Bug#1033942: nmu: ppl_1:1.2-8.1
Hi Paul, Вт 04 апр 2023 @ 21:42 Paul Gevers : > Control: tags -1 moreinfo > > Hi Lev, > > On 04-04-2023 15:05, Lev Lamberov wrote: >> Please, rebuild ppl against swi-prolog 9.0.4+dfsg-2 in unstable. The >> ppl package in unstable and testing was build against the older >> swi-prolog version, containing older library. For more information, >> please see this swi-prolog [bug]. >> >> [bug] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033636 > > It's a shame we discussed this in bug 1022253 [1]. Do you know what was > flawed in our assessment? > > [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022253#24 Yes, turns out I was wrong. Regards, Lev
Bug#1033873: marked as done (unblock: qbs/1.24.1+dfsg-2)
Your message dated Tue, 04 Apr 2023 22:02:55 + with message-id and subject line unblock qbs has caused the Debian Bug report #1033873, regarding unblock: qbs/1.24.1+dfsg-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033873: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033873 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: q...@packages.debian.org Control: affects -1 + src:qbs Dear Release team, [ Reason ] Please unblock qbs to fix a FTBFS bug present in the current version in testing (#1033430). Build failure is caused by qt6-base 6.4.2+dfsg-4 upload after which qmake and qdoc binaries are no longer in the same directory, which qbs assumed. I fixed this by using a proper way to find qdoc binary (Qt6::qdoc target) instead of relying on qmake. My fix was also accepted by upstream developers. Also, the new version in sid includes upstream patch release 1.24.1 but it contains just a couple of fixes: $ git diff v1.24.0 v1.24.1 --stat CMakeLists.txt | 4 +++- VERSION | 2 +- changelogs/changes-1.24.1.md | 9 + share/qbs/modules/cpp/iar.js | 2 ++ 4 files changed, 15 insertions(+), 2 deletions(-) Finally, I marked some symbols as optional to fix FTBFS when building with -O3 optimization level (as seen in Ubuntu ppc64el). [ Impact ] (What is the impact for the user if the unblock isn't granted?) qbs will be auto-removed on May 7th, and that will cause the removal of reverse dependencies: asyncfuture, dewalls, plotsauce, qmath3d. [ Tests ] (What automated or manual tests cover the affected code?) We run the upstream test suite during build. [ Risks ] (Discussion of the risks involved. E.g. code is trivial or complex, key package vs leaf package, alternatives available.) I don't see any risks. The new version is in unstable for almost a month and nobody complained. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] (Anything else the release team should know.) unblock qbs/1.24.1+dfsg-2 -- Dmitry Shachnev diff -Nru qbs-1.24.0+dfsg/changelogs/changes-1.24.1.md qbs-1.24.1+dfsg/changelogs/changes-1.24.1.md --- qbs-1.24.0+dfsg/changelogs/changes-1.24.1.md 1970-01-01 03:00:00.0 +0300 +++ qbs-1.24.1+dfsg/changelogs/changes-1.24.1.md 2023-02-22 16:42:11.0 +0300 @@ -0,0 +1,9 @@ +# C/C++ Support +Fix macros and include paths retrieval for IAR + +# Build System +Add fix for cmake >= 3.18 + +# Contributors +* Denis Shienkov +* Eike Ziller diff -Nru qbs-1.24.0+dfsg/CMakeLists.txt qbs-1.24.1+dfsg/CMakeLists.txt --- qbs-1.24.0+dfsg/CMakeLists.txt 2022-11-24 12:32:18.0 +0300 +++ qbs-1.24.1+dfsg/CMakeLists.txt 2023-02-22 16:42:11.0 +0300 @@ -45,7 +45,9 @@ if (Qt6_FOUND) find_package(Qt${QT_VERSION_MAJOR} COMPONENTS Core5Compat REQUIRED) if(NOT TARGET Qt6Core5Compat) -set_property(TARGET Qt6::Core5Compat PROPERTY IMPORTED_GLOBAL TRUE) # hack for CMake < 1.18 +if(CMAKE_VERSION VERSION_LESS 3.18) +set_property(TARGET Qt6::Core5Compat PROPERTY IMPORTED_GLOBAL TRUE) # hack for CMake < 3.18 +endif() add_library(Qt6Core5Compat ALIAS Qt6::Core5Compat) endif() else() diff -Nru qbs-1.24.0+dfsg/debian/changelog qbs-1.24.1+dfsg/debian/changelog --- qbs-1.24.0+dfsg/debian/changelog 2023-01-02 02:39:26.0 +0300 +++ qbs-1.24.1+dfsg/debian/changelog 2023-03-05 20:28:50.0 +0300 @@ -1,3 +1,18 @@ +qbs (1.24.1+dfsg-2) unstable; urgency=medium + + * Add a patch to find qdoc directly, to fix arch:all build. + * Prevent dh_compress from compressing qbs.qch. + + -- Dmitry Shachnev Sun, 05 Mar 2023 20:28:50 +0300 + +qbs (1.24.1+dfsg-1) unstable; urgency=medium + + * New upstream bugfix release. + * Mark some symbols that disappear with -O3 as optional. + * Bump Standards-Version to 4.6.2, no changes needed. + + -- Dmitry Shachnev Sat, 04 Mar 2023 21:02:25 +0300 + qbs (1.24.0+dfsg-4) unstable; urgency=medium [ Patrick Franz ] diff -Nru qbs-1.24.0+dfsg/debian/control qbs-1.24.1+dfsg/debian/control --- qbs-1.24.0+dfsg/debian/control 2023-01-01 16:06:51.0 +0300 +++ qbs-1.24.1+dfsg/debian/control 2023-03-05 20:28:50.0 +0300 @@ -17,7 +17,7 @@ qt6-base-private-dev, qt6-declarative-dev, qt6-tools-dev -Standards-Version: 4.6.1
Bug#1033953: unblock: gimp-help/2.10.34-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: gimp-h...@packages.debian.org Control: affects -1 + src:gimp-help This is a pre-upload request to unblock package gimp-help. [ Reason ] The GIMP manual has been stale for many years. The current version in the archive was released as a "test release" in 2020, but it was incomplete and didn't even cover all the new functionality in the GIMP 2.10 branch which was shipped in Debian buster. A few weeks ago, the GIMP maintainers finally released an updated version, which matches the current GIMP functionality and is translated to a number of extra languages. I'm asking for a pre-approval of this documentation-only source package. If approved, I would update this bug with the relevant parts of the diff, seek a final ack, and upload within the next week. I also plan to do an experimental upload first, in order to see the results. [ Impact ] Shipped documentation will be outdated. [ Tests ] There is no code involved, just a build system and documentation data. [ Risks ] The risk is low, as this is a documentation-only package, and its current state is pretty poor. [ Checklist ] [ ] all changes are documented in the d/changelog [ ] I reviewed all changes and I approve them [ ] attach debdiff against the package in testing [ Other info ] unblock gimp-help/2.10.34-1
Processed: unblock: gimp-help/2.10.34-1
Processing control commands: > affects -1 + src:gimp-help Bug #1033953 [release.debian.org] unblock: gimp-help/2.10.34-1 Added indication that 1033953 affects src:gimp-help -- 1033953: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033953 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033939: marked as done (unblock: python-tz/2022.7.1-3)
Your message dated Tue, 04 Apr 2023 21:52:35 + with message-id and subject line unblock python-tz has caused the Debian Bug report #1033939, regarding unblock: python-tz/2022.7.1-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033939: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033939 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: bdr...@debian.org Please unblock package python-tz [ Reason ] python-tz contains a hard-coded list of timezones. This causes problems on updates to tzdata. Last example: tzdata 2021a-1+deb11u9 added America/Ciudad_Juarez but due to the hard-coded list, this timezone is not selectable. Following code will fail with `UnknownTimeZoneError`: ``` #!/usr/bin/python3 import pytz pytz.timezone("America/Ciudad_Juarez") ``` See also https://github.com/stub42/pytz/issues/91 [ Impact ] Newly added timezones from tzdata will be availble to python3-tz. [ Tests ] I added autopkgtest cases to ensure that updates to tzdata do not introduce regressions. [ Risks ] Several Python projects use python3-tz. The autopkgtest should reduce the risk of regressions of dynamically determine the list of timezones. python3-tz can fail in case they system has problems or tzdata is not properly set-up. Python 3.9 ships the zoneinfo module which can be used as replacement. [ Checklist ] [x] all changes are documented in the d/changelog (except the formatting change by wrap-and-sort) [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock python-tz/2022.7.1-3 diff -Nru python-tz-2022.7.1/debian/changelog python-tz-2022.7.1/debian/changelog --- python-tz-2022.7.1/debian/changelog 2023-01-15 11:24:50.0 +0100 +++ python-tz-2022.7.1/debian/changelog 2023-03-27 17:17:53.0 +0200 @@ -1,3 +1,21 @@ +python-tz (2022.7.1-3) unstable; urgency=medium + + * Team upload. + * Fix testVersion to not complain about the now dynamic Olson version + + -- Benjamin Drung Mon, 27 Mar 2023 17:17:53 +0200 + +python-tz (2022.7.1-2) unstable; urgency=medium + + * Team upload. + * Dynamically determine list of available and common timezones (LP: #207604) + * Determine IANA (nee Olson) database version dynamically + * Add autopkgtests to run unittest and own regression tests + * Update homepage URL + * Bump Standards-Version to 4.6.2 + + -- Benjamin Drung Tue, 21 Mar 2023 11:21:11 +0100 + python-tz (2022.7.1-1) unstable; urgency=medium * New upstream release diff -Nru python-tz-2022.7.1/debian/control python-tz-2022.7.1/debian/control --- python-tz-2022.7.1/debian/control 2023-01-15 11:24:50.0 +0100 +++ python-tz-2022.7.1/debian/control 2023-03-27 17:12:30.0 +0200 @@ -6,19 +6,19 @@ Debian/Ubuntu Zope Team , Fabio Tranchitella Build-Depends: debhelper-compat (= 13), - dh-sequence-python3, + dh-sequence-python3, python3-all, - python3-setuptools, python3-pytest, - tzdata, -Standards-Version: 4.6.1 -Homepage: https://pypi.python.org/pypi/pytz/ + python3-setuptools, + tzdata +Standards-Version: 4.6.2 +Homepage: https://pythonhosted.org/pytz/ Vcs-Browser: https://salsa.debian.org/python-team/packages/python-tz Vcs-Git: https://salsa.debian.org/python-team/packages/python-tz.git -b debian/latest Package: python3-tz Architecture: all -Depends: tzdata, ${python3:Depends}, ${misc:Depends} +Depends: tzdata, ${misc:Depends}, ${python3:Depends} Description: Python3 version of the Olson timezone database python-tz brings the Olson tz database into Python. This library allows accurate and cross platform timezone calculations using Python 2.3 or higher. diff -Nru python-tz-2022.7.1/debian/patches/Determine-IANA-nee-Olson-database-version-dynamically.patch python-tz-2022.7.1/debian/patches/Determine-IANA-nee-Olson-database-version-dynamically.patch --- python-tz-2022.7.1/debian/patches/Determine-IANA-nee-Olson-database-version-dynamically.patch 1970-01-01 01:00:00.0 +0100 +++ python-tz-2022.7.1/debian/patches/Determine-IANA-nee-Olson-database-version-dynamically.patch 2023-03-27 17:14:42.0 +0200 @@ -0,0 +1,69 @@ +From: Benjamin Drung +Date: Mon, 27 Mar 2023 17:14:22 +0200 +Subject: Determine IANA (nee Olson) database version dynamically + +Forwarded: not-needed +Signed-off-by: Benjamin Drung
Bug#1033952: marked as done (unblock: osgi-core/8.0.0-2)
Your message dated Tue, 04 Apr 2023 21:38:38 + with message-id and subject line unblock osgi-core has caused the Debian Bug report #1033952, regarding unblock: osgi-core/8.0.0-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033952: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033952 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: osgi-c...@packages.debian.org Control: affects -1 + src:osgi-core Please unblock package osgi-core [ Reason ] The LoggerFactory and LogEntry interface definitions where added to osgi-core in version 8.0.0 duplication those in osgi-compendium. osgi-compendium carries a Debian patch to adopt the APIs to be backward compatible that was missing from osgi-core resulting in src:bnd FTBFS (#1026606). 8.0.0-2 copies this patch so both packages provide the same API. [ Impact ] src:bnd can not be build without this patch. [ Tests ] I did a test rebuild of src:bnd to make sure it compiles again: https://tests.reproducible-builds.org/debian/rb-pkg/bnd.html [ Risks ] Given that the patch is already in osgi-compendium since 2020 and it only provides default implementations for the added API methods I don't see a risk. Alternative solutions I looked into: - Adopting src:bnd to implement the new API. I tried this but the diff was rather large with no added value. Also I assume there are other packages depending on the old API. - removing LoggerFactory and LogEntry from osgi-core again which would result in a diff to the upstream source and probably other packages failing. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock osgi-core/8.0.0-2 diff --git a/debian/changelog b/debian/changelog index 0f8c8cf..ee0ef4a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +osgi-core (8.0.0-2) unstable; urgency=medium + + * Team upload. + * Preserve backward compatibility in logging interface. +Turned the new interface methods into default methods to preserve the +backward compatibility. Taken from osgi-compendium. (Closes: #1026606) + + -- Jochen Sprickerhof Mon, 03 Apr 2023 14:57:28 +0200 + osgi-core (8.0.0-1) unstable; urgency=medium * Team upload. diff --git a/debian/patches/01-backward-compatibility.patch b/debian/patches/01-backward-compatibility.patch new file mode 100644 index 000..a45e721 --- /dev/null +++ b/debian/patches/01-backward-compatibility.patch @@ -0,0 +1,95 @@ +Description: Preserves the source compatibility with older versions of the API +Author: Emmanuel Bourg +Forwarded: not-needed +--- a/org/osgi/service/log/LoggerFactory.java b/org/osgi/service/log/LoggerFactory.java +@@ -61,7 +61,7 @@ +* parameter is equal to {@link Logger#ROOT_LOGGER_NAME}, then the +* root logger is returned. +*/ +- Logger getLogger(String name); ++ default Logger getLogger(String name) { throw new UnsupportedOperationException(); } + + /** +* Return the {@link Logger} named with the specified class. +@@ -70,7 +70,7 @@ +*{@code null}. +* @return The {@link Logger} named with the name of the specified class. +*/ +- Logger getLogger(Class< ? > clazz); ++ default Logger getLogger(Class< ? > clazz) { throw new UnsupportedOperationException(); } + + /** +* Return the {@link Logger} of the specified type named with the specified +@@ -88,7 +88,7 @@ +* @throws IllegalArgumentException If the specified type is not a supported +* Logger type. +*/ +- L getLogger(String name, Class loggerType); ++ default L getLogger(String name, Class loggerType) { throw new UnsupportedOperationException(); } + + /** +* Return the {@link Logger} of the specified type named with the specified +@@ -104,7 +104,7 @@ +* @throws IllegalArgumentException If the specified type is not a supported +* Logger type. +*/ +- L getLogger(Class< ? > clazz, Class loggerType); ++ default L getLogger(Class< ? > clazz, Class loggerType) {throw new UnsupportedOperationException(); } + + /** +* Return the {@link Logger} of the specified type named with the specified +@@ -130,6 +130,6 @@ +* @throws IllegalArgumentException If the specified type is not a
Bug#1031587: marked as done (Handling of the request-tracker4 -> request-tracker5 transition in bookworm)
Your message dated Tue, 4 Apr 2023 23:39:36 +0200 with message-id and subject line Re: Bug#1031587: [request-tracker-maintainers] Bug#1031587: Handling of the request-tracker4 -> request-tracker5 transition in bookworm has caused the Debian Bug report #1031587, regarding Handling of the request-tracker4 -> request-tracker5 transition in bookworm to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1031587: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031587 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal X-Debbugs-Cc: Dominic Hargreaves , Debian Request Tracker Group Control: block 1030749 by -1 https://release.debian.org/testing/freeze_policy.html#soft ... Dropping or adding binary packages to a source package, moving binaries between source packages or renaming source or binary packages is no longer allowed. Packages with these changes will not be allowed to migrate to testing. These changes are also no longer appropriate in unstable. ... The problem is that opening of #1030749 is de facto a request-tracker4 -> request-tracker5 transition that happened 4 weeks after the deadline for transitions. There are two options for resolving this: 1. Treat #1030749 as a forbidden transition and ship both versions of request-tracker in bookworm, or 2. grant reverse dependencies an exception from the soft freeze rules for the request-tracker4 -> request-tracker5 transition. For option 2 I looked at the 9 reverse dependencies of request-tracker4 in the autoremoval list: RT extension installer that has to stop depending on both versions: - libmodule-install-rtx-perl No package remame required, has to upgrade to the upstream version that supports request-tracker5: - librt-extension-commandbymail-perl Ships packages for both versions and has to drop the request-tracker4 package: - rt-extension-assets-import-csv request-tracker4 -> request-tracker5 transition prepared in experimental: - rt-extension-customfieldsonupdate - rt-extension-calendar - rt-extension-jsgantt - rt-extension-nagios - rt-extension-smsnotify Update to latest upstream version and package rename required: - rt-extension-repeatticket --- End Message --- --- Begin Message --- On 2023-03-30 01:24:56 +0100, Dominic Hargreaves wrote: > On Mon, Mar 20, 2023 at 11:06:49PM +0100, Sebastian Ramacher wrote: > > Hi Dominic > > > > On 2023-02-27 15:50:05 +, Dominic Hargreaves wrote: > > > On Thu, Feb 23, 2023 at 04:54:33PM +0100, Paul Gevers wrote: > > > > Control: tags -1 moreinfo > > > > > > > > Hi, > > > > > > > > On 20-02-2023 13:09, Dominic Hargreaves wrote: > > > > > If the release team would be willing to grant an exception to the > > > > > policy > > > > > to get this done, we can get this wrapped up inside a week I expect. > > > > > > > > Can you please confirm that everything is ready to do this? I.e. there > > > > is no > > > > "this should work but we haven't tested it" cases. If yes, then please > > > > upload the packages that involve new binaries to experimental and when > > > > those > > > > are passed NEW, ping this bug. If no surprises pop up, we'll grant an > > > > exception, but we want everything fully ready before doing so. > > > > > > Thanks, yep. We had planned out this transition and I feel confident > > > the rest of it will work out (worst case we need to drop a barely > > > used extension package somewhere). > > > > > > Andrew and I are working on this at the moment and will ping this bug > > > when it's fully staged. > > > > What's the status of this transition? > > Hi Sebastian > > Sorry for the long delay. Myself and, I think, Andrew have been short on time. > > The transition is basically ready to go, but I've been rethinking the need > to drop request-tracker4, given it will all be quite tight. It turns out that > request-tracker4 is still supported upstream > (https://bestpractical.com/release-policy) > and there's no specific EoL set. When we first started the plan to > deprecate request-tracker4 in Debian, I think we were assuming otherwise. > The package is in good shape and I believe otherwise ready to be released. > > If Andrew is in agreement, I therefore think we should let request-tracker4 > be released with the next release. We can reconsider whether to drop it from > the release + 1 at a more leisurely pace. The work we've done to date will not > be wasted effort. > > I've tentatively downgraded #1030749 to signal this intent. Okay, that's fine. I'm closing the bug now. Andrew, if you disagree, please feel
Bug#1033194: marked as done (unblock: ruby-asciidoctor-include-ext/0.4.0-2)
Your message dated Tue, 4 Apr 2023 23:36:06 +0200 with message-id and subject line Re: Bug#1033194: unblock: ruby-asciidoctor-include-ext/0.4.0-2 has caused the Debian Bug report #1033194, regarding unblock: ruby-asciidoctor-include-ext/0.4.0-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033194: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033194 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: ruby-asciidoctor-include-...@packages.debian.org Control: affects -1 + src:ruby-asciidoctor-include-ext Please unblock package ruby-asciidoctor-include-ext [ Reason ] This fixes a security issue CVE-2022-24803/#1009035 though it also includes an upstream update. This was uploaded to experimental on 2022-06-26 but missed reuploading to unstable as gitlab was using the versions directly from experimental (it was uploaded to experimental to not break the previos gitlab version before it switched to 0.4 version). Noticed this today in the rc bug list. [ Impact ] Only reverse dependency is gitlab so it should not impact any other package in bookworm. [ Tests ] gitlab in experimental was using it already for quite some time (upstream gitlab tests are fine) [ Risks ] For bookworm it is a leaf package (only used by gitlab which is in unstable/experimental only) [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [ ] attach debdiff against the package in testing [ Other info ] Since it has some other upstream changes, I have not included the debdiff. unblock ruby-asciidoctor-include-ext/0.4.0-2 --- End Message --- --- Begin Message --- On 2023-03-19 17:48:16 +0530, Pirate Praveen wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > X-Debbugs-Cc: ruby-asciidoctor-include-...@packages.debian.org > Control: affects -1 + src:ruby-asciidoctor-include-ext > > Please unblock package ruby-asciidoctor-include-ext > > [ Reason ] > This fixes a security issue CVE-2022-24803/#1009035 though it also includes > an upstream update. > This was uploaded to experimental on 2022-06-26 but missed reuploading to > unstable as gitlab was > using the versions directly from experimental (it was uploaded to > experimental to not break the > previos gitlab version before it switched to 0.4 version). Noticed this > today in the rc bug list. > > [ Impact ] > Only reverse dependency is gitlab so it should not impact any other package > in bookworm. > > [ Tests ] > gitlab in experimental was using it already for quite some time (upstream > gitlab tests are fine) > > [ Risks ] > For bookworm it is a leaf package (only used by gitlab which is in > unstable/experimental only) > > [ Checklist ] > [x] all changes are documented in the d/changelog > [x] I reviewed all changes and I approve them > [ ] attach debdiff against the package in testing > > [ Other info ] > Since it has some other upstream changes, I have not included the debdiff. > > unblock ruby-asciidoctor-include-ext/0.4.0-2 not blocked: has successful autopkgtest So there is nothing for us to do. Cheers -- Sebastian Ramacher--- End Message ---
Bug#1033676: marked as done (unblock: xen/4.17.0+74-g3eac216e6e-1)
Your message dated Tue, 04 Apr 2023 21:35:26 + with message-id and subject line unblock xen has caused the Debian Bug report #1033676, regarding unblock: xen/4.17.0+74-g3eac216e6e-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033676: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033676 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: x...@packages.debian.org, m...@daemonizer.de, t...@security.debian.org Control: affects -1 + src:xen Please approve an upload of xen to unstable and later unblock package xen. See the "Other info" section below on why this is a pre-approval request. [ Reason ] Xen in bookworm (and unstable) is currently affected by CVE-2022-42331, CVE-2022-42332, CVE-2022-42333 and CVE-2022-42334 (see #1033297). [ Impact ] The above mentioned CVEs are not fixed. [ Tests ] The Debian package is based only on upstream commits that have passed the upstream automated tests. The Debian package has been successfully tested by the xen packaging team on their test machines. [ Risks ] There could be upstream changes unrelated to the above mentioned security fixes that cause regressions. However upstream has an automated testing machinery (osstest) that only allows a commit in the upstream stable branch if all test pass. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] This security fix is based on the latest upstream stable-4.17 branch. The branch in general only accepts bug fixes and does not allow new features, so the changes there are mainly security and other bug fixes. This does not exactly follow the "only targeted fixes" release policy, so we are asking for a pre-approval. The package we have prepared is exactly what we would have done as a security update in a stable release, what we have historically done together with the security team and are planning to continue to do. As upstream does extensive automated testing on their stable branches chances for unnoticed regressions are low. We believe this way the risk for bugs is lower than trying to manually pick and adjust patches without all the deep knowledge that upstream has. This approach is similar to what the linux package is doing. unblock xen/4.17.0+74-g3eac216e6e-1 Thanksdiff -Nru xen-4.17.0+46-gaaf74a532c/debian/changelog xen-4.17.0+74-g3eac216e6e/debian/changelog --- xen-4.17.0+46-gaaf74a532c/debian/changelog 2023-02-24 18:06:42.0 +0100 +++ xen-4.17.0+74-g3eac216e6e/debian/changelog 2023-03-23 22:22:48.0 +0100 @@ -1,3 +1,16 @@ +xen (4.17.0+74-g3eac216e6e-1) unstable; urgency=medium + + * Update to new upstream version 4.17.0+74-g3eac216e6e, which also contains +security fixes for the following issues: (Closes: #1033297) +- x86 shadow plus log-dirty mode use-after-free + XSA-427 CVE-2022-42332 +- x86/HVM pinned cache attributes mis-handling + XSA-428 CVE-2022-42333 CVE-2022-42334 +- x86: speculative vulnerability in 32bit SYSCALL path + XSA-429 CVE-2022-42331 + + -- Maximilian Engelhardt Thu, 23 Mar 2023 22:22:48 +0100 + xen (4.17.0+46-gaaf74a532c-1) unstable; urgency=medium * Update to new upstream version 4.17.0+46-gaaf74a532c, which also contains diff -Nru xen-4.17.0+46-gaaf74a532c/docs/misc/xen-command-line.pandoc xen-4.17.0+74-g3eac216e6e/docs/misc/xen-command-line.pandoc --- xen-4.17.0+46-gaaf74a532c/docs/misc/xen-command-line.pandoc 2023-02-22 15:14:33.0 +0100 +++ xen-4.17.0+74-g3eac216e6e/docs/misc/xen-command-line.pandoc 2023-03-21 13:47:52.0 +0100 @@ -287,10 +287,15 @@ protection. The option is available when `CONFIG_XEN_SHSTK` is compiled in, and -defaults to `true` on hardware supporting CET-SS. Specifying +generally defaults to `true` on hardware supporting CET-SS. Specifying `cet=no-shstk` will cause Xen not to use Shadow Stacks even when support is available in hardware. +Some hardware suffers from an issue known as Supervisor Shadow Stack +Fracturing. On such hardware, Xen will default to not using Shadow Stacks +when virtualised. Specifying `cet=shstk` will override this heuristic and +enable Shadow Stacks unilaterally. + * The `ibt=` boolean controls whether Xen uses Indirect Branch Tracking for its own protection. @@ -721,6 +726,11 @@ * `all`: just one runqueue shared by all the logical pCPUs
Bug#1033946: marked as done (unblock: unknown-horizons/2019.1-6)
Your message dated Tue, 04 Apr 2023 21:33:14 + with message-id and subject line unblock unknown-horizons has caused the Debian Bug report #1033946, regarding unblock: unknown-horizons/2019.1-6 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033946: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033946 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: unknown-horiz...@packages.debian.org Control: affects -1 + src:unknown-horizons Please unblock package unknown-horizons This updates fixes #1033833: the package font-unifont dropped shipping unifont.ttf last summer, and this breaks unknown-horizons/2019.1-5 as the symlink to the font is no longer valid and the game fails to load. The update fixes the symlink to the otf font, which works with the game as well. [ Impact ] Game would be broken. [ Risks ] This game is a leaf package. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock unknown-horizons/2019.1-6 diff -Nru unknown-horizons-2019.1/debian/changelog unknown-horizons-2019.1/debian/changelog --- unknown-horizons-2019.1/debian/changelog2022-08-28 13:16:18.0 +0200 +++ unknown-horizons-2019.1/debian/changelog2023-04-03 19:23:41.0 +0200 @@ -1,3 +1,11 @@ +unknown-horizons (2019.1-6) unstable; urgency=medium + + * Team upload. + * add d/clean: enable building twice from source tree, delete created files. + * Replace link to unifont.ttf with unifont.otf. (Closes: #1033833) + + -- Tobias Frost Mon, 03 Apr 2023 19:23:41 +0200 + unknown-horizons (2019.1-5) unstable; urgency=medium * Team upload. diff -Nru unknown-horizons-2019.1/debian/clean unknown-horizons-2019.1/debian/clean --- unknown-horizons-2019.1/debian/clean1970-01-01 01:00:00.0 +0100 +++ unknown-horizons-2019.1/debian/clean2023-04-03 19:08:30.0 +0200 @@ -0,0 +1,6 @@ +content/gfx/atlas/*png +.cache/ +content/actionsets.json +content/tilesets.json +UnknownHorizons.egg-info/ +content/atlas.sql diff -Nru unknown-horizons-2019.1/debian/links unknown-horizons-2019.1/debian/links --- unknown-horizons-2019.1/debian/links2022-08-27 15:26:54.0 +0200 +++ unknown-horizons-2019.1/debian/links2023-04-03 19:13:03.0 +0200 @@ -1 +1 @@ -/usr/share/fonts/truetype/unifont/unifont.ttf /usr/share/unknown-horizons/content/fonts/Unifont.ttf +/usr/share/fonts/opentype/unifont/unifont.otf /usr/share/unknown-horizons/content/fonts/Unifont.ttf --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#1033945: unblock: pdns-recursor/4.8.4-1 [pre-approval]
On 2023-04-04 15:33:01 +0200, Chris Hofstaedtler wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > X-Debbugs-Cc: Debian Security Team > > Please unblock package pdns-recursor > > [ Reason ] > > I would like to update pdns-recursor 4.8.2 to 4.8.4, to: > - fix CVE-2023-26437, sole change in 4.8.4 > - get the fixes for the resolving/validation logic from 4.8.3. > > While this is a new upstream release, there are no new features, and > only bugfixes. > > In previous Debian releases applying security fixes to pdns-recursor was > often problematic when the resolve/validation logic had to change. This > part of the code is long and complicated, only understood by DNS experts, > and also very relevant on the Internet and under flux of the living > Internet. > Security fixes have to change this code, and applying patches on top of > each other touching the same code parts often does not work without > importing all the changes. > We are certainly not in a better position to judge these code parts than > upstream is. > > [ Impact ] > Security bug is fixed; applying future security patches will be easier. > > [ Tests ] > Resolve/validation logic is tested by a build-time test suite. > I have manually tested it as well, but obviously I cannot reproduce the > security problem easily. > > [ Risks ] > Open security bug in bookworm. > Applying future security patches will be harder or impossible. > > [ Checklist ] > [x] all changes are documented in the d/changelog > [x] I reviewed all changes and I approve them > [x] attach debdiff against the package in testing > > [ Other info ] > Another fix upstream included in 4.8.3 involves log levels of common log > messages, to spam journal less with "error" severity. > > debdiff is produced using the following command to ignore generated > files and the publicsuffixlist, which our packages do not use by default > at runtime: > debdiff pdns-recursor_4.8.2-1.dsc pdns-recursor_4.8.4-1.dsc| filterdiff -x > '*/pubsuffix.cc' -x '*/effective_tld_names.dat' -x '*/*.1' -x '*/configure' > > This is a pre-approval request, I have not uploaded yet. Please go ahead Cheers > > > unblock pdns-recursor/4.8.4-1 > diff -Nru pdns-recursor-4.8.2/configure.ac pdns-recursor-4.8.4/configure.ac > --- pdns-recursor-4.8.2/configure.ac 2023-01-30 09:58:04.0 + > +++ pdns-recursor-4.8.4/configure.ac 2023-03-27 15:09:19.0 + > @@ -1,6 +1,6 @@ > AC_PREREQ([2.69]) > > -AC_INIT([pdns-recursor], [4.8.2]) > +AC_INIT([pdns-recursor], [4.8.4]) > AC_CONFIG_AUX_DIR([build-aux]) > AM_INIT_AUTOMAKE([foreign dist-bzip2 no-dist-gzip tar-ustar -Wno-portability > subdir-objects parallel-tests 1.11]) > AM_SILENT_RULES([yes]) > diff -Nru pdns-recursor-4.8.2/debian/changelog > pdns-recursor-4.8.4/debian/changelog > --- pdns-recursor-4.8.2/debian/changelog 2023-01-31 16:46:42.0 > + > +++ pdns-recursor-4.8.4/debian/changelog 2023-04-04 11:10:26.0 > + > @@ -1,3 +1,16 @@ > +pdns-recursor (4.8.4-1) unstable; urgency=medium > + > + * New upstream version 4.8.4 > +* Fixes CVE-2023-26437, see > + > https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2023-02.html > + (Closes: #1033941) > +* Fixes high CPU usage caused by serve-stale logic. > +* Fixes DNSSEC validation issues for some domains served by popular > + DNS software by F5. > +* Downgrades severity for a few log messages. > + > + -- Chris Hofstaedtler Tue, 04 Apr 2023 11:10:26 + > + > pdns-recursor (4.8.2-1) unstable; urgency=medium > >* New upstream version 4.8.2 > diff -Nru pdns-recursor-4.8.2/negcache.cc pdns-recursor-4.8.4/negcache.cc > --- pdns-recursor-4.8.2/negcache.cc 2023-01-30 09:57:23.0 + > +++ pdns-recursor-4.8.4/negcache.cc 2023-03-27 15:08:37.0 + > @@ -119,27 +119,32 @@ > >const auto& idx = content->d_map.get(); >auto range = idx.equal_range(qname); > - auto ni = range.first; > > - while (ni != range.second) { > + for (auto ni = range.first; ni != range.second; ++ni) { > // We have an entry > if ((!typeMustMatch && ni->d_qtype == QType::ENT) || ni->d_qtype == > qtype) { >// We match the QType or the whole name is denied >auto firstIndexIterator = content->d_map.project(ni); > > - if (!refresh && (serveStale || ni->d_servedStale > 0) && ni->d_ttd <= > now.tv_sec && ni->d_servedStale < s_maxServedStaleExtensions) { > + // this checks ttd, but also takes into account serve-stale > + if (!ni->isEntryUsable(now.tv_sec, serveStale)) { > +// Outdated > +moveCacheItemToFront(content->d_map, > firstIndexIterator); > +continue; > + } > + // If we are serving this record stale (or *should*) and the ttd has > passed increase ttd to > + // the future and remember that we did. Also push a refresh task. > + if
Bug#1033885: marked as done (unblock: pydevd/2.9.5+ds-4)
Your message dated Tue, 04 Apr 2023 21:34:30 + with message-id and subject line unblock pydevd has caused the Debian Bug report #1033885, regarding unblock: pydevd/2.9.5+ds-4 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033885: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033885 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: pyd...@packages.debian.org Control: affects -1 + src:pydevd Please unblock package pydevd [ Reason ] This is a small tweak to the autopkgtests to prevent them from failing on a number of architectures not in the released architectures. It closes #1029718, but I don't know whether it is appropriate for transitioning to testing (it not being an RC bug). [ Impact ] It is not currently buildable on those architectures. [ Tests ] The autopkgtests cover everything; this patch just excludes some which fail with Python 3.11. [ Risks ] Code is trivial and only in the autopkgtest code. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] None unblock pydevd/2.9.5+ds-4 diff -Nru pydevd-2.9.5+ds/debian/changelog pydevd-2.9.5+ds/debian/changelog --- pydevd-2.9.5+ds/debian/changelog2023-02-11 21:30:07.0 + +++ pydevd-2.9.5+ds/debian/changelog2023-03-12 12:36:38.0 + @@ -1,3 +1,10 @@ +pydevd (2.9.5+ds-4) unstable; urgency=medium + + * Exclude failing tests on a wider variety of architectures +(closes: #1029718) + + -- Julian Gilbey Sun, 12 Mar 2023 12:36:38 + + pydevd (2.9.5+ds-3) unstable; urgency=medium * Update README.Debian diff -Nru pydevd-2.9.5+ds/debian/get_test_exclusions pydevd-2.9.5+ds/debian/get_test_exclusions --- pydevd-2.9.5+ds/debian/get_test_exclusions 2023-02-11 21:30:07.0 + +++ pydevd-2.9.5+ds/debian/get_test_exclusions 2023-03-12 12:36:38.0 + @@ -91,10 +91,25 @@ tests_python/test_debugger_json.py::test_function_breakpoints_async ) -# s390x fails even more disastrously -if [ $arch = s390x ] +# failing tests on 32-bit big-endian targets and riscv64 +if [ $arch = hppa -o $arch = m68k -o $arch = powerpc -o $arch = riscv64 ] then - EXCLUDES+=( +EXCLUDES+=( +tests_python/test_debugger.py::test_gevent +tests_python/test_debugger.py::test_gevent_remote +tests_python/test_debugger_json.py::test_wait_for_attach_gevent + tests_python/test_debugger_json.py::test_gevent_show_paused_greenlets + tests_python/test_debugger_json.py::test_gevent_subprocess_not_python +tests_python/test_debugger_json.py::test_gevent_subprocess_python +tests_python/test_debugger_json.py::test_notify_gevent +tests_python/test_utilities.py::test_gevent_notify +) +fi + +# failing tests on 64-bit big-endian targets +if [ $arch = s390x -o $arch = s390x -o $arch = sparc64 ] +then +EXCLUDES+=( tests_python/test_debugger.py::test_case_13 tests_python/test_debugger.py::test_check_tracer_with_exceptions tests_python/test_debugger.py::test_unhandled_exceptions_basic @@ -106,7 +121,19 @@ tests_python/test_debugger_json.py::test_case_unhandled_exception[_debugger_case_unhandled_exceptions.py] tests_python/test_debugger_json.py::test_case_unhandled_exception[_debugger_case_unhandled_exceptions_custom.py] tests_python/test_utilities.py::test_tracing_basic - ) +) +fi + +# Further failing tests on riscv64 (see bug#1024680) +if [ $arch = riscv64 ] +then +EXCLUDES+=( +tests_python/test_debugger.py::test_attach_to_pid_no_threads[False] +tests_python/test_debugger.py::test_attach_to_pid_halted +tests_python/test_debugger.py::test_case_16_resolve_numpy_array + tests_python/test_debugger.py::test_gevent_show_paused_greenlets[False] +tests_python/test_debugger_json.py::test_attach_to_pid[False] +) fi fi @@ -127,7 +154,7 @@ tests_python/test_debugger.py::test_case_django_template_inherits_no_exception tests_python/test_debugger.py::test_case_flask tests_python/test_debugger_json.py::test_attach_to_pid[True] - tests_python/test_debugger_json.py::test_case_django_line_validation
Bug#1033885: unblock: pydevd/2.9.5+ds-4
On 2023-04-03 14:35:35 +0100, Julian Gilbey wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > X-Debbugs-Cc: pyd...@packages.debian.org > Control: affects -1 + src:pydevd > > Please unblock package pydevd > > [ Reason ] > This is a small tweak to the autopkgtests to prevent them from failing > on a number of architectures not in the released architectures. It > closes #1029718, but I don't know whether it is appropriate for > transitioning to testing (it not being an RC bug). > > [ Impact ] > It is not currently buildable on those architectures. > > [ Tests ] > The autopkgtests cover everything; this patch just excludes some which > fail with Python 3.11. > > [ Risks ] > Code is trivial and only in the autopkgtest code. > > [ Checklist ] > [x] all changes are documented in the d/changelog > [x] I reviewed all changes and I approve them > [x] attach debdiff against the package in testing > > [ Other info ] > None > > unblock pydevd/2.9.5+ds-4 > diff -Nru pydevd-2.9.5+ds/debian/changelog pydevd-2.9.5+ds/debian/changelog > --- pydevd-2.9.5+ds/debian/changelog 2023-02-11 21:30:07.0 + > +++ pydevd-2.9.5+ds/debian/changelog 2023-03-12 12:36:38.0 + > @@ -1,3 +1,10 @@ > +pydevd (2.9.5+ds-4) unstable; urgency=medium > + > + * Exclude failing tests on a wider variety of architectures > +(closes: #1029718) > + > + -- Julian Gilbey Sun, 12 Mar 2023 12:36:38 + > + > pydevd (2.9.5+ds-3) unstable; urgency=medium > >* Update README.Debian > diff -Nru pydevd-2.9.5+ds/debian/get_test_exclusions > pydevd-2.9.5+ds/debian/get_test_exclusions > --- pydevd-2.9.5+ds/debian/get_test_exclusions2023-02-11 > 21:30:07.0 + > +++ pydevd-2.9.5+ds/debian/get_test_exclusions2023-03-12 > 12:36:38.0 + > @@ -91,10 +91,25 @@ > tests_python/test_debugger_json.py::test_function_breakpoints_async > ) > > -# s390x fails even more disastrously > -if [ $arch = s390x ] > +# failing tests on 32-bit big-endian targets and riscv64 > +if [ $arch = hppa -o $arch = m68k -o $arch = powerpc -o $arch = riscv64 ] > then > - EXCLUDES+=( > +EXCLUDES+=( > +tests_python/test_debugger.py::test_gevent > +tests_python/test_debugger.py::test_gevent_remote > +tests_python/test_debugger_json.py::test_wait_for_attach_gevent > + > tests_python/test_debugger_json.py::test_gevent_show_paused_greenlets > + > tests_python/test_debugger_json.py::test_gevent_subprocess_not_python > +tests_python/test_debugger_json.py::test_gevent_subprocess_python > +tests_python/test_debugger_json.py::test_notify_gevent > +tests_python/test_utilities.py::test_gevent_notify > +) > +fi > + > +# failing tests on 64-bit big-endian targets > +if [ $arch = s390x -o $arch = s390x -o $arch = sparc64 ] That's s390x twice. Cheers > +then > +EXCLUDES+=( > tests_python/test_debugger.py::test_case_13 > tests_python/test_debugger.py::test_check_tracer_with_exceptions > tests_python/test_debugger.py::test_unhandled_exceptions_basic > @@ -106,7 +121,19 @@ > > tests_python/test_debugger_json.py::test_case_unhandled_exception[_debugger_case_unhandled_exceptions.py] > > tests_python/test_debugger_json.py::test_case_unhandled_exception[_debugger_case_unhandled_exceptions_custom.py] > tests_python/test_utilities.py::test_tracing_basic > - ) > +) > +fi > + > +# Further failing tests on riscv64 (see bug#1024680) > +if [ $arch = riscv64 ] > +then > +EXCLUDES+=( > + > tests_python/test_debugger.py::test_attach_to_pid_no_threads[False] > +tests_python/test_debugger.py::test_attach_to_pid_halted > +tests_python/test_debugger.py::test_case_16_resolve_numpy_array > + > tests_python/test_debugger.py::test_gevent_show_paused_greenlets[False] > +tests_python/test_debugger_json.py::test_attach_to_pid[False] > +) > fi > fi > > @@ -127,7 +154,7 @@ > > tests_python/test_debugger.py::test_case_django_template_inherits_no_exception > tests_python/test_debugger.py::test_case_flask > tests_python/test_debugger_json.py::test_attach_to_pid[True] > - tests_python/test_debugger_json.py::test_case_django_line_validation > +tests_python/test_debugger_json.py::test_case_django_line_validation > > tests_python/test_debugger_json.py::test_case_django_no_attribute_exception_breakpoint > tests_python/test_debugger_json.py::test_case_flask_line_validation > tests_python/test_debugger_json.py::test_code_reload > @@ -138,30 +165,10 @@ > ) > fi > > -# Further failing tests on riscv64 (see bug#1024680) > -if [ $arch = riscv64 ] >
Bug#1033875: marked as done (nmu: gridsite)
Your message dated Tue, 4 Apr 2023 23:30:37 +0200 with message-id and subject line Re: Bug#1033875: nmu: gridsite has caused the Debian Bug report #1033875, regarding nmu: gridsite to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033875: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033875 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Control: affects -1 + src:gridsite This is a re-request of the gridsite nmu requested in: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033347 That request was created March 23 and requested an nmu for gridsite_3.0.0~20180202git2fdbc6f-3. However the version in unstable at the time was 3.0.0~20230214gitee81151-1 (accepted in unstable March 2, migrated to testing March 24). Since the scheduled nmu was for a version no longer in unstable it never happened. The requested nmu was to rebuild on 32 bit architectures due to a bug in fakeroot that caused some files and directories in the package to have the wrong group and user. The current version was uploaded March 2 and the fakeroot bug was fixed in fakeroot 1.31-1.1, which was also uploaded on March 2. Unfortunately the fakeroot build had not reached the buildroots when gridsite was built. An nmu of gridsite 3.0.0~20230214gitee81151-1 is needed on the following architectures: armel armhf hppa i386 m68k mipsel sh4 Make sure that fakeroot >= 1.31-1.1 is used (current version in unstable is -1.2). These nmus should possibly be allowed to go into the upcoming release as well in order to fix the issue also there. Mattias Ellert signature.asc Description: This is a digitally signed message part --- End Message --- --- Begin Message --- On 2023-04-03 11:28:44 +0200, Mattias Ellert wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: binnmu > Control: affects -1 + src:gridsite > > This is a re-request of the gridsite nmu requested in: > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033347 > > That request was created March 23 and requested an nmu for > gridsite_3.0.0~20180202git2fdbc6f-3. However the version in unstable at > the time was 3.0.0~20230214gitee81151-1 (accepted in unstable March 2, > migrated to testing March 24). > > Since the scheduled nmu was for a version no longer in unstable it > never happened. > > The requested nmu was to rebuild on 32 bit architectures due to a bug > in fakeroot that caused some files and directories in the package to > have the wrong group and user. The current version was uploaded March 2 > and the fakeroot bug was fixed in fakeroot 1.31-1.1, which was also > uploaded on March 2. > > Unfortunately the fakeroot build had not reached the buildroots when > gridsite was built. > > An nmu of gridsite 3.0.0~20230214gitee81151-1 is needed on the > following architectures: > > armel > armhf > hppa > i386 > m68k > mipsel > sh4 Scheduled for all architectures. Cheers > > Make sure that fakeroot >= 1.31-1.1 is used (current version in > unstable is -1.2). > > These nmus should possibly be allowed to go into the upcoming release > as well in order to fix the issue also there. > > Mattias Ellert > -- Sebastian Ramacher--- End Message ---
Bug#1033929: marked as done (unblock: node-interpret/2.2.0-3)
Your message dated Tue, 04 Apr 2023 21:27:28 + with message-id and subject line unblock node-interpret has caused the Debian Bug report #1033929, regarding unblock: node-interpret/2.2.0-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033929: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033929 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: node-interp...@packages.debian.org Control: affects -1 + src:node-interpret Please unblock package node-interpret [ Reason ] node-interpret uses network for its autopkgtest. Due to upstream changes in some old transpilers, autopkgtest started to fail. The proposed patch only change things in node-interpret test. BTS: #1033816 [ Impact ] No change in installed files, patch changes only node-interpret test. [ Tests ] Broken test on deprecated transpiler are now disabled. [ Risks ] No risk, even if patch is a little big, there is no change in installed files. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing [ Changes ] * don't test babel/register and buble/register (Debian uses @babel/register, no more babel/register) * test modules: drop embedded "expect" and add patch to use Debian's node-expect (provided by jest) * lintian-brush: * update lintian tags * update metadata * update debian/watch Cheers, Yadd unblock node-interpret/2.2.0-3 diff --git a/debian/changelog b/debian/changelog index b38fa5c..b5bca67 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,21 @@ +node-interpret (2.2.0-3) unstable; urgency=medium + + * Team upload + + [ lintian-brush ] + * Update lintian override info format in d/source/lintian-overrides +on line 2-4 + * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse + * Update standards version to 4.6.2, no changes needed + + [ Yadd ] + * Fix filenamemangle + * Add fix for expect 28 and drop embedded "expect" + * Set upstream metadata fields: Repository. + * Drop test on deprecated transpilers (Closes: #1033816) + + -- Yadd Mon, 03 Apr 2023 08:10:46 +0400 + node-interpret (2.2.0-2) unstable; urgency=medium * Team upload diff --git a/debian/control b/debian/control index 2b09242..510057d 100644 --- a/debian/control +++ b/debian/control @@ -20,7 +20,7 @@ Build-Depends: debhelper-compat (= 13) , node-parse-node-version , node-which-boxed-primitive , node-which-collection -Standards-Version: 4.6.0 +Standards-Version: 4.6.2 Vcs-Browser: https://salsa.debian.org/js-team/node-interpret Vcs-Git: https://salsa.debian.org/js-team/node-interpret.git Homepage: https://github.com/tkellen/node-interpret diff --git a/debian/copyright b/debian/copyright index e9d0fe5..b5809a0 100644 --- a/debian/copyright +++ b/debian/copyright @@ -16,10 +16,6 @@ Files: debian/tests/test_modules/* Copyright: 1014-2020 Jordan Harband License: Expat -Files: debian/tests/test_modules/expect/* -Copyright: 2015 Michael Jackson -License: Expat - Files: debian/tests/test_modules/*/node_modules/isarray/* Copyright: 2013 Julian Gruber License: Expat diff --git a/debian/patches/drop-test-on-deprecated-transpilers.patch b/debian/patches/drop-test-on-deprecated-transpilers.patch new file mode 100644 index 000..d9a7cea --- /dev/null +++ b/debian/patches/drop-test-on-deprecated-transpilers.patch @@ -0,0 +1,24 @@ +Description: drop test on deprecated transpilers +Author: Yadd +Bug-Debian: https://bugs.debian.org/1033816 +Forwarded: not-needed +Last-Update: 2023-04-03 + +--- a/test/index.js b/test/index.js +@@ -126,6 +126,7 @@ + var fixtureDir = path.dirname(fixture); + var idx = attempt.index; + ++if( name !== 'babel/register' && name !== 'buble/register' ) { + it('can require ' + extension + ' using ' + name + ' (' + idx + ')', function(done) { + var minVersion = minVersions[module]; + +@@ -232,6 +233,7 @@ + } + done(); + }); ++} + }); + + it('does not error with the .mjs extension', function(done) { diff --git a/debian/patches/fix-for-expect-28.patch b/debian/patches/fix-for-expect-28.patch new file mode 100644 index 000..af3bf26 --- /dev/null +++ b/debian/patches/fix-for-expect-28.patch @@ -0,0 +1,15 @@ +Description: add fix for expect 28 (jest) +Author: Yadd +Forwarded: not-needed +Last-Update: 2022-12-01 + +--- a/test/index.js b/test/index.js +@@ -1,6
Bug#1033947: marked as done (unblock: widelands/2:1.1-3)
Your message dated Tue, 04 Apr 2023 21:26:35 + with message-id and subject line unblock widelands has caused the Debian Bug report #1033947, regarding unblock: widelands/2:1.1-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033947: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033947 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: widela...@packages.debian.org Control: affects -1 + src:widelands Please unblock package widelands The upload fixes the version constraint in widelands-data.maintscript for symlink_to_dir. The original version constraint was 1:21-2~, the last version that had the directory. However, the symlink_to_dir was only introduced in 2:1.0-3, so if a user upgraded from a version later than 1:21-2~, the migration would not be triggered as maintscript would believe it is not needed anymore. In such cases the game would crash as reported in #1033879. (Please provide enough (but not too much) information to help the release team to judge the request efficiently. E.g. by filling in the sections below.) [ Risks ] The game is a leaf package. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock widelands/2:1.1-3 Cheers, -- tobi diff -Nru widelands-1.1/debian/changelog widelands-1.1/debian/changelog --- widelands-1.1/debian/changelog 2022-12-27 23:29:29.0 +0100 +++ widelands-1.1/debian/changelog 2023-04-04 16:15:53.0 +0200 @@ -1,3 +1,10 @@ +widelands (2:1.1-3) unstable; urgency=medium + + * Team upload. + * Fix version constraint in dir_to_symlink. (Closes: #1033879) + + -- Tobias Frost Tue, 04 Apr 2023 16:15:53 +0200 + widelands (2:1.1-2) unstable; urgency=medium * Team upload. diff -Nru widelands-1.1/debian/widelands-data.maintscript widelands-1.1/debian/widelands-data.maintscript --- widelands-1.1/debian/widelands-data.maintscript 2022-12-27 23:29:29.0 +0100 +++ widelands-1.1/debian/widelands-data.maintscript 2023-04-04 16:15:49.0 +0200 @@ -1,2 +1 @@ -dir_to_symlink /usr/share/games/widelands/data/i18n/fonts/Culmus ../../../../../fonts/truetype/culmus-fancy 1:21-2~ - +dir_to_symlink /usr/share/games/widelands/data/i18n/fonts/Culmus ../../../../../fonts/truetype/culmus-fancy 2:1.1-3~ --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#1033927: marked as done (unblock: node-sinon/14.0.2+ds+~cs74.13.25-2)
Your message dated Tue, 04 Apr 2023 21:26:49 + with message-id and subject line unblock node-sinon has caused the Debian Bug report #1033927, regarding unblock: node-sinon/14.0.2+ds+~cs74.13.25-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033927: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033927 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: node-si...@packages.debian.org Control: affects -1 + src:node-sinon Please unblock package node-sinon [ Reason ] node-sinon is a package used during JS tests. In Debian JS Team we choose to launch autopkgtest with `--disable-proto=throw` to ensure that JS packages don't used this old way to access to prototype for security reasons. This change started in September 2022 (pkg-js-autopkgtest 0.15.x). node-sinon currently parses all object properties without avoid __proto__. This breaks (at least) node-nock autopkgtest. [ Impact ] No change, the patch just avoid parsing __proto__ [ Tests ] No change in test, still pass (autopkgtest + build). This fixed also node-nock test. [ Risks ] No risk here, patch is trivial [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing [ Other info ] This debdiff adds also some tips from lintian-brush (lintian tags and metadata update) Cheers, Yadd unblock node-sinon/14.0.2+ds+~cs74.13.25-2 diff --git a/debian/changelog b/debian/changelog index aaace48..111c526 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +node-sinon (14.0.2+ds+~cs74.13.25-2) unstable; urgency=medium + + * Team upload + * Update lintian override info format in d/source/lintian-overrides +on line 2-3 + * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse + * Update standards version to 4.6.2, no changes needed + * Drop calls to __proto__ (Closes: #1033818) + + -- Yadd Mon, 03 Apr 2023 07:26:51 +0400 + node-sinon (14.0.2+ds+~cs74.13.25-1) unstable; urgency=medium * Team upload diff --git a/debian/control b/debian/control index 1a73a29..c60cd62 100644 --- a/debian/control +++ b/debian/control @@ -27,7 +27,7 @@ Build-Depends: , node-supports-color , node-type-detect , node-util -Standards-Version: 4.6.1 +Standards-Version: 4.6.2 Vcs-Browser: https://salsa.debian.org/js-team/node-sinon Vcs-Git: https://salsa.debian.org/js-team/node-sinon.git Homepage: https://sinonjs.org/ diff --git a/debian/patches/dont-try-to-access-to-__proto__.patch b/debian/patches/dont-try-to-access-to-__proto__.patch new file mode 100644 index 000..5973750 --- /dev/null +++ b/debian/patches/dont-try-to-access-to-__proto__.patch @@ -0,0 +1,16 @@ +Description: don't try to access to __proto__ +Author: Yadd +Forwarded: no +Last-Update: 2023-04-03 + +--- a/lib/sinon/util/core/walk.js b/lib/sinon/util/core/walk.js +@@ -17,7 +17,7 @@ + } + + forEach(Object.getOwnPropertyNames(obj), function (k) { +-if (seen[k] !== true) { ++if (k !== '__proto__' && seen[k] !== true) { + seen[k] = true; + var target = + typeof Object.getOwnPropertyDescriptor(obj, k).get === diff --git a/debian/patches/series b/debian/patches/series index ffb3e1f..b2b7689 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,3 +2,4 @@ fix-sinonjsreferee-sinon-test.diff reproducible.patch fix-for-path-to-regexp-6.patch drop-unstable-test.patch +dont-try-to-access-to-__proto__.patch diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides index 3f4d9d6..05b110e 100644 --- a/debian/source/lintian-overrides +++ b/debian/source/lintian-overrides @@ -1,6 +1,6 @@ # False positive: data -source-is-missing *sinonjstext-encoding/lib/encoding-indexes.js* -source-contains-prebuilt-javascript-object *sinonjstext-encoding/lib/encoding-indexes.js* +source-is-missing [*sinonjstext-encoding/lib/encoding-indexes.js*] +source-contains-prebuilt-javascript-object [*sinonjstext-encoding/lib/encoding-indexes.js*] very-long-line-length-in-source-file *sinonjsfake-timers/LICENSE* very-long-line-length-in-source-file *sinonjstext-encoding/lib/encoding-indexes.js* very-long-line-length-in-source-file *.md* diff --git a/debian/upstream/metadata b/debian/upstream/metadata index 6d85d64..c5adee0 100644 --- a/debian/upstream/metadata +++ b/debian/upstream/metadata @@ -1,6 +1,6 @@ --- Archive: GitHub
Bug#1033918: marked as done (unblock: lios/2.7.2-5)
Your message dated Tue, 04 Apr 2023 21:28:17 + with message-id and subject line unblock lios has caused the Debian Bug report #1033918, regarding unblock: lios/2.7.2-5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033918: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033918 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: l...@packages.debian.org Control: affects -1 + src:lios Hello, I have uploaded lios/2.7.2-5 to unstable, to hopefully make it to bookworm. [ Reason ] As reported on #990805 and #1033024, in the current version of lios when opening the general preferences dialog box, lios stays stuck for a couple minutes. This happens only when the espeak-ng package is installed, in which case there are thousands of voices available for the speech configuration part of this dialog box, thus making it very long to load. Upstream fixed the issue without telling me, we eventually found it was fixed in a more recent upstream snapshot, and I picked up the upstream commit for this, included in lios/2.7.2-5. The idea of the fix is to separate the voices by language, so that the user first chooses among a few hundred languages, and then chooses a voice person. This is enough to make the dialog box load in a snap. [ Impact ] Without this new version, users will have to either remove the espeak-ng package (but lios users are most often blind users so they do need it), or they have to wait for several minutes when they want to change some general preference. [ Tests ] This was tested manually as fixing the issue. [ Risks ] The code is relatively simple: in lios/speech.py, instead of having list_voices return a plain list, it creates a dictionary sorted by language. lios/preferences.py then contains an additional combobox, and the logic is reworked around these to implement the two-step selection. The upstream commit also includes selecting a default voice according to the current locale. I prefered to avoid splitting it from the upstream commit since the two parts seem related. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock lios/2.7.2-5 diff -Nru lios-2.7.2/debian/changelog lios-2.7.2/debian/changelog --- lios-2.7.2/debian/changelog 2023-03-13 20:00:26.0 +0100 +++ lios-2.7.2/debian/changelog 2023-04-03 23:22:12.0 +0200 @@ -1,3 +1,10 @@ +lios (2.7.2-5) unstable; urgency=medium + + * patches/preference-voice-list: Fix general preferences loading delay. +(Closes: #990805, #1033024). + + -- Samuel Thibault Mon, 03 Apr 2023 23:22:12 +0200 + lios (2.7.2-4) unstable; urgency=medium * Upload fix to unstable, thanks Gunnar! diff -Nru lios-2.7.2/debian/patches/preference-voice-list lios-2.7.2/debian/patches/preference-voice-list --- lios-2.7.2/debian/patches/preference-voice-list 1970-01-01 01:00:00.0 +0100 +++ lios-2.7.2/debian/patches/preference-voice-list 2023-04-03 23:21:39.0 +0200 @@ -0,0 +1,232 @@ +commit 565afb783dc50d4ec7c9d1d6caf486c26f47d1fe +Author: nalin.x.linux +Date: Sun Aug 28 15:27:27 2022 +0530 + +Preferences dialog startup fixed, speech person selection enabled, set default speech module and language using user's language + +--- + lios/main.py| 10 - + lios/preferences.py | 104 +++- + lios/speech.py | 13 +- + 3 files changed, 112 insertions(+), 15 deletions(-) + +--- a/lios/main.py b/lios/main.py +@@ -181,6 +181,7 @@ class linux_intelligent_ocr_solution(): + #Load Preferences + self.preferences = preferences.lios_preferences() + self.preferences.set_from_file(macros.preferences_file_path) ++ self.preferences.set_default_speech_module_and_language() + self.preferences.set_avalable_scanner_drivers([ item.name for item in self.available_scanner_driver_list]) + self.preferences.set_avalable_ocr_engines([ (item.name,item.get_available_languages()) + for item in self.available_ocr_engine_list ]) +@@ -1379,6 +1380,7 @@ pacman -S aspell-fr""")) + + def restore_preferences(self,*data): + self.preferences.__init__() ++ self.preferences.set_default_speech_module_and_language() +
Bug#1033951: marked as done (unblock: libxt/1:1.2.1-1.1)
Your message dated Tue, 04 Apr 2023 21:25:29 + with message-id and subject line unblock libxt has caused the Debian Bug report #1033951, regarding unblock: libxt/1:1.2.1-1.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033951: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033951 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Control: affects -1 + src:libxt X-Debbugs-Cc: li...@packages.debian.org User: release.debian@packages.debian.org Usertags: unblock Severity: normal Please unblock package libxt. [ Reason ] Fixes RC bug #1005272. [ Impact ] Missing license. [ Risks ] None; only d/changelog and d/copyright are touched. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock libxt/1:1.2.1-1.1diff -u libxt-1.2.1/debian/changelog libxt-1.2.1/debian/changelog --- libxt-1.2.1/debian/changelog +++ libxt-1.2.1/debian/changelog @@ -1,3 +1,12 @@ +libxt (1:1.2.1-1.1) unstable; urgency=medium + + * Non-maintainer upload. + + [ Timo Aaltonen ] + * copyright: Synced with upstream. (Closes: #1005272) + + -- Bastian Germann Mon, 03 Apr 2023 15:51:04 +0200 + libxt (1:1.2.1-1) unstable; urgency=medium * New upstream release. diff -u libxt-1.2.1/debian/copyright libxt-1.2.1/debian/copyright --- libxt-1.2.1/debian/copyright +++ libxt-1.2.1/debian/copyright @@ -1,6 +1,25 @@ This package was downloaded from http://xorg.freedesktop.org/releases/individual/lib/ +Copyright © 2003,2019 Thomas E. Dickey + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +of the Software, and to permit persons to whom the Software is furnished to do +so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +ABOVE LISTED COPYRIGHT HOLDER(S) BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. Copyright © 2001,2003 Keith Packard --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#1033932: marked as done (unblock: calamares-settings-debian/10.0.5-2)
Your message dated Tue, 04 Apr 2023 21:25:56 + with message-id and subject line unblock calamares-settings-debian has caused the Debian Bug report #1033932, regarding unblock: calamares-settings-debian/10.0.5-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033932: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033932 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: calamares-settings-deb...@packages.debian.org Control: affects -1 + src:calamares-settings-debian Please unblock package calamares-settings-debian This addresses serious bug #1033930. At least on the KDE live image, pkexec is no longer supplied by default. There may be other images that are affected too. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing Debdiff: """ diff -Nru calamares-settings-debian-12.0.5/debian/changelog calamares-settings-debian-12.0.5/debian/changelog --- calamares-settings-debian-12.0.5/debian/changelog 2023-03-06 19:24:55.0 +0200 +++ calamares-settings-debian-12.0.5/debian/changelog 2023-04-04 09:51:03.0 +0200 @@ -1,3 +1,9 @@ +calamares-settings-debian (12.0.5-2) unstable; urgency=medium + + * Depend on pkexec (Closes: #1033930) + + -- Jonathan Carter Tue, 04 Apr 2023 09:51:03 +0200 + calamares-settings-debian (12.0.5-1) unstable; urgency=medium * New upstream release diff -Nru calamares-settings-debian-12.0.5/debian/control calamares-settings-debian-12.0.5/debian/control --- calamares-settings-debian-12.0.5/debian/control 2022-05-09 12:00:25.0 +0200 +++ calamares-settings-debian-12.0.5/debian/control 2023-04-04 09:51:00.0 +0200 @@ -14,6 +14,7 @@ Depends: calamares, cryptsetup, keyutils, + pkexec, qml-module-qtquick-window2, qml-module-qtquick2, ${misc:Depends} """ unblock calamares-settings-debian/10.0.5-2 thanks, -Jonathan --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#1033492: unblock: php8.2/8.2.4-1 ????
Am Tue, Apr 04, 2023 at 09:14:36PM +0200 schrieb Paul Gevers: > On 04-04-2023 20:07, Moritz Mühlenhoff wrote: > > If we would add the list of source packages which are following micro > releases > > in stable-security to a machine-parseable list (e.g. somewhere in the > > Security Tracker repo), would that be useful to enhance release > > management tooling (e.g. by automatically annotating unblock requests > > or similar?) > > Do you have any idea how many packages are in that set. Yes if that were > public that would help. My gut feeling is "less than 20", I'll try to compile a list in the next days. Cheers, Moritz
Bug#1033952: unblock: osgi-core/8.0.0-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: osgi-c...@packages.debian.org Control: affects -1 + src:osgi-core Please unblock package osgi-core [ Reason ] The LoggerFactory and LogEntry interface definitions where added to osgi-core in version 8.0.0 duplication those in osgi-compendium. osgi-compendium carries a Debian patch to adopt the APIs to be backward compatible that was missing from osgi-core resulting in src:bnd FTBFS (#1026606). 8.0.0-2 copies this patch so both packages provide the same API. [ Impact ] src:bnd can not be build without this patch. [ Tests ] I did a test rebuild of src:bnd to make sure it compiles again: https://tests.reproducible-builds.org/debian/rb-pkg/bnd.html [ Risks ] Given that the patch is already in osgi-compendium since 2020 and it only provides default implementations for the added API methods I don't see a risk. Alternative solutions I looked into: - Adopting src:bnd to implement the new API. I tried this but the diff was rather large with no added value. Also I assume there are other packages depending on the old API. - removing LoggerFactory and LogEntry from osgi-core again which would result in a diff to the upstream source and probably other packages failing. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock osgi-core/8.0.0-2 diff --git a/debian/changelog b/debian/changelog index 0f8c8cf..ee0ef4a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +osgi-core (8.0.0-2) unstable; urgency=medium + + * Team upload. + * Preserve backward compatibility in logging interface. +Turned the new interface methods into default methods to preserve the +backward compatibility. Taken from osgi-compendium. (Closes: #1026606) + + -- Jochen Sprickerhof Mon, 03 Apr 2023 14:57:28 +0200 + osgi-core (8.0.0-1) unstable; urgency=medium * Team upload. diff --git a/debian/patches/01-backward-compatibility.patch b/debian/patches/01-backward-compatibility.patch new file mode 100644 index 000..a45e721 --- /dev/null +++ b/debian/patches/01-backward-compatibility.patch @@ -0,0 +1,95 @@ +Description: Preserves the source compatibility with older versions of the API +Author: Emmanuel Bourg +Forwarded: not-needed +--- a/org/osgi/service/log/LoggerFactory.java b/org/osgi/service/log/LoggerFactory.java +@@ -61,7 +61,7 @@ +* parameter is equal to {@link Logger#ROOT_LOGGER_NAME}, then the +* root logger is returned. +*/ +- Logger getLogger(String name); ++ default Logger getLogger(String name) { throw new UnsupportedOperationException(); } + + /** +* Return the {@link Logger} named with the specified class. +@@ -70,7 +70,7 @@ +*{@code null}. +* @return The {@link Logger} named with the name of the specified class. +*/ +- Logger getLogger(Class< ? > clazz); ++ default Logger getLogger(Class< ? > clazz) { throw new UnsupportedOperationException(); } + + /** +* Return the {@link Logger} of the specified type named with the specified +@@ -88,7 +88,7 @@ +* @throws IllegalArgumentException If the specified type is not a supported +* Logger type. +*/ +- L getLogger(String name, Class loggerType); ++ default L getLogger(String name, Class loggerType) { throw new UnsupportedOperationException(); } + + /** +* Return the {@link Logger} of the specified type named with the specified +@@ -104,7 +104,7 @@ +* @throws IllegalArgumentException If the specified type is not a supported +* Logger type. +*/ +- L getLogger(Class< ? > clazz, Class loggerType); ++ default L getLogger(Class< ? > clazz, Class loggerType) {throw new UnsupportedOperationException(); } + + /** +* Return the {@link Logger} of the specified type named with the specified +@@ -130,6 +130,6 @@ +* @throws IllegalArgumentException If the specified type is not a supported +* Logger type or the specified Bundle is not a resolved bundle. +*/ +- L getLogger(Bundle bundle, String name, +- Class loggerType); ++ default L getLogger(Bundle bundle, String name, ++ Class loggerType) { throw new UnsupportedOperationException(); } + } +--- a/org/osgi/service/log/LogEntry.java b/org/osgi/service/log/LogEntry.java +@@ -111,7 +111,7 @@ +* @return The level of this {@code LogEntry} object. +* @since 1.4 +*/ +- LogLevel getLogLevel(); ++ default LogLevel getLogLevel() { throw new UnsupportedOperationException(); } + + /** +* Returns the name of the {@link Logger} object used to create this +@@ -121,7 +121,7
Processed: unblock: osgi-core/8.0.0-2
Processing control commands: > affects -1 + src:osgi-core Bug #1033952 [release.debian.org] unblock: osgi-core/8.0.0-2 Added indication that 1033952 affects src:osgi-core -- 1033952: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033952 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033951: unblock: libxt/1:1.2.1-1.1
Package: release.debian.org Control: affects -1 + src:libxt X-Debbugs-Cc: li...@packages.debian.org User: release.debian@packages.debian.org Usertags: unblock Severity: normal Please unblock package libxt. [ Reason ] Fixes RC bug #1005272. [ Impact ] Missing license. [ Risks ] None; only d/changelog and d/copyright are touched. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock libxt/1:1.2.1-1.1diff -u libxt-1.2.1/debian/changelog libxt-1.2.1/debian/changelog --- libxt-1.2.1/debian/changelog +++ libxt-1.2.1/debian/changelog @@ -1,3 +1,12 @@ +libxt (1:1.2.1-1.1) unstable; urgency=medium + + * Non-maintainer upload. + + [ Timo Aaltonen ] + * copyright: Synced with upstream. (Closes: #1005272) + + -- Bastian Germann Mon, 03 Apr 2023 15:51:04 +0200 + libxt (1:1.2.1-1) unstable; urgency=medium * New upstream release. diff -u libxt-1.2.1/debian/copyright libxt-1.2.1/debian/copyright --- libxt-1.2.1/debian/copyright +++ libxt-1.2.1/debian/copyright @@ -1,6 +1,25 @@ This package was downloaded from http://xorg.freedesktop.org/releases/individual/lib/ +Copyright © 2003,2019 Thomas E. Dickey + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +of the Software, and to permit persons to whom the Software is furnished to do +so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +ABOVE LISTED COPYRIGHT HOLDER(S) BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. Copyright © 2001,2003 Keith Packard
Processed: unblock: libxt/1:1.2.1-1.1
Processing control commands: > affects -1 + src:libxt Bug #1033951 [release.debian.org] unblock: libxt/1:1.2.1-1.1 Added indication that 1033951 affects src:libxt -- 1033951: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033951 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033492: unblock: php8.2/8.2.4-1 ????
> On 4. 4. 2023, at 21:14, Paul Gevers wrote: > > Sorry, that wasn't my intention. Maybe I should try to keep a better log, as > there's not many things "pre-negotiated". My memory isn't great. If you would > have pointed me at the earlier discussion, all would have been well I assume. No need to apologise, we all do what we can. If there's anything I can do to help with the load, I am happy to do whatever I would have energy and time for. (I don't want to promise unicorns and rainbows :)). On my side it's src:bind9 for both buster and bookworm and src:php7.4 for buster and src:php8.2 for bookworm. Ondrej -- Ondřej Surý (He/Him) ond...@sury.org signature.asc Description: Message signed with OpenPGP
Processed: Re: Bug#1025789: bullseye-pu: wolfssl/4.6.0+p1-0+deb11u1_4.6.0+p1-0+deb11u2.debdiff
Processing control commands: > tag -1 - moreinfo Bug #1025789 [release.debian.org] bullseye-pu: wolfssl/4.6.0+p1-0+deb11u2 Removed tag(s) moreinfo. -- 1025789: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025789 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1025789: bullseye-pu: wolfssl/4.6.0+p1-0+deb11u1_4.6.0+p1-0+deb11u2.debdiff
Control: tag -1 - moreinfo X-Debbugs-Cc: sirkilam...@msn.com On Wed, 15 Mar 2023 21:28:46 + Jonathan Wiltshire wrote: On Thu, Dec 08, 2022 at 08:07:09PM -0800, Felix Lechner wrote: > diff -Nru wolfssl-4.6.0+p1/debian/changelog.dch wolfssl-4.6.0+p1/debian/changelog.dch > --- wolfssl-4.6.0+p1/debian/changelog.dch 1970-01-01 00:00:00.0 + > +++ wolfssl-4.6.0+p1/debian/changelog.dch 2022-12-06 08:25:30.0 + [...] Stray file? > diff -Nru wolfssl-4.6.0+p1/debian/patches/add-WOLFSSL_CHECK_SIG_FAULTS-macro.patch wolfssl-4.6.0+p1/debian/patches/add-WOLFSSL_CHECK_SIG_FAULTS-macro.patch > --- wolfssl-4.6.0+p1/debian/patches/add-WOLFSSL_CHECK_SIG_FAULTS-macro.patch 1970-01-01 00:00:00.0 + > +++ wolfssl-4.6.0+p1/debian/patches/add-WOLFSSL_CHECK_SIG_FAULTS-macro.patch 2022-12-06 08:25:30.0 + > @@ -0,0 +1,154 @@ > +Description: PR 5498: CVE-2022-42961 > +Author: Jacob Barthelmeh > +Origin: backport Origin would typically be a URL, and a description of what the patch fixes (not just a bare CVE number) would be nice. I have addressed the concerns with the attached debdiff. wolfssl_4.6.0+p1-0+deb11u2.debdiff.xz Description: application/xz
Bug#1033942: nmu: ppl_1:1.2-8.1
Control: tags -1 moreinfo Hi Lev, On 04-04-2023 15:05, Lev Lamberov wrote: Please, rebuild ppl against swi-prolog 9.0.4+dfsg-2 in unstable. The ppl package in unstable and testing was build against the older swi-prolog version, containing older library. For more information, please see this swi-prolog [bug]. [bug] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033636 It's a shame we discussed this in bug 1022253 [1]. Do you know what was flawed in our assessment? [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022253#24 Paul OpenPGP_signature Description: OpenPGP digital signature
Processed: Re: Bug#1033942: nmu: ppl_1:1.2-8.1
Processing control commands: > tags -1 moreinfo Bug #1033942 [release.debian.org] nmu: ppl_1:1.2-8.1 Added tag(s) moreinfo. -- 1033942: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033942 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033492: unblock: php8.2/8.2.4-1 ????
Hi Ondřej, Moritz, On 04-04-2023 08:58, Ondřej Surý wrote: In all honesty, I thought that the pre-negotiated exception for PHP does apply to all future Debian releases, so it did come as surprise that I have to explain this again. Sorry, that wasn't my intention. Maybe I should try to keep a better log, as there's not many things "pre-negotiated". My memory isn't great. If you would have pointed me at the earlier discussion, all would have been well I assume. Anyways, Sebastian already unblocked on 31 Mar when he closed this bug. On 04-04-2023 20:07, Moritz Mühlenhoff wrote: > If we would add the list of source packages which are following micro releases > in stable-security to a machine-parseable list (e.g. somewhere in the > Security Tracker repo), would that be useful to enhance release > management tooling (e.g. by automatically annotating unblock requests > or similar?) Do you have any idea how many packages are in that set. Yes if that were public that would help. In this case, I only created the unblock bug myself to have a place for this discussion, because I noticed RC bugs fixed in unstable in a key package (which was thus blocked). As the upload had much more than the RC bug fix, I was unsure what to due, hence the question. *I* normally use udd bug views [1,2] to do my regular checking, so if we can get this information in udd, at least in *my* workflow it could be included. Paul [1] https://udd.debian.org/dev/cgi-bin/rcblog7.cgi (top paragraph linking "blocked (freeze)" to [2]) [2]
Bug#1033492: unblock: php8.2/8.2.4-1 ????
Am Tue, Apr 04, 2023 at 08:58:37AM +0200 schrieb Ondřej Surý: > Hi Paul, Salvatore, > > In all honesty, I thought that the pre-negotiated exception for PHP > does apply to all future Debian releases, so it did come as surprise > that I have to explain this again. Question to the release team: If we would add the list of source packages which are following micro releases in stable-security to a machine-parseable list (e.g. somewhere in the Security Tracker repo), would that be useful to enhance release management tooling (e.g. by automatically annotating unblock requests or similar?) Cheers, Moritz
Processed: unblock: widelands/2:1.1-3
Processing control commands: > affects -1 + src:widelands Bug #1033947 [release.debian.org] unblock: widelands/2:1.1-3 Added indication that 1033947 affects src:widelands -- 1033947: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033947 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033947: unblock: widelands/2:1.1-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: widela...@packages.debian.org Control: affects -1 + src:widelands Please unblock package widelands The upload fixes the version constraint in widelands-data.maintscript for symlink_to_dir. The original version constraint was 1:21-2~, the last version that had the directory. However, the symlink_to_dir was only introduced in 2:1.0-3, so if a user upgraded from a version later than 1:21-2~, the migration would not be triggered as maintscript would believe it is not needed anymore. In such cases the game would crash as reported in #1033879. (Please provide enough (but not too much) information to help the release team to judge the request efficiently. E.g. by filling in the sections below.) [ Risks ] The game is a leaf package. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock widelands/2:1.1-3 Cheers, -- tobi diff -Nru widelands-1.1/debian/changelog widelands-1.1/debian/changelog --- widelands-1.1/debian/changelog 2022-12-27 23:29:29.0 +0100 +++ widelands-1.1/debian/changelog 2023-04-04 16:15:53.0 +0200 @@ -1,3 +1,10 @@ +widelands (2:1.1-3) unstable; urgency=medium + + * Team upload. + * Fix version constraint in dir_to_symlink. (Closes: #1033879) + + -- Tobias Frost Tue, 04 Apr 2023 16:15:53 +0200 + widelands (2:1.1-2) unstable; urgency=medium * Team upload. diff -Nru widelands-1.1/debian/widelands-data.maintscript widelands-1.1/debian/widelands-data.maintscript --- widelands-1.1/debian/widelands-data.maintscript 2022-12-27 23:29:29.0 +0100 +++ widelands-1.1/debian/widelands-data.maintscript 2023-04-04 16:15:49.0 +0200 @@ -1,2 +1 @@ -dir_to_symlink /usr/share/games/widelands/data/i18n/fonts/Culmus ../../../../../fonts/truetype/culmus-fancy 1:21-2~ - +dir_to_symlink /usr/share/games/widelands/data/i18n/fonts/Culmus ../../../../../fonts/truetype/culmus-fancy 2:1.1-3~
Processed: unblock: unknown-horizons/2019.1-6
Processing control commands: > affects -1 + src:unknown-horizons Bug #1033946 [release.debian.org] unblock: unknown-horizons/2019.1-6 Added indication that 1033946 affects src:unknown-horizons -- 1033946: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033946 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033946: unblock: unknown-horizons/2019.1-6
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: unknown-horiz...@packages.debian.org Control: affects -1 + src:unknown-horizons Please unblock package unknown-horizons This updates fixes #1033833: the package font-unifont dropped shipping unifont.ttf last summer, and this breaks unknown-horizons/2019.1-5 as the symlink to the font is no longer valid and the game fails to load. The update fixes the symlink to the otf font, which works with the game as well. [ Impact ] Game would be broken. [ Risks ] This game is a leaf package. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock unknown-horizons/2019.1-6 diff -Nru unknown-horizons-2019.1/debian/changelog unknown-horizons-2019.1/debian/changelog --- unknown-horizons-2019.1/debian/changelog2022-08-28 13:16:18.0 +0200 +++ unknown-horizons-2019.1/debian/changelog2023-04-03 19:23:41.0 +0200 @@ -1,3 +1,11 @@ +unknown-horizons (2019.1-6) unstable; urgency=medium + + * Team upload. + * add d/clean: enable building twice from source tree, delete created files. + * Replace link to unifont.ttf with unifont.otf. (Closes: #1033833) + + -- Tobias Frost Mon, 03 Apr 2023 19:23:41 +0200 + unknown-horizons (2019.1-5) unstable; urgency=medium * Team upload. diff -Nru unknown-horizons-2019.1/debian/clean unknown-horizons-2019.1/debian/clean --- unknown-horizons-2019.1/debian/clean1970-01-01 01:00:00.0 +0100 +++ unknown-horizons-2019.1/debian/clean2023-04-03 19:08:30.0 +0200 @@ -0,0 +1,6 @@ +content/gfx/atlas/*png +.cache/ +content/actionsets.json +content/tilesets.json +UnknownHorizons.egg-info/ +content/atlas.sql diff -Nru unknown-horizons-2019.1/debian/links unknown-horizons-2019.1/debian/links --- unknown-horizons-2019.1/debian/links2022-08-27 15:26:54.0 +0200 +++ unknown-horizons-2019.1/debian/links2023-04-03 19:13:03.0 +0200 @@ -1 +1 @@ -/usr/share/fonts/truetype/unifont/unifont.ttf /usr/share/unknown-horizons/content/fonts/Unifont.ttf +/usr/share/fonts/opentype/unifont/unifont.otf /usr/share/unknown-horizons/content/fonts/Unifont.ttf
Bug#1033945: unblock: pdns-recursor/4.8.4-1 [pre-approval]
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: Debian Security Team Please unblock package pdns-recursor [ Reason ] I would like to update pdns-recursor 4.8.2 to 4.8.4, to: - fix CVE-2023-26437, sole change in 4.8.4 - get the fixes for the resolving/validation logic from 4.8.3. While this is a new upstream release, there are no new features, and only bugfixes. In previous Debian releases applying security fixes to pdns-recursor was often problematic when the resolve/validation logic had to change. This part of the code is long and complicated, only understood by DNS experts, and also very relevant on the Internet and under flux of the living Internet. Security fixes have to change this code, and applying patches on top of each other touching the same code parts often does not work without importing all the changes. We are certainly not in a better position to judge these code parts than upstream is. [ Impact ] Security bug is fixed; applying future security patches will be easier. [ Tests ] Resolve/validation logic is tested by a build-time test suite. I have manually tested it as well, but obviously I cannot reproduce the security problem easily. [ Risks ] Open security bug in bookworm. Applying future security patches will be harder or impossible. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] Another fix upstream included in 4.8.3 involves log levels of common log messages, to spam journal less with "error" severity. debdiff is produced using the following command to ignore generated files and the publicsuffixlist, which our packages do not use by default at runtime: debdiff pdns-recursor_4.8.2-1.dsc pdns-recursor_4.8.4-1.dsc| filterdiff -x '*/pubsuffix.cc' -x '*/effective_tld_names.dat' -x '*/*.1' -x '*/configure' This is a pre-approval request, I have not uploaded yet. unblock pdns-recursor/4.8.4-1 diff -Nru pdns-recursor-4.8.2/configure.ac pdns-recursor-4.8.4/configure.ac --- pdns-recursor-4.8.2/configure.ac2023-01-30 09:58:04.0 + +++ pdns-recursor-4.8.4/configure.ac2023-03-27 15:09:19.0 + @@ -1,6 +1,6 @@ AC_PREREQ([2.69]) -AC_INIT([pdns-recursor], [4.8.2]) +AC_INIT([pdns-recursor], [4.8.4]) AC_CONFIG_AUX_DIR([build-aux]) AM_INIT_AUTOMAKE([foreign dist-bzip2 no-dist-gzip tar-ustar -Wno-portability subdir-objects parallel-tests 1.11]) AM_SILENT_RULES([yes]) diff -Nru pdns-recursor-4.8.2/debian/changelog pdns-recursor-4.8.4/debian/changelog --- pdns-recursor-4.8.2/debian/changelog2023-01-31 16:46:42.0 + +++ pdns-recursor-4.8.4/debian/changelog2023-04-04 11:10:26.0 + @@ -1,3 +1,16 @@ +pdns-recursor (4.8.4-1) unstable; urgency=medium + + * New upstream version 4.8.4 +* Fixes CVE-2023-26437, see + https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2023-02.html + (Closes: #1033941) +* Fixes high CPU usage caused by serve-stale logic. +* Fixes DNSSEC validation issues for some domains served by popular + DNS software by F5. +* Downgrades severity for a few log messages. + + -- Chris Hofstaedtler Tue, 04 Apr 2023 11:10:26 + + pdns-recursor (4.8.2-1) unstable; urgency=medium * New upstream version 4.8.2 diff -Nru pdns-recursor-4.8.2/negcache.cc pdns-recursor-4.8.4/negcache.cc --- pdns-recursor-4.8.2/negcache.cc 2023-01-30 09:57:23.0 + +++ pdns-recursor-4.8.4/negcache.cc 2023-03-27 15:08:37.0 + @@ -119,27 +119,32 @@ const auto& idx = content->d_map.get(); auto range = idx.equal_range(qname); - auto ni = range.first; - while (ni != range.second) { + for (auto ni = range.first; ni != range.second; ++ni) { // We have an entry if ((!typeMustMatch && ni->d_qtype == QType::ENT) || ni->d_qtype == qtype) { // We match the QType or the whole name is denied auto firstIndexIterator = content->d_map.project(ni); - if (!refresh && (serveStale || ni->d_servedStale > 0) && ni->d_ttd <= now.tv_sec && ni->d_servedStale < s_maxServedStaleExtensions) { + // this checks ttd, but also takes into account serve-stale + if (!ni->isEntryUsable(now.tv_sec, serveStale)) { +// Outdated +moveCacheItemToFront(content->d_map, firstIndexIterator); +continue; + } + // If we are serving this record stale (or *should*) and the ttd has passed increase ttd to + // the future and remember that we did. Also push a refresh task. + if ((serveStale || ni->d_servedStale > 0) && ni->d_ttd <= now.tv_sec && ni->d_servedStale < s_maxServedStaleExtensions) { updateStaleEntry(now.tv_sec, firstIndexIterator, qtype); } - if (now.tv_sec < ni->d_ttd && !(refresh && ni->d_servedStale > 0)) { + if (now.tv_sec < ni->d_ttd) { // Not
Processed: nmu: ppl_1:1.2-8.1
Processing control commands: > affects -1 + src:ppl Bug #1033942 [release.debian.org] nmu: ppl_1:1.2-8.1 Added indication that 1033942 affects src:ppl -- 1033942: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033942 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033942: nmu: ppl_1:1.2-8.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu X-Debbugs-Cc: p...@packages.debian.org Control: affects -1 + src:ppl Hi, Please, rebuild ppl against swi-prolog 9.0.4+dfsg-2 in unstable. The ppl package in unstable and testing was build against the older swi-prolog version, containing older library. For more information, please see this swi-prolog [bug]. [bug] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033636 The command is as follows: nmu ppl_1:1.2-8.1 . ANY . unstable . -m "Rebuild against swi-prolog 9.0.4+dfsg-2" With regards, Lev Lamberov
Bug#1033939: unblock: python-tz/2022.7.1-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: bdr...@debian.org Please unblock package python-tz [ Reason ] python-tz contains a hard-coded list of timezones. This causes problems on updates to tzdata. Last example: tzdata 2021a-1+deb11u9 added America/Ciudad_Juarez but due to the hard-coded list, this timezone is not selectable. Following code will fail with `UnknownTimeZoneError`: ``` #!/usr/bin/python3 import pytz pytz.timezone("America/Ciudad_Juarez") ``` See also https://github.com/stub42/pytz/issues/91 [ Impact ] Newly added timezones from tzdata will be availble to python3-tz. [ Tests ] I added autopkgtest cases to ensure that updates to tzdata do not introduce regressions. [ Risks ] Several Python projects use python3-tz. The autopkgtest should reduce the risk of regressions of dynamically determine the list of timezones. python3-tz can fail in case they system has problems or tzdata is not properly set-up. Python 3.9 ships the zoneinfo module which can be used as replacement. [ Checklist ] [x] all changes are documented in the d/changelog (except the formatting change by wrap-and-sort) [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock python-tz/2022.7.1-3 diff -Nru python-tz-2022.7.1/debian/changelog python-tz-2022.7.1/debian/changelog --- python-tz-2022.7.1/debian/changelog 2023-01-15 11:24:50.0 +0100 +++ python-tz-2022.7.1/debian/changelog 2023-03-27 17:17:53.0 +0200 @@ -1,3 +1,21 @@ +python-tz (2022.7.1-3) unstable; urgency=medium + + * Team upload. + * Fix testVersion to not complain about the now dynamic Olson version + + -- Benjamin Drung Mon, 27 Mar 2023 17:17:53 +0200 + +python-tz (2022.7.1-2) unstable; urgency=medium + + * Team upload. + * Dynamically determine list of available and common timezones (LP: #207604) + * Determine IANA (nee Olson) database version dynamically + * Add autopkgtests to run unittest and own regression tests + * Update homepage URL + * Bump Standards-Version to 4.6.2 + + -- Benjamin Drung Tue, 21 Mar 2023 11:21:11 +0100 + python-tz (2022.7.1-1) unstable; urgency=medium * New upstream release diff -Nru python-tz-2022.7.1/debian/control python-tz-2022.7.1/debian/control --- python-tz-2022.7.1/debian/control 2023-01-15 11:24:50.0 +0100 +++ python-tz-2022.7.1/debian/control 2023-03-27 17:12:30.0 +0200 @@ -6,19 +6,19 @@ Debian/Ubuntu Zope Team , Fabio Tranchitella Build-Depends: debhelper-compat (= 13), - dh-sequence-python3, + dh-sequence-python3, python3-all, - python3-setuptools, python3-pytest, - tzdata, -Standards-Version: 4.6.1 -Homepage: https://pypi.python.org/pypi/pytz/ + python3-setuptools, + tzdata +Standards-Version: 4.6.2 +Homepage: https://pythonhosted.org/pytz/ Vcs-Browser: https://salsa.debian.org/python-team/packages/python-tz Vcs-Git: https://salsa.debian.org/python-team/packages/python-tz.git -b debian/latest Package: python3-tz Architecture: all -Depends: tzdata, ${python3:Depends}, ${misc:Depends} +Depends: tzdata, ${misc:Depends}, ${python3:Depends} Description: Python3 version of the Olson timezone database python-tz brings the Olson tz database into Python. This library allows accurate and cross platform timezone calculations using Python 2.3 or higher. diff -Nru python-tz-2022.7.1/debian/patches/Determine-IANA-nee-Olson-database-version-dynamically.patch python-tz-2022.7.1/debian/patches/Determine-IANA-nee-Olson-database-version-dynamically.patch --- python-tz-2022.7.1/debian/patches/Determine-IANA-nee-Olson-database-version-dynamically.patch 1970-01-01 01:00:00.0 +0100 +++ python-tz-2022.7.1/debian/patches/Determine-IANA-nee-Olson-database-version-dynamically.patch 2023-03-27 17:14:42.0 +0200 @@ -0,0 +1,69 @@ +From: Benjamin Drung +Date: Mon, 27 Mar 2023 17:14:22 +0200 +Subject: Determine IANA (nee Olson) database version dynamically + +Forwarded: not-needed +Signed-off-by: Benjamin Drung +--- + pytz/__init__.py | 13 - + pytz/tests/test_tzinfo.py | 8 + 2 files changed, 12 insertions(+), 9 deletions(-) + +diff --git a/pytz/__init__.py b/pytz/__init__.py +index 8b2fa1b..da2f206 100644 +--- a/pytz/__init__.py b/pytz/__init__.py +@@ -12,6 +12,7 @@ import sys + import datetime + import os.path + import pathlib ++import re + import zoneinfo + + from pytz.exceptions import AmbiguousTimeError +@@ -23,8 +24,18 @@ from pytz.tzinfo import unpickler, BaseTzInfo + from pytz.tzfile import build_tzinfo + + ++def _read_olson_version() -> str: ++tzdata_zi = pathlib.Path("/usr/share/zoneinfo/tzdata.zi") ++with tzdata_zi.open(encoding="utf-8") as tzdata_zi_file: ++line = tzdata_zi_file.readline() ++match =
Bug#1033935: unblock: ausweisapp2/1.26.3-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: ausweisa...@packages.debian.org,aklitz...@gmail.com Control: affects -1 + src:ausweisapp2 Hello! I would like to ask for the package ausweisapp2 to be unblocked for testing. While the debdiff is rather large (about 1.8 MB), the package itself is just a leaf package and used for a very specific purpose only which is providing the official ID card authentication app of the German government, so I think the risk conveyed by this update is rather low. The changes between the testing (1.26.2-1) and unstable (1.26.3-1) version are mostly fixes and improvements and do not include any breaking changes: - Improvement of help and tutorial texts. - Improvements in diagnostics. - Fix an error in the NFC dialog on iOS. - Improved accessibility when entering PIN, CAN and PUK. - Introduction of unique FailureCodes in SDK. - Added the environment variable AUSWEISAPP2_AUTOMATIC_DEVELOPERMODE in the fully automated SDK. - Fixed incorrect progress display in SDK for iOS. - Added SECURESCREENKEYBOARD for corporate environments. - Bumped TargetSDK to 33 in SDK for Android. - Update of OpenSSL to version 3.0.8. Changes list translated from [1]. I have used the new version 1.26.3 for a while now myself and didn't run into any regressions. I'm maintaining the package both in Debian and openSUSE and have not received any reports about regressions in the upstream release 1.26.3, so I think it should be safe to update the version in testing to the version in unstable. My reasoning for asking for this unblock is to ensure we're shipping a version of ausweisapp2 in Debian Bookworm that is as recent as possible. I only missed the hard freeze for Debian Bookworm by a few days when I uploaded the new version in unstable. I am CC'ing one of the upstream developers who can give some more details on the changes if requested by the release team. unblock ausweisapp2/1.26.3-1 Kind Regards, Adrian > [1] https://github.com/Governikus/AusweisApp2/releases -- .''`. John Paul Adrian Glaubitz : :' : Debian Developer `. `' Physicist `-GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
Processed: unblock: ausweisapp2/1.26.3-1
Processing control commands: > affects -1 + src:ausweisapp2 Bug #1033935 [release.debian.org] unblock: ausweisapp2/1.26.3-1 Added indication that 1033935 affects src:ausweisapp2 -- 1033935: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033935 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033901: Acknowledgement (unblock: castle-game-engine/7.0~alpha.2+dfsg1-4)
Control: retitle -1 unblock: castle-game-engine/7.0~alpha.2+dfsg1-5 On Mon, 2023-04-03 at 20:22 +0200, Abou Al Montacir wrote: > This ticket should be seen as an add > on https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033840 which was > accepted. Unfortunately, I forgot to add the patch of 7.0~alpha.2+dfsg1-3 to the series file.So the patch was not applied. Also the rm line was done after the package was built. This time I verified that the files inside the .deb are really patched and those to be removed were really missing. Sorry for inconvenience. PS: debdiff against 7.0~alpha.2+dfsg1-4 -- Cheers, Abou Al Montacir diff -Nru castle-game-engine-7.0~alpha.2+dfsg1/debian/changelog castle-game-engine-7.0~alpha.2+dfsg1/debian/changelog --- castle-game-engine-7.0~alpha.2+dfsg1/debian/changelog 2023-04-03 15:07:29.0 +0200 +++ castle-game-engine-7.0~alpha.2+dfsg1/debian/changelog 2023-04-04 11:08:10.0 +0200 @@ -1,3 +1,10 @@ +castle-game-engine (7.0~alpha.2+dfsg1-5) unstable; urgency=medium + + * Applied patch to use local jquery version instead of web based one. + * Remove statically linked libraries and object files from source package. + + -- Abou Al Montacir Tue, 04 Apr 2023 11:08:10 +0200 + castle-game-engine (7.0~alpha.2+dfsg1-4) unstable; urgency=medium * Fixed compilation on mipsel. diff -Nru castle-game-engine-7.0~alpha.2+dfsg1/debian/patches/series castle-game-engine-7.0~alpha.2+dfsg1/debian/patches/series --- castle-game-engine-7.0~alpha.2+dfsg1/debian/patches/series 2023-04-03 08:43:08.0 +0200 +++ castle-game-engine-7.0~alpha.2+dfsg1/debian/patches/series 2023-04-04 09:40:52.0 +0200 @@ -8,3 +8,4 @@ Fix-UTF-8-BOM.patch f0fe0583dded3d0c27ae46fde59a00f58a777e46.patch Fixed-compilation-on-mipsel.patch +Replaced-web-baseed-jquery-by-local-version.patch diff -Nru castle-game-engine-7.0~alpha.2+dfsg1/debian/rules castle-game-engine-7.0~alpha.2+dfsg1/debian/rules --- castle-game-engine-7.0~alpha.2+dfsg1/debian/rules 2023-04-02 16:37:28.0 +0200 +++ castle-game-engine-7.0~alpha.2+dfsg1/debian/rules 2023-04-04 11:06:47.0 +0200 @@ -105,7 +105,11 @@ ${MKDIR} ${SRC_DIR} ${CP} -t ${SRC_DIR} \ $(CURDIR)/src/* + # Remove statically linked libraries and object files from source packages + find ${SRC_DIR} -name '*.a' -o -name '*.o' -o -name '*.obj' -delete + # Fix files permission find $(SRC_DIR) -name '*.bmp' -o -name '*.pas' -exec chmod 644 '{}' ';' + # Remove empty directories find ${SRC_DIR} -empty -delete touch install-source-stamp @@ -142,9 +146,6 @@ ${RM} doc/reference/tipuesearch/jquery.min.js # Remove .npmignore file as Lintian complains about it. ${RM} doc/reference/castle-engine-website-base/node_modules/slick-carousel/.npmignore - # Remove statically linked libraries from source packages as Lintian - # complains about it. - ${RM} src/vampyre_imaginglib/src/Extensions/*/*.a # Remove windows executable files as Lintian complains about them. ${RM} tools/contrib/x86_64-win64 signature.asc Description: This is a digitally signed message part
Processed: Re: Bug#1033901: Acknowledgement (unblock: castle-game-engine/7.0~alpha.2+dfsg1-4)
Processing control commands: > retitle -1 unblock: castle-game-engine/7.0~alpha.2+dfsg1-5 Bug #1033901 [release.debian.org] unblock: castle-game-engine/7.0~alpha.2+dfsg1-4 Changed Bug title to 'unblock: castle-game-engine/7.0~alpha.2+dfsg1-5' from 'unblock: castle-game-engine/7.0~alpha.2+dfsg1-4'. -- 1033901: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033901 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033932: unblock: calamares-settings-debian/10.0.5-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: calamares-settings-deb...@packages.debian.org Control: affects -1 + src:calamares-settings-debian Please unblock package calamares-settings-debian This addresses serious bug #1033930. At least on the KDE live image, pkexec is no longer supplied by default. There may be other images that are affected too. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing Debdiff: """ diff -Nru calamares-settings-debian-12.0.5/debian/changelog calamares-settings-debian-12.0.5/debian/changelog --- calamares-settings-debian-12.0.5/debian/changelog 2023-03-06 19:24:55.0 +0200 +++ calamares-settings-debian-12.0.5/debian/changelog 2023-04-04 09:51:03.0 +0200 @@ -1,3 +1,9 @@ +calamares-settings-debian (12.0.5-2) unstable; urgency=medium + + * Depend on pkexec (Closes: #1033930) + + -- Jonathan Carter Tue, 04 Apr 2023 09:51:03 +0200 + calamares-settings-debian (12.0.5-1) unstable; urgency=medium * New upstream release diff -Nru calamares-settings-debian-12.0.5/debian/control calamares-settings-debian-12.0.5/debian/control --- calamares-settings-debian-12.0.5/debian/control 2022-05-09 12:00:25.0 +0200 +++ calamares-settings-debian-12.0.5/debian/control 2023-04-04 09:51:00.0 +0200 @@ -14,6 +14,7 @@ Depends: calamares, cryptsetup, keyutils, + pkexec, qml-module-qtquick-window2, qml-module-qtquick2, ${misc:Depends} """ unblock calamares-settings-debian/10.0.5-2 thanks, -Jonathan
Processed: unblock: calamares-settings-debian/10.0.5-2
Processing control commands: > affects -1 + src:calamares-settings-debian Bug #1033932 [release.debian.org] unblock: calamares-settings-debian/10.0.5-2 Added indication that 1033932 affects src:calamares-settings-debian -- 1033932: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033932 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033929: unblock: node-interpret/2.2.0-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: node-interp...@packages.debian.org Control: affects -1 + src:node-interpret Please unblock package node-interpret [ Reason ] node-interpret uses network for its autopkgtest. Due to upstream changes in some old transpilers, autopkgtest started to fail. The proposed patch only change things in node-interpret test. BTS: #1033816 [ Impact ] No change in installed files, patch changes only node-interpret test. [ Tests ] Broken test on deprecated transpiler are now disabled. [ Risks ] No risk, even if patch is a little big, there is no change in installed files. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing [ Changes ] * don't test babel/register and buble/register (Debian uses @babel/register, no more babel/register) * test modules: drop embedded "expect" and add patch to use Debian's node-expect (provided by jest) * lintian-brush: * update lintian tags * update metadata * update debian/watch Cheers, Yadd unblock node-interpret/2.2.0-3 diff --git a/debian/changelog b/debian/changelog index b38fa5c..b5bca67 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,21 @@ +node-interpret (2.2.0-3) unstable; urgency=medium + + * Team upload + + [ lintian-brush ] + * Update lintian override info format in d/source/lintian-overrides +on line 2-4 + * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse + * Update standards version to 4.6.2, no changes needed + + [ Yadd ] + * Fix filenamemangle + * Add fix for expect 28 and drop embedded "expect" + * Set upstream metadata fields: Repository. + * Drop test on deprecated transpilers (Closes: #1033816) + + -- Yadd Mon, 03 Apr 2023 08:10:46 +0400 + node-interpret (2.2.0-2) unstable; urgency=medium * Team upload diff --git a/debian/control b/debian/control index 2b09242..510057d 100644 --- a/debian/control +++ b/debian/control @@ -20,7 +20,7 @@ Build-Depends: debhelper-compat (= 13) , node-parse-node-version , node-which-boxed-primitive , node-which-collection -Standards-Version: 4.6.0 +Standards-Version: 4.6.2 Vcs-Browser: https://salsa.debian.org/js-team/node-interpret Vcs-Git: https://salsa.debian.org/js-team/node-interpret.git Homepage: https://github.com/tkellen/node-interpret diff --git a/debian/copyright b/debian/copyright index e9d0fe5..b5809a0 100644 --- a/debian/copyright +++ b/debian/copyright @@ -16,10 +16,6 @@ Files: debian/tests/test_modules/* Copyright: 1014-2020 Jordan Harband License: Expat -Files: debian/tests/test_modules/expect/* -Copyright: 2015 Michael Jackson -License: Expat - Files: debian/tests/test_modules/*/node_modules/isarray/* Copyright: 2013 Julian Gruber License: Expat diff --git a/debian/patches/drop-test-on-deprecated-transpilers.patch b/debian/patches/drop-test-on-deprecated-transpilers.patch new file mode 100644 index 000..d9a7cea --- /dev/null +++ b/debian/patches/drop-test-on-deprecated-transpilers.patch @@ -0,0 +1,24 @@ +Description: drop test on deprecated transpilers +Author: Yadd +Bug-Debian: https://bugs.debian.org/1033816 +Forwarded: not-needed +Last-Update: 2023-04-03 + +--- a/test/index.js b/test/index.js +@@ -126,6 +126,7 @@ + var fixtureDir = path.dirname(fixture); + var idx = attempt.index; + ++if( name !== 'babel/register' && name !== 'buble/register' ) { + it('can require ' + extension + ' using ' + name + ' (' + idx + ')', function(done) { + var minVersion = minVersions[module]; + +@@ -232,6 +233,7 @@ + } + done(); + }); ++} + }); + + it('does not error with the .mjs extension', function(done) { diff --git a/debian/patches/fix-for-expect-28.patch b/debian/patches/fix-for-expect-28.patch new file mode 100644 index 000..af3bf26 --- /dev/null +++ b/debian/patches/fix-for-expect-28.patch @@ -0,0 +1,15 @@ +Description: add fix for expect 28 (jest) +Author: Yadd +Forwarded: not-needed +Last-Update: 2022-12-01 + +--- a/test/index.js b/test/index.js +@@ -1,6 +1,6 @@ + 'use strict'; + +-var expect = require('expect'); ++var {expect} = require('expect'); + + var path = require('path'); + var Module = require('module'); diff --git a/debian/patches/series b/debian/patches/series index 0312c9a..7e124d8 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,3 @@ fix-test.diff +fix-for-expect-28.patch +drop-test-on-deprecated-transpilers.patch diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides index 5c71dbd..792e152 100644 --- a/debian/source/lintian-overrides +++ b/debian/source/lintian-overrides @@ -1,4 +1,4 @@ # Test files used only during autopkgtest -source-is-missing debian/tests/test_modules/expect/lib/Expectation.js -source-contains-prebuilt-javascript-object
Processed: unblock: node-interpret/2.2.0-3
Processing control commands: > affects -1 + src:node-interpret Bug #1033929 [release.debian.org] unblock: node-interpret/2.2.0-3 Added indication that 1033929 affects src:node-interpret -- 1033929: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033929 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033927: unblock: node-sinon/14.0.2+ds+~cs74.13.25-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: node-si...@packages.debian.org Control: affects -1 + src:node-sinon Please unblock package node-sinon [ Reason ] node-sinon is a package used during JS tests. In Debian JS Team we choose to launch autopkgtest with `--disable-proto=throw` to ensure that JS packages don't used this old way to access to prototype for security reasons. This change started in September 2022 (pkg-js-autopkgtest 0.15.x). node-sinon currently parses all object properties without avoid __proto__. This breaks (at least) node-nock autopkgtest. [ Impact ] No change, the patch just avoid parsing __proto__ [ Tests ] No change in test, still pass (autopkgtest + build). This fixed also node-nock test. [ Risks ] No risk here, patch is trivial [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing [ Other info ] This debdiff adds also some tips from lintian-brush (lintian tags and metadata update) Cheers, Yadd unblock node-sinon/14.0.2+ds+~cs74.13.25-2 diff --git a/debian/changelog b/debian/changelog index aaace48..111c526 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +node-sinon (14.0.2+ds+~cs74.13.25-2) unstable; urgency=medium + + * Team upload + * Update lintian override info format in d/source/lintian-overrides +on line 2-3 + * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse + * Update standards version to 4.6.2, no changes needed + * Drop calls to __proto__ (Closes: #1033818) + + -- Yadd Mon, 03 Apr 2023 07:26:51 +0400 + node-sinon (14.0.2+ds+~cs74.13.25-1) unstable; urgency=medium * Team upload diff --git a/debian/control b/debian/control index 1a73a29..c60cd62 100644 --- a/debian/control +++ b/debian/control @@ -27,7 +27,7 @@ Build-Depends: , node-supports-color , node-type-detect , node-util -Standards-Version: 4.6.1 +Standards-Version: 4.6.2 Vcs-Browser: https://salsa.debian.org/js-team/node-sinon Vcs-Git: https://salsa.debian.org/js-team/node-sinon.git Homepage: https://sinonjs.org/ diff --git a/debian/patches/dont-try-to-access-to-__proto__.patch b/debian/patches/dont-try-to-access-to-__proto__.patch new file mode 100644 index 000..5973750 --- /dev/null +++ b/debian/patches/dont-try-to-access-to-__proto__.patch @@ -0,0 +1,16 @@ +Description: don't try to access to __proto__ +Author: Yadd +Forwarded: no +Last-Update: 2023-04-03 + +--- a/lib/sinon/util/core/walk.js b/lib/sinon/util/core/walk.js +@@ -17,7 +17,7 @@ + } + + forEach(Object.getOwnPropertyNames(obj), function (k) { +-if (seen[k] !== true) { ++if (k !== '__proto__' && seen[k] !== true) { + seen[k] = true; + var target = + typeof Object.getOwnPropertyDescriptor(obj, k).get === diff --git a/debian/patches/series b/debian/patches/series index ffb3e1f..b2b7689 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,3 +2,4 @@ fix-sinonjsreferee-sinon-test.diff reproducible.patch fix-for-path-to-regexp-6.patch drop-unstable-test.patch +dont-try-to-access-to-__proto__.patch diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides index 3f4d9d6..05b110e 100644 --- a/debian/source/lintian-overrides +++ b/debian/source/lintian-overrides @@ -1,6 +1,6 @@ # False positive: data -source-is-missing *sinonjstext-encoding/lib/encoding-indexes.js* -source-contains-prebuilt-javascript-object *sinonjstext-encoding/lib/encoding-indexes.js* +source-is-missing [*sinonjstext-encoding/lib/encoding-indexes.js*] +source-contains-prebuilt-javascript-object [*sinonjstext-encoding/lib/encoding-indexes.js*] very-long-line-length-in-source-file *sinonjsfake-timers/LICENSE* very-long-line-length-in-source-file *sinonjstext-encoding/lib/encoding-indexes.js* very-long-line-length-in-source-file *.md* diff --git a/debian/upstream/metadata b/debian/upstream/metadata index 6d85d64..c5adee0 100644 --- a/debian/upstream/metadata +++ b/debian/upstream/metadata @@ -1,6 +1,6 @@ --- Archive: GitHub -Bug-Database: https://github.com/cjohansen/Sinon.JS/issues -Bug-Submit: https://github.com/cjohansen/Sinon.JS/issues/new +Bug-Database: https://github.com/sinonjs/sinon/issues +Bug-Submit: https://github.com/sinonjs/sinon/issues/new Repository: https://github.com/cjohansen/Sinon.JS.git -Repository-Browse: https://github.com/cjohansen/Sinon.JS +Repository-Browse: https://github.com/sinonjs/sinon
Processed: unblock: node-sinon/14.0.2+ds+~cs74.13.25-2
Processing control commands: > affects -1 + src:node-sinon Bug #1033927 [release.debian.org] unblock: node-sinon/14.0.2+ds+~cs74.13.25-2 Added indication that 1033927 affects src:node-sinon -- 1033927: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033927 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033492: unblock: php8.2/8.2.4-1 ????
Hi Paul, Salvatore, I've finally got some time here. In all honesty, I thought that the pre-negotiated exception for PHP does apply to all future Debian releases, so it did come as surprise that I have to explain this again. The quality of PHP in Debian has increased since we started using upstream versions to fix security bugs. The basic release policy is described here: https://www.php.net/supported-versions.php > Each release branch of PHP is fully supported for two years from its initial > stable release. During this period, bugs and security issues that have been > reported are fixed and are released in regular point releases. > > After this two year period of active support, each branch is then supported > for an additional year for critical security issues only. Releases during > this period are made on an as-needed basis: there may be multiple point > releases, or none, depending on the number of reports. > > Once the three years of support are completed, the branch reaches its end of > life and is no longer supported. A table of end-of-life branches is available. There's also a process for introducing new features to the **major** releases: https://wiki.php.net/rfc, but that doesn't apply here as we are sticking with a single **major** release branch (PHP 8.2); no new features are introduced to the single release track. Upstream makes a new release every four weeks (https://www.php.net/ChangeLog-8.php#8.2.4), but we generally only update to the releases that contain security fixes, and I don't use PU process to lighten the strain on the release team. Apart from the upstream release process, all the PHP releases are regularly tested via external repositories that I maintain, so even the intermediate releases are thoroughly tested by hundreds of thousands or more - the Debian repository has 5+ TB of traffic and 150M+ hits; I have no statistics from the deployment, but any breakages are very quickly reported. When the upstream security support ceases, I generally use Remi Collet's php-security repository to pull the security fixes for the last upstream release, as he's usually swift in preparing those. Unblocking the latest php8.2 (8.2.4-1 and 8.2.5-1 next week) would be appreciated so the next Debian stable releases with the current PHP version. Cheers, Ondrej On Tue, Mar 28, 2023, at 20:46, Salvatore Bonaccorso wrote: Hi Paul, On Sun, Mar 26, 2023 at 01:40:10PM +0200, Paul Gevers wrote: > Hi Ondřej, > > On 26-03-2023 08:36, Ondřej Surý wrote: > > just a quick reply - PHP already has a security (and if I remember > > correctly release) team exception from the last time. So, we already had > > this talk about upstream policies. > > I *suspect* the same, but because of the shear amount of work ongoing for > the release team at the moment, I hope people can help point to the relevant > information instead of us needing to find it. > > It can obviously wait a couple of days, we're not *that* close to releasing > yet. if this helps on the decision: We would, similarly as done for bullseye already, want to follow the upstream releases until supported by upstream and then switch to cherry-pick security fixes only on top. Ondrej can give a more detailed input, so please wait for his reply. Regards, Salvatore -- Ondřej Surý (He/Him) ond...@sury.org