On Sat, 21 Aug 2021, Vincent Lefevre wrote:
On 2021-08-20 12:11:30 -0700, Russ Allbery wrote:
The most naive attempt to mess with the update channel (intercepting the
http connection and replacing a package with a malicious one) will fail
immediately with both http or https. The primary
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 07:38:38 +0200
Source: kdiff3
Architecture: source
Version: 1.9.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian KDE Extras Team
Changed-By: Pino Toscano
Changes:
kdiff3 (1.9.3-1) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 07:06:57 +0200
Source: qtcreator
Architecture: source
Version: 5.0.0~rc1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers
Changed-By: Pino Toscano
Changes:
qtcreator
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 06:46:43 +0200
Source: netcdf
Architecture: source
Version: 1:4.8.1-1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Debian GIS Project
Changed-By: Bas Couwenberg
Changes:
netcdf (1:4.8.1-1~exp1)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 23:15:44 -0600
Source: golang-github-google-go-github
Architecture: source
Version: 38.1.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team
Changed-By: Anthony Fok
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 21 Aug 2021 01:01:27 -0400
Source: rdiff-backup
Architecture: source
Version: 2.0.5-3
Distribution: unstable
Urgency: low
Maintainer: Debian Python Team
Changed-By: Sandro Tosi
Closes: 967997
Changes:
rdiff-backup (2.0.5-3)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 00:42:31 -0300
Source: outguess
Architecture: source
Version: 1:0.3-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Security Tools
Changed-By: Joao Eriberto Mota Filho
Closes: 978876
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:51:37 -0700
Source: antlr
Architecture: source
Version: 2.7.7+dfsg-12
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
Changed-By: tony mancill
Changes:
antlr (2.7.7+dfsg-12)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 22:03:48 -0600
Source: golang-golang-x-xerrors
Architecture: source
Version: 0.0~git20200804.5ec99f8-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team
Changed-By: Anthony Fok
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 23:38:48 -0400
Source: platformio
Architecture: source
Version: 4.3.4-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team
Changed-By: Sandro Tosi
Changes:
platformio (4.3.4-2) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 21:56:25 -0600
Source: golang-go.crypto
Architecture: source
Version: 1:0.0~git20210817.32db794-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team
Changed-By: Anthony Fok
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 11:45:27 +0900
Source: ruby-protocol-http
Architecture: source
Version: 0.22.5-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Team
Changed-By: Hideki Yamane
Changes:
ruby-protocol-http
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 22:55:08 -0400
Source: libdazzle
Built-For-Profiles: noudeb
Architecture: source
Version: 3.40.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers
Changed-By: Jeremy Bicha
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 22:39:50 -0400
Source: wbxml2
Architecture: source
Version: 0.11.7+dfsg-1~exp2
Distribution: experimental
Urgency: medium
Maintainer: Debian QA Group
Changed-By: Boyuan Yang
Changes:
wbxml2 (0.11.7+dfsg-1~exp2)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 22:36:22 -0400
Source: wbxml2
Architecture: source
Version: 0.10.7-2
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group
Changed-By: Boyuan Yang
Changes:
wbxml2 (0.10.7-2) unstable; urgency=medium
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 22:35:22 -0400
Source: gnote
Built-For-Profiles: noudeb
Architecture: source
Version: 40.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers
Changed-By: Jeremy Bicha
Changes:
gnote
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 22:22:37 -0400
Source: python-certbot-dns-cloudflare
Architecture: source
Version: 1.18.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Let's Encrypt
Changed-By: Harlan Lieberman-Berg
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 11:01:45 +0900
Source: ruby-protocol-http2
Architecture: source
Version: 0.14.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Team
Changed-By: Hideki Yamane
Changes:
ruby-protocol-http2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:48:34 -0400
Source: python-josepy
Architecture: source
Version: 1.8.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Let's Encrypt
Changed-By: Harlan Lieberman-Berg
Changes:
python-josepy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:34:00 -0400
Source: macaulay2
Built-For-Profiles: noudeb
Architecture: source
Version: 1.18+ds-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers
Changed-By: Doug Torrance
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 22:11:49 -0400
Source: gnome-chess
Built-For-Profiles: noudeb
Architecture: source
Version: 1:40.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers
Changed-By: Jeremy Bicha
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 10:56:31 +0900
Source: debian-reference
Architecture: source
Version: 2.80
Distribution: unstable
Urgency: medium
Maintainer: Osamu Aoki
Changed-By: Osamu Aoki
Changes:
debian-reference (2.80) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 03:59:24 +0200
Source: alsa-plugins
Architecture: source
Version: 1.2.5-1
Distribution: unstable
Urgency: medium
Maintainer: Debian ALSA Maintainers
Changed-By: Jordi Mallach
Changes:
alsa-plugins (1.2.5-1)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:18:44 -0400
Source: gnome-bluetooth
Built-For-Profiles: noudeb
Architecture: source
Version: 3.34.5-3
Distribution: experimental
Urgency: medium
Maintainer: Debian GNOME Maintainers
Changed-By: Jeremy Bicha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:31:46 -0400
Source: epiphany-browser
Built-For-Profiles: noudeb
Architecture: source
Version: 40.3-1
Distribution: experimental
Urgency: medium
Maintainer: Debian GNOME Maintainers
Changed-By: Jeremy Bicha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 09:33:43 +0900
Source: libsylph
Architecture: source
Version: 1.1.0-21
Distribution: unstable
Urgency: medium
Maintainer: Hideki Yamane
Changed-By: Hideki Yamane
Changes:
libsylph (1.1.0-21) unstable;
On 2021-08-20 12:11:30 -0700, Russ Allbery wrote:
> The most naive attempt to mess with the update channel (intercepting the
> http connection and replacing a package with a malicious one) will fail
> immediately with both http or https. The primary difference in that case
> with https is that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 02:43:46 +0300
Source: kakoune
Architecture: source
Version: 2020.09.01-2
Distribution: unstable
Urgency: medium
Maintainer: Peter Pentchev
Changed-By: Peter Pentchev
Changes:
kakoune (2020.09.01-2) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 08:18:46 +0900
Source: mailcap
Architecture: source
Version: 3.70
Distribution: unstable
Urgency: medium
Maintainer: Mime-Support Packagers
Changed-By: Charles Plessy
Closes: 992574
Changes:
mailcap (3.70)
On Fri, Aug 20, 2021 at 10:15 PM Timothy M Butterworth wrote:
> I give the installer a 5 star rating although I would like to see some
> improvements made to the disk configuration utility. Currently the
> disk configuration utility is non-intuitive and appears to be designed
> for keyboard only
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 23:52:26 +0200
Source: blender
Architecture: source
Version: 2.93.3+dfsg-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Multimedia Maintainers
Changed-By: Matteo F. Vescovi
Changes:
blender
Ansgar writes:
> On Fri, 2021-08-20 at 23:37 +0200, Simon Richter wrote:
>> I was thinking of VPS hosting for the most part, where users will run
>> apt or auto-apt inside their virtual server.
> Hosting providers or ISPs messing with their customers' traffic with
> Debian mirrors seems like
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 23:58:15 +0200
Source: easymock
Architecture: source
Version: 4.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
Changed-By: Markus Koschany
Changes:
easymock (4.3-1) unstable;
I have been using Debian 11 since Alpha 1 release. I installed with
non-free live DVD using the calamaris installer. I have it installed
on three systems one Intel Celeron, one Intel i5 and one AMD Ryzen 7.
I give the installer a 5 star rating although I would like to see some
improvements made
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Thu, 19 Aug 2021 20:58:51 -0400
Source: gpgme1.0
Architecture: source
Version: 1.15.1-3
Distribution: unstable
Urgency: medium
Maintainer: Debian GnuPG Maintainers
Changed-By: Daniel Kahn Gillmor
Changes:
gpgme1.0 (1.15.1-3)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 23:23:53 +0200
Source: httpcomponents-core5
Architecture: source
Version: 5.0.3-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
Changed-By: Markus Koschany
Changes:
Package: debian-policy
Version: 4.6.0.0
Tags: patch
X-debbugs-cc: Aurelien Jarno , debian-devel@lists.debian.org
On Wed 18 Aug 2021 at 02:10PM -07, Russ Allbery wrote:
> Sean Whitton writes:
>> On Wed 18 Aug 2021 at 11:10AM +02, Aurelien Jarno wrote:
>
>>> This path is used by the multilib
On Fri, 2021-08-20 at 23:37 +0200, Simon Richter wrote:
> I was thinking of VPS hosting for the most part, where users will run
> apt or auto-apt inside their virtual server.
Hosting providers or ISPs messing with their customers' traffic with
Debian mirrors seems like something we should not
Hi,
On 8/20/21 9:04 PM, Russ Allbery wrote:
One of the things that confuses me about this user story is why are your
containers doing non-trivial amounts of apt traffic at runtime? Generally
the whole point of a container is that you only do this during container
build time. I'm not sure I
On Fri, 2021-08-20 at 12:11 -0700, Russ Allbery wrote:
> The way I would put it is that the security benefit of using TLS for apt
> updates is primarily that it makes certain classes of attempts to mess
> with the update channel more noisy and more likely to produce immediate
> errors.
APT is not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 22:39:29 +0200
Source: linux
Architecture: source
Version: 5.13.12-1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Debian Kernel Team
Changed-By: Bastian Blank
Closes: 987815 992219 992221 992251
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 23:16:09 +0200
Source: krita
Architecture: source
Version: 1:5.0.0~beta1+dfsg-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers
Changed-By: Pino Toscano
Changes:
krita
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 02:46:49 +0530
Source: klustakwik
Architecture: source
Version: 3.0.2+ds-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team
Changed-By: Nilesh Patra
Changes:
klustakwik (3.0.2+ds-2)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 23:21:04 +0200
Source: httpcomponents-client5
Architecture: source
Version: 5.0.3-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
Changed-By: Markus Koschany
Changes:
All,
Sorry I am a little late to this party so I have a new-be question,
what is the point of merged-usr? It seems like a lot of work for a
little reward, as the packages already work. Is there a legitimate
benefit for changing all these file paths that I am missing?
Thanks
Tim
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 15:12:03 +0200
Source: giza
Architecture: source
Version: 1.2.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Astro Team
Changed-By: Ole Streicher
Changes:
giza (1.2.1-1) unstable; urgency=medium
Hi,
On 8/20/21 3:56 PM, Sam Hartman wrote:
Simon's position seemed to be that we need a dpkg update in order to
move forward and that we cannot depend on that mid-release.
Yes, except if we give up "apt dist-upgrade" as the interface for the
upgrade to the next stable release.
I can see
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:51:43 +0200
Source: sundials
Architecture: source
Version: 5.7.0+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Team
Changed-By: Anton Gladky
Changes:
sundials (5.7.0+dfsg-1)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 21 Aug 2021 02:00:49 +0530
Source: r-cran-eaf
Architecture: source
Version: 2.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian R Packages Maintainers
Changed-By: Nilesh Patra
Changes:
r-cran-eaf (2.0-1)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 22:14:46 +0200
Source: libbackuppc-xs-perl
Architecture: source
Version: 0.62-2
Distribution: unstable
Urgency: medium
Maintainer: Debian BackupPC Team
Changed-By: Axel Beckert
Closes: 869228 989945
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 13:02:03 -0700
Source: gromacs
Architecture: source
Version: 2021.3-2
Distribution: unstable
Urgency: medium
Maintainer: Debichem Team
Changed-By: Nicholas Breen
Changes:
gromacs (2021.3-2) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:40:38 +0200
Source: node-flagged-respawn
Architecture: source
Version: 1.0.1-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Yadd
Changes:
node-flagged-respawn
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:47:15 +0200
Source: node-events
Architecture: source
Version: 3.3.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Yadd
Changes:
node-events (3.3.0-1)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:43:29 +0200
Source: node-base62
Architecture: source
Version: 2.0.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Yadd
Changes:
node-base62 (2.0.1-2)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 21:44:19 +0200
Source: ccache
Architecture: source
Version: 4.4-1
Distribution: unstable
Urgency: medium
Maintainer: Joel Rosdahl
Changed-By: Joel Rosdahl
Changes:
ccache (4.4-1) unstable; urgency=medium
.
[
Quoting Jeremy Stanley (2021-08-20 18:34:22)
> > If so, I think the next step would be to open a bug with a summary of this
> > discussion. I'm happy to do that, but I'm not sure what package owns this
> > configuration.
> It's not owned directly by a particular package, I think D-I and various
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:33:50 +0200
Source: node-semver-diff
Architecture: source
Version: 3.1.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Yadd
Changes:
node-semver-diff
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:26:35 +0200
Source: node-request-capture-har
Architecture: source
Version: 1.2.2-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Yadd
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:29:22 +0200
Source: node-domhandler
Architecture: source
Version: 4.0.0-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Yadd
Changes:
node-domhandler (4.0.0-5)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:37:34 +0200
Source: node-concat-with-sourcemaps
Architecture: source
Version: 1.0.7-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Yadd
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:12:59 +0200
Source: pysynphot
Architecture: source
Version: 1.0.1+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Astronomy Team
Changed-By: Ole Streicher
Changes:
pysynphot (1.0.1+dfsg-1)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:22:17 +0200
Source: node-tmatch
Architecture: source
Version: 5.0.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Yadd
Changes:
node-tmatch (5.0.0-2)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:17:46 +0200
Source: node-grunt-known-options
Architecture: source
Version: 1.1.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Yadd
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 21:19:47 +0200
Source: node-builtin-status-codes
Architecture: source
Version: 3.0.0-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Yadd
Changes:
On Fri, 2021-08-20 at 19:15 +0100, Simon McVittie wrote:
> On Fri, 20 Aug 2021 at 19:01:00 +0100, Luca Boccassi wrote:
> > I can confirm that if you build in split-usr mode then the generators
> > are looked for only in /lib:
> >
> > https://github.com/systemd/systemd/blob/v247/meson.build#L156
>
On 2021-08-20 12:04:02 -0700 (-0700), Russ Allbery wrote:
> Simon Richter writes:
>
> > I support that idea in principle, but one of our user stories is
> > "I have a datacenter with a few thousand containers in it, so I
> > want to redirect accesses to the local mirror to reduce external
> >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 20:48:51 +0200
Source: python-hvac
Architecture: source
Version: 0.10.12-2
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenStack
Changed-By: Thomas Goirand
Changes:
python-hvac (0.10.12-2)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 20:52:59 +0200
Source: libmtp
Architecture: source
Version: 1.1.18-2
Distribution: unstable
Urgency: medium
Maintainer: Alessio Treglia
Changed-By: Dylan Aïssi
Changes:
libmtp (1.1.18-2) unstable; urgency=medium
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 20:45:09 +0200
Source: backuppc
Architecture: source
Version: 4.4.0-4
Distribution: unstable
Urgency: medium
Maintainer: Debian BackupPC Team
Changed-By: Axel Beckert
Closes: 992597
Changes:
backuppc (4.4.0-4)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 18:05:32 +
Source: acpica-unix
Architecture: source
Version: 20200925-4
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group
Changed-By: Chris Hofstaedtler
Closes: 986308
Changes:
acpica-unix
Paul Gevers writes:
> I was told and I relayed early in this thread [1] that https gives you
> some (delayed) protection against man-in-the-middle attacks serving you
> old data.
Yes, it gives you some protection. Jeremy is more cynical about the
utility of that protection than I am, although
Simon Richter writes:
> I support that idea in principle, but one of our user stories is "I have
> a datacenter with a few thousand containers in it, so I want to redirect
> accesses to the local mirror to reduce external network traffic."
Just checking that I understand. You have several
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 20:46:40 +0200
Source: python-pyhcl
Architecture: source
Version: 0.4.4-2
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenStack
Changed-By: Thomas Goirand
Changes:
python-pyhcl (0.4.4-2) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 20:47:41 +0200
Source: python-omegaconf
Architecture: source
Version: 2.1.0~rc1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenStack
Changed-By: Thomas Goirand
Changes:
python-omegaconf
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 20:43:12 +0200
Source: puppet-module-camptocamp-postfix
Architecture: source
Version: 1.11.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenStack
Changed-By: Thomas Goirand
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Mon, 16 Aug 2021 16:46:21 +0200
Source: glance-tempest-plugin
Architecture: source
Version: 0.1.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenStack
Changed-By: Thomas Goirand
Changes:
glance-tempest-plugin
> We already have testing-proposed-updates with a different set of rules. See
> https://wiki.debian.org/TestingProposedUpdates
Ah, well ofcourse I knew about this. I ended up mis-taking it with the
companion suite proposed.
Please excuse me for being sloppy there :D
--
Sent from my Android
On 2021-08-20 20:52:43 +0200 (+0200), Paul Gevers wrote:
[...]
> I was told and I relayed early in this thread [1] that https gives you
> some (delayed) protection against man-in-the-middle attacks serving you
> old data. Does everybody agree that this is either not prevented or not
> giving you
Hi,
On 20-08-2021 17:48, Russ Allbery wrote:
> It sounds like we have a general consensus in this thread that, while
> changing our default to HTTPS probably won't make anything more secure in
> practice, we should still do it?
I was told and I relayed early in this thread [1] that https gives
On 8/20/21 2:37 PM, Simon Richter wrote:
This is a use case where HTTPS does hurt, and where I can't think of
any good mitigation strategies that wouldn't be worse from a security
PoV than the status quo.
Such situations are the exception rather than the norm. If https is
detrimental to
Hi,
"Use HTTPS everywhere that supports it" is simple and actionable advice
for the average person that will make them more secure.
There are
applications and sites where HTTPS doesn't really help, but other than
some unusual performance edge cases that are pretty rare in practice, it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 20:11:19 +0200
Source: mini-buildd
Architecture: source
Version: 1.0.49
Distribution: unstable
Urgency: medium
Maintainer: Stephan Sürken
Changed-By: Stephan Sürken
Changes:
mini-buildd (1.0.49) unstable;
On Fri, 20 Aug 2021 at 19:01:00 +0100, Luca Boccassi wrote:
> I can confirm that if you build in split-usr mode then the generators
> are looked for only in /lib:
>
> https://github.com/systemd/systemd/blob/v247/meson.build#L156
>
> (the systemgeneratordir meson variable is set from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 23:09:13 +0530
Source: ruby-libxml
Architecture: source
Version: 3.2.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Team
Changed-By: Pirate Praveen
Changes:
ruby-libxml (3.2.1-1) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 10:55:35 -0700
Source: consfigurator
Architecture: source
Version: 0.9.1-1
Distribution: unstable
Urgency: medium
Maintainer: Sean Whitton
Changed-By: Sean Whitton
Changes:
consfigurator (0.9.1-1) unstable;
On Fri, 2021-08-20 at 18:30 +0100, Simon McVittie wrote:
> Control: retitle 992554 debhelper: moves systemd system generators to a
> location not searched by systemd
> Control: reassign 992554 debhelper 13.4
> Control: affects 992554 + tor ostree
>
> On Fri, 20 Aug 2021 at 16:20:04 +, Peter
On Fri, Aug 20, 2021 at 07:56:33AM -0600, Sam Hartman wrote:
> As you know, one of the ways we can see how close we are on consensus
> is to look at what happens when someone proposes a summary like you did.
Thanks, that was my goal: trying to see if we could move the
discussion towards some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 15:48:38 +0200
Source: python-drizzle
Architecture: source
Version: 1.13.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Astro Team
Changed-By: Ole Streicher
Changes:
python-drizzle (1.13.3-1)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 13:26:53 -0400
Source: frobby
Built-For-Profiles: noudeb
Architecture: source
Version: 0.9.5-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers
Changed-By: Doug Torrance
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 19:18:33 +0200
Source: bgpq4
Architecture: source
Version: 1.4-1
Distribution: unstable
Urgency: medium
Maintainer: Vincent Bernat
Changed-By: Vincent Bernat
Changes:
bgpq4 (1.4-1) unstable; urgency=medium
.
Control: retitle 992554 debhelper: moves systemd system generators to a
location not searched by systemd
Control: reassign 992554 debhelper 13.4
Control: affects 992554 + tor ostree
On Fri, 20 Aug 2021 at 16:20:04 +, Peter Palfrader wrote:
> It seems that generators in /usr/lib/systemd are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 19 Aug 2021 22:10:50 -0700
Source: python-sparse
Architecture: source
Version: 0.12.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team
Changed-By: Diane Trout
Changes:
python-sparse (0.12.0-1)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 17:00:03 +
Source: pdns-recursor
Architecture: source
Version: 4.5.5-1
Distribution: unstable
Urgency: medium
Maintainer: pdns-recursor packagers
Changed-By: Chris Hofstaedtler
Changes:
pdns-recursor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 19:07:10 +0200
Source: firmware-nonfree
Architecture: source
Version: 20210716-1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Debian Kernel Team
Changed-By: maximilian attems
Changes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 20 Aug 2021 19:00:37 +0200
Source: firmware-nonfree
Architecture: source
Version: 20210511-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Kernel Team
Changed-By: maximilian attems
Changes:
firmware-nonfree
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 16:33:09 +
Source: pdns
Architecture: source
Version: 4.4.1-3
Distribution: unstable
Urgency: medium
Maintainer: pdns packagers
Changed-By: Chris Hofstaedtler
Changes:
pdns (4.4.1-3) unstable; urgency=medium
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 18 Aug 2021 11:36:49 -0400
Source: frobby
Built-For-Profiles: noudeb
Architecture: source
Version: 0.9.5-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers
Changed-By: Doug Torrance
Closes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 16:38:14 +
Source: dnsdist
Architecture: source
Version: 1.6.0-2
Distribution: unstable
Urgency: medium
Maintainer: dnsdist packagers
Changed-By: Chris Hofstaedtler
Changes:
dnsdist (1.6.0-2) unstable;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 20 Aug 2021 18:27:45 +0200
Source: gnome-shell-extension-desktop-icons
Built-For-Profiles: noudeb
Architecture: source
Version: 20.04.0+git20200908-8
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers
On Thu, 19 Aug 2021, Luca Boccassi wrote:
> > Installing those files in /usr/lib/systemd/system is fine.
>
>
>
> This is indeed the right thing to do moving forward, so updating
> Lintian would be the best outcome. Thanks!
It seems that generators in /usr/lib/systemd are being ignored. This
1 - 100 of 262 matches
Mail list logo