Processed: severity of 1033591 is normal
Processing commands for cont...@bugs.debian.org: > severity 1033591 normal Bug #1033591 [release.debian.org] bullseye-pu: package opendmarc/1.4.2-1+deb11u1 Severity set to 'normal' from 'important' > thanks Stopping processing here. Please contact me if you need assistance. -- 1033591: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033591 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1029206: marked as done (unblock: webkit2gtk 2.40.0-2 [pre-approval])
Your message dated Mon, 27 Mar 2023 22:25:03 +0200 with message-id and subject line Re: Bug#1029206: [pre-approval] unblock: webkit2gtk 2.40.0-2 has caused the Debian Bug report #1029206, regarding unblock: webkit2gtk 2.40.0-2 [pre-approval] to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1029206: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029206 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org User: release.debian@packages.debian.org Usertags: unblock transition moreinfo Tags: security X-Debbugs-CC: webkit2...@packages.debian.org I am filing this bug early so that the Release Team is aware early. [ Reason ] webkit2gtk only provides security support for one stable series at a time. A new series is released each March and September. The Debian Security Team backports these new release as security updates [1] [2] The upcoming 2.40.0 is more disruptive than usual as it makes a major API break for the new GTK4 library, bumping the API series from 5 to 6 [3]. This causes a small transition: gnome-builder 43 and gnome-initial-setup 43 are the only two packages that use the gtk4 library. They will both need sourceful uploads. Patches will be ready for both since the upstream webkitgtk team works closely with the GNOME project. [ Impact ] Because the 2.38 series will be End of Life before Debian 12 is released, I believe the Security Team wants 2.40 to make it to Testing [ Tests ] There are no automated tests (!) The person who uploads gnome-builder and gnome-initial-setup (likely me) will make sure those 2 apps still run well with the new webkit2gtk version. [ Risks ] The code changes in a new major webkit2gtk release are too large to manually review. webkit2gtk is a key package. Besides gnome-builder and gnome-initial-setup, webkit2gtk is used by many packages. [4] [ Checklist ] [ ] all changes are documented in the d/changelog [ ] I reviewed all changes and I approve them [ ] attach debdiff against the package in testing [ Other Info ] webkit2gtk generally follows the GNOME release schedule. [5] A beta (2.39.90) is expected in February. A release candidate (2.39.91) around March 6, and the first stable release (2.40.0) around March 20. We intend to do a test build in experimental first. I think it makes the most sense to wait for the 2.40.0 release and not push a prelease to Unstable/Testing. Ubuntu 23.04 will also switch to the 2.40 series by February or early March. Ubuntu 22.10 will need to do this transition as stable release updates. I don't have a ben file since the final soname isn't known yet. [1] https://www.debian.org/releases/stable/amd64/release-notes/ch-information.en.html#limited-security-support [2] https://tracker.debian.org/pkg/webkit2gtk [3] https://discourse.gnome.org/t/webkitgtk-for-gtk-4-status-update-and-api-changes/11033 [4] https://release.debian.org/transitions/html/webkit2gtk-4.0.html [5] https://wiki.gnome.org/FortyFour Thank you, Jeremy Bicha --- End Message --- --- Begin Message --- On 2023-01-19 12:02:38 -0500, Jeremy Bicha wrote: > Package: release.debian.org > User: release.debian@packages.debian.org > Usertags: unblock transition moreinfo > Tags: security > X-Debbugs-CC: webkit2...@packages.debian.org > > I am filing this bug early so that the Release Team is aware early. > > [ Reason ] > webkit2gtk only provides security support for one stable series at a > time. A new series is released each March and September. The Debian > Security Team backports these new release as security updates [1] [2] > > The upcoming 2.40.0 is more disruptive than usual as it makes a major > API break for the new GTK4 library, bumping the API series from 5 to 6 > [3]. This causes a small transition: gnome-builder 43 and > gnome-initial-setup 43 are the only two packages that use the gtk4 > library. They will both need sourceful uploads. Patches will be ready > for both since the upstream webkitgtk team works closely with the > GNOME project. > > [ Impact ] > Because the 2.38 series will be End of Life before Debian 12 is > released, I believe the Security Team wants 2.40 to make it to Testing > > [ Tests ] > There are no automated tests (!) > The person who uploads gnome-builder and gnome-initial-setup (likely > me) will make sure those 2 apps still run well with the new webkit2gtk > version. > > [ Risks ] > The code changes in a new major webkit2gtk release are too large to > manually review. > webkit2gtk is a key package. > Besides gnome-builder and gnome-initial-setup, webkit2gtk is used by > many package
Bug#1033555: marked as done (unblock: fraqtive/0.4.8.1-1)
Your message dated Mon, 27 Mar 2023 18:52:52 +
with message-id
and subject line unblock fraqtive
has caused the Debian Bug report #1033555,
regarding unblock: fraqtive/0.4.8.1-1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1033555: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033555
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package fraqtive
This is just a short maintainance release from upstream after many
years, mainly just merged already in Debian applied patches, so that
fraqtive still builds in modern environments.
As described in my mlt unblock request I thought it will migrate after
20 days and it looks cleaner for me to have the new upstream release, why
I had done this upload for targeting bookworm
[ Reason ]
New upstream release, which just covers already applied patches.
[ Impact ]
No impact here
[ Tests ]
Tested if it still starts, manual
[ Risks ]
I do not see any risk
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock fraqtive/0.4.8.1-1
diff -Nru fraqtive-0.4.8/configure fraqtive-0.4.8.1/configure
--- fraqtive-0.4.8/configure2008-03-21 11:49:25.78354 +0100
+++ fraqtive-0.4.8.1/configure 2023-03-06 09:30:22.0 +0100
@@ -81,7 +81,7 @@
if test "$version" != "**Unknown**"; then
major=`echo $version | sed -e "s/\([0-9][0-9]*\).*/\1/"`
minor=`echo $version | sed -e "s/[0-9][0-9]*\.\([0-9][0-9]*\).*/\1/"`
-if test $major -eq 4 -a $minor -ge 3; then
+if test $major -eq 5; then
QMAKE=$i
break
fi
@@ -89,7 +89,7 @@
done
if test -z "$QMAKE"; then
-echo "*** ERROR: Cannot find 'qmake' from Qt 4.3 or newer." >&2
+echo "*** ERROR: Cannot find 'qmake' from Qt 5." >&2
exit 1
fi
diff -Nru fraqtive-0.4.8/debian/changelog fraqtive-0.4.8.1/debian/changelog
--- fraqtive-0.4.8/debian/changelog 2023-01-12 11:07:55.0 +0100
+++ fraqtive-0.4.8.1/debian/changelog 2023-03-13 12:00:59.0 +0100
@@ -1,3 +1,11 @@
+fraqtive (0.4.8.1-1) unstable; urgency=medium
+
+ * New upstream release.
+- Remove merged patch 03-use-qt5.
+- Remove merged patch 04-fix-includes.
+
+ -- Patrick Matthäi Mon, 13 Mar 2023 12:00:59 +0100
+
fraqtive (0.4.8-17) unstable; urgency=medium
* Adjust debian/watch to work again with GitHub.
diff -Nru fraqtive-0.4.8/debian/patches/03-use-qt5.diff
fraqtive-0.4.8.1/debian/patches/03-use-qt5.diff
--- fraqtive-0.4.8/debian/patches/03-use-qt5.diff 2023-01-12
11:07:55.0 +0100
+++ fraqtive-0.4.8.1/debian/patches/03-use-qt5.diff 1970-01-01
01:00:00.0 +0100
@@ -1,19 +0,0 @@
-Description: Fix build system to use Qt5 instead of Qt4
-Author: Sune Vuorela
-Forwarded: yes
-
-Origin: other
-Last-Update: 2018-08-15
-
fraqtive-0.4.8.orig/configure
-+++ fraqtive-0.4.8/configure
-@@ -81,7 +81,7 @@ for i in $paths; do
- if test "$version" != "**Unknown**"; then
- major=`echo $version | sed -e "s/\([0-9][0-9]*\).*/\1/"`
- minor=`echo $version | sed -e "s/[0-9][0-9]*\.\([0-9][0-9]*\).*/\1/"`
--if test $major -eq 4 -a $minor -ge 3; then
-+if test $major -eq 5 -a $minor -ge 3; then
- QMAKE=$i
- break
- fi
diff -Nru fraqtive-0.4.8/debian/patches/04-fix-includes.diff
fraqtive-0.4.8.1/debian/patches/04-fix-includes.diff
--- fraqtive-0.4.8/debian/patches/04-fix-includes.diff 2023-01-12
11:07:55.0 +0100
+++ fraqtive-0.4.8.1/debian/patches/04-fix-includes.diff1970-01-01
01:00:00.0 +0100
@@ -1,30 +0,0 @@
-Description: Add missing includes
- Qt5 has had a bit of includes cleanups. Apply those.
-Author: Sune Vuorela
-Forwarded: yes
-
-Origin: other
-Forwarded: no
-Last-Update: 2018-08-15
-
fraqtive-0.4.8.orig/src/configurationdata.cpp
-+++ fraqtive-0.4.8/src/configurationdata.cpp
-@@ -27,6 +27,7 @@
-
- #include
- #include
-+#include
-
- ConfigurationData::ConfigurationData()
- {
fraqtive-0.4.8.orig/src/fractalgenerator.h
-+++ fraqtive-0.4.8/src/fractalgenerator.h
-@@ -22,6 +22,7 @@
- #include
- #include
- #include
-+#include
-
- #include "abstractjobprovider.h"
- #include "datastructures.h"
diff -Nru fraqtive-0.4.8/debian/patches/series
fraqtive-0.4.8.1/debian/patches/series
--- fraqtive-0.4.8/debian/patches/series2023-01-12 11:07:55.0
+0100
+++ fraqtive-0.4.8.1/debian/patches/series 2023-0
Bug#1033527: marked as done (unblock: cairosvg/2.5.2-1.1)
Your message dated Mon, 27 Mar 2023 18:51:06 + with message-id and subject line unblock cairosvg has caused the Debian Bug report #1033527, regarding unblock: cairosvg/2.5.2-1.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033527: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033527 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: cairo...@packages.debian.org, car...@debian.org Control: affects -1 + src:cairosvg Dear release team, Please unblock package cairosvg It addresses CVE-2023-27586, #1033295 for which we plan to release as well a DSA for bullseye-security. Testing with the new version both manually and with the ci setup for security did not show so far any regression. What changes is that one need to explicitly allow to allow fetching external files to address the problem. I would propose to unblock it and age the package a bit, but still give it some further exposure in unstable before it will migrate to testing. unblock cairosvg/2.5.2-1.1 Regards, Salvatore diff -Nru cairosvg-2.5.2/debian/changelog cairosvg-2.5.2/debian/changelog --- cairosvg-2.5.2/debian/changelog 2021-08-30 22:54:50.0 +0200 +++ cairosvg-2.5.2/debian/changelog 2023-03-21 22:21:22.0 +0100 @@ -1,3 +1,11 @@ +cairosvg (2.5.2-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Don't allow fetching external files unless explicitly asked for +(CVE-2023-27586) (Closes: #1033295) + + -- Salvatore Bonaccorso Tue, 21 Mar 2023 22:21:22 +0100 + cairosvg (2.5.2-1) unstable; urgency=low * New upstream release. diff -Nru cairosvg-2.5.2/debian/patches/Don-t-allow-fetching-external-files-unless-explicitl.patch cairosvg-2.5.2/debian/patches/Don-t-allow-fetching-external-files-unless-explicitl.patch --- cairosvg-2.5.2/debian/patches/Don-t-allow-fetching-external-files-unless-explicitl.patch 1970-01-01 01:00:00.0 +0100 +++ cairosvg-2.5.2/debian/patches/Don-t-allow-fetching-external-files-unless-explicitl.patch 2023-03-21 22:20:00.0 +0100 @@ -0,0 +1,66 @@ +From: Guillaume Ayoub +Date: Fri, 10 Mar 2023 16:11:22 +0100 +Subject: =?UTF-8?q?Don=E2=80=99t=20allow=20fetching=20external=20files=20u?= + =?UTF-8?q?nless=20explicitly=20asked=20for?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit +Origin: https://github.com/Kozea/CairoSVG/commit/12d31c653c0254fa9d9853f66b04ea46e7397255 +Bug-Debian: https://bugs.debian.org/1033295 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-27586 + +--- + cairosvg/__main__.py | 4 ++-- + cairosvg/parser.py | 6 ++ + cairosvg/surface.py | 3 ++- + 3 files changed, 10 insertions(+), 3 deletions(-) + +diff --git a/cairosvg/__main__.py b/cairosvg/__main__.py +index 3ff6b5d1282f..0aad3d782489 100644 +--- a/cairosvg/__main__.py b/cairosvg/__main__.py +@@ -42,8 +42,8 @@ def main(argv=None, stdout=None, stdin=None): + help='replace every raster pixel with its complementary color') + parser.add_argument( + '-u', '--unsafe', action='store_true', +-help='resolve XML entities and allow very large files ' +- '(WARNING: vulnerable to XXE attacks and various DoS)') ++help='fetch external files, resolve XML entities and allow very large ' ++ 'files (WARNING: vulnerable to XXE attacks and various DoS)') + parser.add_argument( + '--output-width', default=None, type=float, + help='desired output width in pixels') +diff --git a/cairosvg/parser.py b/cairosvg/parser.py +index f0f3a82573f3..61275f0a1073 100644 +--- a/cairosvg/parser.py b/cairosvg/parser.py +@@ -390,6 +390,12 @@ class Tree(Node): + tree = ElementTree.fromstring( + bytestring, forbid_entities=not unsafe, + forbid_external=not unsafe) ++ ++# Don’t allow fetching external files unless explicitly asked for ++if 'url_fetcher' not in kwargs and not unsafe: ++self.url_fetcher = ( ++lambda *args, **kwargs: b'') ++ + self.xml_tree = tree + root = cssselect2.ElementWrapper.from_xml_root(tree) + style = parent.style if parent else css.parse_stylesheets(self, url) +diff --git a/cairosvg/surface.py b/cairosvg/surface.py +index c5569e768032..a2f7736aabbe 100644 +--- a/cairosvg/surface.py b/cairosvg/surface.py +@@ -113,7 +113,8 @@ class Surface(object): + :param parent_wi
Bug#1033529: marked as done (unblock: libmicrohttpd/0.9.75-6)
Your message dated Mon, 27 Mar 2023 18:48:31 +
with message-id
and subject line unblock libmicrohttpd
has caused the Debian Bug report #1033529,
regarding unblock: libmicrohttpd/0.9.75-6
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1033529: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033529
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: libmicroht...@packages.debian.org, Daniel Baumann
, car...@debian.org
Control: affects -1 + src:libmicrohttpd
Dear release team,
Please unblock package libmicrohttpd
The new version in unstable fixes CVE-2023-27371 a denial of service
vulnerability, which got fixed targted by picking the upstream commit
for it. No other changes were applied.
As the package is a key package is needs now a manual approval for
unblock. It was already long enough in unstable, and passes the
autopkgtest runs.
unblock libmicrohttpd/0.9.75-6
Regards,
Salvatore
diff -Nru libmicrohttpd-0.9.75/debian/changelog
libmicrohttpd-0.9.75/debian/changelog
--- libmicrohttpd-0.9.75/debian/changelog 2023-01-30 17:30:27.0
+0100
+++ libmicrohttpd-0.9.75/debian/changelog 2023-03-03 14:51:24.0
+0100
@@ -1,3 +1,11 @@
+libmicrohttpd (0.9.75-6) sid; urgency=high
+
+ * Uploading to sid.
+ * Adding patch from libmicrohttpd 0.9.76 to fix a parser bug that could
+be used to crash servers using the MHD_PostProcessor [CVE-2023-27371].
+
+ -- Daniel Baumann Fri, 03 Mar 2023
14:51:24 +0100
+
libmicrohttpd (0.9.75-5) sid; urgency=medium
* Uploading to sid.
diff -Nru
libmicrohttpd-0.9.75/debian/patches/debian/0001-PostProcessor-DoS.patch
libmicrohttpd-0.9.75/debian/patches/debian/0001-PostProcessor-DoS.patch
--- libmicrohttpd-0.9.75/debian/patches/debian/0001-PostProcessor-DoS.patch
1970-01-01 01:00:00.0 +0100
+++ libmicrohttpd-0.9.75/debian/patches/debian/0001-PostProcessor-DoS.patch
2023-03-03 14:47:29.0 +0100
@@ -0,0 +1,22 @@
+Author: Christian Grothoff
+Description: fix parser bug that could be used to crash servers using the
MHD_PostProcessor
+ Fix potential DoS vector in MHD_PostProcessor discovered
+ by Gynvael Coldwind and Dejan Alvadzijevic [CVE-2023-27371].
+ .
+ While the researchers have not been able to exploit this attack vector
+ when libmicrohttpd is compiled with the standard GNU C library, it is
+ recommended that you update MHD as soon as possible if PostProcessor
+ functionality is used in your applications.
+
+diff -Naurp libmicrohttpd.orig/src/microhttpd/postprocessor.c
libmicrohttpd/src/microhttpd/postprocessor.c
+--- libmicrohttpd.orig/src/microhttpd/postprocessor.c
libmicrohttpd/src/microhttpd/postprocessor.c
+@@ -297,7 +297,7 @@ MHD_create_post_processor (struct MHD_Co
+ return NULL; /* failed to determine boundary */
+ boundary += MHD_STATICSTR_LEN_ ("boundary=");
+ blen = strlen (boundary);
+-if ( (blen == 0) ||
++if ( (blen < 2) ||
+ (blen * 2 + 2 > buffer_size) )
+ return NULL; /* (will be) out of memory or invalid
boundary */
+ if ( (boundary[0] == '"') &&
diff -Nru libmicrohttpd-0.9.75/debian/patches/series
libmicrohttpd-0.9.75/debian/patches/series
--- libmicrohttpd-0.9.75/debian/patches/series 1970-01-01 01:00:00.0
+0100
+++ libmicrohttpd-0.9.75/debian/patches/series 2023-03-03 14:47:34.0
+0100
@@ -0,0 +1 @@
+debian/0001-PostProcessor-DoS.patch
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---
Bug#1033518: marked as done (unblock: rails/2:6.1.7.3+dfsg-1)
Your message dated Mon, 27 Mar 2023 18:50:02 + with message-id and subject line unblock rails has caused the Debian Bug report #1033518, regarding unblock: rails/2:6.1.7.3+dfsg-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033518: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033518 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package rails. That version fixes a number of CVEs and #1030050. >From the changelog: + This is a security-only release from a rails stable branch. Upstream changelogs: https://github.com/rails/rails/releases/tag/v6.1.7.1 https://github.com/rails/rails/releases/tag/v6.1.7.2 https://github.com/rails/rails/releases/tag/v6.1.7.3 Fixed CVEs: CVE-2023-22796 CVE-2023-22794 CVE-2022-44566 CVE-2023-22795 CVE-2023-22792 CVE-2023-28120 CVE-2023-23913 + All reverse dependencies and build-dependencies have been tested using the ruby team's tooling. No regressions were found. After a couple retries due to random failures, ci.debian.net also agrees. unblock rails/2:6.1.7.3+dfsg-1 - Lucas --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Processed (with 2 errors): Re: Bug#1029206: [pre-approval] unblock: webkit2gtk 2.40.0-2
Processing commands for cont...@bugs.debian.org: > tags 1029206 -moreinfo Bug #1029206 [release.debian.org] unblock: webkit2gtk 2.40.0-2 [pre-approval] Removed tag(s) moreinfo. > Thank you, Unknown command or malformed arguments to command. > Jeremy Bícha Unknown command or malformed arguments to command. > End of message, stopping processing here. Please contact me if you need assistance. -- 1029206: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029206 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033578: bullseye-pu: package joblib/0.17.0-4+deb11u1
Package: release.debian.org
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: job...@packages.debian.org, Chiara Marmo
, Graham Inggs
Control: affects -1 + src:joblib
[ Reason ]
Fix no-dsa security vulnerability CVE-2022-21797.
[ Impact ]
The n_jobs parameter of the parallel_backend, which used to be a string
containing a Python expression, becomes restricted to fairly basic
arithmetic expressions. Using it in another way was not intended.
[ Tests ]
Upstream test suite is extended and run during build.
[ Risks ]
Someone may have used n_jobs in ways not intended by upstream.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
[ Changes ]
I cherry-picked the relevant upstream commit and updated the hunk
context.
[ Other info ]
The security team tagged this vulnerability no-dsa.
Upstream had multiple attempts at fixing this and buster includes a
vulnerable patch. This cherry-pick skips the vulnerable patch and goes
to the real fix directly.
I am not interested in refining the updated (unless it also affects
buster). This is a drive-by contribution as part of an LTS upload.
Helmut
diff --minimal -Nru joblib-0.17.0/debian/changelog
joblib-0.17.0/debian/changelog
--- joblib-0.17.0/debian/changelog 2021-06-12 10:19:09.0 +0200
+++ joblib-0.17.0/debian/changelog 2023-03-27 15:25:19.0 +0200
@@ -1,3 +1,10 @@
+joblib (0.17.0-4+deb11u1) bullseye; urgency=high
+
+ * Non-maintainer upload.
+ * Fix CVE-2022-21797 (Closes: #1020820)
+
+ -- Helmut Grohne Mon, 27 Mar 2023 15:25:19 +0200
+
joblib (0.17.0-4) unstable; urgency=medium
* Team upload
diff --minimal -Nru joblib-0.17.0/debian/patches/CVE-2022-21797.patch
joblib-0.17.0/debian/patches/CVE-2022-21797.patch
--- joblib-0.17.0/debian/patches/CVE-2022-21797.patch 1970-01-01
01:00:00.0 +0100
+++ joblib-0.17.0/debian/patches/CVE-2022-21797.patch 2023-03-27
15:25:08.0 +0200
@@ -0,0 +1,121 @@
+From 54f4d21f098591c77b48c9acfffaa4cf0a45282b Mon Sep 17 00:00:00 2001
+From: Adrin Jalali
+Date: Mon, 12 Sep 2022 17:17:28 +0200
+Subject: [PATCH] FIX parse pre-dispatch with AST instead of calling eval
+ (#1327)
+
+---
+ CHANGES.rst | 2 +-
+ joblib/_utils.py | 44 +++
+ joblib/parallel.py| 7 +++
+ joblib/test/test_utils.py | 27
+ 4 files changed, 75 insertions(+), 5 deletions(-)
+ create mode 100644 joblib/_utils.py
+ create mode 100644 joblib/test/test_utils.py
+
+diff --git a/joblib/_utils.py b/joblib/_utils.py
+new file mode 100644
+index 0..2dbd4f636
+--- /dev/null
b/joblib/_utils.py
+@@ -0,0 +1,44 @@
++# Adapted from https://stackoverflow.com/a/9558001/2536294
++
++import ast
++import operator as op
++
++# supported operators
++operators = {
++ast.Add: op.add,
++ast.Sub: op.sub,
++ast.Mult: op.mul,
++ast.Div: op.truediv,
++ast.FloorDiv: op.floordiv,
++ast.Mod: op.mod,
++ast.Pow: op.pow,
++ast.USub: op.neg,
++}
++
++
++def eval_expr(expr):
++"""
++>>> eval_expr('2*6')
++12
++>>> eval_expr('2**6')
++64
++>>> eval_expr('1 + 2*3**(4) / (6 + -7)')
++-161.0
++"""
++try:
++return eval_(ast.parse(expr, mode="eval").body)
++except (TypeError, SyntaxError, KeyError) as e:
++raise ValueError(
++f"{expr!r} is not a valid or supported arithmetic expression."
++) from e
++
++
++def eval_(node):
++if isinstance(node, ast.Num): #
++return node.n
++elif isinstance(node, ast.BinOp): #
++return operators[type(node.op)](eval_(node.left), eval_(node.right))
++elif isinstance(node, ast.UnaryOp): # e.g., -1
++return operators[type(node.op)](eval_(node.operand))
++else:
++raise TypeError(node)
+diff --git a/joblib/parallel.py b/joblib/parallel.py
+index 1c2fe18f7..6e7b1b19a 100644
+--- a/joblib/parallel.py
b/joblib/parallel.py
+@@ -27,6 +27,7 @@
+ LokyBackend)
+ from .externals.cloudpickle import dumps, loads
+ from .externals import loky
++from ._utils import eval_expr
+
+ # Make sure that those two classes are part of the public joblib.parallel API
+ # so that 3rd party backend implementers can import them from here.
+@@ -1051,7 +1052,9 @@ def _batched_calls_reducer_callback():
+ else:
+ self._original_iterator = iterator
+ if hasattr(pre_dispatch, 'endswith'):
+-pre_dispatch = eval(pre_dispatch)
++pre_dispatch = eval_expr(
++pre_dispatch.replace("n_jobs", str(n_jobs))
++)
+ self._pre_dispatch_amount = pre_dispatch = int(pre_dispatch)
+
+ # The main thread will consume the first pre_dispatch
Processed: bullseye-pu: package joblib/0.17.0-4+deb11u1
Processing control commands: > affects -1 + src:joblib Bug #1033578 [release.debian.org] bullseye-pu: package joblib/0.17.0-4+deb11u1 Added indication that 1033578 affects src:joblib -- 1033578: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033578 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033573: unblock: ruby3.1/3.1.2-7
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: ruby...@packages.debian.org
Control: affects -1 + src:ruby3.1
Please unblock package ruby3.1
[ Reason ]
This release updates the openssl bindings, fixing a few regressions that
have been identified.
[ Impact ]
Without these changes, at least gitlab doesn't work correctly.
[ Tests ]
I had uploaded this to experimental some time ago, and the pseudo
excuses against unstable showed no regressions.
[ Risks ]
The changes are contained to the implementatin of a few openssl methods.
I think the risk is low. I had also tried updating to the new upstream
release 3.1.3, which includes this change, but thought that contained
too many non-critical changes.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
[ Other info ]
I'm also attaching the actual patch included in this upload as it is
easier to read than the diff-in-diff in the debdiff.
unblock ruby3.1/3.1.2-7
diff --git a/debian/changelog b/debian/changelog
index c6bd035fc..54e474d21 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+ruby3.1 (3.1.2-7) unstable; urgency=medium
+
+ * Upload to unstable
+
+ -- Antonio Terceiro Sat, 25 Mar 2023 14:20:34 -0300
+
+ruby3.1 (3.1.2-7~exp) experimental; urgency=medium
+
+ * Update openssl extension to to 3.0.1 (Closes: #1032070)
+
+ -- Antonio Terceiro Sun, 05 Mar 2023 17:13:36 -0300
+
ruby3.1 (3.1.2-6) unstable; urgency=medium
* Add missing dependencies for pkg-config test
diff --git a/debian/patches/openssl-3.0.1.patch b/debian/patches/openssl-3.0.1.patch
new file mode 100644
index 0..0762cb65e
--- /dev/null
+++ b/debian/patches/openssl-3.0.1.patch
@@ -0,0 +1,495 @@
+From: Antonio Terceiro
+Date: Sun, 5 Mar 2023 17:09:05 -0300
+Subject: openssl 3.0.1
+
+This is a combination of several patches for openssl extension that fix
+bugs in its version 3.0.0.
+
+Forwarded: not-needed
+---
+ ext/openssl/History.md | 40 +
+ ext/openssl/extconf.rb | 5 +++--
+ ext/openssl/lib/openssl/pkey.rb| 8 +++
+ ext/openssl/lib/openssl/version.rb | 2 +-
+ ext/openssl/openssl.gemspec| 2 +-
+ ext/openssl/ossl_hmac.c| 8 +++
+ ext/openssl/ossl_pkey.c| 46 +++---
+ ext/openssl/ossl_pkey_ec.c | 4
+ ext/openssl/ossl_x509cert.c| 6 ++---
+ ext/openssl/ossl_x509crl.c | 6 ++---
+ ext/openssl/ossl_x509req.c | 6 ++---
+ ext/openssl/ossl_x509revoked.c | 6 ++---
+ test/openssl/test_hmac.rb | 8 +++
+ test/openssl/test_pkey_dsa.rb | 19
+ test/openssl/test_pkey_ec.rb | 25 +
+ test/openssl/test_pkey_rsa.rb | 5 +
+ test/openssl/test_ssl.rb | 6 +
+ 17 files changed, 183 insertions(+), 19 deletions(-)
+
+diff --git a/ext/openssl/History.md b/ext/openssl/History.md
+index 479ec3b..a4f6bd7 100644
+--- a/ext/openssl/History.md
b/ext/openssl/History.md
+@@ -1,3 +1,27 @@
++Version 3.0.1
++=
++
++Merged changes in 2.1.4 and 2.2.2. Additionally, the following issues are fixed
++by this release.
++
++Bug fixes
++-
++
++* Add missing type check in OpenSSL::PKey::PKey#sign's optional parameters.
++ [[GitHub #531]](https://github.com/ruby/openssl/pull/531)
++* Work around OpenSSL 3.0's HMAC issues with a zero-length key.
++ [[GitHub #538]](https://github.com/ruby/openssl/pull/538)
++* Fix a regression in OpenSSL::PKey::DSA.generate's default of 'q' size.
++ [[GitHub #483]](https://github.com/ruby/openssl/issues/483)
++ [[GitHub #539]](https://github.com/ruby/openssl/pull/539)
++* Restore OpenSSL::PKey.read's ability to decode "openssl ecparam -genkey"
++ output when linked against OpenSSL 3.0.
++ [[GitHub #535]](https://github.com/ruby/openssl/pull/535)
++ [[GitHub #540]](https://github.com/ruby/openssl/pull/540)
++* Restore error checks in OpenSSL::PKey::EC#{to_der,to_pem}.
++ [[GitHub #541]](https://github.com/ruby/openssl/pull/541)
++
++
+ Version 3.0.0
+ =
+
+@@ -100,6 +124,12 @@ Notable changes
+ [[GitHub #342]](https://github.com/ruby/openssl/issues/342)
+
+
++Version 2.2.2
++=
++
++Merged changes in 2.1.4.
++
++
+ Version 2.2.1
+ =
+
+@@ -194,6 +224,16 @@ Notable changes
+ [[GitHub #297]](https://github.com/ruby/openssl/pull/297)
+
+
++Version 2.1.4
++=
++
++Bug fixes
++-
++
++* Do not use pkg-config if --with-openssl-dir option is specified.
++ [[GitHub #486]](https://github.com/ruby/openssl/pull/486)
++
++
+ Version 2.1.3
+ =
+
+diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
+index fedcb93..d2d7893 100644
+--- a/ext/openssl/extconf.rb
b/ext/openssl/extconf.rb
+@@ -13,7 +13,7 @@
+
+ require "mk
Processed: unblock: ruby3.1/3.1.2-7
Processing control commands: > affects -1 + src:ruby3.1 Bug #1033573 [release.debian.org] unblock: ruby3.1/3.1.2-7 Added indication that 1033573 affects src:ruby3.1 -- 1033573: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033573 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033571: unblock: keyman/16.0.139-4
Package: release.debian.org
Severity: normal
User:release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc:debian-input-met...@lists.debian.org,e...@sil.org
Please unblock package keyman.
[ Reason ]
While keyman has autopkgtests and so would qualify for automatic migration, the
tests are skipped on s390x.
The reason is that Keyman doesn't yet support big endian architecture and so
can't run on s390x (even though it's
possible to build it on that platform it won't work). See upstream
bughttps://github.com/keymanapp/keyman/issues/5111.
Included are only small changes: one is a small fix in the postinst script, the
other is an update of a timestamp in a
locale. It also excludes s390x from building since that makes more sense than
building an unusable library.
Another reason why I'd like to get this version approved is that it brings the
version in Debian on par with the upstream
version which simplifies user help requests.
[ Impact ]
The user won't notice any difference, but it would be helpful for the support
team if the users would use the same version
that is used on the other platforms.
[ Tests ]
Manually installed the binaries and verified that things work as expected.
[ Risks ]
Changes are minimal. I can't think of any negative side effects.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock keyman/16.0.139-4
diff -Nru keyman-16.0.138/core/VERSION.md keyman-16.0.139/core/VERSION.md
--- keyman-16.0.138/core/VERSION.md 2023-02-01 04:55:31.0 +0100
+++ keyman-16.0.139/core/VERSION.md 2023-03-16 08:24:24.0 +0100
@@ -1 +1 @@
-16.0.138
\ No newline at end of file
+16.0.139
\ No newline at end of file
diff -Nru keyman-16.0.138/crowdin.yml keyman-16.0.139/crowdin.yml
--- keyman-16.0.138/crowdin.yml 2023-01-31 19:04:42.0 +0100
+++ keyman-16.0.139/crowdin.yml 2023-03-16 08:22:51.0 +0100
@@ -59,6 +59,7 @@
locale:
de: de
fr: fr
+kn: kn
- source: /windows/src/desktop/setup/locale/en/strings.xml
dest: /windows/setup/strings.xml
@@ -68,6 +69,7 @@
locale:
de: de
fr: fr
+kn: kn
# iOS files
diff -Nru keyman-16.0.138/debian/changelog keyman-16.0.139/debian/changelog
--- keyman-16.0.138/debian/changelog2023-02-11 18:39:13.0 +0100
+++ keyman-16.0.139/debian/changelog2023-03-24 16:05:07.0 +0100
@@ -1,3 +1,29 @@
+keyman (16.0.139-4) unstable; urgency=medium
+
+ * debian/tests: Revert previous change and ignore s390x from autopkgtests
+
+ -- Eberhard Beilharz Fri, 24 Mar 2023 16:05:07 +0100
+
+keyman (16.0.139-3) unstable; urgency=medium
+
+ * debian/tests: Run autopkgtests on s390x but immediately return
+
+ -- Eberhard Beilharz Wed, 22 Mar 2023 19:25:02 +0100
+
+keyman (16.0.139-2) unstable; urgency=medium
+
+ * Don't build on s390x because Keyman doesn't work on big-endian
architectures
+(upstream bug https://github.com/keymanapp/keyman/issues/5111)
+
+ -- Eberhard Beilharz Mon, 20 Mar 2023 19:54:44 +0100
+
+keyman (16.0.139-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Re-release to Debian
+
+ -- Eberhard Beilharz Thu, 16 Mar 2023 08:59:04 +0100
+
keyman (16.0.138-4) unstable; urgency=medium
* Team upload
diff -Nru keyman-16.0.138/debian/control keyman-16.0.139/debian/control
--- keyman-16.0.138/debian/control 2023-02-09 12:17:16.0 +0100
+++ keyman-16.0.139/debian/control 2023-03-20 20:02:09.0 +0100
@@ -105,7 +105,7 @@
information about Keyman keyboard packages.
Package: libkmnkbp-dev
-Architecture: any
+Architecture: amd64 arm64 armel armhf i386 mipsel mips64el ppc64el riscv64
Section: libdevel
Depends:
libkmnkbp0-0 (= ${binary:Version}),
@@ -129,7 +129,7 @@
This package contains development headers and libraries.
Package: libkmnkbp0-0
-Architecture: any
+Architecture: amd64 arm64 armel armhf i386 mipsel mips64el ppc64el riscv64
Section: libs
Pre-Depends:
${misc:Pre-Depends},
@@ -155,7 +155,7 @@
and applies rules from compiled Keyman keyboard files.
Package: ibus-keyman
-Architecture: any
+Architecture: amd64 arm64 armel armhf i386 mipsel mips64el ppc64el riscv64
Depends:
ibus (>= 1.3.7),
sudo,
diff -Nru keyman-16.0.138/debian/ibus-keyman.postinst
keyman-16.0.139/debian/ibus-keyman.postinst
--- keyman-16.0.138/debian/ibus-keyman.postinst 2023-02-09 12:17:16.0
+0100
+++ keyman-16.0.139/debian/ibus-keyman.postinst 2023-03-16 08:57:27.0
+0100
@@ -1,10 +1,13 @@
#!/bin/sh
-set -e
+# Don't call `set -e`. Even if some commands should fail, it's still
+# worth running the rest of the commands.
case "$1" in
configure)
+# (Re-)Start IBus
+
# if don't have sudo and ps then don't attempt to restart ibus
if which sudo > /dev/null && which ps > /dev/null; then
@@ -37,20 +40,20 @@
fi
#
Re: 11.7 planning + bookworm planning
Hello all El 23/3/23 a las 13:31, Paul Gevers escribió: Hi, With the point release scheduled for April 29th, it's probably good to have at least one weekend in between, or do people not mind doing two weekends in a row? On 17-03-2023 15:59, Steve McIntyre wrote: On Thu, Mar 16, 2023 at 11:26:00AM +0100, Paul Gevers wrote: So, shall we add availability for May too? 6th, 13th, 20th (Ascension weekend), and 27th (coincides with DebianReunionHamburg)? I could do the 6th and 13th, but I'm away on vacation 20th and 27th (and 3rd June). If I did the bookkeeping correctly, the missing necessary teams are press and release team, as I now have: kibi - 6, 13, 20, 27 d-i mhy - 6, 13, 20, 27 ftp Sledge - 6, 13 CD Luna - 6, 20 CD testing I can help 6 (probably), 13 and 27, but I don't have the signing key and I haven't witnessed all details from our side so I'm not comfortable doing it alone even if I could get my hands on the key. elbrus - 13, 27 release team Paul I have no spoons to do/coordinate the work that the release needs in the publicity side, so better that other express their availability. If situation changes, I'll write again. Thanks -- Laura Arjona Reina https://wiki.debian.org/LauraArjona
Bug#1033568: marked as done (unblock: gnome-calendar/43.1-2)
Your message dated Mon, 27 Mar 2023 15:57:26 + with message-id and subject line unblock gnome-calendar has caused the Debian Bug report #1033568, regarding unblock: gnome-calendar/43.1-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033568: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033568 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package gnome-calendar [ Reason ] If the user tries to add a new calendar manually, the version of gnome-calendar currently in testing crashes while the user is typing the URI. This happens while the URI is incomplete because it is not validated before proceeding. [ Impact ] The application crashes suddenly and must be restarted with no clue about why the crash happened. [ Tests ] Tested manually, the bug is very easy to reproduce, simply typing 'https://' on the URL entry is enough. The new package also provides a test case. [ Risks ] Very low, this is the upstream patch for this bug and is very straightforward. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock gnome-calendar/43.1-2 diff -Nru gnome-calendar-43.1/debian/changelog gnome-calendar-43.1/debian/changelog --- gnome-calendar-43.1/debian/changelog2022-10-18 16:09:27.0 +0200 +++ gnome-calendar-43.1/debian/changelog2023-03-20 18:25:22.0 +0100 @@ -1,3 +1,14 @@ +gnome-calendar (43.1-2) unstable; urgency=high + + [ Alberto Garcia ] + * debian/patches/validate-uri.patch: +- Fix crash when adding an url manually (Closes: #1033239) + + [ Jeremy Bicha ] + * Branch for bookworm + + -- Alberto Garcia Mon, 20 Mar 2023 18:25:22 +0100 + gnome-calendar (43.1-1) unstable; urgency=high * New upstream release (LP: #1993308) diff -Nru gnome-calendar-43.1/debian/control gnome-calendar-43.1/debian/control --- gnome-calendar-43.1/debian/control 2022-10-18 16:09:27.0 +0200 +++ gnome-calendar-43.1/debian/control 2023-03-20 18:25:22.0 +0100 @@ -6,7 +6,7 @@ Section: gnome Priority: optional Maintainer: Debian GNOME Maintainers -Uploaders: Iain Lane , Jeremy Bicha , Laurent Bigonville +Uploaders: Jeremy Bicha Build-Depends: appstream-util, debhelper-compat (= 13), dh-sequence-gnome, @@ -29,8 +29,8 @@ xvfb , Standards-Version: 4.6.0 Rules-Requires-Root: no -Vcs-Browser: https://salsa.debian.org/gnome-team/gnome-calendar -Vcs-Git: https://salsa.debian.org/gnome-team/gnome-calendar.git +Vcs-Browser: https://salsa.debian.org/gnome-team/gnome-calendar/tree/debian/bookworm +Vcs-Git: https://salsa.debian.org/gnome-team/gnome-calendar.git -b debian/bookworm Homepage: https://wiki.gnome.org/Apps/Calendar Package: gnome-calendar diff -Nru gnome-calendar-43.1/debian/control.in gnome-calendar-43.1/debian/control.in --- gnome-calendar-43.1/debian/control.in 2022-10-18 16:09:27.0 +0200 +++ gnome-calendar-43.1/debian/control.in 2023-03-20 18:25:22.0 +0100 @@ -25,8 +25,8 @@ xvfb , Standards-Version: 4.6.0 Rules-Requires-Root: no -Vcs-Browser: https://salsa.debian.org/gnome-team/gnome-calendar -Vcs-Git: https://salsa.debian.org/gnome-team/gnome-calendar.git +Vcs-Browser: https://salsa.debian.org/gnome-team/gnome-calendar/tree/debian/bookworm +Vcs-Git: https://salsa.debian.org/gnome-team/gnome-calendar.git -b debian/bookworm Homepage: https://wiki.gnome.org/Apps/Calendar Package: gnome-calendar diff -Nru gnome-calendar-43.1/debian/gbp.conf gnome-calendar-43.1/debian/gbp.conf --- gnome-calendar-43.1/debian/gbp.conf 2022-10-18 16:09:27.0 +0200 +++ gnome-calendar-43.1/debian/gbp.conf 2023-03-20 18:25:22.0 +0100 @@ -1,6 +1,6 @@ [DEFAULT] pristine-tar = True -debian-branch = debian/master +debian-branch = debian/bookworm upstream-branch = upstream/latest [buildpackage] diff -Nru gnome-calendar-43.1/debian/patches/series gnome-calendar-43.1/debian/patches/series --- gnome-calendar-43.1/debian/patches/series 2022-10-18 16:09:27.0 +0200 +++ gnome-calendar-43.1/debian/patches/series 2023-03-20 18:25:22.0 +0100 @@ -0,0 +1 @@ +validate-uri.patch diff -Nru gnome-calendar-43.1/debian/patches/validate-uri.patch gnome-calendar-43.1/debian/patches/validate-uri.patch --- gnome-calendar-43.1/debian/patches/validate-uri.patch 1970-01-01 01:00:00.000
Bug#1033568: unblock: gnome-calendar/43.1-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package gnome-calendar [ Reason ] If the user tries to add a new calendar manually, the version of gnome-calendar currently in testing crashes while the user is typing the URI. This happens while the URI is incomplete because it is not validated before proceeding. [ Impact ] The application crashes suddenly and must be restarted with no clue about why the crash happened. [ Tests ] Tested manually, the bug is very easy to reproduce, simply typing 'https://' on the URL entry is enough. The new package also provides a test case. [ Risks ] Very low, this is the upstream patch for this bug and is very straightforward. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock gnome-calendar/43.1-2 diff -Nru gnome-calendar-43.1/debian/changelog gnome-calendar-43.1/debian/changelog --- gnome-calendar-43.1/debian/changelog2022-10-18 16:09:27.0 +0200 +++ gnome-calendar-43.1/debian/changelog2023-03-20 18:25:22.0 +0100 @@ -1,3 +1,14 @@ +gnome-calendar (43.1-2) unstable; urgency=high + + [ Alberto Garcia ] + * debian/patches/validate-uri.patch: +- Fix crash when adding an url manually (Closes: #1033239) + + [ Jeremy Bicha ] + * Branch for bookworm + + -- Alberto Garcia Mon, 20 Mar 2023 18:25:22 +0100 + gnome-calendar (43.1-1) unstable; urgency=high * New upstream release (LP: #1993308) diff -Nru gnome-calendar-43.1/debian/control gnome-calendar-43.1/debian/control --- gnome-calendar-43.1/debian/control 2022-10-18 16:09:27.0 +0200 +++ gnome-calendar-43.1/debian/control 2023-03-20 18:25:22.0 +0100 @@ -6,7 +6,7 @@ Section: gnome Priority: optional Maintainer: Debian GNOME Maintainers -Uploaders: Iain Lane , Jeremy Bicha , Laurent Bigonville +Uploaders: Jeremy Bicha Build-Depends: appstream-util, debhelper-compat (= 13), dh-sequence-gnome, @@ -29,8 +29,8 @@ xvfb , Standards-Version: 4.6.0 Rules-Requires-Root: no -Vcs-Browser: https://salsa.debian.org/gnome-team/gnome-calendar -Vcs-Git: https://salsa.debian.org/gnome-team/gnome-calendar.git +Vcs-Browser: https://salsa.debian.org/gnome-team/gnome-calendar/tree/debian/bookworm +Vcs-Git: https://salsa.debian.org/gnome-team/gnome-calendar.git -b debian/bookworm Homepage: https://wiki.gnome.org/Apps/Calendar Package: gnome-calendar diff -Nru gnome-calendar-43.1/debian/control.in gnome-calendar-43.1/debian/control.in --- gnome-calendar-43.1/debian/control.in 2022-10-18 16:09:27.0 +0200 +++ gnome-calendar-43.1/debian/control.in 2023-03-20 18:25:22.0 +0100 @@ -25,8 +25,8 @@ xvfb , Standards-Version: 4.6.0 Rules-Requires-Root: no -Vcs-Browser: https://salsa.debian.org/gnome-team/gnome-calendar -Vcs-Git: https://salsa.debian.org/gnome-team/gnome-calendar.git +Vcs-Browser: https://salsa.debian.org/gnome-team/gnome-calendar/tree/debian/bookworm +Vcs-Git: https://salsa.debian.org/gnome-team/gnome-calendar.git -b debian/bookworm Homepage: https://wiki.gnome.org/Apps/Calendar Package: gnome-calendar diff -Nru gnome-calendar-43.1/debian/gbp.conf gnome-calendar-43.1/debian/gbp.conf --- gnome-calendar-43.1/debian/gbp.conf 2022-10-18 16:09:27.0 +0200 +++ gnome-calendar-43.1/debian/gbp.conf 2023-03-20 18:25:22.0 +0100 @@ -1,6 +1,6 @@ [DEFAULT] pristine-tar = True -debian-branch = debian/master +debian-branch = debian/bookworm upstream-branch = upstream/latest [buildpackage] diff -Nru gnome-calendar-43.1/debian/patches/series gnome-calendar-43.1/debian/patches/series --- gnome-calendar-43.1/debian/patches/series 2022-10-18 16:09:27.0 +0200 +++ gnome-calendar-43.1/debian/patches/series 2023-03-20 18:25:22.0 +0100 @@ -0,0 +1 @@ +validate-uri.patch diff -Nru gnome-calendar-43.1/debian/patches/validate-uri.patch gnome-calendar-43.1/debian/patches/validate-uri.patch --- gnome-calendar-43.1/debian/patches/validate-uri.patch 1970-01-01 01:00:00.0 +0100 +++ gnome-calendar-43.1/debian/patches/validate-uri.patch 2023-03-20 18:25:22.0 +0100 @@ -0,0 +1,121 @@ +From: Georges Basile Stavracas Neto +Subject: Test URI before discovery +Bug: https://gitlab.gnome.org/GNOME/gnome-calendar/-/issues/794 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033239 +Origin: https://gitlab.gnome.org/GNOME/gnome-calendar/-/commit/0322bcf54cf1fc37ff74b87fd36e282dc1cf7863 +Index: gnome-calendar-43.1/src/utils/gcal-source-discoverer.c +=== +--- gnome-calendar-43.1.orig/src/utils/gcal-source-discoverer.c gnome-calendar-43.1/src/utils/gcal-source-discoverer.c +@@ -183,6 +183,26 @@ is_authentication_error (gint code) + return FALSE; + } +
Bug#1033439: pre-unblock: monitoring-plugins/2.3.3-5
Hi, Am 27.03.23 um 08:28 schrieb Jan Wagner: here are the upstream fixes, related upstream CI pipelines and issues: while we are at fixing bugs. I'd also like to include https://patch-diff.githubusercontent.com/raw/monitoring-plugins/monitoring-plugins/pull/1850.patch, which fixes https://github.com/monitoring-plugins/monitoring-plugins/issues/1849 (check_snmp: unit removed from check result) https://github.com/monitoring-plugins/monitoring-plugins/actions/runs/4531646296/jobs/7982048943?pr=1850 has a successfull upstream CI test run. Thanks Jan
Processed: unblock: umps3/3.0.5-1
Processing control commands: > affects -1 + src:umps3 Bug #1033565 [release.debian.org] unblock: umps3/3.0.5-1 Added indication that 1033565 affects src:umps3 -- 1033565: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033565 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033555: unblock: fraqtive/0.4.8.1-1
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package fraqtive
This is just a short maintainance release from upstream after many
years, mainly just merged already in Debian applied patches, so that
fraqtive still builds in modern environments.
As described in my mlt unblock request I thought it will migrate after
20 days and it looks cleaner for me to have the new upstream release, why
I had done this upload for targeting bookworm
[ Reason ]
New upstream release, which just covers already applied patches.
[ Impact ]
No impact here
[ Tests ]
Tested if it still starts, manual
[ Risks ]
I do not see any risk
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock fraqtive/0.4.8.1-1
diff -Nru fraqtive-0.4.8/configure fraqtive-0.4.8.1/configure
--- fraqtive-0.4.8/configure2008-03-21 11:49:25.78354 +0100
+++ fraqtive-0.4.8.1/configure 2023-03-06 09:30:22.0 +0100
@@ -81,7 +81,7 @@
if test "$version" != "**Unknown**"; then
major=`echo $version | sed -e "s/\([0-9][0-9]*\).*/\1/"`
minor=`echo $version | sed -e "s/[0-9][0-9]*\.\([0-9][0-9]*\).*/\1/"`
-if test $major -eq 4 -a $minor -ge 3; then
+if test $major -eq 5; then
QMAKE=$i
break
fi
@@ -89,7 +89,7 @@
done
if test -z "$QMAKE"; then
-echo "*** ERROR: Cannot find 'qmake' from Qt 4.3 or newer." >&2
+echo "*** ERROR: Cannot find 'qmake' from Qt 5." >&2
exit 1
fi
diff -Nru fraqtive-0.4.8/debian/changelog fraqtive-0.4.8.1/debian/changelog
--- fraqtive-0.4.8/debian/changelog 2023-01-12 11:07:55.0 +0100
+++ fraqtive-0.4.8.1/debian/changelog 2023-03-13 12:00:59.0 +0100
@@ -1,3 +1,11 @@
+fraqtive (0.4.8.1-1) unstable; urgency=medium
+
+ * New upstream release.
+- Remove merged patch 03-use-qt5.
+- Remove merged patch 04-fix-includes.
+
+ -- Patrick Matthäi Mon, 13 Mar 2023 12:00:59 +0100
+
fraqtive (0.4.8-17) unstable; urgency=medium
* Adjust debian/watch to work again with GitHub.
diff -Nru fraqtive-0.4.8/debian/patches/03-use-qt5.diff
fraqtive-0.4.8.1/debian/patches/03-use-qt5.diff
--- fraqtive-0.4.8/debian/patches/03-use-qt5.diff 2023-01-12
11:07:55.0 +0100
+++ fraqtive-0.4.8.1/debian/patches/03-use-qt5.diff 1970-01-01
01:00:00.0 +0100
@@ -1,19 +0,0 @@
-Description: Fix build system to use Qt5 instead of Qt4
-Author: Sune Vuorela
-Forwarded: yes
-
-Origin: other
-Last-Update: 2018-08-15
-
fraqtive-0.4.8.orig/configure
-+++ fraqtive-0.4.8/configure
-@@ -81,7 +81,7 @@ for i in $paths; do
- if test "$version" != "**Unknown**"; then
- major=`echo $version | sed -e "s/\([0-9][0-9]*\).*/\1/"`
- minor=`echo $version | sed -e "s/[0-9][0-9]*\.\([0-9][0-9]*\).*/\1/"`
--if test $major -eq 4 -a $minor -ge 3; then
-+if test $major -eq 5 -a $minor -ge 3; then
- QMAKE=$i
- break
- fi
diff -Nru fraqtive-0.4.8/debian/patches/04-fix-includes.diff
fraqtive-0.4.8.1/debian/patches/04-fix-includes.diff
--- fraqtive-0.4.8/debian/patches/04-fix-includes.diff 2023-01-12
11:07:55.0 +0100
+++ fraqtive-0.4.8.1/debian/patches/04-fix-includes.diff1970-01-01
01:00:00.0 +0100
@@ -1,30 +0,0 @@
-Description: Add missing includes
- Qt5 has had a bit of includes cleanups. Apply those.
-Author: Sune Vuorela
-Forwarded: yes
-
-Origin: other
-Forwarded: no
-Last-Update: 2018-08-15
-
fraqtive-0.4.8.orig/src/configurationdata.cpp
-+++ fraqtive-0.4.8/src/configurationdata.cpp
-@@ -27,6 +27,7 @@
-
- #include
- #include
-+#include
-
- ConfigurationData::ConfigurationData()
- {
fraqtive-0.4.8.orig/src/fractalgenerator.h
-+++ fraqtive-0.4.8/src/fractalgenerator.h
-@@ -22,6 +22,7 @@
- #include
- #include
- #include
-+#include
-
- #include "abstractjobprovider.h"
- #include "datastructures.h"
diff -Nru fraqtive-0.4.8/debian/patches/series
fraqtive-0.4.8.1/debian/patches/series
--- fraqtive-0.4.8/debian/patches/series2023-01-12 11:07:55.0
+0100
+++ fraqtive-0.4.8.1/debian/patches/series 2023-03-13 12:00:59.0
+0100
@@ -1,5 +1,3 @@
01-desktop-keywords.diff
02-spelling-error.diff
-03-use-qt5.diff
-04-fix-includes.diff
05-fix-ftbfs.diff
diff -Nru fraqtive-0.4.8/.gitignore fraqtive-0.4.8.1/.gitignore
--- fraqtive-0.4.8/.gitignore 1970-01-01 01:00:00.0 +0100
+++ fraqtive-0.4.8.1/.gitignore 2023-03-06 09:30:22.0 +0100
@@ -0,0 +1,12 @@
+debug
+release
+src/fraqtive_pch.h.cpp
+src/fraqtive.vcxproj
+src/fraqtive.vcxproj.filters
+src/fraqtive.vcxproj.user
+tmp
+.qmake.stash
+config.pri
+configure-msvc.bat
+fraqtive.sln
+fraqtive.v12.suo
diff -Nru fraqtive-0.4.8/src/configurationdata.cpp
fraqtive-0.4.8.1/src/configurationdata.cpp
--- fraqtive-0.4.8/src/configurationdata.cpp2015-01-24 15:43:13.643143000
+0100
+++ fraqtive-0.4.8.1/
Bug#1033554: unblock: mlt/7.14.0-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package mlt First I am very sorry for this mess! I missunderstood the text in the time of the soft freeze and thought key packages with autopkgtests only and that non key-packages will still migrate after 20 days.. After I have done those uploads I still wanted to see in bookworm it was already too late.. My fault and also a good hint for me to indroduce autopkgtests in my packages So the problem is now, mlt 7.14 about 7.12 has some fixed bugs and improvided ffmpeg support for further releases. And now it is already in unstable.. Sorry.. I have done this update along with kdenlive (unblock for it follows), because it has a bugfix release. Which is not complicated, but if you dont see a chance to let 7.14 to bookworm I had for example to do a upload of kdenlive directly to testing? [ Reason ] Several fixed bugs. [ Impact ] It is uploaded to unstable, could be problematic for the release process (dependencies) if updates are required. [ Tests ] I have tested mlt on my system along with kdenlive. [ Risks ] It is a new upstream release, which also introduces new features, compability with ffmpeg 6.0 (which would be nice for later backports in bookworm), risk that something new could break something else. But it looks good from my view [ Checklist ] [x] all changes are documented in the d/changelog [y] I reviewed all changes and I approve them (as possible for myself with the upstream code) [x] attach debdiff against the package in testing unblock mlt/7.14.0-1 mlt.debdiff.gz Description: application/gzip
Bug#1033219: unblock: ghostscript/10.0.0~dfsg-10
Control: tags -1 + confirmed Hi Håvard On Sun, 26 Mar 2023 at 22:18, Håvard F. Aasen wrote: > The fix is for making the package cross-buildable, not sure what more > to tell you. I was hoping for some motivation as to why we needed this fix now during the freeze, but not to worry, Helmut has already convinced me. I have confirmed that building ghostscript with and without your patch produces identical binary packages. Regards Graham
Processed: Re: Bug#1033219: unblock: ghostscript/10.0.0~dfsg-10
Processing control commands: > tags -1 + confirmed Bug #1033219 [release.debian.org] unblock: ghostscript/10.0.0~dfsg-10 Added tag(s) confirmed. -- 1033219: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033219 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
NEW changes in stable-new
Processing changes file: openvswitch_2.15.0+ds1-2+deb11u3_mips64el-buildd.changes ACCEPT
