On Fri, 12 Oct 2012, Craig Small wrote:
Steve with his years of packaging experience is not probably a good
sample of one to base this upon. I'd be curious to see if newer
packagers use it or not.
I still use dh-make from time to time. Mainly to get a template for
debian/control and
* Christoph Anton Mitterer cales...@scientia.net [121011 19:39]:
On Thu, 2012-10-11 at 11:35 -0500, Peter Samuelson wrote:
What makes sense is to use a hash that has the properties that are
needed for a particular application.
Well... I think that's only really required if performance is
On 12.10.2012 01:30, Christoph Anton Mitterer wrote:
I further looked around:
e.g. the Release file seems to only use MD5 not so good :(
You didn't look very far / well.
$ wget -O- -q http://ftp.debian.org/debian/dists/squeeze/Release | grep
-v ^
Origin: Debian
Label: Debian
Suite:
Package: debian-policy
Severity: minor
Charles Plessy ple...@debian.org writes:
http://www.debian.org/doc/debian-policy/ch-controlfields.html#s-f-Checksums
In the .dsc file, these fields should list all files that make up the source
package. In the .changes file, these fields should list
On Fri, 12 Oct 2012 16:03:53 +1100
Craig Small csm...@debian.org wrote:
On Thu, Oct 11, 2012 at 02:38:46PM -0700, Steve Langasek wrote:
dh-make isn't so relevant now that debhelper 7 exists. cp
/usr/share/doc/debhelper/examples/rules.tiny debian/rules dch
--create, manually create
dh-make should be deprecated :-)
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/CALL-Q8yL-UtZ9rDMqkAQim9wZJRM8Bea1=tsyj6bub_t+pt...@mail.gmail.com
On Fri, Oct 12, 2012 at 04:03:53PM +1100, Craig Small wrote:
Steve with his years of packaging experience is not probably a good
sample of one to base this upon. I'd be curious to see if newer
packagers use it or not.
I don't bother with dh-make anymore. Like Steve the (mixed-case! Argh!) .ex
On Thu, Oct 11, 2012 at 09:45:58PM +0200, Simon Josefsson wrote:
Marco Nenciarini mnen...@debian.org writes:
I've seen recently several company I'm working with getting away from
Debian in favor of Ubuntu because they have a LTS version. However I
don't know if this is a general trend.
I
Am Freitag, den 12.10.2012, 10:04 +0800 schrieb Paul Wise:
On Fri, Oct 12, 2012 at 5:35 AM, Benjamin Drung wrote:
A poll is a good idea. Can you recommend a site that allows setting up a
poll?
The Debian secretary was at one point going to setup devotee for this
sort of thing, don't
On Thu, Oct 11, 2012 at 7:38 PM, Christoph Anton Mitterer
cales...@scientia.net wrote:
algo,... not to mention that newer algos like Keccack are quite fast.
I wonder if it is really a good idea to search for a security checksum
based on the metric that it can be quickly calculated … but
On 12/10/12 12:10, David Kalnischkies wrote:
I wonder if it is really a good idea to search for a security checksum
based on the metric that it can be quickly calculated … but off-topic.
It depends what you're using it for: security is not magic pixie dust. A
hashing algorithm that is faster
Hi Paul.
On Fri, 2012-10-12 at 10:09 +0800, Paul Wise wrote:
I further looked around:
e.g. the Release file seems to only use MD5 not so good :(
Wrong, the Release file has had all 3 since sarge. woody had MD5 SHA-1.
Then what's this:
ftp://ftp.de.debian.org/debian/dists/sid/Release
On Fri, 2012-10-12 at 09:17 +0200, Bernhard R. Link wrote:
There is a disadvantage of having longer hashsums, thus making it harder
for people to compare. The only reason that for those md5 is optimal and
not crc32 is that there is only one md5 and there is a nice always
available tool to
On Fri, 2012-10-12 at 13:49 +0200, Christoph Anton Mitterer wrote:
Then what's this:
ftp://ftp.de.debian.org/debian/dists/sid/Release
Ah... my bad... the file is simply truncated at some point... but I
guess this most be a local error.
On Fri, 2012-10-12 at 08:26 +0100, Adam D. Barratt
On 12.10.2012 12:49, Christoph Anton Mitterer wrote:
On Fri, 2012-10-12 at 10:09 +0800, Paul Wise wrote:
I further looked around:
e.g. the Release file seems to only use MD5 not so good :(
Wrong, the Release file has had all 3 since sarge. woody had MD5
SHA-1.
Then what's this:
Hi,
On Fri, 12 Oct 2012 12:06:11 +0200
Benjamin Drung bdr...@debian.org wrote:
I have setup a poll for it:
https://dudle.inf.tu-dresden.de/Popularity_of_bzr-builddeb_and_dh-make/
Thanks! :) voted.
My opinion is as BTSed,
- dh-make is still usable for 1st step. Maybe experienced/skilled
Am Freitag, den 12.10.2012, 21:13 +0900 schrieb Hideki Yamane:
- bzr-builddeb is, well, it seems that is useful in UDD (Ubuntu Distributed
Development, as Ubuntu packaging guide says) way, but now it heavily
relies on Launchpad in my point of view.
How does bzr-builddeb depend on
On Fri, Oct 12, 2012 at 12:06:11PM +0200, Benjamin Drung wrote:
Thanks.
I have setup a poll for it:
https://dudle.inf.tu-dresden.de/Popularity_of_bzr-builddeb_and_dh-make/
I voted, thanks!
Cheers,
Adrian
signature.asc
Description: Digital signature
Hello!
Игорь Пашев has written on Friday, 12 October, at 12:29:
dh-make should be deprecated :-)
I don't agree with that. dh-make is very useful in some cases. And I have
created a lot of own packages already, some of them without dh-make but I
know good sides of it.
Andriy.
--
To
On 12 October 2012 13:03, Adam D. Barratt a...@adam-barratt.org.uk wrote:
I'm struggling to see what point you believe you're making here.
The point he was trying to make that he either caught a mirror during
update, or his connection was flaky, as he didn't fetch the complete
file, nor verify
On Fri, 2012-10-12 at 21:13 +0900, Hideki Yamane wrote:
On Fri, 12 Oct 2012 12:06:11 +0200
Benjamin Drung bdr...@debian.org wrote:
I have setup a poll for it:
https://dudle.inf.tu-dresden.de/Popularity_of_bzr-builddeb_and_dh-make/
Thanks! :) voted.
My opinion is as BTSed,
-
On Fri, 12 Oct 2012 14:22:06 +0200
Benjamin Drung bdr...@debian.org wrote:
How does bzr-builddeb depend on Launchpad? bzr is integrated into
Launchpad, but you can use bzr without Launchpad as every other DVCS.
Just because I don't imagine use bzr without LP ;)
Yes, it can be used as you've
On Fri, 2012-10-12 at 21:40 +0900, Hideki Yamane wrote:
On Fri, 12 Oct 2012 14:22:06 +0200
Benjamin Drung bdr...@debian.org wrote:
How does bzr-builddeb depend on Launchpad? bzr is integrated into
Launchpad, but you can use bzr without Launchpad as every other DVCS.
Just because I don't
On Fri, Oct 12, 2012 at 7:49 PM, Christoph Anton Mitterer
cales...@scientia.net wrote:
Then what's this:
ftp://ftp.de.debian.org/debian/dists/sid/Release
Sounds like you have a person in the middle hacking your network (or a
browser bug), it works for me:
pabs@chianamo ~ $ GET
On Fri, 12 Oct 2012 14:46:41 +0200
Jelmer Vernooij jel...@debian.org wrote:
The workflow doesn't have to involve Launchpad either - I'm not using
Launchpad at all for my Debian packages. Just because the majority of
Bazaar users host their branches on Launchpad, doesn't mean that a
Bazaar
On 12 October 2012 13:52, Hideki Yamane henr...@debian.or.jp wrote:
On Fri, 12 Oct 2012 14:46:41 +0200
Jelmer Vernooij jel...@debian.org wrote:
The workflow doesn't have to involve Launchpad either - I'm not using
Launchpad at all for my Debian packages. Just because the majority of
Bazaar
Craig Small csm...@debian.org writes:
debhelper has gotten smarter with every release and gradually what
dh-make has had to do is getting reduced. I'm not sure we're at the
point of removing dh-make (it's an open question; I'm really not sure)
but perhaps we will be there one day. As it was
On Friday, October 12, 2012 05:10:12 David Kalnischkies wrote:
On Thu, Oct 11, 2012 at 7:38 PM, Christoph Anton Mitterer
cales...@scientia.net wrote:
algo,... not to mention that newer algos like Keccack are quite fast.
I wonder if it is really a good idea to search for a security
Le Fri, Oct 12, 2012 at 12:06:11PM +0200, Benjamin Drung a écrit :
Am Freitag, den 12.10.2012, 10:04 +0800 schrieb Paul Wise:
https://dudle.inf.tu-dresden.de/Popularity_of_bzr-builddeb_and_dh-make/
The poll will be closed in one week (if enough votes are collected).
Hello everybody,
if
On 11/10/12 at 18:44 +0900, Charles Plessy wrote:
Le Thu, Oct 11, 2012 at 05:50:51AM +, Bart Martens a écrit :
| Anyone can mark a package as orphaned after the following steps have
been
| completed : Someone submits an intent to orphan (ITO) in the bts
with an
|
On 11/10/12 at 10:21 +0200, Gergely Nagy wrote:
Lucas Nussbaum lu...@lucas-nussbaum.net writes:
On 11/10/12 at 05:50 +, Bart Martens wrote:
| Anyone can mark a package as orphaned after the following steps have
been
| completed : Someone submits an intent to orphan (ITO) in
On 11/10/12 at 11:27 +0200, Arno Töll wrote:
Hi,
On 11.10.2012 07:50, Bart Martens wrote:
- the submitter of the intent to orphan bug must Cc
debian...@lists.debian.org, and file the bug with severity:serious (this
was part of the criterias proposal).
| Anyone can mark a
On 11/10/12 at 22:18 +, Sam Hartman wrote:
For myself, I'd feel a lot more comfortable with DDs seconding than DMs
seconding.
In my mind, when you sign up to be a DM, you're signing up to do a good
job of maintaining one or more packages.
In my mind a part of the additional
On Fri, Oct 12, 2012 at 09:05:01AM -0600, Wesley J. Landaker wrote:
On Friday, October 12, 2012 05:10:12 David Kalnischkies wrote:
On Thu, Oct 11, 2012 at 7:38 PM, Christoph Anton Mitterer
cales...@scientia.net wrote:
algo,... not to mention that newer algos like Keccack are quite fast.
On Thu, 2012-10-11 at 21:45 +0200, Simon Josefsson wrote:
IMHO, supporting an OS release for only 3 years is not long enough.
I think that such very-long-term security support is quite an illusion.
Of course, problems found get then back-ported,... but software changes
so rapidly while usually
Hey Paul.
On Fri, 2012-10-12 at 20:48 +0800, Paul Wise wrote:
Sounds like you have a person in the middle hacking your network (or a
browser bug), it works for me:
*g* guess I somehow deserved that ;) ... and not even SHA-3 would have
protected me from not verifying against Release.asc ^^
On Thu, 2012-10-11 at 13:40 +0200, Stefano Zacchiroli wrote:
I wonder: did upstream developers start to worry when the number of bugs
report they received *directly* started to decrease, due to Debian
distributing their software?
Well but that's a different situation isn't it? I mean Debian
On Fri, 2012-10-12 at 13:10 +0200, David Kalnischkies wrote:
Oh, and there is Description-md5. I can't imagine a scenario in which it
would be useful to change the English description of a package for an attack
(which you want to hide by displaying the translations of the not modified
version)
On Fri, Oct 12, 2012 at 4:31 PM, Christoph Anton Mitterer wrote:
But it's a general security paradigm, that one shouldn't just focus on
the attack vectors one can think of... but rather trying to secure
everything ;)
Which is impossible, or at least man-powerwise insurmountable. There
are
On Fri, 2012-10-12 at 16:37 -0400, Michael Gilbert wrote:
Which is impossible, or at least man-powerwise insurmountable. There
are something like 500 million lines of code in a Debian release.
I wasn't talking about such an impossible task,... but there speaks
nothing against relatively easy
On Fri, Oct 12, 2012 at 4:45 PM, Christoph Anton Mitterer wrote:
On Fri, 2012-10-12 at 16:37 -0400, Michael Gilbert wrote:
Which is impossible, or at least man-powerwise insurmountable. There
are something like 500 million lines of code in a Debian release.
I wasn't talking about such an
Le Fri, Oct 12, 2012 at 11:47:30AM +0300, Riku Voipio a écrit :
While people want LTS, they still want latest version of various apps
they use (browser, new gcc and python for some inhouse development, etc),
as well as support for all the new hardware they buy. Solving these two
goals at the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 12 Oct 2012 10:47:11 +0200
Source: python-apt
Binary: python-apt python-apt-doc python-apt-dbg python-apt-dev
python-apt-common python3-apt python3-apt-dbg
Architecture: source amd64 all
Version: 0.8.8
Distribution: unstable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 12 Oct 2012 10:57:13 +0200
Source: pymecavideo
Binary: python-mecavideo
Architecture: source all
Version: 6.0-6
Distribution: unstable
Urgency: low
Maintainer: Georges Khaznadar georg...@ofset.org
Changed-By: Georges Khaznadar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 12 Oct 2012 09:44:26 +0100
Source: darkplaces
Binary: darkplaces darkplaces-server darkplaces-dbg
Architecture: source amd64
Version: 0~20110628+svn11619-3
Distribution: unstable
Urgency: low
Maintainer: Debian Games Team
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 12 Oct 2012 11:35:41 +0200
Source: mcrl2
Binary: mcrl2
Architecture: source amd64
Version: 201210.0-1
Distribution: unstable
Urgency: low
Maintainer: Jeroen Keiren jkei...@win.tue.nl
Changed-By: Paul van Tilburg
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 12 Oct 2012 00:19:41 +0200
Source: gcc-4.6
Binary: gcc-4.6-base gcc-4.6 gcc-4.6-multilib gcc-4.6-plugin-dev gcc-4.6-hppa64
gcc-4.6-spu g++-4.6-spu gfortran-4.6-spu cpp-4.6 gcc-4.6-locales g++-4.6
g++-4.6-multilib
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 12 Oct 2012 12:11:39 +0200
Source: acpi-support
Binary: acpi-support acpi-support-base acpi-fakekey
Architecture: source all amd64
Version: 0.141-1
Distribution: unstable
Urgency: low
Maintainer: Debian Acpi Team
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 12 Oct 2012 13:50:58 +0200
Source: similarity-tester
Binary: similarity-tester
Architecture: source amd64
Version: 2.69-1
Distribution: unstable
Urgency: low
Maintainer: Michael Meskes mes...@debian.org
Changed-By: Michael
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 12 Oct 2012 14:19:41 +0200
Source: flashgot
Binary: xul-ext-flashgot
Architecture: source all
Version: 1.4.8.3+dfsg-1
Distribution: unstable
Urgency: low
Maintainer: Debian Mozilla Extension Maintainers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 12 Oct 2012 13:29:48 +0200
Source: rygel
Binary: rygel rygel-dbg rygel-1.0-dev librygel-core-1.0-0 librygel-server-1.0-0
librygel-renderer-1.0-0 rygel-mediathek rygel-tracker rygel-gst-renderer
rygel-playbin rygel-gst-launch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 12 Oct 2012 14:31:20 +0200
Source: fglrx-driver
Binary: fglrx-driver libfglrx libfglrx-amdxvba1 libxvbaw-dev libgl1-fglrx-glx
fglrx-glx fglrx-glx-ia32 libfglrx-ia32 fglrx-modules-dkms fglrx-source
fglrx-control
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 12 Oct 2012 08:46:48 -0400
Source: liburcu
Binary: liburcu-dev liburcu1
Architecture: source amd64
Version: 0.7.5-1
Distribution: unstable
Urgency: low
Maintainer: Jon Bernard jbern...@debian.org
Changed-By: Jon Bernard
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Thu, 11 Oct 2012 21:24:38 +0200
Source: libkdtree++
Binary: libkdtree++-dev
Architecture: source all
Version: 0.7.0-2
Distribution: unstable
Urgency: low
Maintainer: Sebastian Ramacher s.ramac...@gmx.at
Changed-By: Sebastian
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 26 Sep 2012 21:11:09 +0800
Source: spice-protocol
Binary: libspice-protocol-dev
Architecture: source all
Version: 0.12.2-1
Distribution: experimental
Urgency: low
Maintainer: Liang Guo guoli...@debian.org
Changed-By: Liang Guo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 12 Oct 2012 14:16:11 +0530
Source: sysprof
Binary: sysprof
Architecture: source amd64
Version: 1.2.0-2
Distribution: experimental
Urgency: low
Maintainer: Ritesh Raj Sarraf r...@debian.org
Changed-By: Ritesh Raj Sarraf
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 12 Oct 2012 17:13:27 +0200
Source: gnome-system-log
Binary: gnome-system-log
Architecture: source amd64
Version: 3.4.1-2
Distribution: unstable
Urgency: low
Maintainer: Debian GNOME Maintainers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 12 Oct 2012 15:14:28 +
Source: freetds
Binary: freetds-common libct4 freetds-bin tdsodbc libsybdb5 freetds-dev
Architecture: source all amd64
Version: 0.91-2
Distribution: unstable
Urgency: low
Maintainer: Steve Langasek
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 12 Oct 2012 18:23:50 +0200
Source: libtexttools
Binary: libtexttools3-dev libtexttools5 libtexttools-dbg libtexttools-doc
Architecture: source amd64 all
Version: 2.1.0-2
Distribution: unstable
Urgency: low
Maintainer: Nicolas
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 12 Oct 2012 12:55:40 -0500
Source: boot
Binary: r-cran-boot
Architecture: source all
Version: 1.3-7-1
Distribution: unstable
Urgency: low
Maintainer: Dirk Eddelbuettel e...@debian.org
Changed-By: Dirk Eddelbuettel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 12 Oct 2012 13:45:21 -0400
Source: git-annex
Binary: git-annex
Architecture: source i386
Version: 3.20121010
Distribution: unstable
Urgency: low
Maintainer: Joey Hess jo...@debian.org
Changed-By: Joey Hess jo...@debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 12 Oct 2012 18:52:41 +0200
Source: wims
Binary: wims wims-modules wims-java-applets flydraw
Architecture: source amd64 all
Version: 4.04-3
Distribution: unstable
Urgency: low
Maintainer: Georges Khaznadar georg...@ofset.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 12 Oct 2012 20:38:07 +
Source: grok
Binary: grok libgrok1 libgrok-dev grok-dbg
Architecture: source kfreebsd-amd64
Version: 1.20110708.1-3
Distribution: unstable
Urgency: low
Maintainer: Stig Sandbeck Mathisen
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Thu, 11 Oct 2012 18:15:43 +0200
Source: theseus
Binary: theseus
Architecture: source amd64
Version: 2.0.1-1
Distribution: experimental
Urgency: low
Maintainer: Debian Med Packaging Team
debian-med-packag...@lists.alioth.debian.org
64 matches
Mail list logo
