Bug#622947: per-maintainer insights into migrations and transitions
On Thu, 2023-11-30 at 14:14 +0100, Paul Gevers wrote: > The tracker has been doing this for years now. distro-tracker doesn't have per-maintainer pages at all and neither does the QA excuses page AFAICT. The DDPO kind of does, but doesn't list transitions etc. The DMD kind of does too, but also no transitions etc. So I suggest reopening this request. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: Releasing linux/6.1.52-1 bookworm-security update without armel build, Image size problems
On Sat, 2023-09-09 at 11:42 +0200, Bastian Blank wrote: > The first one is the one with included size limitations, because those > load the kernel from a pre-defined flash partition, whose size can't be > easily changed by the user. This one is now overflowing for the second > to last documented one in the kernel package config. Seems like this would be solvable by writing a bootloader to the flash partition that would be able to load Linux from a normal filesystem? -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#1040001: transition: r-base
On Sat, 2023-07-01 at 14:29 +0200, Andreas Tille wrote: > I've filed Bug#1040038 with the patch for r-graphics-api and updated > branch r-api-graphic branch of dh-r[1] to match the suggested patch > immediately once uploaded. I've sent a suggestion to bug #1040038 for not hard-coding the API number and extracting it from the header instead. Dirk also posted an R-native version of what I suggested to the bug too. The dh-r r-api-graphic branch also hard-codes the list of packages that should get the graphics API dependency but that list will need manual maintenance as packages add/drop use of R_GE_checkVersionOrDie. The objdump tool can export the list of dynamically imported symbols, that can be searched for use of R_GE_checkVersionOrDie and then if it is, assume that it is called with R_GE_version and add the dependency. $ objdump -T debian/*/usr/lib/R/site-library/*/libs/*.so | grep R_GE_checkVersionOrDie DF *UND* Base R_GE_checkVersionOrDie -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: Inquiry about Debian Rootfs Construction
On Thu, 2023-03-30 at 08:41 +0200, Paul Gevers wrote: > That is not the responsibility of this team. I'm also not sure what you > mean with rootfs, but I think you mean how to bootstrap Debian. We have > several tools in Debian that do that. I *think* debootstrap [1] is the > one used for the Debian installer, but things like mmdebstrap [2] exist. PS: there is this wiki page listing all the ways to build packages and systems, including rootfs and rootfs-like constructions: https://wiki.debian.org/SystemBuildTools -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#1034326: unblock: evolution/3.46.4-2 - fix message scrolling regression due to WebKitGTK changes
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: evolut...@packages.debian.org, Jeremy Bicha Control: affects -1 + src:evolution Please unblock package evolution [ Reason ] Due to a change in WebKitGTK, pressing the space key often (but not always) doesn't scroll through the message preview, making it much harder to skim through email quickly. https://gitlab.gnome.org/GNOME/evolution/-/issues/2302 https://lists.osuosl.org/pipermail/evolution-users/2023-March/166704.html Since evolution upstream no longer supports 3.46.x, I asked the GNOME team to cherry-pick the patch and Jeremy Bicha did that, also added translation update patches and asked me to file this unblock request. [ Impact ] Reading email involves more use of the mouse for the evolution users, since scrolling with keyboard no longer works reliably. This could have an impact on users with keyboard preferences or users who aren't able to use a mouse easily or at all. [ Tests ] I manually tested that the updated package fixes the issue and tested the message previewing more generally for both HTML and plain text emails and noticed no regressions or strange behaviour. [ Risks ] The patch is small and direct from upstream. The evolution MUA is part of the default GNOME desktop, so a better user experience is important. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] I have filtered out the translation update patches in the debdiff, because otherwise the debdiff is very large: debdiff evolution_3.46.4-1.dsc evolution_3.46.4-2.dsc > evolution_3.46.4-1_3.46.4-2.debdiff filterdiff -x '*/debian/patches/*-translation*.patch' < evolution_3.46.4-1_3.46.4-2.debdiff > evolution_3.46.4-1_3.46.4-2.filtered.debdiff [ Unblock ] unblock evolution/3.46.4-2 -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru evolution-3.46.4/debian/changelog evolution-3.46.4/debian/changelog --- evolution-3.46.4/debian/changelog 2023-02-10 20:12:00.0 +0800 +++ evolution-3.46.4/debian/changelog 2023-04-12 22:28:02.0 +0800 @@ -1,3 +1,10 @@ +evolution (3.46.4-2) unstable; urgency=medium + + * Cherry-pick patch from GNOME 44 to fix spacebar to scroll preview messages + * Cherry-pick translation updates from gnome-43 branch + + -- Jeremy Bicha Wed, 12 Apr 2023 10:28:02 -0400 + evolution (3.46.4-1) unstable; urgency=medium * New upstream release diff -Nru evolution-3.46.4/debian/patches/I-2302-Mail-Space-bar-no-longer-scrolls-preview-messages.patch evolution-3.46.4/debian/patches/I-2302-Mail-Space-bar-no-longer-scrolls-preview-messages.patch --- evolution-3.46.4/debian/patches/I-2302-Mail-Space-bar-no-longer-scrolls-preview-messages.patch 1970-01-01 08:00:00.0 +0800 +++ evolution-3.46.4/debian/patches/I-2302-Mail-Space-bar-no-longer-scrolls-preview-messages.patch 2023-04-12 22:28:02.0 +0800 @@ -0,0 +1,51 @@ +From: Milan Crha +Date: Mon, 27 Mar 2023 13:54:02 +0200 +Subject: I#2302 - Mail: Space bar no longer scrolls preview messages + +This started with WebKitGTK 2.40.0. + +Closes https://gitlab.gnome.org/GNOME/evolution/-/issues/2302 + +(cherry picked from commit c3db2b69133baba1264386c1dd38e277338140d5) +--- + data/webkit/e-web-view.js | 13 ++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +diff --git a/data/webkit/e-web-view.js b/data/webkit/e-web-view.js +index ab9ca5a..78f7dc3 100644 +--- a/data/webkit/e-web-view.js b/data/webkit/e-web-view.js +@@ -805,6 +805,9 @@ Evo.MailDisplayUpdateIFramesHeight = function() + + if (scrolly != -1 && document.defaultView.scrollY != scrolly) + document.defaultView.scrollTo(0, scrolly); ++ ++ Evo.mailDisplayResizeContentToPreviewWidth(); ++ Evo.mailDisplayUpdateMagicSpacebarState(); + } + + if (this instanceof Window && this.document) { +@@ -956,7 +959,9 @@ Evo.mailDisplayResizeContentToPreviewWidth = function() + width -= 20; /* 10 + 10 margins of body */ + + traversar.set_iframe_and_body_width(document, width, width, 0); +- window.webkit.messageHandlers.scheduleIFramesHeightUpdate.postMessage(0); ++ ++ if (document.documentElement.clientWidth - 20 > width) ++ window.webkit.messageHandlers.scheduleIFramesHeightUpdate.postMessage(0); + } + + Evo.mailDisplayUpdateMagicSpacebarState = function() +@@ -1284,8 +1289,10 @@ Evo.MailDisplayBindDOM = function(iframe_id, markCitationColor) + Evo.mailDisplayResizeContentToPreviewWidth(); + Evo.mailDisplayUpdateMagicSpacebarState(); + +- document.defaultView.onresize = Evo.mailDisplayResized; +- document.defaultView.onscroll = Evo.mailDisplayUpdateMagicSpacebarState; ++ if (document.body) { ++ document.body.onresize = Evo.mailDisplayResized; ++ document.body.onscroll = Evo.mailDisplayUpdateMagicSpacebarState; ++ } + } + + Evo.MailDisplayShowAttachment = function(element_id, show) diff -Nru
Re: Debian 11.6 release date
On Mon, 2022-11-14 at 00:05 +0800, meida...@foxmail.com wrote: > I don't know much about Debian's messaging channels. It's been 2 > months since Debian 11.5 was released, and I was wondering if there > are any plans to release Debian 11.6 in the next few days? The Debian Release Team website documents the next point release date: https://release.debian.org/#release-dates Next point releases * stable (11.6) Not yet planned; maybe mid-late November 2022 -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: EXPKEYSIG CBF8D6FD518E17E1 Jessie Stable Release Key
On Sat, 2022-11-12 at 14:10 +0300, Tanzeela Javid wrote: > I am getting this error and I cannot understand how to resolve this > > EXPKEYSIG CBF8D6FD518E17E1 Jessie Stable Release Key > 75DDC3C4A499F1A18CB5F3C8CBF8D6FD518E17E1 Please contact our support channels for help using Debian: https://www.debian.org/support -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#1018098: bullseye-pu: package foxtrotgps/1.2.2+bzr331-1~deb11u1
On Thu, 2022-08-25 at 19:21 +0300, Adrian Bunk wrote: > Paul, please ACK/NAK whether you as maintainer consider this appropriate. Looks good to me, thanks. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#1009845: nmu: bind-dyndb-ldap_11.9-5+b2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu X-Debbugs-Cc: bind-dyndb-l...@packages.debian.org, bi...@packages.debian.org The bind9-dyndb-ldap binary package built from the bind-dyndb-ldap source package has a strict dependency on bind9, so it needs a rebuild after every update to bind9. That hasn't happened for the recent bind9 update that fixes several security issues, which means those security fixes have been blocked from entering bookworm for 32 days. $ apt-cache show bind9-dyndb-ldap | grep -Eo 'Depends[^,]*|Version.*' Version: 11.9-5+b1 Depends: bind9-libs (= 1:9.18.0-2) nmu bind-dyndb-ldap_11.9-5+b2 . ANY . unstable . -m "Rebuild against bind9 1:9.18.1-1" -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#1006704: nmu: memlockd_1.3-2: rebuild to fix missing binary issue (Closes: #1000229)
Control: close -1 On Sat, 2022-03-05 at 18:13 +0100, Sebastian Ramacher wrote: > How did that happen? I'd prefer that memlockd is fixed so that this > cannot happen again. Looks like it builds correctly with debuild -b but not -B due to the install target in debian/rules not getting used for arch-only builds, so this binNMU will not actually fix the issue. The install target can easily be replaced by dh_* so I'll report that to bug #1000229 and submit an NMU to fix the issue. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#1006704: nmu: memlockd_1.3-2: rebuild to fix missing binary issue (Closes: #1000229)
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu The current memlockd .deb does not contain /usr/sbin/memlockd, but simply rebuilding the package fixes the issue. This was reported in #1000229 and confirmed by me using debuild and pbuilder. Please rebuild the package using a binNMU in order to fix the issue and close the bug. nmu memlockd_1.3-2 . ANY . unstable . -m "rebuild to fix missing binary issue (Closes: #1000229)" -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: discover is marked for autoremoval from testing
On Tue, 2022-01-11 at 19:37 +0100, Paul Gevers wrote: > So, I guess the text could be updated to reflect this? I *guess* the > reason that the e-mail was sent was because the bug was closed with the > upload. That resets the autoremoval timer (until the issue is fixed *in > testing*). The script doesn't have enough information to determine if > the package will migrate successfully, so like with any autoremoval date > change it will inform the relevant parties. I have noticed this confusion happens a lot and generates a lot of discussion on this list and elsewhere, which is suboptimal. It might be less confusing for everyone if autoremovals that probably aren't going to happen were just hidden from maintainers. If the autoremoval date is after the scheduled migration date and there is nothing blocking the migration except for the wait time, then there should be no need to mail the maintainer about it nor show the autoremoval on the DPT page. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: chromium: Update to version 94.0.4606.61 (security-fixes)
On Fri, 2021-12-17 at 11:28 +0100, Moritz Mühlenhoff wrote: > Could anyone who's using Chromium on Debian please create a page on > wiki.debian.org which lists the alternative options to use a current > Chromium (Flatpak, ungoogled Chromium from elsewhere, snap, whatever > else there is)? The existing Chromium page is probably the place to add that: https://wiki.debian.org/Chromium The new info should link to the existing page about ungoogled Chromium: https://wiki.debian.org/ungoogled-chromium -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#995636: OpenSSL 3.0 - Apache 2.0 vs GPL 2 (Re: Bug#995636: transition: openssl)
On Wed, Oct 6, 2021 at 11:30 AM Luca Boccassi wrote: > On Tue, 2021-10-05 at 21:04 +0200, Sebastian Andrzej Siewior wrote: > > Additionally OpenSSL is considered system library, see > > https://bugs.debian.org/951780 > > https://bugs.debian.org/972181 > > Even if that interpretation holds, and it's not a universal > interpretation (eg: lawyers from Canonical strongly disagree as far as > I know), again that applies to first-party binaries only as far as I > understand. It's not as clear-cut with libraries used by third parties. As I understand it, it is meant only for binaries distributed by parties other than the one distributing the system containing the "system library". So third-party app distributors are fine to ignore the incompatibility between a GPL app and a proprietary libc, but the OS vendor can't include GPL apps linked to that proprietary libc within their system. https://lists.debian.org/debian-devel/2020/10/msg00168.html > The core issue as always is uncertainty: any time there are doubts and > conflicting interpretations, we all lose, especially our users, and > especially those that are then forced to have awkward conversations > with their corporate lawyers. Which is why it's really unfortunate that > , in order to fix compatibility issues with the GPL, among all the > permissive licenses available out there, the OpenSSL project picked the > _one_ that has serious compatibility questions with the GPL :-( I believe OpenSSL 3's choice of the Apache 2 license only improves compatibility, it doesn't reduce it. GPLv3 is supposedly compatible with Apache 2, so GPLv3 and GPLv2+ programs are newly compatible with OpenSSL 3. Most existing GPLv2-only programs that use OpenSSL will have the exception anyway. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#994584: nmu: ricochet-im_1.1.4-3+b5
On Sat, 18 Sep 2021 13:58:56 +0800 Paul Wise wrote: > nmu ricochet-im_1.1.4-3+b5 . ANY . unstable . -m "Rebuild for the GCC 10 > transition (Closes #992668)" This appears to have been completed. > nmu ricochet-im_1.1.4-3+b5 . ANY . bullseye . -m "Rebuild for the GCC 10 > transition (Closes #992668)" This doesn't appear to have been scheduled yet. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#994585: nmu: ricochet-im_1.1.4-3+b5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu The transition from GCC 9 to 10 seems to have changed the size of the C++ type Type, which breaks a runtime check of this size. I have tested that rebuilding ricochet-im fixes the runtime error, which is this: /usr/include/c++/9/bits/move.h:194:7: runtime error: load of value 279, which is not a valid value for type 'Type' These are the binNMUs that need to be scheduled: nmu ricochet-im_1.1.4-3+b5 . ALL . bullseye . -m "Rebuild for GCC 10 C++ transition (Closes: #992668)" nmu ricochet-im_1.1.4-3+b5 . ALL . unstable . -m "Rebuild for GCC 10 C++ transition (Closes: #992668)" armel/armhf are on +b2, others on +b4, seems fine to use +b5 for all. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#994584: nmu: ricochet-im_1.1.4-3+b5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Control: affects -1 + ricochet-im X-Debbugs-CC: ricochet...@packages.debian.org Please rebuild ricochet-im in bullseye and unstable, the transition from GCC 9 to 10 seems to have changed the size of the C++ type Type which is breaking a runtime check of the size, the runtime error is: /usr/include/c++/9/bits/move.h:194:7: runtime error: load of value 279, which is not a valid value for type 'Type' I confirmed that rebuilding ricochet-im is enough to fix the error. The binNMUs that need scheduling are: nmu ricochet-im_1.1.4-3+b5 . ANY . bullseye . -m "Rebuild for the GCC 10 transition (Closes #992668)" nmu ricochet-im_1.1.4-3+b5 . ANY . unstable . -m "Rebuild for the GCC 10 transition (Closes #992668)" -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#994221: reportbug: for release.debian.org rm bugs, ask for suite and redirect to ftp.debian.org for unstable/experimental
Package: reportbug Severity: wishlist Control: affects -1 + release.debian.org X-Debbugs-CC: release.debian@packages.debian.org Removals from unstable regularly end up being filed against the release.debian.org psuedo-package (#994195 is the latest example). It would be useful to have those redirected to the right psuedo-package ftp.debian.org. For release.debian.org rm requests, please ask for which suite the removal is for (as is done for ftp.debian.org removals) and if it is for unstable/experimental then redirect the request to the ftp.debian.org psuedo-package (as is done in the other direction for ftp.debian.org removals for the testing suite). -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#991480: unblock: calamares-settings-debian/11.0.5
On Sun, Jul 25, 2021 at 12:24 PM Jonathan Carter wrote: > It has been found today that when the sources.list were updated for the > updated sources.list URI in bullseye, that the original bug for this contained > an incorrect suggestion for the sources.list entry that is now present in the > sources.list generated by calamares-settings-debian. This patch corrects that. FTR: the original bug report (#969930 AFAICT) correctly suggested bullseye-security, so the wrong sources.list entry wasn't caused by the original bug. > + * New upstream release > +(Closes: #991474) I would suggest this instead: > + * New upstream release > +Corrects the apt sources for security updates (Closes: #991474) -- bye, pabs https://wiki.debian.org/PaulWise
Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
On Wed, 2021-07-14 at 20:16 +0800, Shengjing Zhu wrote: > That feels over-engineering/energy-wasting. Another option would be to search the source code, and these findings would need to be confirmed using grep, but looking at codesearch: https://codesearch.debian.net/search?q=%5C.generateClientKeyExchange=0 golang-github-marten-seemann-qtls golang-github-marten-seemann-qtls-go1-15 golang-github-cloudflare-cfssl golang-refraction-networking-utls heartbleeder As well as anything that transitively build-depends on any of these. That said, I don't think rebuilding those packages will fix the issue, since they have embedded code copies of key_agreement.go and possibly use those copies instead of the code from the std library. There are also a number of other copies of key_agreement.go as well as copies of handshake_client.go, which calls the vulnerable code. $ apt-file search -I dsc key_agreement.go android-platform-external-boringssl: /src/ssl/test/runner/key_agreement.go chromium: /third_party/boringssl/src/ssl/test/runner/key_agreement.go gcc-avr: /gcc/libgo/go/crypto/tls/key_agreement.go gcc-riscv64-unknown-elf: /libgo/go/crypto/tls/key_agreement.go golang-1.15: /src/crypto/tls/key_agreement.go golang-1.16: /src/crypto/tls/key_agreement.go golang-github-cloudflare-cfssl: /scan/vendor/crypto/tls/key_agreement.go golang-github-marten-seemann-qtls: /key_agreement.go golang-github-marten-seemann-qtls-go1-15: /key_agreement.go golang-refraction-networking-utls: /key_agreement.go heartbleeder: /tls/key_agreement.go llvm-toolchain-9: /llgo/third_party/gofrontend/libgo/go/crypto/tls/key_agreement.go mono: /external/boringssl/ssl/test/runner/key_agreement.go $ apt-file search -I dsc handshake_client.go android-platform-external-boringssl: /src/ssl/test/runner/handshake_client.go chromium: /third_party/boringssl/src/ssl/test/runner/handshake_client.go gcc-avr: /gcc/libgo/go/crypto/tls/handshake_client.go gcc-riscv64-unknown-elf: /libgo/go/crypto/tls/handshake_client.go golang-1.15: /src/crypto/tls/handshake_client.go golang-1.16: /src/crypto/tls/handshake_client.go golang-github-cloudflare-cfssl: /scan/vendor/crypto/tls/handshake_client.go golang-github-marten-seemann-qtls: /handshake_client.go golang-github-marten-seemann-qtls-go1-15: /handshake_client.go golang-refraction-networking-utls: /handshake_client.go heartbleeder: /tls/handshake_client.go llvm-toolchain-9: /llgo/third_party/gofrontend/libgo/go/crypto/tls/handshake_client.go mono: /external/boringssl/ssl/test/runner/handshake_client.go -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
On Tue, Jul 13, 2021 at 6:12 AM Shengjing Zhu wrote: > Sadly the std library are statically embedded in all packages built by Go > compiler. > So if there's security issue in std library, bunch of packages need to be > rebuild. > > It may be possible to disassemble all Go binaries to see how many std > libraries > are embedded, but currently we don't have such tool to go through all > unpacked binary > packages. An alternative more brute-force approach might be to rebuild all packages locally twice, once without the patched std library and once with the patched std library, then use diffoscope to compare the binaries and if there are any changes then request a binNMU for the package. Packages that don't use the crypto library should not have it linked in and should see no changes after rebuilding with the patch. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#991094: unblock: foxtrotgps/1.2.2+bzr330-1: imagemagick FTBFS, gpsd API usage fix
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package foxtrotgps This fixes the fallout from imagemagick disabling EPS output (#987504) and something that was missed when porting to recent gpsd APIs. [ Reason ] The foxtrotgps documentation build by default converted .png files to EPS files for inclusion in the DVI and PS formatted documentation but the Debian package doesn't contain DVI/PS formatted documentation. Since imagemagick now blocks conversion to EPS, the upstream fix simply disables building EPS files unless building DVI/PS documentation. The gpsd developers deprecated using the GPS fix status in favour of using the GPS fix mode for detecting when a GPS position is available. The patch simply adds support for detecting 2D/3D fix modes. The GPS patch is minimal, fixes an important bug and both patches are already upstream, so I elected to package the latest upstream commit. [ Impact ] The package will FTBFS and will not be able to show the current GPS fix location with the current gpsd version. [ Tests ] I tested the build fix and the gpsd patch submitter tested the gpsd fix. [ Risks ] This is a leaf package and the changes are small, the risks are low. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] Thanks for all your work on the bullseye release. unblock foxtrotgps/1.2.2+bzr330-1 -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru foxtrotgps-1.2.2+bzr328/changelog/ChangeLog foxtrotgps-1.2.2+bzr330/changelog/ChangeLog --- foxtrotgps-1.2.2+bzr328/changelog/ChangeLog 2021-01-31 16:18:24.0 +0800 +++ foxtrotgps-1.2.2+bzr330/changelog/ChangeLog 2021-07-14 07:44:15.0 +0800 @@ -1,4 +1,37 @@ +revno: 330 +committer: Paul Wise +branch nick: bzr +timestamp: Mon 2021-04-26 12:33:42 +0800 +message: + Only create the EPS formatted images for the DVI/PS formatted + documentation + + The EPS files are not needed for other documentation formats, + some distributions are now disabling EPS support in ImageMagick + and the DVI/PS documentation formats are rarely used. +modified: + doc/Makefile.am + +revno: 329 +author: diego roversi +committer: Paul Wise +branch nick: bzr +timestamp: Sun 2021-03-07 14:05:44 +0800 +message: + Also accept 2D/3D fix modes as indicator of a valid GPS fix + + The libgps developers recommend to use the fix mode rather than + the status, + which many GNSS receivers do not supply or have incompatible + implementations. + + Fixes: https://bugs.launchpad.net/bugs/1917998 + See-also: + https://gitlab.com/gpsd/gpsd/-/commit/c3b0fb6394964ca57cecfa0a65d6b3cde2dd1f6f +modified: + src/gps_functions.c + revno: 328 author: Maciej S. Szmigiero committer: Paul Wise diff -Nru foxtrotgps-1.2.2+bzr328/debian/changelog foxtrotgps-1.2.2+bzr330/debian/changelog --- foxtrotgps-1.2.2+bzr328/debian/changelog 2021-01-31 16:47:52.0 +0800 +++ foxtrotgps-1.2.2+bzr330/debian/changelog 2021-07-14 07:58:30.0 +0800 @@ -1,3 +1,11 @@ +foxtrotgps (1.2.2+bzr330-1) unstable; urgency=medium + + * New upstream snapshot. +- Fixes FTBFS with new imagemagick (Closes: #991056) +- Fixes use of deprecated gpsd API (see LP#1917998) + + -- Paul Wise Wed, 14 Jul 2021 07:58:30 +0800 + foxtrotgps (1.2.2+bzr328-1) unstable; urgency=medium [ Paul Wise ] diff -Nru foxtrotgps-1.2.2+bzr328/doc/Makefile.am foxtrotgps-1.2.2+bzr330/doc/Makefile.am --- foxtrotgps-1.2.2+bzr328/doc/Makefile.am 2021-01-09 08:39:19.17100 +0800 +++ foxtrotgps-1.2.2+bzr330/doc/Makefile.am 2021-04-26 12:33:42.0 +0800 @@ -6,7 +6,8 @@ info_TEXINFOS = foxtrotgps.texi -foxtrotgps_TEXINFOS = $(images) $(images_eps) +foxtrotgps_TEXINFOS = $(images) +DVIS = $(images_eps) foxtrotgps.dvi images = \ foxtrotgps-logo.png \ diff -Nru foxtrotgps-1.2.2+bzr328/src/gps_functions.c foxtrotgps-1.2.2+bzr330/src/gps_functions.c --- foxtrotgps-1.2.2+bzr328/src/gps_functions.c 2021-01-09 08:39:19.17100 +0800 +++ foxtrotgps-1.2.2+bzr330/src/gps_functions.c 2021-04-26 12:33:42.0 +0800 @@ -763,7 +763,7 @@ gpsdata->fix.time = (time_t) 0; } #if GPSD_API_MAJOR_VERSION >= 10 - gpsdata->valid = (libgps_gpsdata.fix.status != STATUS_NO_FIX); + gpsdata->valid = (libgps_gpsdata.fix.status != STATUS_NO_FIX || libgps_gpsdata.fix.mode >= MODE_2D); #else gpsdata->valid = (libgps_gpsdata.status != STATUS_NO_FIX); #endif signature.asc Description: This is a digitally signed message part
Bug#990171: unblock: apparmor-profiles-extra/1.34
Control: close -1 On Tue, Jun 22, 2021 at 8:39 AM Holger Levsen wrote: > On Tue, Jun 22, 2021 at 09:57:02AM +0800, Paul Wise wrote: > > [ Reason ] > > The autoremoval will be before the fix for RC bug #989193 migrates. > > (I dont think so, but that's beside my point here.) It would have been if I hadn't pinged the bug to delay the autoremoval, it was initially suggested on IRC that an unblock was the right way to do this, but later clarified that pinging the bug was the right approach. > I'm wondering whether apparmor-profiles-extra should be a key package, after > all apparmor is installed by default these days... apparmor-profiles-extra isn't installed by default, but maybe it should be. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#990171: unblock: apparmor-profiles-extra/1.34
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-CC: apparmor-profiles-ex...@packages.debian.org Please unblock package apparmor-profiles-extra [ Reason ] The autoremoval will be before the fix for RC bug #989193 migrates. [ Impact ] The package will not be available in the bullseye release and so various apps will not have AppArmor security restrictions. [ Tests ] The autopkgtests pass for this package migration. [ Risks ] The change is a one character addition of the link permission for a situation where it being missing breaks another package. This is a leaf package. No alternatives available. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] None. unblock apparmor-profiles-extra/1.34 -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru apparmor-profiles-extra-1.33/debian/changelog apparmor-profiles-extra-1.34/debian/changelog --- apparmor-profiles-extra-1.33/debian/changelog 2021-04-02 19:40:29.0 +0800 +++ apparmor-profiles-extra-1.34/debian/changelog 2021-06-09 14:23:10.0 +0800 @@ -1,3 +1,10 @@ +apparmor-profiles-extra (1.34) unstable; urgency=medium + + * apt-cacher-ng: allow link operations on the contents of the cache directory +(Closes: #989193). Thanks to Eduard Bloch for the patch. + + -- intrigeri Wed, 09 Jun 2021 06:23:10 + + apparmor-profiles-extra (1.33) unstable; urgency=medium * autopkgtest: use hint-testsuite-triggers to ensure dummy test is not run diff -Nru apparmor-profiles-extra-1.33/debian/README.Debian apparmor-profiles-extra-1.34/debian/README.Debian --- apparmor-profiles-extra-1.33/debian/README.Debian 2021-04-02 19:40:29.0 +0800 +++ apparmor-profiles-extra-1.34/debian/README.Debian 2021-06-09 14:23:10.0 +0800 @@ -2,7 +2,7 @@ = - apt-cacher-ng: taken from the apparmor-profiles repository - at MR !50. + at MR !51. - GStreamer abstraction: taken from the apparmor-profiles repository at MR !49. - irssi: taken from the apparmor-profiles repository @@ -20,4 +20,4 @@ https://gitlab.com/apparmor/apparmor-profiles - -- intrigeri , Fri, 2 Apr 2021 11:19:19 +0200 + -- intrigeri , Wed, 9 Jun 2021 08:21:51 +0200 diff -Nru apparmor-profiles-extra-1.33/profiles/usr.sbin.apt-cacher-ng apparmor-profiles-extra-1.34/profiles/usr.sbin.apt-cacher-ng --- apparmor-profiles-extra-1.33/profiles/usr.sbin.apt-cacher-ng 2021-04-02 19:40:29.0 +0800 +++ apparmor-profiles-extra-1.34/profiles/usr.sbin.apt-cacher-ng 2021-06-09 14:23:10.0 +0800 @@ -18,7 +18,7 @@ /var/lib/apt-cacher-ng/** r, /{,var/}run/apt-cacher-ng/* rw, @{APT_CACHER_NG_CACHE_DIR}/ r, - @{APT_CACHER_NG_CACHE_DIR}/** rw, + @{APT_CACHER_NG_CACHE_DIR}/** rwl, /var/log/apt-cacher-ng/ r, /var/log/apt-cacher-ng/* rw, /{,var/}run/systemd/notify w, signature.asc Description: This is a digitally signed message part
Bug#989643: unblock: formiko/1.3.0
Control: tags -1 - moreinfo On Wed, Jun 9, 2021 at 5:21 PM Sebastian Ramacher wrote: > This appears to be a pre-approval request. Please remove the moreinfo > tag once the new version is available in unstable. Sponsored the package. -- bye, pabs https://wiki.debian.org/PaulWise
Re: REPOSITÓRIO DEBIAN 10 BUSTER
On Tue, Mar 16, 2021 at 8:06 PM Luís Fernando Russo Alves wrote: > Venho através desse caminho para suporte do Debian10 Buster ... Please contact support for help using Debian. [Tradução automática] Entre em contato com o suporte para obter ajuda usando o Debian: https://www.debian.org/support.pt https://lists.debian.org/debian-user-portuguese/ -- bye, pabs https://wiki.debian.org/PaulWise https://bonedaddy.net/pabs3/
Bug#981096: buster-pu: package file/1:5.35-4+deb10u1
On Tue, Jan 26, 2021 at 9:21 AM Christoph Biedl wrote: > Problem: The old limit turned out to be too strict, and instead of > avoiding DoS this broke legitimate use of that feature. Also, Paul > Wise (Cc:'ed), asked me repeatedly to backport this to buster, I > trust he has good reason to to so. The reason is that we hit the limit at $work and so have been manually maintaining a rebuild with the patch for a while, which breaks things briefly after security updates in oldstable/stable, so having the patch in Debian would be helpful. We are using the Perl bindings so we couldn't use the command-line option to override the limit and the Perl bindings didn't have support for overriding the limit. We got file upstream to increase the default limit, got Christoph to backport the limit to bullseye and got the Perl bindings upstream to add support for overriding the limit. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#980520: britney: excuses: reduce verbosity of autopkgtest results
On Wed, 2021-01-20 at 19:26 +0100, Paul Gevers wrote: > Passing packages that are still shown are those where an update > happened since the successful run, so they are more or less > "pending". I realize that probably nobody realizes this. It is very non-obvious from the output, I'd suggest putting Pending instead of Pass for the packages in that scenario. > I think we had other ideas on how to improve readability but IIRC, > those had to wait until jessie became EOL, as our ideas weren't > compatible with grep-excuses in jessie. This now happened so we could > pick that up. Good to hear, is there a bug about those ideas? -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#980520: britney: excuses: reduce verbosity of autopkgtest results
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: britney The excuses page is often very verbose because of the autopkgtest results, especially for packages with lots of reverse dependencies. For packages where all the results are Pass, those packages could be left out of the excuses altogether, since they don't prevent migration, or perhaps grep-excuses should gain an option to hide them instead? For packages where all the results are the same for every arch, the excuses could collapse all of those packages into one line. • autopkgtest Regression for foo bar baz • autopkgtest Ignored failure for foo bar baz • autopkgtest Pass for foo bar baz For packages with multiple arches you could group arches by the status rather than printing the status for each architecture, since the architecture names are shorter than the status texts. • autopkgtest for foo/1.2-3: Regression: amd64 arm64 armhf, Ignored failure: ppc64el: Ignored failure, Pass: i386 The combination of these ideas would result in less verbose excuses. Here is an example of a long version of the excuses: $ grep-excuses -w pytest Excuse for pytest • Migration status for pytest (4.6.11-1 to 6.0.2-2): BLOCKED: Rejected/violates migration policy/introduces a regression • Issues preventing migration: • autopkgtest for dask.distributed/2.10.0+ds.1-3: amd64: Ignored failure, arm64: Ignored failure, armhf: Ignored failure, i386: Ignored failure, ppc64el: Ignored failure • autopkgtest for docopt/0.6.2-2.2: amd64: Regression ♻ (reference ♻), arm64: Regression ♻ (reference ♻), armhf: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻), ppc64el : Regression ♻ (reference ♻) • autopkgtest for git-big-picture/0.10.1-1: armhf: Pass, i386: Pass, ppc64el: Pass • autopkgtest for html5lib/1.1-2: amd64: Regression ♻ (reference ♻), arm64: Regression ♻ (reference ♻), armhf: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻), ppc64el: Regression ♻ (reference ♻) • autopkgtest for ipykernel/5.4.2-1: ppc64el: Pass • autopkgtest for jupyter-client/6.1.6-1: ppc64el: Pass • autopkgtest for jupyter-notebook/6.1.6-2: armhf: Pass, i386: Pass, ppc64el: Pass • autopkgtest for nbformat/5.0.8-1: armhf: Pass, i386: Pass, ppc64el: Pass • autopkgtest for pytest-doctestplus/0.7.0-2: armhf: Pass, i386: Pass, ppc64el: Pass • autopkgtest for pytest-mpi/0.4-2: amd64: Regression ♻ (reference ♻), arm64: Regression ♻ (reference ♻), armhf: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻), ppc64el : Regression ♻ (reference ♻) • autopkgtest for python-dugong/3.7.4+dfsg-2: amd64: Regression ♻ (reference ♻), arm64: Regression ♻ (reference ♻), armhf: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻ ), ppc64el: Regression ♻ (reference ♻) • autopkgtest for python-llfuse/1.3.6+dfsg-2: amd64: Regression ♻ (reference ♻), arm64: Regression ♻ (reference ♻), armhf: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻ ), ppc64el: Regression ♻ (reference ♻) • autopkgtest for python-mechanicalsoup/0.10.0-3: armhf: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻), ppc64el: Regression ♻ (reference ♻) • autopkgtest for python-pymeasure/0.5-1: amd64: Regression ♻ (reference ♻), arm64: Regression ♻ (reference ♻), armhf: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻), ppc64el: Regression ♻ (reference ♻) • autopkgtest for reprotest/0.7.15: amd64: Pass, arm64: Ignored failure, armhf: Ignored failure, i386: Ignored failure, ppc64el: Pass • autopkgtest for sphinx-argparse/0.2.2-3: amd64: Regression ♻ (reference ♻), arm64: Regression ♻ (reference ♻), armhf: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻), ppc64el: Regression ♻ (reference ♻) • autopkgtest for sqlparse/0.3.1-1: amd64: Regression ♻ (reference ♻), arm64: Regression ♻ (reference ♻), armhf: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻), ppc64el : Regression ♻ (reference ♻) • autopkgtest for statsmodels/0.12.1-1: amd64: Pass, armhf: Pass, i386: Pass, ppc64el: Pass • autopkgtest for sunpy/2.0.5-1: armhf: Pass, i386: Pass, ppc64el: Pass • autopkgtest for xonsh/0.9.24+dfsg-2: armhf: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻), ppc64el: Regression ♻ (reference ♻) • Implicit dependency: pytest python-pytest-asyncio • Additional info: • Updating pytest fixes old bugs: #978289 • Piuparts tested OK - https://piuparts.debian.org/sid/source/p/pytest.html • 17 days old (needed 5 days) • Depends: pytest python-pytest-asyncio Excuses generated Wed Jan 20 04:11:43 2021 -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: Release status of i386 for Bullseye and long term support for 3 years?
On Tue, Jan 5, 2021 at 10:24 PM Lou Poppler wrote: > I would like to help. ... > Please suggest any debian lists or IRC channels or webpages I should look at, > or other steps to make myself useful. Thanks. The general page for how to help Debian is here: https://www.debian.org/intro/help More specifically, you could: Join the #debian-cd, #debian-boot, #debian-buildd, #debian-ftp, #debian-ports (introduce yourself here at minimum), #debian-release and #debian-toolchain IRC channels (and maybe #debian-devel). There isn't really a mailing list for i386, so maybe use debian-devel or debian-amd64. Help test the installer: https://wiki.debian.org/Teams/DebianCD/ReleaseTesting Install and enable popularity-contest on your i386 machines and submit to the Linux hardware database. Encourage other i386 users to do the same. https://popcon.debian.org/ https://wiki.debian.org/Hardware/Database https://linux-hardware.org/ Create install wiki pages for the hardware you own: https://wiki.debian.org/InstallingDebianOn Help maintain the installer and documentation: https://wiki.debian.org/DebianInstaller https://www.debian.org/releases/stable/i386/ Create a new i386 page in the Ports area on the wiki based on the template: https://wiki.debian.org/Ports https://wiki.debian.org/PortTemplate Maintain the other documentation about the i386 port: https://www.debian.org/ports/i386/ https://wiki.debian.org/i386 Create a scheme to tag i386-specific bugs (maybe user debian-devel, usertag i386) and maintain the installer usertags for debian-boot and the port usertags. Work on fixing the bugs tagged i386. https://udd.debian.org/cgi-bin/bts-usertags.cgi?user=debian-b...@lists.debian.org=i386 https://wiki.debian.org/Teams/Debbugs/ArchitectureTags Work on increasing the amount of software that builds and works on i386: https://udd.debian.org/cgi-bin/ftbfs.cgi?arch=i386 https://buildd.debian.org/status/architecture.php?a=i386 https://tests.reproducible-builds.org/debian/testing/index_suite_i386_stats.html https://ci.debian.net/status/ Follow #debian and #debian-next and help out any i386 users asking questions (although there aren't (m)any in practice). -- bye, pabs https://wiki.debian.org/PaulWise
Re: Release status of i386 for Bullseye and long term support for 3 years?
On Mon, Dec 14, 2020 at 11:36 PM Adrian Bunk wrote: > A bigger worry for i386 would be the availability of microcode updates This is also a big problem for amd64, since only the newest generations of Intel processors get BIOS/UEFI and or microcode updates, so lots of amd64 users (including myself) do not have microcode updates. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#974982: transition: krb5
On Sat, 21 Nov 2020 01:51:27 + Paul Wise wrote: > We are using libapache2-mod-auth-kerb at my workplace, I've raised an > issue about taking over modauthkerb upstream or just switching to > another module We have decided to switch to the gssapi module. I would recommend that libapache2-mod-auth-kerb gets orphaned and the maintainer reported to the MIA folks. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#974982: transition: krb5
On Fri, Nov 20, 2020 at 7:45 PM Sam Hartman wrote: > I note that libapache2-mod-auth-kerb seems to be QA maintained > effectively in Debian. > I haven't looked at upstream to see if they have a fix. Upstream is basically unmaintained, despite still having users. We are using libapache2-mod-auth-kerb at my workplace, I've raised an issue about taking over modauthkerb upstream or just switching to another module but I suspect that modauthkerb should just get removed from Debian in favour of mod_auth_gssapi, which is supposed to be a replacement. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#958887: buster-pu: package purple-discord/0.9.2019.02.07.git.e5d9627-1
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu A change to the Discord service causes crashes in purple-discord. There is a workaround for this issue in unstable that I would like to have in Debian buster. I have uploaded the package to Debian buster just now and I attach the debdiff for review. -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru purple-discord-0.9.2019.02.07.git.e5d9627/debian/changelog purple-discord-0.9.2019.02.07.git.e5d9627/debian/changelog --- purple-discord-0.9.2019.02.07.git.e5d9627/debian/changelog 2019-02-09 10:54:10.0 +0800 +++ purple-discord-0.9.2019.02.07.git.e5d9627/debian/changelog 2020-04-26 17:47:55.0 +0800 @@ -1,3 +1,9 @@ +purple-discord (0.9.2019.02.07.git.e5d9627-1+deb10u1) buster; urgency=medium + + * Backport workaround for crashes in ssl_nss_read (Closes: #955635) + + -- Paul Wise Sun, 26 Apr 2020 17:47:55 +0800 + purple-discord (0.9.2019.02.07.git.e5d9627-1) unstable; urgency=medium * New upstream snapshot diff -Nru purple-discord-0.9.2019.02.07.git.e5d9627/debian/patches/series purple-discord-0.9.2019.02.07.git.e5d9627/debian/patches/series --- purple-discord-0.9.2019.02.07.git.e5d9627/debian/patches/series 1970-01-01 08:00:00.0 +0800 +++ purple-discord-0.9.2019.02.07.git.e5d9627/debian/patches/series 2020-04-26 17:47:55.0 +0800 @@ -0,0 +1 @@ +workaround-ssl_nss_read-crashes.patch diff -Nru purple-discord-0.9.2019.02.07.git.e5d9627/debian/patches/workaround-ssl_nss_read-crashes.patch purple-discord-0.9.2019.02.07.git.e5d9627/debian/patches/workaround-ssl_nss_read-crashes.patch --- purple-discord-0.9.2019.02.07.git.e5d9627/debian/patches/workaround-ssl_nss_read-crashes.patch 1970-01-01 08:00:00.0 +0800 +++ purple-discord-0.9.2019.02.07.git.e5d9627/debian/patches/workaround-ssl_nss_read-crashes.patch 2020-04-26 17:47:55.0 +0800 @@ -0,0 +1,18 @@ +Description: Wrap all purple_ssl_read's to prevent segfaults elsewhere +Origin: https://github.com/EionRobb/purple-discord/compare/4e71974...db7dc79.diff +Bug: https://github.com/EionRobb/purple-discord/issues/288 +Bug-Debian: https://bugs.debian.org/955635 +Author: Eion Robb +Applied-Upstream: yes +--- a/libdiscord.c b/libdiscord.c +@@ -50,6 +50,9 @@ + + #include "markdown.h" + ++// Prevent segfault in libpurple ssl plugins ++#define purple_ssl_read(a, b, c) ((a) && (a)->private_data ? purple_ssl_read((a), (b), (c)) : 0) ++ + #define DISCORD_PLUGIN_ID "prpl-eionrobb-discord" + #ifndef DISCORD_PLUGIN_VERSION + #define DISCORD_PLUGIN_VERSION "0.1" signature.asc Description: This is a digitally signed message part
Bug#930534: Bug#930521: release.debian.org: provide machine-readable information about the freeze period for each release
On Sun, 2020-03-29 at 08:45 +0200, Paul Gevers wrote: > But wouldn't that be harder to find for tracker and other consumers? There is a symlink testing -> bullseye so this works: https://release.debian.org/testing/freeze-and-release-dates.yaml I'm not sure when it gets updated but I assume during the release. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#930534: Bug#930521: release.debian.org: provide machine-readable information about the freeze period for each release
On Sat, 2020-03-28 at 22:21 +0100, Paul Gevers wrote: > I have stripped some more from template in the other bug; Looks good, but the quiet_period URL points at a buster mail. > the first version should appear soon at > https://release.debian.org/freeze-and-release-dates.yaml I would suggest putting it at a per-release URL: https://release.debian.org/bullseye/freeze-and-release-dates.yaml -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#930534: Bug#930521: release.debian.org: provide machine-readable information about the freeze period for each release
On Thu, 2020-03-26 at 21:32 +0100, Paul Gevers wrote: > maybe all the tracker needs is the freeze date and the release date. I guess that would probably do it yeah. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#930534: Bug#930521: release.debian.org: provide machine-readable information about the freeze period for each release
On Fri, 2020-03-13 at 22:56 +0100, Paul Gevers wrote: > I assume you have read the current freeze_policy [1]. As you have seen, > we have introduced a new phase, where the automatic migration depends on > the package. I'm not sure how easy it is to cover that information into > a this template. Do you have suggestions? Since the release team are going to be able to tell which packages are at which stage of the freeze, you could export the information (migrations: manual or x days) alongside the excuses for each package and the tracker could list that information in human readable form. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#930534: Bug#930521: release.debian.org: provide machine-readable information about the freeze period for each release
On Thu, 2020-02-06 at 13:32 +0100, Paul Gevers wrote: > That is mostly because they have not been settled 100% yet. Sorry, I meant for the buster release, which is done now. There is still data for the last wheezy point release but nothing for the freeze for buster or bullsye; I thought the freeze was initially meant to be set at 2 years after the release. > Let me try to come back to this bug when we have communicated the dates > and provide a prototype so we can see if it works. Great, no rush. There isn't much activity on tracker.d.o features anyway. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#930534: Bug#930521: release.debian.org: provide machine-readable information about the freeze period for each release
On Thu, 2020-02-06 at 12:02 +0100, Paul Gevers wrote: > We already have a maintained agenda for the team [1]. Would it make > sense to use that somehow? That doesn't appear to have enough info right now, it contains only the unblock deadline and not the other freeze data. > I fear that having an additional place (next to the freeze_policy > document [2]) to store this is likely to get out of sync. Perhaps make either the .ics or jmw's proposed YAML[1] the canonical location for the dates and them build freeze_policy.html from it? https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930521#17 -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#948468: (unplanned) transition: gpsd
On Thu, Jan 9, 2020 at 8:45 AM Paul Gevers wrote: > Did I just failed to spot it, or is there no bug against gpsd filed > about this? The bugs are filed against reverse dependencies (navit/foxtrotgps for eg). PS: there are two complementary tools that could be used to detect ABI breakage: https://github.com/lvc/pkg-abidiff https://sourceware.org/libabigail/manual/abipkgdiff.html A thread that includes a comparison of the tool: https://lists.debian.org/msgid-search/192731475679...@web2g.yandex.ru -- bye, pabs https://wiki.debian.org/PaulWise
Bug#946570: stretch-pu: package libpst/0.6.59-1+deb9u1
On Mon, 2019-12-30 at 21:18 +, Adam D. Barratt wrote: > Please go ahead. Signed and uploaded. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#946570: stretch-pu: package libpst/0.6.59-1+deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu The version of libpst in stretch does not use AC_USE_SYSTEM_EXTENSIONS, which means that _GNU_SOURCE is not defined before including unistd.h, which means that get_current_dir_name is not defined and so gcc presumes it returns an integer, which means that the returned pointer gets truncated on some architectures and later when the pointer gets freed a program using libpst could crash. This issue is warned about by gcc: https://buildd.debian.org/status/fetch.php?pkg=libpst=amd64=0.6.59-1%2Bb1=1487989748=0 libpst.c: In function 'pst_getcwd': libpst.c:295:11: warning: implicit declaration of function 'get_current_dir_name' [-Wimplicit-function-declaration] cwd = get_current_dir_name(); ^~~~ libpst.c:295:9: warning: assignment makes pointer from integer without a cast [-Wint-conversion] cwd = get_current_dir_name(); ^ The build logs indicate that it was fixed in the version in buster: https://buildd.debian.org/status/fetch.php?pkg=libpst=amd64=0.6.71-0.1=1521798059=0 The package is RFA and this bug is affecting us at work, so I took the liberty of committing to the Debian git repo and submitting this pu. https://salsa.debian.org/debian/libpst/commit/a141fb154e97660e16455689a00d1781858215f3 I have attached the debdiff for this fix. -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru libpst-0.6.59/debian/changelog libpst-0.6.59/debian/changelog --- libpst-0.6.59/debian/changelog 2013-05-19 08:50:03.0 +0800 +++ libpst-0.6.59/debian/changelog 2019-12-11 09:59:25.0 +0800 @@ -1,3 +1,9 @@ +libpst (0.6.59-1+deb9u1) stretch; urgency=medium + + * Fix detection of get_current_dir_name and return truncation + + -- Paul Wise Wed, 11 Dec 2019 09:59:25 +0800 + libpst (0.6.59-1) unstable; urgency=low * [ec26e2d0] Imported Upstream version 0.6.59 diff -Nru libpst-0.6.59/debian/patches/07-use-system-extensions.patch libpst-0.6.59/debian/patches/07-use-system-extensions.patch --- libpst-0.6.59/debian/patches/07-use-system-extensions.patch 1970-01-01 08:00:00.0 +0800 +++ libpst-0.6.59/debian/patches/07-use-system-extensions.patch 2019-12-11 09:59:25.0 +0800 @@ -0,0 +1,17 @@ +Description: use AC_USE_SYSTEM_EXTENSIONS to define _GNU_SOURCE + so get_current_dir_name is detected correctly and + its return value is not truncated, breaking free calls. +Origin: upstream +From: http://hg.five-ten-sg.com/libpst/ +Last-Update: 2019-12-11 +Applied-Upstream: changeset: 328:c507af52515a +--- a/configure.in b/configure.in +@@ -4,6 +4,7 @@ + AC_CONFIG_HEADER([config.h]) + AM_INIT_AUTOMAKE + AC_CANONICAL_HOST ++AC_USE_SYSTEM_EXTENSIONS + + # + # 1. Remember that version-info is current:revision:age, and age <= current. diff -Nru libpst-0.6.59/debian/patches/series libpst-0.6.59/debian/patches/series --- libpst-0.6.59/debian/patches/series 2013-02-21 01:04:13.0 +0800 +++ libpst-0.6.59/debian/patches/series 2019-12-11 09:59:25.0 +0800 @@ -1 +1,2 @@ 06-ld-no-add-needed.patch +07-use-system-extensions.patch signature.asc Description: This is a digitally signed message part
Re: Should qpdf depend on gnutls?
On Sun, Nov 10, 2019 at 8:11 AM Jay Berkenbilt wrote: > I am the upstream author and the debian maintainer of qpdf. Disclaimer: I'm not part of either of the teams you CCed. > Do you have an opinion about which way I should go? I would drop the native crypto code from qpdf. If the native crypto code has any advantages over the equivalent code in GnuTLS/OpenSSL or other crypto libraries, then contribute those improvements to the relevant projects so that everyone can benefit from them. I would suggest enhancing the qpdf UI to notify the user when a PDF file being viewed is encrypted insecurely. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#943594: buster-pu: package libapache-mod-auth-kerb/5.4-2.4~deb10u1
On Fri, 2019-11-08 at 22:06 +, Adam D. Barratt wrote: > Please go ahead. Signed and uploaded the source package. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#943594: buster-pu: package libapache-mod-auth-kerb/5.4-2.4~deb10u1
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu This brings the fix for a use after free crash to buster. Since there were no other changes between buster and bullseye, I elected to just add a "backport to buster" changelog. -- bye, pabs https://wiki.debian.org/PaulWise diff -u libapache-mod-auth-kerb-5.4/debian/changelog libapache-mod-auth-kerb-5.4/debian/changelog --- libapache-mod-auth-kerb-5.4/debian/changelog +++ libapache-mod-auth-kerb-5.4/debian/changelog @@ -1,3 +1,16 @@ +libapache-mod-auth-kerb (5.4-2.4~deb10u1) buster; urgency=medium + + * Rebuild for buster + + -- Paul Wise Sun, 27 Oct 2019 13:58:04 +0800 + +libapache-mod-auth-kerb (5.4-2.4) unstable; urgency=medium + + * Non-maintainer upload. + * Apply patch from upstream issue tracker to fix crash (Closes: #934043) + + -- Paul Wise Mon, 21 Oct 2019 11:15:20 +0800 + libapache-mod-auth-kerb (5.4-2.3) unstable; urgency=medium * Don't apply the delegation patch, it can break gssapi auth. (Closes: diff -u libapache-mod-auth-kerb-5.4/debian/patches/series libapache-mod-auth-kerb-5.4/debian/patches/series --- libapache-mod-auth-kerb-5.4/debian/patches/series +++ libapache-mod-auth-kerb-5.4/debian/patches/series @@ -10,0 +11 @@ +mod_auth_kerb-krb5_kt_close.patch only in patch2: unchanged: --- libapache-mod-auth-kerb-5.4.orig/debian/patches/mod_auth_kerb-krb5_kt_close.patch +++ libapache-mod-auth-kerb-5.4/debian/patches/mod_auth_kerb-krb5_kt_close.patch @@ -0,0 +1,20 @@ +Description: fix use after free in authenticate_user_krb5pwd() +Origin: https://sourceforge.net/p/modauthkerb/bugs/61/attachment/mod_auth_kerb-krb5_kt_close.patch +Bug: https://sourceforge.net/p/modauthkerb/bugs/61/ +Bug-Debian: https://bugs.debian.org/934043 +Author: Johan Ymerson (https://sourceforge.net/u/ymerson/) +diff -ruN mod_auth_kerb-5.4.orig/src/mod_auth_kerb.c mod_auth_kerb-5.4/src/mod_auth_kerb.c +--- mod_auth_kerb-5.4.orig/src/mod_auth_kerb.c 2018-12-12 16:59:43.762013269 +0100 mod_auth_kerb-5.4/src/mod_auth_kerb.c 2018-12-12 16:59:59.151945123 +0100 +@@ -799,11 +799,9 @@ + "failed to verify krb5 credentials: %s", + krb5_get_err_text(context, ret)); + krb5_kt_end_seq_get(context, keytab, ); +- krb5_kt_close(context, keytab); + goto end; +} +krb5_kt_end_seq_get(context, keytab, ); +- krb5_kt_close(context, keytab); + } + else { +if ((ret = verify_krb5_init_creds(r, context, , server, keytab))) { signature.asc Description: This is a digitally signed message part
Re: claws-mail blocked by previous version excuse
On Wed, Oct 23, 2019 at 3:35 PM Ricardo Mones wrote: > There's a public roadmap for this? Not AFAIK, please contact the GNOME team about it. -- bye, pabs https://wiki.debian.org/PaulWise
Re: Re: claws-mail blocked by previous version excuse
On Wed, 2019-10-23 at 11:39 +0900, Hideki Yamane wrote: > Is there any link for it? It seems that it affects sylpheed package > and I want to ask it to the upstream maintainer. Not yet, I suggest talking to the GNOME team about it. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: claws-mail blocked by previous version excuse
On Wed, Oct 23, 2019 at 7:03 AM Ricardo Mones wrote: > The claws-mail package appears blocked from migrating to testing because > of #885266 which removed 3.17.3-2 from it, but is already fixed in 3.17.4-2, > in sid since 8 days ago… It seems to be because claws-mail-python-plugin 3.17.3-1 is still in sid, so the old source package is still kept around so britney still thinks the RC bug applies to sid. https://release.debian.org/britney/excuses.yaml > Any pointers on how fix this? I think you will need to ask the ftp-masters to remove the claws-mail-python-plugin cruft from unstable. BTW, ISTR there is a plan to remove GTK 2 from Debian at some point, so it would be a good idea to talk to upstream about switching to GTK 3. -- bye, pabs https://wiki.debian.org/PaulWise
Re: requesting debian stretch 9.10.0 release
On Mon, Sep 2, 2019 at 2:48 AM Ilari Jääskeläinen wrote: > best wishes for debian stretch, I hope the best possible patience and > discipline accomplishing the future. According to the release team's website the stretch 9.10 release is scheduled for 2019-09-07 (this weekend). If there is anything from stretch 9.10 that you would like to use now, you can add proposed updates to your sources.list, run `apt update` and then install it. https://release.debian.org/#point-releases https://lists.debian.org/1564603727.3399.13.ca...@adam-barratt.org.uk https://wiki.debian.org/StableProposedUpdates https://release.debian.org/proposed-updates/stable.html -- bye, pabs https://wiki.debian.org/PaulWise
Re: reflecting on the buster release cycle and RFF
On Mon, Jul 22, 2019 at 2:44 AM Paul Gevers wrote: > So, now you've seen how I have perceived the freeze, do you have > anything to add? We're looking for concrete notes and observations that > we can use when we think about how to improve the bullseye release. During the buster freeze period, postgrey was removed from testing and thus should have missed the buster release. It appears that the release team made an exception and allowed postgrey back into testing despite the freeze policy that "packages not in testing can not migrate to testing". I think it would be useful to document under which circumstances packages can get exceptions to be allowed back into testing even though they have been removed during the freeze period. -- bye, pabs https://wiki.debian.org/PaulWise
Re: Bug#930521: tracker.d.o: during freezes dont complain about packages only in experimental
Control: clone -1 -2 Control: reassign -2 release.debian.org Control: retitle -2 release.debian.org: provide machine-readable information about the freeze period for each release Control: block -1 by -2 Hi Release Team, In order to implement the request below (hide some suggestions from tracker.d.o during the freeze (and possibly other things)), we need a machine-readable information source about the current stage of the freeze and what that means for new upstream releases. I suggest that this come in the form of a YAML/JSON file in the testing directory containing start dates for each stage of the freeze and an end date once that is known. Each stage could be accompanied by some sort of metadata about the freeze policy, so that the tracker could also give advice on what to upload and what not to upload. https://release.debian.org/testing/freeze.yaml On Fri, Jun 14, 2019 at 9:15 PM Holger Levsen wrote: > package: tracker.debian.org > severity: wishlist > x-debbugs-cc: debian...@lists.debian.org > > On Thu, Jun 06, 2019 at 09:19:14PM +0800, Paul Wise wrote: > > On Thu, Jun 6, 2019 at 6:20 PM Holger Levsen wrote: > [tracker.d.o tells me that] > > > - new upstream version only available in experimental (yes, because > > > buster is frozen) > > > > I think it is appropriate to file a bug asking that this be disabled > > when the freeze is on. As far as I can tell there is no > > machine-readable indicator that buster is frozen, but there used to be > > one for stretch in the release team's calendar file. So this would > > require the release team to create a machine-readable way for the > > tracker to know if testing is currently frozen. > > > > https://release.debian.org/release-calendar.ics > > filing a bug for this as suggested. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#929255: stretch-pu: package corekeeper/1.7~deb9u1
On Mon, 2019-06-03 at 15:12 +0100, Adam D. Barratt wrote: > Please go ahead. Uploaded. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#929255: stretch-pu: package corekeeper/1.7~deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu I'd like to backport the security fixes and hardening in corekeeper from buster to stretch. -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru corekeeper-1.6/debian/changelog corekeeper-1.7~deb9u1/debian/changelog --- corekeeper-1.6/debian/changelog 2015-11-12 00:44:29.0 +0800 +++ corekeeper-1.7~deb9u1/debian/changelog 2019-05-20 11:55:22.0 +0800 @@ -1,3 +1,22 @@ +corekeeper (1.7~deb9u1) stretch; urgency=medium + + * Backport security hardening fixes to stretch + + -- Paul Wise Mon, 20 May 2019 11:55:22 +0800 + +corekeeper (1.7) unstable; urgency=medium + + * Do not use a world-writable /var/crash with the dumper script +and fix the permissions on upgrade as dpkg doesn't do that. +(Closes: #924397) (See-also: #515211) + * Handle older versions of the Linux kernel in a safer way +(Closes: #924398) + * Harden ownership determination and core file names + * Do not truncate core names for executables with spaces + * Update VCS URLs from alioth to salsa + + -- Paul Wise Sat, 04 May 2019 14:53:44 +0800 + corekeeper (1.6) unstable; urgency=medium * Prevent installation with other core dump handlers: diff -Nru corekeeper-1.6/debian/control corekeeper-1.7~deb9u1/debian/control --- corekeeper-1.6/debian/control 2015-11-11 22:19:31.0 +0800 +++ corekeeper-1.7~deb9u1/debian/control 2019-05-04 14:55:31.0 +0800 @@ -5,8 +5,8 @@ Build-Depends: debhelper (>= 9) Standards-Version: 3.9.6 -Vcs-Git: git://anonscm.debian.org/collab-maint/corekeeper.git -Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/corekeeper.git +Vcs-Git: https://salsa.debian.org/debian/corekeeper.git +Vcs-Browser: https://salsa.debian.org/debian/corekeeper Package: corekeeper Architecture: kfreebsd-any linux-any diff -Nru corekeeper-1.6/debian/copyright corekeeper-1.7~deb9u1/debian/copyright --- corekeeper-1.6/debian/copyright 2013-11-22 10:23:37.0 +0800 +++ corekeeper-1.7~deb9u1/debian/copyright 2019-05-04 14:55:31.0 +0800 @@ -1,7 +1,7 @@ Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: corekeeper Upstream-Contact: Paul Wise -Source: git://anonscm.debian.org/collab-maint/corekeeper.git +Source: https://salsa.debian.org/debian/corekeeper.git Comment: original package by Ben Pfaff has been rewritten Files: * diff -Nru corekeeper-1.6/debian/corekeeper.lintian-overrides corekeeper-1.7~deb9u1/debian/corekeeper.lintian-overrides --- corekeeper-1.6/debian/corekeeper.lintian-overrides 2013-11-22 10:23:42.0 +0800 +++ corekeeper-1.7~deb9u1/debian/corekeeper.lintian-overrides 2019-05-04 13:57:59.0 +0800 @@ -1,6 +1,6 @@ # /var/crash is intentionally world-writable to allow for # centralized core dumps. -non-standard-dir-perm +[kfreebsd-any]: non-standard-dir-perm # The postrm script checks if systemd is running before # using the systemctl command diff -Nru corekeeper-1.6/debian/corekeeper.postinst.linux corekeeper-1.7~deb9u1/debian/corekeeper.postinst.linux --- corekeeper-1.6/debian/corekeeper.postinst.linux 2013-04-25 14:49:30.0 +0800 +++ corekeeper-1.7~deb9u1/debian/corekeeper.postinst.linux 2019-05-04 14:55:31.0 +0800 @@ -4,4 +4,11 @@ # Activate the sysctl settings [ $1 != configure ] || sysctl --quiet --load="/etc/sysctl.d/corekeeper.conf" +# Set /var/crash to not be world writable +# to prevent crashes being able to write arbitrary files +[ "$1" = configure ] && +dpkg --compare-versions "$2" le-nl 1.6 && +! dpkg-statoverride --list /var/crash && +chmod 0755 /var/crash + #DEBHELPER# diff -Nru corekeeper-1.6/debian/dump corekeeper-1.7~deb9u1/debian/dump --- corekeeper-1.6/debian/dump 2013-04-25 16:01:53.0 +0800 +++ corekeeper-1.7~deb9u1/debian/dump 2019-05-04 14:47:56.0 +0800 @@ -19,7 +19,9 @@ # because Linux does not create directories when dumping core files # and it is apparently painful to do that from within Linux. # -# Thanks for the security audit go to Kees Cook ! +# Thanks for the security audits go to: +# Jakub Wilk +# Kees Cook set -e @@ -28,34 +30,77 @@ exit 1 fi -# Check how many arguments the kernel sent us. -if [ $# -eq 2 ] ; then - # Awww, old kernel that does not support %d - # Cannot set the core file owner safely, use root - # See v3.6-6800-g12a2b4b in linux.git for more info - uid="$1" - core="$2" - owner="0" -elif [ $# -eq 3 ] ; then - # Yay! A kernel that does support %d - uid="$2" - core="$3" - owner="$2" - # Set the core file owner safely - if [ $1 -eq 2 ] ; then - owner="0" - fi -else - # Something is majorly broken. - echo "This script should be run with three arguments and a core file on stdin" 1>&2 - exit 1 -fi +case "$1" in + (--*) + #
Bug#928418: unblock: preapproval: corekeeper/1.7
Control: tags -1 - moreinfo On Sat, 2019-05-11 at 16:36 +0200, Paul Gevers wrote: > Please go ahead and upload to unstable and remove the moreinfo tag > when it's build. Uploaded and built by the buildds. > For reference, if you're confident that an upload meets the freeze > policy, i.e. it only fixes release critical bugs (or important bugs > for optional packages), feel free to upload without a pre-approval. > Most of the time it's easier to review when the package is available > and it saves a round-trip. That said, if unsure feel free to ask for > pre-approval. Ack, in this case I wasn't sure all of the changes were acceptable. Once the package has reached buster I'd like to do a stable-pu upload. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: Bug#928026: security support for golang packages in Buster
On Wed, May 8, 2019 at 2:45 PM Paul Gevers wrote: > With respect to binNMU'ing, static linking is not a problem, only > arch:all is. Most haskell (4 vs 1048) and ocaml (21 vs 233) aren't > arch:all. haskell and ocaml have a framework in place to at least know > the status in unstable/testing. See e.g. the "permanent trackers" at > https://release.debian.org/transitions/ I don't know yet what this means > for security support. Neither do I know what it means for rust. I think there is something that the release/security teams might be missing here: The Go/Rust arch:all packages (the golang-*-dev ones) contain only source code (ideally things would support build-deps on foo:src, the current Go/Rust binary packages are a workaround for that being missing), so they do not need to be changed after a security upload. Only the packages containing statically linked Go/Rust code need to be binNMUed and those ones should be arch:any since they contain architecture-specific binaries. In addition the arch:all packages do not have Built-Using, only the statically linked ones do. So the workflow seems to be quite manageable, modulo the security-master binNMU issue: fix the security issue where it originated, then binNMU anything that has Built-Using on any version less than the fixed version. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#928418: unblock: preapproval: corekeeper/1.7
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock I would like to fix some issues in corekeeper reported by Jakub Wilk. unblock corekeeper/1.7 -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru corekeeper-1.6/debian/changelog corekeeper-1.7/debian/changelog --- corekeeper-1.6/debian/changelog 2015-11-12 00:44:29.0 +0800 +++ corekeeper-1.7/debian/changelog 2019-05-04 14:53:44.0 +0800 @@ -1,3 +1,16 @@ +corekeeper (1.7) unstable; urgency=medium + + * Do not use a world-writable /var/crash with the dumper script +and fix the permissions on upgrade as dpkg doesn't do that. +(Closes: #924397) (See-also: #515211) + * Handle older versions of the Linux kernel in a safer way +(Closes: #924398) + * Harden ownership determination and core file names + * Do not truncate core names for executables with spaces + * Update VCS URLs from alioth to salsa + + -- Paul Wise Sat, 04 May 2019 14:53:44 +0800 + corekeeper (1.6) unstable; urgency=medium * Prevent installation with other core dump handlers: diff -Nru corekeeper-1.6/debian/control corekeeper-1.7/debian/control --- corekeeper-1.6/debian/control 2015-11-11 22:19:31.0 +0800 +++ corekeeper-1.7/debian/control 2019-05-04 14:53:44.0 +0800 @@ -5,8 +5,8 @@ Build-Depends: debhelper (>= 9) Standards-Version: 3.9.6 -Vcs-Git: git://anonscm.debian.org/collab-maint/corekeeper.git -Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/corekeeper.git +Vcs-Git: https://salsa.debian.org/debian/corekeeper.git +Vcs-Browser: https://salsa.debian.org/debian/corekeeper Package: corekeeper Architecture: kfreebsd-any linux-any diff -Nru corekeeper-1.6/debian/copyright corekeeper-1.7/debian/copyright --- corekeeper-1.6/debian/copyright 2013-11-22 10:23:37.0 +0800 +++ corekeeper-1.7/debian/copyright 2019-05-04 14:53:44.0 +0800 @@ -1,7 +1,7 @@ Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: corekeeper Upstream-Contact: Paul Wise -Source: git://anonscm.debian.org/collab-maint/corekeeper.git +Source: https://salsa.debian.org/debian/corekeeper.git Comment: original package by Ben Pfaff has been rewritten Files: * diff -Nru corekeeper-1.6/debian/corekeeper.lintian-overrides corekeeper-1.7/debian/corekeeper.lintian-overrides --- corekeeper-1.6/debian/corekeeper.lintian-overrides 2013-11-22 10:23:42.0 +0800 +++ corekeeper-1.7/debian/corekeeper.lintian-overrides 2019-05-04 13:57:59.0 +0800 @@ -1,6 +1,6 @@ # /var/crash is intentionally world-writable to allow for # centralized core dumps. -non-standard-dir-perm +[kfreebsd-any]: non-standard-dir-perm # The postrm script checks if systemd is running before # using the systemctl command diff -Nru corekeeper-1.6/debian/corekeeper.postinst.linux corekeeper-1.7/debian/corekeeper.postinst.linux --- corekeeper-1.6/debian/corekeeper.postinst.linux 2013-04-25 14:49:30.0 +0800 +++ corekeeper-1.7/debian/corekeeper.postinst.linux 2019-05-04 14:53:44.0 +0800 @@ -4,4 +4,11 @@ # Activate the sysctl settings [ $1 != configure ] || sysctl --quiet --load="/etc/sysctl.d/corekeeper.conf" +# Set /var/crash to not be world writable +# to prevent crashes being able to write arbitrary files +[ "$1" = configure ] && +dpkg --compare-versions "$2" le-nl 1.6 && +! dpkg-statoverride --list /var/crash && +chmod 0755 /var/crash + #DEBHELPER# diff -Nru corekeeper-1.6/debian/dump corekeeper-1.7/debian/dump --- corekeeper-1.6/debian/dump 2013-04-25 16:01:53.0 +0800 +++ corekeeper-1.7/debian/dump 2019-05-04 14:47:56.0 +0800 @@ -19,7 +19,9 @@ # because Linux does not create directories when dumping core files # and it is apparently painful to do that from within Linux. # -# Thanks for the security audit go to Kees Cook ! +# Thanks for the security audits go to: +# Jakub Wilk +# Kees Cook set -e @@ -28,34 +30,77 @@ exit 1 fi -# Check how many arguments the kernel sent us. -if [ $# -eq 2 ] ; then - # Awww, old kernel that does not support %d - # Cannot set the core file owner safely, use root - # See v3.6-6800-g12a2b4b in linux.git for more info - uid="$1" - core="$2" - owner="0" -elif [ $# -eq 3 ] ; then - # Yay! A kernel that does support %d - uid="$2" - core="$3" - owner="$2" - # Set the core file owner safely - if [ $1 -eq 2 ] ; then - owner="0" - fi -else - # Something is majorly broken. - echo "This script should be run with three arguments and a core file on stdin" 1>&2 - exit 1 -fi +case "$1" in + (--*) + # Option based command-line + while [ $# -gt 0 ] ; do + case "$1" in +(--dumpable) + # Old Linux kernels do not support %d + # use the safest dumpable option there + case "$2" in + (--*) dumpable=2; shift;;
Bug#922110: RM: libwww-topica-perl/0.6-5 -- service lists.topica.com is gone
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Please remove libwww-topica-perl from stable, the service lists.topica.com is no longer available for the last year and it does not look like it will be returning. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#913768: transition: glibc
On Thu, Nov 29, 2018 at 2:21 PM Aurelien Jarno wrote: > Thanks, I have just uploaded it. I've just noticed that the glibc update has caused a regression in the nocache package (details in #916415). -- bye, pabs https://wiki.debian.org/PaulWise
Re: Libreoffice 大版本更新
On Mon, Dec 10, 2018 at 1:00 AM 救贖靈魂 wrote: > 您好,請問 Libreoffice 什麼時候會更新到 v6 版?謝謝! [自动翻译]请联系Debian用户支持渠道寻求帮助: Please contact Debian user support channels for help: https://www.debian.org/support -- bye, pabs https://wiki.debian.org/PaulWise
Re: Arch qualification for buster: call for DSA, Security, toolchain concerns
On Sat, Jun 30, 2018 at 7:44 AM, Manuel A. Fernandez Montecelo wrote: > People from DSA have also attempted to fix them in other ways over the > last few months (thanks for that too!), but the solutions have been > rejected. I am not aware of the full details (only part of them), but > I assume that it's done for sound reasons. One good reason for this > is that they don't want to duplicate code or list of architectures. The details here is that aurel32 wrote a git branch to add architecture configurability in dak and hard-code a list of "arches-in-sid-dpkg" in such a configuration file. ftp-master understandably didn't want to have to manually copy the tables from dpkg to dak whenever they changed. I briefly looked at using an auto-byhand script to automate this, but didn't yet get around to working on implementing anything. https://salsa.debian.org/aurel32/dak/tree/dpkg-tables -- bye, pabs https://wiki.debian.org/PaulWise
Bug#899085: release.debian.org: excuses terminology: replace "Valid Candidate" with "Trying to migrate"?
On Mon, 2018-05-21 at 07:53 +, Niels Thykier wrote: > Based on your comments, I have made a branch on salsa: > > https://salsa.debian.org/release-team/britney2/tree/bug-899085-excuse-messages Looks good to me. > The patches are also attached (assuming it is easier for you to review > them by email). Yep. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#899085: release.debian.org: excuses terminology: replace "Valid Candidate" with "Trying to migrate"?
On Mon, May 21, 2018 at 2:46 PM, Niels Thykier wrote: > When I wrote the messages, I wanted to quickly high light the three > basic states ("OK", "WAITING" or "BLOCKED"/rejected). The first two > states implies that the contributor does not need to do anything at the > moment, where as the latter implies that the some human intervention is > needed. The messages for the WAITING states already start with Waiting. The messages for the OK states indicate what is going to happen. So, I'd say the states aren't needed in those messages but if you prefer to keep them, that is fine too. The messages for the BLOCKED states probably do need the state though. I don't think you need the "please see below" style messages since excuses are usually always presented all at once? -- bye, pabs https://wiki.debian.org/PaulWise
Bug#899085: release.debian.org: excuses terminology: replace "Valid Candidate" with "Trying to migrate"?
On Mon, May 21, 2018 at 1:53 PM, Niels Thykier wrote: > """ > Migration status: OK: Will attempt migration (Any information below is > purely informational) > """ I'd remove the "OK:" from that unless there is a reason for it? > So changing the wording to the proposed will simply make it redundant > with the first line. Perhaps we should simply remove that line now? That seems reasonable to me. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#899085: release.debian.org: excuses terminology: replace "Valid Candidate" with "Trying to migrate"?
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: britney In #898329, pochu had to clarify the meaning of "Valid Candidate": Just to clarify things: being a valid candidate means britney will try to migrate that package to testing. That can still fail (and fails in this case) because the package is not installable on i386 (which is a requirement). This comes up a lot in various places, I wonder if replacing "Valid Candidate" with "Trying to migrate" or similar in the excuses output would help clarify the situation for people. "Not Considered" could be replaced with "Not trying to migrate yet" for a smaller clarification. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#895887: jessie-pu: package libipc-run-perl/0.92-1+deb8u1
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu libipc-run-perl 0.92-1 has a memory leak that causes some code at $work to use all of the RAM on the machine. We would like to fix it in jessie using the patch accepted upstream and released into sid and buster. We have tested the patches internally and they resolve our issue. -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru libipc-run-perl-0.92/debian/changelog libipc-run-perl-0.92/debian/changelog --- libipc-run-perl-0.92/debian/changelog 2012-09-01 01:21:38.0 +0800 +++ libipc-run-perl-0.92/debian/changelog 2018-04-17 16:16:38.0 +0800 @@ -1,3 +1,9 @@ +libipc-run-perl (0.92-1+deb8u1) jessie; urgency=medium + + * Backport upstream patch to fix memory leak + + -- Paul Wise <p...@debian.org> Tue, 17 Apr 2018 16:16:38 +0800 + libipc-run-perl (0.92-1) unstable; urgency=low [ gregor herrmann ] diff -Nru libipc-run-perl-0.92/debian/patches/0001-Another-Bugfix-for-memory-leak-rt.cpan.org-57990-86.patch libipc-run-perl-0.92/debian/patches/0001-Another-Bugfix-for-memory-leak-rt.cpan.org-57990-86.patch --- libipc-run-perl-0.92/debian/patches/0001-Another-Bugfix-for-memory-leak-rt.cpan.org-57990-86.patch 1970-01-01 08:00:00.0 +0800 +++ libipc-run-perl-0.92/debian/patches/0001-Another-Bugfix-for-memory-leak-rt.cpan.org-57990-86.patch 2018-04-17 16:16:38.0 +0800 @@ -0,0 +1,31 @@ +From 5cd3a5b21bd00dbb2e54e58fec6b0349bf457bb0 Mon Sep 17 00:00:00 2001 +From: Konrad Bucheli <k...@open.ch> +Date: Tue, 27 Mar 2018 11:22:58 +0200 +Subject: [PATCH] Another Bugfix for memory leak [rt.cpan.org #57990] #86 +Origin: https://github.com/kbucheli/IPC-Run/commit/d706e65d0e5dab055d9b6c8d070330fdc7b1a883 +Bug: https://github.com/toddr/IPC-Run/issues/86 + +--- + lib/IPC/Run.pm | 6 ++ + 1 file changed, 6 insertions(+) + +diff --git a/lib/IPC/Run.pm b/lib/IPC/Run.pm +index 2436bc5..61cdb5f 100644 +--- a/lib/IPC/Run.pm b/lib/IPC/Run.pm +@@ -1135,6 +1135,12 @@ sub DESTROY { +my IPC::Run $self = shift; +POSIX::close $self->{DEBUG_FD} if defined $self->{DEBUG_FD}; +$self->{DEBUG_FD} = undef; ++ ++ for my $kid ( @{$self->{KIDS}} ) { ++ for my $op ( @{$kid->{OPS}} ) { ++ delete $op->{FILTERS}; ++ } ++ } + } + + ## +-- +2.17.0 + diff -Nru libipc-run-perl-0.92/debian/patches/series libipc-run-perl-0.92/debian/patches/series --- libipc-run-perl-0.92/debian/patches/series 2012-09-01 01:21:38.0 +0800 +++ libipc-run-perl-0.92/debian/patches/series 2018-04-17 16:08:26.0 +0800 @@ -1 +1,2 @@ hashbang.patch +0001-Another-Bugfix-for-memory-leak-rt.cpan.org-57990-86.patch signature.asc Description: This is a digitally signed message part
Bug#895888: stretch-pu: package libipc-run-perl/0.94-1+deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu libipc-run-perl 0.94-1 has a memory leak that causes some code at $work to use all of the RAM on the machine. We would like to fix it in jessie using the patch accepted upstream and released into sid and buster. We have tested the patches internally and they resolve our issue. -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru libipc-run-perl-0.94/debian/changelog libipc-run-perl-0.94/debian/changelog --- libipc-run-perl-0.94/debian/changelog 2015-05-10 23:05:50.0 +0800 +++ libipc-run-perl-0.94/debian/changelog 2018-04-17 16:24:46.0 +0800 @@ -1,3 +1,9 @@ +libipc-run-perl (0.94-1+deb9u1) stretch; urgency=medium + + * Backport upstream patch to fix memory leak + + -- Paul Wise <p...@debian.org> Tue, 17 Apr 2018 16:24:46 +0800 + libipc-run-perl (0.94-1) unstable; urgency=low [ Salvatore Bonaccorso ] diff -Nru libipc-run-perl-0.94/debian/patches/0001-Another-Bugfix-for-memory-leak-rt.cpan.org-57990-86.patch libipc-run-perl-0.94/debian/patches/0001-Another-Bugfix-for-memory-leak-rt.cpan.org-57990-86.patch --- libipc-run-perl-0.94/debian/patches/0001-Another-Bugfix-for-memory-leak-rt.cpan.org-57990-86.patch 1970-01-01 08:00:00.0 +0800 +++ libipc-run-perl-0.94/debian/patches/0001-Another-Bugfix-for-memory-leak-rt.cpan.org-57990-86.patch 2018-04-17 16:24:10.0 +0800 @@ -0,0 +1,31 @@ +From 5cd3a5b21bd00dbb2e54e58fec6b0349bf457bb0 Mon Sep 17 00:00:00 2001 +From: Konrad Bucheli <k...@open.ch> +Date: Tue, 27 Mar 2018 11:22:58 +0200 +Subject: [PATCH] Another Bugfix for memory leak [rt.cpan.org #57990] #86 +Origin: https://github.com/kbucheli/IPC-Run/commit/d706e65d0e5dab055d9b6c8d070330fdc7b1a883 +Bug: https://github.com/toddr/IPC-Run/issues/86 + +--- + lib/IPC/Run.pm | 6 ++ + 1 file changed, 6 insertions(+) + +diff --git a/lib/IPC/Run.pm b/lib/IPC/Run.pm +index 2436bc5..61cdb5f 100644 +--- a/lib/IPC/Run.pm b/lib/IPC/Run.pm +@@ -1135,6 +1135,12 @@ sub DESTROY { +my IPC::Run $self = shift; +POSIX::close $self->{DEBUG_FD} if defined $self->{DEBUG_FD}; +$self->{DEBUG_FD} = undef; ++ ++ for my $kid ( @{$self->{KIDS}} ) { ++ for my $op ( @{$kid->{OPS}} ) { ++ delete $op->{FILTERS}; ++ } ++ } + } + + ## +-- +2.17.0 + diff -Nru libipc-run-perl-0.94/debian/patches/series libipc-run-perl-0.94/debian/patches/series --- libipc-run-perl-0.94/debian/patches/series 2015-05-10 23:05:50.0 +0800 +++ libipc-run-perl-0.94/debian/patches/series 2018-04-17 16:24:20.0 +0800 @@ -1 +1,2 @@ hashbang.patch +0001-Another-Bugfix-for-memory-leak-rt.cpan.org-57990-86.patch signature.asc Description: This is a digitally signed message part
Re: Flash drive problems
On Thu, Mar 29, 2018 at 4:54 AM, John wrote: > After upgrading I cannot transfer files reliably to my computer Please ask on Debian support channels for help determining which package is at fault and gathering the required debug information. Once you have done that you can report a bug against the relevant package. https://www.debian.org/support https://www.debian.org/Bugs/Reporting -- bye, pabs https://wiki.debian.org/PaulWise
Bug#886509: britney: drop duplicate 'has new bugs' excuses item
Package: release.debian.org Severity: wishlist User: release.debian@packages.debian.org Usertags: britney Please apply this patch to drop the duplicate 'has new bugs' excuses item. The 'Updating foo introduces new bugs:' item includes bug numbers so the 'has new bugs' item is less useful than it. -- bye, pabs https://wiki.debian.org/PaulWise From ceca85e82f047e7763ea1102ccdbf6da548e9932 Mon Sep 17 00:00:00 2001 From: Paul Wise <p...@debian.org> Date: Sat, 6 Jan 2018 11:28:21 +0800 Subject: [PATCH] Drop duplicate 'has new bugs' excuses item The other item includes bug numbers so this one is less useful. --- britney2/policies/policy.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/britney2/policies/policy.py b/britney2/policies/policy.py index e588351..adcc938 100644 --- a/britney2/policies/policy.py +++ b/britney2/policies/policy.py @@ -476,9 +476,6 @@ class RCBugPolicy(BasePolicy): old_bugs = rcbugs_info['unique-target-bugs'] excuse.setbugs(old_bugs, new_bugs) if new_bugs: -excuse.addhtml("%s https://bugs.debian.org/cgi-bin/pkgreport.cgi?; \ - "src=%s=critical=grave=serious\" " \ - "target=\"_blank\">has new bugs!" % (source_name, quote(source_name))) excuse.addhtml("Updating %s introduces new bugs: %s" % (source_name, ", ".join( ["https://bugs.debian.org/%s\;>#%s" % (quote(a), a) for a in new_bugs]))) -- 2.15.1 signature.asc Description: This is a digitally signed message part
Re: Bug#885172: transition: libsodium
On Tue, Dec 26, 2017 at 7:15 PM, Moritz Mühlenhoff wrote: > Is that a temporary measure or permanently due to the state of > the port? https://lists.debian.org/debian-bsd/2017/12/msg8.html -- bye, pabs https://wiki.debian.org/PaulWise
Bug#882051: nmu: debhelper 10.10.7 dbgsym regression fix: rebuild xdg-desktop-portal_0.8-3, xdg-desktop-portal-gtk_0.7-3
On Sun, Nov 19, 2017 at 11:10 PM, Julien Cristau wrote: > Above syntax is wrong, you're missing a . between package and > architectures, and version should be source version. Also if any of > those packages build multi-arch: same binaries, this would break them. > Overall it doesn't sound like anything's actually broken, so I'd err on > the side of not doing anything, and they'll get new dbgsyms on the next > source upload. Sorry about the syntax issue. Adrian Bunk confirmed on IRC the multi-arch issue is not applicable here. This bug is preventing me from upgrading xdg-desktop-portal and xdg-desktop-portal-gtk on my laptop, so it would be nice if they could be binNMUed in maybe a month for the packages that have not yet had updates. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#882051: nmu: debhelper 10.10.7 dbgsym regression fix: rebuild xdg-desktop-portal_0.8-3, xdg-desktop-portal-gtk_0.7-3
Control: retitle -1 debhelper 10.10.7 dbgsym regression fix rebuilds On Sat, 2017-11-18 at 14:17 +0800, Paul Wise wrote: > There are probably several packages affected but I am not aware of > any easy mechanism to determine which packages were built against > debhelper 10.10.6 It was pointed out on IRC that buildinfo files can be used for this. Unfortunately our tools don't make it easy to query that info, but I came up with this list of packages that look like they need binNMUs: nmu bbmail_0.9.3-2+b1 mips64el . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu bfs_1.1.4-2 arm64 kfreebsd-i386 powerpc ppc64el . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu danmaq_0.2.3-1 mips64el . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu gobgp_1.25-1 amd64 . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu konversation_1.7.3-1 mips64el . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu nullmailer_1:2.1-1 amd64 arm64 i386 kfreebsd-amd64 mips powerpc ppc64el s390x . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu ofono_1.21-1 mips64el . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu png2html_1.1-7 mips64el . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu pump_0.8.24-7.1 mips64el . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu qtscrob_0.11+git-4 mips64el . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu qwo_0.5-3 mips64el . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu rosegarden_1:17.04-2 mipsel . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu seqan2_2.3.2.000platform-issues6-9cf5a69+dfsg-1 amd64 arm64 i386 powerpc s390x . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu webdruid_0.5.4-15 mips64el . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu xdg-desktop-portal_0.8-3 amd64 arm64 i386 mips mips64el powerpc ppc64el s390x . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu xdg-desktop-portal-gtk_0.7-3 amd64 arm64 i386 mips mips64el powerpc ppc64el s390x . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu xfce4-settings_4.13.1-1 powerpc . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu zomg_0.8-3 mips64el . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#882051: nmu: debhelper 10.10.7 dbgsym regression fix: rebuild xdg-desktop-portal_0.8-3, xdg-desktop-portal-gtk_0.7-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu debhelper 10.10.7 fixed a regression in debhelper 10.10.6 that prevented dbgsym packages from being generated. There are probably several packages affected but I am not aware of any easy mechanism to determine which packages were built against debhelper 10.10.6 so I've just included a binNMU request for the two packages I'm aware of that were definitely affected by this. debhelper (10.10.7) unstable; urgency=medium * dh_strip: Fix a regression that caused debug symbols for executables to be discarded instead of included into debug packages. nmu xdg-desktop-portal_0.8-3 . amd64 arm64 i386 mips64el mips powerpc ppc64el s390x . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" nmu xdg-desktop-portal-gtk_0.7-3 . amd64 arm64 i386 mips64el mips powerpc ppc64el s390x . unstable . -m "Rebuild to include dbgsym packages after debhelper 10.10.7 fix" -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#866389: transition: perl 5.26
On Thu, Jul 20, 2017 at 5:04 AM, gregor herrmann wrote: > #867213: syslog-ng-incubator: one rdep (syslog-ng). No reaction on > the bug report, unrelated build failure; I guess syslog-ng* > can be removed from testing if noone fixes the problem in > time. I'd like to point out that DSA relies on syslog-ng on debian.org hosts, so it would be appreciated if the issues could be fixed or worked around rather than removing syslog-ng from buster. Of course buster is not in use on any debian.org hosts yet. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#867461: should ca-certificates certdata.txt synchronize across all suites?
On Fri, Jul 7, 2017 at 2:01 AM, Antoine Beaupré wrote: > For what it's worth, my opinion is that we should attempt to synchronize > certdata.txt (and blacklist.txt, for that matter) across all suites (but > not other changes to the packaging). This would remove another decision > point in our infrastructure and ensure harmonious X509 processing across > suites. I would like to see that happen too. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#862379: RM: check-all-the-things/2017.01.15.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Please remove check-all-the-things from stretch. It isn't suitable for stable at this time. I've filed bug #862378 to keep it out. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#861725: unblock: nagstamon/2.0.1-4
On Wed, 2017-05-03 at 12:24 +0200, Moritz Schlarb wrote: > - This has been the behavior of the Nagstamon package since forever > (which is not a valid argumentation point - I know, but it's still a fact) There are two serious bugs here: 1) that certificates are not verified at least using CAs and or TOFU 2) that this fact was deliberately hidden from users > What do you think? I think we should enable the warnings in all suites. Once verification is available, backport the patch to all suites. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#861328: unblock: check-all-the-things/2017.01.15.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock check-all-the-things 2017.01.15.1, it fixes a security issue when running perlcritic. unblock check-all-the-things/2017.01.15.1 -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru check-all-the-things-2017.01.15/data/perl check-all-the-things-2017.01.15.1/data/perl --- check-all-the-things-2017.01.15/data/perl 2017-01-15 10:37:30.0 +0800 +++ check-all-the-things-2017.01.15.1/data/perl 2017-04-27 20:32:49.0 +0800 @@ -17,7 +17,7 @@ flags = perl-bug-588017 fixme fixme-silent apt = libperl-critic-perl comment = May create/overwrite a perltidy.ERR file in the current dir (#834213) -command = perlcritic -1 . 2>&1 | grep -vF 'No perl files were found.' +command = perlcritic --noprofile -1 . 2>&1 | grep -vF 'No perl files were found.' [perllib] command = grep -rw PERLLIB . diff -Nru check-all-the-things-2017.01.15/debian/changelog check-all-the-things-2017.01.15.1/debian/changelog --- check-all-the-things-2017.01.15/debian/changelog 2017-01-15 10:37:30.0 +0800 +++ check-all-the-things-2017.01.15.1/debian/changelog 2017-04-27 20:34:00.0 +0800 @@ -1,3 +1,11 @@ +check-all-the-things (2017.01.15.1) unstable; urgency=high + + * New release. +- The "Check Shiny Things More Securely" release +- Fix perlcritic to not execute code from the current dir + + -- Paul Wise <p...@debian.org> Thu, 27 Apr 2017 20:34:00 +0800 + check-all-the-things (2017.01.15) unstable; urgency=high * New release. signature.asc Description: This is a digitally signed message part
Bug#851678: jessie-pu: package openchange/1:2.2-6+deb8u1
On Mon, 2017-04-24 at 22:12 +0100, Adam D. Barratt wrote: > That sounds okay, although I wonder if it's worth mentioning the unusual > version progression in the changelog. I've rebuilt the package including this additional changelog entry: * Use version -6+ instead of -5+ because samba-libs conflicts with openchangeproxy (<< 1:2.2-6), making openchangeproxy -5+ uninstallable. The result has been uploaded and is on its way to pu-new. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#857711: unblock: needrestart-session/0.3-4.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please update the unblock for package needrestart-session to 0.3-4.1, it fixes being able to find processes that need to be restarted and fixes a crash when double-clicking on apps to highlight their windows. The first one makes this package actually work and the second one fixes a feature that is advertised directly in the user interface so is likely to cause complaints from users when it causes crashes. unblock needrestart-session/0.3-4.1 The maintainer requested that I do this upload/unblock on his behalf. -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru needrestart-session-0.3/debian/changelog needrestart-session-0.3/debian/changelog --- needrestart-session-0.3/debian/changelog 2017-03-10 23:18:08.0 +0800 +++ needrestart-session-0.3/debian/changelog 2017-03-14 15:37:11.0 +0800 @@ -1,3 +1,11 @@ +needrestart-session (0.3-4.1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix path to needrestart, now shows same results (Closes: #787291) + * Don't fork before system(), fixes crash on double-click (Closes: #857703) + + -- Paul Wise <p...@debian.org> Tue, 14 Mar 2017 15:37:11 +0800 + needrestart-session (0.3-4) unstable; urgency=high * Add dependency on adduser and add/delete new system user needrestart-dbus. diff -Nru needrestart-session-0.3/debian/patches/fix-crash.patch needrestart-session-0.3/debian/patches/fix-crash.patch --- needrestart-session-0.3/debian/patches/fix-crash.patch 1970-01-01 08:00:00.0 +0800 +++ needrestart-session-0.3/debian/patches/fix-crash.patch 2017-03-14 15:35:06.0 +0800 @@ -0,0 +1,16 @@ +Description: fix crash when double-clicking on items in the list +Author: Paul Wise <p...@debian.org> +Bug-Debian: https://bugs.debian.org/857703 +Forwarded: no +Last-Update: 2017-03-14 +--- a/needrestart-x11 b/needrestart-x11 +@@ -272,8 +272,6 @@ + sub OnAppsDClick { + my ($frame, $event) = @_; + +-my $pid = fork(); +- + system(qw(wmctrl -i -a), $plist[$event->GetIndex]->{winid}) if(exists($plist[$event->GetIndex]->{winid})); + } + diff -Nru needrestart-session-0.3/debian/patches/fix-path.patch needrestart-session-0.3/debian/patches/fix-path.patch --- needrestart-session-0.3/debian/patches/fix-path.patch 1970-01-01 08:00:00.0 +0800 +++ needrestart-session-0.3/debian/patches/fix-path.patch 2017-03-14 15:35:39.0 +0800 @@ -0,0 +1,16 @@ +Description: fix failure to find processes to restart +Author: Paul Wise <p...@debian.org> +Bug-Debian: https://bugs.debian.org/787291 +Forwarded: no +Last-Update: 2017-03-14 +--- a/needrestart-x11 b/needrestart-x11 +@@ -132,7 +132,7 @@ + + # get user processes required to be restarted + my %fnames; +-my $fh = nr_fork_pipe(0, qw(needrestart -b)); ++my $fh = nr_fork_pipe(0, qw(/usr/sbin/needrestart -b)); + $frProgress->SetTitle(q(Scanning processes...)) if(defined($frProgress)); + while(<$fh>) { + chomp; diff -Nru needrestart-session-0.3/debian/patches/series needrestart-session-0.3/debian/patches/series --- needrestart-session-0.3/debian/patches/series 1970-01-01 08:00:00.0 +0800 +++ needrestart-session-0.3/debian/patches/series 2017-03-14 15:32:14.0 +0800 @@ -0,0 +1,2 @@ +fix-crash.patch +fix-path.patch signature.asc Description: This is a digitally signed message part
Bug#857431: unblock: needrestart-session/0.3-4
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package needrestart-session, it creates the user needed to run the dbus service which is needed for this package to work. unblock needrestart-session/0.3-4 The maintainer requested that I file this unblock on his behalf. -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru needrestart-session-0.3/debian/changelog needrestart-session-0.3/debian/changelog --- needrestart-session-0.3/debian/changelog 2016-12-23 16:05:51.0 +0800 +++ needrestart-session-0.3/debian/changelog 2017-03-10 23:18:08.0 +0800 @@ -1,3 +1,10 @@ +needrestart-session (0.3-4) unstable; urgency=high + + * Add dependency on adduser and add/delete new system user needrestart-dbus. +Closes: #855788, #857077 + + -- Patrick MatthäiFri, 10 Mar 2017 16:18:08 +0100 + needrestart-session (0.3-3) unstable; urgency=medium * Bump Standards-Version to 3.9.8 (no changes required). diff -Nru needrestart-session-0.3/debian/control needrestart-session-0.3/debian/control --- needrestart-session-0.3/debian/control 2016-12-23 16:05:51.0 +0800 +++ needrestart-session-0.3/debian/control 2017-03-10 23:18:08.0 +0800 @@ -11,6 +11,7 @@ Depends: ${perl:Depends}, ${misc:Depends}, needrestart (>= 2.0), + adduser, libnet-dbus-perl, libproc-processtable-perl, libwx-perl, diff -Nru needrestart-session-0.3/debian/needrestart-session.postinst needrestart-session-0.3/debian/needrestart-session.postinst --- needrestart-session-0.3/debian/needrestart-session.postinst 1970-01-01 08:00:00.0 +0800 +++ needrestart-session-0.3/debian/needrestart-session.postinst 2017-03-10 23:18:08.0 +0800 @@ -0,0 +1,19 @@ +#!/bin/sh + +set -e + +case "$1" in +configure) +adduser --system --no-create-home --home /nonexistent --quiet needrestart-dbus || true +;; +abort-upgrade|abort-remove|abort-deconfigure) +;; +*) +echo "postinst called with unknown argument \`$1'" >&2 +exit 1 +;; +esac + +#DEBHELPER# + +exit 0 diff -Nru needrestart-session-0.3/debian/needrestart-session.postrm needrestart-session-0.3/debian/needrestart-session.postrm --- needrestart-session-0.3/debian/needrestart-session.postrm 1970-01-01 08:00:00.0 +0800 +++ needrestart-session-0.3/debian/needrestart-session.postrm 2017-03-10 23:18:08.0 +0800 @@ -0,0 +1,20 @@ +#!/bin/sh + +set -e + +case "$1" in +purge) +if getent passwd|grep -q ^needrestart-dbus: ; then +userdel needrestart-dbus 2>&1 > /dev/null || true +fi +;; +upgrade|remove|failed-upgrade|abort-install|abort-upgrade|disappear) +;; +*) +echo "postrm called with unknown argument \`$1'" >&2 +exit 1 +esac + +#DEBHELPER# + +exit 0 signature.asc Description: This is a digitally signed message part
Bug#851678: openchangeproxy: uninstallable in jessie, broken by samba
Control: tags 838671 + patch On Tue, 17 Jan 2017 14:58:22 +0100 Andreas Beckmann wrote: > openchange also FTBFS in stable: FYI, I've a patch from upstream, waiting on release team approval: https://bugs.debian.org/851678 -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: [debian-www] Please add mips64el to stretch and add pages for buster
On Mon, Feb 6, 2017 at 5:45 AM, Niels Thykier wrote: > Here are two updated patches. Committed. Removed some trailing whitespace and moved your name to Patch-by. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#851678: jessie-pu: package openchange/1:2.2-5+deb8u1
Control: retitle -1 jessie-pu: package openchange/1:2.2-6+deb8u1 On Sat, 2017-01-21 at 10:13 +0100, Andreas Beckmann wrote: > But openchangeproxy will still not be installable in jessie since > samba-libs has > > Conflicts: openchangeproxy (<< 1:2.2-6) I forgot about that. Since 1:2.2-6 was once in Debian, it would be probably best to use 1:2.2-6~deb8u1 but that doesn't match what samba used in the Breaks, so it will have to be 1:2.2-6+deb8u1, which should be fine since 1:2.2-7 was the latest version in Debian stretch. I'll change the version number and upload once I have an ack. http://snapshot.debian.org/package/openchange/ > Lowering this to (<< 1:2.2-5+deb8u1) would require another samba upload > to jessie (or piggybacking it on the next security upload). I think that isn't a useful use of samba maintainer/buildd time :) > Since noone has complained about this uninstallability so far in a > production environment, maybe the package is not in wide use ... and > dropping it might be another option. Ack, though the version change I mention above should be fine though. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#851678: RM: openchange -- RoQA; incompatible with updated samba
Control: retitle -1 jessie-pu: package openchange/1:2.2-5+deb8u1 Control: release.debian@packages.debian.org Control: usertags -1 - rm + pu On Wed, 18 Jan 2017 07:21:49 +0800 Paul Wise wrote: > This looks like the API issue in openchangeproxy mentioned in the > samba changelog from the build log messages you posted. > > This is the openchange bug and patch for this specific FTBFS: > > https://github.com/openchange/openchange/issues/249 > https://github.com/openchange/openchange/commit/73a49af50bf0a496cfe62f49e60a662f1d04d685.patch I've tested that this fixes the FTBFS in openchange. I'm unable to test that openchangeproxy still works but the patch looks like a fairly straight forward update to the newer samba APIs. The rest of the binary packages still work fine in my tests. I've attached a patch for a pu to the openchange package in jessie. -- bye, pabs https://wiki.debian.org/PaulWise diff -Nru openchange-2.2/debian/changelog openchange-2.2/debian/changelog --- openchange-2.2/debian/changelog 2014-09-22 07:00:28.0 +0800 +++ openchange-2.2/debian/changelog 2017-01-21 15:23:28.0 +0800 @@ -1,3 +1,9 @@ +openchange (1:2.2-5+deb8u1) jessie; urgency=medium + + * Include upstream patch to fix FTBFS with samba 4.2 + + -- Paul Wise <p...@debian.org> Sat, 21 Jan 2017 15:23:28 +0800 + openchange (1:2.2-5) unstable; urgency=medium * Disable mysql tests. Closes: #761559 diff -Nru openchange-2.2/debian/patches/73a49af50bf0a496cfe62f49e60a662f1d04d685.patch openchange-2.2/debian/patches/73a49af50bf0a496cfe62f49e60a662f1d04d685.patch --- openchange-2.2/debian/patches/73a49af50bf0a496cfe62f49e60a662f1d04d685.patch 1970-01-01 08:00:00.0 +0800 +++ openchange-2.2/debian/patches/73a49af50bf0a496cfe62f49e60a662f1d04d685.patch 2017-01-21 15:20:31.0 +0800 @@ -0,0 +1,45 @@ +From 73a49af50bf0a496cfe62f49e60a662f1d04d685 Mon Sep 17 00:00:00 2001 +From: Julien Kerihuel <j.kerih...@openchange.org> +Date: Thu, 20 Mar 2014 02:19:53 +0100 +Subject: [PATCH] Fix compilation with samba release > 4.1.4 - use new API + functions introduced to access opaque assoc_group_id + +--- + mapiproxy/dcesrv_mapiproxy.c | 8 + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/mapiproxy/dcesrv_mapiproxy.c b/mapiproxy/dcesrv_mapiproxy.c +index b4d39e7..33a69a6 100644 +--- a/mapiproxy/dcesrv_mapiproxy.c b/mapiproxy/dcesrv_mapiproxy.c +@@ -132,10 +132,10 @@ static NTSTATUS mapiproxy_op_connect(struct dcesrv_call_state *dce_call, + + switch (dce_call->pkt.ptype) { + case DCERPC_PKT_BIND: +- b->assoc_group_id = dce_call->pkt.u.bind.assoc_group_id; ++ status = dcerpc_binding_set_assoc_group_id(b, dce_call->pkt.u.bind.assoc_group_id); + break; + case DCERPC_PKT_ALTER: +- b->assoc_group_id = dce_call->pkt.u.alter.assoc_group_id; ++ status = dcerpc_binding_set_assoc_group_id(b, dce_call->pkt.u.alter.assoc_group_id); + break; + default: + break; +@@ -152,7 +152,7 @@ static NTSTATUS mapiproxy_op_connect(struct dcesrv_call_state *dce_call, + if (!NT_STATUS_IS_OK(status)) { + return status; + } +- dce_call->context->assoc_group->id = private->c_pipe->assoc_group_id; ++ dce_call->context->assoc_group->id = dcerpc_binding_get_assoc_group_id(private->c_pipe->binding); + + } else { + status = dcerpc_pipe_connect(dce_call->context, +@@ -167,7 +167,7 @@ static NTSTATUS mapiproxy_op_connect(struct dcesrv_call_state *dce_call, + if (!NT_STATUS_IS_OK(status)) { + return status; + } +- dce_call->context->assoc_group->id = private->c_pipe->assoc_group_id; ++ dce_call->context->assoc_group->id = dcerpc_binding_get_assoc_group_id(private->c_pipe->binding); + } + + private->connected = true; diff -Nru openchange-2.2/debian/patches/series openchange-2.2/debian/patches/series --- openchange-2.2/debian/patches/series 2014-09-22 07:00:17.0 +0800 +++ openchange-2.2/debian/patches/series 2017-01-21 15:23:28.0 +0800 @@ -1 +1,2 @@ 01_disable_mysql_tests +73a49af50bf0a496cfe62f49e60a662f1d04d685.patch signature.asc Description: This is a digitally signed message part
Bug#851678: RM: openchange -- RoQA; incompatible with updated samba
On Tue, Jan 17, 2017 at 10:26 PM, Andreas Beckmann wrote: > I'm not perfectly convinced about this RM request, but something should > happen with openchange in stable: At $work we rely on openchange but not openchangeproxy. We know it was removed from stretch and later but were assuming we could use it on jessie, once we have migrated from wheezy. The wheezy to jessie migration is blocked by some regression bugs in jessie Linux CIFS support that we are in the process of debugging. Once we have fixed that, we would like to start migrating systems to jessie. Post-jessie we don't yet have a strategy but are looking into options. > * openchangeproxy (1:2.2-5) is uninstallable in stable (#838671) > samba-libs has a Breaks: openchangeproxy (<< 1:2.2-6) that stems from > the first samba 4.2 upload to jessie-security: I guess this could be fixed by a new upload that either drops openchangeproxy or fixes the API/ABI usage. > * openchange FTBFS in stable (I just mentioned this in #838671) > (the version in stable was most likely built against samba 2:4.1.13+dfsg-4) This looks like the API issue in openchangeproxy mentioned in the samba changelog from the build log messages you posted. This is the openchange bug and patch for this specific FTBFS: https://github.com/openchange/openchange/issues/249 https://github.com/openchange/openchange/commit/73a49af50bf0a496cfe62f49e60a662f1d04d685.patch > * openchange was removed from unstable due to incompatibility with > newer samba versions Unfortunately the openchange project is dead upstream so it won't be coming back. > * downside: openchange builds a lot more packages than just openchangeproxy > these are all still installable in stable (according to piuparts) At $work we rely on openchangeclient and several of the -dev packages. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#851453: age-days: check-all-the-things/2017.01.15
gelog --- check-all-the-things-2016.12.25/debian/changelog 2016-12-25 08:02:09.0 +0800 +++ check-all-the-things-2017.01.15/debian/changelog 2017-01-15 10:37:30.0 +0800 @@ -1,3 +1,19 @@ +check-all-the-things (2017.01.15) unstable; urgency=high + + * New release. +- The "Check Things Securely Not Portably" release +- Reset terminal modes after commands to avoid colour spew +- Improve compatibility with Python 3.6 +- Update python checks to not work on other distros + because the `python -m` command is insecure +- Update checkers removed from Debian - allow to run if installed +- Update lrzip-test/zstd-test - add MIME types +- Add lz4-test - check lz4 compressed files +- Add path-max - check for non-portable path size macros +- TODO items for deep-text-correcter sblint decopy + + -- Paul Wise <p...@debian.org> Sun, 15 Jan 2017 10:37:30 +0800 + check-all-the-things (2016.12.25) unstable; urgency=medium * New release. diff -Nru check-all-the-things-2016.12.25/doc/TODO check-all-the-things-2017.01.15/doc/TODO --- check-all-the-things-2016.12.25/doc/TODO 2016-12-25 07:43:10.0 +0800 +++ check-all-the-things-2017.01.15/doc/TODO 2017-01-15 10:37:30.0 +0800 @@ -26,6 +26,7 @@ http://www.flycheck.org/en/latest/languages.html https://atomlinter.github.io/ https://github.com/coala-analyzer/coala-bears/tree/master/bears +https://github.com/coala/bear-docs https://github.com/alecthomas/gometalinter A mechanisms for filtering output is needed. @@ -47,4 +48,9 @@ Add the ability to suggest command-lines for installing missing tools +Check if any tests contain dangerous commands: + +python -m +python -c + .. vim:ts=3 sw=3 et ft=rst signature.asc Description: This is a digitally signed message part
Re: typo in 8.3 release announce (News/2016/20160123)
On Thu, Dec 29, 2016 at 9:36 PM, victory wrote: > correction libraw ... fix memory objects are not intialized properly > in*i*tialized Fixed in CVS. -- bye, pabs https://wiki.debian.org/PaulWise
Re: Release impact of introducing a new archive section?
On Mon, Dec 12, 2016 at 5:22 AM, Josh Triplett wrote: > If we can get every package to handle this entirely at runtime, then > ideally I'd suggest archive metadata downloaded by apt. That would have > the advantage of automatically handling new sections, including for > third-party archives. Packaging it doesn't have that advantage, though > it also seems logistically simpler. A file in the archive with support code in apt would be much better, especially since it could include translations too. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#836942: transition: glew
On Thu, Sep 15, 2016 at 11:43 AM, Paul Wise wrote: > Please introduce a copy of the old glew so that packages > using GLEW MX can build and run on Debian stretch. Since you declined I've now uploaded a glewmx source package to NEW. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#836942: transition: glew
On Wed, Sep 7, 2016 at 8:15 PM, Matteo F. Vescovi wrote: > * quesoglc (0.7.2-5) -> FTBFS [G] I'm disappointed that upstream completely removed GLEW MX support and you did not notice that quesoglc and other packages use GLEW MX and cannot build and work without it. Please introduce a copy of the old glew so that packages using GLEW MX can build and run on Debian stretch. -- bye, pabs https://wiki.debian.org/PaulWise
Bug#836342: UDD/testing_autoremovals_gatherer.pl: Version in autoremoval notice may not be version actually checked
Control: reassign -1 qa.debian.org Control: retitle -1 UDD/testing_autoremovals_gatherer.pl: Version in autoremoval notice may not be version actually checked On Fri, 2016-09-02 at 08:16 +0100, Rebecca N. Palmer wrote: > That script looks like it gets version and bug information in one fetch > from UDD > (https://anonscm.debian.org/git/mirror/release-tools.git/tree/mailer/mail_autoremovals.pl#101), > > which I took to mean the problem was in what generated that information, > but I don't know Perl. Looks like you are right. Sorry for second-guessing you and not investigating :( -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: Bug#836342: UDD/testing_autoremovals_gatherer.pl: Version in autoremoval notice may not be version actually checked
Control: reassign -1 release.debian.org Control: retitle -1 Version in autoremoval notice may not be version actually checked As you can see in the headers of the mail, the autoremoval warnings are sent by the release team not the QA infrastructure. On Fri, Sep 2, 2016 at 5:33 AM, Rebecca N. Palmerwrote: > Package: qa.debian.org > Severity: minor > User: qa.debian@packages.debian.org > Usertags: udd > > When a package has recently migrated, one may receive an autoremoval warning > that lists the new version of the package, but a problem only the old > version had. > > Example (1.1.2-4 had the problem, 1.1.2-5 doesn't, and is no longer listed > for autoremoval): > > Forwarded Message > Subject: [Pkg-opencl-devel] beignet 1.1.2-5 MIGRATED to testing > Date: Tue, 23 Aug 2016 16:39:10 + > From: Debian testing watch > To: beig...@packages.debian.org > > FYI: The status of the beignet source package > in Debian's testing distribution has changed. > > Previous version: 1.1.2-4 > Current version: 1.1.2-5 > > --- > > Forwarded Message > Subject: [Pkg-opencl-devel] beignet is marked for autoremoval from testing > Date: Wed, 24 Aug 2016 04:39:03 + > From: Debian testing autoremoval watch > To: beig...@packages.debian.org > > beignet 1.1.2-5 is marked for autoremoval from testing on 2016-09-04 > > It (build-)depends on packages with these RC bugs: > 818380: clang-3.7: __builtin_return_address() segfaults on s390x -- bye, pabs https://wiki.debian.org/PaulWise
Re: gpg can't check signature for some source packages
On Fri, Aug 26, 2016 at 9:49 AM, taro110 wrote: > Hi, I am building some packages by myself > and facing gpg verification error. e.g., Please ask your question on the mentors list instead: https://lists.debian.org/debian-mentors/ -- bye, pabs https://wiki.debian.org/PaulWise
Re: Transition news: GCC 6 enabled by default
On Sun, Aug 7, 2016 at 9:18 PM, Dirk Eddelbuettel wrote: > Let me know if I should take this to debian-devel or some other list. I'm not part of the release team, but I expect you probably should read the documentation and then file a bug report, the release team often emphasises bug reports over mailing list posts. https://wiki.debian.org/Teams/ReleaseTeam/Transitions -- bye, pabs https://wiki.debian.org/PaulWise
[release-tools] [PATCH] testing.pl is gone, update links to it to qa.d.o/excuses.php
--- queue-viewer/overview.xslt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/queue-viewer/overview.xslt b/queue-viewer/overview.xslt index 0ec63f0..d79127c 100644 --- a/queue-viewer/overview.xslt +++ b/queue-viewer/overview.xslt @@ -201,7 +201,7 @@ verproblems - /migration/testing.pl?package= + https://qa.debian.org/excuses.php?package= -- 2.8.1
Re: [Stretch] Status for architecture qualification
On Wed, 2016-06-15 at 01:37 +0300, Dimitri John Ledkov wrote: > At the openmainframeproject EU meetup, it was indicated that SUSE > joined with indication that Open Build Service might be able to use > resources hosted by Marist. > > I wonder if it makes sense to reach out, and see if there are > resources available to use as porter boxes & build boxes. That way > Debian might be able to get such donated resource available on ongoing > basis and hopefully with some hw support. Marist already support Debian with an s390x buildd: ldapsearch -LLL -x -h db.debian.org -b ou=hosts,dc=debian,dc=org "(sponsor=*marist*)" https://db.debian.org/machines.cgi?host=zani Our other sponsors for s390 are www.iic.kit.edu and www.zivit.de: ldapsearch -LLL -x -h db.debian.org -b ou=hosts,dc=debian,dc=org "(architecture=s390*)" sponsor -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#827275: release.debian.org: hint pixbros back into testing
Package: release.debian.org Severity: wishlist pixbros was removed from testing due to an RC bug. I have fixed the RC bug but it is not migrating back into testing because it is an arch all package that depends on an 32-bit-only package (fenix) that has never been available on amd64 but britney seems to want it on amd64: 11 days old (needed 10 days) pixbros/amd64 unsatisfiable Depends: fenix pixbros/amd64 unsatisfiable Depends: fenix-plugins-system Not considered -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: [Reproducible-builds] [Reproducible] On making Stretch self-contained IRT to reproducibility
On Wed, Mar 9, 2016 at 5:24 PM, Holger Levsen wrote: > I dont think doing thousands of sourceful uploads is realistic nor useful Now that we have source-only uploads, it should be fairly easy to do on a fast network. Just a for loop around apt-get source, dch, debuild -S, debsign, dupload. -- bye, pabs https://wiki.debian.org/PaulWise
Re: glibc hardening patch
On Wed, Mar 2, 2016 at 3:34 AM, bancfc wrote: > Hi. After the recent glibc debacle I came across a patch to harden this > important library against common attack vectors. Please think about > reviewing and adding in Debian. The author warned there may be some package > breakage but nothing too serious: It might be worth adding a lintian test for the cwd-relative RPATH issue. I expect $ORIGIN-relative RPATHs are usually intentional though. -- bye, pabs https://wiki.debian.org/PaulWise