NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: webkit2gtk_2.16.6-0+deb9u1_amd64.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: webkit2gtk_2.16.6-0+deb9u1_all.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: nvidia-graphics-drivers_375.82-1~deb9u1_armhf.changes
  ACCEPT
Processing changes file: openldap_2.4.44+dfsg-5+deb9u1_armhf.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: openldap_2.4.44+dfsg-5+deb9u1_armel.changes
  ACCEPT
Processing changes file: wrk_4.0.2-2~deb9u1_armel.changes
  ACCEPT
Processing changes file: wrk_4.0.2-2~deb9u1_armhf.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: openldap_2.4.44+dfsg-5+deb9u1_mipsel.changes
  ACCEPT

Bug#871823: marked as done (unblock: git/1:2.14.1-1)

[Debian Bug Tracking System]

Your message dated Sun, 13 Aug 2017 00:23:02 +0100
with message-id <20170812232302.32rludewbgtqq...@powdarrmonkey.net>
and subject line Re: Bug#871823: unblock: git/1:2.14.1-1
has caused the Debian Bug report #871823,
regarding unblock: git/1:2.14.1-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
871823: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871823
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package git.

This update fixes CVE-2017-1000117 (arbitrary code execution issues via
URLs,
https://public-inbox.org/git/xmqqh8xf482j@gitster.mtv.corp.google.com/T/#u).
The issue was covered with DSA-3934-1 in jessie and stretch. Please allow
the fix to go quickly to buster.

Thanks,
Jonathan
--- End Message ---
--- Begin Message ---
Hi,

On Fri, Aug 11, 2017 at 03:43:08PM -0700, Jonathan Nieder wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package git.
> 
> This update fixes CVE-2017-1000117 (arbitrary code execution issues via
> URLs,
> https://public-inbox.org/git/xmqqh8xf482j@gitster.mtv.corp.google.com/T/#u).
> The issue was covered with DSA-3934-1 in jessie and stretch. Please allow
> the fix to go quickly to buster.

We're not frozen, so git is not blocked. You already did the right thing by
uploading with urgency=high, and it migrated in the most recent Britney
run.

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51--- End Message ---

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: openldap_2.4.44+dfsg-5+deb9u1_mips.changes
  ACCEPT
Processing changes file: openldap_2.4.44+dfsg-5+deb9u1_mips64el.changes
  ACCEPT
Processing changes file: webkit2gtk_2.16.6-0+deb9u1_arm64.changes
  ACCEPT
Processing changes file: wrk_4.0.2-2~deb9u1_mipsel.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: webkit2gtk_2.16.6-0+deb9u1_i386.changes
  ACCEPT
Processing changes file: webkit2gtk_2.16.6-0+deb9u1_ppc64el.changes
  ACCEPT
Processing changes file: webkit2gtk_2.16.6-0+deb9u1_s390x.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: krb5_1.15-1+deb9u1_armhf.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: krb5_1.15-1+deb9u1_armel.changes
  ACCEPT
Processing changes file: nvidia-graphics-drivers_375.82-1~deb9u1_amd64.changes
  ACCEPT
Processing changes file: nvidia-graphics-drivers_375.82-1~deb9u1_i386.changes
  ACCEPT
Processing changes file: openldap_2.4.44+dfsg-5+deb9u1_all.changes
  ACCEPT
Processing changes file: openldap_2.4.44+dfsg-5+deb9u1_amd64.changes
  ACCEPT
Processing changes file: openldap_2.4.44+dfsg-5+deb9u1_arm64.changes
  ACCEPT
Processing changes file: openldap_2.4.44+dfsg-5+deb9u1_i386.changes
  ACCEPT
Processing changes file: openldap_2.4.44+dfsg-5+deb9u1_ppc64el.changes
  ACCEPT
Processing changes file: wrk_4.0.2-2~deb9u1_amd64.changes
  ACCEPT
Processing changes file: wrk_4.0.2-2~deb9u1_i386.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: openldap_2.4.44+dfsg-5+deb9u1_s390x.changes
  ACCEPT

NEW changes in oldstable-new

[Debian FTP Masters]

Processing changes file: libembperl-perl_2.5.0-4+deb8u1_armhf.changes
  ACCEPT

NEW changes in oldstable-new

[Debian FTP Masters]

Processing changes file: dwww_1.12.1+deb8u1_armhf.changes
  ACCEPT
Processing changes file: libembperl-perl_2.5.0-4+deb8u1_armel.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: krb5_1.15-1+deb9u1_mips64el.changes
  ACCEPT
Processing changes file: krb5_1.15-1+deb9u1_mipsel.changes
  ACCEPT

NEW changes in oldstable-new

[Debian FTP Masters]

Processing changes file: dwww_1.12.1+deb8u1_armel.changes
  ACCEPT
Processing changes file: libembperl-perl_2.5.0-4+deb8u1_mipsel.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: krb5_1.15-1+deb9u1_all.changes
  ACCEPT
Processing changes file: krb5_1.15-1+deb9u1_mips.changes
  ACCEPT
Processing changes file: librsb_1.2.0-rc5-3+deb9u1_arm64.changes
  ACCEPT
Processing changes file: librsb_1.2.0-rc5-3+deb9u1_i386.changes
  ACCEPT
Processing changes file: librsb_1.2.0-rc5-3+deb9u1_ppc64el.changes
  ACCEPT
Processing changes file: librsb_1.2.0-rc5-3+deb9u1_s390x.changes
  ACCEPT
Processing changes file: wrk_4.0.2-2~deb9u1_mips.changes
  ACCEPT

NEW changes in oldstable-new

[Debian FTP Masters]

Processing changes file: dwww_1.12.1+deb8u1_arm64.changes
  ACCEPT
Processing changes file: dwww_1.12.1+deb8u1_i386.changes
  ACCEPT
Processing changes file: dwww_1.12.1+deb8u1_mips.changes
  ACCEPT
Processing changes file: dwww_1.12.1+deb8u1_mipsel.changes
  ACCEPT
Processing changes file: dwww_1.12.1+deb8u1_powerpc.changes
  ACCEPT
Processing changes file: dwww_1.12.1+deb8u1_ppc64el.changes
  ACCEPT
Processing changes file: dwww_1.12.1+deb8u1_s390x.changes
  ACCEPT
Processing changes file: libembperl-perl_2.5.0-4+deb8u1_arm64.changes
  ACCEPT
Processing changes file: libembperl-perl_2.5.0-4+deb8u1_i386.changes
  ACCEPT
Processing changes file: libembperl-perl_2.5.0-4+deb8u1_mips.changes
  ACCEPT
Processing changes file: libembperl-perl_2.5.0-4+deb8u1_powerpc.changes
  ACCEPT
Processing changes file: libembperl-perl_2.5.0-4+deb8u1_ppc64el.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: gnome-exe-thumbnailer_0.9.4-2+deb9u1_all.changes
  ACCEPT
Processing changes file: krb5_1.15-1+deb9u1_amd64.changes
  ACCEPT
Processing changes file: krb5_1.15-1+deb9u1_arm64.changes
  ACCEPT
Processing changes file: krb5_1.15-1+deb9u1_i386.changes
  ACCEPT
Processing changes file: krb5_1.15-1+deb9u1_ppc64el.changes
  ACCEPT
Processing changes file: krb5_1.15-1+deb9u1_s390x.changes
  ACCEPT

Processed: reassign 869824 to src:linux, forcibly merging 869511 869824

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 869824 src:linux
Bug #869824 [linux-headers-amd64] missing package
Bug reassigned from package 'linux-headers-amd64' to 'src:linux'.
No longer marked as found in versions 4.11.0-2-amd64.
Ignoring request to alter fixed versions of bug #869824 to the same values 
previously set
> forcemerge 869511 869824
Bug #869511 [src:linux] linux: binNMU-unsafe dependency on 
linux-headers-*-common
Bug #869670 [src:linux] Depends: linux-headers-4.11.0-2-common ... but it is 
not going to be installed
Bug #870132 [src:linux] linux-headers-amd64 broken, can't install
Bug #870298 [src:linux] 4.11.0-2-amd64 headers cannot be installed
Bug #869670 [src:linux] Depends: linux-headers-4.11.0-2-common ... but it is 
not going to be installed
The source linux and version 4.11.11-1+b1 do not appear to match any binary 
packages
Marked as found in versions linux/4.11.11-1+b1.
Marked as found in versions linux/4.11.11-1+b1.
Marked as found in versions linux/4.11.11-1+b1.
Ignoring request to alter found versions of bug #870298 to the same values 
previously set
Bug #869824 [src:linux] missing package
Severity set to 'grave' from 'normal'
866389 was blocked by: 866317 869578 867210 869383 869583 866315 867213 869579 
865224 827640 865477 869670 865033 826502 869433 869576 826473 865893 826489 
867046 865045 809352 869511 865020 866978 866934 869357 869504 870298 867984 
826505 865888 866944 865034 869418 867514 826497 865380 865898 869580 869602 
865482 826471 869139 870132 869436
866389 was not blocking any bugs.
Added blocking bug(s) of 866389: 869824
865614 was blocked by: 869511 869670 870132 867257 870298
865614 was not blocking any bugs.
Added blocking bug(s) of 865614: 869824
The source linux and version 4.11.11-1+b1 do not appear to match any binary 
packages
Marked as found in versions linux/4.11.11-1+b1 and linux/4.11.11-1.
Added tag(s) newcomer and pending.
Bug #870132 [src:linux] linux-headers-amd64 broken, can't install
Bug #870298 [src:linux] 4.11.0-2-amd64 headers cannot be installed
Merged 869511 869670 869824 870132 870298
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
865614: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865614
866389: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866389
869511: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869511
869670: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869670
869824: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869824
870132: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870132
870298: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870298
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869661: stretch-pu: package open-vm-tools/2:10.1.5-5055683-4+deb9u1

[Bernd Zeimetz]

Hi,

On 08/08/2017 05:49 PM, Adam D. Barratt wrote:
> +open-vm-tools (2:10.1.5-5055683-4+deb9u1) stable; urgency=medium
> 
> We generally prefer the changelog distribution to be "stretch".

changed...

> Please go ahead.


.. and uploaded.


Thanks,

Bernd


-- 
 Bernd ZeimetzDebian GNU/Linux Developer
 http://bzed.dehttp://www.debian.org
 GPG Fingerprint: ECA1 E3F2 8E11 2432 D485  DD95 EB36 171A 6FF9 435F

Bug#871943: stretch-pu: package freerdp/freerdp_1.1.0~git20140921.1.440916e+dfsg1-13+deb9u2

[Mike Gabriel]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

Dear release team,

we received a helpful patch from FreeRDP upstream for the still support
FreeRDP 1.1 version we ship in Debian.

[PATCH 1/1] enable TLS 1+

Currently TLS version 1.0 is used implicitly by using the TLSv1_method.
To be able to also use TLS 1.1 and later use SSLv23_client_method
instead. To make sure SSLv2 or SSLv3 isn't used disable them.

A .debdiff has been attached.

A +/- identical upload could be done for jessie-updates, too. The
upstream versions are the same, the patch level is slightly different.
Shall I file an extra bug report for that?

Thanks!
Mike


-- System Information:
Debian Release: 9.0
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/changelog 
freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/changelog
--- freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/changelog  2017-07-27 
17:53:25.0 -0400
+++ freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/changelog  2017-08-12 
15:26:43.0 -0400
@@ -1,3 +1,11 @@
+freerdp (1.1.0~git20140921.1.440916e+dfsg1-13+deb9u2) stretch; urgency=medium
+
+  [ Bernhard Miklautz ]
+  * debian/patches:
++ Add 0009-enable-TLS-12.patch. Enable TLS 1+ support. (Closes: #871478).
+
+ -- Mike Gabriel   Sat, 12 Aug 2017 15:26:43 -0400
+
 freerdp (1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1) stretch-security; 
urgency=high
 
   [ Bernhard Miklautz ]
diff -Nru 
freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/0009-enable-TLS-12.patch
 
freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/0009-enable-TLS-12.patch
--- 
freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/0009-enable-TLS-12.patch
   1969-12-31 19:00:00.0 -0500
+++ 
freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/0009-enable-TLS-12.patch
   2017-08-12 15:26:22.0 -0400
@@ -0,0 +1,38 @@
+From 3ba81cbd5a59434f3053665e9fc4a432afd0db20 Mon Sep 17 00:00:00 2001
+From: Bernhard Miklautz 
+Date: Thu, 10 Aug 2017 09:31:21 +0200
+Subject: [PATCH 1/1] enable TLS 1+
+
+Currently TLS version 1.0 is used implicitly by using the TLSv1_method.
+To be able to also use TLS 1.1 and later use SSLv23_client_method
+instead. To make sure SSLv2 or SSLv3 isn't used disable them.
+
+cherry-picked from aa80f63b4ab19101cbdc376f7e0613ed410fee11
+---
+ libfreerdp/crypto/tls.c | 8 +++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+--- a/libfreerdp/crypto/tls.c
 b/libfreerdp/crypto/tls.c
+@@ -102,7 +102,7 @@
+   int connection_status;
+   char *hostname;
+ 
+-  tls->ctx = SSL_CTX_new(TLSv1_client_method());
++  tls->ctx = SSL_CTX_new(SSLv23_client_method());
+ 
+   if (tls->ctx == NULL)
+   {
+@@ -141,6 +141,12 @@
+*/
+   options |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
+ 
++  /**
++   * disable SSLv2 and SSLv3
++   */
++  options |= SSL_OP_NO_SSLv2;
++  options |= SSL_OP_NO_SSLv3;
++
+   SSL_CTX_set_options(tls->ctx, options);
+ 
+   tls->ssl = SSL_new(tls->ctx);
diff -Nru freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/series 
freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/series
--- freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/series 
2017-07-27 17:53:02.0 -0400
+++ freerdp-1.1.0~git20140921.1.440916e+dfsg1/debian/patches/series 
2017-08-12 15:26:22.0 -0400
@@ -20,3 +20,4 @@
 1012_typo-fix.patch
 1013_aligned_meminfo_alignment.patch
 0008-Fix-multiple-security-issues.patch
+0009-enable-TLS-12.patch

Processed (with 1 error): Add blockers for the openssl trans bug

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> block 871056 by 827076 828329 828413 828420 828429 828441 828449 828451 
> 828471 828475 828477 828481 828483 828503 828520 828522 828557 828572 835801 
> 844303 847611 848680 850886 850888 850890 850895 850897 850898 851054 851069 
> 851070 851073 851074 851076 851077 851078 851079 851080 851081 851084 851085 
> 851086 851087 851090 851091 851093 851094 851424 853778 853782 854583 858386 
> 858398 858435 858436 858828 858857 858927 858928 858929 858930 858931 858935 
> 858936 858937 858938 858939
Bug #871056 [release.debian.org] transition: openssl
871056 was not blocked by any bugs.
871056 was not blocking any bugs.
Added blocking bug(s) of 871056: 828572, 851079, 828522, 858939, 828481, 
850888, 828429, 827076, 851077, 851424, 853778, 851069, 828329, 851074, 844303, 
850897, 828557, 850898, 858436, 851070, 850895, 851084, 828503, 851054, 835801, 
851087, 851080, 851086, 828471, 858828, 828449, 858935, 828483, 851076, 851091, 
850886, 858938, 848680, 858386, 828475, 828420, 858435, 828413, 828520, 851073, 
858928, 853782, 854583, 858937, 858857, 858936, 858929, 851093, 851094, 828477, 
851090, 858398, 847611, 850890, 858927, 851081, 858930, 858931, 828441, 851085, 
851078, and 828451
> block 871056 by 858989 858990 858991 858992 858993 859050 859052 859053 
> 859054 859055 859145 859146 859222 859224 859225 859226 859228 859229 859230 
> 859232 859297 859367 859416 859540 859542 859543 859544 859545 859546 859548 
> 859550 859551 859552 859553 859554 859555 859556 859557 859558 859669 859671 
> 859673 859674 859675 859715 859716 859717 859718 859719
Bug #871056 [release.debian.org] transition: openssl
871056 was blocked by: 851094 828477 851090 858398 847611 858928 858857 853782 
858937 854583 858936 858929 851093 851081 858930 858931 828441 851085 851078 
828451 850890 858927 851076 851091 828449 858935 828483 828475 828420 858435 
828413 828520 851073 858938 850886 848680 858386 828557 850897 850898 858436 
851070 828329 851074 851069 844303 828503 851084 851054 835801 851087 851080 
851086 858828 828471 850895 828522 858939 828481 850888 828429 828572 851079 
851077 851424 853778 827076
871056 was not blocking any bugs.
Added blocking bug(s) of 871056: 859543, 858989, 859556, 859552, 859715, 
859050, 859229, 859053, 859228, 859558, 858993, 859297, 859546, 859224, 859674, 
859052, 859551, 859416, 859544, 858992, 859555, 859717, 859222, 859719, 859545, 
858990, 859548, 859669, 859553, 858991, 859673, 859232, 859225, 859146, 859367, 
859054, 859675, 859055, 859718, 859671, 859554, 859542, 859716, 859540, 859145, 
859557, 859226, 859550, and 859230
Failed to set blocking bugs of 871056: can't find location for 859145.

> block 871056 by 859720 859721 859740 859742 859750 859782 859783 859784 
> 859785 859786 859789 859790 859791 859826 859829 859831 859834 859838 859840 
> 859841 859844 859851 859852 859853 863568 867140 870775 870778 870779 871939
Bug #871056 [release.debian.org] transition: openssl
871056 was blocked by: 828449 859232 858935 828483 859225 859146 859673 858991 
851076 851091 858990 848680 850886 858938 858386 859669 859548 859553 828475 
858435 828420 859545 828520 851073 828413 859540 859145 859557 859550 854583 
858937 853782 858857 858928 859226 858936 859230 858929 851093 851094 859671 
859554 828477 851090 859542 858398 847611 859716 859055 850890 859718 858927 
858930 851081 828441 858931 859367 851078 859054 859675 851085 828451 859053 
828572 859228 851079 858939 828522 859552 828481 859050 850888 859715 859229 
828429 858989 859556 827076 851077 859543 853778 851424 828329 859544 851069 
851074 859717 859555 858992 859719 859222 844303 828557 850897 859546 859052 
858436 859551 850898 859224 859674 859416 851070 850895 859297 858993 851054 
828503 859558 851084 835801 828471 851086 858828 851080 851087
871056 was not blocking any bugs.
Added blocking bug(s) of 871056: 859786, 859720, 859785, 859826, 859834, 
859783, 859852, 859841, 859721, 859829, 859789, 871939, 859790, 870779, 859782, 
859851, 859791, 870778, 859838, 859784, 859740, 863568, 867140, 859831, 859853, 
870775, 859750, 859840, 859844, and 859742
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
871056: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871056
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#871937: stretch-pu: package monkeysign/2.2.3

[Antoine Beaupre]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

Hi,

I am working on a new release of Monkeysign, which I'd like to upload
in Debian. If it would be just me, I would tag the current HEAD with
2.2.4, considering the changes are mostly minor and non-disruptive:

angela:monkeysign$ git diff 2.2.3 --stat
 CONTRIBUTING.rst|   9 +-
 debian/gbp.conf |   2 +-
 doc/usage.rst   |   4 +
 monkeysign/cli.py   |  11 +-
 monkeysign/gpg.py   |  35 ++--
 monkeysign/gtkui.py |  81 ++---
 monkeysign/tests/files/7B75921E.asc | 331 -
 monkeysign/tests/test_gpg.py|  21 +--
 monkeysign/tests/test_ui.py | 147 -
 monkeysign/ui.py| 168 ---
 po/nl.po| 725 

 11 files changed, 1225 insertions(+), 309 deletions(-)

as you can see, more than half of the diff (725 lines) is just a
translation file update. The rest is fixes for tests and critical
bugfixes (although the bugfixes have not been reported directly in the
Debian BTS, but discovered through my own testing).

Attached is the actual diff. Should I upload this as 2.2.4 to unstable
and stable-pu? Or should i minimize this diff to a bare minimum and
release a more targeted 2.2.4 to stable and a 2.3.0 to unstable?

Thanks for the feedback!

A.

-- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst
index 6e0e004..cf9e3ea 100644
--- a/CONTRIBUTING.rst
+++ b/CONTRIBUTING.rst
@@ -351,9 +351,12 @@ To renew the keys, try::
 
 mkdir ~/.gpg-tmp
 chmod 700 ~/.gpg-tmp
-gpg --homedir ~/.gpg-tmp --import 7B75921E.asc
+gpg --homedir ~/.gpg-tmp --import monkeysign/tests/files/7B75921E.asc
 gpg --homedir ~/.gpg-tmp --refresh-keys 
8DC901CE64146C048AD50FBB792152527B75921E
-gpg --homedir ~/.gpg-tmp --export-options export-minimal --armor --export 
8DC901CE64146C048AD50FBB792152527B75921E > 7B75921E.asc
+gpg --homedir ~/.gpg-tmp --export-options export-minimal --armor --export 
8DC901CE64146C048AD50FBB792152527B75921E > monkeysign/tests/files/7B75921E.asc
+
+Once that is done, the ``@skipIfDatePassed`` tests need to be adjusted
+to not be skipped anymore.
 
 It is also possible the key is just expired and there is no replacement.
 In this case the solution is to try and find a similar test case and
@@ -407,10 +410,10 @@ those: ``devscripts``, ``git``, ``git-buildpackage``, 
``pip`` and
  monkeysign --version
  monkeysign --test
  monkeyscan
+ dpkg --remove monkeysign
 
 6. build and test Python "wheel"::
 
- dpkg --remove monkeysign
  python setup.py bdist_wheel
  pip install dist/*.whl
  monkeysign --version
diff --git a/debian/gbp.conf b/debian/gbp.conf
index cb1505f..6513d67 100644
--- a/debian/gbp.conf
+++ b/debian/gbp.conf
@@ -1,3 +1,3 @@
 [DEFAULT]
-debian-branch = 2.2.x
+debian-branch = 2.x
 debian-tag = %(version)s
diff --git a/doc/usage.rst b/doc/usage.rst
index 7a769b1..c825a5a 100644
--- a/doc/usage.rst
+++ b/doc/usage.rst
@@ -141,6 +141,10 @@ examples of known working configurations.
 
 monkeysign --mua "thunderbird -compose 
to=%(to)s,subject=%(subject)s,body=%(body)s,attachment=%(attach)s" [...]
 
+  .. note:: Thunerbird fails to respect the attachment parameter in
+versions before 52.1.1, see :bts:`837771` for more
+details.
+
 * Mutt::
 
 monkeysign --mua "mutt -a %(attach)s -s %(subject)s -i %(body)s %(to)s" 
[...]
diff --git a/monkeysign/cli.py b/monkeysign/cli.py
index 62901c1..12745ee 100644
--- a/monkeysign/cli.py
+++ b/monkeysign/cli.py
@@ -20,10 +20,13 @@
 import sys
 import os
 import getpass
+import logging
 
 from monkeysign.ui import MonkeysignUi
 import monkeysign.translation
 
+logger = logging.getLogger(__name__)
+
 class MonkeysignCli(MonkeysignUi):
 """sign a key in a safe fashion.
 
@@ -48,11 +51,11 @@ def main(self):
 os.environ['GPG_TTY'] = os.ttyname(sys.stdin.fileno())
 except OSError as e:
 if e.errno == errno.ENOTTY:
-self.warn(_('cannot find your TTY, GPG may freak out if 
you do not set the GPG_TTY environment'))
+logger.warning(_('cannot find your TTY, GPG may freak out 
if you do not set the GPG_TTY environment'))
 else:
 raise
 else:
-self.log(_('reset GPG_TTY to %s') % os.environ['GPG_TTY'])
+ 

Processed: Re: Bug#867817: jessie-pu: package ncurses/5.9+20140913-1+deb8u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 - moreinfo
Bug #867817 [release.debian.org] jessie-pu: package 
ncurses/5.9+20140913-1+deb8u1
Removed tag(s) moreinfo.

-- 
867817: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867817
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#867817: jessie-pu: package ncurses/5.9+20140913-1+deb8u1

[Sven Joachim]

Control: tags -1 - moreinfo

On 2017-07-15 12:54 +0200, Sven Joachim wrote:

> On 2017-07-15 11:38 +0100, Adam D. Barratt wrote:
>
>> Control: tags -1 + confirmed
>>
>> On Sun, 2017-07-09 at 19:40 +0200, Sven Joachim wrote:
>>> The same problem as in #867814 for stretch and almost the same fix,
>>> except that one inapplicable hunk has been removed from the patch.
>>
>> Please go ahead.
>
> Same answer as in #867814, the fallout from #868266 needs to be sorted
> out first → no upload this weekend, defer for 8.10.

Unfortunately the fixes from the 20170715 patchlevel were rather large
and not easily backportable to jessie, but finally openSUSE[1] has come
up with a patch that I have stolen.  The output of "infocmp -C" slightly
differs from the one in currently in jessie, but I think there are no
functional differences.  At least perldoc works fine.

Cheers,
   Sven


1. https://bugzilla.opensuse.org/show_bug.cgi?id=1049344

diff -Nru ncurses-5.9+20140913/debian/changelog ncurses-5.9+20140913/debian/changelog
--- ncurses-5.9+20140913/debian/changelog	2014-09-17 19:00:57.0 +0200
+++ ncurses-5.9+20140913/debian/changelog	2017-07-09 16:26:16.0 +0200
@@ -1,3 +1,13 @@
+ncurses (5.9+20140913-1+deb8u1) UNRELEASED; urgency=medium
+
+  * Cherry-pick upstream fixes from the 20170701 and 20170708 patchlevels
+for various crash bugs in the tic library and the tic binary
+(CVE-2017-10684, CVE-2017-10685, CVE-2017-2, CVE-2017-3).
+  * Apply termcap-format fix from openSUSE's ncurses-5.9-55.6.1 package,
+repairing a regression from the above security fixes (see #868266).
+
+ -- Sven Joachim   Sun, 09 Jul 2017 16:26:16 +0200
+
 ncurses (5.9+20140913-1) unstable; urgency=low
 
   * New upstream patchlevel.
diff -Nru ncurses-5.9+20140913/debian/patches/cve-fixes.diff ncurses-5.9+20140913/debian/patches/cve-fixes.diff
--- ncurses-5.9+20140913/debian/patches/cve-fixes.diff	1970-01-01 01:00:00.0 +0100
+++ ncurses-5.9+20140913/debian/patches/cve-fixes.diff	2017-07-09 16:26:16.0 +0200
@@ -0,0 +1,173 @@
+Author: Sven Joachim 
+Description: Fixes for four CVEs
+ Fixes for CVE 2017-10684, CVE-2017-10685, CVE-2017-2,
+ CVE-2017-3 cherry-picked from upstream patchlevels 20170701 and
+ 20170708.
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1464684
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1464685
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1464686
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1464687
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1464691
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1464692
+Forwarded: not-needed
+Last-Update: 2017-07-09
+
+---
+ ncurses/tinfo/alloc_entry.c |6 +-
+ ncurses/tinfo/parse_entry.c |   22 --
+ progs/dump_entry.c  |   30 +++---
+ 3 files changed, 36 insertions(+), 22 deletions(-)
+
+--- a/ncurses/tinfo/alloc_entry.c
 b/ncurses/tinfo/alloc_entry.c
+@@ -96,7 +96,11 @@ _nc_save_str(const char *const string)
+ {
+ char *result = 0;
+ size_t old_next_free = next_free;
+-size_t len = strlen(string) + 1;
++size_t len;
++
++if (string == 0)
++	return _nc_save_str("");
++len = strlen(string) + 1;
+ 
+ if (len == 1 && next_free != 0) {
+ 	/*
+--- a/ncurses/tinfo/parse_entry.c
 b/ncurses/tinfo/parse_entry.c
+@@ -236,13 +236,14 @@ _nc_parse_entry(struct entry *entryp, in
+  * implemented it.  Note that the resulting terminal type was never the
+  * 2-character name, but was instead the first alias after that.
+  */
++#define ok_TC2(s) (isgraph(UChar(s)) && (s) != '|')
+ ptr = _nc_curr_token.tk_name;
+ if (_nc_syntax == SYN_TERMCAP
+ #if NCURSES_XNAMES
+ 	&& !_nc_user_definable
+ #endif
+ 	) {
+-	if (ptr[2] == '|') {
++	if (ok_TC2(ptr[0]) && ok_TC2(ptr[1]) && (ptr[2] == '|')) {
+ 	ptr += 3;
+ 	_nc_curr_token.tk_name[2] = '\0';
+ 	}
+@@ -284,9 +285,11 @@ _nc_parse_entry(struct entry *entryp, in
+ 	if (is_use || is_tc) {
+ 	entryp->uses[entryp->nuses].name = _nc_save_str(_nc_curr_token.tk_valstring);
+ 	entryp->uses[entryp->nuses].line = _nc_curr_line;
+-	entryp->nuses++;
+-	if (entryp->nuses > 1 && is_tc) {
+-		BAD_TC_USAGE
++	if (VALID_STRING(entryp->uses[entryp->nuses].name)) {
++		entryp->nuses++;
++		if (entryp->nuses > 1 && is_tc) {
++		BAD_TC_USAGE
++		}
+ 	}
+ 	} else {
+ 	/* normal token lookup */
+@@ -571,7 +574,7 @@ append_acs0(string_desc * dst, int code,
+ static void
+ append_acs(string_desc * dst, int code, char *src)
+ {
+-if (src != 0 && strlen(src) == 1) {
++if (VALID_STRING(src) && strlen(src) == 1) {
+ 	append_acs0(dst, code, *src);
+ }
+ }
+@@ -829,15 +832,14 @@ postprocess_termcap(TERMTYPE *tp, bool h
+ 	}
+ 
+ 	if (tp->Strings[to_ptr->nte_index]) {
++		const char *s = tp->Strings[from_ptr->nte_index];
++		const char *t = 

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: nvidia-graphics-drivers_375.82-1~deb9u1_source.changes
  ACCEPT

Processed: Re: Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #869836 [release.debian.org] stretch-pu: package 
nvidia-graphics-drivers/375.82-1~deb9u1
Added tag(s) pending.

-- 
869836: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869836
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1

[Adam D. Barratt]

Control: tags -1 + pending

On Wed, 2017-08-09 at 17:17 +0200, Andreas Beckmann wrote:
> On Tue, 08 Aug 2017 16:12:47 -0400 "Adam D. Barratt"
>  wrote:
> > Please go ahead, and we'll hope it looks sane after that. :-p
> 
> Uploaded, with the attached diff (from svn, excluding the blobs).

Flagged for acceptance.

Regards,

Adam

NEW changes in oldstable-new

[Debian FTP Masters]

Processing changes file: dwww_1.12.1+deb8u1_amd64.changes
  ACCEPT
Processing changes file: libembperl-perl_2.5.0-4+deb8u1_amd64.changes
  ACCEPT

Bug#862961: jessie-pu: package libembperl-perl/2.5.0-4+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Tue, 2017-08-08 at 17:49 -0400, gregor herrmann wrote:
> On Tue, 08 Aug 2017 15:44:48 -0400, Adam D. Barratt wrote:
> 
> > > > I'm attaching the full new debdiff, and I'm looping in Axel for a sanity
> > > > check.
> > > I won't be tagging this bug report with +confirmed right away, since we're
> > > awaiting for some more feedback, but the proposed changes look good to me.
> > Me too. Based on the subsequent responses, please go ahead.
> 
> Thank you! Uploaded.

Flagged for acceptance into o-p-u; thanks.

Regards,

Adam

Processed: Re: Bug#862961: jessie-pu: package libembperl-perl/2.5.0-4+deb8u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #862961 [release.debian.org] jessie-pu: package 
libembperl-perl/2.5.0-4+deb8u1
Added tag(s) pending.

-- 
862961: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862961
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#871466: stretch-pu: package wrk/4.0.2-2~deb9u1

[Adam D. Barratt]

Control: tags -1 + pending

On Tue, 2017-08-08 at 12:22 -0400, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Tue, 2017-08-08 at 11:02 +0300, Christos Trochalakis wrote:
> > wrk in stable is not functional due to #855118 [0], I'd like to
> > upload wrk_4.0.2-2~deb9u1 fixing the bug above, plus an FTBFS on mips
> > architectures.
> > 
> > [0] http://bugs.debian.org/855118
> > [1] http://bugs.debian.org/801881
> 
> I've argued with myself a bit as to whether the FTBFS fix is appropriate
> for a stable update, but please go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Processed: Re: Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #862363 [release.debian.org] jessie-pu: package dwww/1.12.1+deb8u1
Added tag(s) pending.

-- 
862363: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862363
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#871466: stretch-pu: package wrk/4.0.2-2~deb9u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #871466 [release.debian.org] stretch-pu: package wrk/4.0.2-2~deb9u1
Added tag(s) pending.

-- 
871466: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871466
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Tue, 2017-08-08 at 15:41 -0400, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Wed, 2017-07-05 at 23:39 +0200, Robert Luberda wrote:
> > +dwww (1.12.1+deb8u1) jessie; urgency=medium
> > +
> > +  * Fix an old typo in the `Last-Modified' header name that prevents dwww
> > +from working correctly on systems running the latest available jessie
> > +version of apache2, which as a part its security update for
> > CVE-2016-8743
> > +started enforcing HTTP headers conformance with the appropriate
> > standards
> > +(closes: #850016, #850885).
> =
> 
> Apologies for the delay in getting back to you; please go ahead.
> 
> [...]
> > Would this be accepted? If yes, could you please let me know how should
> > I upload this, as I haven't uploaded anything to stable for ages?
> 
> Build the package in a jessie chroot, then simply upload it as you would
> for a package destined for any other suite in the main archive (e.g.
> unstable). The archive software will automagically do the right thing
> based on the changelog (more specifically the .changes) using a target
> distribution of "jessie".

Uploaded and flagged for acceptance.

Regards,

Adam

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: gnome-exe-thumbnailer_0.9.4-2+deb9u1_source.changes
  ACCEPT
Processing changes file: krb5_1.15-1+deb9u1_source.changes
  ACCEPT
Processing changes file: librsb_1.2.0-rc5-3+deb9u1_amd64.changes
  ACCEPT
Processing changes file: openldap_2.4.44+dfsg-5+deb9u1_source.changes
  ACCEPT
Processing changes file: webkit2gtk_2.16.6-0+deb9u1_source.changes
  ACCEPT
Processing changes file: wrk_4.0.2-2~deb9u1_source.changes
  ACCEPT

Bug#870205: stretch-pu: package librsb/1.2.0-rc5-3

[Adam D. Barratt]

Control: tags -1 + pending

On Tue, 2017-08-08 at 11:55 -0400, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Mon, 2017-07-31 at 00:27 +0200, Rafael Laboissière wrote:
> > Version 1.2.0-rc5-3 of the librsb package in stretch suffers a few severe 
> > bugs leading to numerically wrong results.  These were solved in the new 
> > upstream release 1.2.0-rc7.
> > 
> > Michele Martone, the upstream author, who also contributes to the Debian 
> > package, prepared a minimal patch by backporting the fixes from version 
> > 1.2.0-rc7.  This patch was attached to the report of Bug#870137.
> > 
> > I am attaching below the debdiff between 1.2.0-rc5-3 and the stretch 
> > proposed-update 1.2.0-rc5-3+deb9u1.  This version includes the patch 
> > proposed by Michele Martone as well as a unit test C source file for 
> > verifying that the fix is really implemented.  I added small changes to 
> > debian/rules and debian/clean for compiling, running and cleaning this 
> > unit test.
> 
> Please go ahead.

Uploaded and flagged for acceptance into p-u.

Regards,

Adam

Bug#871242: stretch-pu: package webkit2gtk/2.16.6-0+deb9u1

[Adam D. Barratt]

Control: tags -1 + pending

On Tue, 2017-08-08 at 13:36 -0400, Jeremy Bicha wrote:
> On Tue, Aug 8, 2017 at 12:10 PM, Adam D. Barratt
>  wrote:
> > While the patch looks harmless enough, adding support for architectures
> > that aren't even in the Debian archive as part of a stable update seems
> > somewhat strange.
> 
> I apologize. I didn't realize that it had previously been unbuildable on m68k.

Uploaded and flagged for acceptance.

Regards,

Adam

Processed: Re: Bug#870205: stretch-pu: package librsb/1.2.0-rc5-3

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #870205 [release.debian.org] stretch-pu: package librsb/1.2.0-rc5-3
Added tag(s) pending.

-- 
870205: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870205
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#871242: stretch-pu: package webkit2gtk/2.16.6-0+deb9u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #871242 [release.debian.org] stretch-pu: package webkit2gtk/2.16.6-0+deb9u1
Added tag(s) pending.

-- 
871242: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871242
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869676: stretch-pu: package gnome-exe-thumbnailer/0.9.4-2+deb9u1

[Adam D. Barratt]

Control: tags -1 + pending

On Thu, 2017-08-10 at 09:17 -0700, James Lu wrote:
> Hello,
> 
> This was uploaded! (CC'ing my sponsor as well)

Flagged for acceptance into p-u.

Regards,

Adam

Processed: Re: Bug#869676: stretch-pu: package gnome-exe-thumbnailer/0.9.4-2+deb9u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #869676 [release.debian.org] stretch-pu: package 
gnome-exe-thumbnailer/0.9.4-2+deb9u1
Added tag(s) pending.

-- 
869676: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869676
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#871739: stretch-pu: package openldap/2.4.44+dfsg-5+deb9u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #871739 [release.debian.org] stretch-pu: package 
openldap/2.4.44+dfsg-5+deb9u1
Added tag(s) pending.

-- 
871739: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871739
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#871720: stretch-pu: package krb5/1.15-1

[Adam D. Barratt]

Control: tags -1 + pending

On Fri, 2017-08-11 at 10:44 -0400, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Thu, 2017-08-10 at 18:19 -0400, Sam Hartman wrote:
> > I'd like to propose an update for a couple of bugs in krb5.  There's
> > one security DOS that DSA and I decided is not worth an advisory.
> > The other bugs are regressions over the krb5 in Jessie.  They were
> > fixed before stretch released, but I wanted to get a bit more
> > experience with the patch.  The patches have been in an Ubuntu SRU and
> > unstable/buster for a while and so I think we have confidence in them
> > now.
> 
> Please go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Bug#871739: stretch-pu: package openldap/2.4.44+dfsg-5+deb9u1

[Adam D. Barratt]

Control: tags -1 + pending

On Fri, 2017-08-11 at 13:01 -0700, Ryan Tandy wrote:
> On Fri, Aug 11, 2017 at 10:39:05AM -0400, Adam D. Barratt wrote:
> >Please go ahead.
> 
> Uploaded and accepted.

and flagged for acceptance into p-u.

Regards,

Adam

Processed: Re: Bug#871720: stretch-pu: package krb5/1.15-1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #871720 [release.debian.org] stretch-pu: package krb5/1.15-1
Added tag(s) pending.

-- 
871720: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871720
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Receba 500 CLIENTES INTERESSADOS em seu produto ou serviço

[Divulgação GARANTIDA]

Imagine receber 500 CLIENTES INTERESSADOS em seu produto ou serviço

Nós enviaremos a você Nome, Email e Telefone de cada interessado. 

São 500 interessados EXCLUSIVAMENTE no seu produto ou serviço.

Nessa Sexta-Feira, dia 11/08/2017, você poderá contratar essa divulgação por 
somente R$ 999.

--
Nome:
Email:
Telefone/WhatsApp:
--

Sua divulgação prossegue 24 horas por dia até você receber todos os 
interessados. GARANTIA TOTAL!

Estamos esperando por você.

Abraços,

DIVULGARANTIA
C O R B E T T 

Skype: corbettsoftware
WhatsApp: 22-99788-1694

NEW changes in oldstable-new

[Debian FTP Masters]

Processing changes file: libgd2_2.1.0-5+deb8u10_allonly.changes
  ACCEPT
Processing changes file: libgd2_2.1.0-5+deb8u10_amd64.changes
  ACCEPT
Processing changes file: libgd2_2.1.0-5+deb8u10_arm64.changes
  ACCEPT
Processing changes file: libgd2_2.1.0-5+deb8u10_armel.changes
  ACCEPT
Processing changes file: libgd2_2.1.0-5+deb8u10_armhf.changes
  ACCEPT
Processing changes file: libgd2_2.1.0-5+deb8u10_i386.changes
  ACCEPT
Processing changes file: libgd2_2.1.0-5+deb8u10_mips.changes
  ACCEPT
Processing changes file: libgd2_2.1.0-5+deb8u10_mipsel.changes
  ACCEPT
Processing changes file: libgd2_2.1.0-5+deb8u10_powerpc.changes
  ACCEPT
Processing changes file: libgd2_2.1.0-5+deb8u10_ppc64el.changes
  ACCEPT
Processing changes file: libgd2_2.1.0-5+deb8u10_s390x.changes
  ACCEPT
Processing changes file: zabbix_2.2.7+dfsg-2+deb8u3_amd64.changes
  ACCEPT
Processing changes file: zabbix_2.2.7+dfsg-2+deb8u3_arm64.changes
  ACCEPT
Processing changes file: zabbix_2.2.7+dfsg-2+deb8u3_armel.changes
  ACCEPT
Processing changes file: zabbix_2.2.7+dfsg-2+deb8u3_armhf.changes
  ACCEPT
Processing changes file: zabbix_2.2.7+dfsg-2+deb8u3_i386.changes
  ACCEPT
Processing changes file: zabbix_2.2.7+dfsg-2+deb8u3_mips.changes
  ACCEPT
Processing changes file: zabbix_2.2.7+dfsg-2+deb8u3_mipsel.changes
  ACCEPT
Processing changes file: zabbix_2.2.7+dfsg-2+deb8u3_powerpc.changes
  ACCEPT
Processing changes file: zabbix_2.2.7+dfsg-2+deb8u3_ppc64el.changes
  ACCEPT
Processing changes file: zabbix_2.2.7+dfsg-2+deb8u3_s390x.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: libgd2_2.2.4-2+deb9u1_sourceonly.changes
  ACCEPT
Processing changes file: libgd2_2.2.4-2+deb9u1_amd64.changes
  ACCEPT
Processing changes file: libgd2_2.2.4-2+deb9u1_arm64.changes
  ACCEPT
Processing changes file: libgd2_2.2.4-2+deb9u1_armel.changes
  ACCEPT
Processing changes file: libgd2_2.2.4-2+deb9u1_armhf.changes
  ACCEPT
Processing changes file: libgd2_2.2.4-2+deb9u1_i386.changes
  ACCEPT
Processing changes file: libgd2_2.2.4-2+deb9u1_mips.changes
  ACCEPT
Processing changes file: libgd2_2.2.4-2+deb9u1_mips64el.changes
  ACCEPT
Processing changes file: libgd2_2.2.4-2+deb9u1_mipsel.changes
  ACCEPT
Processing changes file: libgd2_2.2.4-2+deb9u1_ppc64el.changes
  ACCEPT
Processing changes file: libgd2_2.2.4-2+deb9u1_s390x.changes
  ACCEPT

Bug#837458: jessie-pu: package mactelnet/0.4.0-1

[Adam D. Barratt]

On Thu, 2017-01-12 at 14:26 +0100, Gianfranco Costamagna wrote:
> Control: tags -1 - confirmed
> Control: tags -1 + moreinfo
[...]
> while the version is good, we need some more changes according to the CVE fix 
> in github [1]
> 
> so I'm removing the confirmed tag and adding moreinfo, haakon please fix and 
> remove moreinfo once done.
> 
> thanks
> 
> G.
> 
> [1] 
> https://github.com/haakonnessjoen/MAC-Telnet/commit/b69d11727d4f0f8cf719c79e3fb700f55ca03e9a

What's the status of this?

Regards,

Adam

Processed: tagging 862363

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 862363 - moreinfo
Bug #862363 [release.debian.org] jessie-pu: package dwww/1.12.1+deb8u1
Removed tag(s) moreinfo.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
862363: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862363
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#871911: transition: poco

[Jochen Sprickerhof]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Hi release team,

I would like to transition poco to the new ABI version available in
experimental. I did test rebuilds of the reverse dependencies and found
no problems.

Thanks

Jochen

Ben file:

title = "poco";
is_affected = .depends ~ 
/\b(libpococrypto46|libpocodata46|libpocodatamysql46|libpocodataodbc46|libpocodatasqlite46|libpocofoundation46|libpocomongodb46|libpoconet46|libpoconetssl46|libpocoutil46|libpocoxml46|libpocozip46)\b/
 | .depends ~ 
/\b(libpococrypto48|libpocodata48|libpocodatamysql48|libpocodataodbc48|libpocodatasqlite48|libpocofoundation48|libpocomongodb48|libpoconet48|libpoconetssl48|libpocoutil48|libpocoxml48|libpocozip48)\b/;
is_good = .depends ~ 
/\b(libpococrypto48|libpocodata48|libpocodatamysql48|libpocodataodbc48|libpocodatasqlite48|libpocofoundation48|libpocomongodb48|libpoconet48|libpoconetssl48|libpocoutil48|libpocoxml48|libpocozip48)\b/;
is_bad = .depends ~ 
/\b(libpococrypto46|libpocodata46|libpocodatamysql46|libpocodataodbc46|libpocodatasqlite46|libpocofoundation46|libpocomongodb46|libpoconet46|libpoconetssl46|libpocoutil46|libpocoxml46|libpocozip46)\b/;


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Bug#871899: nmu: libopenshot_0.1.7+ds1-1

[Andreas Beckmann]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

nmu libopenshot_0.1.7+ds1-1 . ANY . experimental . -m "Rebuild against 
libopenshot-audio5."

libopenshot-audio soversion bump libopenshot-audio3 -> libopenshot-audio5 in 
experimental.


Andreas

Bug#871897: transition: directfb

[Sebastian Ramacher]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

libdirectfb bumped its SONAME and needs a transition. The reverse dependencies
build fine against the new version. qingy however FTBFS for unreleated reasons
(#817643)

Cheers

Ben file:

title = "directfb";
is_affected = .depends ~ "libdirectfb-1.2-9" | .depends ~ "libdirectfb-1.7-7";
is_good = .depends ~ "libdirectfb-1.7-7";
is_bad = .depends ~ "libdirectfb-1.2-9";


-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (650, 'unstable-debug'), (650, 'buildd-unstable'), (650, 
'unstable'), (601, 'testing'), (600, 'experimental-debug'), (600, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- 
Sebastian Ramacher


signature.asc
Description: PGP signature

Bug#868355: nmu: ceres-solver_1.12.0+dfsg0-1+b3

[Jochen Sprickerhof]

Hi Emilio,

can you comment if requesting BinNMUs in such cases would be ok for the
release team, or should we try find an other solution?

Cheers Jochen

* Anton Gladky  [2017-07-19 17:59]:
> Hi all,
> 
> well, I would prefer to rebuild all reverse dependencies after
> each new eigen3 (and probably any other header-only lib)
> upload [1] and be ready to request it. But it looks like it is
> not a common case to do such BinNMUs.
> 
> [1] https://bugs.debian.org/845819
> 
> Regards
> 
> Anton
> 
> 
> 2017-07-19 8:35 GMT+02:00 Philipp Huebner :
> > Hi,
> >
> > until I find the time to package the new release of Ceres Solver,
> > please go ahead with the BinNMU.
> >
> > With Eigen3 being a header-only library and numeric math libraries
> > making use of derivatives and templating like crazy, I believe this
> > strict Eigen3 check to be well reasoned.
> >
> > I'll ask upstream about this, but expect them to confirm it.
> >
> >
> > Regards,
> > --
> >  .''`.   Philipp Huebner 
> > : :'  :  pgp fp: 6719 25C5 B8CD E74A 5225  3DF9 E5CA 8C49 25E4 205F
> > `. `'`
> >   `-
> >
> 


signature.asc
Description: PGP signature