Hi Adam,
Following up on some issues:
On Sun, Jun 10, 2018 at 07:35:16PM +0100, Adam D. Barratt wrote:
> Is it worth retrying any of these?
>
> * graphicsmagick 1.3.20-3+deb8u2 (powerpc)
Tried a giveback, but it's a persistent test suite which breaks
the build. Not sure.
> * mariadb-10.0
Jonathan Wiltshire schrieb:
> Hi,
>
> You uploaded goldencheetah 4.0.0~DEV1607-2+deb9u1 to proposed-updates but
> with a target suite of stretch-security. Was that meant to go to the
> security archive?
This was released via the security update, it was part of the compat
changes
On Mon, May 14, 2018 at 06:26:08PM +0100, Jonathan Wiltshire wrote:
> Hi,
>
> According to my records main security support for Jessie can end any time
> after 17th June.
>
> So to the security team: do you have a date in mind?
The 17th :-)
Cheers,
Moritz
On Tue, Feb 20, 2018 at 01:56:12PM -0600, Benjamin Kaduk wrote:
> On Tue, Feb 20, 2018 at 08:51:16PM +0100, Salvatore Bonaccorso wrote:
> > Hi Thorsten,
> >
> > On Tue, Feb 20, 2018 at 02:45:48PM +0100, Thorsten Alteholz wrote:
> > > Hi everybody,
> > >
> > > the latest security update of the
On Mon, Dec 25, 2017 at 09:26:58PM +0100, Ludovico Cavedon wrote:
> - #866721 and #866719, which are securirity-related issues. Do you want
> me to reach out to the security team about these first?
Those are marked no-dsa for quite a while, so not needed.
Cheers,
Moritz
Emilio Pozuelo Monfort schrieb:
> DSA shut down the kfreebsd buildds.
Is that a temporary measure or permanently due to the state of
the port?
(Just wondering since there's unofficial security builds
for kfreebsd-* despite not being a release arch; if that also affects
those
On Sun, Nov 26, 2017 at 01:52:04PM +, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Fri, 2017-11-24 at 23:18 +0100, Moritz Muehlenhoff wrote:
> > I'd like to add a fix for a minor security issue in Python 2.7 to the
> > as a followup update to what's already in spu. debdiff is
Sebastian Andrzej Siewior schrieb:
> I did a grep and it seems that all affected users are blocked by
> #858398 except for hhvm.
I have patches to switch HHVM to openssl 1.1, only need to find some time
to prepare an upload.
Cheers,
Moritz
On Thu, Aug 24, 2017 at 05:23:53PM +0200, Bastien ROUCARIÈS wrote:
> Package: release.debian.org
> Severity: wishlist
>
> Hi,
>
> I plan to release imagemagick 7 before next stable version. And I want to
> coexist imagemagick6 and imagemagick7.
Why? That means twice the security updates (which
On Sun, Jul 23, 2017 at 12:20:25PM +0200, Mateusz Łukasik wrote:
> Package: release.debian.org
> Severity: normal
> Tags: stretch
> User: release.debian@packages.debian.org
> Usertags: pu
>
> Dear SRMs,
>
> I would like to update smplayer in Stretch to fix #869411, it was already
> fixed in
On Fri, Jul 21, 2017 at 09:51:45AM -0400, Antoine Beaupré wrote:
> On 2017-07-20 18:15:00, Philipp Kern wrote:
> > On 07/17/2017 09:41 PM, Antoine Beaupré wrote:
> >> Let's not jump the gun here. We're not shipping NSS in ca-certificates,
> >> just a tiny part of it: one text file, more or less.
>
Salvatore Bonaccorso wrote:
> > Unfortunately, I've had to flag the upload for rejection - it's somehow
> > picked up a new dependency on "libschroedinger-1.0-0 (>= 1.0.0)", but
> > that binary package is not in stretch.
>
> Hmm, could it be the building chroot was unclean (contained jessie
>
On Sat, Jul 15, 2017 at 09:19:08PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Sat, 2017-07-15 at 19:12 +0200, Moritz Muehlenhoff wrote:
> > some minor security fixes for libquicktime, identical to what's
> > already in unstable and also tested with reverse deps on
Adam wrote:
> I'm not entirely sure how you think p-u is better placed to do so, given
> the amount of visible testing packages from it get before a point
> release.
It's not necessarily for the additional testing done on p-u (although
I personally use it like that and probably others well),
On Sat, Jan 28, 2017 at 07:37:09PM +0100, Julien Cristau wrote:
> On Sat, Jun 11, 2016 at 20:59:53 +0200, Kurt Roeckx wrote:
>
> > OpenSSL will soon release a new upstream version with a new
> > soname. This new version will break various packages, see:
> >
Niels Thykier schrieb:
>> 852603 virglrenderer can-defer virglrenderer:
>> CVE-2016-10163
>> 852604 virglrenderer can-defer virglrenderer:
>> CVE-2017-5580
This hasn't been in a stable release yet and it already orphaned. If noone
On Thu, Jan 05, 2017 at 09:39:16PM +0100, Sebastian Andrzej Siewior wrote:
> On 2016-12-31 17:35:47 [+0100], Julien Cristau wrote:
> > Is this really something we need to be shipping? If yes, I'd personally
> > really like this to get an explicit exemption from normal policy by the
> > security
On Sun, Aug 28, 2016 at 03:55:24PM +0100, Adam D. Barratt wrote:
> Control: tags -1 +confirmed -moreinfo
>
> [re-ordered]
>
> > Am 2016-07-29 um 14:20 schrieb Julien Cristau:
> > > Control: tag -1 moreinfo
> > >
> > > On Mon, Jul 4, 2016 at 18:22:46 +0200, Simon Kainz wrote:
> [...]
> > >>
>
> The latest security upload of mysql-5.5 breaks akonadi-backend-mysql in
> stable,
> this is due to a change in the compiled-in configuration values that are
> incompatible with the ones shipped in the akonadi backend *.
>
> In the bug #843520 [1] the mysql maintainers requested this to be
Niels Thykier schrieb:
> If I am to support powerpc as a realease architecture for Stretch, I
> need to know that there are *active* porters behind it committed to
> keeping it in the working. People who would definitely catch such
> issues long before the release. People who
Hi Didier,
> Have we removed protocols' support in {old,}stable before?.
We have done that on a case-by-case basis via point updates in the past,
seems also fine here.
Cheers,
Moritz
John Paul Adrian Glaubitz schrieb:
> This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
> --a6PKWkjgHofM7jQeP6IIWOK9h7Ax8iC64
> Content-Type: multipart/mixed; boundary="bwOPGPFUk1EHlmixEJpS4SCMBBipFWjH9";
> protected-headers="v1"
> From: John Paul Adrian
Matthias Klose wrote:
> Afaiu the security team also doesn't care
> about these ports when they fail to build for security updates.
Indeed. The openjdk updates are already really time-consuming, we can't
afford additional update rounds for exotic archs without official upstream
support.
Cheers,
buzz (0.9.35-2+deb8u1) jessie; urgency=medium
> > +
> > + * Backport upstream commit 613e630617074eb9b62b794cc37c9b42a7fb079b to
> > address
> > +CVE-2016-2052
> > +
> > + -- Moritz Mühlenhoff <j...@debian.org> Mon, 30 May 2016 23:49:46 +0200
> > +
&g
Aurelien Jarno schrieb:
> On 2016-08-14 16:00, Salvatore Bonaccorso wrote:
>> Package: release.debian.org
>> Severity: normal
>> Tags: jessie
>> User: release.debian@packages.debian.org
>> Usertags: pu
>>
>> Dear SRM
>>
>> I would like to propose the following
On Tue, Jul 12, 2016 at 09:55:23PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Thu, 2016-06-30 at 22:17 +0200, Moritz Muehlenhoff wrote:
> > +python2.7 (2.7.9-2+deb8u1) jessie; urgency=medium
> > +
> > + * Backport upstream commit b3ce713fb9beebfff9848cefa0acbd59acc68fe9
On Tue, Jul 12, 2016 at 09:56:12PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Thu, 2016-06-30 at 22:19 +0200, Moritz Muehlenhoff wrote:
> > +harfbuzz (0.9.35-2+deb8u1) jessie; urgency=medium
> > +
> > + * Backport upstream commit 613e630617074eb9b62b794cc37c9b42a7fb079b
On Sat, May 28, 2016 at 08:32:04PM +0200, Salvatore Bonaccorso wrote:
> Hi all,
>
> On Sat, Nov 01, 2014 at 08:50:05PM +0100, Moritz Mühlenhoff wrote:
> > On Sat, Nov 01, 2014 at 02:30:02PM -0400, Michael Gilbert wrote:
> > > On Sat, Nov 1, 2014 at 11:46 AM, Sa
On Tue, May 24, 2016 at 09:34:49PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Thu, 2016-03-17 at 23:06 +0100, Moritz Muehlenhoff wrote:
> > I'd like to update icedtea-web in jessie to 1.5.3 in the next
> > jessie point release. This fixes two security issues
On Mon, May 23, 2016 at 09:48:30PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo jessie
>
> On Mon, 2016-05-23 at 22:33 +0200, Moritz Muehlenhoff wrote:
> > please remove mediawiki in the upcoming jessie point release. Security
> > support for it was limited for a year as mentioned
On Thu, Mar 17, 2016 at 11:06:05PM +0100, Moritz Muehlenhoff wrote:
> Package: release.debian.org
> Severity: normal
> Tags: jessie
> User: release.debian@packages.debian.org
> Usertags: pu
>
> Hi,
> I'd like to update icedtea-web in jessie to 1.5.3 in the next
> jessie point release. This
On Mon, Apr 25, 2016 at 07:16:02PM +0200, Pino Toscano wrote:
> Package: release.debian.org
> Severity: normal
> Tags: jessie
> User: release.debian@packages.debian.org
> Usertags: pu
>
> Hi,
>
> simple jessie-pu for poppler, just fixed in unstable, which fixes
> CVE-2015-8868; attached
On Tue, Mar 29, 2016 at 11:23:30PM +0200, Markus Koschany wrote:
> Am 29.03.2016 um 23:01 schrieb Moritz Mühlenhoff:
> > On Tue, Mar 29, 2016 at 10:03:56PM +0200, Markus Koschany wrote:
> >> The Security Team decided to mark the issues in Jessie as no-dsa because
> >> w
On Thu, Mar 24, 2016 at 06:35:55AM +, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Wed, 2016-03-23 at 23:12 +0100, Moritz Mühlenhoff wrote:
> [...]
> > > > > On Fri, 2016-03-18 at 19:33 +0100, Moritz Muehlenhoff wrote:
> > > > > > I
On Wed, Mar 23, 2016 at 10:11:32PM +, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Wed, 2016-03-23 at 22:56 +0100, Moritz Muehlenhoff wrote:
> > Another update for no-dsa security issues, this time in libsndfile.
> > The patches have been used in unstable for over four months,
tags 818615 -moreinfo
thanks
On Tue, Mar 22, 2016 at 07:56:40PM +, Adam D. Barratt wrote:
> On Fri, 2016-03-18 at 20:58 +0100, Salvatore Bonaccorso wrote:
> > HI Adam,
> >
> > Not Moritz here but can answer the question as well:
> >
> > On Fri, Mar 18, 2016 at 07:22:34PM +, Adam D.
On Sun, Mar 20, 2016 at 06:43:48PM +, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Sun, 2016-03-20 at 19:33 +0100, Moritz Muehlenhoff wrote:
> > +cairo (1.14.0-2.1+deb8u1) jessie; urgency=medium
> > +
> > + * Fix CVE-2016-3190
>
> I'd prefer a slightly more detailed
On Mon, Mar 14, 2016 at 11:00:12AM +0100, Ondřej Surý wrote:
> Package: release.debian.org
> Severity: normal
> Tags: jessie
> User: release.debian@packages.debian.org
> Usertags: pu
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hi,
>
> security team still seems to be heavily
On Sun, Feb 28, 2016 at 07:42:46PM +0100, Salvatore Bonaccorso wrote:
> Hi Markus,
>
> Just one note:
>
> On Sun, Feb 28, 2016 at 06:22:08PM +0100, Markus Frosch wrote:
> > +php-dompdf (0.6.1+dfsg-2+deb8u1) UNRELEASED; urgency=medium
> > +
> > + * Non-maintainer upload.
> > + * [22610bd] Add
On Wed, Mar 02, 2016 at 09:01:34PM +0100, Yves-Alexis Perez wrote:
> On mer., 2016-03-02 at 20:06 +0100, Moritz Muehlenhoff wrote:
> > Before considering that, did anyone approch grsecurity whether we can get
> > access to the grsecurity stable patches? We would most definitely have
> > Debian
>
Hi,
see 812630/816228 (also discussed with Roland): Security team would to drop
jasper from stretch
(and eventually from the archive). Some high-profile users like gdk-pixbuf
already had it
dropped some time ago.
Ok with the release team? Could you please setup a removal/transition tracker
for
On Mon, Feb 22, 2016 at 06:42:20PM +0100, Guido Günther wrote:
> Hi Adam,
> On Sat, Feb 20, 2016 at 02:27:27PM +, Adam D. Barratt wrote:
> > [apologies to anyone who's ended up with three copies of this; the
> > original got eaten due to a misconfiguration on my side - please only
> > reply to
On Thu, Jan 28, 2016 at 08:15:30PM +, Ben Hutchings wrote:
> On Thu, 2016-01-28 at 20:01 +0100, Moritz Mühlenhoff wrote:
> > Ben Hutchings <b...@decadent.org.uk> wrote:
> > > For stretch, I would very much like to choose a kernel version for
> > > stretch that
On Fri, Jan 15, 2016 at 04:09:58PM +0100, Norvald H. Ryeng wrote:
> so I'll need the complete list of
> requirements first. The Debian MySQL team has asked for a list, in
> writing, several times now, but that list has not been produced.
Here's what it essentially boils down to:
- Public,
On Mon, Jan 11, 2016 at 08:14:06PM +, Robie Basak wrote:
> On Mon, Jan 11, 2016 at 07:27:30PM +0100, Moritz Mühlenhoff wrote:
> > *Sigh*. And that is exactly the problem (and we've already pointed this
> > out at DebConf half a year ago)
> >
> > We should reall
On Mon, Jan 11, 2016 at 02:13:40PM +0100, Norvald H. Ryeng wrote:
> On Mon, 11 Jan 2016 13:59:07 +0100, Otto Kekäläinen wrote:
>
> >2016-01-11 13:54 GMT+02:00 Norvald H. Ryeng :
> >>On Mon, 28 Dec 2015 13:28:18 +0100, Otto Kekäläinen
>
Hi,
Personally I'm in favour of following the openssl point updates and I'd
like to add an additional data point to the discussion:
CVE-2015-3196 was already fixed as a plain bugfix in an earlier point
release, but the security impact was only noticed later on, so following
the point updates
On Thu, Oct 29, 2015 at 08:48:27AM +, Julien Cristau wrote:
> On Wed, Oct 28, 2015 at 23:06:07 +0100, Moritz Muehlenhoff wrote:
>
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: rm
> >
> > Hi,
> > please remove mopidy as
On Thu, Oct 29, 2015 at 07:52:23PM +, luca wrote:
> Package: release.debian.org
> Severity: normal
> Tags: jessie
> User: release.debian@packages.debian.org
> Usertags: pu
>
> Dear release team,
>
> We would like to update libvdpau in jessie to address a segmentation fault in
> a
>
On Tue, Sep 15, 2015 at 09:16:48PM +0100, Adam D. Barratt wrote:
> Control: tags -1 -moreinfo +confirmed
>
> On Fri, 2015-09-11 at 20:24 +0200, Moritz Mühlenhoff wrote:
> > On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote:
> > > Control: tags -1 + moreinfo
&
On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
>
> On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote:
> > This update fixes four minor security issues which don't warrant
> > a DSA. These have been tested in a production setup and were
> >
On Sat, Aug 29, 2015 at 04:15:55PM +0100, Adam D. Barratt wrote:
Control: tags -1 + confirmed
On Mon, 2015-05-25 at 23:13 +0200, Moritz Muehlenhoff wrote:
it has been requested multiple times to also provide
debian-security-support for wheezy.
All the data relevant for wheezy is
On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote:
Control: tags -1 + moreinfo
On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote:
This update fixes four minor security issues which don't warrant
a DSA. These have been tested in a production setup and were
working
Clint Byrum spam...@debian.org schrieb:
I'd be interested to hear the security team's impressions on how shipping
micro releases of MySQL has gone for them.
We're planning to discuss that at DebConf (and will also include the
release team).
Sure they have a _ridiculous_ policy about not
Andreas Cadhalpun wrote:
But having mysql-5.5 and mariadb-10.0 in jessie is apparently no
problem, despite previous claims. What's the difference?
To properly migrate over a daemon they need to co-exist for a stable
release, while a lib does not. Stretch will only have one of them.
How do
On Wed, Apr 29, 2015 at 08:33:07PM +0200, Andreas Cadhalpun wrote:
Having both for a year along each other will only waste people's time. Now
at the beginning of the release cycle is the time to make a decision,
not by dragging things into a year as of today. Picking one of the two
won't
On Sun, Apr 26, 2015 at 11:57:43AM +0100, Jonathan Wiltshire wrote:
On Fri, Apr 17, 2015 at 05:21:05PM +0200, Moritz Muehlenhoff wrote:
Please unblock package chromium-browser. It fixes multiple
security issues (and would also need some aging at this
point)
Should this be progressed to
tOn Thu, Apr 23, 2015 at 10:03:02PM +0100, Jonathan Wiltshire wrote:
Control: tag -1 moreinfo
On Fri, Apr 17, 2015 at 05:23:39PM +0200, Moritz Muehlenhoff wrote:
Please unblock package openjdk-7. It fixes multiple security
issues. ATM the build failed on mips (that was sorted
out with a
On Thu, Apr 16, 2015 at 04:02:23PM +0200, Raphael Hertzog wrote:
Yes there are packages which are unsupported in Squeeze but very much
like there are unsupported packages in Wheezy right now:
Also, all other distros with long support have some level of reduced
support over time, see for example
On Wed, Mar 04, 2015 at 09:46:20AM +0100, Ivo De Decker wrote:
Hi,
On Fri, Feb 13, 2015 at 05:52:36PM +0100, Moritz Muehlenhoff wrote:
please remove oss4 from jessie. There's been no maintainer
followup since a month (plus no action back then we Ben
initially reported it to the
On Fri, Jan 23, 2015 at 02:26:06PM +0100, Raphael Hertzog wrote:
On Wed, 21 Jan 2015, Raphael Hertzog wrote:
Some notes:
- the final upload will include the bug closure of #775375
- there's a small tweak of a Suggests dependency, it was not intended for
jessie but I don't see how it can
On Tue, Dec 30, 2014 at 12:29:35PM +0100, Matthias Klose wrote:
forgot to mention that there are no regression in the binutils testsuite on
all
release architectures, and that there are no regression in the gcc-4.8 and
gcc-4.9 testsuites on all release architectures.
Did someone from the
On Wed, Dec 31, 2014 at 04:41:29PM +0100, Kurt Roeckx wrote:
On Wed, Dec 31, 2014 at 02:00:23PM +, Adam D. Barratt wrote:
Control: tags -1 + moreinfo
On Wed, 2014-12-31 at 13:52 +0100, Kurt Roeckx wrote:
I would like to disable SSLv3 by default in wheezy.
Do we know how well
On Fri, Nov 21, 2014 at 08:30:37PM +0100, Niels Thykier wrote:
On 2014-11-21 14:56, Salvatore Bonaccorso wrote:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hi Release Team,
Please unblock package dhcpcd5, which
On Sat, Nov 08, 2014 at 03:27:26PM +, Julien Cristau wrote:
On Sat, Nov 8, 2014 at 10:29:17 +0100, Moritz Mühlenhoff wrote:
On Sun, Nov 02, 2014 at 11:53:44PM +0100, Moritz Muehlenhoff wrote:
On Sun, Nov 02, 2014 at 06:19:51PM +0100, Julien Cristau wrote:
On Tue, Sep 23, 2014
On Sun, Nov 02, 2014 at 11:53:44PM +0100, Moritz Muehlenhoff wrote:
On Sun, Nov 02, 2014 at 06:19:51PM +0100, Julien Cristau wrote:
On Tue, Sep 23, 2014 at 22:36:43 +0200, Moritz Mühlenhoff wrote:
Sorry I didn't get to these quickly. Do you have an updated list and/or
package versions
On Sat, Nov 01, 2014 at 02:30:02PM -0400, Michael Gilbert wrote:
On Sat, Nov 1, 2014 at 11:46 AM, Salvatore Bonaccorso wrote:
Given Dominique's reply on #767411, from my POV I think the best
solution would be to remove torque completely for jessie (i.e. first
drop support from openmpi to be
Adam D. Barratt a...@adam-barratt.org.uk schrieb:
On 2014-10-01 13:25, Moritz Mühlenhoff wrote:
Adam D. Barratt a...@adam-barratt.org.uk schrieb:
The alternative is to drop chromium security support for wheezy way
too soon.
They're not the only alternatives. Granted, they may be the only
Adam D. Barratt a...@adam-barratt.org.uk schrieb:
The alternative is to drop chromium security support for wheezy way too soon.
They're not the only alternatives. Granted, they may be the only ones
which you're willing to support.
What other alternatives do you have in mind?
Cheers,
On Wed, Oct 01, 2014 at 04:32:24PM +0200, Andreas Cadhalpun wrote:
However, I can understand why one embedded
code copy is better than one embedded code copy plus a library in
addition to it.
This would be understandable, yes.
There are now two options:
a) Let FFmpeg migrate to testing
On Sun, Sep 28, 2014 at 11:27:03AM +0200, Andreas Cadhalpun wrote:
So would you please explain why you see a problem?
It has all been written before, I'm not going to repeat
it all over again. We can pick libav _or_ ffmpeg for jessie+1.
EOD for me.
Chromium using a local copy of the lib doesn't
Alessio Treglia ales...@debian.org schrieb:
On Fri, Sep 26, 2014 at 10:28 PM, Andreas Barth a...@ayous.org wrote:
That sounds like we should drop libav and release with ffmpeg. Is this
also the opinion of the libav maintainers? Or is there a strong reason
why this is not possible?
Although
On Sat, Sep 20, 2014 at 04:04:11PM +0300, Otto Kekäläinen wrote:
Hello!
2014-09-17 22:57 GMT+03:00 Moritz Mühlenhoff j...@inutil.org:
Has there been any progress? The freeze is coming closer.
Both MySQL 5.6 and MariaDB 10.0 are still only in experimental. The
5.5 versions are in testing
On Sat, Sep 20, 2014 at 02:18:34PM +0200, Julien Cristau wrote:
On Sat, Sep 20, 2014 at 12:53:54 +0200, Moritz Muehlenhoff wrote:
On Sat, Sep 20, 2014 at 10:45:00AM +0200, Julien Cristau wrote:
On Wed, Sep 17, 2014 at 22:29:10 +0200, Moritz Muehlenhoff wrote:
Hi release team,
On Wed, Aug 27, 2014 at 12:55:15PM +0200, Bjoern Boschman wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
moin,
to sum things up:
* mariadb-5.5 within testing
* mariadb-10.0 within experimental
* mysql-5.5 within testing
* mysql-5.6 within experimental
*
On Wed, Aug 20, 2014 at 12:07:03PM +0200, Ondřej Surý wrote:
On Wed, Aug 20, 2014, at 11:53, Moritz Mühlenhoff wrote:
On Thu, Aug 07, 2014 at 11:37:30AM +0200, Ondřej Surý wrote:
Package: release.debian.org
Severity: normal
Tags: wheezy
User: release.debian@packages.debian.org
On Thu, Aug 07, 2014 at 11:37:30AM +0200, Ondřej Surý wrote:
Package: release.debian.org
Severity: normal
Tags: wheezy
User: release.debian@packages.debian.org
Usertags: pu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Dear release team,
as discussed on #debian-release about
Niels Thykier ni...@thykier.net schrieb:
This in fact requires a bit more time, see below:
Checking reverse dependencies...
# Broken Depends:
devil: libdevil1c2
I've reopened the bug, a resolution is pending.
foo2zjs: printer-driver-foo2zjs
This is #757384
gimp: gimp
I've reopened the
:09.0 +0200
+++ cmus-2.4.3/debian/changelog 2014-06-18 14:18:17.0 +0200
@@ -1,3 +1,10 @@
+cmus (2.4.3-2+deb7u1) wheezy; urgency=low
+
+ * Fix FTBFS related to the libmodplug upgrade in DSA 2751, patch as used in
+2.5.0-4 (Closes: #724181)
+
+ -- Moritz Mühlenhoff muehlenh
Hi all,
I've just noticed the last message on #724181, and I am sorry about
the late reply.
On Wed, Jun 18, 2014 at 1:25 PM, Moritz Mühlenhoff
muehlenh...@univention.de wrote:
Hi,
attached debdiff fixes a FTBFS of cmus in stable.
Should I wait for the ACK from the release team
Peter Palfrader wea...@debian.org schrieb:
Hi!
On Wed, 11 Jun 2014, Adam D. Barratt wrote:
The next point release for wheezy (7.6) is scheduled for Saturday,
July 12th. Stable NEW will be frozen during the preceding weekend.
I propose to update Tor in stable to the version that is now in
Control: tags -1 + confirmed
On Tue, 2014-04-15 at 14:51 +0200, Moritz Mühlenhoff wrote:
Attached debdiff fixes a FTBFS of gst-plugins-bad0.10 in stable (caused
by the libmodplug update in DSA 2751)
Please go ahead.
Uploaded.
Cheers,
Moritz
--
Moritz Mühlenhoff
Open Source Software
) stable; urgency=low
+
+ * Fix FTBFS related to the libmodplug upgrade in DSA 2751 (Closes: #726871)
+
+ -- Moritz Mühlenhoff muehlenh...@univention.de Mon, 07 Apr 2014 15:56:32 +0200
+
gst-plugins-bad0.10 (0.10.23-7.1) unstable; urgency=low
* Non-maintainer upload.
diff -Nru gst-plugins
Control: tags -1 + confirmed
On Wed, 2014-03-26 at 15:05 +0100, Moritz Mühlenhoff wrote:
gorm.app FTBFSes in stable. The attached debdiff fixes the build using
the same patch already used in the NMU for unstable.
Please go ahead; thanks.
Uploaded.
Cheers,
Moritz
--
Moritz Mühlenhoff
Adam D. Barratt a...@adam-barratt.org.uk schrieb:
Control: tags -1 + moreinfo
Apologies for the delays in getting back to this.
On Sat, 2014-02-15 at 17:53 +0100, Sébastien Villemot wrote:
The version of sage-extension currently in wheezy does not work against
iceweasel 24 (in
On Thu, Mar 27, 2014 at 10:05:09PM +0100, Mehdi Dogguy wrote:
Le 2014-03-27 20:08, Niels Thykier a écrit :
I noticed that the fix for gtkmathview is sadly incomplete (see
#638761). AFAICT lablgtkmathview does not have an (open) RC bug for
this problem. I hace CC'ed the OCAML maintainers to
Moritz Mühlenhoff j...@inutil.org schrieb:
Thus we either have to assume that most users have already upgraded to
24 from security and that the extension packages are most likely not
used on the missing architectures (ia64 and mips*),
If there's no reaction soon I recommend to follow
gorm.app-1.2.16/debian/changelog
--- gorm.app-1.2.16/debian/changelog
+++ gorm.app-1.2.16/debian/changelog
@@ -1,3 +1,10 @@
+gorm.app (1.2.16-1+deb7u1) stable; urgency=low
+
+ * Fix FTBFS using the same patch already used in the 1.2.16-1.1 NMU by
+Gregor Herrmann (Closes: #707393)
+
+ -- Moritz
=low
+
+ * Fix FTBFS issue due to json's switch from boolean to json_bool (Closes: #689225)
+
+ -- Moritz Mühlenhoff muehlenh...@univention.de Thu, 27 Feb 2014 14:42:50 +0100
+
newsbeuter (2.5-2) unstable; urgency=low
* Fix build errors with gcc-4.7 (Closes: #667296).
diff -Nru newsbeuter
On Tue, Feb 18, 2014 at 08:16:05PM +0100, Sebastian Ramacher wrote:
(Putting the bug back into the loop.)
On 2014-02-16 21:47:25, Moritz Mühlenhoff wrote:
On Sun, Feb 16, 2014 at 03:44:01PM -0500, Reinhard Tartler wrote:
On Sun, Feb 16, 2014 at 11:22 AM, Moritz Mühlenhoff j...@inutil.org
On Sat, Feb 15, 2014 at 08:57:47PM +0100, Julien Cristau wrote:
On Sat, Feb 15, 2014 at 19:37:54 +0100, Sebastian Ramacher wrote:
Hi Reinhard
On 2014-02-15 17:42:41, Reinhard Tartler wrote:
Unfortunately, this new release does break a number of packages in the
debian archive. At
Reinhard Tartler siret...@tauware.de schrieb:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hi,
We have a new libav transition pending. Libav 10 is prepared in
debian/experimental, and I've started to build packges against
On Sun, Feb 16, 2014 at 03:44:01PM -0500, Reinhard Tartler wrote:
On Sun, Feb 16, 2014 at 11:22 AM, Moritz Mühlenhoff j...@inutil.org wrote:
Reinhard Tartler siret...@tauware.de schrieb:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags
I have prepared an update for Glance over here:
http://archive.gplhost.com/pub/security/glance/
The security tracker lists this issue as potentially open in
Wheezy: https://security-tracker.debian.org/tracker/CVE-2013-4354
Does this affect stable and is there a fix which can be included
Here's the new changelog, with the remarks of J.Cristau taken into account:
[ Thomas Goirand ]
* CVE-2013-4261: [OSSA 2013-026] Fix problem with long messages in Qpid.
* CVE-2013-2096: [OSSA 2013-012] Check QCOW2 image size during root disk
creation (Closes: #710157).
The security tracker
On Thu, Oct 03, 2013 at 07:05:46PM +0100, Adam D. Barratt wrote:
Control: tags -1 + confirmed
On Fri, 2013-07-26 at 16:59 +0200, Moritz Muehlenhoff wrote:
On Thu, Jul 25, 2013 at 05:18:02PM +0100, Adam D. Barratt wrote:
diff -Nru devscripts-2.12.6/scripts/build-rdeps.pl
[...]
-my
Jonathan Wiltshire j...@debian.org schrieb:
Goals which were accepted for the Wheezy cycle, but did not reach
completion, can be carried over for Jessie. However, we require
re-submission of those goals (and any that have been discussed up until now
- we are starting with a clean slate) to
On Wed, Sep 25, 2013 at 07:06:37PM +0200, Niels Thykier wrote:
On 2013-09-25 19:02, Moritz Mühlenhoff wrote:
Jonathan Wiltshire j...@debian.org schrieb:
Goals which were accepted for the Wheezy cycle, but did not reach
completion, can be carried over for Jessie. However, we require
re
John David Anglin dave.ang...@bell.net schrieb:
On 21-Sep-13, at 7:23 PM, Ben Hutchings wrote:
I'll continue testing/software development activity on ia64 for the
Jessie cycle, and more generally, until Debian drops ia64. I'm
already
waiting for Wayland on ia64 and other big updates.
So
On Fri, Sep 06, 2013 at 05:06:03PM +0200, Moritz Mühlenhoff wrote:
Hi,
two more testing removals related to the libav9 transition:
- libavg 1.7.1-3 fails to build for unrelated boost reasons. Popcon is
virtually non-existant.
- imageshack-uploader 2.2+hg20100408.d802dea89428-5.1 patch
101 - 200 of 264 matches
Mail list logo