Your message dated Sun, 07 Apr 2024 05:34:04 +0000
with message-id <e1rtlak-005xgm...@fasolo.debian.org>
and subject line Bug#1068192: fixed in debian-policy 4.7.0.0
has caused the Debian Bug report #1068192,
regarding debian-policy: extend forbidden network access to contrib and non-free
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1068192: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068192
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: debian-policy
Version: 4.6.2.1
Severity: normal
X-Debbugs-Cc: d...@debian.org, wb-t...@buildd.debian.org
Control: affects -1 buildd.debian.org

Hi,

The debian policy, section 4.9, forbids network access for packages in
the main archive, which implicitly means they are authorized for
packages in contrib and non-free (and non-free-firmware once #1029211 is
fixed).

This gives constraints on the build daemons infrastructure and also
brings some security concerns. Would it be possible to extend this
restriction to all archives?

Regards,
Aurelien

--- End Message ---
--- Begin Message ---
Source: debian-policy
Source-Version: 4.7.0.0
Done: Sean Whitton <spwhit...@spwhitton.name>

We believe that the bug you reported is fixed in the latest version of
debian-policy, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1068...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sean Whitton <spwhit...@spwhitton.name> (supplier of updated debian-policy 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 07 Apr 2024 13:08:55 +0800
Source: debian-policy
Architecture: source
Version: 4.7.0.0
Distribution: unstable
Urgency: medium
Maintainer: Debian Policy Editors <debian-policy@lists.debian.org>
Changed-By: Sean Whitton <spwhit...@spwhitton.name>
Closes: 963524 968226 970234 994008 1029211 1035733 1039102 1068192
Changes:
 debian-policy (4.7.0.0) unstable; urgency=medium
 .
   [ Sean Whitton ]
   * Policy: Prefer native overriding mechanisms to diversions & alternatives
     Wording: Luca Boccassi <bl...@debian.org>
     Seconded: Sean Whitton <spwhit...@spwhitton.name>
     Seconded: Russ Allbery <r...@debian.org>
     Seconded: Holger Levsen <hol...@layer-acht.org>
     Closes: #1035733
   * Policy: Improve alternative build dependency discussion
     Wording: Russ Allbery <r...@debian.org>
     Seconded: Wouter Verhelst <wou...@debian.org>
     Seconded: Sean Whitton <spwhit...@spwhitton.name>
     Closes: #968226
   * Policy: No network access for required targets for contrib & non-free
     Wording: Aurelien Jarno <aure...@debian.org>
     Seconded: Sam Hartman <hartm...@debian.org>
     Seconded: Tobias Frost <t...@debian.org>
     Seconded: Holger Levsen <hol...@layer-acht.org>
     Closes: #1068192
 .
   [ Russ Allbery ]
   * Policy: Add mention of the new non-free-firmware archive area
     Wording: Gunnar Wolf <gw...@gwolf.org>
     Seconded: Holger Levsen <hol...@layer-acht.org>
     Seconded: Russ Allbery <r...@debian.org>
     Closes: #1029211
   * Policy: Source packages in main may build binary packages in contrib
     Wording: Simon McVittie <s...@debian.org>
     Seconded: Holger Levsen <hol...@layer-acht.org>
     Seconded: Russ Allbery <r...@debian.org>
     Closes: #994008
   * Policy: Allow hard links in source packages
     Wording: Russ Allbery <r...@debian.org>
     Seconded: Helmut Grohne <hel...@subdivi.de>
     Seconded: Guillem Jover <guil...@debian.org>
     Closes: #970234
   * Policy: Binary and Description fields may be absent in .changes
     Wording: Russ Allbery <r...@debian.org>
     Seconded: Sam Hartman <hartm...@debian.org>
     Seconded: Guillem Jover <guil...@debian.org>
     Closes: #963524
   * Policy: systemd units are required to start and stop system services
     Wording: Luca Boccassi <bl...@debian.org>
     Wording: Russ Allbery <r...@debian.org>
     Seconded: Luca Boccassi <bl...@debian.org>
     Seconded: Sam Hartman <hartm...@debian.org>
     Closes: #1039102
Checksums-Sha1:
 cceb560f2e75c99e38aade67c89ee61e09e7a3e5 2136 debian-policy_4.7.0.0.dsc
 fb76348525ee83aa8b75eee50d1d0d166997ca5d 560352 debian-policy_4.7.0.0.tar.xz
Checksums-Sha256:
 57cf3ee833405240396b40cc9ee65568c09cb9bd421c8cfdec1ff03cba287319 2136 
debian-policy_4.7.0.0.dsc
 cc53cfec06db76e6a26dd61b6f4f8015e95637fc67d5715c54487507ee113a40 560352 
debian-policy_4.7.0.0.tar.xz
Files:
 ab2b8b895ec9092a064a72cf0665c47a 2136 doc optional debian-policy_4.7.0.0.dsc
 2f658f4169866f3db703cf78e96dcb9a 560352 doc optional 
debian-policy_4.7.0.0.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEm5FwB64DDjbk/CSLaVt65L8GYkAFAmYSLcMACgkQaVt65L8G
YkCyJg//cXSHspKUQgje2QUDvo+FMIEWjg8sYUUHhdnq6xLHlc8fxcID1V1kH7F0
bGSzmfJyBTbALWDTmrr9O5dIkSy7Fe4D+qY95r0wuWJ0F2GNyL4sYyBUMwdtevgj
ZoDoO69R/Z9ae54ouFMNg7q8gioWM2HZyvz7Fi8i2fTOfjl1RkAaVgP5IzOSL7OY
AdOPuLRA4OxzwmdoIyuDfzE3ypXA+EThMIRzmsQfeHS2+9WTaqpXCF9DxoSRhrl2
F3K+KATvfd78aWlN3aF3dFbDck4oz2wx+3CH0Q0kFZhlQPs/oXiiRA5Sz1d3ILfK
fX8k0FAATlPWxEEXTsrYPjPQ0Pp6sJKr10K3iZr4RHBOdH9y+XTNavEw+5M5V2Ga
x0ht/HeZwgrGyxJeBJ+SOgZ1WE02UbJVBwPtaR2IVlLJNJH7p5Sjo3JXfwUKcVFG
o+8VcACg+wilO40lynWSVm7/QBFt9BzjOTXiVO7FJsCrYv0sJQFZwlQOdI5oAwEs
FQvxBJKnuYrEjU5q6wsImZSbose+Gz5ptapjb1AE506GZG0CmjUNRwlAGHOGY16L
8SIBByrOGNh867wy7prMBoifwfjP6OMKQpw8DcKKmMGOpoc8ob5nw+ERf2FSCxym
A8qgNRwVoRN4WMvcPcTNcCzhNnITqpNIFcy2ME0o9P1fI6ujgzQ=
=KSE/
-----END PGP SIGNATURE-----

Attachment: pgpE2fpoL8Qo8.pgp
Description: PGP signature


--- End Message ---

Reply via email to