Re: Dreamhost dumps Debian

On Tue, Aug 27, 2013 at 11:51:40PM +0200, Moritz Mühlenhoff wrote: > Steve Langasek schrieb: > > I understand the > > motivation (like everyone else they have more to do than they have time to > > do it in), but I think the outcome, whereby the security team denies use of > > the security update c

Bug#721098: ITP: python-pypump -- an interface to the pump.io APIs

Package: wnpp Severity: wishlist Owner: "Simon Fondrie-Teitler" * Package name: python-pypump Version : 0.3 Upstream Author : Jessica Tallon * URL : https://github.com/xray7224/PyPump * License : GPL-3 Programming Lang: Python Description : an interfac

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

Michael Meskes schrieb: > Which brings up the interesting question how it works for stable now. How > often > do bigs get fixed by the security team and how often by maintainers > themselves? No hard numbers, but I'd suppose half and half (i.e. cases, where the maintainer prepared the update, w

Re: Dreamhost dumps Debian

Steve Langasek schrieb: > I understand the > motivation (like everyone else they have more to do than they have time to > do it in), but I think the outcome, whereby the security team denies use of > the security update channel for non-"critical" security bugs and redirects > maintainers to stable

Re: Dreamhost dumps Debian

Russ Allbery schrieb: > Pau Garcia i Quiles writes: >> On Tue, Aug 20, 2013 at 8:25 PM, Russ Allbery wrote: > >>> My experience is that I can just barely manage to convince upstreams to >>> look over my backports of security patches to packages in oldstable > >> What makes you think Ubuntu, Red

Bug#721086: ITP: minetest-mod-plantlife -- Minetest mod - Plantlife

Package: wnpp Severity: wishlist Owner: Dominik George -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 * Package name: minetest-mod-plantlife Upstream Author : Vanessa Ezetowski * License : WTFPL, CC-BY-SA-2.0+ Programming Lang: Lua Description : Minetest mod - Plantlife

Re: Dreamhost dumps Debian

Excerpts from Kevin Chadwick's message of 2013-08-27 11:45:34 -0700: > > > Large hosting companies not having made their scripts etc. good enough > > > to ride out upgrades well should have nothing to do with any decision. > > > > I don't think the problem here is with "Large hosting companies n

Re: Dreamhost dumps Debian

Clint Byrum writes: > Perhaps you missed the blog post [1] details? > "About ten months ago, we realized that the next installation of Debian > was upcoming, and after upgrading about 20,000 machines since Debian 6 > (aka Squeeze) was released, we got pretty tired." > Even if the script is _PER

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On Tue, Aug 27, 2013 at 7:18 PM, Russ Allbery wrote: > IMHO the Security Team should not act as fixers themselves but more as > > proxies, passing information about a security issue to the maintainer of > > the package. > > And what happens then if the maintainer doesn't respond? > > Then, and on

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

Le 27 août 2013 19:32, "Ian Jackson" a écrit : > > Russ Allbery writes ("Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)"): > > If we're going to offer meaningful security support, we have to have a > > bug-fixer of last resort, and that's the party most

Re: Custom Reload command/signal in upstart

> In that light the memory saving trade off for security and practicality > actually makes sense as you could save lots and lots of resources on a > massive server or server farm running hundreds or thousands of server > systems per machine etc.. Unless someone conjures up a targeted attack (pleas

Re: Custom Reload command/signal in upstart

> Like much of systemd it may seem impressive at first on the face of it > but actually holds little value or doing what are already optional > functions and has not been thought through or come from any great > experience. It has since occured to me that it was alleged on the Gentoo list that the

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

> Alternately, we could be far more aggressive about removing packages from > oldstable, I suppose, but I don't think that's a good idea; that just > leaves our users with exactly the sorts of choices that we're trying to > avoid. I think it's much cleaner and better for our users to offer full >

Re: Dreamhost dumps Debian

> > Large hosting companies not having made their scripts etc. good enough > > to ride out upgrades well should have nothing to do with any decision. > > I don't think the problem here is with "Large hosting companies not > having made their scripts etc. good enough". I don't think it has > anyt

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

Russ Allbery writes ("Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)"): > If we're going to offer meaningful security support, we have to have a > bug-fixer of last resort, and that's the party most stressed by extending > security support. Particularl

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

Pau Garcia i Quiles writes: > IMHO the Security Team should not act as fixers themselves but more as > proxies, passing information about a security issue to the maintainer of > the package. And what happens then if the maintainer doesn't respond? If we're going to offer meaningful security sup

Bug#721073: ITP: minetest-mod-pipeworks -- Minetest mod - Pipeworks

Package: wnpp Severity: wishlist Owner: Dominik George -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 * Package name: minetest-mod-pipeworks Version : 0~20130827+git59362e3d20 Upstream Author : Vanessa Ezekowitz * License : WTFPL Programming Lang: Lua Description

Bug#697477: ITP: ostree -- Linux-based operating system develop/build/deploy tool

Package: wnpp Followup-For: Bug #697477 Owner: telemaco You can get more information about ostree here: http://www.superlectures.com/guadec2013/news-from-the-gnome-ostree-project -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contac

Re: Alioth.debian.org now exports project meta-data as RDF (using DOAP/ADMS.SW)

Hi. Just a quick update on this. Olivier Berger writes: > Hi. > > Since last week or so, and thanks to Lo-lan-do's work, we now publish > RDF descriptions of every Alioth (950+) projects. > > See my proposed Debian devel's news bit at : > http://wiki.debian.org/DeveloperNews#Alioth.debian.org_n

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On 27/08/13 14:32, Pau Garcia i Quiles wrote: > What do you do with the 1 year of support Debian currently gives to > oldstable? It's also 1 year you stopped using that version, so no > technical challenge either. There does need to be some amount of overlap, because people can't necessarily upgra

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On 08/27/2013 02:28 PM, Michael Meskes wrote: > Which brings up the interesting question how it works for stable now. How > often > do bigs get fixed by the security team and how often by maintainers > themselves? > How much work is this for the security team? Yes, I know, the older the > softwar

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On 08/27/2013 12:41 PM, Ben Hutchings wrote: > It's hard enough to get maintainers to fix bugs in current stable > (backporting can be difficult, and some just don't care), let alone > another 3 years of LTS. > > Ben. I agree with what you wrote above Ben. Though that is not in a direct relation

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On Tue, Aug 27, 2013 at 12:03 PM, Lars Wirzenius wrote: On Tue, Aug 27, 2013 at 11:53:47AM +0200, Pau Garcia i Quiles wrote: > > But I'd like to stress we need *all* developers to be involved fix bugs > > (esp. security) in their packages in all the supported releases, not only > > in current-sta

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On 08/27/2013 11:53 AM, Pau Garcia i Quiles wrote: > > On Tue, Aug 27, 2013 at 10:56 AM, Michael Meskes > wrote: > > > > Guys, if you want it to happen, raise your hands *now* like > Gustavo did. > > Otherwise, please everyone: let this thread die and neve

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On Tue, Aug 27, 2013 at 2:09 PM, Neil McGovern wrote: Indeed. Look at the security team for example. In theory, if all > maintainers cared enough about the older packages, we woudn't need the > level of people we currently do. > IMHO the Security Team should not act as fixers themselves but more

Re: DebianBootstrap supported in which Debian suites?

On Tue, 27 Aug 2013 12:07:50 +, Thorsten Glaser wrote: > I’d also love to see Test-Depends for source packages, so that you can > build them with “nocheck” set without having those installed. (BSD ports > have this as ${REGRESS_DEPENDS}.) The perl tools also distinguish between build and test

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On Tue, Aug 27, 2013 at 11:41:58AM +0100, Ben Hutchings wrote: > The challenge was: who is willing to do the work. Your answer is: me, > but only everyone else helps. > > That doesn't answer the challenge at all. Agreed. > It's hard enough to get maintainers to fix bugs in current stable > (bac

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On Tue, Aug 27, 2013 at 11:41:58AM +0100, Ben Hutchings wrote: > The challenge was: who is willing to do the work. Your answer is: me, > but only everyone else helps. > > That doesn't answer the challenge at all. > > It's hard enough to get maintainers to fix bugs in current stable > (backportin

Re: DebianBootstrap supported in which Debian suites?

Jonas Smedegaard jones.dk> writes: > What I will do for now is to just add those extra build-dependencies and > add a note to README.source which build-dependencies can be manually > dropped in a custom bootstrap build. I realize how painful it is for For “unimportant” packages, that is, one

Re: Custom Reload command/signal in upstart

> On Aug 23, 2013, at 8:45 PM, James McCoy wrote: > > > >> On Fri, Aug 23, 2013 at 04:42:15PM -0400, John Paul Adrian Glaubitz wrote: > >> Imagine there is a vulnerability in SSH which has not been fixed > >> yet for whatever reason. Having SSH run in this situation all the > >> time would make t

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On Tue, 2013-08-27 at 11:53 +0200, Pau Garcia i Quiles wrote: > > On Tue, Aug 27, 2013 at 10:56 AM, Michael Meskes > wrote: > > > Guys, if you want it to happen, raise your hands *now* like > Gustavo did. > > Otherwise, please everyone: let this thread die and never >

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On Tue, Aug 27, 2013 at 11:53:47AM +0200, Pau Garcia i Quiles wrote: > But I'd like to stress we need *all* developers to be involved fix bugs > (esp. security) in their packages in all the supported releases, not only > in current-stable. I am afraid I am not on board for this. I do not agree wit

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On Tue, Aug 27, 2013 at 10:56 AM, Michael Meskes wrote: > > Guys, if you want it to happen, raise your hands *now* like Gustavo did. > > Otherwise, please everyone: let this thread die and never raise the > > topic again in this list. > > Raising my hand here ... > One more hand. But I'd like

Re: Longer maintainance for (former) stable releases of Debian (Re: Dreamhost dumps Debian)

On Tue, Aug 27, 2013 at 02:11:56AM +0200, Thomas Goirand wrote: > Guys, if you want it to happen, raise your hands *now* like Gustavo did. > Otherwise, please everyone: let this thread die and never raise the > topic again in this list. Raising my hand here ... Michael -- Michael Meskes Michael

Re: asking for advice: all dependencies incl. version numbers

Hi, Quoting FARKAS, Illes (2013-08-27 10:17:47) > According to the developer info page of the package (http:// > packages.qa.debian.org/0/0ad.html) there have been also previous versions of > the package "0ad", for example, versions "0.0.12" and "0.0.11". I would be > curious to know too the list

Re: Debian running on handhelds (or for terminals)

On Mon, 26 Aug 2013 12:34:44 +0200 patrick295767 patrick295767 wrote: > Hello, > > I wonder what's Debian position in regards to installations on > Handhelds. Mostly already been handed over to Android on tablets, without so much as a whimper. IMHO there's nowhere to go with mass market handhel

Re: asking for advice: all dependencies incl. version numbers

2013/8/23 Joachim Breitner > Dear Illes, > > Am Donnerstag, den 22.08.2013, 17:47 +0200 schrieb FARKAS, Illes: > > > This is a researcher asking for advice. > > > > I'd like to download/parse for each version of each debian package > > which other package versions it depends on. > > > > Do you th