> "Chris" == Chris Hofstaedtler writes:
Chris> Fellow Developers,
Chris> you are probably aware of the time_t-64bit migration :-)
Chris> However, this does not magically transition all data formats to 64bit
Chris> times. One such instance is the set of utmp/wtmp and lastlog
> "Ansgar" == Ansgar writes:
Ansgar> As far as I understand this approach will break any consumer
Ansgar> on a library whose ABI changes to to the ABI changes
Ansgar> introduced here unless the consumer is built with the flags
Ansgar> from `dpkg-buildflags` (which would now
> "Johannes" == Johannes Schauer Marin Rodrigues writes:
>> also because technically it's the right decision from the release
>> team. these bugs are *currently*, in real life, merely cosmetic.
Johannes> I disagree they are cosmetic or otherwise I would not've
Johannes>
> "Bastian" == Bastian Blank writes:
Bastian> The same as now: nowhere, because those packages have been
Bastian> removed from the archive already.
Bastian> And sadly you did not answer the question why a second
Bastian> degree error must not be worse then a worked around
> "Bastian" == Bastian Blank writes:
Bastian> On Mon, Sep 25, 2023 at 04:35:08AM +0200, Andreas Beckmann wrote:
>> On 25/09/2023 00.50, Bastian Blank wrote:
>> > Already built modules remain until someone deletes it. So you
>> can also > switch back to the still installed
+
+ -- Sam Hartman Thu, 21 Sep 2023 14:55:12 -0600
+
pam (1.5.2-6) unstable; urgency=medium
* Update debian/copyright, Thanks Bastian Germann, Closes: #460232
diff --git a/debian/control b/debian/control
index 4b685f16..9cdc3f81 100644
--- a/debian/control
+++ b/debian/control
@@ -1,8 +1,8
) bullseye; urgency=medium
+
+ * Fixes CVE-2023-36054: a remote authenticated attacker can cause
+kadmind to free an uninitialized pointer. Upstream believes remote
+code execusion is unlikely, Closes: #1043431
+
+ -- Sam Hartman Mon, 14 Aug 2023 14:42:46 -0600
+
krb5 (1.18.3-6+deb11u3
attacker can cause
+kadmind to free an uninitialized pointer. Upstream believes remote
+code execusion is unlikely, Closes: #1043431
+
+ -- Sam Hartman Mon, 14 Aug 2023 14:06:53 -0600
+
krb5 (1.20.1-2) unstable; urgency=medium
* Tighten dependencies on libkrb5support0. This means
> "Luca" == Luca Boccassi writes:
>> I suspect the reason you want to make this MBF is that you
>> believe it
Luca> will somehow make the transition easier if there are fewer
Luca> files in /bin or /usr/bin.
Luca> IE, you immediately escalated it with aggressiveness
;> "Luca" == Luca Boccassi writes:
Luca> So what you are worried is the combination of a testing
Luca> installation from~one year ago, that is otherwise never
Luca> touched for say another year, and also that has one of those
Luca> 23 packages installed in the old version, and
>>>>> "Michael" == Michael Biebl writes:
Michael> Am 22.05.23 um 21:34 schrieb Sam Hartman:
>> enough benefit to justify breaking testing.
>>
Michael> No-one is breaking testing, as files are not moved between
Michael> p
>>>>> "Luca" == Luca Boccassi writes:
Luca> On Mon, 22 May 2023 at 20:22, Sam Hartman wrote:
>>
>> >>>>> "Luca" == Luca Boccassi writes:
>>
Luca> Hello Release Team, If we were to do a MBF again
> "Luca" == Luca Boccassi writes:
Luca> Hello Release Team, If we were to do a MBF against packages
Luca> that in _Bookworm_ have introduced new files in /bin, /sbin or
Luca> /lib*, would you accept the consequent mass unblock request?
Luca> I am asking beforehand as there's
: #1036055
+
+
+ -- Sam Hartman Mon, 15 May 2023 17:44:41 -0600
+
krb5 (1.20.1-1) unstable; urgency=high
[ Bastian Germann ]
diff --git a/debian/libkrb5support0.symbols b/debian/libkrb5support0.symbols
index 827d80898a..5c3de884f5 100644
--- a/debian/libkrb5support0.symbols
+++ b/debian
> "Michael" == Michael Biebl writes:
Michael> If a service is not supposed to be enabled, then an
Michael> override for dh_installsystemd is the correct solution,
Michael> setting --no-enable, but not by moving it into a
Michael> subpackage.
Sorry, I was imprecise.
Imagine
>> Moreover, I suspect in a number of the cases related to this
>> current bug, replaces will be likely. I suspect that in some of
>> the cases where units have been introduced that are disabled
>> currently, but will be enabled by the dh_installsystemd change,
>> we will
> "Sebastian" == Sebastian Ramacher writes:
Sebastian> Can you expand your concern? I expect that this issue
Sebastian> goes away as soon as we can assume that all systems are
Sebastian> /usr-merged. At that point I expect that we are able to
Sebastian> drop the workaround
>>>>> "Sebastian" == Sebastian Ramacher writes:
Sebastian> On 2023-02-23 11:12:00 -0700, Sam Hartman wrote:
>> >>>>> "Sean" == Sean Whitton writes:
>>
Sean> Hello,
Sean> On Wed 22 Feb 2023 at 09:55
> "Sean" == Sean Whitton writes:
Sean> Hello,
Sean> On Wed 22 Feb 2023 at 09:55AM +01, Sebastian Ramacher wrote:
>> Unless I am missing something, having dh_installsystemd look at
>> the service files in /usr/lib is the only viable solution for
>> bullseye -> bookworm.
>>>>> "Michael" == Michael Biebl writes:
Michael> Am 21.02.23 um 17:45 schrieb Sam Hartman:
>>>>>>> "Michael" == Michael Biebl writes:
Michael> Excluding packages that only ship overrides/drop-ins, this
Michael&
> "Michael" == Michael Biebl writes:
Michael> Excluding packages that only ship overrides/drop-ins, this
Michael> makes 37 affected packages in bookworm.
If I'm understanding this issue correctly, the concern would be a
package that moved from /lib/systemd/system to
> "Theodore" == Theodore Ts'o writes:
Theodore> So enabling what may be convenient, but ultimately an
Theodore> anti-pattern is something that hopefully in the long-term
Theodore> Debian should be trying to *avoid*.
That's certainly true.
I am not entirely convinced that using
> "Adrian" == Adrian Bunk writes:
Adrian> Below is my attempt to give an overview of the situation,
Adrian> feel free to amend/correct if anything is missing or wrong.
I believe your summary is correct and includes the issues I am aware of.
I believe I am following things enough
Replying off list, because I don't think it matters much for the RT
discussion.
> "Russ" == Russ Allbery writes:
Russ> Yes, I'm probably understating the difficulty of making this
Russ> change in practice inside image building software as it's
Russ> currently constructed.
> "Adrian" == Adrian Bunk writes:
Adrian> On Thu, Feb 16, 2023 at 05:48:22PM +0100, Daniel Leidert wrote:
>> Am Donnerstag, dem 16.02.2023 um 18:37 +0200 schrieb Adrian Bunk:
>> > On Wed, Feb 15, 2023 at 12:05:41AM +0100, Daniel Leidert wrote:
>> > > ... > > Reasons: > > ...
> "Sebastian" == Sebastian Ramacher writes:
Sebastian> To better understand the impact of this change, I was
Sebastian> wondering which tools / image builders in the archive
Sebastian> would be affected by this change. I've cloned the bug to
Sebastian> vmdb2, but what about
>>>>> "Theodore" == Theodore Ts'o writes:
Theodore> On Wed, Feb 15, 2023 at 01:17:38PM -0700, Sam Hartman wrote:
>>
>> I.E. I think your question of "for how long" has a very simple
>> answer based on our history: if we ca
> "Theodore" == Theodore Ts'o writes:
the answer to your "how long" is that packages
>> should also work with the kernel from the previous and the kernel
>> from the next Debian release.
Theodore> This isn't a problem with the kernel.
I don't think that was Adrian's point.
I
> "Jonas" == Jonas Smedegaard writes:
Jonas> Yes, I am aware that the Rust team packages arch-all code as
Jonas> arch-any packages, but I am unaware that their reasoning is
Jonas> well documented anywhere. The only reason I was aware of
Jonas> when I did the switch was that
> "Guillem" == Guillem Jover writes:
Guillem> …but hmm, is this perhaps not taking into account
Guillem> Pre-Depends?
Something seems to be wrong.
It was very convenient that pam is not in the essential set--I got to
update it.
And yet login , which sure appears to be essential
> "Moritz" == Moritz Mühlenhoff writes:
Moritz> Not moving to 6.1.x (which is most likely the next Linux
Moritz> kernel LTS) is by far a worse regression since it applies to
Moritz> every single Debian system.
Moritz> As a community distro without paid, full time kernel
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: p...@packages.debian.org
Control: affects -1 + src:pam
Please unblock package pam
If I am reading https://qa.debian.org/excuses.php?package=pam
right, it looks like pam is
> "Andreas" == Andreas Metzler writes:
Andreas> Afaiui Graham's *question* was in response to Bastian's
Andreas> "However, please describe an actionable plan." Obviously it
Andreas> would be a lot easier if we could require to have all NEW
Andreas> uploads go to experimental
> "Graham" == Graham Inggs writes:
Graham> Hi All
Graham> On Fri, 6 Jan 2023 at 00:33, Bastian Blank wrote:
Graham> Would it be a bad thing to require all uploads that need to
Graham> go through NEW (source and binary) to target experimental?
Graham> I have been doing
Package: release.debian.org
Severity: normal
I was looking at
https://release.debian.org/testing/essential-and-build-essential.txt
trying to figure out which packages I'm involved in are covered by the
toolchain freeze. I am wondering what's still pulling
libgssapi-krb5-2 and friends into
> "Scott" == Scott Talbert writes:
Scott> Would Option 1, which was "Rebuild wxWidgets and then binNMU
Scott> all packages that link with libwx_gtk3u_gl library (about a
Scott> dozen packages)." be acceptable? We could also add
Scott> appropriate "Breaks" to the library
@@ -1,3 +1,10 @@
+krb5 (1.18.3-6+deb11u2) bullseye; urgency=medium
+
+ * Use SHA256 as Pkinit CMS Digest, Closes: #1017995
+
+
+ -- Sam Hartman Tue, 23 Aug 2022 14:49:09 -0600
+
krb5 (1.18.3-6+deb11u1) bullseye; urgency=medium
* Fix KDC null dereference crash on FAST request with no server field
+1,9 @@
+krb5 (1.17-3+deb10u4) buster; urgency=medium
+
+ * Use SHA256 as Pkinit CMS Digest, Closes: #1017995
+
+ -- Sam Hartman Tue, 23 Aug 2022 14:28:40 -0600
+
krb5 (1.17-3+deb10u3) buster; urgency=high
* Fix KDC null dereference crash on FAST request with no server field,
diff --git
dee3f32b..8d9b0773 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+pam (1.4.0-9+deb11u1) bullseye; urgency=medium
+
+ * Fix syntax error in libpam0g.postinst when a systemd unit fails,
+Closes: #992538
+
+
+ -- Sam Hartman Thu, 26 Aug 2021 13:11:23 -0600
+
pam (1.4.0-9
dereference crash on FAST request with no server field,
+CVE-2021-37750, Closes: #992607
+ * Fix memory leak in krb5_gss_inquire_cred, Closes: #991140
+
+
+ -- Sam Hartman Sun, 29 Aug 2021 16:23:02 -0600
+
krb5 (1.17-3+deb10u2) buster-security; urgency=high
* Import upstream patch for CVE
: #991140
+
+
+ -- Sam Hartman Sun, 29 Aug 2021 16:38:12 -0600
+
krb5 (1.18.3-6) unstable; urgency=high
* Pull in upstream patch to fix CVE-2021-36222 (KDC NULL dereference),
diff --git
a/debian/patches/0011-Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch
b/debian/patches/0011-Fix-KDC-null
in the multiarch path.
+
+ -- Sam Hartman Fri, 09 Jul 2021 10:55:02 -0600
+
+pam (1.4.0-8) unstable; urgency=high
+
+ [ Hideki Yamane ]
+ * debian/patches-applied/lib_security_multiarch_compat
+- Fix regression introduced in 1.4.0-1: search both /lib/security and
+/lib/[multiarch_tripple]/security
5crypto3 toward other internal libraries because
+of removed internal symbols, Closes: #985739
+
+ -- Sam Hartman Sun, 28 Mar 2021 13:43:01 -0400
+
krb5 (1.18.3-4) unstable; urgency=medium
diff --git a/debian/control b/debian/control
index 55fea8c334..c0e10fe25d 100644
--- a/debian/contr
this unless the user has overwridden the configuration
+- Fix capitalization of pam_Tally in debconf description
+
+
+ -- Sam Hartman Mon, 15 Mar 2021 15:01:55 -0400
+
pam (1.4.0-6) unstable; urgency=medium
* Clearly it's been too long since I've done debconf; run
diff --git a/debian
> "Paul" == Paul Gevers writes:
Paul> Just to elaborate, that set is frozen because bits that
Paul> influence a lot of builds can become difficult to manage if a
Paul> bug sneaks in. So it's good to discuss here how much pam can
Paul> influence the built artifacts. Hence,
>>>>> "Paul" == Paul Gevers writes:
Paul> On 23-02-2021 19:17, Sam Hartman wrote:
>> This is just a FYI, opened as a bug because you've expressed a
Paul> If it's in time to migrate before March 12, there's nothing to
Paul> unblock.
Package: release.debian.org
Severity: normal
X-Debbugs-Cc: vor...@debian.org
Hi. I'm writing with my pam uploader hat on to give you a heads up about two
issues that are kind of nasty and affect upgrades. This is just a FYI, opened
as a bug because you've expressed a preference for that
I've proposed a patch to libapache-mod-auth-kerb.
If someone tests the patch, I'll NMU.
mia-query on the maintainer of libapache-mod-auth-kerb is revealing;
I'll contact the MIA team and suggest orphaning or removing
libapache-mod-auth-kerb.
> "Paul" == Paul Wise writes:
Paul> switching to another module but I suspect that modauthkerb
Paul> should just get removed from Debian in favour of
Paul> mod_auth_gssapi, which is supposed to be a replacement.
I think that mod_auth_gssapi plus mod_auth_pam and libpam-sss or
>>>>> "Sam" == Sam Hartman writes:
>>>>> "Sebastian" == Sebastian Ramacher writes:
>>> I've uploaded to unstable. There's what tracker lists as a
>>> regression in CI tests:
>>>
https://ci.debian.net/dat
> "Sebastian" == Sebastian Ramacher writes:
>> I've uploaded to unstable. There's what tracker lists as a
>> regression in CI tests:
>>
https://ci.debian.net/data/autopkgtest/testing/ppc64el/s/squid/8297228/log.gz
>>
>> I don't think that regression looks caused by
I've uploaded to unstable.
There's what tracker lists as a regression in CI tests:
https://ci.debian.net/data/autopkgtest/testing/ppc64el/s/squid/8297228/log.gz
I don't think that regression looks caused by krb5 after examining the
log.
Do you need me to request binnmu of
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hi. I've uploaded krb5 1.18 to experimental, and the soname of the
administrative libraries (and libkdb5, but that's purely internal)
changed. The ABI differs, but the API is the same.
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
nmu moonshot-gss-eap_1.0.1-6 . ANY . unstable . -m "Rebuild for shibboleth
transition"
Please rebuild moonshot-gss-eap now that new libshibsp-dev and
libshibresolver-dev are in unstable.
Package: release.debian.org
Severity: normal
I got a message from testing auto removal saying:
>moonshot-ui 1.1.0+libsecret~2 is marked for autoremoval from testing on
>2020-04-27
>It is affected by these RC bugs:
>952054: moonshot-ui: FTBFS: libmoonshot.vapi:45.34-45.56:
Dear Debian:
I hereby appoint the following as members of the Debian Release Team:
- Emilio Pozuelo Monfort (pochu)
- Adam D. Barratt (adsb)
- Julien Cristau (jcristau)
- Cyril Brulebois (kibi)
- Ivo De Decker (ivodd)
- Jonathan Wiltshire (jmw)
- Paul Gevers (elbrus)
-
>>>>> "Sam" == Sam Hartman writes:
>>>>> "Josue" == Josue Ortega writes:
Josue> On Mon, Sep 09, 2019 at 08:27:31PM -0400, Sam Hartman wrote:
>>> What are the security implications of enabling this configure
>&
>>>>> "Josue" == Josue Ortega writes:
Josue> On Mon, Sep 09, 2019 at 08:27:31PM -0400, Sam Hartman wrote:
>> What are the security implications of enabling this configure
>> flag?
Josue> Enabling this flag lets rpcbind to open random l
What are the security implications of enabling this configure flag?
Why is it off by default?
> "Mark" == Mark Hindley writes:
Mark> Michael,
Mark> On Tue, Sep 03, 2019 at 04:56:13PM +0200, Michael Biebl wrote:
>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934491
>>
>> This bug report should be taken into account here. Not sure why
>> this is not
> "Luke" == Luke Kenneth Casson Leighton writes:
Luke> On Wed, Aug 14, 2019 at 5:13 PM Aurelien Jarno
wrote:
>> > a proper fix would also have the advantage of keeping linkers
>> for > *other* platforms (even 64 bit ones) out of swap-thrashing,
>> saving > power consumption
> "Ben" == Ben Hutchings writes:
Ben> On Sun, 2019-07-07 at 02:47 +0100, Jonathan Wiltshire wrote:
Ben> [...]
>> No binary maintainer uploads for bullseye
>> =
>>
>> The release of buster also means the bullseye release cycle
> "Paride" == Paride Legovini writes:
I think you could make a compelling argument for an important bug for
this because for those users it will make the package unusable.
I'm not a stable release team member though.
Regretfully, I was unable to validate my hypothesis.
We really need better explanations about why skipping this test is
appropriate.
--Sam
Hi, Paul.
I can think of a number of cases why docker tests might be problematic
in our build environment.
I actually think that if these tests run in a VM but not in a build
environment within a schroot, it's a fairly good sign that the tests
are problematic the way we do builds.
I'll try to do
> "tony" == tony mancill writes:
tony> Hi Paul,
tony> I emailed ar...@buildd.debian.org regarding that this morning
tony> (at 13:35 UTC), but haven't received a response yet. Perhaps
tony> related, but the first arm64 build failed for the upload to
tony> unstable last
I'm writing with my DPL hat on in the role of a facilitator/mediator.
I have no actual power in this situation and it is entirely reasonable
to ignore me.
I feel very uncomfortable with a change as big as this revert happening
this late in the release cycle.
I think that my reading of how the
none
+ * Merge in two upstream documentation changes
+
+ -- Sam Hartman Tue, 18 Jun 2019 08:00:29 -0400
+
krb5 (1.17-2) unstable; urgency=medium
* Finish removing the run kadmind debconf template which was obsoleted
diff --git a/debian/patches/series b/debian/patches/series
index
The release team has told other people in the past that they value
having the bug metadata like severity accurate.
So if you think the severity is too low yes raising it is appreciated.
I am not part of the release team, I've just been watching a bunch of
their responses to others.
>>>>> "Emmanuel" == Emmanuel Bourg writes:
Emmanuel> Le 10/06/2019 à 18:22, Sam Hartman a écrit :
>> we release with pre-releases for other packages all the time when
>> maintainers believe that's the right call to make. This is an
>
> "Emmanuel" == Emmanuel Bourg writes:
Emmanuel> Le 10/06/2019 à 16:18, tony mancill a écrit :
>> Emmanuel, I recognize that I am reversing position turn on this.
>> I know that you had expressed reservations about shipping with an
>> EA version as well. I took a look at the
That second reply was not intended to go to the bug.
My apologies for cluttering the list and potentially increasing tension.
--Sam
> "Moritz" == Moritz Mühlenhoff writes:
Moritz> There's an existing unblock request for gcc-8 at #928188
What's going on here?
Did you believe Paul was unaware of that request?
> "Moritz" == Moritz Mühlenhoff writes:
Moritz> On Tue, Jun 04, 2019 at 09:27:55PM +0200, Paul Gevers wrote:
>> Hi Michael, Jonathan,
>>
>> On Tue, 4 Jun 2019 14:11:23 +0100 Jonathan Wiltshire
wrote:
>> > On Mon, May 27, 2019 at 08:23:09AM +0300, Michael Tokarev wrote:
Hi. It would be great to get as many mesa fixes into buster as
possible, so I decided to review all your git commits. I have no idea
if the release team will find this useful or not, but there's no way I
could construct a useful argument in favor of the inclusion without the
review.
I am *not*
Please start talking to the kernel team now, and let them know your
position.
If you strongly suspect you're going to file an RC bug in the future,
you should be talking now, not just holding back.
I'm available to mediate if that ends up being useful.
> "Peter" == Peter Pentchev writes:
Peter> On Thu, May 30, 2019 at 09:00:18PM +0200, Paul Gevers wrote:
>> Hi Peter,
>>
>> On 30-05-2019 11:24, Peter Pentchev wrote:
>> > Just for my information, is there a chance that this upgrade
>> could be > allowed later on
> "Ivo" == Ivo De Decker writes:
Ivo> Hi, Given that there is still discussion about the impact of
Ivo> merged /usr at this very late point of the freeze, I think
Ivo> having merged /usr by default for new installations should be
Ivo> reconsidered.
What discussion are you
>>>>> "Matthias" == Matthias Klose writes:
Matthias> On 29.05.19 00:23, Sam Hartman wrote:
>>>>>>> "Emmanuel" == Emmanuel Bourg writes:
>>
>> I'm not on the release team and cannot authorize a TPU.
>&
> "Emmanuel" == Emmanuel Bourg writes:
I'm not on the release team and cannot authorize a TPU.
As an interested bystander I'd ask that you make sure any TPU contains a
fix for the serious accessibility issue in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900912
: #908770
+
+ -- Sam Hartman Wed, 22 May 2019 09:18:03 -0400
+
lprng (3.8.B-2.1) unstable; urgency=medium
* Non-maintainer upload.
diff --git a/debian/lprng.init.in b/debian/lprng.init.in
index b4df6b7..97edabd 100644
--- a/debian/lprng.init.in
+++ b/debian/lprng.init.in
@@ -97,7 +97,7 @@ case
> "Ian" == Ian Jackson writes:
Ian> (sending this because I got the release team address wrong) Ian
Ian> Jackson writes ("That merged-usr is mandatory is RC"):
>> Control: severity -1 serious
>>
>> In #923091, Guillem (with dpkg maintainer hat on) asks for a
>>
> "Michael" == Michael Biebl writes:
Michael> If the release teams thinks that this should be fixed for
Michael> buster, I wonder if we shouldn't consider a second
Michael> approach: Updating debhelper to use compat mode 12
Michael> behaviour for
> "Sunil" == Sunil Mohan Adapa writes:
Sunil> On 23/04/19 3:44 am, Ivo De Decker wrote:
>> Hi,
Sunil> However, there were still issues that we felt needed fixing
Sunil> for a stable release. Some of these fixes are workarounds for
Sunil> issues that were not fixed in
index 84a4831..72a6859 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+csound (1:6.12.2~dfsg-3.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix diskgrain, syncgrain and syncloop when sample rate of sample
+differs from orchestra, Closes: #924260
+
+ -- Sam
(1:6.12.2~dfsg-3.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix diskgrain, syncgrain and syncloop when sample rate of sample
+differs from orchestra, Closes: 924260
+
+ -- Sam Hartman Thu, 21 Mar 2019 10:31:29 -0400
+
csound (1:6.12.2~dfsg-3) unstable; urgency=medium
> "Thorsten" == Thorsten Glaser writes:
Thorsten> Adrian Bunk dixit:
>> As an example, what happens if I debootstrap and deploy the
>> resulting filesytem to a large number of identical embedded
>> systems without entropy sources?
Thorsten> Just get into
> "Julien" == Julien Cristau writes:
>> Following discussion on the ticket (#858398) it was suggested to
>> follow the strategy used for the GCC 5 C++ ABI transition, that
>> is, rename the libcurl package and add Conflicts+Replaces for teh
>> old
What about the possibility of changing the package name but *not* the
soname. That would allow to catch all the dependencies within Debian,
but would neither diverge the soname nor detect dependency breakage with
non-packaged builds.
That said, libcurl is popular enough and basic enough I'd
I just uploaded the jessie update after fixing the extra comma in the
changelog. I did run tests covering these security updates. I found
that some of the tests included in make check were already failing on
jessie and were still failing after this update. It looks like this may
be related to
(kdc crash on restrict_anon_to_tgt), , Closes:
+#832572
+ * fix for CVE-2016-3119: remote DOS with ldap for authenticated
+attackers, Closes: #819468
+ * Prevent requires_preauth bypass (CVE-2015-2694), Closes: #783557
+
+ -- Sam Hartman <hartm...@debian.org> Sun, 13 Aug 2017 18
specified v4 wildcard
+address; regression over previous versions, Closes: #860767
+ * Fix SRV lookups to respect udp_preference_limit, regression over
+previous versions with OTP, Closes: #856307
+
+ -- Sam Hartman <hartm...@debian.org> Wed, 09 Aug 2017 12:19:50 -0400
+
krb5 (
As a FYI, Matthias wrote to me in IRC just now indicating that he plans
to upload a patch in the next couple of days.
(He needs to get to the location where he has the right environment
before preparing the upload).
As such, I'm planning on holding off on calling for any votes.
> "Ian" == Ian Jackson writes:
Ian> You should explicitly state whether you want this NMU to be
Ian> DELAYED.
Good point.
I think we don't want a delay.
Updated the ballot in git.
I heard back from doko today. We can expect a reply tomorrow. We also
talked briefly about the issue.
Realistically, i cannot imagine the TC coming to any final decision on
something like this in under three weeks. That timeline seems fairly
aggressive actually.
However, I think the TC could
Hi.
I'd really appreciate comments from debian-release on this issue.
Would debian-release like us to take this up?
If so, I have a proposal for how to fast-track this situation, but I am
only comfortable doing that if the release team is involved.
>>>>> "Sebastian" == Sebastian Andrzej Siewior <sebast...@breakpoint.cc> writes:
Sebastian> On 2016-10-31 11:16:38 [-0400], Sam Hartman wrote:
>> At least one of the clusters of packages I'm involved
>> in--shibboleth and moonshot will re
My understanding of the current plan is that we're adding openssl 1.1.0
to unstable, but will make a decision about whether to drop libssl1.0.2
later.
That's really frustrating for the rest of the ecosystem--our users and
our upstreams, and I'd ask the release team to commit now to 1.0.2 being
> "Neil" == Neil Williams writes:
>> > * The point of having the source code (with an appropriate
>> licence > etc.) is so that all our contributors, downstreams, and
>> users are > able to modify the code and to share their
>> modifications with each >
> "Ian" == Ian Jackson writes:
Ian> I would like to comment briefly on the general idea about the
Ian> TC offering advice and making statements of opinion.
Ian> If someone in authority in the project, such as a maintainer of
Ian> the
1 - 100 of 154 matches
Mail list logo