Bug#863348: dput: please use ftp.security.upload.debian.org for security uploads

2017-05-28 Thread Julien Cristau 
On Sun, May 28, 2017 at 18:20:15 +1000, Ben Finney wrote:

> On 26-May-2017, Julien Cristau wrote:
> 
> > Oh, and it would be good to have this change in stretch so we can
> > move the upload queue sooner. This might mean a stable update in the
> > first point release if the change doesn't make it in time for 9.0.
> 
> Okay, so to which suite – “experimental” or “unstable” – should I
> target a release fixing this issue?
> 
Unstable.

> Do I need to ask for special dispensation from the release team to get
> this into Stretch? Or should we just leave it as a typical upload?
> 
Yes, you'd need a freeze exception to get this in stretch.

Cheers,
Julien

Bug#863348: dput: please use ftp.security.upload.debian.org for security uploads

2017-05-28 Thread Ben Finney 
On 26-May-2017, Julien Cristau wrote:

> Oh, and it would be good to have this change in stretch so we can
> move the upload queue sooner. This might mean a stable update in the
> first point release if the change doesn't make it in time for 9.0.

Okay, so to which suite – “experimental” or “unstable” – should I
target a release fixing this issue?

Do I need to ask for special dispensation from the release team to get
this into Stretch? Or should we just leave it as a typical upload?

-- 
 \“The whole area of [treating source code as intellectual |
  `\property] is almost assuring a customer that you are not going |
_o__)   to do any innovation in the future.” —Gary Barnett |
Ben Finney 


signature.asc
Description: PGP signature

Bug#863348: dput: please use ftp.security.upload.debian.org for security uploads

2017-05-26 Thread Julien Cristau 
On Fri, May 26, 2017 at 21:57:13 +0200, Julien Cristau wrote:

> On Fri, May 26, 2017 at 10:33:58 +1000, Ben Finney wrote:
> 
> > The only change from the current default is that the ‘fqdn’ value is
> > now “ftp.security.upload.debian.org” for both sections.
> > 
> > Is that right?
> > 
> Correct.
> 
Oh, and it would be good to have this change in stretch so we can move
the upload queue sooner.  This might mean a stable update in the first
point release if the change doesn't make it in time for 9.0.

Cheers,
Julien

Bug#863348: dput: please use ftp.security.upload.debian.org for security uploads

2017-05-26 Thread Julien Cristau 
On Fri, May 26, 2017 at 10:33:58 +1000, Ben Finney wrote:

> On 25-May-2017, Ansgar Burchardt wrote:
> 
> > So please update the default dput.cf to upload security uploads to
> > ftp.security.upload.debian.org instead of directory to
> > security-master.debian.org.
> 
> Thank you for the explanation.
> 
Please Cc the submitter if you want them to see your followup questions
:)

> If I understand correctly, to resolve this bug, the default ‘dput’
> configuration should be changed to have these sections:
> 
> =
> [security-master]
> fqdn  = ftp.security.upload.debian.org
> method= ftp
> incoming  = /pub/SecurityUploadQueue
> login = anonymous
> allow_dcut= 1
> # This has been added at the request of the security team.
> # Please be sure to know what you are doing before taking it out.
> pre_upload_command= /usr/share/dput/helper/security-warning
> 
> [security-master-unembargoed]
> fqdn  = ftp.security.upload.debian.org
> method= ftp
> incoming  = /pub/OpenSecurityUploadQueue
> login = anonymous
> allow_dcut= 1
> # This has been added at the request of the security team.
> # Please be sure to know what you are doing before taking it out.
> pre_upload_command= /usr/share/dput/helper/security-warning
> =
> 
> The only change from the current default is that the ‘fqdn’ value is
> now “ftp.security.upload.debian.org” for both sections.
> 
> Is that right?
> 
Correct.

Cheers,
Julien

Bug#863348: dput: please use ftp.security.upload.debian.org for security uploads

2017-05-25 Thread Ben Finney 
On 25-May-2017, Ansgar Burchardt wrote:

> So please update the default dput.cf to upload security uploads to
> ftp.security.upload.debian.org instead of directory to
> security-master.debian.org.

Thank you for the explanation.

If I understand correctly, to resolve this bug, the default ‘dput’
configuration should be changed to have these sections:

=
[security-master]
fqdn= ftp.security.upload.debian.org
method  = ftp
incoming= /pub/SecurityUploadQueue
login   = anonymous
allow_dcut  = 1
# This has been added at the request of the security team.
# Please be sure to know what you are doing before taking it out.
pre_upload_command  = /usr/share/dput/helper/security-warning

[security-master-unembargoed]
fqdn= ftp.security.upload.debian.org
method  = ftp
incoming= /pub/OpenSecurityUploadQueue
login   = anonymous
allow_dcut  = 1
# This has been added at the request of the security team.
# Please be sure to know what you are doing before taking it out.
pre_upload_command  = /usr/share/dput/helper/security-warning
=

The only change from the current default is that the ‘fqdn’ value is
now “ftp.security.upload.debian.org” for both sections.

Is that right?

-- 
 \ “Under democracy one party always devotes its chief energies to |
  `\   trying to prove that the other party is unfit to rule — and |
_o__) both commonly succeed, and are right.” —Henry L. Mencken |
Ben Finney 


signature.asc
Description: PGP signature

Bug#863348: dput: please use ftp.security.upload.debian.org for security uploads

2017-05-25 Thread Ansgar Burchardt 
Package: dput
Version: 0.9.6.4
Severity: important

Some time ago we moved the upload queues away from ftp-master.d.o to
ftp.upload.d.o.  This allowed us to no longer run ftpd directly on
ftp-master.

The same will hopefully happen to security-master: eventually
security-master will no longer run a ftpd, but uploads will go via a
separate host.  For this to work, we will need tools to upload to
ftp.security.upload.debian.org (currently an alias for
security-master).

So please update the default dput.cf to upload security uploads to
ftp.security.upload.debian.org instead of directory to
security-master.debian.org.

Ansgar