Bug#811522: proposed RM: jenkins -- RoQA; multiple security issues, FTBFS, unmaintained in Debian

2016-01-19 Thread Ansgar Burchardt 
Package: jenkins
Severity: serious

Hi,

the jenkins package in Debian has multiple open security issues[1][2]
and fails to build with Groovy 2[3].  It also is quite outdated
(Debian: 1.565.3 released upstream mid-2014; current version: 1.644
from Jan 2016 with lots of releases inbetween).

Jenkins also isn't part of a stable release (currently only in
unstable).

I suggest to remove the package from Debian.  If there are no
objections, I'll reassign the request to the ftp.debian.org pseudo-
package later.

I'm also wondering if "jenkins-memory-monitor" should also be removed
at the same time or if it is also useful without jenkins?

Ansgar

  [1] 
  [2] 
  [3] 

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Re: sweethome3d-textures_1.1-1_i386.changes REJECTED

2014-10-23 Thread Ansgar Burchardt 
Hi,

Gabriele Giacone 1o5g4...@gmail.com writes:
 On Thu, Oct 23, 2014 at 5:57 PM, Debian FTP Masters
 ftpmas...@ftp-master.debian.org wrote:

 ACL dm: NEW uploads are not allowed

 Hello ftpmasters,
 I switched to a stronger key few days ago.
 See
 https://anonscm.debian.org/cgit/keyring/keyring.git/commit/?id=cdcd6ca706360329b2252bc8ec11f32b7424da11

 New key, so next uploads seen as NEW uploads?
 Or given [0] lists old fingerprint, should i re-ask to all DDs who
 have granted me DM rights in the past to do that again? I thought
 (hoped) it would have been automatic.

It's not (yet) automated, but:

+---
|  Action: dm-migrate
|  From: B5BCBDDE7CA813D4F6A3D135A7771D09B55C9C2B
|  To: 5BD0 67A2 9DFC A64B 19CC  7AD9 D433 0926 497D 44FE
|  Reason: Replace 0xA7771D09B55C9C2B with 0xD4330926497D44FE (Gabriele 
Giacone) (RT #5347)
| Migrated B5BCBDDE7CA813D4F6A3D135A7771D09B55C9C2B to 
5BD067A29DFCA64B19CC7AD9D4330926497D44FE.
| 14 acl entries changed: sweethome3d, ubiquity-extension, pidgin-skype,
| sweethome3d-furniture, sweethome3d-furniture-nonfree,
| sweethome3d-furniture-editor, sweethome3d-textures-editor, jedit,
| jxplorer, sunflow, gnash, critterding, freehep-graphics2d, lightspark
+---

Ansgar

__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. 
Please use
debian-j...@lists.debian.org for discussions and questions.

jackson-parent_2.4.1-1_amd64.changes REJECTED

2014-09-08 Thread Ansgar Burchardt 

As requested by mail.

===

Please feel free to respond to this email if you don't understand why
your files were rejected, or if you upload new files which address our
concerns.


__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Re: jaxb_2.2.5-1_amd64.changes REJECTED

2014-09-03 Thread Ansgar Burchardt 
On 09/03/2014 11:52, Timo Aaltonen wrote:
 On 03.09.2014 12:51, Debian FTP Masters wrote:
 No target suite found. Please check your target distribution and that you 
 uploaded to the right archive.
 
 Huh? The second upload should be fine..

What does the Distribution field of the .changes you uploaded say?

Ansgar



__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. 
Please use
debian-j...@lists.debian.org for discussions and questions.

openjdk-7-jdk-dcevm_7u55-1_amd64.changes REJECTED

2014-05-19 Thread Ansgar Burchardt 

As requested by mail.

===

Please feel free to respond to this email if you don't understand why
your files were rejected, or if you upload new files which address our
concerns.


__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. 
Please use
debian-j...@lists.debian.org for discussions and questions.

findbugs_2.0.2-1_amd64.changes REJECTED

2013-09-08 Thread Ansgar Burchardt 

Hi,

the source for lib/* and build-lib/* seems to be missing, nor are they
documented in d/copyright.

Apache-1.1 and GPL are incompatible[1], yet upstream includes both. Please
explain why you think this is not a problem (it was mentioned on #-mentors when
talking about the package so I assume you are aware of the problem).

  [1] http://www.gnu.org/licenses/license-list.html#apache1.1

Ansgar

===

Please feel free to respond to this email if you don't understand why
your files were rejected, or if you upload new files which address our
concerns.


__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#702175: src:libjogl2-java: maintainer address bounces

2013-03-03 Thread Ansgar Burchardt 
Source: libjogl2-java
Version: 2.0-rc8-2
Severity: serious

The maintainer address bounces, see below.

Ansgar

ubuntu-devel-discuss-boun...@lists.ubuntu.com writes:
 Your mail to 'Ubuntu-devel-discuss' with the subject

 Processing of libjogl2-java_2.0-rc8-2_amd64.changes

 Is being held until the list moderator can review it for approval.

 The reason it is being held:

 Post by non-member to a members-only list

 Either the message will get posted to the list, or you will receive
 notification of the moderator's decision.  If you would like to cancel
 this posting, please visit the following URL:

 
 https://lists.ubuntu.com/mailman/confirm/ubuntu-devel-discuss/87d31d13b6fb3d82c02be2e21a138985bb3e7f21

__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#692625: non-free files in upstream tarball (The Software shall be used for Good, not Evil)

2012-11-07 Thread Ansgar Burchardt 
Package: src:jenkins-json
Version: 2.1-rev7-2
Severity: serious

The upstream tarball contains files under the non-free JSON license:

% rgrep -l 'The Software shall be used for Good, not Evil.' .
./src/main/jdk15/net/sf/json/JSONObject.java
./src/main/jdk15/net/sf/json/JSONArray.java
./src/main/java/net/sf/json/util/JSONStringer.java
./src/main/java/net/sf/json/util/JSONTokener.java
./src/main/java/net/sf/json/util/JSONBuilder.java
./src/main/java/net/sf/json/JSONNull.java

Ansgar

__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Comments regarding pirl_2.3.6-1_amd64.changes

2012-05-04 Thread Ansgar Burchardt 
Hi,

the images PIRL/Database/Icons/{Im,Ex}port_24.gif contain the following notice:
Copyright 2000 by Sun Microsystems, Inc. All Rights Reserved

What is the license for these?

Regards,
Ansgar



__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Comments regarding libtritonus-java_20070428-9_amd64.changes

2011-08-31 Thread Ansgar Burchardt 
Hi,

libtritonus-jni is supposed to ship the jni shared libraries, but it's just an
empty package (on amd64). Is that intentional?

Ansgar



__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Comments regarding libjemmy2-java_2.3.1.1-1_amd64.changes

2011-06-09 Thread Ansgar Burchardt 
Hi,

please include the full text of the CDDL and Classpath exception in the
copyright information.

Regards,
Ansgar



__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. 
Please use
debian-j...@lists.debian.org for discussions and questions.

libnb-platform-java_6.9-1_amd64.changes REJECTED

2011-04-10 Thread Ansgar Burchardt 
Hi,

I have to reject your upload as there are several problems with it:

  nbi/infra/build/jvm/tools/unzipsfx/*:
  nbi/engine/src/org/netbeans/installer/utils/applications/TestJDK.class:
Binaries without source.

  ide/launcher/macosx/macosx_launcher.dmg:
Includes binaries for OS X that cannot be build on Debian.

  nbi/engine/native/launcher/windows/vcproject/NBI Native Launcher.suo:
Can this file be modified on Debian?

In addition several files such as api.annotations.common/arch.xml are released
only under the terms of the CDDL. This might be an oversight upstream, but
please document them in the copyright information.

Regards,
Ansgar



===

Please feel free to respond to this email if you don't understand why
your files were rejected, or if you upload new files which address our
concerns.


__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers. Please 
use
debian-j...@lists.debian.org for discussions and questions.

Comments regarding your bindex_2.2-1 upload

2011-03-28 Thread Ansgar Burchardt 
Hi,

I noticed an additional copyright holder for
src/org/osgi/impl/bundle/obr/resource/FilterImpl.java:

  (C) 2000 Gatespace AB. All Rights Reserved.

Please include this in your next upload.

Regards,
Ansgar

__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers. Please 
use
debian-j...@lists.debian.org for discussions and questions.