> "Simon" == Simon McVittie writes:
Simon> If click-to-focus is suitable for your workflow, the focus
Simon> mode can be reset to the default with this command:
Simon> gsettings reset org.gnome.desktop.wm.preferences focus-mode
I tried running that and can still reproduce the
Package: gnome-shell
Version: 43.1-2
Severity: normal
Tags: a11y
I've also reproduced against 43.3-1, but it's harder to send email from that
system.
I'm blind, running gnome on X using orca as a screen reader.
In bullseye I could hit ctrl-alt-tab to switch up to the top bar, and then use
> "Michael" == Michael Biebl writes:
Michael> If a service is not supposed to be enabled, then an
Michael> override for dh_installsystemd is the correct solution,
Michael> setting --no-enable, but not by moving it into a
Michael> subpackage.
Sorry, I was imprecise.
Imagine
>> Moreover, I suspect in a number of the cases related to this
>> current bug, replaces will be likely. I suspect that in some of
>> the cases where units have been introduced that are disabled
>> currently, but will be enabled by the dh_installsystemd change,
>> we will
> "Sebastian" == Sebastian Ramacher writes:
Sebastian> Can you expand your concern? I expect that this issue
Sebastian> goes away as soon as we can assume that all systems are
Sebastian> /usr-merged. At that point I expect that we are able to
Sebastian> drop the workaround
>>>>> "Sebastian" == Sebastian Ramacher writes:
Sebastian> On 2023-02-23 11:12:00 -0700, Sam Hartman wrote:
>> >>>>> "Sean" == Sean Whitton writes:
>>
Sean> Hello,
Sean> On Wed 22 Feb 2023 at 09:55
> "Sean" == Sean Whitton writes:
Sean> Hello,
Sean> On Wed 22 Feb 2023 at 09:55AM +01, Sebastian Ramacher wrote:
>> Unless I am missing something, having dh_installsystemd look at
>> the service files in /usr/lib is the only viable solution for
>> bullseye -> bookworm.
> "Wouter" == Wouter Verhelst writes:
Wouter> On Wed, Feb 15, 2023 at 02:38:10PM -0500, Marvin Renich wrote:
>> > > > - the service fails to start in the postinst.
>>
>> This implies that "the service is running" is part of "the
>> service is configured", which is where
> "Antonio" == Antonio Terceiro writes:
Antonio> On Wed, Feb 22, 2023 at 09:24:29AM -0700, Scarlett Moore wrote:
>>
>> On 2/21/23 15:03, Ryan Kavanagh wrote:
>> > On Sun, Feb 19, 2023 at 09:01:56AM -0700, Scarlett Moore wrote:
>> > > Description : A tool for glamourous
>>>>> "Michael" == Michael Biebl writes:
Michael> Am 21.02.23 um 17:45 schrieb Sam Hartman:
>>>>>>> "Michael" == Michael Biebl writes:
Michael> Excluding packages that only ship overrides/drop-ins, this
Michael&
> "Michael" == Michael Biebl writes:
Michael> Excluding packages that only ship overrides/drop-ins, this
Michael> makes 37 affected packages in bookworm.
If I'm understanding this issue correctly, the concern would be a
package that moved from /lib/systemd/system to
> "Theodore" == Theodore Ts'o writes:
Theodore> So enabling what may be convenient, but ultimately an
Theodore> anti-pattern is something that hopefully in the long-term
Theodore> Debian should be trying to *avoid*.
That's certainly true.
I am not entirely convinced that using
> "Adrian" == Adrian Bunk writes:
Adrian> Below is my attempt to give an overview of the situation,
Adrian> feel free to amend/correct if anything is missing or wrong.
I believe your summary is correct and includes the issues I am aware of.
I believe I am following things enough
Replying off list, because I don't think it matters much for the RT
discussion.
> "Russ" == Russ Allbery writes:
Russ> Yes, I'm probably understating the difficulty of making this
Russ> change in practice inside image building software as it's
Russ> currently constructed.
> "Adrian" == Adrian Bunk writes:
Adrian> On Thu, Feb 16, 2023 at 05:48:22PM +0100, Daniel Leidert wrote:
>> Am Donnerstag, dem 16.02.2023 um 18:37 +0200 schrieb Adrian Bunk:
>> > On Wed, Feb 15, 2023 at 12:05:41AM +0100, Daniel Leidert wrote:
>> > > ... > > Reasons: > > ...
> "Sebastian" == Sebastian Ramacher writes:
Sebastian> To better understand the impact of this change, I was
Sebastian> wondering which tools / image builders in the archive
Sebastian> would be affected by this change. I've cloned the bug to
Sebastian> vmdb2, but what about
>>>>> "Theodore" == Theodore Ts'o writes:
Theodore> On Wed, Feb 15, 2023 at 01:17:38PM -0700, Sam Hartman wrote:
>>
>> I.E. I think your question of "for how long" has a very simple
>> answer based on our history: if we ca
> "Theodore" == Theodore Ts'o writes:
the answer to your "how long" is that packages
>> should also work with the kernel from the previous and the kernel
>> from the next Debian release.
Theodore> This isn't a problem with the kernel.
I don't think that was Adrian's point.
I
> "Jonas" == Jonas Smedegaard writes:
Jonas> Yes, I am aware that the Rust team packages arch-all code as
Jonas> arch-any packages, but I am unaware that their reasoning is
Jonas> well documented anywhere. The only reason I was aware of
Jonas> when I did the switch was that
> "Danielll" == Daniel Schreiber
> writes:
Danielll> Hi is there any chance to get this fixed? We have reasons
Danielll> to use MIT Kerberos on the clients and Heimdal for
Danielll> KDC. Therefore we need kinit/klist from MIT and kadmin
Danielll> from Heimdal on some of
The TC bug is 904558.
Busy with day job now.
> "Holger" == Holger Levsen writes:
Holger> I do agree with that. I'm more against a general
Holger> recommendation, depending on the circumstances, it's the
Holger> right thing to do.
My recollection is this came before the TC, but I'm blanking on the bug
number.
But it seems
> "Holger" == Holger Levsen writes:
Holger> I don't think there has been consent on the issue, thus I'm
Holger> tagging it moreinfo.
My reading of the TC and debian-devel discussion was that this was at
least a reasonable thing for maintainers to do,
and whether it should be done
> "Jan" == Jan Mojzis writes:
Jan> If I understand it correctly, CC0-style public-domain
Jan> declaration in debian/copyright solves the problem. (learned
Jan> here:
Jan> https://lists.debian.org/debian-mentors/2017/09/msg00171.html)
I'm not entirely sure I agree with Don,
> "Jan" == Jan Mojzis writes:
* Package name: randombytes
Version : 20230126
Upstream Author : Daniel J. Bernstein
* URL : https://randombytes.cr.yp.to/
* License : Public domain
Public domain is problematic as a license.
At least under US copyright law,
Ansgar> +--- | The required packages are called build-essential, and
Ansgar> an informational | list can be found in
Ansgar> /usr/share/doc/build-essential/list (which is | contained in
Ansgar> the build-essential package). +---[ Section 4.2 ]
Ansgar> to something like
> "Guillem" == Guillem Jover writes:
Guillem> …but hmm, is this perhaps not taking into account
Guillem> Pre-Depends?
Something seems to be wrong.
It was very convenient that pam is not in the essential set--I got to
update it.
And yet login , which sure appears to be essential
> "Svante" == Svante Signell writes:
Svante> modules_pam_nologin_tst-pam_nologin-retval.c.diff disabling
Svante> two subtests failing on GNU/Hurd. -
Why do these subtests fail?
Svante>
Svante> debian_libpam-modules-bin.install.hurd-i386.patch creating
Svante> an
> "Moritz" == Moritz Mühlenhoff writes:
Moritz> Not moving to 6.1.x (which is most likely the next Linux
Moritz> kernel LTS) is by far a worse regression since it applies to
Moritz> every single Debian system.
Moritz> As a community distro without paid, full time kernel
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: p...@packages.debian.org
Control: affects -1 + src:pam
Please unblock package pam
If I am reading https://qa.debian.org/excuses.php?package=pam
right, it looks like pam is
control: tags -1 patch fixed-upstream
Hi.
I've confirmed that the upstream fix works.
Here's a debdiff for the package I built:
pulse.debdiff
Description: Binary data
signature.asc
Description: PGP signature
> "Alexis" == Alexis writes:
Alexis> I have to remove the option use_authtok for it to work!
Alexis> Could you please reconsider this request?
I don't think this request ever got considered in the first place.
And I'm still not sure what to do.
The aThere are two situations:
*
> "Santiago" == Santiago Vila writes:
Santiago> I think you can't really estimate such thing. You seem to
Santiago> imply that we have been allowing packages with missing
Santiago> build-dependencies for a long time, but that's not
Santiago> accurate. The *buildds* have been
> "Santiago" == Santiago Vila writes:
Santiago> A minimal build essential set provides and generates
Santiago> useful information that a build essential set which is not
Santiago> so minimal does not provide.
Santiago> For example, some packages have unit tests which depend
> "Santiago" == Santiago Vila writes:
Santiago> As an example, packages tzdata, mount or e2fsprogs are not
Santiago> build-essential and afaik have not been for a long time,
Santiago> but there are still people who believe that they are
Santiago> build-essential for the mere
>>>>> "Sam" == Sam Hartman writes:
>>>>> "Simon" == Simon McVittie writes:
Simon> It would be great if the pam source package used
Simon> debian/patches/ instead of debian/patches-applied/ for the
Simon> patch series. Tha
I'm committing this.
For reasons entirely unclear to me, pam is not listed in
https://release.debian.org/testing/essential-and-build-essential.txt
so we haven't missed the train for bookworm.
--Sam
> "Bastian" == Bastian Germann writes:
Bastian> The main license does not have a GPL version. However,
Bastian> there are several files licensed under specific (L)GPL
Bastian> versions and also other licenses included. Debian Policy
Bastian> requires to document every
control: retitle -1 Regression Pipewire 0.3.63 breaks underruns breaking
emacspeak accessibility
control: found -1 0.3.63-1
I'm sorry. I meant pipewire 0.3.59 works and 0.3.63 is broken.
I apologize for the sloppiness.
package: pipewire-pulse
severity: important
tags: accessibility
x-debbugs-cc: debian-accessibil...@lists.debian.org
Hi. I use emacspeak, a screen reader/desktop on top of emacs for access
to terminal applications.
I noticed that the upgrade from pipewire 0.59 to pipewire 0.63 broke
speech.
I'd
Package: release.debian.org
Severity: normal
I was looking at
https://release.debian.org/testing/essential-and-build-essential.txt
trying to figure out which packages I'm involved in are covered by the
toolchain freeze. I am wondering what's still pulling
libgssapi-krb5-2 and friends into
> "Craig" == Craig Raw writes:
Craig> I assume the next step is to upload these two files, but I'm
Craig> uncertain of where or how to do this.
No, probably the next step is to make sure all the dependencies are
packaged in Debian
and then to generate a Debian format source package
> "Ross" == Ross Vandegrift writes:
>> From my quick read: Michael Biebl proposes dropping
>> network-pre.target
Ross> from cloud-init's After=, and replacing it with each of the
Ross> config backends that cloud-init supports. This sounds pretty
Ross> reasonable, but
control: tags -1 moreinfo
This error is not plausible given what libk5crypto3 does and given the
change between u2 and u3, which didn't impact libk5crypto3 at all.
I'd need to see some actual errors linking the problem to libk5crypto3,
not just circumstantial evidence that the problem happens
> "craig" == craig writes:
craig> Inclusion into the Debian repository is a precursor to
craig> inclusion into Tails, which has been broadly requested in the
craig> Bitcoin community. Sparrow is already released as a .deb
craig> package (see
> "Salvatore" == Salvatore Bonaccorso writes:
Salvatore> We were originally thinking so (and Moritz added krb5 to
Salvatore> the DSA needed list), as at least for 32bit architectures
Salvatore> it might be possible to go beyond denial of service and
Salvatore> potentially
er conditions;
+CVE-2022-42898, Closes: #1024267
+
+ -- Sam Hartman Thu, 17 Nov 2022 12:41:46 -0700
+
krb5 (1.18.3-6+deb11u2) bullseye; urgency=medium
* Use SHA256 as Pkinit CMS Digest, Closes: #1017995
diff --git a/debian/patches/0014-Fix-integer-overflows-in-PAC-parsing.patch
> "Vagrant" == Vagrant Cascadian writes:
Vagrant> Would you be amenable to an NMU to unstable applying the
Vagrant> following patches and fixing these issues? If yes, should I
Vagrant> build upon the package in experimental? Plans for using
Vagrant> salsa.debian.org? dgit?
> "Salvatore" == Salvatore Bonaccorso writes:
>> Will fix for unstable tomorrow.
Salvatore> Thank you.
>> I'm still trying to understand the practical impact. Do you
>> think you're going to want to issue a DSA for stable?
Salvatore> We were originally thinking so (and
> "Salvatore" == Salvatore Bonaccorso writes:
Salvatore> Hi,
Salvatore> The following vulnerability was published for krb5.
Salvatore> CVE-2022-42898[0]: | integer overflows in PAC parsing
Salvatore> If you fix the vulnerability please also make sure to
Salvatore>
> "Otto" == Otto Kekäläinen writes:
Otto> Instead of manually trying to manage TMPDIR env variable in
Otto> various places, we should have a standardized way to run
Otto> maintainer scripts in clean shell sessions that have all env
Otto> variables set automatically correctly.
> "Yves-Alexis" == Yves-Alexis Perez writes:
Yves-Alexis> I'm not sure other display managers handle the greeters
Yves-Alexis> the same way (running under their own uid and stuff
Yves-Alexis> like that), so I'm unsure if we can really compare
Yves-Alexis> that.
gdm does.
> "Yves-Alexis" == Yves-Alexis Perez writes:
I think we want something there that allows people to get third-party
packages into the pam config.
If common-session isn't going to be good enough, then I guess we'd need
to create something on the PAM side.
But let's explore whether
Hi.
If including common-session will work, I think that's a good improvement
for everyone.
It is closer to best practice, and it means that as PAM profiles are
added over time, they will work for lightdm as well.
Whether that works depends on the architecture of the greeter.
If the greeter has
> "Sean" == Sean Whitton writes:
>>
>> * Who is expected to drive further discussion: the maintainer or
>> the bug submitter
I guess I don't really see how the above is broad.
But let me try and narrow it.
Is the maintainer expected to find a forum and try to build consensus on
> "Mathias" == Mathias Behrle writes:
Mathias> Programming Lang: Python Description : Python bindings for
Mathias> the Stripe API
Yet no where in your description do you describe what stripe is.
I'd recommend that an API description describe what the API is good
for. And I should
> "Russ" == Russ Allbery writes:
Russ> Unfortunately, with this current set of bugs, it seems
Russ> unlikely that we're going to manage to make everyone happy in
Russ> the short term, which means there's going to be a tense period
Russ> where some folks feel strongly that
> "Sean" == Sean Whitton writes:
Sean> - you might be lacking the full context of TC-involving
Sean> discussions over the past few months, but so far as I can see,
Sean> you are asking for us to undo a decision that we only just
Sean> made, which doesn't make sense.
Sean, as
> "Sam" == Sam Morris writes:
Sam> When using a container image that has an older version of some
Sam> of the binary packages from krb5 in it, installing krb5-user
Sam> results in binary packages being installed that are a mix of
Sam> the newer and older version.
Thanks for
>>>>> "Russ" == Russ Allbery writes:
Russ> Sam Hartman writes:
>> I think that hard links in a source package are fine provided
>> that breaking the hard links would not either break the build or
>> provide an unreasonable
> "Bill" == Bill Allombert writes:
Bill> What if the user change their CPU afterward ? This should
Bill> probably be tested at boot time instead.
There was a long thread on debian-devel about the potential issues with
isa-support:
@@ -1,3 +1,10 @@
+krb5 (1.18.3-6+deb11u2) bullseye; urgency=medium
+
+ * Use SHA256 as Pkinit CMS Digest, Closes: #1017995
+
+
+ -- Sam Hartman Tue, 23 Aug 2022 14:49:09 -0600
+
krb5 (1.18.3-6+deb11u1) bullseye; urgency=medium
* Fix KDC null dereference crash on FAST request with no server field
+1,9 @@
+krb5 (1.17-3+deb10u4) buster; urgency=medium
+
+ * Use SHA256 as Pkinit CMS Digest, Closes: #1017995
+
+ -- Sam Hartman Tue, 23 Aug 2022 14:28:40 -0600
+
krb5 (1.17-3+deb10u3) buster; urgency=high
* Fix KDC null dereference crash on FAST request with no server field,
diff --git
package: krb5-pkinit
version: 1.17-3+deb10u3
severity: important
Starting with RHEL9, Redhat updated the CMS digest signature to SHA256
instead of SHA1.
This makes sense after all since SHA1 was deprecated in 2011.
The main effect of this is that older clients will not be able to do
anonymous
roucaries> No the problem is not probing the cpu/cpuinfo...
Well, if the CPU info could be probed from shell, I'd argue that's
better than unpacking a binary.
roucaries> The problem is the base64 encoded binary.
Why is this bad.
I agree that it is esthetically displeasing, but *in
> "Bastien" == Bastien Roucariès writes:
Bastien> I will like to stress that this kind of stuff is bad:
Bastien>
https://salsa.debian.org/debian/isa-support/-/blob/master/debian/altivec-
Bastien> support.preinst.in#L10
How would you do better in that instance?
I think everyone
Package: pipewire-pulse
Version: 0.3.56-1
Severity: normal
Many of the pipewire docs imply that pacmd ought to work even when
pipewire-pulse is running.
Unfortunately, when I run
hartmans@industrial-algebra:~(1)> pacmd info
No PulseAudio daemon running, or not running as session daemon.
Other
[I accidentally sent this as a private reply earlier this morning
before Phil's message.]
TL;DR: you don't have any recourse that is appropriate for this
situation.
All the hammers are bigger than your nail.
> "Andreas" == Andreas Tille writes:
Andreas> Hi folks, before I
In hopes of honoring this request, I just looked at the heimdal sources
in debian. I cannot find evidence of the includedir or include
krb5.conf directives there even in 2022.
Unless I'm missing something I still don't think it makes sense to add
this to Debian without heimdal support.
control: retitle -1 Make krb5-config recommends
control: reassign -1 krb5-user
> "Michael" == Michael Tokarev writes:
Michael> Um. I misfiled this bugreport actually. I started writing
Michael> it against krb5-user and realized the bind9-host dependency
Michael> comes from
Andreas> According to [1], the upstream implicit default of "rdns =
Andreas> true" is there for historical reasons only, and upstream
Andreas> suggests to consider setting it to "false":
Andreas> """ Consider setting rdns to false in order to reduce your
Andreas> dependence on
> "Stephan" == Stephan Verbücheln writes:
Stephan> As far as I understand it, the main point of BabaSSL is to
Stephan> add support for Chinese developed ciphers and algorithms.
It looked like there were two main points.
The first was in fact these ciphers.
I don't think that's a
> "Helmut" == Helmut Grohne writes:
Helmut> Indeed, and I do agree that 4c is such a clear statement. I
Helmut> would like to see a stronger statement here, but Sam et
Helmut> al. tried to gain consensus on that and there wasn't. So the
Helmut> CTTE advice probably shouldn't
> "Adrian" == Adrian Bunk writes:
Adrian> Dear maintainer,
Adrian> I've prepared an NMU for moonshot-trust-router (versioned as
Adrian> 3.5.4+1+nmu1) and uploaded it to DELAYED/2. Please feel free
Adrian> to tell me if I should cancel it.
This NMU looks good to me. Feel
> "Benjamin" == Benjamin Kaduk writes:
Benjamin> I'm pretty sure that changing the master key encryption
Benjamin> type used for new databases has basically no upgrade
Benjamin> considerations and could be "just done". Updating the
Benjamin> encryption type for that key on
> "Matthew" == Matthew Vernon writes:
Matthew> Hi, I thought it might be useful to try and summarize where
Matthew> we are with this bug, which hasn't see much recent activity
Matthew> (not least as there's a TC meeting later...).
I read your summary and agree it is accurate.
> "Holger" == Holger Levsen writes:
Holger> On Mon, May 09, 2022 at 07:16:59PM -0700, Jonathan Nieder wrote:
>> > Even if that consensus does not exist, there is probably
>> consensus > that native packages are a poor match for large
>> packages (because of > the inefficiency
Hi.
I've looked over your report and baffling patch.
This is really strange, and I don't have much to add.
It seems like it might be related to the pathsubst rules in
src/doc/Makefile.in.
But I don't see the build directory getting used there.
> "Russ" == Russ Allbery writes:
Russ> Switching terminology to completely leave behind the terms
Russ> with ambiguous meanings isn't a bad idea, but if so we really
Russ> need a term that captures "is a packaging of an upstream
Russ> software package with a separate
> "Helmut" == Helmut Grohne writes:
Helmut> Hi Russ,
Helmut> On Tue, Mar 15, 2022 at 09:22:09PM -0700, Russ Allbery wrote:
>> > Specifically, I'd like to ask the TC to come up with policy on
>> native > packages and debian revisions using its power under
>> 6.1.1.
>>
Dear TC,
I cannot speak for what Ian wants,
but I would also like to formally ask the TC to rule on this issue.
My hope is that what Ian and I are asking for is similar enough that the
TC can consider the issues together.
Specifically, I'd like to ask the TC to come up with policy on native
> "Ian" == Ian Jackson writes:
Ian> 3. Consequently, declare that the recent MBF on this topic
Ian> ought not to have been filed against packages where simply
Ian> changing the source format does not currently work. That would
Ian> include at least 1.0 native packages with
> "Johannes" == Johannes Schauer Marin Rodrigues writes:
Johannes> Hi Steve, Quoting Johannes Schauer Marin Rodrigues
Johannes> (2021-12-08 10:00:31)
Johannes> Since it has been more than a month without any reply I
Johannes> just uploaded a NMU of pam with the attached
> "Marvin" == Marvin Renich writes:
Marvin> * Niels Thykier [180521 05:29]:
>> As I understood your original mail, it sounded like we expect the
>> service to fail because the user has not configured it yet. I
>> think I am missing the point of having it start automatically
> "Johannes" == Johannes Schauer Marin Rodrigues writes:
Johannes> Hi,
Johannes> our CI runs for the DPKG_ROOT tests failed today because
Johannes> pam FTBFS. I rebuilt pam locally in a fresh sbuild chroot
Johannes> without any modifications and arrived at the same build
Package: debspawn
Version: 0.5.0-1
Severity: serious
Justification: Significant data loss
I used debspawn interact to interactively explore what I needed to do to get a
new upstream package building.
To make that easier, I mounted my source trees and debian working environment
in the
> "Johannes" == Johannes Schauer Marin Rodrigues writes:
Johannes> Control: user debian-d...@lists.debian.org Control:
Johannes> usertag -1 + dpkg-root-support
Johannes> Hi Sam,
Johannes> Quoting Helmut Grohne (2021-09-24 18:14:28)
>> So if you continue refusing our
> "Simon" == Simon McVittie writes:
Simon> It would be great if the pam source package used
Simon> debian/patches/ instead of debian/patches-applied/ for the
Simon> patch series. That would make configuration transferrable
Simon> between pam and other source packages, and
control: tags -1 fixed-upstream
> "Michael" == Michael Banck writes:
Michael> krb5 fails to build with openssl3 from experimental:
It looks like this is fixed in upstream commit 00de1aad7b
I suspect that's probably the patch you attached, but I'm going to take
upstream's fix regardless
>On merged-/usr systems, there is a possible failure mode involving files
>being moved between packages (with Replaces) during the same release
>cycle that their logical location is changed from the root filesystem
>to the corresponding aliased directory in /usr, which can result in
>the
dee3f32b..8d9b0773 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+pam (1.4.0-9+deb11u1) bullseye; urgency=medium
+
+ * Fix syntax error in libpam0g.postinst when a systemd unit fails,
+Closes: #992538
+
+
+ -- Sam Hartman Thu, 26 Aug 2021 13:11:23 -0600
+
pam (1.4.0-9
[Steve, your thoughts welcome]
> "Johannes" == Johannes Schauer Marin Rodrigues writes:
Johannes> Quoting Johannes Schauer Marin Rodrigues (2021-08-28
Johannes> 10:03:49)
>> Unfortunately, only the patch in the original message got applied
>> in 1.4.0-10 but I posted an
> "John" == John Paul Adrian Glaubitz writes:
Description : Parse or serialize any
John> markup format in Python
John> Parse or serialize any markup. Currently supports INI, JSON,
John> JSON5, TOML, XML and YAML.
I'd find it helpful if the description were improved to indicate
> "Simon" == Simon McVittie writes:
Simon> Package: tech-ctte Severity: normal
Simon> As discussed in our last meeting, I think we should issue
Simon> more specific advice about merged-/usr, and in particular
Simon> about what #978636 means for maintainers right now.
I
> "Ole" == Ole Tange writes:
Ole> On Tue, Sep 7, 2021 at 11:06 AM Lucas Nussbaum
wrote:
Ole> :
>> (1) the wording almost requires citation
Ole> I take this as you agree that it does not require
Ole> citation. Also you do not point to how the default behaviour of
> "Tobias" == Tobias Frost writes:
Tobias> as explained earlier: click-wraps are no-no's.
By this dxo you mean
1) clip wraps are incompatible with the DFSG? (I agree only if
something in the license prevents you from removing them)
2) Click wraps are a no-go in something you maintain?
Package: fai-setup-storage
Version: 5.10.3
Severity: normal
Dear Maintainer,
I tried to create a root btrfs filesystem on a logical volume.
setup-storage failed looking up the UUID of /dev/rootvg/root.
It was running blkid to look up the uuid in Fstab.pm before running mkfs.btrfs
with the
dereference crash on FAST request with no server field,
+CVE-2021-37750, Closes: #992607
+ * Fix memory leak in krb5_gss_inquire_cred, Closes: #991140
+
+
+ -- Sam Hartman Sun, 29 Aug 2021 16:23:02 -0600
+
krb5 (1.17-3+deb10u2) buster-security; urgency=high
* Import upstream patch for CVE
: #991140
+
+
+ -- Sam Hartman Sun, 29 Aug 2021 16:38:12 -0600
+
krb5 (1.18.3-6) unstable; urgency=high
* Pull in upstream patch to fix CVE-2021-36222 (KDC NULL dereference),
diff --git
a/debian/patches/0011-Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch
b/debian/patches/0011-Fix-KDC-null
ion of the variable and one slash from the separator in the
code you added.
Please review the following alternate patch hopefully before it makes
its way into testing:
commit b296f47cab5c8d97e2d57ef35694ba8328a9477f
Author: Sam Hartman
Date: Thu Aug 26 14:17:22 2021 -0600
pam-auth-update:
101 - 200 of 1322 matches
Mail list logo