Re: status of tzdata packages in wheezy

On 26/10/16 10:58, Emilio Pozuelo Monfort wrote: > Hi Erdem, > > On 26/10/16 08:31, Erdem Bayer wrote: >> Hello >> >> As explained in debian bug 838781, Turkey choosed to change its DST policy >> and >> will not be updating the time at the end of this month. IANA released two >> updates about

LTS Report for October 2016

Hi, In this month I was allocated 13h, which I spent doing the following: - Finished the update I had started to libarchive - Tested libxml2 packages - Updated X11 packages (libx11, libxi, libxtst), fixing some regressions in the security patches:

Re: ghostscript and evince/libspectre problem

On Tue, Oct 25, 2016 at 09:54:01PM +0200, Salvatore Bonaccorso wrote: > Hi Roberto > > Could you double-check/confirm if you see the same > https://bugs.debian.org/840691 in wheezy? Note although the bug is > still assigned to ghostscript I think the problem uncovered is > actually in libspectre

Accepted libxi 2:1.6.1-1+deb7u2 (source amd64) into oldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 27 Oct 2016 00:35:40 +0200 Source: libxi Binary: libxi6 libxi6-udeb libxi6-dbg libxi-dev Architecture: source amd64 Version: 2:1.6.1-1+deb7u2 Distribution: wheezy-security Urgency: medium Maintainer: Debian X Strike Force

Accepted bash 4.2+dfsg-0.1+deb7u4 (source all amd64) into oldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 26 Oct 2016 19:37:54 +0200 Source: bash Binary: bash bash-static bash-builtins bash-doc Architecture: source all amd64 Version: 4.2+dfsg-0.1+deb7u4 Distribution: wheezy-security Urgency: high Maintainer: Matthias Klose

tre package ready for testing

Hi Santiago (and others), I have prepared a wheezy LTS security upload for tre here: https://people.debian.org/~anarcat/debian/wheezy-lts/ The debdiff is attached to this message. I have also sent the ported patch to the following bug report:

[SECURITY] [DLA 681-1] tzdata new upstream version

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: tzdata Version: 2016h-0+deb7u1 This update includes the changes in tzdata up to 2016h. Notable changes are: - Asia/Gaza and Asia/Hebron (DST ending on 2016-10-29 at 01:00, not 2016-10-21 at 00:00). - Europe/Istanbul

Accepted tzdata 2016h-0+deb7u1 (source all) into oldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 26 Oct 2016 20:55:54 +0200 Source: tzdata Binary: tzdata tzdata-java Architecture: source all Version: 2016h-0+deb7u1 Distribution: wheezy-security Urgency: medium Maintainer: GNU Libc Maintainers

Accepted libdatetime-timezone-perl 1:1.58-1+2016h (source all) into oldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 26 Oct 2016 20:30:07 +0200 Source: libdatetime-timezone-perl Binary: libdatetime-timezone-perl Architecture: source all Version: 1:1.58-1+2016h Distribution: wheezy-security Urgency: medium Maintainer: Debian Perl Group

status of tzdata packages in wheezy

Hello As explained in debian bug 838781, Turkey choosed to change its DST policy and will not be updating the time at the end of this month. IANA released two updates about Turkey, 2016g and 2016h, these packages hit the stable repos yerterday. As this update is very important for Turkish

Accepted graphicsmagick 1.3.16-1.1+deb7u5 (source amd64 all) into oldstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 26 Oct 2016 15:23:09 -0400 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick3 libgraphicsmagick1-dev libgraphicsmagick++3 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat

Re: tre package ready for testing

Hi. I would probably rename the patch to "03-cve-2016-8859" for unstable (lowercase, and without .patch suffix, as none of the already existing patches have it). Some day I will "convert" all my packages to be more "mainstream", but I prefer to be consistent for now. Other than that, thanks a