date:20190109

Bug#918722: marked as done (debootstrap: says InRelease file expired)

2019-01-09 Thread Debian Bug Tracking System

Your message dated Wed, 09 Jan 2019 13:49:46 +
with message-id 
and subject line Bug#918722: fixed in debootstrap 1.0.114
has caused the Debian Bug report #918722,
regarding debootstrap: says InRelease file expired
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
918722: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918722
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: debootstrap
Version: 1.0.113
Severity: normal

When bootstrapping Raspbian with debootstrap it fails since version 1.0.113:

  debootstrap --arch=armhf --foreign --verbose 
--keyring=raspbian.public.key.gpg stretch /my/directory 
http://mirrordirector.raspbian.org/raspbian/

The error message is
  E: InRelease file 
http://mirrordirector.raspbian.org/raspbian/dists/stretch/InRelease is expired 
since (Tue, 08 Jan 2019 00:00:00 +0100)

Yesterday (on 07 Jan) the error message told me it was expired since 07 Jan.

The problem does not occur with version 1.0.112 of debootstrap.

I am not sure at all, if this is a problem within Raspbian or in debootstrap.


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages debootstrap depends on:
ii  wget  1.20.1-1

Versions of packages debootstrap recommends:
ii  arch-test   0.15-1
ii  debian-archive-keyring  2018.1
ii  gnupg   2.2.12-1

Versions of packages debootstrap suggests:
pn  squid-deb-proxy-client  
pn  ubuntu-archive-keyring  

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: debootstrap
Source-Version: 1.0.114

We believe that the bug you reported is fixed in the latest version of
debootstrap, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 918...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Julien Cristau  (supplier of updated debootstrap package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 09 Jan 2019 14:00:04 +0100
Source: debootstrap
Binary: debootstrap debootstrap-udeb
Architecture: source
Version: 1.0.114
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team 
Changed-By: Julien Cristau 
Description:
 debootstrap - Bootstrap a basic Debian system
 debootstrap-udeb - Bootstrap the Debian system (udeb)
Closes: 918722
Changes:
 debootstrap (1.0.114) unstable; urgency=medium
 .
   * Revert changes from 1.0.113 (closes: #918722)
Checksums-Sha1:
 76a96f5c20e1b674bbbcf5070b3b1e88dafc545c 1988 debootstrap_1.0.114.dsc
 7f95d561dc51d753f955302f9f9a72c6aaa86d94 75613 debootstrap_1.0.114.tar.gz
Checksums-Sha256:
 d62a4d86940ac9b9d6ad9aa87146353b6350ab76cdf0a43d1f487bb8c32f2018 1988 
debootstrap_1.0.114.dsc
 a8e1456816a9ed55bf329de1cc93a199ad2099a21a66804b78e1aa0e170a9c92 75613 
debootstrap_1.0.114.tar.gz
Files:
 7b341e654c81943abce2a33d7d18e733 1988 admin optional debootstrap_1.0.114.dsc
 6f694bf6a25233f6fed84a6b7c9d4bed 75613 admin optional 
debootstrap_1.0.114.tar.gz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEVXgdqzTmGgnvuIvhnbAjVVb4z60FAlw18bEACgkQnbAjVVb4
z62PKg/+O3mrZRrMxtGhYPVsBdy8QuxjEmTQdYLXV10hsRdyEtarzxiSiRj506Ap
cdtge29EDX+EoL/TKV4i27CgbzMig0n32Of9qXcnzLhxElUZUKmSQkPzE+bb7Pu+
AyGUM62zoYPZQFBQyQ/hUrmAU30wNktt8FS7ZkroKFKwkjAsGlbGxlE0EhVTKUD/
kBNAIKXkLhMG2WrLqMSt3Rex6h47TlosCq3Y49kK/zKg11Ub1eguudqzg+FSEzR7
6cPnBk+Gjvj6RXzo7ouRhQS4foMA7as+Tb70/So4J9UmwdBP+7rE148+sif37iIe
Iz/9P2dbFKGI2bNIPaJ8WxZ3Kx9XTwPIkzmXvDugmHSF+Pe6mSEyc8BXA7Jf1Dxq
CwN3zS/byMQa5NEEg63F3TxjNWOKp6B8Y2m6WOoMiUIM86aSoMRnQv1O5GyLg5Ec
Ug5dLNuGY1JaCv5gl75mQAgVe56gQMGF9O79glAJFYyw3/P9vWJ7oPLGEutejCg0
CnRHOiblCvWK43+Pz7AOh5K7slThfKa8KVKmJYNCOUFj6LUEQ6ATCshv0Ak5xTiS
77TCki1dpeiOaNh6OnCGIjTuZpGN5JLW9JYgJva8CxWE60yv6CJubqlRF596u/rA
GHdce4414yEDdrDzVOnGyMsW8CeEJ4R+jPx3rPCuvP3mofnB7Do=
=Esa/
-END PGP SIGNATURE End Message ---

debootstrap_1.0.114_source.changes ACCEPTED into unstable

2019-01-09 Thread Debian FTP Masters




Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 09 Jan 2019 14:00:04 +0100
Source: debootstrap
Binary: debootstrap debootstrap-udeb
Architecture: source
Version: 1.0.114
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team 
Changed-By: Julien Cristau 
Description:
 debootstrap - Bootstrap a basic Debian system
 debootstrap-udeb - Bootstrap the Debian system (udeb)
Closes: 918722
Changes:
 debootstrap (1.0.114) unstable; urgency=medium
 .
   * Revert changes from 1.0.113 (closes: #918722)
Checksums-Sha1:
 76a96f5c20e1b674bbbcf5070b3b1e88dafc545c 1988 debootstrap_1.0.114.dsc
 7f95d561dc51d753f955302f9f9a72c6aaa86d94 75613 debootstrap_1.0.114.tar.gz
Checksums-Sha256:
 d62a4d86940ac9b9d6ad9aa87146353b6350ab76cdf0a43d1f487bb8c32f2018 1988 
debootstrap_1.0.114.dsc
 a8e1456816a9ed55bf329de1cc93a199ad2099a21a66804b78e1aa0e170a9c92 75613 
debootstrap_1.0.114.tar.gz
Files:
 7b341e654c81943abce2a33d7d18e733 1988 admin optional debootstrap_1.0.114.dsc
 6f694bf6a25233f6fed84a6b7c9d4bed 75613 admin optional 
debootstrap_1.0.114.tar.gz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEVXgdqzTmGgnvuIvhnbAjVVb4z60FAlw18bEACgkQnbAjVVb4
z62PKg/+O3mrZRrMxtGhYPVsBdy8QuxjEmTQdYLXV10hsRdyEtarzxiSiRj506Ap
cdtge29EDX+EoL/TKV4i27CgbzMig0n32Of9qXcnzLhxElUZUKmSQkPzE+bb7Pu+
AyGUM62zoYPZQFBQyQ/hUrmAU30wNktt8FS7ZkroKFKwkjAsGlbGxlE0EhVTKUD/
kBNAIKXkLhMG2WrLqMSt3Rex6h47TlosCq3Y49kK/zKg11Ub1eguudqzg+FSEzR7
6cPnBk+Gjvj6RXzo7ouRhQS4foMA7as+Tb70/So4J9UmwdBP+7rE148+sif37iIe
Iz/9P2dbFKGI2bNIPaJ8WxZ3Kx9XTwPIkzmXvDugmHSF+Pe6mSEyc8BXA7Jf1Dxq
CwN3zS/byMQa5NEEg63F3TxjNWOKp6B8Y2m6WOoMiUIM86aSoMRnQv1O5GyLg5Ec
Ug5dLNuGY1JaCv5gl75mQAgVe56gQMGF9O79glAJFYyw3/P9vWJ7oPLGEutejCg0
CnRHOiblCvWK43+Pz7AOh5K7slThfKa8KVKmJYNCOUFj6LUEQ6ATCshv0Ak5xTiS
77TCki1dpeiOaNh6OnCGIjTuZpGN5JLW9JYgJva8CxWE60yv6CJubqlRF596u/rA
GHdce4414yEDdrDzVOnGyMsW8CeEJ4R+jPx3rPCuvP3mofnB7Do=
=Esa/
-END PGP SIGNATURE-


Thank you for your contribution to Debian.

Fw: control file: Priority for udeb packages

2019-01-09 Thread Holger Wansing

Forgot to add you to CC

Holger

Date: Mon, 7 Jan 2019 23:10:01 +0100
From: Holger Wansing 
To: debian-boot 
Subject: control file: Priority for udeb packages

Hi,

the Debian Policy is not strict there under
https://www.debian.org/doc/debian-policy/ch-controlfields.html#priority
so I better ask:

Is there any sense in adding a Priority field for udeb packages? 
For example like this for cdebconf:

snip---
Source: cdebconf
Section: utils
Priority: optional
[...]

Package: cdebconf
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}, debconf, dpkg (>= 1.15.4)
Provides: debconf-2.0
Suggests: cdebconf-gtk
Priority: optional
[...]

Package: cdebconf-udeb
Architecture: any
Section: debian-installer
Priority: standard
Depends: ${shlibs:Depends}, ${misc:Depends}
Provides: debconf-2.0
Package-Type: udeb
[...]

--snap-

Source package has optional, also has the 'cdebconf' binary package, and the
udeb has standard.
I this somehow intended? Has is some effect?

udebs are 'micro binary packages' by definition, so they don't need the
Priority field themselves, they inherit the value from Source package, right?

Any other intention, especially why the udeb has standard, while source has
optional?

Holger

-- 
Holger Wansing 
PGP-Finterprint: 496A C6E8 1442 4B34 8508  3529 59F1 87CA 156E B076

-- 
Holger Wansing 
PGP-Finterprint: 496A C6E8 1442 4B34 8508  3529 59F1 87CA 156E B076

Processed: Re: Bug#918722: debootstrap: says InRelease file expired

2019-01-09 Thread Debian Bug Tracking System

Processing control commands:

> severity -1 serious
Bug #918722 [debootstrap] debootstrap: says InRelease file expired
Severity set to 'serious' from 'normal'

-- 
918722: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918722
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#918722: debootstrap: says InRelease file expired

2019-01-09 Thread Julien Cristau

On 1/8/19 7:46 PM, Michael Büsch wrote:
> Package: debootstrap
> Version: 1.0.113
> Severity: normal
> 
> When bootstrapping Raspbian with debootstrap it fails since version 1.0.113:
> 
>   debootstrap --arch=armhf --foreign --verbose 
> --keyring=raspbian.public.key.gpg stretch /my/directory 
> http://mirrordirector.raspbian.org/raspbian/
> 
> The error message is
>   E: InRelease file 
> http://mirrordirector.raspbian.org/raspbian/dists/stretch/InRelease is 
> expired since (Tue, 08 Jan 2019 00:00:00 +0100)
> 
> Yesterday (on 07 Jan) the error message told me it was expired since 07 Jan.
> 
> The problem does not occur with version 1.0.112 of debootstrap.
> 
> I am not sure at all, if this is a problem within Raspbian or in debootstrap.
> 
Hideki,

I reverted the 1.0.113 changes to unbreak this and uploaded 1.0.114.
I'm happy to review an updated version when you get that working.  Hope
that's ok.

Cheers,
Julien

Processing of debootstrap_1.0.114_source.changes

2019-01-09 Thread Debian FTP Masters

debootstrap_1.0.114_source.changes uploaded successfully to localhost
along with the files:
  debootstrap_1.0.114.dsc
  debootstrap_1.0.114.tar.gz

Greetings,

Your Debian queue daemon (running on host usper.debian.org)

Bug#918846: busybox: CVE-2018-20679

2019-01-09 Thread Salvatore Bonaccorso

Source: busybox
Version: 1:1.27.2-3
Severity: normal
Tags: patch security upstream
Forwarded: https://bugs.busybox.net/show_bug.cgi?id=11506

Hi,

The following vulnerability was published for busybox.

CVE-2018-20679[0]:
| An issue was discovered in BusyBox before 1.30.0. An out of bounds read
| in udhcp components (consumed by the DHCP server, client, and relay)
| allows a remote attacker to leak sensitive information from the stack
| by sending a crafted DHCP message. This is related to verification in
| udhcp_get_option() in networking/udhcp/common.c that 4-byte options are
| indeed 4 bytes.

Note that the only once commit initially referenced for CVE-2018-20679
is incomplete, but see security-tracker for further notes.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-20679
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20679

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#918722: marked as done (debootstrap: says InRelease file expired)

debootstrap_1.0.114_source.changes ACCEPTED into unstable

Fw: control file: Priority for udeb packages

Processed: Re: Bug#918722: debootstrap: says InRelease file expired

Bug#918722: debootstrap: says InRelease file expired

Processing of debootstrap_1.0.114_source.changes

Bug#918846: busybox: CVE-2018-20679

7 matches

Site Navigation

Mail list logo

Footer information