Re: [Pkg-kde-extras] Sponsoring for upload CVE-2015-8547
Hi Pierre, On Mon, Dec 14, 2015 at 10:28:26PM +0100, Pierre Schweitzer wrote: > Dear all, > > After having asked for a CVE[0] for this Quassel issue [1], I've > uploaded you (attached) a debdiff & dsc to the bug report for an upload. > Would you be able to sponsor the upload, as I can't? > Or perhaps the maintainers are available for the upload? Can you help me evaluating the issue, since I'm not a quassel user myself: From a quick search and a bit of testing with a quassel-client/quassel-core setup, am I right that a/ multi-user setups with quassel-core are non-default and not so frequent? b/ This issue can (only) be triggered by a client connected to a quassel core? Regards, Salvatore signature.asc Description: PGP signature ___ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
Re: [Pkg-kde-extras] Sponsoring for upload CVE-2015-8547
Hi Salvatore, On 27/12/2015 09:09, Salvatore Bonaccorso wrote: > Hi Pierre, > > On Mon, Dec 14, 2015 at 10:28:26PM +0100, Pierre Schweitzer wrote: >> Dear all, >> >> After having asked for a CVE[0] for this Quassel issue [1], I've >> uploaded you (attached) a debdiff & dsc to the bug report for an upload. >> Would you be able to sponsor the upload, as I can't? >> Or perhaps the maintainers are available for the upload? > > Can you help me evaluating the issue, since I'm not a quassel user > myself: From a quick search and a bit of testing with a > quassel-client/quassel-core setup, am I right that > > a/ multi-user setups with quassel-core are non-default and not > so frequent? It's hard to say. However, there are no well-known Quassel providers (as you would have for ZNC/BNC). > b/ This issue can (only) be triggered by a client connected to a > quassel core? Yes. Regards, -- Pierre Schweitzer System & Network Administrator Senior Kernel Developer ReactOS Deutschland e.V. signature.asc Description: OpenPGP digital signature ___ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
[Pkg-kde-extras] Bug#809151: digikam: currently missing support for libkgeomap / marble
Package: digikam Version: 4:4.14.0-1 Severity: normal As mentioned in the release notes: "Currently missing support for features whose library has been split out of previous digikam source releases; e.g. libkface, libkgeomap, and some others." This bug should track the geo-features tracking like marble, libkgeomap integration (like geo-search and geolocation using OSM map), which is currently missing. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system) Versions of packages digikam depends on: ii digikam-data4:4.14.0-1 ii digikam-private-libs4:4.14.0-1 ii kde-runtime 4:15.08.1-1 ii libc6 2.19-22 ii libgcc1 1:5.2.1-23 ii libgphoto2-62.5.9-3 ii libgphoto2-port12 2.5.9-3 ii libkdcraw23 4:15.04.2-0ubuntu1 ii libkdecore5 4:4.14.12-2 ii libkdeui5 4:4.14.12-2 ii libkexiv2-114:15.04.3-1 ii libkhtml5 4:4.14.12-2 ii libkio5 4:4.14.12-2 ii libkipi11 4:4.13.3-1 ii libknotifyconfig4 4:4.14.12-2 ii libkparts4 4:4.14.12-2 ii libopencv-core2.4v5 2.4.9.1+dfsg-1.2 ii libopencv-imgproc2.4v5 2.4.9.1+dfsg-1.2 ii libphonon4 4:4.8.0-5 ii libqt4-dbus 4:4.8.7+dfsg-1 ii libqt4-sql 4:4.8.7+dfsg-1 ii libqt4-sql-sqlite 4:4.8.7+dfsg-1 ii libqt4-xml 4:4.8.7+dfsg-1 ii libqtcore4 4:4.8.7+dfsg-1 ii libqtgui4 4:4.8.7+dfsg-1 ii libsolid4 4:4.14.12-2 ii libstdc++6 5.2.1-23 ii libthreadweaver44:4.14.12-2 ii perl5.20.2-6 ii phonon 4:4.8.0-5 ___ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
Re: [Pkg-kde-extras] Sponsoring for upload CVE-2015-8547
Hi Pierre, Thanks for you quick reply, really appreciated. On Sun, Dec 27, 2015 at 10:55:28AM +0100, Pierre Schweitzer wrote: > Hi Salvatore, > > On 27/12/2015 09:09, Salvatore Bonaccorso wrote: > > Hi Pierre, > > > > On Mon, Dec 14, 2015 at 10:28:26PM +0100, Pierre Schweitzer wrote: > >> Dear all, > >> > >> After having asked for a CVE[0] for this Quassel issue [1], I've > >> uploaded you (attached) a debdiff & dsc to the bug report for an upload. > >> Would you be able to sponsor the upload, as I can't? > >> Or perhaps the maintainers are available for the upload? > > > > Can you help me evaluating the issue, since I'm not a quassel user > > myself: From a quick search and a bit of testing with a > > quassel-client/quassel-core setup, am I right that > > > > a/ multi-user setups with quassel-core are non-default and not > > so frequent? > > It's hard to say. However, there are no well-known Quassel providers (as > you would have for ZNC/BNC). > > > b/ This issue can (only) be triggered by a client connected to a > > quassel core? > > Yes. I think this then can be fixed via a Jessie point release, which is around the corner. Can you contact the SRM to have it scheduled via jessie-pu? Cf. https://www.debian.org/doc/manuals/developers-reference/ch05.en.html#upload-stable You can add me to Cc when you fill the bug against release.debian.org, if you then need a sponsor after the ack of the stable release managers. (n.b.: the targetting distribution needs to be changed to jessie in the debdiff in this case). Regards, Salvatore ___ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
[Pkg-kde-extras] kvpnc is marked for autoremoval from testing
kvpnc 0.9.6a-2.1 is marked for autoremoval from testing on 2016-01-11 It is affected by these RC bugs: 733700: kvpnc: please do not depend on module-init-tools ___ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
[Pkg-kde-extras] Bug#771838: [liblensfun0] New upstream version
Hallöchen! Evgeni Golov writes: > On Wed, Aug 05, 2015 at 11:13:33PM +0200, Guus Sliepen wrote: > >> [...] >> >> Ok, then I will cancel the current delayed upload and prepare one >> with a version from git, and inform all reverse dependencies of >> the impending change. Unless the real maintainers wake up of >> course. > > was there any progress on this? I've not seen anything in the > pkg-kde SVN. (asking with my gimp-lensfun maintainer hat on, as > the new g-l release needs newer lensfun) > > would be willing to help, not liking maintaining libs, though ;) Well, Lensfun 0.3.2 passed the buck to the Debian maintainers. FWIW, there is a branch debian-packaging in the original Lensfun Git repo, in which the Lensfun maintainer made a provisional packaging to see whether the Lensfun code and especially the build system are Debian-compatible. It is a throw-away branch by people not really famliar with Debian packaging guidelines, but it may serve as a starting point. Tschö, Torsten. -- Torsten BrongerJabber ID: torsten.bron...@jabber.rwth-aachen.de ___ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
[Pkg-kde-extras] Bug#733700: please do not depend on module-init-tools
Control: severity -1 serious The dummy transitional package has now been removed, as such this package is not buildable nor installable anymore. I am therefore increasing the severity to serious with this mail. If this package is not fixed soon, it will get removed from testing in the next weeks. (Text stolen from #733693, I am lazy.) -- ciao, Marco signature.asc Description: PGP signature ___ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
[Pkg-kde-extras] Processed: Re: Bug#733700: please do not depend on module-init-tools
Processing control commands: > severity -1 serious Bug #733700 [kvpnc] please do not depend on module-init-tools Severity set to 'serious' from 'important' -- 733700: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733700 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ___ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
