Accepted tuxpaint-config 0.0.13-2 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 22 Jan 2017 01:48:06 +0200 Source: tuxpaint-config Binary: tuxpaint-config Architecture: source Version: 0.0.13-2 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By:

Accepted smstools 3.1.15-2 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 22 Jan 2017 01:39:26 +0200 Source: smstools Binary: smstools Architecture: source Version: 3.1.15-2 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Adrian B

Accepted snappea 3.0d3-24 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 20 Jan 2017 23:10:45 +0200 Source: snappea Binary: snappea snappea-dev Architecture: source Version: 3.0d3-24 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Adria

Accepted maelstrom 1.4.3-L3.0.6+main-8 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 20 Jan 2017 23:38:49 +0200 Source: maelstrom Binary: maelstrom Architecture: source Version: 1.4.3-L3.0.6+main-8 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By:

Accepted tuxpaint 1:0.9.22-3 (source) into unstable

<packa...@qa.debian.org> Changed-By: Adrian Bunk <b...@debian.org> Description: tuxpaint - Paint program for young children tuxpaint-data - Data files for Tux Paint, a paint program for children tuxpaint-dev - Development files for Tux Paint tuxpaint-plugins-default - Magic tool plu

Accepted transfermii 1:0.6.1-3 (source) into unstable

hanged-By: Adrian Bunk <b...@debian.org> Description: transfermii - transfer your mii from and to your wiimotes transfermii-gui - transfer your mii from and to your wiimotes -- GUI Closes: 557852 557853 Changes: transfermii (1:0.6.1-3) unstable; urgency=medium . * QA upload. * Se

Accepted xmldiff 0.6.10-3 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 25 Jan 2017 21:25:02 +0200 Source: xmldiff Binary: xmldiff xmldiff-xmlrev Architecture: source Version: 0.6.10-3 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By:

Accepted kstars-data-extra-tycho2 1.1r1-9.1 (source all) into unstable

env...@rolamasao.org> Changed-By: Adrian Bunk <b...@debian.org> Description: kstars-data-extra-tycho2 - Tycho-2 star catalog for KStars Closes: 757490 854008 Changes: kstars-data-extra-tycho2 (1.1r1-9.1) unstable; urgency=medium . * Non-maintainer upload. * Move data file to /usr/share/

Accepted ekg 1:1.9~pre+r2855-5 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 23 Feb 2017 16:37:45 +0200 Source: ekg Binary: ekg ekg-gtk Architecture: source Version: 1:1.9~pre+r2855-5 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Adrian B

Accepted transcalc 0.14-6 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 22 Jan 2017 15:08:05 +0200 Source: transcalc Binary: transcalc Architecture: source Version: 0.14-6 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Adrian B

Accepted cvsps 2.1-8 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 19 Jan 2017 11:54:45 +0200 Source: cvsps Binary: cvsps Architecture: source Version: 2.1-8 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Adrian Bunk <b...@d

Re: [RFC] The PIE unholy mess

On Wed, Jan 18, 2017 at 04:34:24AM +0100, Guillem Jover wrote: >... > At about the same time this was being considered, I realized that dpkg > could enable this "safely" by using gcc specs files. But this is in > any case also required to be able to disable PIE when it is implicitly > enabled by

Accepted fauhdlc 20130704-1.1 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 17 Jan 2017 17:35:42 +0200 Source: fauhdlc Binary: fauhdlc libfauhdli-dev Architecture: source Version: 20130704-1.1 Distribution: unstable Urgency: medium Maintainer: FAUmachine Team <faumach...@potyra.de> Changed-By:

Accepted util-vserver 0.30.216-pre3120-1.4 (source) into unstable

hanged-By: Adrian Bunk <b...@debian.org> Description: util-vserver - user-space tools for Linux-VServer virtual private servers Closes: 770362 850765 Changes: util-vserver (0.30.216-pre3120-1.4) unstable; urgency=medium . * Non-maintainer upload. * Fix postrm failure introduced in

Accepted sdb 1.2-1.1 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 16 Jan 2017 01:14:02 +0200 Source: sdb Binary: sdb Architecture: source Version: 1.2-1.1 Distribution: unstable Urgency: medium Maintainer: Jo Shields <direct...@apebox.org> Changed-By: Adrian Bunk <b...@d

Accepted ocrad 0.25-2 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 17 Jan 2017 19:36:35 +0200 Source: ocrad Binary: ocrad libocrad-dev Architecture: source Version: 0.25-2 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Adrian B

no-strong-digests-in-dsc MBF

Hi, I want to do a MBF for all packages without a SHA256 checksum field in the .dsc [1] - only SHA1 as hash would not be good in stretch. This is quite easy to fix in a package - all that is required is a sourceful upload (but a binNMU would not be sufficient). The steps will be: 1. QA

Accepted integrit 4.1-1.1 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 18 Jan 2017 16:50:19 +0200 Source: integrit Binary: integrit Architecture: source Version: 4.1-1.1 Distribution: unstable Urgency: medium Maintainer: Gerrit Pape <p...@smarden.org> Changed-By: Adrian Bunk <b...@d

Accepted openhpi 3.6.1-2.1 (source) into unstable

: 3.6.1-2.1 Distribution: unstable Urgency: medium Maintainer: Bryan Sutula <bryan.sut...@hpe.com> Changed-By: Adrian Bunk <b...@debian.org> Description: libopenhpi-dev - OpenHPI libraries (development files) libopenhpi3 - OpenHPI libraries (runtime and support files) libopenhpi3-db

Accepted vmtk 1.3+dfsg-2.1 (source) into unstable

nce-maintain...@lists.alioth.debian.org> Changed-By: Adrian Bunk <b...@debian.org> Description: libvmtk-dev - shared links and header files for vmtk libvmtk1.3 - runtime libraries for vmtk python-vmtk - Python interface for vmtk vmtk - the Vascular Modeling Toolkit Closes: 850026 Changes

Accepted emacspeak-ss 1.12.1-6 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 19 Jan 2017 15:43:43 +0200 Source: emacspeak-ss Binary: emacspeak-ss Architecture: source Version: 1.12.1-6 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Adrian B

Accepted irda-utils 0.9.18-15 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 20 Jan 2017 17:42:40 +0200 Source: irda-utils Binary: irda-utils Architecture: source Version: 0.9.18-15 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Adrian B

Accepted tpb 0.6.4-11 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 20 Jan 2017 18:02:20 +0200 Source: tpb Binary: tpb Architecture: source Version: 0.6.4-11 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Adrian Bunk <b...@d

Accepted vbrfix 0.24+dfsg-1 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 26 Feb 2017 13:07:11 +0200 Source: vbrfix Binary: vbrfix Architecture: source Version: 0.24+dfsg-1 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Adrian B

Accepted inotify-tools 3.14-2 (source) into unstable

cka...@qa.debian.org> Changed-By: Adrian Bunk <b...@debian.org> Description: inotify-tools - command-line programs providing a simple interface to inotify libinotifytools0 - utility wrapper around inotify libinotifytools0-dev - Development library and header files for libinotifytools0 Cl

Accepted libprelude 1.0.0-11.9 (source amd64) into unstable, unstable

: Pierre Chifflier <pol...@debian.org> Changed-By: Adrian Bunk <b...@debian.org> Description: libprelude-dev - Security Information Management System [ Development files ] libprelude-perl - Security Information Management System [ Base library ] libprelude2 - Security Information Manag

Re: Bug#835533: dasher: Please package Dasher 5.0 beta

On Thu, Oct 06, 2016 at 02:46:44AM -0400, Scott Kitterman wrote: >... > As frustrating as occasional removal/reintroduction cycles are, they are rare > enough that despite the frustration when they occur it's really not worth the > effort it would take to avoid them completely. This assumes

Re: Bug#835533: dasher: Please package Dasher 5.0 beta

(Cc-ing ftpmaster, debian-devel) On Tue, Oct 04, 2016 at 07:05:09PM +0200, Emilio Pozuelo Monfort wrote: > (Cc-ing debian-a11y) > > Hi, Hi Emilio, > On 30/09/16 13:03, Andreas Henriksson wrote: > > While the patch would solve the RC bug and get dasher back into > > testing, I'm hesitant to

Re: Bug#835533: dasher: Please package Dasher 5.0 beta

On Thu, Oct 06, 2016 at 02:46:46PM -0400, Scott Kitterman wrote: > > > On October 6, 2016 8:51:59 AM EDT, Adrian Bunk <b...@stusta.de> wrote: > >On Thu, Oct 06, 2016 at 02:46:44AM -0400, Scott Kitterman wrote: > >>... > >> As frustrating as o

Re: Debian does not have customers

On Wed, Sep 21, 2016 at 10:56:10AM -0700, Russ Allbery wrote: >... > If no one is ever going to look at the bug again, just close it. It feels > more confrontational, but it's far more honest, and it doesn't create > unrealistic expectations. >... "no one is ever going to look at the bug again"

Re: Network access during build

On Wed, Sep 07, 2016 at 09:26:37AM -0700, Russ Allbery wrote: >... > Full disclosure: several of my packages in the archive have similar tests. > Those tests are part of the upstream test suite for the getaddrinfo and > getnameinfo replacement functions for OSes that are too old to have them. >

Re: Debian does not have customers

On Wed, Sep 21, 2016 at 12:50:41PM -0700, Russ Allbery wrote: >... > But still, despite all of those caveats, I do think there are a few things > that are fairly clear-cut. If the package has 3,000 open bugs, just close > out the unactionable reports in some polite and constructive way. At that

Re: Planned NMU of w3-recs would use much archive disk space

On Thu, Oct 27, 2016 at 08:41:12AM -0200, Henrique de Moraes Holschuh wrote: >... > That said, Thaddeus, if you do go ahead with the upload please check if > you can minimize that size somehow, even just a 10% drop in size would > already be worth the work it took for something big like this. >...

Re: Intended MBF: maintainer scripts not starting on #!

On Fri, Nov 04, 2016 at 09:22:02PM +0100, Ralf Treinen wrote: > Hi, Hi Ralf, > in the Colis project (which aims at analyzing maintainer scripts) we > found 39 maintainer scripts in stable which do not start on #!. The > list is attached. Policy 6.1 says about maintainer scripts: > > if they

Re: unattended-upgrades by default?

On Thu, Nov 03, 2016 at 06:47:28PM +, Steve McIntyre wrote: >... > * it will be a different experience compared to what people will get >when installing Debian normally, using d-i / debootstrap. Most >(all?) of our desktop environments already have some automatic >notification of

Re: libc recently more aggressive about pthread locks in stable ?

On Sun, Nov 06, 2016 at 05:41:34PM -0200, Henrique de Moraes Holschuh wrote: > On Sun, 06 Nov 2016, Ben Hutchings wrote: > > It's worth noting that TSX is broken in 'Haswell' processors and is > > supposed to be disabled via a microcode update. I don't know whether > > glibc avoids using it on

Re: Road to Stretch: let's stop increasing major version number in critical libraries at this point

On Sat, Nov 05, 2016 at 11:14:02AM +0100, Thomas Goirand wrote: > Hi, Hi Thomas, >... > Finally, with the above examples as illustration (and please, these > aren't attacks in any way...), I guess what I'm trying to say here is: > > While disruptive changes are necessary evils so we upgrade

Re: Bug#842796: libc recently more aggressive about pthread locks in stable ?

On Sun, Nov 06, 2016 at 08:04:39AM +0100, Petter Reinholdtsen wrote: > [Henrique de Moraes Holschuh] > > And what should we do about Debian stretch, then? > > I believe a good start would be to add an assert() in a test version of > glibc and then run all the autopkgtest scripts on the packages

Re: What to do when a maintainer is blocking maintenance for stretch?

On Wed, Nov 09, 2016 at 06:45:43PM +, Mattia Rizzolo wrote: >... > Also, a personal pledge to everybody who's reading this: please don't > attach yourself to your packages like mussels on a rock. If you realize > (or somebody else is making you realize) that you're doing a bad job on > a

Re: More 5 november in the release schedule

On Wed, Nov 09, 2016 at 11:16:36AM +0800, Paul Wise wrote: > On Wed, Nov 9, 2016 at 1:36 AM, Emilio Pozuelo Monfort wrote: > > > Right. We want auto-removals to be useful for the release process, so that > > we > > don't end up with a thousand of RC bugs in testing when we freeze, most of > >

Re: client-side signature checking of Debian archives (Re: When should we https our mirrors?)

On Sun, Nov 06, 2016 at 12:03:03AM +0100, Philipp Kern wrote: > On 2016-11-05 22:23, Adrian Bunk wrote: > > The solution you are trying to sell is apt-transport-https as default. > [...] > > Your solution would be a lot of work with relatively little improvement. > > Well

Re: NRSS has been deprecated [#696302]

On Mon, Nov 07, 2016 at 08:58:53PM +0100, Adam Borowski wrote: > On Sun, Oct 30, 2016 at 06:55:33PM +, Clint Adams wrote: > > On Sun, Oct 30, 2016 at 06:28:41AM +0100, Adam Borowski wrote: > > > A maintainer would then file "ITR: dasher" and wait for responses before > > > requesting RM. > >

Re: unattended-upgrades by default?

On Tue, Nov 08, 2016 at 11:16:53AM +0800, Paul Wise wrote: > On Tue, Nov 8, 2016 at 4:26 AM, Adam Borowski wrote: > > > Forced reboot on upgrade is damage. Let's learn from errors of others. > > needrestart has a mechanism (needrestart-session) to hook into user > sessions, perhaps that could

Re: Intended MBF: maintainer scripts not starting on #!

On Fri, Nov 04, 2016 at 05:05:33PM -0400, Scott Kitterman wrote: > > > On November 4, 2016 5:01:31 PM EDT, Adrian Bunk <b...@stusta.de> wrote: > >On Fri, Nov 04, 2016 at 09:22:02PM +0100, Ralf Treinen wrote: > >> Hi, > > > >Hi Ralf, > > &g

Re: Intended MBF: maintainer scripts not starting on #!

On Fri, Nov 04, 2016 at 10:21:13PM +0100, Ralf Treinen wrote: > On Fri, Nov 04, 2016 at 11:01:31PM +0200, Adrian Bunk wrote: > > On Fri, Nov 04, 2016 at 09:22:02PM +0100, Ralf Treinen wrote: > > > Hi, > > > > Hi Ralf, > > > > > in the Colis project (w

Re: OpenSSL 1.1.0

On Thu, Nov 03, 2016 at 10:49:30AM -0300, Lisandro Damián Nicanor Pérez Meyer wrote: > On jueves, 3 de noviembre de 2016 12:34:23 P. M. ART Tino Mettler wrote: > > On Wed, Nov 02, 2016 at 14:02:52 -0300, Lisandro Damián Nicanor Pérez Meyer > > wrote: > > > > [...] > > > > > Today we the Qt/KDE

Re: unattended-upgrades by default?

On Fri, Nov 04, 2016 at 10:27:00PM +, Holger Levsen wrote: > On Fri, Nov 04, 2016 at 10:51:15PM +0200, Adrian Bunk wrote: > > Should Debian also default to automatically reboot? > > > > If the answer is "no", then nothing is a solution that does not also > &

Re: client-side signature checking of Debian archives (Re: When should we https our mirrors?)

On Tue, Oct 25, 2016 at 11:06:23AM -0700, Russ Allbery wrote: > Adrian Bunk <b...@stusta.de> writes: >... > So, I'm not quite sure how to put this, since I don't know how much work > you've done professionally in computer security, and I don't want to > belittle that. I

Re: Bug#841113: ITP: extremetools -- tools for running processes under extreme uid and gid

On Fri, Oct 21, 2016 at 08:55:26AM +0200, Jan Mojzis wrote: > > "extremely outdated"? > > > > This sounds like a hack from ~ 20 years ago when people realized that > > running several programs at the same time as nobody does not isolate > > them from each other. > > > > Much better solutions

Re: When should we https our mirrors?

On Sun, Oct 23, 2016 at 06:04:50AM -0700, Kristian Erik Hermansen wrote: >... > The main issue is that a well positioned attacker, such as the NSA or > Chinese router admins, have the ability to collect and analyze in > real-time what systems have installed what patches installed by > monitoring

Re: Bug#841196: ITP: node-os-homedir -- Node.js 4 `os.homedir()` ponyfill

On Tue, Oct 18, 2016 at 04:15:50PM +0100, Steve McIntyre wrote: >... > Life's too short to go and fix all the crap in the world personally, > but we can keep certain minimum standards for what we as a group allow > into Debian. :-( What policies and processes should ensure these minimum

Re: client-side signature checking of Debian archives (Re: When should we https our mirrors?)

On Mon, Oct 24, 2016 at 09:22:39AM -0700, Russ Allbery wrote: > Adrian Bunk <b...@stusta.de> writes: > > On Sun, Oct 23, 2016 at 07:28:23PM -0700, Russ Allbery wrote: > > >>... > >> The value of HTTPS lies in its protection against passive snooping. Given

Re: client-side signature checking of Debian archives (Re: When should we https our mirrors?)

On Mon, Oct 24, 2016 at 04:33:57PM -0700, Russ Allbery wrote: > Adrian Bunk <b...@stusta.de> writes: >... > > I would assume this can be pretty automated, and that by NSA standards > > this is not a hard problem. > > Since the entire exchange is encrypted, it's

Re: When should we https our mirrors?

On Mon, Oct 24, 2016 at 04:00:49AM -0700, Kristian Erik Hermansen wrote: > On Mon, Oct 24, 2016 at 1:59 AM, Adrian Bunk <b...@stusta.de> wrote: > but also I should point out that your email is being routed > insecurely via welho.com and lacks TLS in transit, so I also probably >

Re: When should we https our mirrors?

On Mon, Oct 24, 2016 at 04:00:39PM +0100, Ian Jackson wrote: > Adrian Bunk writes ("Re: When should we https our mirrors?"): >... > Adrian: > > Noone is arguing that switching to https would be a bad thing, > > but whether or not it will happen depends solely on whe

Re: client-side signature checking of Debian archives (Re: When should we https our mirrors?)

On Sun, Oct 23, 2016 at 07:28:23PM -0700, Russ Allbery wrote: >... > The value of HTTPS lies in its protection against passive snooping. Given > the sad state of the public CA infrastructure, you cannot really protect > against active MITM with HTTPS without certificate pinning. You are

Re: Bug#841113: ITP: extremetools -- tools for running processes under extreme uid and gid

On Wed, Oct 19, 2016 at 09:33:14AM -0200, Henrique de Moraes Holschuh wrote: > On Wed, Oct 19, 2016, at 06:56, Jan Mojzis wrote: > > >I read manpage on github, but did not understood, what exactly this > > > program provides. Can it replace creation system users for dropping > > > privileges? > >

Re: [Letsencrypt-devel] Certbot in Debian Stretch

On Thu, Nov 24, 2016 at 07:08:33PM +0100, Daniel Pocock wrote: > > > On 24/11/16 17:39, Adrian Bunk wrote: > > On Thu, Nov 24, 2016 at 05:22:29PM +0100, Daniel Pocock wrote: > >> ... > >> For networked services, it is different. > >> > >>

Re: OpenSSL 1.1.0

On Wed, Nov 23, 2016 at 11:50:12PM -0200, Henrique de Moraes Holschuh wrote: > On Thu, 24 Nov 2016, Kurt Roeckx wrote: >... > > > So, if Qt *ever* exposes its use of openssl anywere in its APIs, it > > > might not be safe. If it doesn't (i.e. at most you have a qt flag that > > > says "use SSL",

Re: OpenSSL 1.1.0

On Thu, Nov 24, 2016 at 03:20:06PM +0100, Jan Niehusmann wrote: > On Thu, Nov 24, 2016 at 03:59:10PM +0200, Adrian Bunk wrote: > > If inspection is not easily possible, then adding a dependency on > > libssl1.0-dev to qtbase5-private-dev should be sufficient to > > ensure th

Re: [Letsencrypt-devel] Certbot in Debian Stretch

On Thu, Nov 24, 2016 at 02:45:26PM +0100, Ondřej Surý wrote: > On Thu, Nov 24, 2016, at 13:39, Philipp Kern wrote: > > So if you, as an upstream maintainer, have a change that is needed for > > compatibility with changes in network APIs and the change is reviewable > > by humans, a stable update

Re: OpenSSL 1.1.0

On Thu, Nov 24, 2016 at 02:50:23PM -0200, Henrique de Moraes Holschuh wrote: > On Thu, 24 Nov 2016, Adrian Bunk wrote: > > On Wed, Nov 23, 2016 at 11:50:12PM -0200, Henrique de Moraes Holschuh wrote: > > > On Thu, 24 Nov 2016, Kurt Roeckx wrote: > > >... > > >

Re: [Letsencrypt-devel] Certbot in Debian Stretch

On Thu, Nov 24, 2016 at 05:22:29PM +0100, Daniel Pocock wrote: >... > For networked services, it is different. > > Debian has already been carrying updated versions of Firefox and > Chromium in stable including bundled dependencies too. Maybe we need to > have an objective way of deciding which

Re: OpenSSL 1.1.0

On Thu, Nov 17, 2016 at 12:27:43AM -0500, Scott Kitterman wrote: > On Wednesday, November 16, 2016 10:04:00 PM Lisandro Damián Nicanor Pérez > Meyer wrote: > > On jueves, 17 de noviembre de 2016 00:40:42 ART Kurt Roeckx wrote: > > > On Mon, Nov 14, 2016 at 07:10:00PM +, Niels Thykier wrote: >

Re: libc recently more aggressive about pthread locks in stable ?

On Thu, Nov 17, 2016 at 09:28:34AM -0200, Henrique de Moraes Holschuh wrote: > On Thu, Nov 17, 2016, at 09:11, Lucas Nussbaum wrote: > > On 17/11/16 at 08:31 -0200, Henrique de Moraes Holschuh wrote: > > > The deal with *current* Debian stable is that, if the breakage is too > > > widespread, we

Re: OpenSSL 1.1.0

On Wed, Nov 16, 2016 at 10:53:18PM +0100, Sebastian Andrzej Siewior wrote: > On 2016-11-16 19:49:44 [+0200], Adrian Bunk wrote: > > The problem are not specific bugs, the problem is the whole size of the > > problem: > > > > 1. Sorting out what packages have to sta

Re: OpenSSL 1.1.0

On Tue, Nov 15, 2016 at 07:03:28PM +1100, Scott Leggett wrote: > On 2016-11-15.00:16, Adrian Bunk wrote: > > Bugs like "With Kurt's patch, apache2 crashes on startup with an invalid > > free." > > or #843988 will be a common sight on the list of RC bugs for sev

Re: libc recently more aggressive about pthread locks in stable ?

On Mon, Nov 14, 2016 at 10:31:18AM +0100, Gert Wollny wrote: > Am Sonntag, den 06.11.2016, 01:12 -0200 schrieb Henrique de Moraes > Holschuh: > >  > >  > >  > > Unfortunately, when hardware lock elision support was added to glibc > > upstream, libpthreads was *not* changed to properly assert()

Re: OpenSSL 1.1.0

On Tue, Nov 15, 2016 at 09:37:01AM -0300, Lisandro Damián Nicanor Pérez Meyer wrote: > On lunes, 14 de noviembre de 2016 16:51:04 ART Marco d'Itri wrote: > > On Nov 14, Lisandro Damián Nicanor Pérez Meyer wrote: > > > And yes, I would step back and switch libssl-dev to

Re: OpenSSL 1.1.0

On Wed, Nov 16, 2016 at 12:15:39AM +0100, Sebastian Andrzej Siewior wrote: > On 2016-11-15 00:16:14 [+0200], Adrian Bunk wrote: > > And since 80% of all OpenSSL-using packages in unstable are still > > using libssl1.0.2 (binNMUs have not yet happened), all runtime > > i

Re: OpenSSL 1.1.0

On Fri, Nov 18, 2016 at 10:22:59PM +0100, Moritz Mühlenhoff wrote: > Adrian Bunk <b...@stusta.de> schrieb: > > And/or get sponsorship from companies for supporting ChaCha20-patched > > 1.0.2 > > It's not a matter of whipping up some patch; anything less than an >

Re: libc recently more aggressive about pthread locks in stable ?

On Thu, Nov 17, 2016 at 11:38:46AM -0200, Henrique de Moraes Holschuh wrote: > On Thu, Nov 17, 2016, at 09:50, Adrian Bunk wrote: > > But we do already have > 1 year of widespread testing by users > > running unstable/testing on machines with TSX enabled. > > > > So

Re: OpenSSL 1.1.0

On Thu, Nov 17, 2016 at 10:43:53PM +0100, Moritz Mühlenhoff wrote: > Adrian Bunk <b...@stusta.de> schrieb: > > On Tue, Nov 15, 2016 at 09:37:01AM -0300, Lisandro Damián Nicanor Pérez > > Meyer wrote: > >> On lunes, 14 de noviembre de 2016 16:51:04 ART Marco

Re: Multi-Arch: allowed

On Sat, Nov 19, 2016 at 05:53:04PM +0100, Julien Cristau wrote: > On Tue, Nov 1, 2016 at 18:11:27 +0100, Thibaut Paumard wrote: > > > The -dbg package is Multi-Arch same. It Depends on the packages for > > which it provides debugging symbols, some of which are Multi-Arch: > > allowed. > > That

Re: OpenSSL 1.1.0

On Mon, Nov 14, 2016 at 07:10:00PM +, Niels Thykier wrote: > Marco d'Itri: > > On Nov 14, Lisandro Damián Nicanor Pérez Meyer wrote: > > > >> And yes, I would step back and switch libssl-dev to provide libssl1.0-dev > >> and > >> have libssl1.1-dev around for anyone

Re: Rebuilds with unexpected timestamps

On Sun, Oct 30, 2016 at 04:02:48PM +, Ian Jackson wrote: >... > Most of our packages use `make' or something like it. make relies on > timestamps to decide what to rebuild. It seems that sometimes our > source packages contain combinations of timestamps (and perhaps stamp > files) which, in

Re: Static linking and fPIC (Was: Re: "PIE by default" transition is underway -- wiki needs updating)

On Mon, Oct 31, 2016 at 03:23:51PM +0100, Bálint Réczey wrote: > Hi Ian, > > 2016-10-31 14:19 GMT+01:00 Ian Campbell : > > On Mon, 2016-10-31 at 12:17 +0100, Bálint Réczey wrote: > >> 2016-10-31 10:38 GMT+01:00 Ian Campbell : > >> > If possible I'd also prefer a

Re: Rebuilds with unexpected timestamps [and 1 more messages]

On Mon, Oct 31, 2016 at 01:42:26AM +, Ian Jackson wrote: >... > Adrian Bunk writes ("Re: Rebuilds with unexpected timestamps"): > > Be prepared to see a lot of such issues when you touch random files. > > I'm certainly expecting to see lots of issues. > &g

Re: Rebuilds with unexpected timestamps

On Sun, Oct 30, 2016 at 11:48:56PM +, Simon McVittie wrote: >... > * Source for generated files in the tarball: should be in both git and > tarball, but sometimes mistakenly omitted from tarballs (e.g. configure.ac, > m4/foo.m4, build-aux/git-version-gen). Leaving these out of the tarball

Re: Rebuilds with unexpected timestamps [and 1 more messages]

On Mon, Oct 31, 2016 at 03:58:12PM +, Ian Jackson wrote: > Adrian Bunk writes ("Re: Rebuilds with unexpected timestamps [and 1 more > messages]"): > > On Mon, Oct 31, 2016 at 01:42:26AM +, Ian Jackson wrote: > ... > > > If it does "sufficiently diff

Re: NRSS has been deprecated [#696302]

On Sun, Oct 30, 2016 at 06:28:41AM +0100, Adam Borowski wrote: >... > An user interested in future releases is usually a contributor of sorts, > thus often has "devscripts" installed. The typical user of Debian stable is running Debian on servers, and will become interested in a future release

Re: Rebuilds with unexpected timestamps

On Tue, Nov 01, 2016 at 12:05:38PM +, Ian Jackson wrote: >... > Personally I think a Linux kernel tarball, without accompanying git > history, is a GPL violation. >... Why would the git *history* matter for GPL compliance? You can push from a shallow clone. > Ian. cu Adrian --

Re: "PIE by default" transition is underway -- wiki needs updating

On Wed, Oct 26, 2016 at 05:37:06AM +0200, Adam Borowski wrote: > On Wed, Oct 26, 2016 at 12:37:18AM +0200, Andreas Cadhalpun wrote: > > The current policy says: > > "As to the static libraries, the common case is not to have relocatable > > code" > > > > As of gcc-6 version 6.2.0-7 this is

Re: Porter roll call for Debian Stretch

[ adding debian-powerpc ] On Sun, Oct 09, 2016 at 06:54:44PM +0200, Moritz Mühlenhoff wrote: > Niels Thykier schrieb: > > If I am to support powerpc as a realease architecture for Stretch, I > > need to know that there are *active* porters behind it committed to > > keeping it

Re: Porter roll call for Debian Stretch

On Sun, Oct 09, 2016 at 11:13:21PM +0100, Adam D. Barratt wrote: > On Sun, 2016-10-09 at 21:12 +0300, Adrian Bunk wrote: > > [ adding debian-powerpc ] > > > > On Sun, Oct 09, 2016 at 06:54:44PM +0200, Moritz Mühlenhoff wrote: > > > Niels Thykier <ni...@thyk

Re: [buildd] unexpected FTBFS on amd64 buildd «binet»

On Sun, Oct 16, 2016 at 02:14:47PM +, lumin wrote: > Hi there, > > I encountered an unexpected FTBFS on amd64 that I can't repro.[1] > And I'd like to ask the list before fixing it by e.g. an binary > only upload. > > My package lua-torch-torch7/experimental fails[2] to build from > source

Re: When should we https our mirrors?

On Sat, Oct 15, 2016 at 02:03:36PM -0400, Paul Tagliamonte wrote: >... > So, the real question: > > So, when are we going to push this? If not now, what criteria need to be > met? Why can't we https-ify the default CDN mirror today? >... This is actually only the server-side part of the problem,

Re: [buildd] unexpected FTBFS on amd64 buildd «binet»

On Mon, Oct 17, 2016 at 03:10:57AM +0100, Ben Hutchings wrote: > On Sun, 2016-10-16 at 18:57 +0300, Adrian Bunk wrote: > [...] > > You should fix your package so that it works on the lowest supported  > > hardware of each port. > > Right. > > > Autobuilding is

Re: Bug#841099: ITP: node-has-values -- Returns true if any values exist, false if empty

On Mon, Oct 17, 2016 at 10:28:53PM +0200, Eduard Bloch wrote: > Hallo, > * Andrew Shadura [Mon, Oct 17 2016, 08:23:19PM]: > > Hi, > > > > On 17 October 2016 at 18:57, Sruthi Chandran wrote: > > > Package: wnpp > > > Severity: wishlist > > > Owner: Sruthi Chandran

Accepted aewm++ 1.1.2-5.1 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 13 Jan 2017 21:14:06 +0200 Source: aewm++ Binary: aewm++ Architecture: source Version: 1.1.2-5.1 Distribution: unstable Urgency: medium Maintainer: Chris Boyle <c...@debian.org> Changed-By: Adrian Bunk <b...@d

Accepted mylvmbackup 0.15-1.1 (source) into unstable

org> Changed-By: Adrian Bunk <b...@debian.org> Description: mylvmbackup - quickly creating backups of MySQL server's data files Closes: 789885 Changes: mylvmbackup (0.15-1.1) unstable; urgency=medium . * Non-maintainer upload. * Add the missing dependency on libfile-copy-re

Accepted python-expyriment 0.7.0+git34-g55a4e7e-3.2 (source) into unstable

uni-potsdam.de> Changed-By: Adrian Bunk <b...@debian.org> Description: python-expyriment - Python library for cognitive and neuroscientific experiments Closes: 830381 Changes: python-expyriment (0.7.0+git34-g55a4e7e-3.2) unstable; urgency=medium . * Non-maintainer upload. * Add the m

Accepted libdigidoc 3.10.1.1208+ds1-2.1 (source) into unstable

Maintainer: Andrew Shadura <andre...@debian.org> Changed-By: Adrian Bunk <b...@debian.org> Description: libdigidoc-common - DigiDoc digital signature library common files libdigidoc-dev - DigiDoc digital signature development files libdigidoc-doc - DigiDoc digital signature library d

Accepted gdb-msp430 7.2a~mspgcc-20111205-3.1 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 13 Jan 2017 22:08:56 +0200 Source: gdb-msp430 Binary: gdb-msp430 Architecture: source Version: 7.2a~mspgcc-20111205-3.1 Distribution: unstable Urgency: medium Maintainer: Luca Bruno <lu...@debian.org> Changed-By: Adria

Accepted khmerconverter 1.4-1.2 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 13 Jan 2017 21:45:15 +0200 Source: khmerconverter Binary: khmerconverter Architecture: source Version: 1.4-1.2 Distribution: unstable Urgency: medium Maintainer: Soputtra San <eke...@gmail.com> Changed-By: Adrian B

Accepted cvc3 2.4.1-5.1 (source) into unstable

det...@morgandeters.com> Changed-By: Adrian Bunk <b...@debian.org> Description: cvc3 - Automatic theorem prover for SMT problems cvc3-el- Emacs mode for CVC3 libcvc3-5 - Automatic theorem prover library for SMT problems libcvc3-5-java - Java bindings for CVC3 (bytecode library

Accepted isakmpd 20041012-7.4 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 13 Jan 2017 20:45:19 +0200 Source: isakmpd Binary: isakmpd Architecture: source Version: 20041012-7.4 Distribution: unstable Urgency: medium Maintainer: Jochen Friedrich <joc...@scram.de> Changed-By: Adrian B

Accepted freewheeling 0.6-2.1 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 13 Jan 2017 19:29:50 +0200 Source: freewheeling Binary: freewheeling Architecture: source Version: 0.6-2.1 Distribution: unstable Urgency: medium Maintainer: Paul Brossier <p...@debian.org> Changed-By: Adrian B

Accepted pidgin-openfetion 0.3-2 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 13 Jan 2017 19:27:12 +0200 Source: pidgin-openfetion Binary: pidgin-openfetion Architecture: source Version: 0.3-2 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By:

Accepted free42-nologo 1.4.77-1.2 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 13 Jan 2017 20:12:15 +0200 Source: free42-nologo Binary: free42-nologo Architecture: source Version: 1.4.77-1.2 Distribution: unstable Urgency: medium Maintainer: Christian Stalp <ch...@chrishell.de> Changed-By: Adrian B

<    1   2   3   4   5   6   7   8   9   10   >