Bug#694959: Duplicate bugs in Debian Ubuntu
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=85 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607742 https://bugs.launchpad.net/ubuntu/+source/azureus/+bug/988586 __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Bug#703155: libjdom1-java-doc: Typo in package description: is a
Package: libjdom1-java-doc Version: 1.1.2+dfsg-2 Severity: minor User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu raring Dear Maintainer, The package description contains a small typo: It has a straightforward API, is a lightweight and fast, and is optimized for the Java programmer. Should be: It has a straightforward API, is lightweight and fast, and is optimized for the Java programmer. Thanks, Pascal __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Bug#701991: maven3: CVE-2013-0253
Control: reassign -1 src:wagon2 Control: tags -1 + patch Hi, The email does not appear to have reached the BTS, so I am resending it (and quoting it in full). ~Niels On 2013-03-15 04:49, Arnaud Fontaine wrote: Control: reassign -1 src:wagon2 Control: tags -1 + patch Hello, This security issue is actually affecting libwagon2-java as, besides of build improvements, maven 3.0.5 only bumps wagon2 version from 2.2 to 2.4 (should maven be rebuilt when a fixed version has been uploaded?). Therefore, I'm reassigning this issue to wagon2 instead. According to [0], it is recommended to upgrade to Maven Wagon 2.4 however this is not really possible as the new version requires (at least, when testing by changing the required version, I got more dependency errors later on) libmaven-parent-java = 23 which is not available in the archive. Moreover, there are many unrelated changes so the only solution is probably to backport the patches. The issue on Maven Wagon BTS seems to be: https://jira.codehaus.org/browse/WAGON-385 And the patches (quite small indeed): https://git-wip-us.apache.org/repos/asf?p=maven-wagon.git;a=commit;h=2f7bb33852cbb9ddb4e1abaa37f282b67bf72af5 https://git-wip-us.apache.org/repos/asf?p=maven-wagon.git;a=commit;h=b5a0839e312345499c811b6eff8f9029118ca8d5 As I don't know anything about Maven (I'm just hunting RC bugs ;-)), could you please confirm that these patches fix this issue? I can later NMU if it helps. Also, there seems to have been several other bug fixes (including security-related ones), not sure if they are really critical, just pointing out what I have found so far while checking git history from Maven Wagon 2.2 to 2.4: https://git-wip-us.apache.org/repos/asf?p=maven-wagon.git;a=commit;h=f1298163ebb9f72c618c69140f6b47c7ad6c32e5 https://git-wip-us.apache.org/repos/asf?p=maven-wagon.git;a=commit;h=31a5772aeffa38ed50355ad488f741cf48c4960a https://git-wip-us.apache.org/repos/asf?p=maven-wagon.git;a=commit;h=d95189d00ab1e7ac79bd5b9f7d20525c2776a6a2 https://git-wip-us.apache.org/repos/asf?p=maven-wagon.git;a=commit;h=6b664d691c9a0fec8a09b77a0f57c1945691db8a https://git-wip-us.apache.org/repos/asf?p=maven-wagon.git;a=commit;h=81c5ebb0efc4c9803a32fa81d390dc60da8905ac Cheers, __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions. __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Processed: Re: Bug#701991: maven3: CVE-2013-0253
Processing control commands: reassign -1 src:wagon2 Bug #701991 [src:maven] maven3: CVE-2013-0253 Bug reassigned from package 'src:maven' to 'src:wagon2'. Ignoring request to alter found versions of bug #701991 to the same values previously set Ignoring request to alter fixed versions of bug #701991 to the same values previously set tags -1 + patch Bug #701991 [src:wagon2] maven3: CVE-2013-0253 Added tag(s) patch. -- 701991: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701991 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Processed: Re: Bug#701991: maven3: CVE-2013-0253
Processing control commands: reassign -1 src:wagon2 Bug #701991 [src:wagon2] maven3: CVE-2013-0253 Ignoring request to reassign bug #701991 to the same package tags -1 + patch Bug #701991 [src:wagon2] maven3: CVE-2013-0253 Ignoring request to alter tags of bug #701991 to the same tags previously set -- 701991: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701991 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Processed: tagging 703155
Processing commands for cont...@bugs.debian.org: #updated in SVN tags 703155 + pending Bug #703155 [libjdom1-java-doc] libjdom1-java-doc: Typo in package description: is a Added tag(s) pending. thanks Stopping processing here. Please contact me if you need assistance. -- 703155: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703155 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Processed (with 1 errors): severity of 694959 is wishlist, merging 694959 666685 607742
Processing commands for cont...@bugs.debian.org:
severity 694959 wishlist
Bug #694959 [azureus] azureus/vuze: New upstream version: 4.8.0.0 -
azureus/vuze is over 3 years out of date
Severity set to 'wishlist' from 'important'
#merging vuze upgrade bugs
merge 694959 85 607742
Bug #694959 [azureus] azureus/vuze: New upstream version: 4.8.0.0 -
azureus/vuze is over 3 years out of date
Unable to merge bugs because:
package of #85 is 'vuze' not 'azureus'
package of #607742 is 'vuze' not 'azureus'
Failed to merge 694959: Did not alter merged bugs
Debbugs::Control::set_merged('transcript', 'GLOB(0x36d1410)',
'requester', 'tony mancill tmanc...@debian.org', 'request_addr',
'cont...@bugs.debian.org', 'request_msgid',
'1363457057-2464-bts-tmanc...@debian.org', 'request_subject', ...) called at
/usr/local/lib/site_perl/Debbugs/Control/Service.pm line 538
eval {...} called at
/usr/local/lib/site_perl/Debbugs/Control/Service.pm line 537
Debbugs::Control::Service::control_line('line', 'merge 694959 85
607742', 'clonebugs', 'HASH(0x3611628)', 'limit', 'HASH(0x3608998)',
'common_control_options', 'ARRAY(0x36089e0)', 'errors', ...) called at
/usr/lib/debbugs/service line 474
thanks
Stopping processing here.
Please contact me if you need assistance.
--
607742: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607742
85: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=85
694959: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694959
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers.
Please use
debian-j...@lists.debian.org for discussions and questions.
