Source: samba
Severity: grave
Tags: security patch
Version: 2:4.1.11+dfsg-1
Hi,
the following vulnerability was published for samba (due to its embedded
copy of heimdal). I checked the build logs for unstable and apparently it
does use this copy (I don't know the status for older releases).
CVE-
Source: heimdal
Severity: grave
Tags: security patch
Version: 1.6~git20120403+dfsg1-2
Hi,
the following vulnerability was published for heimdal.
CVE-2017-11103[0]: MitM attack, impersonation of the Kerberos client, know as
Orpheus Lyre
A dedicated website is here:
https://orpheus-lyre.info/
T
Hello Liang & Michael,
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of spice:
https://security-tracker.debian.org/tracker/CVE-2017-7506
Would you like to take care of this yourself? It looks like a patch
must be available since a jessie
Hi,
On Thu, 06 Jul 2017, Niels Thykier wrote:
> On Thu, 22 Jun 2017 14:45:52 +0200 =?utf-8?q?Rapha=C3=ABl_Hertzog?=
> wrote:
> > Package: lintian
> > Version: 2.5.51
> > Severity: normal
> >
> > lintian complains with testsuite-autopkgtest-missing when debian/control
> > is missing the "Testsuit
Hi,
On Tue, 27 Jun 2017, Cyril Brulebois wrote:
> Anyway, no objection on the patch itself, except for the lack of
> documentation in the changelog. I'm attaching a new debdiff which is a
> bit more descriptive.
Thanks, I updated the changelog in git and I uploaded.
Cheers,
--
Raphaël Hertzog ◈
Hi,
On Tue, 27 Jun 2017, Cyril Brulebois wrote:
> Personally, I find the systemd part a bit touchy, but I'm happy to ACK
> the bash-completion fix on its own. Maybe we could handle this in two
> steps, until the systemd unit situation settles (#865110)?
I consider #865110 to be a minor cleanup th
Control: severity -1 wishlist
On Tue, 27 Jun 2017, Johannes Schauer wrote:
> If you agree, then I will see this bugreport as a feature request to implement
> the following:
>
> Let APT_DISTUPGRADE be a tristate option: 0, 1, 2
>
> In addition to --apt-distupgrade and --no-apt-distupgrade add
> -
On Mon, 26 Jun 2017, Johannes Schauer wrote:
> > Because when I wrote that script, I was probably not aware that
> > --apt-distupgrade was the default.
>
> so does the existence of that option help your use-case somehow?
I modified Kali's build script to pass it, yes. But my request remains.
> >
Hi,
On Mon, 26 Jun 2017, Johannes Schauer wrote:
> > It would because actually I pass "--apt-update --apt-upgrade" but not
> > "--apt-distupgrade" and I have no ~/.sbuildrc.
>
> then why not pass --no-apt-distupgrade?
Because when I wrote that script, I was probably not aware that
--apt-distupgr
Hi,
On Mon, 26 Jun 2017, Johannes Schauer wrote:
> > Then it would make sense to not have APT_DISTUPGRADE=1 by default. Having
> > sbuild refusing to build in that situation is not really helpful either.
>
> Just to make sure I understand you: changing the default would probably not
> fix
> your
Hi,
On Sun, 25 Jun 2017, Johannes Schauer wrote:
> > It happens that the repository that I was using had a broken libc6-dev
> > (until
> > I updated linux-libc-dev to a newer version) but since libc6-dev was already
> > installed in the build chroot, sbuild should be able to build the package
> >
Hi,
On Fri, 23 Jun 2017, Johannes Schauer wrote:
> > Or another solution is possibly to first upgrade build-essential, put it on
> > hold and then run dist-upgrade.
>
> either the subject is not well picked or I'm still misunderstanding the issue
> here. As I understand it, the problem is not tha
Hi,
On Tue, 20 Jun 2017, Michael Biebl wrote:
> You might also consider not hard-coding the path at all, and simply rely
> on PATH being set properly. This should be a safe assumption, especially
> since the binary is now in /bin
The path is not hardcoded anywhere, except in the place where we wa
On Thu, 22 Jun 2017, Grégory DAVID wrote:
>With a simple live-build config,
What is your simple live-build config? Please share your config directory
and/or the command line options that you are using.
Thank you!
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: https://www.freexian
Hello Felix,
On Thu, 22 Jun 2017, Felix Geyer wrote:
> I've prepared a backported patch of the relevant changes from 5.5.5 for
> jessie and stretch.
How did you identify the relevant changes from 5.5.5 given that we
don't have any git repository and that we don't have access to the
previous rele
On Thu, 22 Jun 2017, Raphaël Hertzog wrote:
> lintian complains with testsuite-autopkgtest-missing when debian/control
> is missing the "Testsuite" field but that field is usually not present
> in the unpacked source package because it is automatically added by
> dpkg-source to the .dsc when it fin
Hello Gunnar,
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of drupal7:
https://security-tracker.debian.org/tracker/CVE-2017-6922
Would you like to take care of this yourself?
If yes, please follow the workflow we have defined here:
http
Hello Matt,
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of check-mk:
https://security-tracker.debian.org/tracker/CVE-2017-9781
Would you like to take care of this yourself?
The code in wheezy is different from the 1.4.x version which h
On Tue, 20 Jun 2017, Stuart Prescott wrote:
> This bug was filed precisely because I got sick of the problems this leads to
> on a daily basis and debian-handbook was indicated as the source of the
> configuration. "WFM" is somewhat beyond annoying in that circumstance.
If you get such support p
Hi,
On Tue, 20 Jun 2017, Stuart Prescott wrote:
> before filing bugs, I would normally check to see if they are already
> fixed in the VCS and look for a 'contributing' section to see if there
> are any requests for the mode of interaction.
>
> I can't find either within debian-handbook -- there
On Mon, 19 Jun 2017, Michael Biebl wrote:
> Given that, I wonder if a stable upload is actually still needed.
The stable upload also fixes the bash completion file and fixes
the dependencies of the service file to not depend on the systemd version
of $network in the LSB dependencies.
Cheers,
--
[ Putting Aurélion in copy since he's the one who requested this service
file ]
On Sun, 18 Jun 2017, Michael Biebl wrote:
> Am 17.06.2017 um 22:27 schrieb Michael Biebl:
>
> > For that create a file
> > /lib/systemd/system/schroot.service.d/timeout.conf (feel free to choose
> > a better name), co
Hello Michael,
On Sat, 17 Jun 2017, Michael Biebl wrote:
> I would suggest to simply ship a drop-in snippet for schroot, which sets
> the Type and Timeout.
Thanks for the suggestion but I'll skip it. This is what I would have
expected DSA to do if I had not shipped a systemd service unit. But now
Hi Julien,
On Sat, 17 Jun 2017, Julien Cristau wrote:
> > Re-purposing the bug to that end. Let me know when you are happy with an
> > upload to stretch.
>
> The d/rules change means I'd like to see a binary debdiff
> (--controlfiles ALL).
Here it is:
[The following lists of changes regard file
Control: tag -1 + pending
Hello Daniel,
On Wed, 07 Jun 2017, Daniel Reichelt wrote:
> The duplication was introduced by [3] and is fixed by this patch to read
>
> 8<-
> cp -a /bin/live-boot "${DESTDIR}/bin"
> >8-
Ap
Control: forwarded -1 https://bugzilla.redhat.com/show_bug.cgi?id=1461681
Hi Petter,
On Mon, 12 Jun 2017, Petter Reinholdtsen wrote:
> translated. I thus believe publican should make sure to include the
> content in POT files for translators to update. :)
I forwarded your request to upstream.
Hello,
On Sat, 27 May 2017, Matthew Donnelly wrote:
> I have been browsing through The Debian Administrator's Handbook and noticed
> that there is no section describing how to configure wireless from the command
> line. This was a major struggle when I first used Debian, and I would like to
> writ
Control: tag -1 + pending
On Fri, 10 Jun 2016, helix84 wrote:
> The "8.8.3. GRUB 2 Configuration" section mentions the
> /etc/grub.d/50_custom file. The actual file in Jessie is called
> /etc/grub.d/40_custom, as can be seen here:
Thanks for the report, fixed in git for the stretch version of the
Control: tag -1 + pending
On Sat, 16 Jan 2016, Tiago Ilieve wrote:
> There was a small typo at the "6.4.1 aptitude" section. Where it says
> "note than" actually should be "note that".
>
> I'm attaching a patch created from "jessie/master" as today (6709b9b).
Thanks, applied in my git checkout.
Control: retitle -1 stretch-pu: schroot/1.6.10-3+deb9u1
Control: tag -1 + stretch
Control: user release.debian@packages.debian.org
Control: usertags -1 = pu
On Tue, 06 Jun 2017, Jonathan Wiltshire wrote:
> > - the completion code is completely broken (#855283)
> > - a member of the DSA team as
Control: tag -1 + pending
On Wed, 07 Jun 2017, Daniel Reichelt wrote:
> the attached patch streamlines the missing keyboard shortcut "A" for the
> "Advanced options" entry in the syslinux-based boot menu configs.
Thanks, committed to git.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support D
Control: severity -1 wishlist
On Thu, 08 Jun 2017, Yongmin H. wrote:
> For now, tracker.debian.org does not let user change the email address
> for login. It would be great if I could change it.
But you can add a supplementary email address to your account and then you
should be able to login wit
Control: tag -1 - moreinfo
Just a ping since Laurent already provided the extra information
in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861926#19
It's about https://security-tracker.debian.org/tracker/CVE-2017-6100
We agreed with the security team to fix it through jessie-pu, cf
https://
Hi,
On Tue, 30 May 2017, Senthil Kumaran S wrote:
> I tested the new version ie., test2 and got a traceback as shown here -
> File "/usr/lib/python2.7/dist-packages/django/db/migrations/state.py",
> line 249, in __init__
> raise ValueError("\n".join(error.msg for error in errors))
> ValueErr
On Mon, 13 Feb 2017, Brian May wrote:
> > 'six': ('https://pythonhosted.org/six/', None),
> As far as I can tell, this documentation isn't packaged in Debian.
It has been available in Debian for quite some time. Do you feel like
handling this bug now?
Cheers,
--
Raphaël Hertzog ◈ Debian De
On Tue, 30 May 2017, Senthil Kumaran S wrote:
> I tested the patch with lava-server, which ended up with a traceback as
> seen here - http://paste.debian.net/952276/
Thanks, can you try again with another test version ?
$ dget
https://people.debian.org/~hertzog/packages/python-django_1.10.7-2~tes
On Mon, 29 May 2017, Raphael Hertzog wrote:
> Updated patches attached, I missed to update some tests to account
> for the move of the detect_soft_applied() method.
Third set of patches, this time the package builds fine at least.
Which means you can just test this package and let me know
On Mon, 29 May 2017, Raphael Hertzog wrote:
> Option 4. Fix Django 1.10 with the attached patches.
Updated patches attached, I missed to update some tests to account
for the move of the detect_soft_applied() method.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: ht
On Mon, 29 May 2017, Brian May wrote:
> Otherwise, I think we have three options. I recommend reading the Django
> ticket in full before deciding.
[…]
> 1. Apply work around from
> https://code.djangoproject.com/ticket/28250#comment:1 by manually
[…]
> 2. Remove migration from postinst, and give i
On Wed, 24 May 2017, Michael Stapelberg wrote:
> Thanks for the feedback. Any suggestions as to how the script should be
> called, and which options it should have, if any?
In my case, I believe that we should have a cron job/systemd timer that
updates the chroot each week and that cron job could
Source: nss
Version: 2:3.26-1
X-Debbugs-CC: t...@security.debian.org
secure-testing-t...@lists.alioth.debian.org
Severity: important
Tags: security patch upstream
Control: fixed -1 2:3.30-1
Hi,
the following vulnerabilities were published for nss.
CVE-2017-5461[0]:
| Mozilla Network Security Se
Hello,
On Sat, 13 May 2017, Andreas Hoenen wrote:
> Do you have a minimal example exposing the problem? That would help in
> evaluating it.
Yes. Attached (test.xml the source, test.pdf the result of "dblatex
test.xml"). As you see we lost spaces in and . All
tags processed by inline.monoseq / i
Hi Paul,
On Sat, 06 May 2017, Paul Wise wrote:
> Changing default timer values (Manual tab in configuration) or adding,
> changing or removing presets (Presets tab in configuration) does not
> change the menu in the GNOME shell until the shell is restarted.
Is this a regression compared to former
Hi,
On Thu, 04 May 2017, Paul Wise wrote:
> Reconfirm the involvement of these representatives:
> SchoolForge (representatives: Ben Armstrong*, Raphaël Hertzog)
You can drop me as representative here, I did not even remember that
I accepted to be a reprensative in that organization. I haven't
don
On Sat, 07 Jan 2017, Salvatore Bonaccorso wrote:
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
If you want to fix this for jessie, you should start with the patch
from the 15.08 branch and it should be eas
On Tue, 18 Apr 2017, Moritz Mühlenhoff wrote:
> > Moritz/Salvatore, do you want this in jessie-proposed-updates or in
> > jessie-security?
>
> Please fix these via the upcoming jessie point update.
Ok.
Laurent, can you file a bug against "release.debian.org" to ask for
permission to upload a sta
Hello everybody,
On Sat, 14 Jan 2017, Moritz Mühlenhoff wrote:
> > The upstream bug is now public:
> > https://sourceforge.net/p/tcpdf/bugs/1005/
>
> Since K_TCPDF_CALLS_IN_HTML defaults to true in jessie, we should fix
> this in jessie.
>
> Could someone of the maintainers prepare an update?
L
On Thu, 13 Apr 2017, Marco d'Itri wrote:
> On Apr 11, Raphael Hertzog wrote:
>
> > Why aren't you providing openbsd-inetd.service as the real file and
> > inetd.service as a symlink ?
> Because naming the init script "openbsd-inetd" was an historical
>
On Tue, 11 Apr 2017, Marco d'Itri wrote:
> On Apr 11, Niels Thykier wrote:
>
> > Are there any updates on this bug? If not, then we will be inclined to
> I do not think that there is anything I can or should do in
> openbsd-inetd: the bug should either be closed or downgraded.
Why aren't you p
Control: tag -1 + patch
On Thu, 06 Apr 2017, Salvatore Bonaccorso wrote:
> CVE-2017-5951[0]:
[...]
> As per 2017-04-06 there is no upstream fix yet for this issue.
Upstream published a patch:
http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=bfa6b2ec
Cheers,
--
Raphaël Hertz
Hi,
On Mon, 03 Apr 2017, Salvatore Bonaccorso wrote:
> CVE-2016-10209[0]:
> | The archive_wstring_append_from_mbs function in archive_string.c in
> | libarchive 3.2.2 allows remote attackers to cause a denial of service
> | (NULL pointer dereference and application crash) via a crafted archive
> |
On Mon, 27 Mar 2017, Thibaut Paumard wrote:
> Thanks for the pointer. Just out of curiosity, do you intend on using
> the blends framework for the pkg-security team?
This is not part of any current plan but I have no objection if someone
wants to do the required work.
> If you have pointers about
Hi,
On Sat, 25 Mar 2017, Thibaut Paumard wrote:
> I'm not sure of the benefit for the project of shipping this,
This is a tool that is shipped in Kali Linux, a Debian derivative and we
are trying to merge back packages useful for penetration testers into
Debian. The benefit is clear for that cat
Source: libxslt
Severity: important
Tags: security patch
Hi,
the following vulnerability was published for libxslt. The issue can be
exploited to trigger an out of bounds write on 64-bit systems.
CVE-2017-5029[0]:
Integer overflow in xsltAddTextString
If you fix the vulnerability please also ma
On Wed, 08 Mar 2017, Andreas Beckmann wrote:
> during a test with piuparts I noticed your package ships (or creates)
> a broken symlink.
[...]
> /usr/share/live/build/bootloaders/extlinux/hdt.c32 ->
> /usr/lib/syslinux/modules/bios/hdt.c32
>
> Are you missing a Depends/Recommends/Suggests?
Not
On Tue, 14 Mar 2017, anatoly techtonik wrote:
> Git is not linked to Debian bugtracker to reference and close bugs
> automatically, isn't it?
There's no general rule but this repository has no such integration (most
packaging repository use some integration that parses debian/changelog
but here it
Control: severity -1 important
On Tue, 14 Mar 2017, Raphael Hertzog wrote:
> I also see this for any fresh stretch install where I select the French
> keyboard layout. On first start, the greeting screen (handled by
> gnome-shell AFAIK) uses a default US/qwerty layout and the layout sele
Control: severity -1 serious
Control: affects -1 gnome-shell
I also see this for any fresh stretch install where I select the French
keyboard layout. On first start, the greeting screen (handled by
gnome-shell AFAIK) uses a default US/qwerty layout and the layout selected
at installation time is o
[ ccing Petter for his input on isenkram at the end ]
Hello,
On Mon, 06 Mar 2017, Philipp wrote:
> Firstly, I just want to let you know that I already tried to contact some
> Kali/Debian developers privately (via mail, for instance the dev rhertzog
> which seems to be active and somehow related t
Hi,
On Wed, 15 Feb 2017, Robert Luberda wrote:
> > While investigating, I discovered that the "debconf" Python module is
> > provided by "debconf" but not by "cdebconf" and thus your generic dependency
>
> But cdebconf depends on debconf, at least in Debian. Did Kali remove
> this dependency?
N
On Mon, 09 Jan 2017, Sophie Brun wrote:
> AttributeError: 'BitEnumField' object has no attribute 'names'
[...]
> Consider joining the pkg-security team, we could co-maintain pyrit there:
> https://wiki.debian.org/Teams/pkg-security
Hello Christian,
you haven't replied to this bug in more than a m
On Fri, 27 Jan 2017, Matthias Geerdsen wrote:
> > The full upload is available:
> > $ dget
> > https://people.debian.org/~hertzog/packages/tiff3_3.9.6-11+deb7u3_amd64.changes
>
> I took your patched libtiff4 and tested several images and compression
> schemes using ImageMagick and GraphicsMagick
On Mon, 30 Jan 2017, Brian May wrote:
> Help in fixing this RC bug would be appreciated. I have forwarded this
> upstream, however need a quick fix for the Debian package (not sure but
> suspect it might be too late for stretch).
>
> Unfortunately, not sure where to start. I don't understand this
On Thu, 26 Jan 2017, Raphael Hertzog wrote:
> This code thus assumes that the list ok known tags only contains a single
> tag per unique fip->field_bit and this is no no longer the case with
> the patches we added:
> - CVE-2014-8128-5-fixed.patch
> - CVE-2016-5318_CVE-2015-7554.
On Thu, 26 Jan 2017, Raphael Hertzog wrote:
> But I have currently no idea of what the problem really is. And upstream
> has not yet merge any similar change to what we have done. At least
> https://github.com/vadz/libtiff/blob/master/libtiff/tif_dirinfo.c shows
> neither PREDICTOR nor
Hello Matthias,
On Thu, 26 Jan 2017, Matthias Geerdsen wrote:
> we noticed a possible regression in an update to libtiff4 which leads to
> corrupted image files when using ImageMagick/GraphicsMagick mogrify
> command to apply jpeg compression to a tiff image. I have shortly
> described the problem
On Fri, 13 Jan 2017, Daniel Shahaf wrote:
> Could Debian patches be indexed by their DEP-3 "Forwarded" state.
As a reminder, the value of the "Forwarded" state can also be implicit
depending on other fields. So a plain copy of the field is not sufficient,
you would have to parse "Origin" and "Bug"
Hello,
On Sun, 19 Jun 2016, Eugenio 'g7' Paolantonio wrote:
> The After=local-fs.target rule introduced in commit 63ab809 made systemd
> go in timeout while waiting for the local-fs target to be reached.
>
> This is due to the fact that the Before= rule in the live-config unit
> prevents the star
Hi,
On Sun, 13 Nov 2016, Ronny Standtke wrote:
> Package: live-boot
> Version: 1:20160511
> Severity: normal
>
> If a preferred medium (device or medium type) is given with the
> live-media parameter then waiting for the timeout to expire before
> scanning for these devices is not necessary. Just
Hi everybody,
On Thu, 05 Jan 2017, Raphael Hertzog wrote:
> CCing upstream author for confirmation. Nicola we are trying to understand
> what security fix went into tcpdf 6.2.0. The bug is private on
> sourceforge, could you make it public now?
The upstream bug is now publ
Version: 1.6.10-3
Hello,
I'm not sure everybody had the same underlying problem in this
bug report but I just uploaded 1.6.10-3 which fixes multiple
problems that could make the cleanup process fail.
If you still have problem on a stretch system with that schroot version,
feel free to open a new
Control: forcemerge 728096 -1
On Tue, 11 Aug 2015, Raphael Hertzog wrote:
> Weirdly this does not happen with all chroots. The problematic one
> is based on Debian Wheezy. One based on jessie is fine.
The problem is the same than in #728096.
The host has this:
# ls -ld /dev/shm /r
Control: tag -1 + moreinfo
Hi,
On Mon, 03 Aug 2015, Johannes Schauer wrote:
> recently, when using sbuild, I noticed that I could not build anything
> anymore because I got the error:
>
> Can't open /dev/null: Permission denied
Can you still reproduce that?
> I created the schroot just b
Hello efkin,
I wish you a happy new year!
I have not looked at your changes yet but I just want to reply to two of
your comments.
On Sun, 18 Dec 2016, efkin wrote:
> > Copyright 2016 only for new code. :) Applies on all files.
>
> I didn't get this bit, so i just dropped it. It can be an additi
Control: tag -1 + confirmed newcomer
Hi,
On Fri, 06 Jan 2017, Daniel Dehennin wrote:
> Package: tracker.debian.org
> Severity: normal
>
> I figure out that the link is broken:
>
> http://httpredir.debian.org/debian/pool/updates/main/s/squid3/squid3_3.4.8-6+deb8u4.dsc
>
> It should be
>
On Thu, 05 Jan 2017, Santiago Vila wrote:
> It depends. My goal is to build 25000 source packages in a row and have
> 0.5 failures on average in total (i.e. closer to 0 than to 1).
>
> If we have 50 packages which FTBFS randomly, they should fail less
> than 1% on average.
>
> One week every 4 ye
Hi Helmut,
On Tue, 03 Jan 2017, Helmut Grohne wrote:
> No, because using binutils-multiarch is broken. Whenever a new
> architecture is brought up, binutils-multiarch lacks support for it.
Ok, that makes sense.
> > That would let us use objdump to inspect any library and let
> > dpkg-shlibdeps f
Hi,
CCing upstream author for confirmation. Nicola we are trying to understand
what security fix went into tcpdf 6.2.0. The bug is private on
sourceforge, could you make it public now?
For more details see: https://bugs.debian.org/814030
On Wed, 04 Jan 2017, David Prévot wrote:
> >> Can you cont
Control: severity -1 normal
This problem is not reproducible on all systems and the bug reporter
did not respond to initial queries in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841447#12
so there's no reason to keep this bug at a release critical severity.
Cheers,
--
Raphaël Hertzog ◈ De
Hi Marco,
On Mon, 26 Dec 2016, Marco d'Itri wrote:
> On Apr 10, Michael Biebl wrote:
>
> > Ideally, the .service file name and sysv init script do match.
> > If that is not the case, because upstream chose a different name, my
> > recommendation is to create a symlink and ship that statically in
Hi Helmut,
On Mon, 02 Jan 2017, Helmut Grohne wrote:
> while working on #843073, we agreed to merge Raphaël's patch on the
> provision that we would revert it if it causes breakage. Unfortunately,
> that actually happened. It breaks build cross compilers (stage3):
>
> https://jenkins.debian.net/j
On Sun, 01 Jan 2017, Scott Kitterman wrote:
> I've been looking at this some more and while I agree we need to do
> something to control multiple instances, I think for single instance
> having to use postfix@- is both surprising and suboptimal.
>
> If you have an input on how we can use postfix f
On Sat, 31 Dec 2016, Russ Allbery wrote:
> These all look good to me. Seconded (and quoted below for the convenience
> of others who may want to review and second).
Seconded.
>
> > From 0bc030c417adfa7ca50944c918101dd9ce62bebb Mon Sep 17 00:00:00 2001
> > From: Guillem Jover
> > Date: Fri, 24
On Sat, 31 Dec 2016, Russ Allbery wrote:
> > The list and descriptions:
>
> > virtual-mysql-client - A MySQL database compatible client package
> > virtual-mysql-client-core- A MySQL database compatible client core
> > package
> > virtual-mysql-server - A MySQL database compat
On Sat, 31 Dec 2016, Russ Allbery wrote:
> >>[…]
> >>
> >>The first paragraph of the control file contains information about the
> >>source package in general. The subsequent sets each describe a binary
> >>package that the source tree builds. All the binary packages have a
> >>corresponding paragr
On Sat, 31 Dec 2016, Russ Allbery wrote:
> Looks reasonable to me. Seconded.
Seconded.
>
> > diff --git a/policy.sgml b/policy.sgml
> > index 404dc73..421e0d1 100644
> > --- a/policy.sgml
> > +++ b/policy.sgml
> > @@ -10699,6 +10699,18 @@ END-INFO-DIR-ENTRY
> >
> >
> >
> > + If
Hi Scott,
On Fri, 30 Dec 2016, Scott Kitterman wrote:
> Since you provided the original postfix service file, would you please review
> the proposed change in the cc'ed bug:
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849584
>
> and let us know what you think about the change.
It loo
On Sat, 24 Dec 2016, Cyril Brulebois wrote:
> So I've just looked at the proposed changes, and adding a prompt at this
> point is not an option: we're changing logic during the freeze, and
> adding translatable material (not the kind of hidden stuff that might
> happen with obscure preseeding value
On Fri, 23 Dec 2016, Joseph Herlant wrote:
> I removed the GPL v1 license additions and put all the license owners
> for GPL and GPL-2 under the same paragraph.
> I pushed it to git and mentors and re-tagged.
Uploaded.
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: http://www.freexia
On Wed, 21 Dec 2016, Ole Streicher wrote:
> I am quoting popcon here since they give a lower estimate of the number
> of users who actually did the test. Nothing more. Nothing about importance.
It gives an estimate of users who ran debootstrap and got the package
installed. It does not give an est
On Fri, 23 Dec 2016, Joseph Herlant wrote:
> Hi Raphael,
>
> Thanks a lot for the upload. Unfortunately there were misses in the
> copyright file.
> I fixed that, retagged and pushed to the git repo and to mentors.
> Let me know if you find anything else that need to be fixed.
Yes, I think you we
On Thu, 22 Dec 2016, Johannes Schauer wrote:
> what do you think about the following patch? Would it solve this bug?
Yes. A few improvements:
> --- a/man/sbuild.1.in
> +++ b/man/sbuild.1.in
> @@ -539,6 +539,10 @@ ARCH -- no source changes\[rq]. Please note that the
> versions in the
> \fIPACKAG
Hi,
On Tue, 20 Dec 2016, Joseph Herlant wrote:
> > Here when I review 7a7b6fa57981a1ff081c5ec0579ce65191162c82 I don't want
> > to see so many changes on debian/asciidoc.install. I want only the vim
> > line dropped and see it added in the new package.
>
> Sorry about that. I'm not able to split
On Thu, 22 Dec 2016, Johannes Schauer wrote:
> > Maybe you can enhance the description of --make-binNMU to say that when
> > you need full control on the generated version number, you should use
> > --append-to-version without --make-binNMU and that in that case the text of
> > the changelog entry
Hi Johannes,
On Thu, 22 Dec 2016, Johannes Schauer wrote:
> > Maybe it can be smart and if the parameter to --binNMU-version contains
> > (or starts with?) non-digits, then it should assume that it's the full
> > bin-NMU suffix that is passed.
>
> what do you want to do that the --append-to-versi
Hi,
On Mon, 19 Dec 2016, Joseph Herlant wrote:
> I migrated the package from dpatch to quilt and cut the tag.
> I don't know if you prefer to work directly from the repo or from
> mentors, so I uploaded it to mentors too:
> https://mentors.debian.net/package/asciidoc
> Any feedback appreciated.
I
Hi Joseph,
On Mon, 19 Dec 2016, Joseph Herlant wrote:
> @Alexander, @Fredrik, if you don't have time, do you mind if I ask to
> Vincent or Raphael if they can have a look and maybe review the
> package changed that happened since last upload in 2014?
I can sponsor the package but given that Alexa
Hi,
A small correction to the last patch is needed.
On Sat, 28 Nov 2015, Guido Günther wrote:
> +override_dh_auto_test:
> + # Create .chk files for FIPS mode tests
> + $(foreach lib,libsoftokn3.so libfreebl3.so libnssdbm3.so, \
> + $(call cmd,cd $(DISTDIR)/lib; LD_LIBRARY_PATH=$(DIS
Hi,
On Wed, 14 Dec 2016, efkin wrote:
> I decided to keep DRF 2.4.3. But i'm happy to change it if you prefer.
> I have no big reasons to prefer one or the other one, so i fallback on
> the fact that if it's on stable i go for it.
stretch is coming in a few months and we are not using Django from
Hi,
On Wed, 14 Dec 2016, efkin wrote:
> thx for detailed answers. i'm attaching a new set of patches trying to
> include what we discussed.
Ok. A few easy comments:
> Subject: [PATCH 1/3] Include rest_framework dependency
[...]
> --- a/docs/setup/setup.rst
> +++ b/docs/setup/setup.rst
> @@ -15,6
601 - 700 of 4222 matches
Mail list logo