Le 04/08/2019 à 13:25, Pirate Praveen a écrit :
> Package: pkg-js-tools
> version: 0.8.9
> severity: important
>
> Example packages: node-ajv, node-webpack
>
> Currently added an override to remove these.
Fixed in 0.8.10, to be verified
Le 04/08/2019 à 13:25, Pirate Praveen a écrit :
> Package: pkg-js-tools
> version: 0.8.9
> severity: important
>
> Example packages: node-ajv, node-webpack
>
> Currently added an override to remove these.
Logically this files are removed except if they are included in a
debian/nodejs/**/files or
issue.
Cheers,
Xavier
Ben file:
title = "pkg-js-tools";
is_affected = .depends ~ "pkg-js-tools";
is_good = .depends ~ "pkg-js-tools (>= 0.8.[6-9])";
is_bad = .depends ~ "pkg-js-tools";
Le 31/07/2019 à 20:15, Xavier a écrit :
> Le 31/07/2019 à 13:52, Pirate Praveen a écrit :
>> Package: pkg-js-tools
>> Version: 0.8.6
>> Severity: wishlist
>>
>> I was trying to pkg-js-tools auto install option with
>> node-fuzzaldrin-plus but it did not work
Le 31/07/2019 à 13:52, Pirate Praveen a écrit :
> Package: pkg-js-tools
> Version: 0.8.6
> Severity: wishlist
>
> I was trying to pkg-js-tools auto install option with
> node-fuzzaldrin-plus but it did not work as it had libjs-fuzzaldrin-plus
> also as a binary package. The files got copied to deb
Le 31/07/2019 à 10:02, Pirate Praveen a écrit :
> $ apt-file list node-uglifyjs-webpack-plugin
> node-uglifyjs-webpack-plugin:
> /usr/lib/nodejs/uglifyjs-webpack-plugin/dist/index.js
> node-uglifyjs-webpack-plugin:
> /usr/lib/nodejs/uglifyjs-webpack-plugin/lib/post_install.js
> node-uglifyjs-webpac
FWIW, even changing the configuration file as described fails:
root@gitlab:~# fwupdmgr --verbose refresh
failed to update metadata: Failed to parse XML: Mismatched XML
Hello,
I'll start doing this when pkg-js-tools 0.8.* will be in unstable to be
able to do some test in experimental
Cheers,
Xavier
Le 28/07/2019 à 10:01, Pirate Praveen a écrit :
> Package: pkg-js-tools
> Version: 0.8.2
> Severity: grave
>
> Reproducible in node-webpack master.
>
> dh_auto_configure --buildsystem=nodejs
> mkdir node_modules mkdir webpack-cli/node_modules
> ln -s ../eslint-scope node_modules/eslint-scope
> ln
Le 28/07/2019 à 09:17, Pirate Praveen a écrit :
> Package: pkg-js-tools
> Version: 0.8.2
> Severity: important
>
> DEB_BUILD_OPTIONS=nocheck works, but both should be supported. Build
> options don't filter build dependencies so we can't use it when circular
> test only dependencies prevent builds
Le 27/07/2019 à 14:08, Pirate Praveen a écrit :
> Package: npm2deb
> Version: 0.3.0-1
> Severity: wishlist
>
> Currently embedding a module involves updating watch, gbp.conf.
>
> It'd be nice to have "npm2deb embed module@version" option to automate
> this. Watch file should lock it to major v
Package: node-yallist
Version: 3.0.3-1
Severity: important
node-yallist does not install iterator.js which make it partially
unusable. Please fix install.
-- System Information:
Debian Release: bullseye/sid
APT prefers testing
APT policy: (900, 'testing'), (500, 'unstable')
Architecture: amd6
consider taking over its maintenance
> upstream.
>
> Thanks in advance!
>
> Cheers,
Package node-tar is ready in salsa.d.o. It uses pkg-js-tools 0.8.2
(experimental) instead of pkg-components to automatically install
components.
Please review and comment ;-)
Cheers,
Xavier
n/install.
Transition will be easy since new behavior is automatically skipped if
debian/install exists.
Of course any comment is welcome.
Cheers,
Xavier
Le 25/07/2019 à 20:08, Pirate Praveen a écrit :
>
>
> On 2019, ജൂലൈ 25 11:15:50 PM IST, Xavier Guimard wrote:
>> Package: pkg-js-tools
>> Version: 0.8.1
>> Severity: wishlist
>>
>> When using components in node modules, the best way to use them is to
>
Le 25/07/2019 à 19:45, Xavier Guimard a écrit :
> Package: pkg-js-tools
> Version: 0.7
> Severity: wishlist
>
> When using components in node modules, the best way to use them is to
> install them in node_modules/ directory. However, dpkg-source install
> them at the top sou
Package: pkg-js-tools
Version: 0.8.1
Severity: wishlist
When using components in node modules, the best way to use them is to
install them in node_modules/ directory. However, dpkg-source install
them at the top source directory under a directory named by "component"
field value (debian/watch).
T
Control: tags -1 + pending
Hello,
the fix is pending:
https://salsa.debian.org/debian/devscripts/merge_requests/135
(rollup-0.52, rollup-0.67,...) with "alternative" mechanism, then rollup
becomes a virtual package.
Regression fixes: replace rollup build dependency by the good one:
rollup-0.67,...
*
* *
Cheers,
Xavier
Hi,
could you try this diff? It may fix your problem
diff --git a/usr/bin/debi.pl b/usr/bin/debi
index 34af910f..7ce42e9c 100755
--- a/usr/bin/debi
+++ b/usr/bin/debi
@@ -413,17 +413,26 @@ if ($progname eq 'debi') {
my @upgrade = $opt_upgrade ? ('-O') : ();
if ($opt_with_depends) {
Control: tags - moreinfo
Le 22/07/2019 à 01:31, Jonathan Wiltshire a écrit :
> Control: tag -1 moreinfo
>
> Hi,
>
> On Mon, Jul 08, 2019 at 07:04:20AM +0200, Xavier Guimard wrote:
>> Package: release.debian.org
>> Severity: normal
>> Tags: buster
>> User:
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Hi all,
node-mixin-deep is vulnerable to prototype pollution (#932500,
CVE-2019-10746). Here is a proposed update.
Cheers,
Xavier
diff --git a/debian/changelog b/debian/changelog
Le 20/07/2019 à 22:23, Salvatore Bonaccorso a écrit :
> Hi Xavier,
>
> On Sat, Jul 20, 2019 at 05:44:05PM +0200, Xavier wrote:
>> Le 20/07/2019 à 06:32, Paolo Greppi a écrit :
>>> Package: node-mixin-deep
>>> Version: 1.1.3-3
>>> Severity: important
&
Hello,
I patched your debian/copyright:
diff --git a/debian/copyright b/debian/copyright
index de906f3..fe559d4 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -1,9 +1,10 @@
Format:
https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: lodash
212
> https://github.com/jonschlinkert/mixin-deep/issues/6
>
> Please upgrade to either 1.3.2 or 2.0.1.
>
> Thanks, Paolo
Hello,
here is a proposed fix.
Cheers,
Xavier
diff --git a/debian/changelog b/debian/changelog
index 17cb287..74f9154 100644
--- a/debian/changelog
+++ b/debian/cha
Le 20/07/2019 à 06:32, Paolo Greppi a écrit :
> Package: node-mixin-deep
> Version: 1.1.3-3
> Severity: important
>
> Dear Maintainer,
>
> node-mixin-deep 1.1.3-3 is affected by a prototype pollution vulnerability:
> https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212
> https://github.com/jonschlinker
Yes, rainloop is going to be modified soon
Le 19 juillet 2019 17:55:56 GMT+02:00, Luca Falavigna a
écrit :
>tags 931653 moreinfo
>thanks
>
>
>Il giorno lun 8 lug 2019 alle ore 23:09 Xavier Guimard
> ha scritto:
>> This package has no reverse dependencies, so it can s
Package: ftp.debian.org
Severity: normal
node-husl is no more maintained upstream [1]: it has been replaced by
hsluv.
This package has no reverse dependencies, I think it can safely be
removed form Debian archive.
Cheers,
Xavier
[1]: https://www.npmjs.com/package/husl
ter package:
>>
>> #927254: libjs-vue-router: ships node module instead of browser one
>>
>> It has been closed by Xavier Guimard .
>
> It did not solve my problem. Package libjs-vue-router still provides files
> in /usr/share/nodejs:
>
> $ dpkg -L l
Package: wnpp
Severity: wishlist
Owner: Xavier Guimard
* Package name: psl.js
Version : 1.2.0
Upstream Author : Lupo Montero
* URL : https://github.com/lupomontero/psl
* License : Expat
Programming Lang: JavaScript
Description : JavaScript domain name
Debian stable
(https://github.com/xnoumbissinoundou/yeroth-erp-3.0)
* What outcome did you expect instead?
Have a Debian mentor
Xavier NOUMBISSI NOUNDOU, Ph.D. (ABD), Waterloo, ON, 2011
-- System Information:
Debian Release: 9.9
APT prefers oldstable
APT policy: (500
-RM.
Cheers,
Xavier
[1]: https://www.npmjs.com/package/husl
Le 10/07/2019 à 14:40, Pirate Praveen a écrit :
> Package: pkg-js-autopkgtest
> version: 0.8
> severity: serious
>
> autopkgtest_rollup_src.js → autopkgtest_rollup_dest.js...
> (!) Generated an empty bundle
> (!) Unresolved dependencies
> https://github.com/rollup/rollup/wiki/Troubleshooting#treat
Le 09/07/2019 à 21:22, Xavier a écrit :
> Le 09/07/2019 à 11:27, Pirate Praveen a écrit :
>>
>>
>> On 2019, ജൂലൈ 9 2:12:43 PM IST, Xavier wrote:
>>> Hello,
>>>
>>> pkg-js-autopkgtest launches 2 tests:
>>> - a `node -e 'require(&qu
Le 09/07/2019 à 11:27, Pirate Praveen a écrit :
>
>
> On 2019, ജൂലൈ 9 2:12:43 PM IST, Xavier wrote:
>> Hello,
>>
>> pkg-js-autopkgtest launches 2 tests:
>> - a `node -e 'require("package")'
>> - upstream tests on installed files
>&g
Control: severity -1 grave
Le 09/07/2019 à 16:16, Xavier Guimard a écrit :
> Package: node-request-promise
> Version: 4.2.4-1
> Severity: important
>
> Both autopkgtest tests fail with the following message:
>
> 8<
> autopkgte
After more search, the problem is that if /usr/lib/nodejs/duplexer2
isn't cleaned by dpkg, the link isn't created and the
/usr/lib/nodejs/duplexer2 stays empty.
Package: node-request-promise
Version: 4.2.4-1
Severity: important
Both autopkgtest tests fail with the following message:
8<
autopkgtest [16:10:50]: test require: [---
###
### The "request" library is not installed automatically anymore.
### But is a dependen
Package: node-duplexer3
Version: 0.1.4-4
Severity: grave
node-duplexer3 provides node-duplexer2: /usr/lib/nodejs/duplexer2 is a
symblik to /usr/lib/nodejs/duplexer3. Nodejs now looks at package.json
"name" field and refuse to load it:
$ node -e 'require("duplexer2")'
internal/modules/cjs/load
Hello,
pkg-js-autopkgtest launches 2 tests:
- a `node -e 'require("package")'
- upstream tests on installed files
is it enough ?
Package: pkg-js-autopkgtest
Version: 0.5
Severity: important
nodejs packages can install files in /usr/share/nodejs or
/usr/lib/<$DEB_HOST_MULTIARCH>/nodejs while pkg-js-autopkgtest links
only files from /usr/lib/nodejs. This has to be updated
Package: node-json3
Severity: normal
Tags: security upstream
According to https://github.com/bestiejs/json3, node-json3 is no more
maintained and easy to replace by native JSON.parse/JSON.stringify
functions.
A ROM-RM issue is opened (#931653). This one will avoid testing
migration.
Package: ftp.debian.org
Severity: normal
Hi all,
node-json3 is no more maintained according to
https://github.com/bestiejs/json3
This package has no reverse dependencies, so it can safely be removed
from Debian archive.
Cheers,
Xavier
t;=>" in operators list).
Cheers,
Xavier
diff --git a/debian/changelog b/debian/changelog
index d53fc65..531e69b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+libjavascript-beautifier-perl (0.25-1+deb10u1) unstable; urgency=medium
+
+ * Add missing "=>" op
e';
> a.href = url;
> // the filename you want
> a.download = 'z.html';
> document.body.appendChild(a);
> a.click();
> window.URL.revokeObjectURL(url);
> alert('your file has downloaded!');
> }).
> catch(() = >alert('oh no!'
Hi all,
libsass has been updated in testing. I think it is time to close (or at
least decrease) this RC bug.
Cheers,
Xavier
Hi all,
my previous debdiff fixes CVE-2019-13031 (#931117). I'll update
debian/changelog if you agree with this update
Hi all,
I updated my debdiff due to a little security hole discovered in
lemonldap-ng 1.9.x
Cheers,
Xavier
diff --git a/debian/changelog b/debian/changelog
index a1fe37b..e1e20aa 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+lemonldap-ng (1.9.7-3+deb9u2) stretch; urgency
Package: liblemonldap-ng-portal-perl
Version: 1.9.7-3
Severity: normal
Tags: security upstream
Notification server (not enabled by default) allows authorized
administrators to push XML files to notify a message to a user. Due to
#838097, XML::LibXML expands external entities by default. Then an
ad
request to fix it on Bitbucket, hope that it will
be accepted soon.
Best,
Xavier
Hi Norbert,
On Fri, 21 Jun 2019, Xavier Gendre wrote:
This bug can be fixed with:
sed -i -e 's/&/:/'
/usr/share/texlive/texmf-dist/tex/latex/lstaddons/lstlinebgrd.sty
Did you follow the advice specifically added in the bug report template:
In particular, bugs that are
Package: texlive-latex-extra
Version: 2018.20190227-2
Severity: important
Dear Maintainers,
this report is related to what is said in this thread:
https://tex.stackexchange.com/questions/451532/recent-issues-with-lstlinebgrd-package-with-listings-after-the-latters-updates
Due to a modification o
Le 21/06/2019 à 06:04, Pirate Praveen a écrit :
>
>
> On 2019, ജൂൺ 20 5:08:24 PM IST, Xavier wrote:
>> Hello,
>>
>> there is something wrong with your patch:
>> W: node-terser source: binaries-have-file-conflict node-terser
>> uglifyjs.terser usr/lib/nodej
Hello,
there is something wrong with your patch:
W: node-terser source: binaries-have-file-conflict node-terser
uglifyjs.terser usr/lib/nodejs/terser/dist/bundle.js
Your link overrides a regular file
Le 18/06/2019 à 09:56, Xavier a écrit :
> Le 18/06/2019 à 09:46, Xavier a écrit :
>> Le 17/06/2019 à 22:44, Raphael Geissert a écrit :
>>> Package: libapache-session-perl
>>> Version: 1.93-3
>>> Severity: important
>>> Tags: security
>>>
>
Le 18/06/2019 à 09:46, Xavier a écrit :
> Le 17/06/2019 à 22:44, Raphael Geissert a écrit :
>> Package: libapache-session-perl
>> Version: 1.93-3
>> Severity: important
>> Tags: security
>>
>> Hi,
>>
>> As discussed in oss-security[1], libapac
Hi all,
lemonldap-ng is not affected by this issue even if it depends on
Apache::Session: it uses its own
Lemonldap::NG::Common::Apache::Session::Generate::SHA256 which uses
Crypt::URandom instead of rand(). This can be easily backported to
Apache::Session but changes the generated id: SHA256 is longer.
Cheers,
Xavier
Maybe prove parallel execution can help here (--jobs N)
Le 13/06/2019 à 18:34, Xavier a écrit :
> Maybe prove parallel execution can help here (--jobs N)
Sorry, parallel execution is already set
Le 07/06/2019 à 07:08, Xavier Guimard a écrit :
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
>
> Please unblock package cyrus-imapd
>
> Hi all,
>
> Cyrus-Imapd is vulnerable to remote arbit
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Hi all,
node-growl in stretch is vulnerable to #900868 / CVE-2017-16042. I
imported upstream patch and embedded the little shell-escape module.
Cheers,
Xavier
-- System
Hello,
proposed patch can't be applied on stretch package.
debdiff includes also a missing dependency that closes
#872238.
Cheers,
Xavier
unblock cyrus-imapd/3.0.8-6
-- System Information:
Debian Release: 10.0
APT prefers testing
APT policy: (900, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-5-amd6
Le 06/06/2019 à 22:28, Xavier a écrit :
> Le 06/06/2019 à 09:07, Pirate Praveen a écrit :
>>
>>
>> On 2019, ജൂൺ 6 11:00:16 AM IST, Xavier wrote:
>>> My reducejs tool gives a new analysis:
>>> * downgraded modules to embed
>>> - process-nextick-
Le 06/06/2019 à 09:07, Pirate Praveen a écrit :
>
>
> On 2019, ജൂൺ 6 11:00:16 AM IST, Xavier wrote:
>> My reducejs tool gives a new analysis:
>> * downgraded modules to embed
>> - process-nextick-args : 2.0.0 => 1.0.7
>
> This is handled by a patch.
>
Le 05/06/2019 à 22:48, Xavier a écrit :
> Le 03/06/2019 à 22:23, Xavier a écrit :
>> Le 01/06/2019 à 12:14, Pirate Praveen a écrit :
>>> ...
>>> gulp build
>>> [15:37:17] Local modules not found in ~/forge/debian/git/js-team/node-babel
>>> [15:37:17]
Le 03/06/2019 à 22:23, Xavier a écrit :
> Le 01/06/2019 à 12:14, Pirate Praveen a écrit :
>> ...
>> gulp build
>> [15:37:17] Local modules not found in ~/forge/debian/git/js-team/node-babel
>> [15:37:17] Try running: npm install
>> [15:37:17] Using globally i
Le 03/06/2019 à 22:23, Xavier a écrit :
> Le 01/06/2019 à 12:14, Pirate Praveen a écrit :
>> ...
>> gulp build
>> [15:37:17] Local modules not found in ~/forge/debian/git/js-team/node-babel
>> [15:37:17] Try running: npm install
>> [15:37:17] Using globally i
Le 01/06/2019 à 12:14, Pirate Praveen a écrit :
> ...
> gulp build
> [15:37:17] Local modules not found in ~/forge/debian/git/js-team/node-babel
> [15:37:17] Try running: npm install
> [15:37:17] Using globally installed gulp
> [15:37:17] Using gulpfile ~/forge/debian/git/js-team/node-babel/Gulpfil
Package: dante-server
Followup-For: Bug #538008
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
Please disregard my message from june 3 where I wasnt able to start the dante
server.
on a normal vm (ec2) with stable kernel, with sysv-rc, it starts
Package: dante-server
Version: 1.4.2+dfsg-5
Followup-For: Bug #538008
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
configuring dante like this :
/etc/danted.conf :
internal: eth0 port = 1080
external: eth0
We should also amend Debian policy to ban the Emperor of Japan from
abdicating during a freeze ;-)
Control: severity -1 important
Le 28/05/2019 à 00:11, Daniel Drake a écrit :
> Package: node-unicode-12.0.0
> Version: 0~20190414+gitbf518e99-2
>
> node-unicode-data 0~20190414+gitbf518e99-2 was originally built
> successfully and correctly under sid, and then the binaries were
> imported to bust
ow to force a rebuilt of it in Buster.
node-unicode-data should also build-depends on
node-unicode-property-value-aliases >=3.4.0+ds-1.
Cheers,
Xavier
unblock node-unicode-property-value-aliases/3.4.0+ds-1
-- System Information:
Debian Release: 10.0
APT prefers testing
APT policy: (900,
includes a patch that fix
this regression and fix also a little bug fixed also by upstream (do not
push Access-Control-Allow-Origin on Ajax requests).
Discussion on this regression is at the end of #928944 issue.
Cheers,
Xavier
-- System Information:
Debian Release: 10.0
APT prefers testing
APT
Control: tags -1 - moreinfo
Le 23/05/2019 à 22:25, Niels Thykier a écrit :
> Control: tags -1 moreinfo
>
> Xavier Guimard:
>> Package: release.debian.org
>> Severity: normal
>>
>> Hi all,
>>
>> dur to unicode change, 2 nodejs packages require an upd
in
testing-proposed-updates? Packages are tested locally, build +
autopkgtest OK.
Sorry for the inconvenience.
Cheers,
Xavier
-- System Information:
Debian Release: 10.0
APT prefers testing
APT policy: (900, 'testing'), (500, 'testing-proposed-updates'), (500,
'unsta
your work!
Cheers,
Xavier
unblock acorn/5.5.3+ds3-3
-- System Information:
Debian Release: 10.0
APT prefers testing
APT policy: (900, 'testing'), (500, 'testing-proposed-updates'), (500,
'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-4-amd64 (S
Le 21 mai 2019 21:40:35 GMT+02:00, Guilhem Moulin a écrit :
>Hi Xavier,
>
> # Load session data into object
> if ($data) {
>+if ( $self->kind ) {
>+unless ( $data->{_session_kind} eq $self->kind ) {
>+$self-
ld
(tested locally).
Cheers,
Xavier
Le 20/05/2019 à 22:19, Xavier a écrit :
> Hi all,
>
> papi embeds iozone in appio component. This software has been declared
> non-DFSG (https://lists.debian.org/debian-legal/2000/03/msg00024.html
> thread). Removing src/components/appio/tests/iozone in "Files-Excluded"
f it is different than globalStorageOptions. Patch given for 1.9.x can
be applied to 1.4.x series.
Cheers,
Xavier
Le 14/05/2019 à 11:41, Dmitry Bogatov a écrit :
>
> [2019-04-22 09:56] Dmitry Bogatov
>>> Provided files are not node-* ones but recompiled using rollup. Could
>>> you check if Laminar works well with
>>> https://unpkg.com/vue-router@3.0.2/dist/vue-router.js file ? (same
>>> version than in Buste
Package: lshw
Version: 02.18.85-0.1
Severity: normal
Dear Maintainer,
Executing lshw -json prints a json with wrong syntax, making it unusuable.
I tried compiling the software directly from the repository of lshw with the
same results.
The only version that does not fail for me is the one that
Hi all,
Cyrus-info mailing list give us the answer : "addresses" parameter in
vacation scripts is mandatory to make cyrus to react and sends
notifications back.
We checked that and yes it works.
So there is no issue with vacation and sieve scripts pass the upgrade.
Cheers,
Xavier
unblock for cyrus-imapd_3.0.8-5 sent: https://bugs.debian.org/929068
spaces in mailboxes
* Add patches to fix some memory leaks found by code analyser (upstream)
I also added myself to uploaders (package is RFA), since I need it here.
I think I can take maintainance of it, at least during Buster life.
cyrus-imapd has no reverse dependencies.
Cheers,
Xavier
Le 16/05/2019 à 09:50, Anthony Prades a écrit :
> On 5/16/19 9:13 AM, Xavier wrote:
>> Le 16/05/2019 à 06:29, Xavier a écrit :
>>> Le 15/05/2019 à 16:17, Xavier a écrit :
>>>> Le 15/05/2019 à 16:13, Anthony Prades a écrit :
>>>>> On 5/15/19 4:10 PM
Le 16/05/2019 à 06:29, Xavier a écrit :
> Le 15/05/2019 à 16:17, Xavier a écrit :
>> Le 15/05/2019 à 16:13, Anthony Prades a écrit :
>>> On 5/15/19 4:10 PM, Xavier wrote:
>>>> I can't reproduce this exact issue. After the upgrade process (with
>>&g
Le 15/05/2019 à 16:17, Xavier a écrit :
> Le 15/05/2019 à 16:13, Anthony Prades a écrit :
>> On 5/15/19 4:10 PM, Xavier wrote:
>>> I can't reproduce this exact issue. After the upgrade process (with
>>> actual Buster packages), sieve rules are inoperati
Le 15/05/2019 à 19:32, Xavier Guimard a écrit :
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
>
> Please unblock package cyrus-imapd
>
> Hi all,
>
> Buster has currently cyrus-imapd 3.0.8.
d thing to upgrate cyrus-imapd instead of
backporting the majority of these changes.
Diff contains also many documentation updates that have no consequences
on upgrade.
Cheers,
Xavier
unblock cyrus-imapd/3.0.9-1
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT po
Le 15/05/2019 à 16:17, Xavier a écrit :
> Le 15/05/2019 à 16:13, Anthony Prades a écrit :
>> On 5/15/19 4:10 PM, Xavier wrote:
>>> I can't reproduce this exact issue. After the upgrade process (with
>>> actual Buster packages), sieve rules are inoperati
Le 15/05/2019 à 16:13, Anthony Prades a écrit :
> On 5/15/19 4:10 PM, Xavier wrote:
>> I can't reproduce this exact issue. After the upgrade process (with
>> actual Buster packages), sieve rules are inoperative, but lmtpd won't
>> segfault:
>> * Starting w
Le 14/05/2019 à 11:00, Anthony Prades a écrit :
> Already done... Thank you Xavier.
>
> Anthony
>
> On 5/14/19 10:53 AM, Xavier wrote:
>> Le 09/05/2019 à 15:30, Xavier a écrit :
>>> Le 09/05/2019 à 15:13, Anthony Prades a écrit :
>>>> Hi,
>>>
Le 09/05/2019 à 15:30, Xavier a écrit :
> Le 09/05/2019 à 15:13, Anthony Prades a écrit :
>> Hi,
>>
>> I'll add this patch. We use it in production and it works fine.
>>
>> For upgrade steps, what do you think about:
>> https:
lemonldap-ng-portal/t/42-Register-Security.t
* lemonldap-ng-portal/t/77-2F-Mail-with-global-storage.t
lemonldap-ng has no reverse dependencies. Upstream provides more than
9000 unit tests that runs all main features, so I think it low risky to
unblock lemonldap-ng.
Cheers,
Xavier
unblock lemonld
e used to test an existing
2.0.x installation
This issue also affects Ubuntu-19.04 which includes lemonldap-ng_2.0.2+ds-6.
Cheers,
Xavier
Description: Fix for CVE
When CSRF is enabled (default) and tokens are stored in session database
(not default, used for poor load balancers), a shor
Control: tags -1 + patch
Control: forwarded -1
https://salsa.debian.org/mckinstry/modules/merge_requests/4
I've submitted a patch regarding this issue as a merge-request against
the packaging vcs.
Best regards,
Xavier
Control: fixed -1 3.1.1-1
Control: notfound -1 1.7.2+dfsg-3.2
Control: tags -1 confirmed
Le 11/05/2019 à 21:52, Harald Oest a écrit :
> Package: libjs-jquery
> Version: 1.7.2+dfsg-3.2+deb8u6
> Severity: normal
>
> Dear Maintainer,
>
> the minified jquery library ('/usr/share/javascript/jquery/jq
801 - 900 of 2865 matches
Mail list logo