On Sat, 10 Aug 2019 04:09:33 +0200 Mike Gabriel
wrote:
> + * debian/patches:
> + + Add 1046_CVE-2019-11187_stricter-ldap-error-check.patch.
> + Perform stricter check on LDAP success/failure (CVE-2019-11187).
>
> Considered severe issue by FusionDirectory upstream, assessment by the
> security
Hi again,
On Fri, 19 Apr 2019 19:53:33 +0200 Mike Gabriel
wrote:
> Package: release.debian.org
> Severity: normal
> Tags: stretch
> User: release.debian@packages.debian.org
> Usertags: pu
>
> Dear stable release team,
>
> now that we could avoid the full backport of gosa from buster to
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Hi,
I'd just uploaded a fix for gosa targetting the first buster point release:
+ * debian/changelog:
++ post-upload fix of patch-1045 explanation...
Cosmetic fixes for the
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Hi,
I just uploaded two fixes for fusiondirectory for buster targetting the
next/first point release:
+ * debian/patches:
++ Add
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Hi,
I just uploaded two fusiondirectory fixes (one bug, one no-dsa CVE) for the
next stretch point release:
+ * debian/patches:
++ Add
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Hi stable release manager,
I did a NMU upload for libxslt fixing three CVEs. As the veresion in
buster is the same + fixes in unstable I opted for a rebuild for
buster "variant".
Processing commands for cont...@bugs.debian.org:
> tags 933754 - moreinfo
Bug #933754 [release.debian.org] buster-pu: package mariadb-10.3
10.3.17-0+deb9u1
Removed tag(s) moreinfo.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
933754:
---
crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68
On Thu, Aug 8, 2019 at 9:39 PM Aurelien Jarno wrote:
> We are at a point were we should probably look for a real solution
> instead of relying on tricks.
*sigh* i _have_ been pointing out for several years now that
---
crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68
On Fri, Aug 9, 2019 at 1:49 PM Ivo De Decker wrote:
>
> Hi Aurelien,
>
> On 8/8/19 10:38 PM, Aurelien Jarno wrote:
>
> > 32-bit processes are able to address at maximum 4GB of memory (2^32),
> > and often less (2 or 3GB)
Hi,
On 8/9/19 4:41 PM, Karsten Merker wrote:
On Fri, Aug 09, 2019 at 02:31:47PM +0200, Ivo De Decker wrote:
Some random notes (these are just my preliminary thoughts, not a new release
team policy):
[...]
- We are talking about having both native 32-bit and 64-bit packages in
the same
clone 933828 -1
tags 933828 - buster
retitle 933828 ncbi-tools6/6.1.20170106+dfsg1-0+deb9u1
tags -1 - stretch
retitle -1 ncbi-tools6/6.1.20170106+dfsg1-0+deb10u1
thanks
"Aaron M. Ucko" writes:
> Got it, thanks; cloning and tuning accordingly.
This time for real. (Long week.)
> On a somewhat
Processing commands for cont...@bugs.debian.org:
> clone 933828 -1
Bug #933828 [release.debian.org] ncbi-tools6/6.1.20170106+dfsg1-0+deb{9,10}u1
Bug 933828 cloned as bug 934311
> tags 933828 - buster
Bug #933828 [release.debian.org] ncbi-tools6/6.1.20170106+dfsg1-0+deb{9,10}u1
Removed tag(s)
bts clone 933828 -1
bts tags 933828 - buster
bts retitle 933828 ncbi-tools6/6.1.20170106+dfsg1-0+deb9u1
bts tags -1 - stretch
bts retitle -1 ncbi-tools6/6.1.20170106+dfsg1-0+deb10u1
thanks
"Adam D. Barratt" writes:
> As a side note, having just spotted the subject header - if you're
> looking
On 2019-08-09 14:23, u...@debian.org wrote:
"Aaron M. Ucko" writes:
some data files turned out to contain non-free portions
Oops, looks like I'll need to update the autopkgtest in buster (and
unstable) to account for removing these files; I should be able to take
care of it over the
On 8/9/19 5:15 PM, Adam D. Barratt wrote:
> The module apparently has three reverse build-dependencies:
>
> amazon-ecr-credential-helper:
> golang-github-docker-docker-credential-helpers-dev
> docker-pycreds: golang-docker-credential-helpers
> docker.io:
On Fri, 09 Aug 2019 at 14:31:47 +0200, Ivo De Decker wrote:
> On 8/8/19 10:38 PM, Aurelien Jarno wrote:
> > This is still a kind of cross-compiler
>
> As you noted, our current policy doesn't allow that.
...
> The resulting (32-bit) binaries still need to run natively in the build
> environment.
"Aaron M. Ucko" writes:
> some data files turned out to contain non-free portions
Oops, looks like I'll need to update the autopkgtest in buster (and
unstable) to account for removing these files; I should be able to take
care of it over the weekend.
Sorry for not catching that earlier!
--
On Fri, Aug 09, 2019 at 01:13:58PM +0200, Svante Signell wrote:
> On Fri, 2019-08-09 at 12:06 +0100, Jonathan Wiltshire wrote:
> > On Fri, Aug 09, 2019 at 12:55:02PM +0200, Svante Signell wrote:
> > > On Fri, 2019-08-09 at 11:41 +0100, Adam D. Barratt wrote:
> > > > Control: severity -1 normal
> >
Hi Aurelien,
On 8/8/19 10:38 PM, Aurelien Jarno wrote:
32-bit processes are able to address at maximum 4GB of memory (2^32),
and often less (2 or 3GB) due to architectural or kernel limitations.
[...]
Thanks for bringing this up.
1) Build a 64-bit compiler targeting the 32-bit
On 8/3/19 8:31 PM, Ivo De Decker wrote:
Hi,
On 8/3/19 10:12 AM, Andreas Beckmann wrote:
Q: BinNMUs of packages uploaded before this new policy that have
arch:all binaries can no longer migrate to testing. Is that
intentional?
I read this as:
Q: I already did a binary upload, do I
On Fri, 2019-08-09 at 12:06 +0100, Jonathan Wiltshire wrote:
> On Fri, Aug 09, 2019 at 12:55:02PM +0200, Svante Signell wrote:
> > On Fri, 2019-08-09 at 11:41 +0100, Adam D. Barratt wrote:
> > > Control: severity -1 normal
> > >
> > > On 2019-08-09 11:33, Debian Bug Tracking System wrote:
> > > >
On Fri, Aug 09, 2019 at 12:55:02PM +0200, Svante Signell wrote:
> On Fri, 2019-08-09 at 11:41 +0100, Adam D. Barratt wrote:
> > Control: severity -1 normal
> >
> > On 2019-08-09 11:33, Debian Bug Tracking System wrote:
> > > Processing commands for cont...@bugs.debian.org:
> > >
> > > > severity
On 2019-08-09 11:55, Svante Signell wrote:
On Fri, 2019-08-09 at 11:41 +0100, Adam D. Barratt wrote:
Control: severity -1 normal
On 2019-08-09 11:33, Debian Bug Tracking System wrote:
> Processing commands for cont...@bugs.debian.org:
>
> > severity 934132 important
> Bug #934132
On Fri, 2019-08-09 at 11:41 +0100, Adam D. Barratt wrote:
> Control: severity -1 normal
>
> On 2019-08-09 11:33, Debian Bug Tracking System wrote:
> > Processing commands for cont...@bugs.debian.org:
> >
> > > severity 934132 important
> > Bug #934132 [release.debian.org] unblock:
Control: severity -1 normal
On 2019-08-09 11:33, Debian Bug Tracking System wrote:
Processing commands for cont...@bugs.debian.org:
severity 934132 important
Bug #934132 [release.debian.org] unblock: elogind/241.3-1+debian1
Severity set to 'important' from 'normal'
No. release.d.o bugs are
Processing control commands:
> severity -1 normal
Bug #934132 [release.debian.org] unblock: elogind/241.3-1+debian1
Severity set to 'normal' from 'important'
--
934132: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934132
Debian Bug Tracking System
Contact ow...@bugs.debian.org with
Processing commands for cont...@bugs.debian.org:
> severity 934132 important
Bug #934132 [release.debian.org] unblock: elogind/241.3-1+debian1
Severity set to 'important' from 'normal'
>
End of message, stopping processing here.
Please contact me if you need assistance.
--
934132:
On 2019-08-08 19:09, Moritz Mühlenhoff wrote:
On Thu, Aug 08, 2019 at 09:53:16AM +0100, Adam D. Barratt wrote:
Control: tags -1 + moreinfo
On 2019-08-08 08:47, Arnaud Rebillout wrote:
[...]
> The debdiff attached brings in an upstream patch to fix
> CVE-2019-1020014, hence closes #933801.
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
(sorry, no fix for the allow-releaseinfo-change stuff yet!)
I just uploaded 1.8.3 to unstable which includes a fix for HTTPS
proxying - when using the CONNECT method, we were
On 2019, ഓഗസ്റ്റ് 9 1:16:23 AM IST, Paul Gevers wrote:
>I can already trigger all the autopkgtests in unstable for packages
>that
>are in experimental, so if you interested in this, please contact me.
>This would enable library maintainers to at least have an overview of
>what would happen. I
30 matches
Mail list logo
