Package: uw-imapd
Version: 7:2002edebian1-13.1+etch1
Severity: important
The uw-imapd package Conflicts: with the virtual package
imap-server. I am attempting to migrate IMAP servers right now, and
this is preventing me from having dovecot-imapd and uw-imapd installed
concurrently.
As far as I
Package: pidgin
Version: 2.4.3-4lenny6
Severity: important
Since DSA-2038-1, pidgin no longer has support for the Zephyr protocol. It's
absent from the Protocols menu when adding an account, and existing Zephyr
accounts no longer work. There is no mention of removing Zephyr support in
On Sun, 18 Aug 2013 19:35:15 +0200
Arthur de Jong adej...@debian.org wrote:
An alternative solution would be to also return shadow information to
non-root users but leave out the password hashes. This is what pynslcd
in experimental currently does.
I *think* that is reasonable and don't see
Package: t1-xfree86-nonfree
Version: 4.2.1-3.1
Severity: grave
Tags: patch
Justification: renders package unusable
Dear Maintainer,
This package does not install any symlinks for its font files in
/usr/share/fonts/X11/Type1/, rendering the fonts completely unusable
in X11. This bug was
Package: libswiften-dev
Version: 2.0~beta1+dev47-1
Severity: normal
Dear Maintainer,
libswiften-dev lacks dependencies on the -dev packages that it needs.
Consequentially, if you try to compile code that uses swiften, it fails
due to missing include files or missing libraries, unless the
Package: libhdhomerun-dev
Version: 20120405-1
Severity: serious
Justification: Policy 9.1.1
Dear Maintainer,
Thanks for maintaining libhdhomerun in Debian. I noticed that
libhdhomerun-dev installs its header files to /usr/lib/libhdhomerun.
It should install them to /usr/include/libhdhomerun
Package: nslcd
Version: 0.8.12-1
Severity: normal
nslcd only allows processes with UID==0 (as determined by credentials
passed over its UNIX domain socket) to query the shadow database.
This check is enforced by lines 449-452 of nslcd/nslcd.c:
case NSLCD_ACTION_SHADOW_BYNAME:if (uid==0)
On Mon, 06 May 2013 21:50:52 +0200
Arthur de Jong adej...@debian.org wrote:
[...]
Determining who can see what information consists of basically two
separate decisions (where those who have access to the hash are a subset
of those who have access to the other information).
(there is
Package: libapt-pkg-perl
Version: 0.1.27
Severity: normal
Dear Maintainer,
AptPkg::Cache exhibits some strange behavior with its hash iteration on
multi-arch systems. First, package names returned by the keys method are
duplicated for every architecture, but without any ':architecture' suffix.
Package: vde2
Version: 2.3.2-4
Severity: wishlist
Dear Maintainer,
Currently, /etc/network/if-pre-up.d/vde2 (also, vde2.postinst) create
/var/run/vde2 as follows:
mkdir -p $RUNDIR
chown vde2-net:vde2-net $RUNDIR
chmod 2770 $RUNDIR
I believe the permissions should be (at
On Thu, 21 Nov 2013, Ra?l S?nchez Siles wrote:
Meanwhile, I've set up a repository with latest packaging stuff [0]
Hi Raul,
I was working on this too but it looks like you're further along than
me so I'll defer to you. A couple things though...
First, the -dev package can't be
On Thu, 21 Nov 2013 08:44:57 -0800 (PST)
Andrew Ayer a...@andrewayer.name wrote:
I think co-installable -dev packages are very nice though, so I was
planning to ask upstream if they could refactor those header files to
not be different on different architectures.
I have created a libsodium
Package: iceweasel
Version: 17.0.10esr-1~deb7u1
Severity: normal
Dear Maintainer,
Iceweasel does not properly set the spell checker language.
This manifests in two ways:
1. If the HTML document specifies a language using the lang attribute,
no language is selected by default and spell checking
Package: isc-dhcp-client
Version: 4.2.4-7
Severity: normal
Tags: patch
Dear Maintainer,
I recently messed up the value of rfc3442-classless-static-routes
on my DHCP server (I had 16, 10, 150, 0, 0, 10, 150, 3, 1 when
it should have been 16, 10, 150, 10, 150, 3, 1) and this caused
Package: wnpp
Severity: wishlist
Owner: Andrew Ayer a...@andrewayer.name
* Package name: libndp
Version : 1.2
Upstream Author : Jiri Pirko j...@resnulli.us
* URL : http://libndp.org/
* License : GPL-2+
Programming Lang: C
Description : Library for IPv6
Initial packaging for libndp can be found in the following Git repo:
https://www.agwa.name/git/libndp-debian.git
(GitHub mirror: https://github.com/AGWA/libndp-debian)
I will soon be uploading this to mentors.debian.net.
--
To UNSUBSCRIBE, email to
Hi Thijs,
On Fri, 22 Aug 2014 13:41:20 +0200
Thijs Kinkhorst th...@debian.org wrote:
This bug has been fixed in GnuPG 1.4.17.
Although it's a good robustness and anti-keyring-polution measure, I
don't think it's an acute security issue in stable that needs to be
fixed in a DSA, because the
Hi Michael,
On Sat, 14 Jun 2014 12:42:07 +0200
Michael Biebl bi...@debian.org wrote:
Hi Andrew,
On Sat, Mar 29, 2014 at 11:01:31AM -0700, Andrew Ayer wrote:
Initial packaging for libndp can be found in the following Git repo:
https://www.agwa.name/git/libndp-debian.git
This URL
On Tue, 15 Jul 2014 20:30:21 -0400
Filipus Klutiero chea...@gmail.com wrote:
Source: libndp
Version: 1.3-1
Severity: minor
Extended descriptions starts with:
libndp is a library the IPv6 Neighbor Discovery Protocol (NDP).
Something like a for is missing between a library and the IPv6
Hi,
An updated package has been prepared. Just waiting for my sponsor to
upload.
Regards,
Andrew
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On Sun, 31 Aug 2014 15:34:57 -0700
Joey Hess jo...@debian.org wrote:
Jérémy Bobbio wrote:
Andrew Ayer has been working on a `dh_strip_nondeterminism` helper:
http://anonscm.debian.org/cgit/reproducible/strip-nondeterminism.git/
We can move that chunk of code to it, alongside normalizers
Package: wnpp
Severity: wishlist
Owner: Andrew Ayer a...@andrewayer.name
* Package name: strip-nondeterminism
Version : 0.001
Upstream Author : Andrew Ayer a...@andrewayer.name
* URL :
https://anonscm.debian.org/cgit/reproducible/strip-nondeterminism.git
* License
On Mon, 8 Sep 2014 07:39:02 -0300
Henrique de Moraes Holschuh h...@debian.org wrote:
From *which* files? linker objects? executables? libraries?
Maybe it would be helpful to mention reproducible builds in the long
description to ease searches?
Yes, that's a good idea. I'll flesh out the
I've prepared packaging for 0.5.66 in the following Git repo:
https://anonscm.debian.org/cgit/users/agwa-guest/xmltv.git
Specifically, I imported the 0.5.66 tarball and updated the install list
for the added/removed grabbers.
The package builds, though there are a few issues:
1. The
Dear Maintainer,
I do not believe that this bug constitutes a security vulnerability or
that it deserves grave severity.
To be exploited remotely, you have to execute an untrusted XSLT
stylesheet, which is similar to executing untrusted arbitrary code, and
is a bad idea for reasons much more
Package: javahelper
Version: 0.47
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: toolchain
Hi!
As part of the Reproducible Builds effort [1], we have developed a new
debhelper add-on, dh_strip_nondeterminism, that strips non-deterministic
data from
Package: yorick-spydr
Version: 0.8.2-3
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps
Hi!
As part of the Reproducible Builds effort[1], we have identified that the
spydr48.png file in yorick-spydr contains the time at which the package
was
On Sun, 12 Oct 2014 21:59:44 +0200
Emmanuel Bourg ebo...@apache.org wrote:
How does dh_strip_nondeterminism affect the jar files exactly? I
understand that it normalizes the timestamps of the zip entries, but
what date is used?
Hi Emmanuel,
dh_strip_nondeterminism does the following:
*
On Sun, 12 Oct 2014 23:20:44 +0200
Emmanuel Bourg ebo...@apache.org wrote:
Le 12/10/2014 22:14, Andrew Ayer a écrit :
* Sets the timestamp of every Zip entry to January 1, 1980 (the
earliest date that can be represented in a Zip archive).
Would it be possible to set the timestamp
Package: strip-nondeterminism
Version: 0.003-1
Severity: normal
Line 59 of handlers/zip.pm triggers an infinite loop in Archive::Zip,
but only with certain jar files. I need to create a minimal test case
and file a bug report with Archive::Zip.
--
To UNSUBSCRIBE, email to
Package: strip-nondeterminism
Severity: wishlist
It should be possible to tell File::StripNondeterminism to replace
timestamps with a specific time instead of removing them or using a
zero timestamp. When using the strip-nondeterminism command, this
timestamp should be specified by a command
Package: strip-nondeterminism
Severity: wishlist
Some Java packages produce jar files with the .war and .hpi extension.
strip-nondeterminism should support this.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Package: strip-nondeterminism
Severity: wishlist
strip-nondeterminism should remove the Bnd-LastModified field (another
timestamp) and the Built-By field (it contains the system username) from
MANIFEST.MF files inside jar archives.
--
To UNSUBSCRIBE, email to
Package: strip-nondeterminism
Severity: wishlist
Zip files created on Unix contain non-deterministic information in
extra fields such as UT extra field modtime. They can be seen
by `zipinfo -v`. strip-nondeterminism should strip/normalize these
fields.
--
To UNSUBSCRIBE, email to
Package: strip-nondeterminism
Severity: wishlist
Example package: vdr-plugin-xineliboutput
debbindiff:
https://jenkins.debian.net/userContent/rb-pkg/vdr-plugin-xineliboutput.html
Timestamps look like: POT-Creation-Date: 2014-10-12 23:36+\n
--
To UNSUBSCRIBE, email to
Package: strip-nondeterminism
Severity: wishlist
strip-nondeterminism should treat more filename extensions as possible
gzipped files, such as .svgz.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
On Fri, 12 Dec 2014 19:30:12 +0100
Reiner Herrmann rei...@reiner-h.de wrote:
lib/File/StripNondeterminism/handlers/zip.pm | 24 +++
+ 1 file changed, 24 insertions(+)
Thanks! Patch applied, with a couple adjustments (to make pack/unpack
safe on big-endian systems, and to
Package: openntpd
Version: 20080406p-10
Severity: normal
Tags: patch
Dear Maintainer,
Currently, openntpd's init script restarts openntpd by killing it (with
start-stop-daemon --stop), sleeping 1 second, and then starting it.
This has a race condition: if openntpd takes longer than 1 second to
On Tue, 20 Jan 2015 23:30:14 +0100
Peter De Wachter pdewa...@gmail.com wrote:
Javadoc files, at least the ones I've looked at, have, in addition
to the Generated by javadoc comment, a timestamp in a meta
name=date tag.
Excellent catch; thanks! I've enhanced the javadoc handler to also
I tracked down the bug in Archive::Zip, which was a doozy, and reported
it upstream:
https://github.com/redhotpenguin/perl-Archive-Zip/issues/11
Meanwhile, I've worked around it in strip-nondeterminism, so this
shouldn't be an issue for us anymore.
--
To UNSUBSCRIBE, email to
Package: strip-nondeterminism
Severity: wishlist
strip-nondeterminism should print a log line when it fixes a file, so
we can track what needs to be done upstream, at some point.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble?
On Tue, 06 Jan 2015 23:14:33 +0100
Reiner Herrmann rei...@reiner-h.de wrote:
In the case the local fields can't be read, they also are not
(over)written:
Thanks for checking that. Patch is now applied.
One thing to note is that some fields have a different format depending
on whether they
On Tue, 06 Jan 2015 19:27:37 +0100
Reiner Herrmann rei...@reiner-h.de wrote:
the attached patch also normalizes the local extra fields.
Thanks!
I discovered also a bug in Archive::Zip, that local extra fields
are currently only working for directories:
Thanks, Andreas and Holger.
I reproduced the problem with jruby and determined that it's a bug in
Archive::Zip, which I've reported here:
https://github.com/redhotpenguin/perl-Archive-Zip/issues/13
Archive::Zip is unfortunately proving to be rather buggy.
-- Andrew
--
To UNSUBSCRIBE, email
Package: wnpp
Severity: wishlist
Owner: Andrew Ayer a...@andrewayer.name
* Package name: git-crypt
Version : 0.4.2
Upstream Author : Andrew Ayer a...@andrewayer.name
* URL : https://www.agwa.name/projects/git-crypt
* License : GPL3+ with OpenSSL linking
Package: libndp
Severity: wishlist
libndp 1.5 has been released. It incorporates
0001-ndptool-support-kfreebsd-by-avoiding-signalfd.patch.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
tags 780398 + security
severity 780398 important
thanks
New research was released yesterday that estimates the cost of
breaking a commonly-used 1024 bit Diffie-Hellman group to be alarmingly
low, and within the reach of state-level adversaries[1]. Specifically,
an adversary can do
On Mon, 1 Jun 2015 16:46:35 +0900
Mike Hommey m...@glandium.org wrote:
It's up to Mike whether to fix that in the upcoming point release.
We're not planning a DSA for this issue alone, but it can be fixed
along when upstream releases changes to address the weakdh issue.
... which, afaik,
On Wed, 27 May 2015 08:11:35 +0200
Moritz Mühlenhoff j...@inutil.org wrote:
It's up to Mike whether to fix that in the upcoming point release.
We're not planning a DSA for this issue alone, but it can be fixed
along when upstream releases changes to address the weakdh issue.
Mike, are you
(99_prefer_stronger_cert_chains.patch) to fix
+certificate chain generation to prefer stronger/newer certificates
+over weaker/older certs. Closes: #774195.
+
+ -- Andrew Ayer a...@andrewayer.name Mon, 25 May 2015 09:21:06 -0700
+
nss (2:3.17.2-1.1) unstable; urgency=medium
* Non-maintainer upload.
diff
tags 785742 + pending
thanks
On Tue, 19 May 2015 20:56:17 +0200
Niels Thykier ni...@thykier.net wrote:
Debugging the lintian FTBFS on reproducible.d.n[1], I have found that
if I override on dh_strip-nondeterminism in the test's rules file, the
unexpected package-contains-timestamped-gzip tag
tags 796366 + pending
thanks
Thanks Stéphane for reporting this. Fixed in 0.010-1, which is pending
upload.
Cheers,
Andrew
Package: wnpp
Severity: wishlist
Owner: Andrew Ayer a...@andrewayer.name
* Package name: disorderfs
Version : 0.1.0
Upstream Author : Andrew Ayer a...@andrewayer.name
* License : GPL-3+
Programming Lang: C++
Description : FUSE filesystem that introduces non
tags 793244 + confirmed
thanks
On Wed, 22 Jul 2015 13:33:34 +
Matthias Klose d...@debian.org wrote:
GCC PR libstdc++/66145 is a regression in GCC 5 which won't be fixed
upstream in time for the GCC defaults change. The work around is to
rebuild the affected packages after GCC 5 is the
tags 791574 + fixed-upstream
tags 791574 + pending
thanks
This was caused by a zip64 archive in the golang test suite.
Archive::Zip, and hence strip-nondeterminism, doesn't support zip64
archives. Fortunately, zip64 archives are rare and the one in the
golang source doesn't contain any
severity 791574 important
thanks
On Fri, 17 Jul 2015 20:08:13 +0200
Andreas Tille andr...@an3as.eu wrote:
Ahhh, that's interesting. My situation is that I just wanted to find
out why some of our team packages are about to be removed. I do not
expect myself to be very helpful in fixing the
On Fri, 17 Jul 2015 21:37:40 +
Mattia Rizzolo mat...@mapreri.org wrote:
Looks like python-astropy build-dep on strip-nondetermism, and that
(sadly) you (= astro team) did [1]. Personally I find shameful that a
maintainer need such hack for a fail on our parts, please DO poke use
more
On Fri, 17 Jul 2015 19:53:27 +
Mattia Rizzolo mat...@mapreri.org wrote:
i was aware some packages started build-depending on it, but nothing
like this. Also, broken (and also missing, fwiw) build-dep does not
causes removal from testing [1], so that's sound weird+wrong.
Can you tell me
Thanks Roland for the report and Niko for the really helpful
debugging. This PNG file is technically non-conformant[1], but
strip-nondeterminism should handle it nevertheless. I've changed
strip-nondeterminism to stop processing after the IEND chunk and copy
through any remaining junk. A new
tags 800063 + confirmed
thanks
On Sat, 26 Sep 2015 12:18:34 +0300
Niko Tyni wrote:
> libsearch-xapian-perl_1.2.21.0-1 started to FTBFS under
> disorderfs when the latter was upgraded from 0.2.0-1 to
> 0.4.0-1.
>
>
>
Hi Michael,
On Mon, 14 Dec 2015 21:59:27 -0600
Michael Shuler wrote:
> Thanks for your thoughts. A separate package is an interesting interim
> idea, but in looking at what redhat has done, I think a more complete
> transition to trust type buckets is preferred, along
Hi Michael,
Have you given any more thought to a redesign of ca-certificates that
separates the email certificates from the TLS certificates? I suspect
that the vast majority of packages that depend on ca-certificates use
it for TLS server auth, and yet there are currently 21 roots in the NSS
On Mon, 14 Dec 2015 18:45:40 -0600
Michael Shuler wrote:
> > As always, let me know if you could use any help. I'm going to
> > start looking through the reverse depends for ca-certificates to
> > identify packages that might be relying on roots for email
> >
On Fri, 4 Dec 2015 23:36:57 -0600
Michael Shuler wrote:
> Hi release team,
>
> I just requested an upload of ca-certificates (20151204) to unstable,
> and I would like to follow that up with stable-pu and oldstable-pu
> updates to include the current Mozilla CA bundle
Hi Sophie,
I took a look at dirbuster, and it looks like it doesn't actually build
anything; instead it just installs a signed .jar that is shipped with
the source, and strip-nondeterminism's modifications break the
signature.
Therefore, my recommendation is that you continue to disable
Package: strip-nondeterminism
Severity: wishlist
It would be nice for strip-nondeterminism to ignore signed JARs (but
print a warning), since its modifications will break the signature.
According to the jarsigner(1) man page, a signed JAR will have .DSA
and .SF files in the META-INF, so we can
On Tue, 22 Dec 2015 21:18:34 +0100
Reiner Herrmann wrote:
> Hi Andrew!
>
> I just noticed that disorderfs isn't working when --multi-user=yes is
> specified. Instead of reversing the readdir order or shuffling the
> order, it is only returning the files in normal readdir
Package: ca-certificates
Version: 20150426
Severity: important
Dear maintainer and security team,
ca-certificates hasn't been updated since April 2015. Since then, 14
CAs have been removed from the NSS root store[1, 2]. ca-certificates in
stable hasn't been updated since October 2014. Since
Hi Stable Release Managers,
We're currently discussing in #806239 how to keep the
ca-certificates package more up-to-date in (old)stable. Since
ca-certificates is a data package that needs timely updating (when CAs
are removed due to lapsed audits, they should be distrusted
immediately), it
Hi Michael,
On Wed, 25 Nov 2015 12:30:18 -0600
Michael Shuler <mich...@pbandjelly.org> wrote:
> Control: tags -1 + pending
>
> On 11/25/2015 11:28 AM, Andrew Ayer wrote:
> > ca-certificates hasn't been updated since April 2015. Since then,
> > 14 CAs have been remove
Hi Ceridwen,
Thanks for reporting this! I've identified and fixed the bug. This fix
is in disorderfs 0.4.3-1, which I'm uploading to Unstable right now.
Cheers,
Andrew
On Tue, 10 May 2016 13:58:21 +0200
Emmanuel Bourg wrote:
> I noticed that the bnd package fails to build reproducibly because
> one of the jar files installed (/usr/share/java/bnd-2.4.1.jar)
> contains a nested jar (embedded-repo.jar) that isn't processed by
>
On Fri, 11 Mar 2016 21:17:14 +0100
Sebastian Andrzej Siewior wrote:
> After `dh_strip_nondeterminism':
>
> |$ unzip clam.bz2.zip
> |Archive: clam.bz2.zip
> | bunzipping: clam.exe
> | error: invalid compressed data to bunzip
> |$ ls -lh clam.exe
>
On Thu, 9 Feb 2017 03:18:11 +
Daniel Shahaf <danie...@apache.org> wrote:
> Chris Lamb wrote on Wed, Feb 08, 2017 at 22:12:35 +1300:
> > Andrew Ayer wrote:
> >
> > > print log entry when fixing a file
> >
> > This should probably be enabled when DH
On Tue, 13 Sep 2016 17:06:17 +0100
Chris Lamb wrote:
> > Perhaps we could guarantee that the shuffle results in a different
> > order? I think that would resolve any objection to making shuffling
> > the default.
>
> .. at the cost of a rather bizarre "shuffle ___ but won't
On Tue, 13 Sep 2016 16:33:25 +0100
Chris Lamb wrote:
> Hi Reiner,
>
> > If I remember correctly, the reason why reversing the order is the
> > default, was that this guarantees a different order.
Reiner's recollection is correct.
> Whilst this is true and really useful
Package: libxslt
Version: 1.1.29-2.1
Severity: important
X-Debbugs-CC: reproducible-bui...@lists.alioth.debian.org
Dear Maintainer,
Nick Bowler has pointed out on the libxslt bug tracker that
debian/patches/0004-Make-generate-id-deterministic.patch has issues,
most notably that generate-id() is
Package: iproute2
Version: 4.20.0-2
Severity: normal
Dear Maintainer,
Currently, iproute2 is built with the default NETNS_RUN_DIR of
/var/run/netns[1]. Consequentially, if /var is a separate filesystem,
it is not possible to use ip netns to manage network namespaces early
in boot before /var is
Package: ca-certificates
Version: 20190110
Severity: normal
Hi Michael,
ca-certificates currently contains several CAs that have been distrusted
by Mozilla:
Certplus
Certinomis
Deutsche Telekom AG
Certinomis is particularly concerning because they were distrusted after
numerous misissuances
Hey Flo,
Many thanks for preparing the update and my apologies to you and
Sebastien for not getting back sooner.
I am totally OK with your changes at
https://salsa.debian.org/florian/libndp/-/tree/734771d97899e2c942c3802251f816135760f332
Unfortunately, I never got set up with Salsa after Alioth
Hi Flo,
On Thu, 31 Mar 2022 17:42:37 +0200
Florian Ernst wrote:
> [...]
> On Wed, Mar 30, 2022 at 07:47:52PM -0400, Andrew Ayer wrote:
> > [...]
> > I am thinking of putting libndp up for adoption - might you be
> > willing to take over?
>
> Well, I am willing to
81 matches
Mail list logo