Bug#889279: marked as done (stretch-pu: package quota/4.03-2+b1)
Control: reopen -1 Control: tags -1 + pending Michael Meskes wrote: The package made it's way into the archive, therefore the bug can be closed. Nope. p-u bugs get closed once the package is actually in stable, i.e. after the point release. Regards, Adam
Processed: Re: Bug#889279: marked as done (stretch-pu: package quota/4.03-2+b1)
Processing control commands: > reopen -1 Bug #889279 {Done: Michael Meskes } [release.debian.org] stretch-pu: package quota/4.03-2+b1 Bug reopened Ignoring request to alter fixed versions of bug #889279 to the same values previously set > tags -1 + pending Bug #889279 [release.debian.org] stretch-pu: package quota/4.03-2+b1 Added tag(s) pending. -- 889279: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889279 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#889279: marked as done (stretch-pu: package quota/4.03-2+b1)
> Nope. p-u bugs get closed once the package is actually in stable, > i.e. > after the point release. Oops, sorry, I thought I had missed it. Michael -- Michael Meskes Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) Meskes at (Debian|Postgresql) dot Org Jabber: michael at xmpp dot meskes dot org VfL Borussia! Força Barça! SF 49ers! Use Debian GNU/Linux, PostgreSQL
Bug#891452: marked as done (nmu: tumbler_0.2.0-1)
Your message dated Mon, 26 Feb 2018 09:57:57 +0100 with message-id and subject line Re: Bug#891452: nmu: tumbler_0.2.0-1 has caused the Debian Bug report #891452, regarding nmu: tumbler_0.2.0-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 891452: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891452 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu nmu tumbler_0.2.0-1 . ANY . experimental . -m "Rebuild against libopenraw7." Let's finish the libopenraw transition in experimental, too. Andreas --- End Message --- --- Begin Message --- On 25/02/18 18:28, Andreas Beckmann wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: binnmu > > nmu tumbler_0.2.0-1 . ANY . experimental . -m "Rebuild against libopenraw7." > > Let's finish the libopenraw transition in experimental, too. Scheduled. Emilio--- End Message ---
Bug#891448: marked as done (nmu: osmo-trx_0.2.0-1)
Your message dated Mon, 26 Feb 2018 09:57:25 +0100 with message-id <13bd537c-d1c9-2b76-8146-a3ac3c5ef...@debian.org> and subject line Re: Bug#891448: nmu: osmo-trx_0.2.0-1 has caused the Debian Bug report #891448, regarding nmu: osmo-trx_0.2.0-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 891448: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891448 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu nmu osmo-trx_0.2.0-1 . ANY . experimental . -m "Rebuild against libuhd003.010.003." libuhd recently had a transition in sid ... Andreas --- End Message --- --- Begin Message --- On 25/02/18 18:11, Andreas Beckmann wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: binnmu > > nmu osmo-trx_0.2.0-1 . ANY . experimental . -m "Rebuild against > libuhd003.010.003." > > libuhd recently had a transition in sid ... Done. Emilio--- End Message ---
Bug#886294: marked as done (transition: nodejs)
Your message dated Mon, 26 Feb 2018 10:05:53 +0100 with message-id and subject line Re: Bug#886294: transition: nodejs has caused the Debian Bug report #886294, regarding transition: nodejs to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 886294: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886294 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition nodejs 8.9.3 brings the following improvements for debian: - a backported openssl 1.1.0 compatibility from nodejs 9.x branch - hard-to-debug segmentation faults fix (#878674) - it is an upstream LTS branch Julien Puydt and me checked all direct reverse build-deps and i took care of several issues that appeared with the update: - test failures caused by the move to openssl 1.1.0 - failures caused by exception names changes in assert module - failures caused by api that was deprecated long ago then dropped There was no major issue with pure javascript modules and addons depending on nodejs-abi were rebuilt smoothly after the fixes. Thank you for your attention, Jérémy Ben file: title = "nodejs"; is_affected = .depends ~ "nodejs-abi-48" | .depends ~ "nodejs-abi-57"; is_good = .depends ~ "nodejs-abi-57"; is_bad = .depends ~ "nodejs-abi-48"; --- End Message --- --- Begin Message --- On 25/02/18 10:51, Jérémy Lal wrote: > 2018-01-30 20:31 GMT+01:00 Emilio Pozuelo Monfort : > >> On 29/01/18 20:15, Philipp Kern wrote: >>> On 2018-01-25 11:36, Aurelien Jarno wrote: Bumping the baseline to z196 looks like the easiest way and as you said, it would also fix go, rustc and maybe more software. However we >> discussed raising the ISA to z10 about one year and a half ago, and the conclusion was that we still have users with older machines. I'll try to restart the discussion again. >>> >>> What's the venue to have this discussion in? :) >> >> debian-s390@l.d.o ? >> >> FWIW you two (Philipp and Aurelien) are the two current s390x porters, so I >> think it's mostly your call. > > > Hi, > > now that this issue has been solved, it seems nodejs is ready for migration > to testing. node-mapnik was re-uploaded, which reset the migration delay. I urgented it and nodejs and the rest of the node modules migrated to testing. Cheers, Emilio--- End Message ---
Bug#890897: transition: unibilium
On 25/02/18 18:50, James McCoy wrote: > On Fri, Feb 23, 2018 at 08:17:31AM -0500, James McCoy wrote: >> On Fri, Feb 23, 2018 at 10:11:42AM +0100, Emilio Pozuelo Monfort wrote: >>> Control: tags -1 confirmed >>> >>> On 20/02/18 13:16, James McCoy wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition There is an upstream SONAME bump due to support for terminfo's new wide format. The dependency chain revolves around neovim and everything rebuilds and tests fine with the new unibilium. >>> >>> Go ahead. >> >> Thanks. Uploaded. > > Could libtickit be binNMUed? That would be the last bit to finish > rebuilding against the new unibilium. Scheduled. Emilio
Bug#890204: marked as done (transition: ppp)
Your message dated Mon, 26 Feb 2018 10:08:49 +0100 with message-id <77e44f9b-0c17-7519-172b-ec1dbebe2...@debian.org> and subject line Re: Bug#890204: transition: ppp has caused the Debian Bug report #890204, regarding transition: ppp to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 890204: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890204 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hi release team folks, I have just uploaded a new version of ppp to experimental. That upload requires packages that build pppd plugins to be rebuilt due to a change in the pppd ABI. I would like to upload that package to sid as soon as feasible. This is the first opportunity we've had to try my new plugin ABI tracking technique. I've given the ben file below a try myself and I think it does the right thing, but I would appreciate any comments you might have about it. I have manually rebuilt all affected packages and all build fine so binNMUs should be the only thing required for all of them. Note that connman seems to be a package to newly depend on ppp-dev and builds a pppd plugin but it doesn't use my dh_ppp helper. I will be filing a bug against that package (including a patch) shortly. Even without said patch a binNMU is sufficient (and required) for binary compatibility with the new ppp upload. Ben file: title = "ppp"; is_affected = .build-depends ~ /ppp-dev/; is_good = .depends ~ /ppp \(<< 2.4.7-3~\)/ | .breaks ~ /ppp \(>= 2.4.7-3~\)/; is_bad = .depends ~ /ppp \(<< 2.4.7-2~\)/ | .breaks ~ /ppp \(>= 2.4.7-2~\)/; --- End Message --- --- Begin Message --- On 17/02/18 21:22, Chris Boot wrote: > On 17/02/18 08:03, Emilio Pozuelo Monfort wrote: >> Control: tags -1 confirmed >> >> On 11/02/18 22:04, Chris Boot wrote: >>> Package: release.debian.org >>> Severity: normal >>> User: release.debian@packages.debian.org >>> Usertags: transition >>> >>> Hi release team folks, >>> >>> I have just uploaded a new version of ppp to experimental. That upload >>> requires packages that build pppd plugins to be rebuilt due to a change >>> in the pppd ABI. I would like to upload that package to sid as soon as >>> feasible. > [snip] >> Please go ahead. > > Uploaded. Note that connman just got in today before me so that'll need > a binNMU now as well. ppp migrated to testing, closing. Emilio--- End Message ---
Bug#891503: stretch-pu: package osinfo-db/0.20180226-1~deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi, I'd like to update osinfo-db in stretch. This would allow us to have up to date information for operating system installs with e.g. gnome-boxes and virt-manager by adding new data for recent debian, ubuntu and freebsd releases as well as updating existing ones. Since it's a new upstream version I've attached the full diff (exluding po/ to keep the size down). Note that osinfo-db was split out from libosinfo to facilitate this kind of upgrades. O.k. to upload to stretch-p-u? Cheers, -- Guido -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'stable-updates'), (500, 'oldoldstable'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386, armhf Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff --git a/Makefile b/Makefile index 1846f7a..329f409 100644 --- a/Makefile +++ b/Makefile @@ -29,7 +29,7 @@ SCHEMA_FILES = data/schema/osinfo.rng ARCHIVE = osinfo-db-$(TODAY).tar.xz -ZANATA = zanata-cli +ZANATA = zanata XMLLINT = xmllint @@ -91,10 +91,10 @@ po/osinfo-db.pot: po/POTFILES.in $(DATA_FILES_IN) $(V_GEN) cd po && $(INTLTOOL_UPDATE) --gettext-package $(GETTEXT_PACKAGE) --pot po-push: po/osinfo-db.pot - $(ZANATA) push + (cd po && $(ZANATA) push --push-type source) po-pull: po/osinfo-db.pot - $(ZANATA) pull + (cd po && $(ZANATA) pull) update-po: cd po && \ diff --git a/data/os/debian.org/debian-8.xml.in b/data/os/debian.org/debian-8.xml.in index 8ad189b..7b1a690 100644 --- a/data/os/debian.org/debian-8.xml.in +++ b/data/os/debian.org/debian-8.xml.in @@ -33,7 +33,7 @@ - http://cdimage.debian.org/mirror/cdimage/archive/8.8.0/i386/iso-dvd/debian-8.8.0-i386-DVD-1.iso + http://cdimage.debian.org/mirror/cdimage/archive/8.10.0/i386/iso-dvd/debian-8.10.0-i386-DVD-1.iso Debian 8.\d.\d i386 1 @@ -41,7 +41,7 @@ install.386/initrd.gz - http://cdimage.debian.org/mirror/cdimage/archive/8.8.0/amd64/iso-dvd/debian-8.8.0-amd64-DVD-1.iso + http://cdimage.debian.org/mirror/cdimage/archive/8.10.0/amd64/iso-dvd/debian-8.10.0-amd64-DVD-1.iso Debian 8.\d.\d amd64 1 diff --git a/data/os/debian.org/debian-9.xml.in b/data/os/debian.org/debian-9.xml.in index 759422b..54bdde3 100644 --- a/data/os/debian.org/debian-9.xml.in +++ b/data/os/debian.org/debian-9.xml.in @@ -49,7 +49,7 @@ - http://cdimage.debian.org/cdimage/archive/9.0.0/i386/iso-cd/debian-9.0.0-i386-netinst.iso + http://cdimage.debian.org/cdimage/archive/9.2.1/i386/iso-cd/debian-9.2.1-i386-netinst.iso Debian 9.(\d)+.(\d)+ i386 n @@ -58,7 +58,7 @@ - http://cdimage.debian.org/cdimage/archive/9.0.0/amd64/iso-cd/debian-9.0.0-amd64-netinst.iso + http://cdimage.debian.org/cdimage/archive/9.2.1/amd64/iso-cd/debian-9.2.1-amd64-netinst.iso Debian 9.(\d)+.(\d)+ amd64 n @@ -67,7 +67,7 @@ - http://cdimage.debian.org/cdimage/archive/9.0.0/arm64/iso-cd/debian-9.0.0-arm64-netinst.iso + http://cdimage.debian.org/cdimage/archive/9.2.1/arm64/iso-cd/debian-9.2.1-arm64-netinst.iso Debian 9.(\d)+.(\d)+ arm64 n @@ -76,7 +76,7 @@ - http://cdimage.debian.org/cdimage/archive/9.0.0/armhf/iso-cd/debian-9.0.0-armhf-netinst.iso + http://cdimage.debian.org/cdimage/archive/9.2.1/armhf/iso-cd/debian-9.2.1-armhf-netinst.iso Debian 9.(\d)+.(\d)+ armhf n @@ -87,7 +87,7 @@ - http://cdimage.debian.org/cdimage/archive/9.0.0/i386/iso-dvd/debian-9.0.0-i386-DVD-1.iso + http://cdimage.debian.org/cdimage/archive/9.2.1/i386/iso-dvd/debian-9.2.1-i386-DVD-1.iso Debian 9.(\d)+.(\d)+ i386 1 @@ -96,7 +96,7 @@ - http://cdimage.debian.org/cdimage/archive/9.0.0/amd64/iso-dvd/debian-9.0.0-amd64-DVD-1.iso + http://cdimage.debian.org/cdimage/archive/9.2.1/amd64/iso-dvd/debian-9.2.1-amd64-DVD-1.iso Debian 9.(\d)+.(\d)+ amd64 1 @@ -105,7 +105,7 @@ - http://cdimage.debian.org/cdimage/archive/9.0.0/arm64/iso-dvd/debian-9.0.0-arm64-DVD-1.iso + http://cdimage.debian.org/cdimage/archive/9.2.1/arm64/iso-dvd/debian-9.2.1-arm64-DVD-1.iso Debian 9.(\d)+.(\d)+ arm64 1 @@ -114,7 +114,7 @@ - http://cdimage.debian.org/cdimage/archive/9.0.0/armhf/iso-dvd/debian-9.0.0-armhf-DVD-1.iso + http://cdimage.debian.org/cdimage/archive/9.2.1/armhf/iso-dvd/debian-9.2.1-armhf-
Bug#887855: stretch-pu: package libvirt/3.0.0-4+deb9u2
On Fri, Feb 23, 2018 at 04:42:46PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sat, 2018-01-20 at 18:46 +0100, Guido Günther wrote: > > the above update addresses CVE-2018-5748 as well as a bug where disks > > with cache=directsync couldn't be migrated (#883208). > > > > +_("Migration may lead to data corruption if > disks" > +- " use cache != none")); > ++ " use cache != none or cache != directsync")); > > I think that message should use "and", not "or" - all possible values > are "!= none or != directsync". (Or maybe "if disks use cache != none > or directsync" or something.) I agree but that's what upstream uses so I optet for leaving it as is. > Please go ahead. Uploded. Thanks. -- Guido
Bug#875714: stretch-pu: package zeroc-ice/3.6.3-5
Hi, any change we can get this approved on time for debian 9.4? Regards, José On Mon, Nov 20, 2017 at 5:03 PM, Jose Gutierrez de la Concha wrote: > > > On Sun, Nov 19, 2017 at 3:12 PM, Julien Cristau > wrote: > >> On Fri, Nov 17, 2017 at 13:40:04 +0100, Jose Gutierrez de la Concha wrote: >> >> > Should I close this bug now and open a new one after upload 3.6.4-2? >> > >> Reusing this one should be fine, remove the moreinfo tag when you send >> in a new diff. >> > > Attached new debdiff, the fix for the reported issue has been incoporated > as a > debian patch, and will be part of upstream 3.6.5 and 3.7.1 > > debian/patches/000-changeuser-bogus-loop > > > > >> >> Cheers, >> Julien >> > > > > -- > José Gutiérrez de la Concha > ZeroC, Inc. > -- José Gutiérrez de la Concha ZeroC, Inc.
Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6
Hi, here is a new version of the patch. I now additionally let bacula-common.preinst check for the existence of bacula-director-common.postrm and comment out the offending line if found (first chunk in the diff). I chose to use bacula-common because it is depended upon by all other bacula packages. I've also amended the text in the changelog, otherwise the rest of the patch is the same as the previous version. The patch is also viewable at https://salsa.debian.org/bacula-team/bacula/compare/debian%2F7.4.4+dfsg-6...stretch Thanks, Carsten diff --git a/debian/bacula-common.preinst b/debian/bacula-common.preinst index 056c2944..d0b323fa 100644 --- a/debian/bacula-common.preinst +++ b/debian/bacula-common.preinst @@ -12,6 +12,14 @@ case "$1" in echo "Ok." fi ;; + install|upgrade) + # purging bacula-director-common can mistakenly delete bacula-dir.conf + # neutralize the offending line in its postrm; see bug #880529 for details + if dpkg-query -l bacula-director-common > /dev/null 2>&1 && \ + [ -e /var/lib/dpkg/info/bacula-director-common.postrm ]; then + sed -i 's/rm -f $CONFFILE $CONFFILE.dist/#disabled: bug #880529# rm -f $CONFFILE $CONFFILE.dist/' /var/lib/dpkg/info/bacula-director-common.postrm + fi + ;; esac # dh_installdeb will replace this with shell code automatically diff --git a/debian/bacula-director.init b/debian/bacula-director.init index 8ac7c36a..89cfbe65 100644 --- a/debian/bacula-director.init +++ b/debian/bacula-director.init @@ -67,7 +67,7 @@ do_start() { if $DAEMON -u $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then start-stop-daemon --start --quiet --pidfile $PIDFILE \ - --oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG + --oknodo --exec $DAEMON -- -u $BUSER -g $BGROUP -c $CONFIG return 0 else log_progress_msg "- the configtest" diff --git a/debian/bacula-fd.init b/debian/bacula-fd.init index 649b9cc1..698e4ea3 100644 --- a/debian/bacula-fd.init +++ b/debian/bacula-fd.init @@ -54,7 +54,7 @@ do_start() { if $DAEMON -u $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then start-stop-daemon --start --quiet --pidfile $PIDFILE \ - --oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG + --oknodo --exec $DAEMON -- -u $BUSER -g $BGROUP -c $CONFIG return 0 else log_progress_msg "- the configtest" diff --git a/debian/bacula-sd.init b/debian/bacula-sd.init index 47c3d07d..e3863840 100644 --- a/debian/bacula-sd.init +++ b/debian/bacula-sd.init @@ -53,7 +53,7 @@ do_start() { if $DAEMON -g $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then start-stop-daemon --start --quiet --pidfile $PIDFILE \ - --oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG + --oknodo --exec $DAEMON -- -g $BUSER -g $BGROUP -c $CONFIG return 0 else log_progress_msg "- the configtest" diff --git a/debian/changelog b/debian/changelog index d0a4ac54..81b0627a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,21 @@ +bacula (7.4.4+dfsg-6+deb9u1) stretch; urgency=medium + + [Sven Hartge] + * Let PID files be owned by root. Mitigates a minor security problem +similar to CVE 2017-14610. Note that this change disables automatic +tracebacks. + + [Carsten Leonhardt] + * Added transitional package bacula-director-common, the old leftover +package can't be safely purged otherwise (it deletes +/etc/bacula/bacula-dir.conf in postrm which now belongs to the +bacula-director package). For the case when the package +bacula-director-common is deinstalled but not purged, we neutralize +the offending postrm script when upgrading bacula-common. (Closes: +#880529) + + -- Carsten Leonhardt Wed, 15 Nov 2017 22:55:15 +0100 + bacula (7.4.4+dfsg-6) unstable; urgency=medium [Sven Hartge] diff --git a/debian/control b/debian/control index 19418610..7c310185 100644 --- a/debian/control +++ b/debian/control @@ -357,3 +357,13 @@ Description: network backup service - Bacula Administration Tool . This GUI interface has been designed to ease restore operations as much as possible as compared to the basic text console. + +Package: bacula-director-common +Section: oldlibs +Architecture: any +Pre-Depends: ${misc:Pre-Depends} +Depends: + bacula-common (= ${binary:Version}), + ${misc:Depends} +Description: transitional package + This is a transitional package. It can safely be removed. diff --git a/debian/patches/non-forking-systemd-units.patch b/debian/patches/non-forking-systemd-units.patch index 636c9153..03cdabd7 100644 --- a/debian/patches/non-forking-systemd-units.patch +++ b/debian/patches/non-forking-systemd-units.patch @@ -20,13 +20,13 @@ Author: Sven Hartge -PIDFile=@piddir@/bacula-dir.@dir_port@.pid -ExecReload=@sbindir@/bacula-dir -t -c @sysconfdir@/bacula-dir.conf +Type=simple -+User=bacula -+Group=bacula ++User=root ++Group=root +Environment="CONFIG=/etc/bacula/bacula-dir.conf" +EnvironmentFile=-/etc/default/bacula-dir -+ExecStartPre=@sbindir@/bacula-dir -t -c $CONFIG -+Exe
Bug#891526: nmu: dune-grid-glue_2.6~20171108-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu nmu dune-grid-glue_2.6~20171108-1 . ANY . experimental . -m "Rebuild against libdune-common-2.6.0.rc1" API/ABI tracking is done via virtual packages ... Andreas
Processed: untag 881871 moreinfo
Processing commands for cont...@bugs.debian.org: > tags 881871 - moreinfo Bug #881871 [release.debian.org] stretch-pu: package bacula/7.4.4+dfsg-6 Removed tag(s) moreinfo. > thanks Stopping processing here. Please contact me if you need assistance. -- 881871: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881871 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891526: marked as done (nmu: dune-grid-glue_2.6~20171108-1)
Your message dated Mon, 26 Feb 2018 15:26:52 +0100 with message-id <31043c1f-0782-38c1-1fab-2c34d0e2b...@debian.org> and subject line Re: Bug#891526: nmu: dune-grid-glue_2.6~20171108-1 has caused the Debian Bug report #891526, regarding nmu: dune-grid-glue_2.6~20171108-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 891526: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891526 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu nmu dune-grid-glue_2.6~20171108-1 . ANY . experimental . -m "Rebuild against libdune-common-2.6.0.rc1" API/ABI tracking is done via virtual packages ... Andreas --- End Message --- --- Begin Message --- On 26/02/18 13:40, Andreas Beckmann wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: binnmu > > nmu dune-grid-glue_2.6~20171108-1 . ANY . experimental . -m "Rebuild against > libdune-common-2.6.0.rc1" > > API/ABI tracking is done via virtual packages ... Scheduled. Emilio--- End Message ---
Bug#891559: stretch-pu: package awffull/3.10.2-4+deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu * Don't use removed options in /etc/cron.daily/awffull, thanks to Ludovic Rousseau. (Closes: #728362) diff -Nru awffull-3.10.2/debian/awffull.cron.daily awffull-3.10.2/debian/awffull.cron.daily --- awffull-3.10.2/debian/awffull.cron.daily2013-10-18 20:35:33.0 +0300 +++ awffull-3.10.2/debian/awffull.cron.daily2018-02-26 19:13:11.0 +0200 @@ -30,7 +30,7 @@ [ -w ${OUTDIR} ] || { echo "ERROR: OutputDir not writable: ${OUTDIR}"; continue; }; # Run Really quietly, exit with status code if !0 - ${AWFFULL} -v 0 ${i} -Q || { echo "ERROR: Running awffull, exit status: $?"; continue; }; + ${AWFFULL} --config=${i} || { echo "ERROR: Running awffull, exit status: $?"; continue; }; RET=$?; # Non rotated log file @@ -43,7 +43,7 @@ # readable ? [ -r "${NLOGFILE}" ] || { echo "WARNING: Non-rotated LogFile is not readable: ${NLOGFILE}"; continue; }; -${AWFFULL} -v 0 ${i} -Q ${NLOGFILE}; +${AWFFULL} --config=${i} ${NLOGFILE}; RET=$?; fi; done; diff -Nru awffull-3.10.2/debian/changelog awffull-3.10.2/debian/changelog --- awffull-3.10.2/debian/changelog 2013-10-18 20:35:33.0 +0300 +++ awffull-3.10.2/debian/changelog 2018-02-26 19:13:16.0 +0200 @@ -1,3 +1,11 @@ +awffull (3.10.2-4+deb9u1) stretch; urgency=medium + + * QA upload. + * Don't use removed options in /etc/cron.daily/awffull, +thanks to Ludovic Rousseau. (Closes: #728362) + + -- Adrian Bunk Mon, 26 Feb 2018 19:13:16 +0200 + awffull (3.10.2-4) unstable; urgency=low * QA upload.
Bug#891562: stretch-pu: package cl-mcclim/0.9.6.dfsg.cvs20100315-3~deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu * Drop the empty cl-mcclim-doc package. (Closes: #889184) diff -Nru cl-mcclim-0.9.6.dfsg.cvs20100315/debian/changelog cl-mcclim-0.9.6.dfsg.cvs20100315/debian/changelog --- cl-mcclim-0.9.6.dfsg.cvs20100315/debian/changelog 2013-11-30 22:07:36.0 +0200 +++ cl-mcclim-0.9.6.dfsg.cvs20100315/debian/changelog 2018-02-26 19:27:25.0 +0200 @@ -1,3 +1,17 @@ +cl-mcclim (0.9.6.dfsg.cvs20100315-3~deb9u1) stretch; urgency=medium + + * QA upload. + * Rebuild for stretch. + + -- Adrian Bunk Mon, 26 Feb 2018 19:27:25 +0200 + +cl-mcclim (0.9.6.dfsg.cvs20100315-3) unstable; urgency=medium + + * QA upload. + * Drop the empty cl-mcclim-doc package. (Closes: #889184) + + -- Adrian Bunk Sat, 24 Feb 2018 19:43:50 +0200 + cl-mcclim (0.9.6.dfsg.cvs20100315-2) unstable; urgency=low * Orphaned. diff -Nru cl-mcclim-0.9.6.dfsg.cvs20100315/debian/control cl-mcclim-0.9.6.dfsg.cvs20100315/debian/control --- cl-mcclim-0.9.6.dfsg.cvs20100315/debian/control 2013-11-30 22:07:36.0 +0200 +++ cl-mcclim-0.9.6.dfsg.cvs20100315/debian/control 2018-02-24 19:42:33.0 +0200 @@ -36,14 +36,14 @@ i.e. cl-clx-sbcl for sbcl and cmucl-source for cmucl, is required to compile and run cl-mcclim and cl-mcclim-examples. -Package: cl-mcclim-doc -Section: doc -Architecture: all -Depends: ${misc:Depends} -Suggests: cl-mcclim -Description: Graphic user interface package for Common Lisp programs - McCLIM is a free implementation of the CLIM specification. CLIM (Common Lisp - Interface Manager) is a cross-platform, cross-implementation graphic user - interface toolkit for Common Lisp programs. - . - This package contains McCLIM documentation. +#Package: cl-mcclim-doc +#Section: doc +#Architecture: all +#Depends: ${misc:Depends} +#Suggests: cl-mcclim +#Description: Graphic user interface package for Common Lisp programs +# McCLIM is a free implementation of the CLIM specification. CLIM (Common Lisp +# Interface Manager) is a cross-platform, cross-implementation graphic user +# interface toolkit for Common Lisp programs. +# . +# This package contains McCLIM documentation.
Processed: Requested information was already provided
Processing commands for cont...@bugs.debian.org: > tags 883897 - moreinfo Bug #883897 [release.debian.org] stretch-pu: package congress/4.0.0+dfsg1-3 -> +deb9u1 Removed tag(s) moreinfo. > thanks Stopping processing here. Please contact me if you need assistance. -- 883897: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883897 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891563: stretch-pu: package disc-cover/1.5.6-2+deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu * Fix perl error when running disc-cover, thanks to Frédéric Boiteux. (Closes: #879961) diff -Nru disc-cover-1.5.6/debian/changelog disc-cover-1.5.6/debian/changelog --- disc-cover-1.5.6/debian/changelog 2016-08-03 23:44:33.0 +0300 +++ disc-cover-1.5.6/debian/changelog 2018-02-26 19:50:03.0 +0200 @@ -1,3 +1,11 @@ +disc-cover (1.5.6-2+deb9u1) stretch; urgency=medium + + * QA upload. + * Fix perl error when running disc-cover, +thanks to Frédéric Boiteux. (Closes: #879961) + + -- Adrian Bunk Mon, 26 Feb 2018 19:50:03 +0200 + disc-cover (1.5.6-2) unstable; urgency=medium * QA Upload. diff -Nru disc-cover-1.5.6/debian/patches/defined_array.patch disc-cover-1.5.6/debian/patches/defined_array.patch --- disc-cover-1.5.6/debian/patches/defined_array.patch 1970-01-01 02:00:00.0 +0200 +++ disc-cover-1.5.6/debian/patches/defined_array.patch 2018-02-26 19:49:09.0 +0200 @@ -0,0 +1,11 @@ +--- disc-cover-1.5.6.orig/disc-cover disc-cover-1.5.6/disc-cover +@@ -743,7 +743,7 @@ sub end_program + { + my ($error) = defined($_[0]) ? $_[0] : undef ; + shift; +- my (@solutions) = defined(@_) ? @_ : undef; ++ my (@solutions) = @_; + + warn "Error: $error\n" if defined ($error); + diff -Nru disc-cover-1.5.6/debian/patches/series disc-cover-1.5.6/debian/patches/series --- disc-cover-1.5.6/debian/patches/series 1970-01-01 02:00:00.0 +0200 +++ disc-cover-1.5.6/debian/patches/series 2018-02-26 19:49:09.0 +0200 @@ -0,0 +1 @@ +defined_array.patch
Bug#891566: stretch-pu: package fastforward/1:0.51-3.1~deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu * Add patch from Harry Sintonen to fix segfaults on 64bit. (Closes: #859327) diff -u fastforward-0.51/debian/changelog fastforward-0.51/debian/changelog --- fastforward-0.51/debian/changelog +++ fastforward-0.51/debian/changelog @@ -1,3 +1,18 @@ +fastforward (1:0.51-3.1~deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Rebuild for stretch. + + -- Adrian Bunk Mon, 26 Feb 2018 20:04:28 +0200 + +fastforward (1:0.51-3.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add patch from Harry Sintonen to fix segfaults on 64bit. +(Closes: #859327) + + -- Adrian Bunk Wed, 26 Jul 2017 18:15:43 +0300 + fastforward (1:0.51-3) unstable; urgency=low * debian/rules: install the fastforward's newaliases program as only in patch2: unchanged: --- fastforward-0.51.orig/debian/diff/0002-64bit-ptr-fix.diff +++ fastforward-0.51/debian/diff/0002-64bit-ptr-fix.diff @@ -0,0 +1,20 @@ +diff -r -u fastforward-0.51/cdbmake_add.c fastforward-0.51-fixed/cdbmake_add.c +--- fastforward-0.51/cdbmake_add.c 1998-05-19 19:25:42.0 +0300 fastforward-0.51-fixed/cdbmake_add.c 2017-06-20 15:03:15.916043326 +0300 +@@ -1,4 +1,5 @@ + #include "cdbmake.h" ++#include "alloc.h" + + void cdbmake_init(cdbm) + struct cdbmake *cdbm; +diff -r -u fastforward-0.51/strset.c fastforward-0.51-fixed/strset.c +--- fastforward-0.51/strset.c 1998-05-19 19:25:42.0 +0300 fastforward-0.51-fixed/strset.c2017-06-20 15:01:59.604447413 +0300 +@@ -1,6 +1,7 @@ + #include "strset.h" + #include "str.h" + #include "byte.h" ++#include "alloc.h" + + uint32 strset_hash(s) + char *s;
Bug#891569: stretch-pu: package gvrng/4.4-3~deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu * Fix the permissions problem that prevented starting gvrng. (Closes: #850516) diff -Nru gvrng-4.4/debian/changelog gvrng-4.4/debian/changelog --- gvrng-4.4/debian/changelog 2016-07-24 12:09:44.0 +0300 +++ gvrng-4.4/debian/changelog 2018-02-26 20:24:27.0 +0200 @@ -1,3 +1,19 @@ +gvrng (4.4-3~deb9u1) stretch; urgency=medium + + * QA upload. + * Rebuild for stretch. + + -- Adrian Bunk Mon, 26 Feb 2018 20:24:27 +0200 + +gvrng (4.4-3) unstable; urgency=high + + * QA upload. + * Fix the permissions problem that prevented starting gvrng. +(Closes: #850516) + * Tell dh_python2 where to find the files to generate dependencies. + + -- Adrian Bunk Sat, 21 Oct 2017 19:39:47 +0300 + gvrng (4.4-2) unstable; urgency=medium * QA upload. diff -Nru gvrng-4.4/debian/rules gvrng-4.4/debian/rules --- gvrng-4.4/debian/rules 2016-07-24 12:09:44.0 +0300 +++ gvrng-4.4/debian/rules 2017-10-21 19:39:47.0 +0300 @@ -16,3 +16,7 @@ msgfmt $$po -o debian/gvrng/usr/share/locale/$$lang/LC_MESSAGES/$$f.mo; \ done \ done + chmod 755 debian/gvrng/usr/share/GvRng/gvrng.py + +override_dh_python2: + dh_python2 /usr/share/GvRng
Bug#891053: stretch-pu: package acme-tiny/20160801-3
On Fri, Feb 23, 2018 at 05:49:28PM (+), Adam D. Barratt wrote: > Please use "stretch" as the changleog distribution here and feel free > to upload with that change. Hello Adam, Thank you for the review and reply, I just updated the target distribution and uploaded the package. Regards, Sebastien signature.asc Description: PGP signature
Processed: Re: Bug#888802: stretch-pu: package webkit2gtk/2.18.6-1~deb9u1
Processing control commands: > tags -1 + confirmed Bug #02 [release.debian.org] stretch-pu: package webkit2gtk/2.18.6-1~deb9u1 Added tag(s) confirmed. -- 02: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=02 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#888802: stretch-pu: package webkit2gtk/2.18.6-1~deb9u1
Control: tags -1 + confirmed On Mon, 2018-01-29 at 21:24 -0500, Jeremy Bicha wrote: > The latest major release webkit2gtk 2.18 was released in September. I > am unaware of any remaining regressions in the new series. There was > one Ubuntu-specific package that needed to be updated for 2.18. See > https://launchpad.net/bugs/1712047 for more details. > > Generally, all the major distros have updated to 2.18 and there has > been plenty of time for regressions to be noticed. [...] > It's not really useful to provide a detailed diff or log for the > upstream changes. For instance, Ubuntu's diff for the the 2.16.6 to > 2.18.0 upgrade is 10 MB. [...] > I am proposing a straight backport from Buster to Stretch. I am > attaching a diff of the debian/ directory. That's still quite a lot of changes. :-( I guess we'll see what the binary diffs end up looking like. Please go ahead. Regards, Adam
Bug#888006: stretch-pu: package salt/2016.11.2+ds-1
Control: tags -1 + moreinfo On Mon, 2018-01-22 at 16:45 +0100, Ondřej Nový wrote: > salt (2016.11.2+ds-1+deb9u1) stretch; urgency=medium > * Fix CVE-2017-12791: Directory traversal vulnerability on salt- > master > via crafted minion IDs (Closes: #872399) > * Fix CVE-2017-14695: Directory traversal vulnerability in minion > id > validation in SaltStack (Closes: #879089) > * Fix CVE-2017-14696: Remote Denial of Service with a specially > crafted > authentication request (Closes: #879090) > * Check if data[return] is dict type (Closes: #887724) > * Do not require sphinx-build for cleaning docs (Closes: #851559) The metadata for #887724 indicates that it currently affects the salt package in unstable; is that correct? Regards, Adam
Bug#891419: stretch-pu: package nvidia-settings/384.111-1~deb9u1
Control: tags -1 + confirmed On Sun, 2018-02-25 at 14:01 +0100, Andreas Beckmann wrote: > please allow the upgrade of nvidia-settings in stretch to a new > upstream > release matching the updated nvidia-graphics-drivers package. > There are versioned Recommends in the driver packages that cannot be > satisfied by the older nvidia-settings version in stretch. > Since we build the driver components that are available as source > ourselves instead of shipping the binaries from the > nvidia-graphics-drivers blob package, we will have to update several > packages in stable this time. Mixing the driver component versions is > untested and unsupported by upstream. > > This is a rebuild of the package from sid with no further changes > needed. It is also available in stretch-backports for a month without > any problems being reported. > Please go ahead. Regards, Adam
Processed: Re: Bug#891419: stretch-pu: package nvidia-settings/384.111-1~deb9u1
Processing control commands: > tags -1 + confirmed Bug #891419 [release.debian.org] stretch-pu: package nvidia-settings/384.111-1~deb9u1 Added tag(s) confirmed. -- 891419: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891419 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#888006: stretch-pu: package salt/2016.11.2+ds-1
Processing control commands: > tags -1 + moreinfo Bug #888006 [release.debian.org] stretch-pu: package salt/2016.11.2+ds-1 Added tag(s) moreinfo. -- 888006: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888006 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891419: stretch-pu: package nvidia-settings/384.111-1~deb9u1
On 2018-02-26 20:40, Adam D. Barratt wrote: >> This is a rebuild of the package from sid with no further changes >> needed. It is also available in stretch-backports for a month without >> any problems being reported. > Please go ahead. That was already uploaded yesterday ... ... oops I miscounted a series of 4 "+ confirmed" emails - one of them was the rpy one. Andreas
Bug#891576: stretch-pu: package discover/2.1.2-7.1+deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu * Use correct type for the length parameter of the getline() call, thanks to Anatoly Borodin and Simon Quigley for writing and for forwarding the patch (Closes: #876388, LP: #1718687). diff -u discover-2.1.2/debian/changelog discover-2.1.2/debian/changelog --- discover-2.1.2/debian/changelog +++ discover-2.1.2/debian/changelog @@ -1,3 +1,12 @@ +discover (2.1.2-7.1+deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Use correct type for the length parameter of the getline() call, +thanks to Anatoly Borodin and Simon Quigley for writing and for +forwarding the patch (Closes: #876388, LP: #1718687). + + -- Adrian Bunk Mon, 26 Feb 2018 21:38:40 +0200 + discover (2.1.2-7.1) unstable; urgency=medium * Non-maintainer upload. only in patch2: unchanged: --- discover-2.1.2.orig/sysdeps/linux/pci.c +++ discover-2.1.2/sysdeps/linux/pci.c @@ -160,7 +160,7 @@ FILE *f; DIR *pciDir; struct dirent *pci_device_entry; -unsigned int len; +size_t len = 0; char *device_dir, *line, *class, *vendor, *model, *p; char **device_dir_list = NULL; size_t device_dir_list_len, device_dir_index, device_dir_index2;
Bug#882697: stretch-pu: package apparmor/2.11.0-3+deb9u2
On Sun, 2018-02-25 at 13:01 +0100, intrigeri wrote: > here's the updated debdiff; I've bumped the version in order to > avoid confusion. Well you can't upload another +deb9u1 as that version is already in the archive, so it's required in any case. > This will now work fine except for Linux 4.14 to 4.14.12 that have > the > bug which prevented us from including apparmor 2.11.0-3+deb9u1 in the > previous point release. The kernel fix has been in sid since > 2018-01-15, in stretch-backports since 2018-01-16, and in testing > since 2018-01-20. So IMO the benefit (repairing stuff for Stretch > users running an up-to-date backported kernel) is worth the risk > (breaking stuff for Stretch users running an outdated Linux 4.14.x). > > May I upload (with s/UNRELEASED/stretch/ of course)? What's the difference between this and +deb9u1? Is it simply this change: -++features-file=/etc/apparmor/features +++features-file=/usr/share/apparmor-features/features and the equivalent in debian/install? The changelog going from -3 to -3+deb9u2 is confusing, particularly given that +deb9u1 has been available to users of proposed-updates for some time. If the above is correct, please keep the previous changelog stanza for +deb9u1 as-is and add a new entry for +deb9u2 describing the path change. Regards, Adam
Bug#891577: stretch-pu: package nvidia-graphics-drivers-legacy-304xx/304.137-5~deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi, I'd like to update nvidia-graphics-drivers-legacy-304xx in stretch to the (literally) last upstream version. It does not have any CVEs associated with it (unlike nvidia-graphics-drivers and -legacy-340xx), but it is now EoL-ed upstream (there won't be any further updates coming from NVIDIA) and I'd like to have that stated by the package. Also I'd like to get the packaging bugfixes (tls, alternatives, ...) and improvements that are now coming with 340xx and 384.111 for the 304xx driver, too, to have the three driver series in sync. The 304xx driver will disappear from testing not later than Xorg bumps its ABI again ... and thereafter will be only usable on (old-)stable. Unfortunately I missed to upload the already prepared package to stretch-backports, so that only happened today. But the only fixes that were not yet in backports (-4 and -5) are already tested in backports of the other driver series. This is a rebuild of the sid package with no further changes needed. debdiff of the debian/ directory attached, the changelog still needs a s/UNRELEASED/stretch/ :-) Thanks for considering. Andreas ngd-304xx-304.137-5~deb9u1.diff.xz Description: application/xz
Bug#891577: stretch-pu: package nvidia-graphics-drivers-legacy-304xx/304.137-5~deb9u1
On Mon, 2018-02-26 at 20:49 +0100, Andreas Beckmann wrote: > I'd like to update nvidia-graphics-drivers-legacy-304xx in stretch to > the (literally) last upstream version. It does not have any CVEs > associated with it (unlike nvidia-graphics-drivers and -legacy- > 340xx), > but it is now EoL-ed upstream (there won't be any further updates > coming from NVIDIA) and I'd like to have that stated by the package. > Also I'd like to get the packaging bugfixes (tls, alternatives, ...) > and improvements that are now coming with 340xx and 384.111 for the > 304xx driver, too, to have the three driver series in sync. > > The 304xx driver will disappear from testing not later than Xorg > bumps its ABI again ... and thereafter will be only usable on (old- > )stable. + * Use debian/substvars for substitutions by dpkg-genchanges (dpkg 1.19) +(375.82-7). What's the effect of not having support for that? (as 1.19 is newer than stretch's dpkg.) Regards, Adam
Bug#891580: stretch-pu: package camo/2.3.0+dfsg-1.1~deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu * Add the missing dependency on openssl. (Closes: #864620) diff -Nru camo-2.3.0+dfsg/debian/changelog camo-2.3.0+dfsg/debian/changelog --- camo-2.3.0+dfsg/debian/changelog2016-05-15 21:05:30.0 +0300 +++ camo-2.3.0+dfsg/debian/changelog2018-02-26 21:47:21.0 +0200 @@ -1,3 +1,17 @@ +camo (2.3.0+dfsg-1.1~deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Rebuild for stretch. + + -- Adrian Bunk Mon, 26 Feb 2018 21:47:21 +0200 + +camo (2.3.0+dfsg-1.1) unstable; urgency=high + + * Non-maintainer upload. + * Add the missing dependency on openssl. (Closes: #864620) + + -- Adrian Bunk Sat, 24 Feb 2018 19:23:54 +0200 + camo (2.3.0+dfsg-1) unstable; urgency=medium [ Luke Faraone ] diff -Nru camo-2.3.0+dfsg/debian/control camo-2.3.0+dfsg/debian/control --- camo-2.3.0+dfsg/debian/control 2016-05-15 20:34:37.0 +0300 +++ camo-2.3.0+dfsg/debian/control 2018-02-24 19:22:25.0 +0200 @@ -13,7 +13,7 @@ Package: camo Architecture: all -Depends: nodejs (>= 0.10.0) , ${misc:Depends} +Depends: nodejs (>= 0.10.0) , ${misc:Depends}, openssl Description: SSL/TLS image proxy to prevent mixed-content warnings Camo is an image proxy to prevent mixed content warnings on secure pages.
Bug#891581: stretch-pu: package chaosreader/0.96-2+deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu * Added libnet-dns-perl to Depends field. (Closes: #890589) diff -Nru chaosreader-0.96/debian/changelog chaosreader-0.96/debian/changelog --- chaosreader-0.96/debian/changelog 2017-01-05 01:50:33.0 +0200 +++ chaosreader-0.96/debian/changelog 2018-02-26 22:05:18.0 +0200 @@ -1,3 +1,10 @@ +chaosreader (0.96-2+deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Added libnet-dns-perl to Depends field. (Closes: #890589) + + -- Adrian Bunk Mon, 26 Feb 2018 22:05:18 +0200 + chaosreader (0.96-2) unstable; urgency=medium * debian/watch: updated. The upstream is diff -Nru chaosreader-0.96/debian/control chaosreader-0.96/debian/control --- chaosreader-0.96/debian/control 2016-11-18 11:56:51.0 +0200 +++ chaosreader-0.96/debian/control 2018-02-26 22:05:09.0 +0200 @@ -11,7 +11,7 @@ Package: chaosreader Architecture: all -Depends: ${misc:Depends}, ${perl:Depends} +Depends: ${misc:Depends}, ${perl:Depends}, libnet-dns-perl Suggests: tcpdump, wireshark Description: trace network sessions and export it to html format Chaosreader traces TCP/UDP/others sessions and fetches application data from
Bug#889728: stretch-pu: package bareos/16.2.4-3+deb9u2
On 23.02.2018 18:30, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Tue, 2018-02-06 at 13:45 +0100, Felix Geyer wrote: >> I'd like to fix bug #889040 in stretch: >> >> * Fix backups failing with "No Volume name given". >> - Backport upstream commit: Don't return empty volname if volume is >> on >> unwanted vols list. >> > > Please go ahead. Thanks, uploaded. Felix
Processed: Re: Bug#888006: stretch-pu: package salt/2016.11.2+ds-1
Processing control commands: > tags -1 - moreinfo Bug #888006 [release.debian.org] stretch-pu: package salt/2016.11.2+ds-1 Removed tag(s) moreinfo. -- 888006: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888006 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#888006: stretch-pu: package salt/2016.11.2+ds-1
Control: tags -1 - moreinfo 2018-02-26 20:38 GMT+01:00 Adam D. Barratt : > The metadata for #887724 indicates that it currently affects the salt > package in unstable; is that correct? > no, package in unstable is not affected. Bug metadata fixed, sry. -- Best regards Ondřej Nový Email: n...@ondrej.org PGP: 3D98 3C52 EB85 980C 46A5 6090 3573 1255 9D1E 064B
Bug#891585: nmu: intercal_30:0.30-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Control: block 879789 by -1 The #879789 error is linking a non-PIE static library into a PIE binary. Recompiling with a gcc that defaults to PIE fixes it, and that's also how the no-change source upload in unstable fixed it. nmu intercal_30:0.30-1 . ANY . stretch . -m "Recompile with PIE"
Processed: nmu: intercal_30:0.30-1
Processing control commands: > block 879789 by -1 Bug #879789 {Done: Mark Brown } [intercal] intercal: Link error when compiling Intercal programs 879789 was not blocked by any bugs. 879789 was not blocking any bugs. Added blocking bug(s) of 879789: 891585 -- 879789: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879789 891585: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891585 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891277: stretch-pu: package debian-edu-config/1.929+deb9u1
Control: tags -1 + moreinfo On Sat, 2018-02-24 at 02:25 +0100, Mike Gabriel wrote: [...] > + * Chromium: Pre-configure Chromium Webbrowser system-wide to auto- > detect the > +http proxy settings via WPAD (plus locking the proxy settings > dialog for > +users). (Closes: #891262). > The BTS metadata for this bug indicates that it also affects d-e-c in unstable - is that correct? Regards, Adam
Processed: tagging 891585
Processing commands for cont...@bugs.debian.org: > tags 891585 + stretch Bug #891585 [release.debian.org] nmu: intercal_30:0.30-1 Ignoring request to alter tags of bug #891585 to the same tags previously set > thanks Stopping processing here. Please contact me if you need assistance. -- 891585: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891585 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#891277: stretch-pu: package debian-edu-config/1.929+deb9u1
Processing control commands: > tags -1 + moreinfo Bug #891277 [release.debian.org] stretch-pu: package debian-edu-config/1.929+deb9u1 Added tag(s) moreinfo. -- 891277: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891277 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: tagging 891585
Processing commands for cont...@bugs.debian.org: > tags 891585 + stretch Bug #891585 [release.debian.org] nmu: intercal_30:0.30-1 Added tag(s) stretch. > thanks Stopping processing here. Please contact me if you need assistance. -- 891585: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891585 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891464: stretch-pu: package java-atk-wrapper/0.33.3-13+deb9u1
Control: tags -1 + confirmed On Sun, 2018-02-25 at 20:53 +0100, Samuel Thibault wrote: > It was reported (#837081) that notably netbeans would crash on > some operations due to java-atk-wrapper bugs. This was reported as > being fixed by a couple of small patches which have now migrated to > testing. I'd like to upload them to Stretch as attached diff shows. > Please go ahead. Regards, Adam
Processed: Re: Bug#891464: stretch-pu: package java-atk-wrapper/0.33.3-13+deb9u1
Processing control commands: > tags -1 + confirmed Bug #891464 [release.debian.org] stretch-pu: package java-atk-wrapper/0.33.3-13+deb9u1 Added tag(s) confirmed. -- 891464: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891464 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891587: stretch-pu: package jdresolve/0.6.1-5.1~deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu * Fix breakage with libnet-dns-perl in jessie and later, thanks to Klaus Rein for reporting the bug and Matt Johnston for forwarding the fix. (Closes: #801331) diff -u jdresolve-0.6.1/debian/changelog jdresolve-0.6.1/debian/changelog --- jdresolve-0.6.1/debian/changelog +++ jdresolve-0.6.1/debian/changelog @@ -1,3 +1,19 @@ +jdresolve (0.6.1-5.1~deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Rebuild for stretch. + + -- Adrian Bunk Mon, 26 Feb 2018 22:29:30 +0200 + +jdresolve (0.6.1-5.1) unstable; urgency=high + + * Non-maintainer upload. + * Fix breakage with libnet-dns-perl in jessie and later, +thanks to Klaus Rein for reporting the bug and +Matt Johnston for forwarding the fix. (Closes: #801331) + + -- Adrian Bunk Thu, 04 Jan 2018 20:21:09 +0200 + jdresolve (0.6.1-5) unstable; urgency=medium * debian/: merge packaging changes from Ubuntu. (Thanks Logan Rosen) diff -u jdresolve-0.6.1/jdresolve jdresolve-0.6.1/jdresolve --- jdresolve-0.6.1/jdresolve +++ jdresolve-0.6.1/jdresolve @@ -857,7 +857,12 @@ # For each DNS answer, check the data received if ($type eq 'H') { if (defined $_->{ptrdname}) { + if ($_->isa('Net::DNS::RR::PTR')) { + # Fix for a new version of Net::DNS + $hosts{$query}{NAME} = $_->rdatastr(); + } else { $hosts{$query}{NAME} = $_->{ptrdname}; + } $hosts{$query}{RESOLVED} = 'N'; $resolved = 1;
Bug#891577: stretch-pu: package nvidia-graphics-drivers-legacy-304xx/304.137-5~deb9u1
On 2018-02-26 20:58, Adam D. Barratt wrote: > + * Use debian/substvars for substitutions by dpkg-genchanges (dpkg > 1.19) > +(375.82-7). > > What's the effect of not having support for that? (as 1.19 is newer > than stretch's dpkg.) It's a no-op on stretch - debian/substvars is created but not used - dpkg-genchanges does not know about it - and the .changes file contains unsubstituted substvars (in the synopsis) - as it always has been. (The R³:no setting is an even noisier no-op). Andreas
Processed: Re: Bug#891484: stretch-pu: package vagrant/1.9.1+dfsg-1+deb9u1
Processing control commands: > tags -1 + moreinfo Bug #891484 [release.debian.org] stretch-pu: package vagrant/1.9.1+dfsg-1+deb9u1 Added tag(s) moreinfo. -- 891484: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891484 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891484: stretch-pu: package vagrant/1.9.1+dfsg-1+deb9u1
Control: tags -1 + moreinfo On Sun, 2018-02-25 at 22:10 -0300, Antonio Terceiro wrote: > The platform from where vagrant downloads images has been > discontinued > and we need to switch the default download location plus > documentation, > usage messages etc to match the new platform. Without this update, > vagrant is pretty useless. > So far as I can tell, this issue also affects the version of vagrant in unstable and has not yet been fixed there. Assuming that's correct, the bug will need resolving in unstable first. Regards, Adam
Processed: Re: Bug#891503: stretch-pu: package osinfo-db/0.20180226-1~deb9u1
Processing control commands: > tags -1 + confirmed Bug #891503 [release.debian.org] stretch-pu: package osinfo-db/0.20180226-1~deb9u1 Added tag(s) confirmed. -- 891503: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891503 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891503: stretch-pu: package osinfo-db/0.20180226-1~deb9u1
Control: tags -1 + confirmed On Mon, 2018-02-26 at 10:59 +0100, Guido Günther wrote: > I'd like to update osinfo-db in stretch. This would allow us to have > up > to date information for operating system installs with e.g. gnome- > boxes > and virt-manager by adding new data for recent debian, ubuntu and > freebsd releases as well as updating existing ones. > I must admit that I'm confused by the changes of the type: - http://cdimage.debian.org/cdimage/archive/9.0.0/i386/iso-cd/debian-9.0.0-i386-netinst.iso; + http://cdimage.debian.org/cdimage/archive/9.2.1/i386/iso-cd/debian-9.2.1-i386-netinst.iso; given that 9.3 was released on the same day as 8.10, and the latter is reflected in the diff. In any case, please go ahead. Regards, Adam
Processed: Re: Bug#891577: stretch-pu: package nvidia-graphics-drivers-legacy-304xx/304.137-5~deb9u1
Processing control commands: > tags -1 + confirmed Bug #891577 [release.debian.org] stretch-pu: package nvidia-graphics-drivers-legacy-304xx/304.137-5~deb9u1 Added tag(s) confirmed. -- 891577: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891577 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891577: stretch-pu: package nvidia-graphics-drivers-legacy-304xx/304.137-5~deb9u1
Control: tags -1 + confirmed On Mon, 2018-02-26 at 21:39 +0100, Andreas Beckmann wrote: > On 2018-02-26 20:58, Adam D. Barratt wrote: > > + * Use debian/substvars for substitutions by dpkg-genchanges > > (dpkg > > 1.19) > > +(375.82-7). > > > > What's the effect of not having support for that? (as 1.19 is newer > > than stretch's dpkg.) > > It's a no-op on stretch - debian/substvars is created but not used - > dpkg-genchanges does not know about it - and the .changes file > contains > unsubstituted substvars (in the synopsis) - as it always has been. > (The > R³:no setting is an even noisier no-op). > OK, please go ahead. Regards, Adam
Processed: Re: Bug#887589: stretch-pu: package grilo-plugins/0.3.3-1
Processing control commands: > tags -1 + moreinfo Bug #887589 [release.debian.org] stretch-pu: package grilo-plugins/0.3.3-1 Added tag(s) moreinfo. -- 887589: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887589 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#887589: stretch-pu: package grilo-plugins/0.3.3-1
Control: tags -1 + moreinfo On Thu, 2018-01-18 at 11:36 +0200, Alberto Garcia wrote: > I would like to upload a new grilo-plugins package, which contains a > fix for https://bugs.debian.org/887469 > The BTS metadata for that bug indicates that it affects the version of grilo-plugins in unstable and has not yet been resolved there - is that correct? Regards, Adam
Bug#891464: stretch-pu: package java-atk-wrapper/0.33.3-13+deb9u1
Adam D. Barratt, on lun. 26 févr. 2018 20:27:38 +, wrote: > Control: tags -1 + confirmed > > On Sun, 2018-02-25 at 20:53 +0100, Samuel Thibault wrote: > > It was reported (#837081) that notably netbeans would crash on > > some operations due to java-atk-wrapper bugs. This was reported as > > being fixed by a couple of small patches which have now migrated to > > testing. I'd like to upload them to Stretch as attached diff shows. > > Please go ahead. It is now in stable-new. Samuel
Bug#889001: stretch-pu: package publicsuffix/20180125.0922-0+deb9u1
On Fri, 2018-02-23 at 10:56 -0800, Daniel Kahn Gillmor wrote: > On Fri 2018-02-23 17:00:41 +, Adam D. Barratt wrote: > > Control: tags -1 + confirmed > > > > On Wed, 2018-01-31 at 23:21 -0500, d...@fifthhorseman.net wrote: > > > Please consider an update to publicsuffix in debian stretch. > > > > > > This package reflects the state of the network, and keeping it > > > current > > > is useful for all the packages that depend on it. > > > > Please go ahead. > > Since i filed this bug report, there are a handful of additional > changes > made upstream, as reflected in publicsuffix 20180218.2049-1 since > 20180125.0922-1: > > --- a/public_suffix_list.dat > +++ b/public_suffix_list.dat > @@ -10891,6 +10891,7 @@ virtueeldomein.nl > // Cloud66 : https://www.cloud66.com/ > // Submitted by Khash Sajadi > c66.me > +cloud66.ws > > // CloudAccess.net : https://www.cloudaccess.net/ > // Submitted by Pawel Panek > @@ -11786,6 +11787,11 @@ git-repos.de > lcube-server.de > svn-repos.de > > +// linkyard ldt: https://www.linkyard.ch/ > +// Submitted by Mario Siegenthaler > +linkyard.cloud > +linkyard-cloud.ch > + > // LiquidNet Ltd : http://www.liquidnetlimited.com/ > // Submitted by Victor Velchev > we.bs > @@ -12136,6 +12142,10 @@ sandcats.io > logoip.de > logoip.com > > +// schokokeks.org GbR : https://schokokeks.org/ > +// Submitted by Hanno Böck > +schokokeks.net > + > // Scry Security : http://www.scrysec.com > // Submitted by Shante Adam > scrysec.com > @@ -12316,6 +12326,10 @@ inc.hk > // Submitted by Ed Moore > lib.de.us > > +// VeryPositive SIA : http://very.lv > +// Submitted by Danko Aleksejevs > +2038.io > + > // Viprinet Europe GmbH : http://www.viprinet.com > // Submitted by Simon Kissel > router.management > @@ -12344,6 +12358,10 @@ cistron.nl > demon.nl > xs4all.space > > +// YesCourse Pty Ltd : https://yescourse.com > +// Submitted by Atul Bhouraskar > +official.academy > + > // Yola : https://www.yola.com/ > // Submitted by Stefano Rivera > yolasite.com > > > Would it be OK to retitle this bug report as: > > stretch-pu: package publicsuffix/20180218.2049-0+deb9u1 > Sure. Regards, Adam
Bug#887589: stretch-pu: package grilo-plugins/0.3.3-1
Control: tags -1 - moreinfo On Mon, Feb 26, 2018 at 08:55:51PM +, Adam D. Barratt wrote: > > I would like to upload a new grilo-plugins package, which contains > > a fix for https://bugs.debian.org/887469 > > The BTS metadata for that bug indicates that it affects the version > of grilo-plugins in unstable and has not yet been resolved there - > is that correct? It's not correct, the version is sid is already patched. Here's the proposed patch: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=887589;filename=grilo-plugins.diff;msg=5 Here's the source code of the version in sid: https://sources.debian.org/src/grilo-plugins/0.3.5-2/src/lua-factory/sources/grl-radiofrance.lua/#L108 I'll update the metadata of the bug report. Berto
Processed: Re: Bug#887589: stretch-pu: package grilo-plugins/0.3.3-1
Processing control commands: > tags -1 - moreinfo Bug #887589 [release.debian.org] stretch-pu: package grilo-plugins/0.3.3-1 Removed tag(s) moreinfo. -- 887589: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887589 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891277: stretch-pu: package debian-edu-config/1.929+deb9u1
Hi, On Monday, February 26, 2018, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Sat, 2018-02-24 at 02:25 +0100, Mike Gabriel wrote: > [...] > > > + * Chromium: Pre-configure Chromium Webbrowser system-wide to auto- > > detect the > > +http proxy settings via WPAD (plus locking the proxy settings > > dialog for > > +users). (Closes: #891262). > > > > The BTS metadata for this bug indicates that it also affects d-e-c in > unstable - is that correct? The issue is fixed in unstable and the bug was especially opened for documenting the issue in stable/stretch. I will update the bug's metadata tomorrow, once I have my notebook at hand. Mike -- Sent from my Fairphone 2 (running Sailfish OS)
Bug#891484: stretch-pu: package vagrant/1.9.1+dfsg-1+deb9u1
On Mon, Feb 26, 2018 at 08:42:56PM +, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Sun, 2018-02-25 at 22:10 -0300, Antonio Terceiro wrote: > > The platform from where vagrant downloads images has been > > discontinued > > and we need to switch the default download location plus > > documentation, > > usage messages etc to match the new platform. Without this update, > > vagrant is pretty useless. > > > > So far as I can tell, this issue also affects the version of vagrant in > unstable and has not yet been fixed there. Assuming that's correct, the > bug will need resolving in unstable first. Ah, I thought I adjusted the bug metadata yesterday, but it seems I didn't. No, unstable is not affected. This has been done upstream for a while, this update is a backport of the change -- which we already have in the version in unstable -- to stable. signature.asc Description: PGP signature
Bug#889001: stretch-pu: package publicsuffix/20180218.2049-0+deb9u1
Control: retitle 889001: stretch-pu: package publicsuffix/20180218.2049-0+deb9u1 Thanks, this is now uploaded. --dkg PS and as luck would have it, the PSL has changed again minorly in the meantime (to add mozilla-iot.org for the Mozilla IOT initiative described at https://iot.mozilla.org) i'll upload the new changes to unstable, but i do wonder what the stable release managers think should be our cadence for packages like this.
Bug#891426: stretch-pu: package nvidia-modprobe/384.111-1~deb9u1
On 2018-02-25 15:44, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sun, 2018-02-25 at 15:02 +0100, Andreas Beckmann wrote: >> please allow the upgrade of nvidia-modprobe in stretch to a new >> upstream release matching the updated nvidia-graphics-drivers >> package. > Please go ahead. That was uploaded yesterday, but I just uploaded another fix to sid that may be worthy to be fixed in stretch, too. nvidia-modprobe (a setuid root binary) stopped working for regular users since dash started dropping privileges if euid != uid (like bash has been doing for ages). The fix is a oneliner: call setuid(0) before forking modprobe to preserve permissions through the recursive shell and modprobe invocations needed by our modprobe configuration using install commands. The problem is reproducible in stretch if /bin/sh points to bash instead of dash. The incremental source debdiff is attached. If that is acceptable, please reject 384.111-1~deb9u1 and I'll upload 384.111-2~deb9u1 instead. Andreas diff --git a/debian/changelog b/debian/changelog index 7deb07b..0adbb7c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,21 @@ +nvidia-modprobe (384.111-2~deb9u1) stretch; urgency=medium + + * Rebuild for stretch. + + -- Andreas Beckmann Tue, 27 Feb 2018 02:06:17 +0100 + +nvidia-modprobe (384.111-2) unstable; urgency=medium + + * Add setuid.patch to run setuid(0) before forking modprobe to preserve +privileges through shell invocations and recursive modprobe calls. +Thanks to Hiromasa YOSHIMOTO for intensive debugging and the final patch! +(Closes: #888952) + * Add debian/upstream/metadata. + * Fix new Lintian issues. + * Switch Vcs-* URLs to salsa.debian.org. + + -- Andreas Beckmann Tue, 27 Feb 2018 01:50:01 +0100 + nvidia-modprobe (384.111-1) unstable; urgency=medium * New upstream release. diff --git a/debian/control b/debian/control index c6963ee..836da1b 100644 --- a/debian/control +++ b/debian/control @@ -12,8 +12,8 @@ Build-Depends: Rules-Requires-Root: binary-targets Standards-Version: 4.1.3 Homepage: https://github.com/NVIDIA/nvidia-modprobe -Vcs-Git: https://anonscm.debian.org/git/pkg-nvidia/nvidia-modprobe.git -Vcs-Browser: https://anonscm.debian.org/cgit/pkg-nvidia/nvidia-modprobe.git +Vcs-Browser: https://salsa.debian.org/nvidia-team/nvidia-modprobe +Vcs-Git: https://salsa.debian.org/nvidia-team/nvidia-modprobe.git Package: nvidia-modprobe Architecture: i386 amd64 armhf ppc64el diff --git a/debian/copyright b/debian/copyright index 0974a69..ad3f83a 100644 --- a/debian/copyright +++ b/debian/copyright @@ -1,6 +1,12 @@ Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: nvidia-modprobe Source: https://download.nvidia.com/XFree86/nvidia-modprobe/ +Disclaimer: + This package is not part of the GNU/Linux Debian distribution. It is + provided in the contrib archive area as a convenience to Debian users. + The contents of this source package are freely licensed under the Expat + license, but it is only useful in combination with the proprietary + NVIDIA drivers in non-free. Files: * Copyright: Copyright (C) 2004-2017 NVIDIA Corporation diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 000..57623ce --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +setuid.patch diff --git a/debian/patches/setuid.patch b/debian/patches/setuid.patch new file mode 100644 index 000..106df55 --- /dev/null +++ b/debian/patches/setuid.patch @@ -0,0 +1,27 @@ +Author: Hiromasa YOSHIMOTO +Description: use setuid(0) to preserve privileges over shell invocations + Fixing bug https://bugs.debian.org/734869 dash recently started to drop + privileges if euid != uid. (Bash has been doing that for a long time + already, but is usually not used for /bin/sh.) + The Debian modprobe configuration /etc/modprobe.d/nvidia.conf uses install + commands that require forking a shell from within modprobe to (recursively) + run further modprobe commands. If the shell drops privileges in setuid + contexts, the inner modprobe commands are run unprivileged, failing to load + the modules. + Run setuid(0) before forking modprobe to preserve privileges through to the + inner modprobe commands. +Bug-Debian: https://bugs.debian.org/888952 + +--- nvidia-modprobe-384.111.orig/modprobe-utils/nvidia-modprobe-utils.c nvidia-modprobe-384.111/modprobe-utils/nvidia-modprobe-utils.c +@@ -374,6 +374,10 @@ static int modprobe_helper(const int pri + */ + silence_current_process(); + ++/* Workaround for debian's /etc/modprobe.d/nvidia.conf configuration. ++ * See Bug#888952 for details */ ++setuid(0); ++ + execle(modprobe_path, "modprobe", +module_name, NULL, envp); + diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides index 7ec9f82..8ebed74 100644 --- a/debian/source/lintian-overrides +++ b/debian/so
Stable Upgrade: Need Advice
Hello Release Team, SRMs, I need some advice about what course of action to take with the certbot suite of packages. (rel.d.o bug 887399). Right now, the version that's in stable is partially non-functional due to a security bug fixed upstream by blacklisting the only challenge mechanism that the software supports. (Specifically, the nginx and apache plugins don't work; people using the webroot or standalone modes can still renew and get new certificates.) There are basically three ways I see of getting out of this problem: 1. Backport 0.21.1 to stable. This is the course of action I think I'd personally like to see; I'd be OK with unwinding the changes that I made to switch to py3 to reduce the amount of change that we're making in stable, but it's still a fairly large jump. 2. RM the version out of stable completely, and tell people to use stretch-backports if they want to use certbot. Not a great solution, but the version in stable right now should probably be considered RC-buggy. 3. Attempt to backport the HTTP-01 changes to 0.10.2. This is a large amount of work, and I realistically don't have the time to do it. Upstream isn't interested in doing this work either, so we'd be somewhat out on a limb on our own with a security-sensitive piece of software. Please let me know if there's clarification I can make; I'm honestly not sure how to strike the balance here. Thanks! -- Harlan Lieberman-Berg ~hlieberman
Bug#877195: the patches
What's the situation with this one? Could it be included in the next Stretch update? On Saturday, 9 December 2017 1:33:39 PM AEDT Russell Coker wrote: > On Saturday, 2 December 2017 11:05:24 AM AEDT Adam D. Barratt wrote: > > IFF it's versioned as 2:2.20161023.1-9+deb9u1, uses "stretch" as the > > changelog distribution, is otherwise identical to the diff presented in > > this bug log and is built and tested on a stretch system, then OK. > > I've attached a debdiff that only differs in file timestamps, the version > change you requested, and the changelog timestamp. > > I have tested it on my main mail server, one of my main web servers, one of > my minor mail servers, and a shell server. It passed all tests and did > everything as well as expected with no regressions. > > Please consider it for inclusion. -- My Main Blog http://etbe.coker.com.au/ My Documents Bloghttp://doc.coker.com.au/
Bug#891611: jessie-pu: package subversion/1.8.10-6+deb8u6
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu This upload would fix crashes that are seen when using subversion's Perl bindings. In particular, git-svn has been a common victim since its memory usage patterns tend to cause the right conditions. I've verified this against the originally reported issue[0] and Salvatore Bonaccorso, who prodded me to prepare the upload, has verified it against their problematic repository. -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diffstat for subversion_1.8.10-6+deb8u5 subversion_1.8.10-6+deb8u6 debian/patches/perl-swig-crash | 244 subversion-1.8.10/debian/changelog |7 subversion-1.8.10/debian/patches/series |1 3 files changed, 252 insertions(+) diff -u subversion-1.8.10/debian/changelog subversion-1.8.10/debian/changelog --- subversion-1.8.10/debian/changelog +++ subversion-1.8.10/debian/changelog @@ -1,3 +1,10 @@ +subversion (1.8.10-6+deb8u6) jessie; urgency=medium + + * Backport patches/perl-swig-crash from upstream to fix crashes with Perl +bindings, commonly seen when using git-svn (Closes: #780246, #534763). + + -- James McCoy Mon, 26 Feb 2018 22:00:47 -0500 + subversion (1.8.10-6+deb8u5) jessie-security; urgency=high * patches/CVE-2016-8734: Unrestricted XML entity expansion in HTTP clients diff -u subversion-1.8.10/debian/patches/series subversion-1.8.10/debian/patches/series --- subversion-1.8.10/debian/patches/series +++ subversion-1.8.10/debian/patches/series @@ -33,0 +34 @@ +perl-swig-crash only in patch2: unchanged: --- subversion-1.8.10.orig/debian/patches/perl-swig-crash +++ subversion-1.8.10/debian/patches/perl-swig-crash @@ -0,0 +1,244 @@ + +r1668618 | philip | 2015-03-23 08:33:22 -0400 (Mon, 23 Mar 2015) | 6 lines + +* subversion/bindings/swig/include/svn_types.swg: Change the + SWIG Perl binding code that was marked "clearly buggy" so + that svn_swig_pl_from_md5 follows the same pattern as + svn_swig_pl_from_stream. This may fix a SEGV reported + via Debian: https://bugs.debian.org/780246 + + +Index: trunk/subversion/bindings/swig/include/svn_types.swg +=== +--- trunk/subversion/bindings/swig/include/svn_types.swg (revision 1668617) trunk/subversion/bindings/swig/include/svn_types.swg (revision 1668618) +@@ -1116,11 +1116,7 @@ + } + + %typemap(argout) unsigned char *result_digest { +- /* FIXME: This code is clearly buggy. The return value of sv_newmortal() +- is immediately overwritten by the return value +- of svn_swig_pl_from_md5(). */ +-ST(argvi) = sv_newmortal(); +-ST(argvi++) = svn_swig_pl_from_md5($1); ++%append_output(svn_swig_pl_from_md5($1)); + } + #endif + + + +r1671388 | rschupp | 2015-04-05 08:48:45 -0400 (Sun, 05 Apr 2015) | 6 lines + +* subversion/bindings/swig/include/svn_types.swg: Following r1668618 + fix two more instances where the Perl argument stack pointer + was bumped without checking if there's enough space allocated. + While we're at it, reduce the size of the temp array - 30 bytes + are more than enough to hold a decimal representation of a 64-bit integer. + + +Index: trunk/subversion/bindings/swig/include/apr.swg +=== +--- trunk/subversion/bindings/swig/include/apr.swg (revision 1671387) trunk/subversion/bindings/swig/include/apr.swg (revision 1671388) +@@ -31,23 +31,21 @@ + */ + #ifdef SWIGPERL + %typemap(out) long long { +-char temp[256]; ++char temp[30]; + sprintf(temp, "%" APR_INT64_T_FMT, (apr_int64_t) $1); +-ST(argvi) = sv_newmortal(); +-sv_setpv((SV*)ST(argvi++), temp); ++%append_output(sv_2mortal(newSVpv(temp, 0))); + } + + %typemap(out) unsigned long long { +-char temp[256]; ++char temp[30]; + sprintf(temp, "%" APR_UINT64_T_FMT, (apr_uint64_t) $1); +-ST(argvi) = sv_newmortal(); +-sv_setpv((SV*)ST(argvi++), temp); ++%append_output(sv_2mortal(newSVpv(temp, 0))); + } + + %typemap(in, numinputs=0) long long *OUTPUT (apr_int64_t temp) + "$1 = &temp;"; + %typemap(argout) long long *OUTPUT { +- char temp[256]; ++ char temp[30]; + sprintf(temp, "%" APR_INT64_T_FMT, (apr_int64_t)*($1)); + %append_output(sv_2mortal(newSVpv(temp, 0))); + } +@@ -
Bug#882697: stretch-pu: package apparmor/2.11.0-3+deb9u2
Hi, Adam D. Barratt: > What's the difference between this and +deb9u1? Is it simply this > change: > -++features-file=/etc/apparmor/features > +++features-file=/usr/share/apparmor-features/features > and the equivalent in debian/install? Yes (modulo the timing matter regarding the Linux 4.14.x bug, which was the only reason why +deb9u1 could not make it into a stable release last time). > The changelog going from -3 to -3+deb9u2 is confusing, particularly > given that +deb9u1 has been available to users of proposed-updates for > some time. If the above is correct, please keep the previous changelog > stanza for +deb9u1 as-is and add a new entry for +deb9u2 describing the > path change. Done and accordingly adjusted the maintainer scripts to remove the old (now obsolete) /etc/apparmor/features conffile from systems that had +deb9u1 installed. I'm attaching 2 updated debdiffs: one from the version in Stretch and the other one from the version that's already in stable p-u. Cheers, -- intrigeri diff -Nru apparmor-2.11.0/debian/apparmor.install apparmor-2.11.0/debian/apparmor.install --- apparmor-2.11.0/debian/apparmor.install 2017-03-28 12:23:08.0 +0200 +++ apparmor-2.11.0/debian/apparmor.install 2018-02-27 07:46:39.0 +0100 @@ -1,4 +1,5 @@ debian/apport/source_apparmor.py /usr/share/apport/package-hooks/ +debian/features /usr/share/apparmor-features/ debian/lib/apparmor/functions /lib/apparmor/ debian/lib/apparmor/profile-load /lib/apparmor/ etc/apparmor/parser.conf diff -Nru apparmor-2.11.0/debian/apparmor.maintscript apparmor-2.11.0/debian/apparmor.maintscript --- apparmor-2.11.0/debian/apparmor.maintscript 2015-08-13 21:25:45.0 +0200 +++ apparmor-2.11.0/debian/apparmor.maintscript 2018-02-27 07:46:39.0 +0100 @@ -1,3 +1,4 @@ rm_conffile /etc/apparmor/functions 2.5.1-0ubuntu4 rm_conffile /etc/apparmor/rc.apparmor.functions 2.5.1-0ubuntu4 rm_conffile /etc/apparmor.d/abstractions/ubuntu-sdk-base 2.8.0-0ubuntu20~ +rm_conffile /etc/apparmor/features 2.11.0-3+deb9u2~ diff -Nru apparmor-2.11.0/debian/changelog apparmor-2.11.0/debian/changelog --- apparmor-2.11.0/debian/changelog 2017-03-28 12:29:15.0 +0200 +++ apparmor-2.11.0/debian/changelog 2018-02-27 07:46:39.0 +0100 @@ -1,3 +1,24 @@ +apparmor (2.11.0-3+deb9u2) UNRELEASED; urgency=medium + + * Move the features file to /usr/share/apparmor-features; +accordingly remove the old (now obsolete) '/etc/apparmor/features' +conffile (Closes: #883682). + * Configure gbp for DEP-14 and avoid gbp-pq prefixing patches +with numbers. + + -- intrigeri Tue, 27 Feb 2018 06:46:39 + + +apparmor (2.11.0-3+deb9u1) stretch; urgency=medium + + * Pin the AppArmor feature set to Stretch's kernel (Closes: #879585). +This ensures Stretch systems, even when running a newer kernel (e.g. +from backports), have their AppArmor feature set pinned to the one +supported by the AppArmor policy shipped in Stretch. Otherwise they +would experience breakage due to new AppArmor mediation features +introduced in recent kernels. + + -- intrigeri Sat, 25 Nov 2017 18:04:05 + + apparmor (2.11.0-3) unstable; urgency=medium * Fix CVE-2017-6507: don't unload unknown profiles during package diff -Nru apparmor-2.11.0/debian/features apparmor-2.11.0/debian/features --- apparmor-2.11.0/debian/features 1970-01-01 01:00:00.0 +0100 +++ apparmor-2.11.0/debian/features 2018-02-27 07:46:39.0 +0100 @@ -0,0 +1,23 @@ +caps {mask {chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_module sys_rawio sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap mac_override mac_admin syslog wake_alarm block_suspend audit_read +} +} +rlimit {mask {cpu fsize data stack core rss nproc nofile memlock as locks sigpending msgqueue nice rtprio rttime +} +} +capability {0xff +} +file {mask {create read write exec append mmap_exec link lock +} +} +domain {change_profile {yes +} +change_onexec {yes +} +change_hatv {yes +} +change_hat {yes +} +} +policy {set_load {yes +} +} diff -Nru apparmor-2.11.0/debian/gbp.conf apparmor-2.11.0/debian/gbp.conf --- apparmor-2.11.0/debian/gbp.conf 1970-01-01 01:00:00.0 +0100 +++ apparmor-2.11.0/debian/gbp.conf 2018-02-27 07:46:39.0 +0100 @@ -0,0 +1,6 @@ +[DEFAULT] +pristine-tar = True +debian-branch = debian/stretch +upstream-branch = upstream/latest +upstream-vcs-tag = v%(version)s +patch-numbers = False diff -Nru apparmor-2.11.0/debian/patches/pin-feature-set.patch apparmor-2.11.0/debian/patches/pin-feature-set.patch --- apparmor-2.11.0/debian/patches/pin-feature-set.patch 1970-01-01 01:00:00.0 +0100 +++ apparmor-2.11.0/debian/patches/pin-feature-set.patch 2018-02-27 07:46:39.0 +0100 @@ -0,0 +1,18 @@ +Description: pin the AppArmor feature set