(2.40.1-6) unstable; urgency=high
+
+ * Fix CVE-2018-10196: NULL pointer dereference in rebuild_vlists()
+(closes: #898841).
+
+ -- Laszlo Boszormenyi (GCS) Mon, 08 Apr 2019 15:51:00 +
+
graphviz (2.40.1-5) unstable; urgency=medium
* Patch upstream _gv.so symlink creation (closes
+ [ Luca Boccassi ]
+ * Fix GSSAPI support build (closes: #925914).
+
+ -- Laszlo Boszormenyi (GCS) Thu, 28 Mar 2019 16:37:09 +
+
zeromq3 (4.3.1-3) unstable; urgency=medium
[ Luca Boccassi ]
diff -Nru zeromq3-4.3.1/debian/patches/gssapi_pkgconfig.patch zeromq3-4.3.1/debi
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hi RMs,
It's a small transition with only three packages: biboumi,
libqtshadowsocks and qtcreator. All three build fine with
this botan release as well.
It is also needed for proper upst
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hi RMs,
I'd like to upload ICU 63.1 which was recently released for Buster.
The packaging already bootstrapped with icu-le-hb (Layout Engine using
the HarfBuzz library) in experimental.
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
A small, incremental transition of botan 2.4 -> 2.6 as the dependent
packages are only biboumi and qtcreator. Both build fine with it.
Two things to note. For sixteen
18-1000156: arbitrary command execution in ed-style patches
+(closes: #894993).
+
+ -- Laszlo Boszormenyi (GCS) Mon, 16 Apr 2018 20:48:14 +
+
patch (2.7.5-1) unstable; urgency=medium
* New upstream release.
diff -Nru patch-2.7.5/debian/control patch-2.7.5/debian/control
--- patch-2.
x CVE-2018-1000156: arbitrary command execution in ed-style patches
+(closes: #894993).
+
+ -- Laszlo Boszormenyi (GCS) Mon, 16 Apr 2018 20:48:43 +
+
patch (2.7.5-1) unstable; urgency=medium
* New upstream release.
diff -Nru patch-2.7.5/debian/patches/Fix_arbitrary_command_execu
++ sqlite3-3.8.7.1/debian/changelog 2017-10-03 16:13:42.0 +
@@ -1,3 +1,10 @@
+sqlite3 (3.8.7.1-1+deb8u3) jessie; urgency=medium
+
+ * Fix CVE-2017-10989 , heap-based buffer over-read via undersized RTree
+blobs (closes: #867618).
+
+ -- Laszlo Boszormenyi (GCS) Tue, 03 Oct 2017 16:1
++ sqlite3-3.16.2/debian/changelog 2017-10-03 16:13:44.0 +
@@ -1,3 +1,10 @@
+sqlite3 (3.16.2-5+deb9u1) stretch; urgency=medium
+
+ * Fix CVE-2017-10989 , heap-based buffer over-read via undersized RTree
+blobs (closes: #867618).
+
+ -- Laszlo Boszormenyi (GCS) Tue, 03 Oct 2017 16:1
q3-4.2.1/debian/changelog
--- zeromq3-4.2.1/debian/changelog 2017-01-01 15:53:54.0 +
+++ zeromq3-4.2.1/debian/changelog 2017-02-24 17:35:03.0 +
@@ -1,3 +1,9 @@
+zeromq3 (4.2.1-3) unstable; urgency=medium
+
+ * Compile with OpenPGM support (closes: #856023).
+
+ -- Laszlo Boszormenyi
open() correctly handles short rows
+ TODO: Put a short summary on the line above and replace this paragraph
+ * Non-maintainer upload.
+Origin: upstream, https://www.sqlite.org/src/info/8cd1a4451cce1fe2
+Author: Laszlo Boszormenyi (GCS)
+Last-Update: 2017-02-14
+
+---
+
+--- sqlite3-3.16.2.orig/src/
* New maintainer (closes: #729207).
+ * Generalize watch file.
+ * Use debhelper level 10 in compat.
+
+ -- Laszlo Boszormenyi (GCS) Tue, 21 Feb 2017 21:44:19 +
+
qpid-python (1.35.0+dfsg-1) unstable; urgency=medium
* QA upload.
diff -Nru qpid-python-1.35.0+dfsg/debian/compat qpid-python-1
+++ graphicsmagick-1.3.25/debian/changelog 2017-02-24 20:17:41.0 +0100
@@ -1,3 +1,9 @@
+graphicsmagick (1.3.25-8) unstable; urgency=high
+
+ * Backport security fix for out of bounds access when reading CMYKA tiff.
+
+ -- Laszlo Boszormenyi (GCS) Fri, 24 Feb 2017 19:17:41 +
influence vulnerability via environment
+variables.
+
+ -- Laszlo Boszormenyi (GCS) Wed, 01 Feb 2017 06:23:28 +
+
ntfs-3g (1:2016.2.22AR.1-3) unstable; urgency=low
* Really fix ELIBBAD errno on kFreeBSD (closes: #821838).
diff -Nru ntfs-3g-2016.2.22AR.1/debian/patches/0003-CVE-2017-0358
ackage for proper Python2 compatibility
+(closes: #852245).
+
+ -- Laszlo Boszormenyi (GCS) Tue, 31 Jan 2017 16:56:26 +
+
+pyro4 (4.53-2) unstable; urgency=medium
+
+ * Rework Python version detection.
+ * Remove requires.txt from the installed files.
+
+ [ Marcin Kulisz ]
+ * F
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
Small transition of gflags which changed the library name from
libgflags2v5 to libgflags2.2 . These are co-installable and the
new version is in experimental, built on
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
Mini transition of ntfs-3g which changed the library name from
libntfs-3g871 to libntfs-3g872 . These are co-installable and the
new version is in experimental, built
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Hi,
I ask for binNMU of syslog-ng to build with PIE with the new
toolchain. Currently it prevents fixing of syslog-ng-incubator[1] as
it can't link with one of its libraries.
Thanks,
Laszlo
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
I'd like to update libcrypto++ from 5.6.4 to 5.6.5; which is a
semi-transition. Packages I've tried works with both version,
however without binNMUs those will print this:
Symbol `_ZTVN8C
; urgency=medium
+
+ * Backport fix 'prevent infinite loop in readObject() function' to prevent
+DoS from upstream Git tree.
+
+ -- Laszlo Boszormenyi (GCS) Mon, 05 Sep 2016 17:46:41 +
+
pypdf2 (1.23+git20141008-1) unstable; urgency=low
* Upstream snapshot with various bug fixes.
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Hi,
odb depends on GCC plugin loading. Uploaded a new package version,
which started to use GCC 6.2 as it's being the default compiler.
Previously it used GCC 5.1 and to prevent any problems
f log directory to ovirtagent in postinst (closes: #811481).
+
+ -- Laszlo Boszormenyi (GCS) Sat, 20 Aug 2016 10:34:30 +
+
ovirt-guest-agent (1.0.10.2.dfsg-2) unstable; urgency=low
* Rework useradd logic not to fail if gid 175 already present
diff -Nru ovirt-guest-agent-1.0.10.2.dfsg/d
2) jessie; urgency=medium
+
+ * Fix CVE-2016-6153 , Tempdir Selection Vulnerability.
+ * Backport fix for segfault following heavy SAVEPOINT usage
+(closes: #835205).
+
+ -- Laszlo Boszormenyi (GCS) Thu, 25 Aug 2016 16:10:24 +
+
sqlite3 (3.8.7.1-1+deb8u1) jessie-security; urgency=high
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
ntfs-3g previously used a virtual library[1] that caused problems with
packages depending on it. I've created a normal, binNMU safe library
package which currently sits in experimental.
T
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
ICU has a new major upstream release, supporting several new things
that I would like to see in Stretch:
- CLDR[1] 28 [2] and 29 [3] support,
- Unicode 8.0.0 [4] support.
As it affects t
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
I'd like to do the libcrypto++ 5.6.1 to 5.6.3 transition. The latter is
already in experimental. Affected package maintainers are noted,
waiting for feedback. For the time being, I've reb
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
I don't know if the Release Team follows JavaScript library
transitions or not. But I think it's better to be aware of
angular.js (libjs-angularjs) 1.3 (in Sid) to 1.5 (in experimental)
t
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
A small transition of libpgm, its soname changed from 5.1 to 5.2 which
is already in experimental.
Affected packages are:
libxs
zeromq
zeromq3
Library packages are co-installable and ca
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Mini-transition of libcutl. It has 1.8 soname in Sid and 1.9 in
experimental, but I plan to upload soname 1.10 version. May I upload
it directly to Sid or should I target experimental fir
m upstream (LP: #1379297).
+
+ -- Laszlo Boszormenyi (GCS) Mon, 22 Dec 2014 07:42:41 +
+
python-greenlet (0.4.2-1) unstable; urgency=low
* New upstream release.
diff -Nru python-greenlet-0.4.2/debian/patches/arm32-always-use-frame-pointer python-greenlet-0.4.2/debian/patches/arm32-always
06:03:37.0 +
@@ -1,3 +1,12 @@
+python-gevent (1.0.1-2) unstable; urgency=medium
+
+ * Add dh-python to Build-Depends.
+
+ [ Jan Gerber ]
+ * Use PROTOCOL_SSLv23 instead of PROTOCOL_SSLv3 (closes: #770616).
+
+ -- Laszlo Boszormenyi (GCS) Sat, 13 Dec 2014 05:54:50 +
+
python-gevent (1.
f 2.62,
with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/&/g'`\\"
diff -Nur sqlite3-3.8.7.1/debian/changelog sqlite3-3.8.7.2/debian/changelog
--- sqlite3-3.8.7.1/debian/changelog 2014-11-06 16:25:11.0 +
+++
13706).
+
+ [ Simon Ward ]
+ * Fix manpage typos (closes: #525252).
+
+ -- Laszlo Boszormenyi (GCS) Thu, 04 Dec 2014 20:44:01 +
+
dmraid (1.0.0.rc16-5) unstable; urgency=low
* QA upload.
diff -u dmraid-1.0.0.rc16/debian/control dmraid-1.0.0.rc16/debian/control
--- dmraid-1.0.0.rc16/d
+
+++ tcplay-1.1/debian/changelog 2014-12-03 06:55:21.0 +
@@ -1,3 +1,11 @@
+tcplay (1.1-2) unstable; urgency=high
+
+ * Backport upstream fix to prevent data loss on 4k sector drives
+(closes: #771719).
+ * Update Standards-Version to 3.9.6 .
+
+ -- Laszlo Boszormenyi (GCS) Mon
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hi Release Team,
Please consider unblocking libsodium/1.0.1-1 despite being a new,
bugfix only upstream release. Its changelog[1] says:
-- cut --
* DLL_EXPORT was renamed SODIUM_DLL_E
ebian/changelog ntfs-3g-2014.2.15AR.3/debian/changelog
--- ntfs-3g-2014.2.15AR.2/debian/changelog 2014-10-05 15:21:12.0 +
+++ ntfs-3g-2014.2.15AR.3/debian/changelog 2014-11-15 14:42:16.0 +
@@ -1,3 +1,10 @@
+ntfs-3g (1:2014.2.15AR.3-1) unstable; urgency=medium
+
+ * New
ild depend on node-jsdom, it's too old to run tests
+(closes: #768719).
+
+ -- Laszlo Boszormenyi (GCS) Tue, 11 Nov 2014 20:23:28 +
+
d3 (3.4.13-1) unstable; urgency=medium
* New upstream release.
diff -Nru d3-3.4.13/debian/control d3-3.4.13/debian/control
--- d3-3.4.13/debian/con
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hi Release Team,
Please unblock angular.js and let it migrate to Jessie. It's more than a
month (34 days) ago in Sid. Didn't migrate in time as Thomas Goirand
blocked it with too tight depe
On Thu, 2014-11-06 at 19:51 +0100, Laszlo Boszormenyi (GCS) wrote:
> The code debdiff is attached. I've the whole debdiff as well, but that
> contains many small HTML updates in documentation and being big.
Ups, sent a wrong one. The correct one is attached to this mail.
Laszlo/GC
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Dear Release Team,
Please consider the latest upload of sqlite3. Its an immediate bugfix
release to fix important issues. Quoting upstream[1]:
In PRAGMA journal_mode=TRUNCATE mode, call fsy
ebian/changelog
--- rdesktop-1.8.2/debian/changelog 2014-10-16 16:22:13.0 +
+++ rdesktop-1.8.2/debian/changelog 2014-11-04 17:16:05.0 +
@@ -1,3 +1,9 @@
+rdesktop (1.8.2-3) unstable; urgency=low
+
+ * Backport fix to handle Windows key (closes: #768066).
+
+ -- Laszlo Boszormenyi
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hi,
Upstream released MongoDB 2.6.0 too late for Jessie and started to
work for 2.8.0. Then I was blind to see they backport important fixes
for the 2.4.x tree. The 2.4.11 [1] and 2.4.12 [2
1:2.4.10-3) unstable; urgency=medium
+
+ * Enable systemd unit file (closes: #767211).
+ * Update Standards-Version to 3.9.6 .
+
+ -- Laszlo Boszormenyi (GCS) Wed, 29 Oct 2014 22:43:27 +
+
mongodb (1:2.4.10-2) unstable; urgency=low
* Enable systemd service (closes: #745674).
diff -Nru mong
-11-01 15:12:02.0 +
@@ -1,3 +1,10 @@
+libdbi (0.9.0-4) unstable; urgency=medium
+
+ * Backport fix for double-free in dbi_shutdown_r() (closes: #764130).
+ * Update Standards-Version to 3.9.6 .
+
+ -- Laszlo Boszormenyi (GCS) Sat, 01 Nov 2014 12:06:55 +
+
libdbi (0.9.0-3
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Hi Release Managers,
ntfs-3g changed its provides to libntfs-3g852 (virtual library). This
prevents its migration due to that testdisk and partclone was built for
the previous version, libnt
On Mon, 2013-04-29 at 19:05 +0100, Adam D. Barratt wrote:
> On Sun, 2013-04-28 at 19:34 +0000, Laszlo Boszormenyi (GCS) wrote:
> > SQLite3 used umask to control file access permissions on newly created
> > files. But umask affects the whole process and in multi-thread
> > ap
Dear Release Team,
SQLite3 used umask to control file access permissions on newly created
files. But umask affects the whole process and in multi-thread
applications this means if an other thread creates a file that will use
that setting as well. This is bad as for short period of times SQLite3
s
On Sun, 2013-03-17 at 15:37 +, Jonathan Wiltshire wrote:
> On Sun, Mar 17, 2013 at 03:06:17PM +, Jonathan Wiltshire wrote:
> > On Sun, Mar 03, 2013 at 08:02:32PM +0000, Laszlo Boszormenyi (GCS) wrote:
> > > There are several important, RC bugfix over syslog-ng
On Wed, 2013-03-06 at 13:17 +0100, Michael Biebl wrote:
> 1/ as you no longer mark the symlinks as conffiles, the cleanup in
> syslog-ng-core.postrm is not necessary.
Removed.
> 2/ you need to remove the existing conffile symlinks in
> syslog-ng-core.preinst so dpkg converts it to non-conffiles o
On Tue, 2013-03-05 at 21:05 +0100, Michael Biebl wrote:
> On 03.03.2013 22:53, Michael Biebl wrote:
> >
> > Seeing the poor handling of symlinked conffiles, I'm wondering if we
> > should also remove them for the other affected packages, which do that:
[...]
> After a closer look, all those packag
es, that code is not
+needed anymore.
+ * Use the standard /var/log/mail.{info,err,warn} location for the various
+mail-related logs (closes: #692056).
+ * Use /dev/ttyva on kFreeBSD as the target of the d_console_all
+ destination (closes: #697042).
+
+ [ Laszlo Boszormenyi (GCS) ]
+ * Fix
Hi Nikolaus,
On Sun, 2013-02-24 at 18:41 -0800, Nikolaus Rath wrote:
> I'd like to upload a new version of S3QL to testing-proposed-updates to
> fix bug #701350. Unstable already contains a newer upstream release
> (1.12), so I cannot upload there.
[...]
> The necessary patch is one line (adding f
Hi Adam,
On Wed, 2012-12-19 at 19:55 +, Adam D. Barratt wrote:
> On Sat, 2012-11-24 at 13:34 +, Adam D. Barratt wrote:
> > On Fri, 2012-11-09 at 23:08 +0100, Jelmer Vernooij wrote:
> > > On Fri, 2012-11-09 at 06:08 +, Adam D. Barratt wrote:
> > > > It also itself FTBFS on a few archite
On Wed, 2012-11-21 at 21:44 +0100, Michael Biebl wrote:
> On 21.11.2012 21:39, Laszlo Boszormenyi (GCS) wrote:
> > Tested on the CLI, then copied late in the evening. Will be:
> > ++while [ $($COUCHDB -s 2>/dev/null | grep -c process) -eq 1 ]; \
> > ++do
On Wed, 2012-11-21 at 19:36 +0100, Julien Cristau wrote:
> On Tue, Nov 20, 2012 at 21:17:21 +0000, Laszlo Boszormenyi (GCS) wrote:
> Thanks, I think that should be acceptable.
OK, -3 will be uploaded if you nod on the s/couchdb/$COUCHDB/ change.
See below.
> > - logrotate will prop
On Mon, 2012-11-19 at 11:07 +0100, Julien Cristau wrote:
> On Mon, Nov 19, 2012 at 01:18:34 +0000, Laszlo Boszormenyi (GCS) wrote:
> > Agree. That's an other thing upstream should fix. However I don't think
> > that would happen soon, at least not for Wheezy. I'l
On Mon, 2012-11-19 at 01:56 +0100, Michael Biebl wrote:
> On 18.11.2012 21:42, Laszlo Boszormenyi (GCS) wrote:
> > Fixes four RC bugs. The first one is that couchdb needs some time to
> > stop. Added three seconds wait time to stop in initscript and to postrm
> > (the lat
On Mon, 2012-11-12 at 21:28 +, Adam D. Barratt wrote:
> On Fri, 2012-10-12 at 05:22 +0000, Laszlo Boszormenyi (GCS) wrote:
> > On Thu, 2012-10-11 at 23:18 +0200, Julien Cristau wrote:
> > [ about CouchDB storing its PID file as root ]
> > > Ping. Is this getting fi
On Thu, 2012-10-11 at 23:18 +0200, Julien Cristau wrote:
[ about CouchDB storing its PID file as root ]
> Ping. Is this getting fixed?
Upstream knows about this issue, promised a fix which won't be easy as
I can remember. Now they are busy with releasing 1.3.0 and a bugfix
branch of 1.2.0 . Don't
On Thu, 2012-09-13 at 14:42 +0200, Mehdi Dogguy wrote:
> On 25/08/12 16:34, Laszlo Boszormenyi (GCS) wrote:
> > I plan to take over of python-eventlet . It has a FTBFS bug[1] in Wheezy
> > due to the bug in python-greenlet [2]. It is fixed, but not migrated to
> > testing due
On Mon, 2012-10-08 at 14:02 +0200, Mehdi Dogguy wrote:
> On 13/09/2012 14:42, Mehdi Dogguy wrote:
> > On 25/08/12 16:34, Laszlo Boszormenyi (GCS) wrote:
> >> I plan to take over of python-eventlet . It has a FTBFS bug[1] in Wheezy
> >> due to the bug in python-greenle
(0.3.1-2.1) wheezy-proposed-updates; urgency=low
+
+ * Non-maintainer upload.
+ * Add missing .egg-info file for Wheezy.
+ * Fix packaging SCM browser location.
+ * Fix copyright use template lintian error.
+
+ -- Laszlo Boszormenyi (GCS) Sat, 25 Aug 2012 15:52:00 +0200
+
python-greenlet (0.3.1
Fix some test cases to deal with non-deterministic dump output
+(closes: #665028), thanks to Salvatore Bonaccorso for the heads-up.
+
+ -- Laszlo Boszormenyi (GCS) Sat, 25 Aug 2012 13:21:49 +0200
+
cvs2svn (2.3.0-2) unstable; urgency=low
* Pass '--prefix=/usr' to 'setup.py
On Fri, 2012-07-27 at 22:55 +0200, Julien Cristau wrote:
> On Thu, Jul 19, 2012 at 23:43:56 +0000, Laszlo Boszormenyi (GCS) wrote:
> > On new installs /var/run/couchdb is created to store the pidfile in, but
> > as root:root . Then the couchdb user can't store its pid the
0
+++ couchdb-1.2.0/debian/changelog 2012-07-19 20:35:03.0 +0200
@@ -1,3 +1,9 @@
+couchdb (1.2.0-2) unstable; urgency=low
+
+ * Make couchdb user own its run directory (closes: #681549).
+
+ -- Laszlo Boszormenyi (GCS) Thu, 19 Jul 2012 20:13:25 +0200
+
couchdb (1.2.0-1) unstable; urg
Answering to my own mail.
On Tue, 2012-07-17 at 05:38 +, Laszlo Boszormenyi (GCS) wrote:
> On Tue, 2012-07-17 at 09:27 +0900, Charles Plessy wrote:
> > 2) Install in Alioth's collab-maint a git repository made with the --debsnap
> >option of git-import-dscs, unless we
On Tue, 2012-07-17 at 09:27 +0900, Charles Plessy wrote:
> how about the following (inspired by http://dep.debian.net/deps/dep2/)
>
> Maintainer: mime-supp...@packages.debian.org
> Uploaders:
> Laszlo Boszormenyi (GCS) ,
> Charles Plessy ,
Hope Brian will also join. Ma
On Mon, 2012-07-16 at 23:35 +0200, Cyril Brulebois wrote:
> Laszlo Boszormenyi (GCS) (16/07/2012):
> > My intention was to limit people who can commit to mime-support. It
> > seems there are multiple viewpoints for example about
> > application/x-httpd-* types. One may do mo
Hi Cyril,
On Mon, 2012-07-16 at 22:49 +0200, Cyril Brulebois wrote:
> Charles Plessy (16/07/2012):
> > If nobody else volunteers, I propose to start a maintenance group for
> > the mime-support package, that I would store in a Git repository on
> > Alioth's collab-maint group.
Just for the recor
Hi all,
On Thu, 2012-05-24 at 02:50 +0300, Touko Korpela wrote:
> On Wed, May 23, 2012 at 11:31:33PM +0300, Touko Korpela wrote:
> > This bug blocks lvm2 from migrating to testing. Maybe cryptmount should
> > temporarily removed from testing? Or are tools wrong, and lvm2 update
> > don't make situ
70 matches
Mail list logo