/changelog --- ncurses-6.0+20161126/debian/changelog 2017-09-07 19:05:43.0 +0200 +++ ncurses-6.0+20161126/debian/changelog 2017-12-28 10:47:33.0 +0100 @@ -1,3 +1,11 @@ +ncurses (6.0+20161126-1+deb9u2) stretch; urgency=medium + + * Cherry-pick upstream fix from the 20171125 patchlevel to fix +a buffer overflow in the _nc_write_entry function +(CVE-2017-16879, Closes: #882620). + + -- Sven JoachimThu, 28 Dec 2017 10:47:33 +0100 + ncurses (6.0+20161126-1+deb9u1) stretch; urgency=medium * Cherry-pick upstream fixes from the 20170701 and 20170708 patchlevels diff -Nru ncurses-6.0+20161126/debian/patches/cve-2017-16879.diff ncurses-6.0+20161126/debian/patches/cve-2017-16879.diff --- ncurses-6.0+20161126/debian/patches/cve-2017-16879.diff 1970-01-01 01:00:00.0 +0100 +++ ncurses-6.0+20161126/debian/patches/cve-2017-16879.diff 2017-12-28 10:32:23.0 +0100 @@ -0,0 +1,44 @@ +Author: Sven Joachim +Description: Fix for CVE-2017-16879 in the _nc_write_entry function + Fix for CVE-2017-16879 cherry-picked from upstream patchlevel + 20171125. +Bug-Debian: https://bugs.debian.org/882620 +Forwarded: not-needed +Last-Update: 2017-11-27 + +--- + ncurses/tinfo/write_entry.c | 11 ++- + 1 file changed, 10 insertions(+), 1 deletion(-) + +--- a/ncurses/tinfo/write_entry.c b/ncurses/tinfo/write_entry.c +@@ -267,6 +267,9 @@ _nc_write_entry(TERMTYPE *const tp) + #endif + #endif /* USE_SYMLINKS */ + ++unsigned limit2 = sizeof(filename) - (2 + LEAF_LEN); ++char saved = '\0'; ++ + static int call_count; + static time_t start_time; /* time at start of writes */ + +@@ -365,12 +368,18 @@ _nc_write_entry(TERMTYPE *const tp) + start_time = 0; + } + +-if (strlen(first_name) >= sizeof(filename) - (2 + LEAF_LEN)) ++if (strlen(first_name) >= sizeof(filename) - (2 + LEAF_LEN)) { + _nc_warning("terminal name too long."); ++ saved = first_name[limit2]; ++ first_name[limit2] = '\0'; ++} + + _nc_SPRINTF(filename, _nc_SLIMIT(sizeof(filename)) + LEAF_FMT "/%s", first_name[0], first_name); + ++if (saved) ++ first_name[limit2] = saved; ++ + /* + * Has this primary name been written since the first call to + * write_entry()? If so, the newer write will step on the older, diff -Nru ncurses-6.0+20161126/debian/patches/series ncurses-6.0+20161126/debian/patches/series --- ncurses-6.0+20161126/debian/patches/series 2017-09-07 19:05:43.0 +0200 +++ ncurses-6.0+20161126/debian/patches/series 2017-12-28 10:32:23.0 +0100 @@ -5,3 +5,4 @@ termcap-fix.diff more-cve-fixes.diff cve-2017-13733.diff +cve-2017-16879.diff --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#886380: marked as done (stretch-pu: package opendmarc/1.3.2-2+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #886380, regarding stretch-pu: package opendmarc/1.3.2-2+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 886380: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886380 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu As released, opendmarc doesn't read it's configuration file which substantially limits the packages usefullness as packaged/released. The attached debdiff changes the service file so the configuration file is actually used and adjusts the configuration file to match the option values previously hard coded in the service file. This is very similar to a change I needed to make in opendkim that has gone well as a stable update, so I believe this is very low risk. The package is built and ready for upload. Scott K diff -u opendmarc-1.3.2/debian/changelog opendmarc-1.3.2/debian/changelog --- opendmarc-1.3.2/debian/changelog +++ opendmarc-1.3.2/debian/changelog @@ -1,3 +1,12 @@ +opendmarc (1.3.2-2+deb9u1) stretch; urgency=medium + + * Update opendmarc service file so changes in opendmarc.conf are used and +update opendmarc.conf to match values previously hard-coded in the service +file (Closes: #863612) +- Thanks to Jack Bates for the patch + + -- Scott KittermanThu, 04 Jan 2018 20:47:48 -0500 + opendmarc (1.3.2-2) unstable; urgency=medium * Do not remove /etc/default/opendkim on upgrade since it is a conffile diff -u opendmarc-1.3.2/debian/opendmarc.conf opendmarc-1.3.2/debian/opendmarc.conf --- opendmarc-1.3.2/debian/opendmarc.conf +++ opendmarc-1.3.2/debian/opendmarc.conf @@ -12,13 +12,28 @@ ## # FailureReports false -PidFile /var/run/opendmarc.pid +PidFile /var/run/opendmarc/opendmarc.pid ## RejectFailures { true | false } ## default "false" ## RejectFailures false +## Socket socketspec +## default (none) +## +## Specifies the socket that should be established by the filter to receive +## connections from sendmail(8) in order to provide service. socketspec is +## in one of two forms: local:path, which creates a UNIX domain socket at +## the specified path, or inet:port[@host] or inet6:port[@host] which creates +## a TCP socket on the specified port for the appropriate protocol family. +## If the host is not given as either a hostname or an IP address, the +## socket will be listening on all interfaces. This option is mandatory +## either in the configuration file or on the command line. If an IP +## address is used, it must be enclosed in square brackets. +# +Socket local:/var/run/opendmarc/opendmarc.sock + ## Syslog { true | false } ## default "false" ## @@ -65,7 +80,7 @@ ## The process will be assigned all of the groups and primary group ID of ## the named userid unless an alternate group is specified. # -UserID opendmarc:opendmarc +UserID opendmarc ## Path to system copy of PSL (needed to determine organizational domain) # diff -u opendmarc-1.3.2/debian/opendmarc.service opendmarc-1.3.2/debian/opendmarc.service --- opendmarc-1.3.2/debian/opendmarc.service +++ opendmarc-1.3.2/debian/opendmarc.service @@ -7,7 +7,7 @@ Type=forking PIDFile=/var/run/opendmarc/opendmarc.pid User=opendmarc -ExecStart=/usr/sbin/opendmarc -p local:/var/run/opendmarc/opendmarc.sock -u opendmarc -P /var/run/opendmarc/opendmarc.pid +ExecStart=/usr/sbin/opendmarc Restart=on-failure ExecReload=/bin/kill -USR1 $MAINPID --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#884111: marked as done (stretch-pu: package vdirsyncer/0.14.1-1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #884111, regarding stretch-pu: package vdirsyncer/0.14.1-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 884111: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884111 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hello, I would like to upload vdirsyncer 0.14.1-2 containing fix for bug #883299 [1][2][3]. This fixes critical issue that's making vdirsyncer 0.14.1 unusable for some users as it's unable to sync Google contacts. Attaching debdiff. Thank you, Filip [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883299 [2] https://github.com/pimutils/vdirsyncer/issues/551 [3] https://github.com/pimutils/vdirsyncer/pull/564 -- System Information: Debian Release: 9.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable'), (100, 'unstable'), (50, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.13.0-0.bpo.1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=cs_CZ.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) diff -Nru vdirsyncer-0.14.1/debian/changelog vdirsyncer-0.14.1/debian/changelog --- vdirsyncer-0.14.1/debian/changelog 2017-03-27 09:41:21.0 +0200 +++ vdirsyncer-0.14.1/debian/changelog 2017-12-11 15:12:09.0 +0100 @@ -1,3 +1,9 @@ +vdirsyncer (0.14.1-2) stretch; urgency=medium + + * Backport fix for discovering Google contacts (Closes: #883299) + + -- Filip PytlounMon, 11 Dec 2017 15:12:09 +0100 + vdirsyncer (0.14.1-1) unstable; urgency=medium * New upstream release diff -Nru vdirsyncer-0.14.1/debian/patches/0005-Work-around-Google-Contacts-discovery-bug-564.patch vdirsyncer-0.14.1/debian/patches/0005-Work-around-Google-Contacts-discovery-bug-564.patch --- vdirsyncer-0.14.1/debian/patches/0005-Work-around-Google-Contacts-discovery-bug-564.patch 1970-01-01 01:00:00.0 +0100 +++ vdirsyncer-0.14.1/debian/patches/0005-Work-around-Google-Contacts-discovery-bug-564.patch 2017-12-11 15:11:33.0 +0100 @@ -0,0 +1,71 @@ +From ac662b5c11223157e8a0df8988a1af63a0a4ce82 Mon Sep 17 00:00:00 2001 +From: Markus Unterwaditzer +Date: Mon, 27 Feb 2017 16:06:28 +0100 +Subject: [PATCH] Work around Google Contacts discovery bug (#564) + +* Work around Google Contacts discovery bug + +* fixup + +* changelog +--- + vdirsyncer/storage/dav.py| 20 ++-- + vdirsyncer/storage/google.py | 4 + 2 files changed, 22 insertions(+), 2 deletions(-) + +diff --git a/vdirsyncer/storage/dav.py b/vdirsyncer/storage/dav.py +index 905c8d0..ed6dd61 100644 +--- a/vdirsyncer/storage/dav.py b/vdirsyncer/storage/dav.py +@@ -201,6 +201,23 @@ class Discover(object): + dav_logger.debug('Given URL is not a homeset URL') + return self._find_collections_impl(self.find_home()) + ++def _check_collection_resource_type(self, response): ++if self._resourcetype is None: ++return True ++ ++props = _merge_xml(response.findall( ++'{DAV:}propstat/{DAV:}prop' ++)) ++if not props: ++dav_logger.debug('Skipping, missing : %s', response) ++return False ++if props.find('{DAV:}resourcetype/' + self._resourcetype) \ ++ is None: ++dav_logger.debug('Skipping, not of resource type %s: %s', ++ self._resourcetype, response) ++return False ++return True ++ + def _find_collections_impl(self, url): + headers = self.session.get_default_headers() + headers['Depth'] = '1' +@@ -209,8 +226,7 @@ class Discover(object): + root = _parse_xml(r.content) + done = set() + for response in root.findall('{DAV:}response'): +-props = _merge_xml(response.findall('{DAV:}propstat/{DAV:}prop')) +-if props.find('{DAV:}resourcetype/' + self._resourcetype) is None: ++if not self._check_collection_resource_type(response): + continue + + href = response.find('{DAV:}href') +diff --git a/vdirsyncer/storage/google.py
Bug#884452: marked as done (stretch-pu: package python-evtx/0.5.3b-3+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #884452, regarding stretch-pu: package python-evtx/0.5.3b-3+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 884452: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884452 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Dear release team, please consider allowing an update to the python-evtx package in stretch. It fixes Python3 dependencies (RC bug #867428). Cheers, -Hilko diff -Nru python-evtx-0.5.3b/debian/changelog python-evtx-0.5.3b/debian/changelog --- python-evtx-0.5.3b/debian/changelog 2017-01-12 01:30:09.0 +0100 +++ python-evtx-0.5.3b/debian/changelog 2017-12-12 10:35:05.0 +0100 @@ -1,3 +1,9 @@ +python-evtx (0.5.3b-3+deb9u1) stretch; urgency=medium + + * Fix Python3 dependencies (Closes: #867428) + + -- Hilko BengenTue, 12 Dec 2017 10:35:05 +0100 + python-evtx (0.5.3b-3) unstable; urgency=medium * Add hexdump.py (Closes: #851056) diff -Nru python-evtx-0.5.3b/debian/control python-evtx-0.5.3b/debian/control --- python-evtx-0.5.3b/debian/control 2017-01-12 01:14:08.0 +0100 +++ python-evtx-0.5.3b/debian/control 2017-12-12 10:34:51.0 +0100 @@ -23,7 +23,7 @@ Package: python3-evtx Architecture: all -Depends: ${misc:Depends}, ${python:Depends} +Depends: ${misc:Depends}, ${python3:Depends} Description: parser for recent Windows Event Log files -- Python 3 version This module provides programmatic access to the File and Chunk headers, record templates, and event entries from Microsoft Windows --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#884483: marked as done (stretch-pu: package xrdp/0.9.1-9+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #884483, regarding stretch-pu: package xrdp/0.9.1-9+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 884483: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884483 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, I'd like to update xrdp in stretch for two important bugs: 1. #882463, CVE-2017-16927: Local DoS Security team says it's not critical enough for stretch-security and I should instead target stretch-pu (although I disagree). 2. #884453, High CPU load in ssl_tls_accept Remote users could use up quite a lot or all system resources by keeping TLS contexts in a certain state. Please find the debdiff attached. Cheers, Nik -BEGIN PGP SIGNATURE- iQJ4BAEBCABiFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAlo0F1gxGmh0dHBzOi8v d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYxIcbmlrQG5h dHVyYWxuZXQuZGUACgkQt5o8FqDE8paeRA//apbQ6DhlOkmV6C5+bQ3dSPK0BYbV CAEwhIVSNSsIr7M8726DcoRPIcfdkmU9sE6T84QXf8wShBzoGPTjI9WWIhkwOF2o UuBWZ68wKnQ7A4wuH9br5TYkeF6TDHpct7PE2N+p/BlihXUuUqReXqa4KSjtmKuj l5Q2VJUyUUwyNlZWash8wAY+NmRqpF681sMJCol1v3LQ3F5JUije2rayw//2tdYW HGBYAZEzU/FXZEQyfS6507lyjjiGLWmiwYSGvpvEyr5dg1rJCDNr4P4KH9qbUYLS 4LVpbh8FcsGlnopyjlW9z791upwHUpyyJD2+GTda3zBCTIlTwII7+NJ3L5jpYL// JDXAigt1H09vb2ZYcfjm/P2gqd6yIP9PZDeBjetgQ2Z+pD8/1BrzG/OUd1glxNXU kElHUMvJQxv5jm6XKPldcoBN2CQqwm9NOxiQsx/DyEyhAEpL78+sg1hZ+oPUrj4j I/vX9CGE30mWCEwU6PQqkYS8urN+bvVVFYFO8jM+xYeJZTjwvnjPJkgp89+poGzp ZeRPYyY9+OxMMJJke3aSvrU5wXXpePvz29/KXzAuOTsLavkeL1RQkW7NPtHWtCYk qKICivi10AqLY2Ye2PScnUdAdgJ6spye/b2hju1Hzrz3oeUlxBd5ME2v90QsvbVq CW0Pxt5DlSX9Ir8= =8FZ1 -END PGP SIGNATURE- diff -Nru xrdp-0.9.1/debian/changelog xrdp-0.9.1/debian/changelog --- xrdp-0.9.1/debian/changelog 2017-10-18 11:56:31.0 +0200 +++ xrdp-0.9.1/debian/changelog 2017-12-15 19:28:28.0 +0100 @@ -1,3 +1,10 @@ +xrdp (0.9.1-9+deb9u2) stretch; urgency=medium + + * Fix CVE-2017-16927. (Closes: #882463) + * Fix high CPU load on ssl_tls_accept. (Closes: #884453) + + -- Dominik GeorgeFri, 15 Dec 2017 19:28:28 +0100 + xrdp (0.9.1-9+deb9u1) stretch; urgency=medium * Fix high CPU load on SSL shutdown. (Closes: #876976) diff -Nru xrdp-0.9.1/debian/patches/cve-2017-16927.patch xrdp-0.9.1/debian/patches/cve-2017-16927.patch --- xrdp-0.9.1/debian/patches/cve-2017-16927.patch 1970-01-01 01:00:00.0 +0100 +++ xrdp-0.9.1/debian/patches/cve-2017-16927.patch 2017-12-15 19:28:28.0 +0100 @@ -0,0 +1,137 @@ +From: Idan Freiberg +Subject: sesman: scpv0, accept variable length data fields +Origin: https://github.com/neutrinolabs/xrdp/commit/ebd0510a7d4dab906b6e01570205dfa530d1f7bf.diff +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882463 +--- a/sesman/libscp/libscp_v0.c b/sesman/libscp/libscp_v0.c +@@ -157,7 +157,7 @@ scp_v0s_accept(struct SCP_CONNECTION *c, + struct SCP_SESSION *session = 0; + tui16 sz; + tui32 code = 0; +-char buf[257]; ++char *buf = 0; + + if (!skipVchk) + { +@@ -222,27 +222,31 @@ scp_v0s_accept(struct SCP_CONNECTION *c, + + /* reading username */ + in_uint16_be(c->in_s, sz); +-buf[sz] = '\0'; ++buf = g_new0(char, sz); + in_uint8a(c->in_s, buf, sz); +- ++buf[sz] = '\0'; + if (0 != scp_session_set_username(session, buf)) + { + scp_session_destroy(session); + log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting username", __LINE__); ++g_free(buf); + return SCP_SERVER_STATE_INTERNAL_ERR; + } ++g_free(buf); + + /* reading password */ + in_uint16_be(c->in_s, sz); +-buf[sz] = '\0'; ++buf = g_new0(char, sz); + in_uint8a(c->in_s, buf, sz); +- ++buf[sz] = '\0'; + if (0 != scp_session_set_password(session, buf)) + { + scp_session_destroy(session); + log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting password", __LINE__); ++g_free(buf); + return SCP_SERVER_STATE_INTERNAL_ERR; + } ++g_free(buf); + + /* width */ + in_uint16_be(c->in_s,
Bug#883959: marked as done (stretch-pu: package cappuccino/0.5.1-6+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #883959, regarding stretch-pu: package cappuccino/0.5.1-6+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 883959: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883959 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Let's fix the missing dependency on gir1.2-gtk-3.0, #879848, by rebuilding the package from sid. This also adds a /usr/games/cappuccino -> ../bin/cappuccino symlink. Andreas diff -u cappuccino-0.5.1/debian/changelog cappuccino-0.5.1/debian/changelog --- cappuccino-0.5.1/debian/changelog +++ cappuccino-0.5.1/debian/changelog @@ -1,3 +1,24 @@ +cappuccino (0.5.1-8~deb9u1) unstable; urgency=medium + + * Non-maintainer upload. + * rebuild for stretch. + + -- Andreas BeckmannSat, 09 Dec 2017 20:38:28 +0100 + +cappuccino (0.5.1-8) unstable; urgency=medium + + * Fixes broken symlink in /usr/games. Closes: #880714 +- Thanks to Chris Lamb. + + -- Breno Leitao Mon, 06 Nov 2017 14:25:01 -0500 + +cappuccino (0.5.1-7) unstable; urgency=medium + + * Adding gir1.2-gtk-3.0 as a dependency. Closes: #879848 + * Adding a link to /usr/games/cappuccino + + -- Breno Leitao Fri, 03 Nov 2017 07:52:46 -0400 + cappuccino (0.5.1-6) unstable; urgency=medium * Fix python dependency, moving the debian/rules file to diff -u cappuccino-0.5.1/debian/control cappuccino-0.5.1/debian/control --- cappuccino-0.5.1/debian/control +++ cappuccino-0.5.1/debian/control @@ -3,12 +3,12 @@ Priority: optional Homepage: https://labs.truelite.it/projects/cappuccino Maintainer: Breno Leitao -Standards-Version: 3.7.2 +Standards-Version: 4.1.0 Build-Depends: debhelper (>> 5.0.0), python3, python3-gi, polygen Package: cappuccino Architecture: all -Depends: python3, python3-gi, polygen, ${misc:Depends} +Depends: python3, python3-gi, polygen, ${misc:Depends}, gir1.2-gtk-3.0 Description: utility to let your boss think that you're working hard Run this software on your computer when you are not motivated to work, and enjoy doing something different. If your boss come in your cubicle, he'll diff -u cappuccino-0.5.1/debian/rules cappuccino-0.5.1/debian/rules --- cappuccino-0.5.1/debian/rules +++ cappuccino-0.5.1/debian/rules @@ -44,6 +44,10 @@ polygen -seed 0 $(CURDIR)/debian/cappuccino/usr/share/cappuccino/cappuccino.grm > /dev/null polygen -seed 0 $(CURDIR)/debian/cappuccino/usr/share/cappuccino/compileline.grm > /dev/null + # As it is considered a game, put a link at /usr/games + mkdir $(CURDIR)/debian/cappuccino/usr/games + ln -s /usr/bin/cappuccino $(CURDIR)/debian/cappuccino/usr/games/cappuccino + # Build architecture-independent files here. binary-indep: build install dh_testdir --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#882827: marked as done (stretch-pu: package python-mimeparse/0.1.4-3.1~deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #882827, regarding stretch-pu: package python-mimeparse/0.1.4-3.1~deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882827: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882827 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Let's fix the python3 dependencies. #867439 $ debdiff python3-mimeparse_0.1.4-3_all.deb python3-mimeparse_0.1.4-3.1~deb9u1_all.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) {+Depends: python3:any (>= 3.3.2-2~)+} Installed-Size: [-24-] {+25+} Version: [-0.1.4-3-] {+0.1.4-3.1~deb9u1+} Andreas diff -Nru python-mimeparse-0.1.4/debian/changelog python-mimeparse-0.1.4/debian/changelog --- python-mimeparse-0.1.4/debian/changelog 2016-12-26 20:13:35.0 +0100 +++ python-mimeparse-0.1.4/debian/changelog 2017-11-27 03:55:15.0 +0100 @@ -1,3 +1,17 @@ +python-mimeparse (0.1.4-3.1~deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Rebuild for stretch. + + -- Andreas BeckmannMon, 27 Nov 2017 03:55:15 +0100 + +python-mimeparse (0.1.4-3.1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix the python3-mimeparse dependencies. (Closes: #867439) + + -- Adrian Bunk Tue, 17 Oct 2017 09:49:45 +0300 + python-mimeparse (0.1.4-3) unstable; urgency=medium [ Mathias Ertl ] diff -Nru python-mimeparse-0.1.4/debian/control python-mimeparse-0.1.4/debian/control --- python-mimeparse-0.1.4/debian/control 2016-12-26 20:13:35.0 +0100 +++ python-mimeparse-0.1.4/debian/control 2017-10-17 08:49:28.0 +0200 @@ -25,7 +25,7 @@ Package: python3-mimeparse Architecture: all -Depends: ${misc:Depends}, ${python:Depends} +Depends: ${misc:Depends}, ${python3:Depends} Description: Parse mime-types and quality parameters - python 3.x This module provides basic functions for parsing mime-type names and matching them against a list of media-ranges. --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#882826: marked as done (stretch-pu: package python-hacking/0.11.0-2.1~deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #882826, regarding stretch-pu: package python-hacking/0.11.0-2.1~deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882826: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882826 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Let's fix the python3 dependencies. #867431 $ debdiff python3-hacking_0.11.0-2_all.deb python3-hacking_0.11.0-2.1~deb9u1_all.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Depends: [-pyflakes,-] {+pyflakes3,+} python3-flake8 (>= 3.0.0), python3-pbr (>= 1.8), python3-pep8 (>= 1.5.7), python3-six (>= [-1.9.0)-] {+1.9.0), flake8, python3-mccabe, python3-pycodestyle, python3-pyflakes, python3:any (>= 3.3.2-2~)+} Version: [-0.11.0-2-] {+0.11.0-2.1~deb9u1+} Andreas diff -Nru python-hacking-0.11.0/debian/changelog python-hacking-0.11.0/debian/changelog --- python-hacking-0.11.0/debian/changelog 2016-10-04 13:21:49.0 +0200 +++ python-hacking-0.11.0/debian/changelog 2017-11-27 03:27:47.0 +0100 @@ -1,3 +1,17 @@ +python-hacking (0.11.0-2.1~deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Rebuild for stretch. + + -- Andreas BeckmannMon, 27 Nov 2017 03:27:47 +0100 + +python-hacking (0.11.0-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix the python3-hacking dependencies. (Closes: #867431) + + -- Adrian Bunk Tue, 17 Oct 2017 09:38:55 +0300 + python-hacking (0.11.0-2) unstable; urgency=medium [ Ondřej Nový ] diff -Nru python-hacking-0.11.0/debian/control python-hacking-0.11.0/debian/control --- python-hacking-0.11.0/debian/control2016-10-04 13:21:49.0 +0200 +++ python-hacking-0.11.0/debian/control2017-10-17 08:38:53.0 +0200 @@ -55,13 +55,13 @@ Package: python3-hacking Architecture: all -Depends: pyflakes, +Depends: pyflakes3, python3-flake8 (>= 3.0.0), python3-pbr (>= 1.8), python3-pep8 (>= 1.5.7), python3-six (>= 1.9.0), ${misc:Depends}, - ${python:Depends}, + ${python3:Depends}, Recommends: ${python3:Recommends}, Description: Flake8 OpenStack Hacking Guidelines Enforcement plugins - Python 3.x Hacking is a set of flake8 plugins that test and enforce the OpenStack Style --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#884451: marked as done (stretch-pu: package libvhdi/20160424-1+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #884451, regarding stretch-pu: package libvhdi/20160424-1+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 884451: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884451 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Dear release team, please consider allowing an update to the libvhi package in stretch. It fixes missing Python3 dependencies (RC bug #867409). Cheers, -Hilko diff -Nru libvhdi-20160424/debian/changelog libvhdi-20160424/debian/changelog --- libvhdi-20160424/debian/changelog 2016-04-25 19:25:17.0 +0200 +++ libvhdi-20160424/debian/changelog 2017-12-12 10:31:06.0 +0100 @@ -1,3 +1,10 @@ +libvhdi (20160424-1+deb9u1) stretch; urgency=medium + + * Add mising Python3 dependency, thanks to Adrian Bunk, Scott Kitterman +(Closes: #867409, #867610) + + -- Hilko BengenTue, 12 Dec 2017 10:31:06 +0100 + libvhdi (20160424-1) unstable; urgency=medium * New upstream version diff -Nru libvhdi-20160424/debian/control libvhdi-20160424/debian/control --- libvhdi-20160424/debian/control 2016-04-25 19:25:17.0 +0200 +++ libvhdi-20160424/debian/control 2017-12-12 10:30:52.0 +0100 @@ -68,7 +68,7 @@ Package: python3-libvhdi Section: python Architecture: any -Depends: libvhdi1 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}, ${python:Depends} +Depends: libvhdi1 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}, ${python3:Depends} Description: Virtual Hard Disk image format access library -- Python 3 bindings libvhdi is a library to access the Virtual Hard Disk (VHD) image format. . --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#883963: marked as done (stretch-pu: package xchain/1.0.1-9~deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #883963, regarding stretch-pu: package xchain/1.0.1-9~deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 883963: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883963 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Let's fix the dependency problem of xchain in stretch, too. #878090 It calls /usr/bin/wish, therefore it needs to depend on wish and not tk8.5 (which no longer provides the generic wish binary, that's tk8.6 realm now). The Standards-Version and Priority bump are metadata only changes. Andreas diff -Nru xchain-1.0.1/debian/changelog xchain-1.0.1/debian/changelog --- xchain-1.0.1/debian/changelog 2017-01-15 23:25:46.0 +0100 +++ xchain-1.0.1/debian/changelog 2017-12-09 21:02:31.0 +0100 @@ -1,3 +1,25 @@ +xchain (1.0.1-9~deb9u1) stretch; urgency=medium + + * QA upload. + * Rebuild for stretch. + + -- Andreas BeckmannSat, 09 Dec 2017 21:02:31 +0100 + +xchain (1.0.1-9) unstable; urgency=medium + + * QA upload. + * Revert path change, depend on "wish" only. Re-closes: #878090 + + -- Adam Borowski Thu, 12 Oct 2017 20:12:24 +0200 + +xchain (1.0.1-8) unstable; urgency=medium + + * QA upload. + * Update path to wish (it's /usr/bin/wish8.5 now). Closes: #878090 + * Priority optional. + + -- Adam Borowski Thu, 12 Oct 2017 09:14:07 +0200 + xchain (1.0.1-7) unstable; urgency=medium * QA upload. diff -Nru xchain-1.0.1/debian/control xchain-1.0.1/debian/control --- xchain-1.0.1/debian/control 2017-01-15 23:25:46.0 +0100 +++ xchain-1.0.1/debian/control 2017-10-12 20:12:19.0 +0200 @@ -1,15 +1,15 @@ Source: xchain Section: games -Priority: extra +Priority: optional Maintainer: Debian QA Group -Standards-Version: 3.9.8 +Standards-Version: 4.1.1 Build-Depends: debhelper (>= 10) Vcs-Browser: https://anonscm.debian.org/git/collab-maint/xchain.git Vcs-Git: https://anonscm.debian.org/git/collab-maint/xchain.git Package: xchain Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends}, tk8.5 | wish +Depends: ${shlibs:Depends}, ${misc:Depends}, wish Description: strategy game for 2-4 players Chain Reaction is a classic strategy game for 2-4 players. Players take turns to place tokens on an 8x8 board. When a square exceeds its maximum value, it --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#883124: marked as done (stretch-pu: package golang-github-go-ldap-ldap/2.4.1-1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #883124, regarding stretch-pu: package golang-github-go-ldap-ldap/2.4.1-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 883124: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883124 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Dear stable release managers, I've prepared a fix for CVE-2017-14623, Debian BTS #876404. The security team does not intend to publish a DSA for this minor issue, so I'm asking here if you would accept an upload for stable-proposed-updates. The source debdiff is attached. Please tell me if I should upload the package or if you need further changes. Regards, Tobias diff -Nru golang-github-go-ldap-ldap-2.4.1/debian/changelog golang-github-go-ldap-ldap-2.4.1/debian/changelog --- golang-github-go-ldap-ldap-2.4.1/debian/changelog 2016-08-16 18:19:35.0 +0200 +++ golang-github-go-ldap-ldap-2.4.1/debian/changelog 2017-11-29 23:45:26.0 +0100 @@ -1,3 +1,17 @@ +golang-github-go-ldap-ldap (2.4.1-1+deb9u1) stretch; urgency=medium + + * Team upload. + * Require explicit intention for empty password. +This is normally used for unauthenticated bind, and +https://tools.ietf.org/html/rfc4513#section-5.1.2 recommends: +"Clients SHOULD disallow an empty password input to a Name/Password +Authentication user interface" +This is (mostly) a cherry-pick of 95ede12 from upstream, except +the bit in ldap_test.go, which is unrelated to the security issue. +This fixes CVE-2017-14623. (Closes: #876404) + + -- Dr. Tobias QuathamerWed, 29 Nov 2017 23:45:26 +0100 + golang-github-go-ldap-ldap (2.4.1-1) unstable; urgency=medium * New upstream version. diff -Nru golang-github-go-ldap-ldap-2.4.1/debian/patches/0002-Require-explicit-intention-for-empty-password.patch golang-github-go-ldap-ldap-2.4.1/debian/patches/0002-Require-explicit-intention-for-empty-password.patch --- golang-github-go-ldap-ldap-2.4.1/debian/patches/0002-Require-explicit-intention-for-empty-password.patch 1970-01-01 01:00:00.0 +0100 +++ golang-github-go-ldap-ldap-2.4.1/debian/patches/0002-Require-explicit-intention-for-empty-password.patch 2017-11-29 23:02:18.0 +0100 @@ -0,0 +1,170 @@ +From: "Dr. Tobias Quathamer" +Date: Wed, 29 Nov 2017 14:34:16 +0100 +Subject: Require explicit intention for empty password. + +This is normally used for unauthenticated bind, and +https://tools.ietf.org/html/rfc4513#section-5.1.2 recommends: + +> Clients SHOULD disallow an empty password input to a Name/Password +> Authentication user interface + +This is (mostly) a cherry-pick of 95ede12 from upstream. I've removed +the bit in ldap_test.go, which is unrelated to the security issue. + +This fixes CVE-2017-14623. + +https://github.com/go-ldap/ldap/commit/95ede1266b237bf8e9aa5dce0b3250e51bfefe66 +--- + bind.go | 80 + error.go | 9 +++ + ldap_test.go | 64 +++- + 3 files changed, 77 insertions(+), 76 deletions(-) + +diff --git a/bind.go b/bind.go +index 26b3cc7..432efa7 100644 +--- a/bind.go b/bind.go +@@ -7,7 +7,7 @@ package ldap + import ( + "errors" + +- "gopkg.in/asn1-ber.v1" ++ ber "gopkg.in/asn1-ber.v1" + ) + + // SimpleBindRequest represents a username/password bind operation +@@ -18,6 +18,9 @@ type SimpleBindRequest struct { + Password string + // Controls are optional controls to send with the bind request + Controls []Control ++ // AllowEmptyPassword sets whether the client allows binding with an empty password ++ // (normally used for unauthenticated bind). ++ AllowEmptyPassword bool + } + + // SimpleBindResult contains the response from the server +@@ -28,9 +31,10 @@ type SimpleBindResult struct { + // NewSimpleBindRequest returns a bind request + func NewSimpleBindRequest(username string, password string, controls []Control) *SimpleBindRequest { + return { +- Username: username, +- Password: password, +- Controls: controls, ++ Username: username, ++ Password: password, ++ Controls: controls, ++ AllowEmptyPassword: false, + } + } + +@@ -47,6 +51,10 @@ func (bindRequest *SimpleBindRequest) encode() *ber.Packet { + + // SimpleBind
Bug#883483: marked as done (stretch-pu: package flatpak/0.8.8-0+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #883483, regarding stretch-pu: package flatpak/0.8.8-0+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 883483: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883483 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu The upstream maintainer of Flatpak has made a 0.8.8 release, which collects the patches we apply to 0.8.7 in stretch, together with some more fixes backported from the 0.10.x branch. I would like to update stretch to this release. Because we already apply a bunch of patches, the attached diff was made by unpacking the 0.8.7 and 0.8.8 packages, comparing the two patched trees, and ignoring the actual patches (together with Autotools noise, documentation noise and translation updates): dpkg-source -x flatpak_0.8.7-2~deb9u1.dsc dpkg-source -x flatpak_0.8.8-0+deb9u1.dsc diff -Nru flatpak-0.8.7 flatpak-0.8.8 | \ filterdiff -p1 --exclude=.pc/\* --exclude=debian/patches/0.8.8/\* \ --exclude=po/\*.po --exclude=po/\*.pot --exclude=py-compile \ --exclude=INSTALL --exclude=gtk-doc.make --exclude=Makefile.in \ --exclude=doc/reference/Makefile.in --exclude=doc/reference/html/\*.html \ --exclude configure | \ pee diffstat sponge > flatpak_0.8.8-0+deb9u1.diff Full source debdiff without those filters available here: https://people.debian.org/~smcv/flatpak_0.8.8-0+deb9u1_full.diff.gz Annotated changelog below. As usual, please let me know if there is anything that I should query or get reverted. Debian is the main consumer of the 0.8.x branch, so if it isn't useful to us, it isn't useful. Thanks, smcv > Add compatibility with ostree ≥ 2017.7 (in Debian, the same > changes were already in 0.8.7-2) > > d/p/0.8.8/: Drop patches that added compatibility with > ostree ≥ 2017.7, no longer necessary (debian/patches/series is the only sign of this in the diff) No practical effect. > Security: Do not allow legacy eavesdropping on the D-Bus > session bus (Closes: #880451) (dbus-proxy/flatpak-proxy.c lines >= 1358) Sandboxed applications with filtered/proxied access to the D-Bus session bus could have used this to spy on other applications. Florian Weimer has indicated that the security team do not consider this DSA-worthy. > Ensure that LD_LIBRARY_PATH is in the correct order, respecting > extensions' priorities > Ensure that extensions are mounted in the correct order even if > they have differing priorities, fixing Steam (common/flatpak-run.c, lines < 2500) Extensions are a way to provide extra "plugins" for an app or runtime. One of the things they can do is to prepend library directories (for example the proprietary NVIDIA graphics driver or a newer version of Mesa) to LD_LIBRARY_PATH, with a concept of priority to determine which extension "wins". In some cases they were applied in the wrong order, causing an unintended library to be used. > Remove PYTHONPATH, PERLLIB, PERL5LIB, XCURSOR_PATH from the > environment given to sandboxed apps (common/flatpak-run.c @@ -2894,6 +2936,13 @@) Host-side search paths are rarely right for the sandboxed app, because they contain entries that have a different meaning inside the sandbox. Flatpak now scrubs a few more of these from the environment. > Give each app a persistent cache directory for fontconfig (common/flatpak-run.c lines >= 3000) Apps with different runtimes or options might see different fonts, so they would do the wrong thing if they shared a cache. We need to write each app's font cache to a different place. > Make /usr/share/icons available in the sandbox so that sandboxed > apps can use the host's icon theme (common/flatpak-run.c lines >= 3000) If the user has chosen a non-standard theme that isn't present in the container runtime, we want their chosen icon style to show up. > Disable debug-level FUSE logging for the document portal (document-portal/xdp-fuse.c) This was presumably left over from debugging some issue. It shouldn't have been enabled in production unless specifically requested. > Make the * wildcard at the end of a D-Bus filtering rule match > zero or more components, so --talk="com.example.Foo.*" behaves > the same as D-Bus' arg0namespace="com.example.Foo". Previously, > it would only match exactly one component. This matches a proposed > design for
Bug#883952: marked as done (stretch-pu: package activity-log-manager/0.8.0-1.2~deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #883952, regarding stretch-pu: package activity-log-manager/0.8.0-1.2~deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 883952: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883952 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Let's fix the missing dependency on python-zeitgeist, #881438, by rebuilding the corresponding fixed package from sid. Andreas diff -Nru activity-log-manager-0.8.0/debian/changelog activity-log-manager-0.8.0/debian/changelog --- activity-log-manager-0.8.0/debian/changelog 2015-08-18 17:28:36.0 +0200 +++ activity-log-manager-0.8.0/debian/changelog 2017-12-09 20:04:56.0 +0100 @@ -1,3 +1,17 @@ +activity-log-manager (0.8.0-1.2~deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Rebuild for stretch. + + -- Andreas BeckmannSat, 09 Dec 2017 20:04:56 +0100 + +activity-log-manager (0.8.0-1.2) unstable; urgency=medium + + * Non-maintainer upload. + * Add dependency against python-zeitgeist (Closes: #881438) + + -- Laurent Bigonville Sun, 12 Nov 2017 18:05:38 +0100 + activity-log-manager (0.8.0-1.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru activity-log-manager-0.8.0/debian/control activity-log-manager-0.8.0/debian/control --- activity-log-manager-0.8.0/debian/control 2015-08-18 17:30:06.0 +0200 +++ activity-log-manager-0.8.0/debian/control 2017-11-12 18:04:24.0 +0100 @@ -17,7 +17,8 @@ python, zeitgeist-core (>= 0.7~) | zeitgeist (>= 0.7~), python-gtk2, - python-cairo + python-cairo, + python-zeitgeist Description: blacklist configuration user interface for Zeitgeist Zeitgeist is a service which logs the user's activities and events (files opened, websites visited, conversations held with other people, etc.) and --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#883066: marked as done (stretch-pu: package waagent/2.2.18-3~deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #883066, regarding stretch-pu: package waagent/2.2.18-3~deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 883066: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883066 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Dear release team, The Azure agent provides the provisioning part of the Microsoft Azure platform. It is necessary to tell the platform about the state of the systems. Therefor it is part of the "hardware" support for the Azure platform. This updates includes both upstream fixes for sudoer handling, Azure Stack handling and some Debian fixes for state directory permissions. The diff still lacks the changelog entry for the above mentioned version, as no further changes are scheduled and this will be a straight rebuild for Stretch. Please accept the updated waagent package into Stretch. diff --git a/debian/.git-dpm b/debian/.git-dpm index 38f3e41..c773850 100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm @@ -1,8 +1,8 @@ # see git-dpm(1) from git-dpm package -687c1cdd6c70d793d393d80a0406d508259d3b54 -687c1cdd6c70d793d393d80a0406d508259d3b54 -eb1e5132bbec8389a1f4df5fb78022e189c69d41 -eb1e5132bbec8389a1f4df5fb78022e189c69d41 -waagent_2.2.14.orig.tar.xz -b9147e9fd388e3491dea41e09aac98dc9316e5d4 -627124 +d59c00022f4c7d2987a832992c710dd2087e1fec +d59c00022f4c7d2987a832992c710dd2087e1fec +ae7855acb37a6964ac53e78f46103d5684983d33 +ae7855acb37a6964ac53e78f46103d5684983d33 +waagent_2.2.18.orig.tar.xz +e11edff700ee8c6a0d019ce41f92f356da7ada86 +690928 diff --git a/debian/changelog b/debian/changelog index b8169c3..56bfecc 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,21 @@ -waagent (2.2.14-1~deb9u1) stretch; urgency=medium +waagent (2.2.18-3) unstable; urgency=medium - * Upload to stretch. + * Move udev rules to /lib/udev. (closes: #856065) + * Set priority to optional. - -- Bastian BlankWed, 27 Sep 2017 09:34:43 +0200 + -- Bastian Blank Mon, 27 Nov 2017 09:07:13 +0100 + +waagent (2.2.18-2) unstable; urgency=medium + + * Create /var/lib/waagent with mode 0700. (closes: #878951) + + -- Bastian Blank Tue, 21 Nov 2017 09:28:39 +0100 + +waagent (2.2.18-1) unstable; urgency=medium + + * New upstream version. + + -- Bastian Blank Wed, 04 Oct 2017 11:51:29 +0200 waagent (2.2.14-1) unstable; urgency=medium diff --git a/debian/control b/debian/control index 8e74178..1ca8ae2 100644 --- a/debian/control +++ b/debian/control @@ -1,6 +1,6 @@ Source: waagent Section: admin -Priority: extra +Priority: optional Maintainer: Bastian Blank Build-Depends: debhelper (>= 9), diff --git a/debian/patches/agent-command-provision.patch b/debian/patches/agent-command-provision.patch index 66d5d8c..cdd77bc 100644 --- a/debian/patches/agent-command-provision.patch +++ b/debian/patches/agent-command-provision.patch @@ -1,4 +1,4 @@ -From 454a3e0b07b420c0f6015fb41028f572456c20ff Mon Sep 17 00:00:00 2001 +From ab767bf1620144df2372dd957c59b01f3ac8e30c Mon Sep 17 00:00:00 2001 From: Bastian Blank Date: Wed, 4 Jan 2017 18:05:59 +0100 Subject: Add provision command to agent @@ -9,10 +9,10 @@ Patch-Name: agent-command-provision.patch 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/azurelinuxagent/agent.py b/azurelinuxagent/agent.py -index d1ac354..454cc86 100644 +index e99f7be..6144401 100644 --- a/azurelinuxagent/agent.py +++ b/azurelinuxagent/agent.py -@@ -172,6 +172,8 @@ def parse_args(sys_args): +@@ -191,6 +191,8 @@ def parse_args(sys_args): cmd = "deprovision+user" elif re.match("^([-/]*)deprovision", a): cmd = "deprovision" @@ -21,7 +21,7 @@ index d1ac354..454cc86 100644 elif re.match("^([-/]*)daemon", a): cmd = "daemon" elif re.match("^([-/]*)start", a): -@@ -212,7 +214,7 @@ def usage(): +@@ -233,7 +235,7 @@ def usage(): print("") print((("usage: {0} [-verbose] [-force] [-help] " "-configuration-path:" diff --git a/debian/patches/agent-command-resourcedisk.patch b/debian/patches/agent-command-resourcedisk.patch index 879ced4..3f791e5 100644 ---
Bug#882815: marked as done (stretch-pu: package exam/0.10.5-1+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #882815, regarding stretch-pu: package exam/0.10.5-1+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882815: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882815 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Fixing up the python dependencies. The debdiff is a bit noisy due to the renaming of the patches ... but therefore it's just a rebuild of the package from sid. $ debdiff python3-exam_0.10.5-1_all.deb python3-exam_0.10.5-2~deb9u1_all.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Depends: [-python-mock-] {+python3-mock, python3:any (>= 3.3.2-2~)+} Version: [-0.10.5-1-] {+0.10.5-2~deb9u1+} $ debdiff python-exam_0.10.5-1_all.deb python-exam_0.10.5-2~deb9u1_all.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Version: [-0.10.5-1-] {+0.10.5-2~deb9u1+} Andreas diff -Nru exam-0.10.5/debian/changelog exam-0.10.5/debian/changelog --- exam-0.10.5/debian/changelog2016-06-14 19:54:12.0 +0200 +++ exam-0.10.5/debian/changelog2017-11-27 01:27:32.0 +0100 @@ -1,3 +1,23 @@ +exam (0.10.5-2~deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Rebuild for stretch + + -- Andreas BeckmannMon, 27 Nov 2017 01:27:32 +0100 + +exam (0.10.5-2) unstable; urgency=medium + + * Team upload. + * Create DPMT git repository and refresh patches using gbp pq + * Correct Vcs-* fields in debian/control to point to the correct package +name + * Use correct substitution varial for python3-exam so python3 interpreter +depends are correctly generated (Closes: #867404) + * Let dh_python determine the mock depends (corrects issue where python- +exam incorrectly depended on python-mock instead of python3-mock) + + -- Scott Kitterman Fri, 07 Jul 2017 23:47:09 -0400 + exam (0.10.5-1) unstable; urgency=low * Initial release. (Closes: #825822) diff -Nru exam-0.10.5/debian/control exam-0.10.5/debian/control --- exam-0.10.5/debian/control 2016-06-14 19:54:12.0 +0200 +++ exam-0.10.5/debian/control 2017-07-08 05:47:06.0 +0200 @@ -21,12 +21,12 @@ X-Python-Version: >= 2.6 X-Python3-Version: >= 3.2 Homepage: https://github.com/fluxx/exam -Vcs-Git: https://anonscm.debian.org/git/python-modules/packages/python-exam.git -Vcs-Browser: https://anonscm.debian.org/cgit/python-modules/packages/python-exam.git +Vcs-Git: https://anonscm.debian.org/git/python-modules/packages/exam.git +Vcs-Browser: https://anonscm.debian.org/cgit/python-modules/packages/exam.git Package: python-exam Architecture: all -Depends: ${misc:Depends}, ${python:Depends}, python-mock +Depends: ${misc:Depends}, ${python:Depends} Description: Python module to help write better tests Exam is a Python toolkit for writing better tests. It aims to remove a lot of the boiler plate testing code one often writes, while still @@ -59,7 +59,7 @@ Package: python3-exam Architecture: all -Depends: ${misc:Depends}, ${python:Depends}, python-mock +Depends: ${misc:Depends}, ${python3:Depends} Description: Python module to help write better tests Exam is a Python toolkit for writing better tests. It aims to remove a lot of the boiler plate testing code one often writes, while still diff -Nru exam-0.10.5/debian/gbp.conf exam-0.10.5/debian/gbp.conf --- exam-0.10.5/debian/gbp.conf 1970-01-01 01:00:00.0 +0100 +++ exam-0.10.5/debian/gbp.conf 2017-07-08 05:40:25.0 +0200 @@ -0,0 +1,3 @@ +[DEFAULT] +debian-branch=debian/master + diff -Nru exam-0.10.5/debian/patches/0001-Upstream-7c3f150a38076b48717cf08567c3e4809bf22a3d.patch exam-0.10.5/debian/patches/0001-Upstream-7c3f150a38076b48717cf08567c3e4809bf22a3d.patch --- exam-0.10.5/debian/patches/0001-Upstream-7c3f150a38076b48717cf08567c3e4809bf22a3d.patch 1970-01-01 01:00:00.0 +0100 +++ exam-0.10.5/debian/patches/0001-Upstream-7c3f150a38076b48717cf08567c3e4809bf22a3d.patch 2017-07-08 05:39:14.0 +0200 @@ -0,0 +1,23 @@ +From: Debian Python Modules Team +Date: Fri, 7 Jul 2017
Bug#882822: marked as done (stretch-pu: package python-hkdf/0.0.3-3~deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #882822, regarding stretch-pu: package python-hkdf/0.0.3-3~deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882822: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882822 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Let's fix the python3 dependencies. #867433 (And by just rebuilding the package from sid, we get some metadata updates as well.) $ debdiff python3-hkdf_0.0.3-1_all.deb python3-hkdf_0.0.3-3~deb9u1_all.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) {+Depends: python3:any (>= 3.3.2-2~)+} {+http://tools.ietf.org/html/draft-krawczyk-hkdf-01+} Maintainer: [-Clint Adams-] {+Debian QA Group +} Version: [-0.0.3-1-] {+0.0.3-3~deb9u1+} Andreas diff -Nru python-hkdf-0.0.3/debian/changelog python-hkdf-0.0.3/debian/changelog --- python-hkdf-0.0.3/debian/changelog 2016-06-04 23:06:45.0 +0200 +++ python-hkdf-0.0.3/debian/changelog 2017-11-27 02:15:39.0 +0100 @@ -1,3 +1,24 @@ +python-hkdf (0.0.3-3~deb9u1) stretch; urgency=medium + + * QA upload. + * Rebuild for stretch. + + -- Andreas Beckmann Mon, 27 Nov 2017 02:15:39 +0100 + +python-hkdf (0.0.3-3) unstable; urgency=medium + + * QA upload. + * Fix the python3-hkdf dependencies. (Closes: #867433) + + -- Adrian Bunk Thu, 06 Jul 2017 19:16:59 +0300 + +python-hkdf (0.0.3-2) unstable; urgency=medium + + * Add missing URL to package descriptions. closes: #864149. + * Set maintainer to Debian QA Group. + + -- Clint Adams Sun, 04 Jun 2017 10:59:31 -0400 + python-hkdf (0.0.3-1) unstable; urgency=low * Initial release. diff -Nru python-hkdf-0.0.3/debian/control python-hkdf-0.0.3/debian/control --- python-hkdf-0.0.3/debian/control2016-06-04 23:21:51.0 +0200 +++ python-hkdf-0.0.3/debian/control2017-07-06 18:16:52.0 +0200 @@ -1,5 +1,5 @@ Source: python-hkdf -Maintainer: Clint Adams +Maintainer: Debian QA Group Section: python Priority: optional Build-Depends: debhelper (>= 9), @@ -18,6 +18,7 @@ Depends: ${misc:Depends}, ${python:Depends} Description: HMAC-based Extract-and-Expand Key Derivation Function (HKDF) This module implements the HMAC Key Derivation function, defined at + http://tools.ietf.org/html/draft-krawczyk-hkdf-01 . There are two interfaces: a functional interface, with separate extract and expand functions as defined in the draft RFC, and a @@ -25,9 +26,10 @@ Package: python3-hkdf Architecture: all -Depends: ${misc:Depends}, ${python:Depends} +Depends: ${misc:Depends}, ${python3:Depends} Description: HMAC-based Extract-and-Expand Key Derivation Function (HKDF) This module implements the HMAC Key Derivation function, defined at + http://tools.ietf.org/html/draft-krawczyk-hkdf-01 . There are two interfaces: a functional interface, with separate extract and expand functions as defined in the draft RFC, and a --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#882813: marked as done (stretch-pu: package python-pyperclip/1.5.27-3~deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #882813, regarding stretch-pu: package python-pyperclip/1.5.27-3~deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882813: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882813 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu python3-pyperclip misses a proper python3 dependency. $ debdiff python3-pyperclip_1.5.27-2_all.deb python3-pyperclip_1.5.27-3~deb9u1_all.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Depends: {+python3:any (>= 3.4~),+} xclip | xsel | python3-pyqt4 Version: [-1.5.27-2-] {+1.5.27-3~deb9u1+} Andreas diff -Nru python-pyperclip-1.5.27/debian/changelog python-pyperclip-1.5.27/debian/changelog --- python-pyperclip-1.5.27/debian/changelog2016-07-01 17:47:10.0 +0200 +++ python-pyperclip-1.5.27/debian/changelog2017-11-27 00:41:48.0 +0100 @@ -1,3 +1,16 @@ +python-pyperclip (1.5.27-3~deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Rebuild for stretch. + + -- Andreas BeckmannMon, 27 Nov 2017 00:41:48 +0100 + +python-pyperclip (1.5.27-3) unstable; urgency=medium + + * Fix typo in Depends for python3 package (Closes: #867450) + + -- Sebastien Delafond Fri, 07 Jul 2017 10:38:02 +0200 + python-pyperclip (1.5.27-2) unstable; urgency=medium * Relax dependencies on python QT libraries (Closes: #816821) diff -Nru python-pyperclip-1.5.27/debian/control python-pyperclip-1.5.27/debian/control --- python-pyperclip-1.5.27/debian/control 2016-07-01 17:47:10.0 +0200 +++ python-pyperclip-1.5.27/debian/control 2017-07-07 10:38:02.0 +0200 @@ -20,7 +20,7 @@ Package: python3-pyperclip Architecture: all -Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends}, xclip | xsel | python3-pyqt4 +Depends: ${shlibs:Depends}, ${misc:Depends}, ${python3:Depends}, xclip | xsel | python3-pyqt4 Description: Cross-platform clipboard module for Python3 This module is a cross-platform Python3 module for copy and paste clipboard functions. Currently only handles plaintext. --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#882819: marked as done (stretch-pu: package python-spake2/0.7-3~deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #882819, regarding stretch-pu: package python-spake2/0.7-3~deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882819: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882819 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Let's fix the python3 dependencies. #867457 $ debdiff python3-spake2_0.7-2_all.deb python3-spake2_0.7-3~deb9u1_all.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) {+Depends: python3-hkdf, python3:any (>= 3.3.2-2~)+} Maintainer: [-Clint Adams-] {+Debian QA Group +} Version: [-0.7-2-] {+0.7-3~deb9u1+} Andreas diff -Nru python-spake2-0.7/debian/changelog python-spake2-0.7/debian/changelog --- python-spake2-0.7/debian/changelog 2016-06-08 19:05:58.0 +0200 +++ python-spake2-0.7/debian/changelog 2017-11-27 01:45:57.0 +0100 @@ -1,3 +1,18 @@ +python-spake2 (0.7-3~deb9u1) stretch; urgency=medium + + * QA upload. + * Rebuild for stretch. + + -- Andreas Beckmann Mon, 27 Nov 2017 01:45:57 +0100 + +python-spake2 (0.7-3) unstable; urgency=high + + * QA upload. + * Set maintainer to Debian QA Group. (see #833947) + * Fix the python3-spake2 dependencies. (Closes: #867457) + + -- Adrian Bunk Thu, 06 Jul 2017 20:32:40 +0300 + python-spake2 (0.7-2) unstable; urgency=medium * Add src/spake2/six.py to debian/copyright. diff -Nru python-spake2-0.7/debian/control python-spake2-0.7/debian/control --- python-spake2-0.7/debian/control2016-06-05 01:34:25.0 +0200 +++ python-spake2-0.7/debian/control2017-07-06 19:32:40.0 +0200 @@ -1,5 +1,5 @@ Source: python-spake2 -Maintainer: Clint Adams +Maintainer: Debian QA Group Section: python Priority: optional Build-Depends: debhelper (>= 9), @@ -40,7 +40,7 @@ Package: python3-spake2 Architecture: all -Depends: ${misc:Depends}, ${python:Depends} +Depends: ${misc:Depends}, ${python3:Depends} Description: SPAKE2 password-authenticated key exchange (pure python) This library implements the SPAKE2 password-authenticated key exchange ("PAKE") algorithm. This allows two parties, who share a --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#882773: marked as done (stretch-pu: package auto-apt-proxy/2+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #882773, regarding stretch-pu: package auto-apt-proxy/2+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882773: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882773 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu This fixes a RC bug that has been reported recently, and was just fixed in unstable. Diff attached -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) diff --git a/debian/changelog b/debian/changelog index 805de64..49a56cd 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +auto-apt-proxy (2+deb9u1) stretch; urgency=medium + + * Move apt configuration away on removal (Closes: #881751) + + -- Antonio TerceiroSun, 26 Nov 2017 14:14:31 -0200 + auto-apt-proxy (2) unstable; urgency=medium * specify `--shell dash` to shellcheck (Closes: #834976) diff --git a/debian/postrm b/debian/postrm new file mode 100644 index 000..e39b370 --- /dev/null +++ b/debian/postrm @@ -0,0 +1,25 @@ +#! /bin/sh + +set -e +aptconf=/etc/apt/apt.conf.d/auto-apt-proxy.conf + +case "$1" in +purge) +rm -f "$aptconf".disabled +;; + +remove|abort-install) +if [ -f "$aptconf" ]; then +mv "$aptconf" "$aptconf".disabled +fi +;; + +upgrade|failed-upgrade|abort-upgrade|disappear) +;; + +*) +echo "postrm called with unknown argument \`$1'" >&2 +exit 1 +esac + +##DEBHELPER## diff --git a/debian/tests/control b/debian/tests/control index 79b3cde..8f25fd8 100644 --- a/debian/tests/control +++ b/debian/tests/control @@ -1,2 +1,6 @@ Test-Command: clitest debian/tests/apt-cacher-ng.txt Depends: @, clitest, apt-cacher-ng + +Tests: remove +Restrictions: needs-root +Depends: @, clitest diff --git a/debian/tests/remove b/debian/tests/remove new file mode 100755 index 000..b40d4e9 --- /dev/null +++ b/debian/tests/remove @@ -0,0 +1,10 @@ +#!/bin/sh + +set -e +exec 2>&1 + +action="$(basename "$0")" + +set -x +apt-get "$action" -qy auto-apt-proxy +apt-get update signature.asc Description: PGP signature --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#882697: marked as done (stretch-pu: package apparmor/2.11.0-3+deb9u2)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #882697, regarding stretch-pu: package apparmor/2.11.0-3+deb9u2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882697: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882697 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi! this update avoids breakage for Stretch users who have enabled AppArmor and run Linux 4.14+ (e.g. from backports once it's there), by pinning the AppArmor feature set in the kernel to the Stretch kernel's feature set, i.e. the feature set the AppArmor policy shipped in Stretch supports (it's not ready to deal with new AppArmor mediation features brought in recent kernels). We already have exactly the same thing in current testing/sid, albeit with Linux 4.13's feature set for now. Cheers! diff -Nru apparmor-2.11.0/debian/apparmor.install apparmor-2.11.0/debian/apparmor.install --- apparmor-2.11.0/debian/apparmor.install 2017-03-28 12:23:08.0 +0200 +++ apparmor-2.11.0/debian/apparmor.install 2017-11-25 19:01:04.0 +0100 @@ -1,4 +1,5 @@ debian/apport/source_apparmor.py /usr/share/apport/package-hooks/ +debian/features /etc/apparmor/ debian/lib/apparmor/functions /lib/apparmor/ debian/lib/apparmor/profile-load /lib/apparmor/ etc/apparmor/parser.conf diff -Nru apparmor-2.11.0/debian/changelog apparmor-2.11.0/debian/changelog --- apparmor-2.11.0/debian/changelog2017-03-28 12:29:15.0 +0200 +++ apparmor-2.11.0/debian/changelog2017-11-25 19:04:05.0 +0100 @@ -1,3 +1,14 @@ +apparmor (2.11.0-3+deb9u1) stretch; urgency=medium + + * Pin the AppArmor feature set to Stretch's kernel (Closes: #879585). +This ensures Stretch systems, even when running a newer kernel (e.g. +from backports), have their AppArmor feature set pinned to the one +supported by the AppArmor policy shipped in Stretch. Otherwise they +would experience breakage due to new AppArmor mediation features +introduced in recent kernels. + + -- intrigeriSat, 25 Nov 2017 18:04:05 + + apparmor (2.11.0-3) unstable; urgency=medium * Fix CVE-2017-6507: don't unload unknown profiles during package diff -Nru apparmor-2.11.0/debian/features apparmor-2.11.0/debian/features --- apparmor-2.11.0/debian/features 1970-01-01 01:00:00.0 +0100 +++ apparmor-2.11.0/debian/features 2017-11-25 18:55:55.0 +0100 @@ -0,0 +1,23 @@ +caps {mask {chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_module sys_rawio sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap mac_override mac_admin syslog wake_alarm block_suspend audit_read +} +} +rlimit {mask {cpu fsize data stack core rss nproc nofile memlock as locks sigpending msgqueue nice rtprio rttime +} +} +capability {0xff +} +file {mask {create read write exec append mmap_exec link lock +} +} +domain {change_profile {yes +} +change_onexec {yes +} +change_hatv {yes +} +change_hat {yes +} +} +policy {set_load {yes +} +} diff -Nru apparmor-2.11.0/debian/patches/pin-feature-set.patch apparmor-2.11.0/debian/patches/pin-feature-set.patch --- apparmor-2.11.0/debian/patches/pin-feature-set.patch1970-01-01 01:00:00.0 +0100 +++ apparmor-2.11.0/debian/patches/pin-feature-set.patch2017-11-25 18:59:40.0 +0100 @@ -0,0 +1,18 @@ +Description: pin the AppArmor feature set to the one shipped by the apparmor package + . + Let's smooth UX on kernel upgrades and allow ourselves to update the AppArmor + policy in a relaxed manner. +Bug-Debian: https://bugs.debian.org/879585 +Forwarded: not-needed +Author: intrigeri + +--- a/parser/parser.conf b/parser/parser.conf +@@ -59,3 +59,7 @@ + ## Adjust compression + #Optimize=compress-small + #Optimize=compress-fast ++ ++## Pin feature set (avoid regressions when policy is lagging behind ++## the kernel) ++features-file=/etc/apparmor/features diff -Nru apparmor-2.11.0/debian/patches/series apparmor-2.11.0/debian/patches/series --- apparmor-2.11.0/debian/patches/series 2017-03-28 12:24:44.0 +0200 +++
Bug#882821: marked as done (stretch-pu: package cerealizer/0.8.1-1+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #882821, regarding stretch-pu: package cerealizer/0.8.1-1+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882821: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882821 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Let's fix the python3 dependencies. #867396 There is a bit patch noise due to the maintainer switch from svn to git, but therefore it's just a rebuild of the package from sid. $ debdiff python3-cerealizer_0.8.1-1_all.deb python3-cerealizer_0.8.1-2~deb9u1_all.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) {+Depends: python3:any (>= 3.3.2-2~)+} Installed-Size: [-72-] {+45+} Version: [-0.8.1-1-] {+0.8.1-2~deb9u1+} Andreas diff -Nru cerealizer-0.8.1/debian/.git-dpm cerealizer-0.8.1/debian/.git-dpm --- cerealizer-0.8.1/debian/.git-dpm1970-01-01 01:00:00.0 +0100 +++ cerealizer-0.8.1/debian/.git-dpm2017-07-06 19:59:17.0 +0200 @@ -0,0 +1,11 @@ +# see git-dpm(1) from git-dpm package +2c500bf453a9238eeae70464c073e0a7c0e0dfd7 +2c500bf453a9238eeae70464c073e0a7c0e0dfd7 +c5ae87a78bb4accb78e16e01b1d9157dc1554c8f +c5ae87a78bb4accb78e16e01b1d9157dc1554c8f +cerealizer_0.8.1.orig.tar.bz2 +a261b97169799c90be322e5d86bb44eaac652aaf +12520 +debianTag="debian/%e%v" +patchedTag="patched/%e%v" +upstreamTag="upstream/%e%u" diff -Nru cerealizer-0.8.1/debian/changelog cerealizer-0.8.1/debian/changelog --- cerealizer-0.8.1/debian/changelog 2013-08-15 14:51:29.0 +0200 +++ cerealizer-0.8.1/debian/changelog 2017-11-27 02:02:05.0 +0100 @@ -1,3 +1,20 @@ +cerealizer (0.8.1-2~deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Rebuild for stretch. + + -- Andreas BeckmannMon, 27 Nov 2017 02:02:05 +0100 + +cerealizer (0.8.1-2) unstable; urgency=medium + + [ Ondřej Nový ] + * Fixed VCS URL (https) + + [ Vincent Bernat ] + * Fix python3-cerealizer Depends field. Closes: #867396. + + -- Vincent Bernat Thu, 06 Jul 2017 19:59:17 +0200 + cerealizer (0.8.1-1) unstable; urgency=low [ Jakub Wilk ] diff -Nru cerealizer-0.8.1/debian/control cerealizer-0.8.1/debian/control --- cerealizer-0.8.1/debian/control 2013-08-15 14:48:38.0 +0200 +++ cerealizer-0.8.1/debian/control 2017-07-06 19:59:17.0 +0200 @@ -6,8 +6,8 @@ Build-Depends: debhelper (>= 7.0.50~), dh-python, python-all, python3-all Standards-Version: 3.9.4 Homepage: http://home.gna.org/oomadness/en/cerealizer/ -Vcs-Svn: svn://anonscm.debian.org/python-modules/packages/cerealizer/trunk/ -Vcs-Browser: http://anonscm.debian.org/viewvc/python-modules/packages/cerealizer/trunk/ +Vcs-Git: https://anonscm.debian.org/git/python-modules/packages/cerealizer.git +Vcs-Browser: https://anonscm.debian.org/cgit/python-modules/packages/cerealizer.git Package: python-cerealizer Architecture: all @@ -23,7 +23,7 @@ Package: python3-cerealizer Architecture: all -Depends: ${python:Depends}, ${misc:Depends} +Depends: ${python3:Depends}, ${misc:Depends} Description: secure pickle-like module for Python 3 It support basic types (int, string, unicode, tuple, list, dict, set,...), old and new-style classes (you need to diff -Nru cerealizer-0.8.1/debian/patches/no_bytecompilation.patch cerealizer-0.8.1/debian/patches/no_bytecompilation.patch --- cerealizer-0.8.1/debian/patches/no_bytecompilation.patch2011-05-12 21:04:09.0 +0200 +++ cerealizer-0.8.1/debian/patches/no_bytecompilation.patch2017-07-06 19:59:17.0 +0200 @@ -1,6 +1,18 @@ +From 7b0f643e5e9aaef77c9485a892b93848e8777a7d Mon Sep 17 00:00:00 2001 +From: SVN-Git Migration +Date: Thu, 8 Oct 2015 08:37:35 -0700 +Subject: no_bytecompilation + Don't do bytecompilation. This will be done by python-support. editobj-0.5.7.orig/setup.cfg 2006-04-27 15:27:46.666091448 +0200 -+++ editobj-0.5.7/setup.cfg2006-04-27 15:27:55.391764944 +0200 +Patch-Name: no_bytecompilation.patch +--- + setup.cfg | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/setup.cfg b/setup.cfg +index beaa04f..aa96fbe 100644 +--- a/setup.cfg b/setup.cfg @@ -1,6 +1,6 @@
Bug#877593: marked as done (stretch-pu: package ocfs2-tools/1.8.4-4+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #877593, regarding stretch-pu: package ocfs2-tools/1.8.4-4+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 877593: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877593 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi, Attached diff fixes an upgrade issue reported in #876195: ocfs2 services are not started on boot after upgrade because the service links are were not automatically migrated from /etc/rcS.d to /etc/rc2.d. Please approve upload to stretch-pu. Thanks, Valentin diff --git a/debian/changelog b/debian/changelog index 9e4381ce..04afd0ab 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +ocfs2-tools (1.8.4-4+deb9u1) stretch; urgency=medium + + * Migrate from using rcS to standard runlevels (Closes: #876195) + + -- Valentin VidicMon, 02 Oct 2017 22:28:27 +0200 + ocfs2-tools (1.8.4-4) unstable; urgency=medium * Add fix for sysfs filename (Closes: #858623) diff --git a/debian/ocfs2-tools.postinst b/debian/ocfs2-tools.postinst index 4c151b69..e9a2027a 100644 --- a/debian/ocfs2-tools.postinst +++ b/debian/ocfs2-tools.postinst @@ -48,4 +48,10 @@ EOF fi +# Migrate from using rcS to standard runlevels +if [ "$1" = "configure" ] && dpkg --compare-versions "$2" lt-nl "1.8.4-4+deb9u1"; then +[ -L /etc/rcS.d/S??ocfs2 ] && update-rc.d -f ocfs2 remove >/dev/null +[ -L /etc/rcS.d/S??o2cb ] && update-rc.d -f o2cb remove >/dev/null +fi + #DEBHELPER# --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#882434: marked as done (stretch-pu: package ust/2.9.0-2+deb9u1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #882434, regarding stretch-pu: package ust/2.9.0-2+deb9u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882434: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882434 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi, The attached diff fixes a bug that makes the python3-lttngust package completely broken unless the corresponding liblttng-ust-dev is also installed. The original python code load the library using ctypes without specifying a soname. This fix was reported and merged upstream. Fixed in unstable: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882366 Regards, Michael -- System Information: Debian Release: 9.1 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 4.9.0-4-686-pae (SMP w/2 CPU cores) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=en_CA:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) diff -Nru ust-2.9.0/debian/changelog ust-2.9.0/debian/changelog --- ust-2.9.0/debian/changelog 2017-03-08 12:04:25.0 -0500 +++ ust-2.9.0/debian/changelog 2017-11-22 14:45:44.0 -0500 @@ -1,3 +1,10 @@ +ust (2.9.0-2+deb9u1) stable; urgency=medium + + * [5ffa17d] Set gbp branch config + * [8e770e4] Fix python3-lttngust load un-versioned library (Closes: #882366) + + -- Michael JeansonWed, 22 Nov 2017 14:45:44 -0500 + ust (2.9.0-2) unstable; urgency=medium * [b8d4e77] Add missing liblttng-ust-fd.so.* (Closes: #857166) diff -Nru ust-2.9.0/debian/gbp.conf ust-2.9.0/debian/gbp.conf --- ust-2.9.0/debian/gbp.conf 1969-12-31 19:00:00.0 -0500 +++ ust-2.9.0/debian/gbp.conf 2017-11-22 14:44:31.0 -0500 @@ -0,0 +1,3 @@ +[DEFAULT] +upstream-branch=upstream/2.9.0 +debian-branch=debian/stretch diff -Nru ust-2.9.0/debian/patches/fix-specify-soname-in-python-lttngust-loadlibrary.patch ust-2.9.0/debian/patches/fix-specify-soname-in-python-lttngust-loadlibrary.patch --- ust-2.9.0/debian/patches/fix-specify-soname-in-python-lttngust-loadlibrary.patch 1969-12-31 19:00:00.0 -0500 +++ ust-2.9.0/debian/patches/fix-specify-soname-in-python-lttngust-loadlibrary.patch 2017-11-22 14:45:15.0 -0500 @@ -0,0 +1,30 @@ +From 00ee1adfe1e34d43494227781f6662b0a21b7c4b Mon Sep 17 00:00:00 2001 +From: Michael Jeanson +Date: Tue, 21 Nov 2017 11:11:15 -0500 +Subject: [PATCH] Fix: specify SONAME in python-lttngust LoadLibrary + +When loading the python agent library with ctypes in the python +bindings, specify the SONAME. This will make sure we load the proper +library in the event of a SONAME bump and the bindings will work without +having to install the "dev" package which in most distros contains the +non-versionned ".so". + +Signed-off-by: Michael Jeanson +Signed-off-by: Mathieu Desnoyers +--- + python-lttngust/lttngust/loghandler.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/python-lttngust/lttngust/loghandler.py b/python-lttngust/lttngust/loghandler.py +index e82cf5c5..6f144cac 100644 +--- a/python-lttngust/lttngust/loghandler.py b/python-lttngust/lttngust/loghandler.py +@@ -22,7 +22,7 @@ + + + class _Handler(logging.Handler): +-_LIB_NAME = 'liblttng-ust-python-agent.so' ++_LIB_NAME = 'liblttng-ust-python-agent.so.0' + + def __init__(self): + super(self.__class__, self).__init__(level=logging.NOTSET) diff -Nru ust-2.9.0/debian/patches/series ust-2.9.0/debian/patches/series --- ust-2.9.0/debian/patches/series 2016-11-29 18:21:51.0 -0500 +++ ust-2.9.0/debian/patches/series 2017-11-22 14:45:15.0 -0500 @@ -1,3 +1,4 @@ fix-incompatible-java-bytecode-format.patch use-python3.patch javah-doesnt-generate-class-files.patch +fix-specify-soname-in-python-lttngust-loadlibrary.patch --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#877934: marked as done (stretch-pu: package cron/3.0pl1-128.1)
Your message dated Sat, 10 Mar 2018 10:57:46 + with message-id <1520679466.2744.57.ca...@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.4 has caused the Debian Bug report #877934, regarding stretch-pu: package cron/3.0pl1-128.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 877934: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877934 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi, The version of cron currently in stretch is not properly transitioning the system jobs to the correct SELinux context (See: #857662). This is breaking cron for the people using SELinux on debian. The root cause of this is a change in the SELinux policy. The attached patch (that has been pushed to unstable) is fixing this and is also avoiding hardcoding identifiers and detect them at runtime instead. This is a more complete patch than the one proposed on the original bugreport. All the changes are only affecting the code path when SELinux is enabled. Regards, Laurent Bigonville -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.13.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8), LANGUAGE=fr_BE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) diff -u cron-3.0pl1/debian/changelog cron-3.0pl1/debian/changelog --- cron-3.0pl1/debian/changelog +++ cron-3.0pl1/debian/changelog @@ -1,3 +1,11 @@ +cron (3.0pl1-128+deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Properly transition system jobs to system_cronjob_t SELinux context and +stop relying on refpolicy specific identifiers (Closes: #857662) + + -- Laurent BigonvilleSat, 07 Oct 2017 15:38:27 +0200 + cron (3.0pl1-128) unstable; urgency=medium * d/cron.service: Use KillMode=process to kill only the daemon. diff -u cron-3.0pl1/user.c cron-3.0pl1/user.c --- cron-3.0pl1/user.c +++ cron-3.0pl1/user.c @@ -47,22 +47,31 @@ char *level = NULL; int i; +if(getcon(_con)) { +log_it(name, getpid(), "Can't get current context", tabname); +return -1; +} + if (name != NULL) { if (getseuserbyname(name, , )) { log_it(name, getpid(), "getseuserbyname FAILED", tabname); +freecon(current_con); return (security_getenforce() > 0); } } else { -seuser = strdup("system_u"); +context_t temp_con = context_new(current_con); +if (temp_con == NULL) { +log_it(name, getpid(), "context_new FAILED", tabname); +freecon(current_con); +return (security_getenforce() > 0); +} +seuser = strdup(context_user_get(temp_con)); +context_free(temp_con); } *rcontext = NULL; -if(getcon(_con)) { -log_it(name, getpid(), "Can't get current context", tabname); -return -1; -} list_count = get_ordered_context_list_with_level(seuser, level, current_con, _list); freecon(current_con); free(seuser); @@ -215,7 +224,7 @@ if (is_selinux_enabled() > 0) { char *sname=uname; if (pw==NULL) { -sname="system_u"; +sname=NULL; } if (get_security_context(sname, crontab_fd, >scontext, tabname) != 0 ) { --- End Message --- --- Begin Message --- Version: 9.4 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam--- End Message ---
Bug#892505: transition: openexr
On 09/03/18 21:43, Matteo F. Vescovi wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > X-Debbugs-CC: pkg-phototools-de...@lists.alioth.debian.org, ma...@debian.org > > Dear Release Team, > > I'm filing this bug for a new transition of openexr package. > > On March 8, 2018 a fixed testing-purpose package (2.2.1-2) has been > uploaded to experimental. > > So, following the auto-openexr checklist[1], here is the list of source > packages depending on openexr and the results of the test builds > (honoring the dependency levels as reported in the checklist, as > relevant for the correct order): > > ### Dependency level 2 ### > * aqsis_1.8.2-8 => OK > * darktable_2.4.0-1 => OK > * exactimage_1.0.1-1 => OK > * freeimage_3.17.0+ds1-5 => OK > * gegl_0.3.28-2 => OK > * imagemagick_8:6.9.9.34+dfsg-3 => OK > * kde-runtime_4:17.08.3-1 => OK > * kimageformats_5.42.0-2 => OK > * kio-extras_4:17.08.3-2 => OK > * krita_1:3.3.3+dfsg-1 => OK > * libvigraimpex_1.10.0+git20160211.167be93+dfsg-5 => OK > * luminance-hdr_2.5.1+dfsg-3 => OK > * mia_2.4.6-2 => OK > * nvidia-texture-tools_2.0.8-1+dfsg-8.1 => OK > * opencv_3.2.0+dfsg-4 => OK > * openexr-viewers_1.0.1-6 => OK > * openvdb_5.0.0-1 => OK > * povray_1:3.7.0.4-2 => OK > > ### Dependency level 3 ### > * gmic_1.7.9+zart-4 => FTBFS (not openexr related) > * gst-plugins-bad1.0_1.8.3-1 => FTBFS (not openexr related) unstable has gst-plugins-bad1.0 1.12.4-2. Did you really check with 1.8.3-1? Can you also check the other packages that failed to build (gmic and vips)? Cheers, Emilio > * hugin_2018.0.0+dfsg-1 => OK > * k3d_0.8.0.6-6 => OK > * openimageio_1.8.9~dfsg0-1 => OK > * pfstools_2.1.0-3 => OK > * synfig_1.0.2-1 => OK > * vips_8.4.5-1 => FTBFS (not openexr related) > > ### Dependency level 4 ### > blender_2.79+dfsg0-3 => OK > > Thanks for your time and patience. > > mfv
Processed: Re: Bug#888909: stretch-pu: package nvidia-graphics-drivers/384.111-4~deb9u1
Processing control commands: > reopen -1 Bug #888909 [release.debian.org] stretch-pu: package nvidia-graphics-drivers/384.111-4~deb9u1 Bug 888909 is not marked as done; doing nothing. -- 888909: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888909 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#888909: stretch-pu: package nvidia-graphics-drivers/384.111-4~deb9u1
Control: reopen -1 On Sat, 2018-03-03 at 21:27 +, Adam D. Barratt wrote: > On Sat, 2018-03-03 at 21:36 +0100, Andreas Beckmann wrote: > > On 2018-03-03 11:51, Adam D. Barratt wrote: > > > Uploaded and flagged for acceptance. Actually, it wasn't. I can only assume that I got confused while processing the pile of nvidia uploads. :-( > > Thanks. Please don't forget to decruft stretch during the point > > release > > to remove the old packages that have been renamed and are no longer > > built. > > > > ftp-master's point release script usually includes a decruft run near > the end, so that shouldn't be a problem. In fact, that's why I spotted the problem. The new packages mean it ended up in NEW and no-one noticed; apologies for the confusion / inconvenience. Regards, Adam
Bug#892024: marked as done (RM: dolibarr -- RoM; too much work to maintain it properly in Debian)
Your message dated Sat, 10 Mar 2018 08:53:55 + with message-idand subject line Bug#892024: Removed package(s) from stable has caused the Debian Bug report #892024, regarding RM: dolibarr -- RoM; too much work to maintain it properly in Debian to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 892024: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892024 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Removed from unstable and the maintainer suggested to also remove it from stable: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890598#20 Cheers, Moritz --- End Message --- --- Begin Message --- We believe that the bug you reported is now fixed; the following package(s) have been removed from stable: dolibarr | 4.0.2+dfsg4-2 | source, all --- Reason --- RoM; too much work to maintain it properly in Debian -- Note that the package(s) have simply been removed from the tag database and may (or may not) still be in the pool; this is not a bug. The package(s) will be physically removed automatically when no suite references them (and in the case of source, when no binary references it). Please also remember that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. Packages are usually not removed from testing by hand. Testing tracks unstable and will automatically remove packages which were removed from unstable when removing them from testing causes no dependency problems. The release team can force a removal from testing if it is really needed, please contact them if this should be the case. Bugs which have been reported against this package are not automatically removed from the Bug Tracking System. Please check all open bugs and close them or re-assign them to another package if the removed package was superseded by another one. The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 892...@bugs.debian.org. The full log for this bug can be viewed at https://bugs.debian.org/892024 This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Archive Administrator (the ftpmaster behind the curtain)--- End Message ---
Bug#891403: marked as done (RM: jirc -- RoQA; broken with stretch's libpoe-filter-xml-perl)
Your message dated Sat, 10 Mar 2018 08:53:15 + with message-idand subject line Bug#891403: Removed package(s) from stable has caused the Debian Bug report #891403, regarding RM: jirc -- RoQA; broken with stretch's libpoe-filter-xml-perl to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 891403: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891403 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: jessie stretch User: release.debian@packages.debian.org Usertags: rm I confirmed the information in #800450 that jirc works with the version of libpoe-filter-xml-perl in wheezy (sic). With the version of libpoe-filter-xml-perl in jessie and stretch it fails pretty early even on --help. --- End Message --- --- Begin Message --- We believe that the bug you reported is now fixed; the following package(s) have been removed from stable: jirc | 1.0-1 | source, all --- Reason --- RoQA; broken with version of libpoe-filter-xml-perl in stretch -- Note that the package(s) have simply been removed from the tag database and may (or may not) still be in the pool; this is not a bug. The package(s) will be physically removed automatically when no suite references them (and in the case of source, when no binary references it). Please also remember that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. Packages are usually not removed from testing by hand. Testing tracks unstable and will automatically remove packages which were removed from unstable when removing them from testing causes no dependency problems. The release team can force a removal from testing if it is really needed, please contact them if this should be the case. Bugs which have been reported against this package are not automatically removed from the Bug Tracking System. Please check all open bugs and close them or re-assign them to another package if the removed package was superseded by another one. The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 891...@bugs.debian.org. The full log for this bug can be viewed at https://bugs.debian.org/891403 This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Archive Administrator (the ftpmaster behind the curtain)--- End Message ---
Bug#891120: marked as done (RM: pgmodeler -- RoM; incompatible with stretch's Postgresql)
Your message dated Sat, 10 Mar 2018 08:52:27 + with message-idand subject line Bug#891120: Removed package(s) from stable has caused the Debian Bug report #891120, regarding RM: pgmodeler -- RoM; incompatible with stretch's Postgresql to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 891120: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891120 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm As by #891049 the pgmodeler version in stretch is incompatible with the PostgreSQL version in stretch. (It doesn't even connect, but outright refuses to talk to the server.) Please remove pgmodeler from stretch. Christoph signature.asc Description: PGP signature --- End Message --- --- Begin Message --- We believe that the bug you reported is now fixed; the following package(s) have been removed from stable: pgmodeler |0.8.2-1 | source pgmodeler | 0.8.2-1+b1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x pgmodeler-common |0.8.2-1 | all pgmodeler-dbg | 0.8.2-1+b1 | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x --- Reason --- RoM; incompatible with version of postgresql in stretch -- Note that the package(s) have simply been removed from the tag database and may (or may not) still be in the pool; this is not a bug. The package(s) will be physically removed automatically when no suite references them (and in the case of source, when no binary references it). Please also remember that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. Packages are usually not removed from testing by hand. Testing tracks unstable and will automatically remove packages which were removed from unstable when removing them from testing causes no dependency problems. The release team can force a removal from testing if it is really needed, please contact them if this should be the case. Bugs which have been reported against this package are not automatically removed from the Bug Tracking System. Please check all open bugs and close them or re-assign them to another package if the removed package was superseded by another one. The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 891...@bugs.debian.org. The full log for this bug can be viewed at https://bugs.debian.org/891120 This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Archive Administrator (the ftpmaster behind the curtain)--- End Message ---
Bug#886017: marked as done (RM: seelablet -- RoM; abandoned upstream; broken)
Your message dated Sat, 10 Mar 2018 08:47:20 + with message-idand subject line Bug#886017: Removed package(s) from stable has caused the Debian Bug report #886017, regarding RM: seelablet -- RoM; abandoned upstream; broken to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 886017: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886017 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm abandoned upstream, and other bugs (#885875, #885876, #885877) ---8< Here is an exerpt of a message related to #885875: I contacted Seelablet's author: he will not maintain this package in a foreseeable future. On reason is that the hardware addressed by the package seelablet is discontinued, and that he developped an new hardware, known as expeyes17, with similar features, and which already has received a noticeable success. As expeyes17 is supported by the debian package eyes17, which I maintain, I think that the bes solution would be to ask for the removal of seelablet from debian/sid and debian/buster. As there are less than a hundred users of Seelablet box in the world, its author says me that he can support these users with a custom package, while a package in debian/stretch would be less useful. So this package may be removed from debian/stretch too. ---8< Thank you in advance. -- System Information: Debian Release: buster/sid APT prefers stable APT policy: (500, 'stable'), (499, 'testing'), (400, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) --- End Message --- --- Begin Message --- We believe that the bug you reported is now fixed; the following package(s) have been removed from stable: python-seelablet |1.0.6-2 | all python3-seelablet |1.0.6-2 | all seelablet |1.0.6-2 | source, all seelablet-common |1.0.6-2 | all seelablet-doc |1.0.6-2 | all --- Reason --- RoM: abandoned upstream; broken -- Note that the package(s) have simply been removed from the tag database and may (or may not) still be in the pool; this is not a bug. The package(s) will be physically removed automatically when no suite references them (and in the case of source, when no binary references it). Please also remember that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. Packages are usually not removed from testing by hand. Testing tracks unstable and will automatically remove packages which were removed from unstable when removing them from testing causes no dependency problems. The release team can force a removal from testing if it is really needed, please contact them if this should be the case. Bugs which have been reported against this package are not automatically removed from the Bug Tracking System. Please check all open bugs and close them or re-assign them to another package if the removed package was superseded by another one. The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 886...@bugs.debian.org. The full log for this bug can be viewed at https://bugs.debian.org/886017 This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Archive Administrator (the ftpmaster behind the curtain)--- End Message ---
Bug#887412: marked as done (RM: electrum -- RoM; security issues; broken due to upstream changes)
Your message dated Sat, 10 Mar 2018 08:48:03 + with message-idand subject line Bug#887412: Removed package(s) from stable has caused the Debian Bug report #887412, regarding RM: electrum -- RoM; security issues; broken due to upstream changes to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 887412: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887412 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Unfortunately due to protocol changes Electrum 2.7.9 (the version in stretch) is unable to connect to the Electrum servers. Backporting the changes would require extensive/invasive changes to the code, and this version is also subject to a security vulnerability (#886683), so I think we should remove the package from stable, unless including a newer upstream wholesale would be acceptable. -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (101, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores) Locale: LANG=en_ZA.utf8, LC_CTYPE=en_ZA.utf8 (charmap=UTF-8), LANGUAGE=en_ZA.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled --- End Message --- --- Begin Message --- We believe that the bug you reported is now fixed; the following package(s) have been removed from stable: electrum |2.7.9-1 | source, all python-electrum |2.7.9-1 | all --- Reason --- RoM; security issues; broken due to upstream changes -- Note that the package(s) have simply been removed from the tag database and may (or may not) still be in the pool; this is not a bug. The package(s) will be physically removed automatically when no suite references them (and in the case of source, when no binary references it). Please also remember that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. Packages are usually not removed from testing by hand. Testing tracks unstable and will automatically remove packages which were removed from unstable when removing them from testing causes no dependency problems. The release team can force a removal from testing if it is really needed, please contact them if this should be the case. Bugs which have been reported against this package are not automatically removed from the Bug Tracking System. Please check all open bugs and close them or re-assign them to another package if the removed package was superseded by another one. The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 887...@bugs.debian.org. The full log for this bug can be viewed at https://bugs.debian.org/887412 This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Archive Administrator (the ftpmaster behind the curtain)--- End Message ---
Bug#873758: stretch-pu: package memcached/1.4.33-1
Hi Guillaume, On Thu, Mar 08, 2018 at 02:10:10PM +0100, Guillaume Delacour wrote: > Hi, > > I'm sorry i haven't find a sponsor to upload the security fix for > CVE-2017-9951 yet. There is another fix that need to be uploaded to > security: CVE-2018-1000115: I'm sorry to hear that was blocked on not finding a sponsor. If you get an ack from SRM for the updated change and you cannot do the upload via your regular sponsors please ping me directly. It's now to late for 9.4 but preferably we should have it updated for the next point release. Regards, Salvatore