Bug#1052324: marked as done (nmu: glom_1.30.4-7+b3)
Your message dated Thu, 21 Sep 2023 07:38:49 +0200 with message-id and subject line Re: Bug#1052324: nmu: glom_1.30.4-7+b3 has caused the Debian Bug report #1052324, regarding nmu: glom_1.30.4-7+b3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1052324: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052324 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu X-Debbugs-Cc: g...@packages.debian.org Control: affects -1 + src:glom Please binnmu glom: nmu glom_1.30.4-7+b3 . ANY . unstable . -m "Rebuild against postgresql-16." Thanks, Christoph --- End Message --- --- Begin Message --- On 2023-09-20 14:14:17 +0200, Christoph Berg wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: binnmu > X-Debbugs-Cc: g...@packages.debian.org > Control: affects -1 + src:glom > > Please binnmu glom: > > nmu glom_1.30.4-7+b3 . ANY . unstable . -m "Rebuild against postgresql-16." Scheduled Cheers -- Sebastian Ramacher--- End Message ---
Bug#1052363: bullseye-pu: cups/2.3.3op2-3+deb11u4
Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu The attached debdiff for cups fixes CVE-2023-4504 and CVE-2023-32360 in Bullseye. These CVEs have been marked as no-dsa by the security team, but at least CVE-2023-32360 got anRC bug (#1051953). Thorsten PS: There already is 2.3.3op2-3+deb11u3 in P-Udiff -Nru cups-2.3.3op2/debian/changelog cups-2.3.3op2/debian/changelog --- cups-2.3.3op2/debian/changelog 2023-06-24 10:54:05.0 +0200 +++ cups-2.3.3op2/debian/changelog 2023-09-19 21:20:27.0 +0200 @@ -1,3 +1,12 @@ +cups (2.3.3op2-3+deb11u4) bullseye; urgency=medium + + * CVE-2023-4504 +Postscript parsing heap-based buffer overflow + * CVE-2023-32360 (Closes: #1051953) +authentication issue + + -- Thorsten Alteholz Tue, 19 Sep 2023 21:20:27 +0200 + cups (2.3.3op2-3+deb11u3) bullseye; urgency=medium * CVE-2023-34241 (Closes: #1038885) diff -Nru cups-2.3.3op2/debian/cups-daemon.NEWS cups-2.3.3op2/debian/cups-daemon.NEWS --- cups-2.3.3op2/debian/cups-daemon.NEWS 2023-06-22 23:22:40.0 +0200 +++ cups-2.3.3op2/debian/cups-daemon.NEWS 2023-09-19 21:20:27.0 +0200 @@ -1,3 +1,11 @@ +cups (2.4.2-6) unstable; urgency=low + + In case this is not a fresh installation of cups, please double check + whether your cupsd.conf really does contain the limitiation for + "CUPS-Get-Document" (see patch 0019-CVE-2023-32360.patch) + + -- Thorsten Alteholz Tue, 19 Sep 2023 21:20:27 +0200 + cups (2.1.4-3) unstable; urgency=low The default ErrorPolicy is changed from 'stop-printer' to 'retry-job', diff -Nru cups-2.3.3op2/debian/NEWS.Debian cups-2.3.3op2/debian/NEWS.Debian --- cups-2.3.3op2/debian/NEWS.Debian1970-01-01 01:00:00.0 +0100 +++ cups-2.3.3op2/debian/NEWS.Debian2023-09-19 21:20:27.0 +0200 @@ -0,0 +1,7 @@ +cups (2.4.2-6) unstable; urgency=low + + In case this is not a fresh installation of cups, please double check + whether your cupsd.conf really does contain the limitiation for + "CUPS-Get-Document" (see patch 0019-CVE-2023-32360.patch) + + -- Thorsten Alteholz Tue, 19 Sep 2023 21:20:27 +0200 diff -Nru cups-2.3.3op2/debian/patches/0019-CVE-2023-32360.patch cups-2.3.3op2/debian/patches/0019-CVE-2023-32360.patch --- cups-2.3.3op2/debian/patches/0019-CVE-2023-32360.patch 1970-01-01 01:00:00.0 +0100 +++ cups-2.3.3op2/debian/patches/0019-CVE-2023-32360.patch 2023-09-19 21:20:27.0 +0200 @@ -0,0 +1,27 @@ +From: Thorsten Alteholz +Date: Wed, 20 Sep 2023 23:21:42 +0200 +Subject: CVE-2023-32360 + +--- + conf/cupsd.conf.in | 8 +++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/conf/cupsd.conf.in b/conf/cupsd.conf.in +index 09059dc..67d1c8b 100644 +--- a/conf/cupsd.conf.in b/conf/cupsd.conf.in +@@ -65,7 +65,13 @@ WebInterface @CUPS_WEBIF@ + Order deny,allow + + +- ++ ++Require user @OWNER @SYSTEM ++Order deny,allow ++ ++ ++ ++AuthType Default + Require user @OWNER @SYSTEM + Order deny,allow + diff -Nru cups-2.3.3op2/debian/patches/0020-CVE-2023-4504.patch cups-2.3.3op2/debian/patches/0020-CVE-2023-4504.patch --- cups-2.3.3op2/debian/patches/0020-CVE-2023-4504.patch 1970-01-01 01:00:00.0 +0100 +++ cups-2.3.3op2/debian/patches/0020-CVE-2023-4504.patch 2023-09-19 21:20:27.0 +0200 @@ -0,0 +1,33 @@ +From: Thorsten Alteholz +Date: Wed, 20 Sep 2023 23:22:44 +0200 +Subject: CVE-2023-4504 + +--- + cups/raster-interpret.c | 14 +- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/cups/raster-interpret.c b/cups/raster-interpret.c +index fbe52f3..89ef158 100644 +--- a/cups/raster-interpret.c b/cups/raster-interpret.c +@@ -1113,7 +1113,19 @@ scan_ps(_cups_ps_stack_t *st, /* I - Stack */ + + cur ++; + +-if (*cur == 'b') ++ /* ++ * Return NULL if we reached NULL terminator, a lone backslash ++* is not a valid character in PostScript. ++ */ ++ ++ if (!*cur) ++ { ++*ptr = NULL; ++ ++return (NULL); ++ } ++ ++ if (*cur == 'b') + *valptr++ = '\b'; + else if (*cur == 'f') + *valptr++ = '\f'; diff -Nru cups-2.3.3op2/debian/patches/series cups-2.3.3op2/debian/patches/series --- cups-2.3.3op2/debian/patches/series 2023-06-24 10:54:05.0 +0200 +++ cups-2.3.3op2/debian/patches/series 2023-09-19 21:20:27.0 +0200 @@ -16,3 +16,5 @@ 0016-Fix-certificate-comparison-CVE-2022-26691.patch 0017-CVE-2023-32324.patch 0018-CVE-2023-34241.patch +0019-CVE-2023-32360.patch +0020-CVE-2023-4504.patch
Bug#1052361: bookworm-pu: cups/2.4.2-3+deb12u2
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu The attached debdiff for cups fixes CVE-2023-4504 and CVE-2023-32360 in Bookworm. These CVEs have been marked as no-dsa by the security team, but at least CVE-2023-32360 got an RC bug (#1051953). Thorstendiff -Nru cups-2.4.2/debian/changelog cups-2.4.2/debian/changelog --- cups-2.4.2/debian/changelog 2023-06-24 10:54:05.0 +0200 +++ cups-2.4.2/debian/changelog 2023-09-19 21:20:27.0 +0200 @@ -1,3 +1,12 @@ +cups (2.4.2-3+deb12u2) bookworm; urgency=medium + + * CVE-2023-4504 +Postscript parsing heap-based buffer overflow + * CVE-2023-32360 (Closes: #1051953) +authentication issue + + -- Thorsten Alteholz Tue, 19 Sep 2023 21:20:27 +0200 + cups (2.4.2-3+deb12u1) bookworm; urgency=medium * CVE-2023-34241 (Closes: #1038885) diff -Nru cups-2.4.2/debian/cups-daemon.NEWS cups-2.4.2/debian/cups-daemon.NEWS --- cups-2.4.2/debian/cups-daemon.NEWS 2023-06-22 23:22:40.0 +0200 +++ cups-2.4.2/debian/cups-daemon.NEWS 2023-09-19 21:20:27.0 +0200 @@ -1,3 +1,11 @@ +cups (2.4.2-6) unstable; urgency=low + + In case this is not a fresh installation of cups, please double check + whether your cupsd.conf really does contain the limitiation for + "CUPS-Get-Document" (see patch 0015-CVE-2023-32360.patch) + + -- Thorsten Alteholz Tue, 19 Sep 2023 21:20:27 +0200 + cups (2.1.4-3) unstable; urgency=low The default ErrorPolicy is changed from 'stop-printer' to 'retry-job', diff -Nru cups-2.4.2/debian/NEWS.Debian cups-2.4.2/debian/NEWS.Debian --- cups-2.4.2/debian/NEWS.Debian 1970-01-01 01:00:00.0 +0100 +++ cups-2.4.2/debian/NEWS.Debian 2023-09-19 21:20:27.0 +0200 @@ -0,0 +1,7 @@ +cups (2.4.2-6) unstable; urgency=low + + In case this is not a fresh installation of cups, please double check + whether your cupsd.conf really does contain the limitiation for + "CUPS-Get-Document" (see patch 0015-CVE-2023-32360.patch) + + -- Thorsten Alteholz Tue, 19 Sep 2023 21:20:27 +0200 diff -Nru cups-2.4.2/debian/patches/0015-CVE-2023-4504.patch cups-2.4.2/debian/patches/0015-CVE-2023-4504.patch --- cups-2.4.2/debian/patches/0015-CVE-2023-4504.patch 1970-01-01 01:00:00.0 +0100 +++ cups-2.4.2/debian/patches/0015-CVE-2023-4504.patch 2023-09-19 21:20:27.0 +0200 @@ -0,0 +1,33 @@ +From: Thorsten Alteholz +Date: Wed, 20 Sep 2023 04:55:44 +0200 +Subject: CVE-2023-4504 + +--- + cups/raster-interpret.c | 14 +- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/cups/raster-interpret.c b/cups/raster-interpret.c +index fbe52f3..89ef158 100644 +--- a/cups/raster-interpret.c b/cups/raster-interpret.c +@@ -1113,7 +1113,19 @@ scan_ps(_cups_ps_stack_t *st, /* I - Stack */ + + cur ++; + +-if (*cur == 'b') ++ /* ++ * Return NULL if we reached NULL terminator, a lone backslash ++* is not a valid character in PostScript. ++ */ ++ ++ if (!*cur) ++ { ++*ptr = NULL; ++ ++return (NULL); ++ } ++ ++ if (*cur == 'b') + *valptr++ = '\b'; + else if (*cur == 'f') + *valptr++ = '\f'; diff -Nru cups-2.4.2/debian/patches/0016-CVE-2023-32360.patch cups-2.4.2/debian/patches/0016-CVE-2023-32360.patch --- cups-2.4.2/debian/patches/0016-CVE-2023-32360.patch 1970-01-01 01:00:00.0 +0100 +++ cups-2.4.2/debian/patches/0016-CVE-2023-32360.patch 2023-09-19 21:20:27.0 +0200 @@ -0,0 +1,27 @@ +From: Thorsten Alteholz +Date: Wed, 20 Sep 2023 04:56:47 +0200 +Subject: CVE-2023-32360 + +--- + conf/cupsd.conf.in | 8 +++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/conf/cupsd.conf.in b/conf/cupsd.conf.in +index b258849..a07536f 100644 +--- a/conf/cupsd.conf.in b/conf/cupsd.conf.in +@@ -68,7 +68,13 @@ IdleExitTimeout @EXIT_TIMEOUT@ + Order deny,allow + + +- ++ ++Require user @OWNER @SYSTEM ++Order deny,allow ++ ++ ++ ++AuthType Default + Require user @OWNER @SYSTEM + Order deny,allow + diff -Nru cups-2.4.2/debian/patches/series cups-2.4.2/debian/patches/series --- cups-2.4.2/debian/patches/series2023-06-24 10:54:05.0 +0200 +++ cups-2.4.2/debian/patches/series2023-09-19 21:20:27.0 +0200 @@ -12,3 +12,5 @@ 0012-add-pt.patch 0013-CVE-2023-32324.patch 0014-CVE-2023-34241.patch +0015-CVE-2023-4504.patch +0016-CVE-2023-32360.patch
Bug#1052357: RM: openbox-menu/0.8.0+hg20161009-3.1
Control: reassign -1 ftp.debian.org On 20-09-2023 21:55, Mateusz Łukasik wrote: Package: release.debian.org Dear release team, I would like to request the removal of the openbox-menu package (which I maintain) from repository. This is handled by the ftp masters, hence reassigning. (We only handle testing, stable and oldstable). This solution stopped being developed in 2016, temporarily came back to life in 2021, but the code was available in a different place as before. Repositoryhas currently been archived by the developer. The biggest problem is based on gtk2, see #967668, the package has already been removed from testing (see #1029201). Paul OpenPGP_signature.asc Description: OpenPGP digital signature
Processed: Re: Bug#1052357: RM: openbox-menu/0.8.0+hg20161009-3.1
Processing control commands: > reassign -1 ftp.debian.org Bug #1052357 [release.debian.org] RM: openbox-menu/0.8.0+hg20161009-3.1 Bug reassigned from package 'release.debian.org' to 'ftp.debian.org'. Ignoring request to alter found versions of bug #1052357 to the same values previously set Ignoring request to alter fixed versions of bug #1052357 to the same values previously set -- 1052357: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052357 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1052357: RM: openbox-menu/0.8.0+hg20161009-3.1
Package: release.debian.org Severity: normal User:release.debian@packages.debian.org Usertags: rm X-Debbugs-Cc: openbox-m...@packages.debian.org Control: affects -1 + src:openbox-menu Dear release team, I would like to request the removal of the openbox-menu package (which I maintain) from repository.This solution stopped being developed in 2016, temporarily came back to life in 2021, but the code was available in a different place as before. Repositoryhas currently been archived by the developer. The biggest problem is based on gtk2, see #967668, the package has already been removed from testing (see #1029201). -- .''`. Mateusz Łukasik : :' : l0calh0st.pl `. `' Debian Member -mat...@linuxmint.pl `-GPG: D93B 0C12 C8D0 4D7A AFBC FA27 CCD9 1D61 11A0 6851
Processed: RM: openbox-menu/0.8.0+hg20161009-3.1
Processing control commands: > affects -1 + src:openbox-menu Bug #1052357 [release.debian.org] RM: openbox-menu/0.8.0+hg20161009-3.1 Added indication that 1052357 affects src:openbox-menu -- 1052357: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052357 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1049325: marked as done (bullseye-pu: netatalk/3.1.12~ds-8+deb11u1)
Your message dated Wed, 20 Sep 2023 14:29:59 + with message-id and subject line Will be in upcoming security release has caused the Debian Bug report #1049325, regarding bullseye-pu: netatalk/3.1.12~ds-8+deb11u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1049325: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049325 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: jo...@jones.dk This is a batch of patches that resolves a number of CVE vulnerabilities for netatalk, plus a number of regressions that were subsequently fixed in upstream (indicated by part/regression patches). They originate in upstream releases between 3.1.13 through 3.1.15. With the exception of the very last regression fix (CVE-2022-23123_part6.patch) they are all in the unstable netatalk package. CVE-2022-45188 CVE-2022-43634 CVE-2022-23125 CVE-2022-23124 CVE-2022-23123 CVE-2022-23122 CVE-2022-23121 CVE-2022-0194 CVE-2021-31439 For complete transparency: Please note that the patch for CVE-2022-23123 also fixes CVE-2022-23122, CVE-2022-23124, CVE-2022-0194, which is why the latter three don't have separate patches. The Security Team has already applied this exact patchset on buster-security (3.1.12~ds-3+deb10u3), and instructed me to file this release request against oldstable. We have an active userbase that leverages netatalk for file sharing with fleets of legacy Mac clients in production environments, so I consider it prudent to keep oldstable up to date with security patches. Is this enough to make a case for uploading an update to oldstable? Sincerely, Daniel Markstedt netatalk-3.1.12~ds-8+deb11u1.patch Description: Binary data --- End Message --- --- Begin Message --- Closing this since the Security Team is preparing to make a security release for Bullseye with CVE-2023-42464 and the other patches.--- End Message ---
Bug#1052325: bookworm-pu: package systemd/252.17-1~deb12u1
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian.org at packages.debian.org Usertags: pu X-Debbugs-Cc: pkg-systemd-maintain...@lists.alioth.debian.org Dear Release Team, We would like to upload the latest stable point release of systemd 252 to bookworm-p-u. Stable release branches are maintained upstream with the intention of providing bug fixes only and no compatibility breakages, and with automated non-trivial CI jobs that also cover Debian and Ubuntu. I have already uploaded to p-u. The only fix in this release is for a minor security advisory that affects systemd-boot on arm64/riscv64 on EFI with secure-boot enabled (which debian doesn't provide for sd-boot at all, so only affects local self-signed deployments). Details at: https://github.com/systemd/systemd/security/advisories/GHSA-6m6p-rjcq-334c Debdiff attached. No packaging changes. -- Kind regards, Luca Boccassi diff -Nru systemd-252.16/debian/changelog systemd-252.17/debian/changelog --- systemd-252.16/debian/changelog 2023-09-09 02:24:49.0 +0100 +++ systemd-252.17/debian/changelog 2023-09-20 13:15:14.0 +0100 @@ -1,3 +1,11 @@ +systemd (252.17-1~deb12u1) bookworm; urgency=medium + + * New upstream version 252.17. Fixes minor security issue in arm64 +and riscv64 systemd-boot (EFI) with device tree blobs loading: +https://github.com/systemd/systemd/security/advisories/GHSA-6m6p-rjcq-334c + + -- Luca Boccassi Wed, 20 Sep 2023 13:15:14 +0100 + systemd (252.16-1~deb12u1) bookworm; urgency=medium * New upstream version 252.16 diff -Nru systemd-252.16/src/boot/efi/boot.c systemd-252.17/src/boot/efi/boot.c --- systemd-252.16/src/boot/efi/boot.c 2023-09-09 02:21:12.0 +0100 +++ systemd-252.17/src/boot/efi/boot.c 2023-09-20 10:14:24.0 +0100 @@ -2402,7 +2402,9 @@ if (err != EFI_SUCCESS) return log_error_status_stall(err, L"Error loading %s: %r", entry->loader, err); -if (entry->devicetree) { +/* DTBs are loaded by the kernel before ExitBootServices, and they can be used to map and assign + * arbitrary memory ranges, so skip it when secure boot is enabled as the DTB here is unverified. */ +if (entry->devicetree && !secure_boot_enabled()) { err = devicetree_install(, image_root, entry->devicetree); if (err != EFI_SUCCESS) return log_error_status_stall(err, L"Error loading %s: %r", entry->devicetree, err); signature.asc Description: This is a digitally signed message part
Processed: nmu: glom_1.30.4-7+b3
Processing control commands: > affects -1 + src:glom Bug #1052324 [release.debian.org] nmu: glom_1.30.4-7+b3 Added indication that 1052324 affects src:glom -- 1052324: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052324 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1052324: nmu: glom_1.30.4-7+b3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu X-Debbugs-Cc: g...@packages.debian.org Control: affects -1 + src:glom Please binnmu glom: nmu glom_1.30.4-7+b3 . ANY . unstable . -m "Rebuild against postgresql-16." Thanks, Christoph
Bug#1052239: transition: ocaml
Control: tags -1 = confirmed On 2023-09-20 09:12:43 +0200, Stéphane Glondu wrote: > Dear Sebastian, > > Le 20/09/2023 à 08:48, Sebastian Ramacher a écrit : > > > I recompiled the OCaml world with it: > > > > > >http://ocaml.debian.net/transitions/ocaml-4.14.1/ > > > > Based on https://release.debian.org/transitions/html/ocaml.html, > > diffoscope is involved in both the ocaml and the uncoordinated haskell > > transitions. Do we need rebuilds of diffoscope for ocaml? > > Why does it matter? > > diffoscope uses ocaml tools to look into ocaml objects, it doesn't depend on > ocaml ABI AFAIK. Although there indeed was #1002678 last time, I > test-compiled diffoscope with the new ocaml version and it built fine. > > Therefore, I don't think we need rebuilds of diffoscope. Good. Please go ahead Cheers -- Sebastian Ramacher
Processed: Re: Bug#1052239: transition: ocaml
Processing control commands: > tags -1 = confirmed Bug #1052239 [release.debian.org] transition: ocaml Added tag(s) confirmed; removed tag(s) moreinfo. -- 1052239: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052239 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1050223: marked as done (RM: r-cran-rgdal/1.6-7+dfsg-1)
Your message dated Wed, 20 Sep 2023 07:41:57 + with message-id and subject line Re: Bug#1050223: RM: r-cran-rgdal/1.6-7+dfsg-1 has caused the Debian Bug report #1050223, regarding RM: r-cran-rgdal/1.6-7+dfsg-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1050223: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050223 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm X-Debbugs-Cc: r-cran-rg...@packages.debian.org, 1049...@bugs.debian.org Control: affects -1 + src:r-cran-rgdal Hi, as per upstream https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049438#31 rgdal will run out of upstream support soon. Since the package created failures with newer upstream versions of other packages (see bug #1049438) it should be removed from testing. Kind regards Andreas. --- End Message --- --- Begin Message --- r-cran-rgdal/1.6-7+dfsg-1 removed from testing and block hint added.--- End Message ---
Bug#1052239: transition: ocaml
Le 20/09/2023 à 09:27, Sebastian Ramacher a écrit : Based on https://release.debian.org/transitions/html/ocaml.html, diffoscope is involved in both the ocaml and the uncoordinated haskell transitions. Do we need rebuilds of diffoscope for ocaml? Why does it matter? If we would need them, diffoscope would entangle both transitions. As haskell is currently showing no progress, both transitions would be stuck in unstable indefinitely. diffoscope doesn't seem really affected by the haskell transition either... Maybe it is related in the same way as ocaml? It does appear in the permanent transition trackers because the "affected" criteria is very broad there, but my guess is that it wouldn't appear in more targeted trackers. As far as progress is concerned, I guess haskell and/or ocaml support can be (temporarily) removed from diffoscope, if a "stuck" condition arises, de-entangling everything. Cheers, -- Stéphane
Bug#1052239: transition: ocaml
On 2023-09-20 09:12:43 +0200, Stéphane Glondu wrote: > Dear Sebastian, > > Le 20/09/2023 à 08:48, Sebastian Ramacher a écrit : > > > I recompiled the OCaml world with it: > > > > > >http://ocaml.debian.net/transitions/ocaml-4.14.1/ > > > > Based on https://release.debian.org/transitions/html/ocaml.html, > > diffoscope is involved in both the ocaml and the uncoordinated haskell > > transitions. Do we need rebuilds of diffoscope for ocaml? > > Why does it matter? If we would need them, diffoscope would entangle both transitions. As haskell is currently showing no progress, both transitions would be stuck in unstable indefinitely. Cheers -- Sebastian Ramacher
Bug#1052239: transition: ocaml
Dear Sebastian, Le 20/09/2023 à 08:48, Sebastian Ramacher a écrit : I recompiled the OCaml world with it: http://ocaml.debian.net/transitions/ocaml-4.14.1/ Based on https://release.debian.org/transitions/html/ocaml.html, diffoscope is involved in both the ocaml and the uncoordinated haskell transitions. Do we need rebuilds of diffoscope for ocaml? Why does it matter? diffoscope uses ocaml tools to look into ocaml objects, it doesn't depend on ocaml ABI AFAIK. Although there indeed was #1002678 last time, I test-compiled diffoscope with the new ocaml version and it built fine. Therefore, I don't think we need rebuilds of diffoscope. Cheers, -- Stéphane
Processed: Re: Bug#1052253: transition: libunibreak
Processing control commands: > tags -1 confirmed Bug #1052253 [release.debian.org] transition: libunibreak Added tag(s) confirmed. -- 1052253: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052253 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1052253: transition: libunibreak
Control: tags -1 confirmed On 2023-09-19 16:57:48 +0200, Pino Toscano wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > X-Debbugs-Cc: libunibr...@packages.debian.org > Control: affects -1 + src:libunibreak > > Hi, > > I'd like to request a transition slot for the much needed update of the > libunibreak library (from 1.1 to 5.1). Please go ahead. Cheers -- Sebastian Ramacher
Bug#1052239: transition: ocaml
Control: tags -1 moreinfo On 2023-09-19 13:24:42 +0200, Stéphane Glondu wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > X-Debbugs-Cc: oc...@packages.debian.org > Control: affects -1 + src:ocaml > > Dear Release Team, > > I uploaded ocaml 4.14.1 to experimental, and it built successfully on > all release architectures. > > I recompiled the OCaml world with it: > > http://ocaml.debian.net/transitions/ocaml-4.14.1/ Based on https://release.debian.org/transitions/html/ocaml.html, diffoscope is involved in both the ocaml and the uncoordinated haskell transitions. Do we need rebuilds of diffoscope for ocaml? Cheers -- Sebastian Ramacher
Processed: Re: Bug#1052239: transition: ocaml
Processing control commands: > tags -1 moreinfo Bug #1052239 [release.debian.org] transition: ocaml Added tag(s) moreinfo. -- 1052239: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052239 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems