Bug#961441: buster-pu: package libclamunrar/0.102.3-0+deb10u1

On 2020-05-28 21:56:25 [+0100], Adam D. Barratt wrote: > Please feel free to go ahead. The NEW queue has been passed. > Regards, > > Adam Sebastian

Bug#961439: buster-pu: package clamav/0.102.3+dfsg-0+deb10u1

On 2020-06-01 18:52:49 [+0100], Adam D. Barratt wrote: > > Were you assuming that libclamunrar would also be in that set, or just > clamav itself? Please go ahead with Clamav. I will ping the libclamunrar bug once it got through NEW. > Regards, > > Adam Sebastian

Bug#961442: stretch-pu: package libclamunrar/0.102.3-0+deb9u1

On 2020-05-28 22:10:38 [+0100], Adam D. Barratt wrote: > Please go ahead. thx, uploaded. > Regards, > > Adam > Sebastian

Bug#961440: stretch-pu: package clamav/0.102.3+dfsg-0~deb9u1

On 2020-05-27 22:17:28 [+0100], Adam D. Barratt wrote: > Please go ahead. thx, uploaded. > Regards, > > Adam Sebastian

Bug#961439: buster-pu: package clamav/0.102.3+dfsg-0+deb10u1

On 2020-05-27 22:16:11 [+0100], Adam D. Barratt wrote: > Please go ahead. thx, uploaded. > Was the intent that the updates be pushed via -updates? Yes, please. If you need any additional information please let me know. > Regards, > > Adam > Sebastian

Bug#961441: buster-pu: package libclamunrar/0.102.3-0+deb10u1

On 2020-05-28 21:56:25 [+0100], Adam D. Barratt wrote: > Please feel free to go ahead. thx, uploaded. > Regards, > > Adam Sebastian

Bug#961441: buster-pu: package libclamunrar/0.102.3-0+deb10u1

On 2020-05-27 22:28:44 [+0100], Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Sun, 2020-05-24 at 17:47 +0200, Sebastian Andrzej Siewior wrote: > > As part of this update I also introduce the `libclamunrar' package > > which only purpose is to depend on libcl

Re: Bug#961441: Acknowledgement (buster-pu: package libclamunrar/0.102.3-0+deb10u1)

Hi, I opened two bugs regarding libcamunrar on deb9/10 which did not make it to the list due to the size of the attached diff. This is Bug#961441 for Buster and Bug#961442 for Stretch. Sebastian

Bug#961440: stretch-pu: package clamav/0.102.3+dfsg-0~deb9u1

n/changelog --- clamav-0.102.2+dfsg/debian/changelog 2020-02-22 14:43:26.0 +0100 +++ clamav-0.102.3+dfsg/debian/changelog 2020-05-22 22:36:49.0 +0200 @@ -1,3 +1,12 @@ +clamav (0.102.3+dfsg-0~deb9u1) stretch; urgency=medium + + * Import 0.102.3 + - CVE-2020-3327 (A vulnerability

Bug#961439: buster-pu: package clamav/0.102.3+dfsg-0+deb10u1

+dfsg/debian/changelog clamav-0.102.3+dfsg/debian/changelog --- clamav-0.102.2+dfsg/debian/changelog 2020-02-22 14:39:45.0 +0100 +++ clamav-0.102.3+dfsg/debian/changelog 2020-05-22 22:32:31.0 +0200 @@ -1,3 +1,12 @@ +clamav (0.102.3+dfsg-0+deb10u1) buster; urgency=medium + + * Import

Bug#959469: buster-pu: package openssl/1.1.1g-1

On 2020-05-02 20:32:01 [+0100], Adam D. Barratt wrote: > On Sat, 2020-05-02 at 18:36 +0200, Sebastian Andrzej Siewior wrote: > > I'm fairly late, I know. > > Just a little. :-( Particularly as OpenSSL builds udebs. > > CCing KiBi and -boot so they're aware of the discussion,

Re: Bug#959469: buster-pu: package openssl/1.1.1g-1

On 2020-05-02 18:36:42 [+0200], To sub...@bugs.debian.org wrote: > Package: release.debian.org > User: release.debian@packages.debian.org > Usertags: pu > Tags: buster > Severity: normal > > I'm fairly late, I know. > The last update was addressed via DSA providing only a patch for the CVE >

Bug#951871: buster-pu: package clamav/0.102.2+dfsg-0+deb10u1

On 2020-02-22 22:31:21 [+], Adam D. Barratt wrote: > > How does this seem for an SUA snippet? perfect. Thank you. > Regards, > > Adam Sebastian

Bug#951871: buster-pu: package clamav/0.102.2+dfsg-0+deb10u1

On 2020-02-22 19:33:53 [+], Adam D. Barratt wrote: > I guess the intent is to push this via stable-updates? Yes, please. If you need something, please let us know. > Regards, > > Adam Sebastian

Bug#946557: buster-pu: package clamav/0.102.1+dfsg-0+deb10u1

On December 29, 2019 11:30:51 AM UTC, "Adam D. Barratt" wrote: >> I slightly updated the package to >> - add the new `clamonacc' binary to the clamav-daemon package. >> - remove the `ScanOnAccess' option from the postinst/debconf script. >> The option is deprecated and the functionality moved

Bug#946558: stretch-pu: package clamav/0.102.1+dfsg-0+deb9u1

ovides this functionality. - -- Sebastian Andrzej Siewior Sun, 08 Dec 2019 22:05:51 +0100 + -- Sebastian Andrzej Siewior Mon, 23 Dec 2019 21:07:34 +0100 clamav (0.101.4+dfsg-0+deb9u1) stretch; urgency=medium diff --git a/debian/clamav-daemon.config.in b/debian/clamav-daemon.config.in index 6

Bug#946557: buster-pu: package clamav/0.102.1+dfsg-0+deb10u1

Sebastian Andrzej Siewior Sun, 08 Dec 2019 12:40:16 +0100 + -- Sebastian Andrzej Siewior Mon, 23 Dec 2019 21:04:45 +0100 clamav (0.101.4+dfsg-0+deb10u1) buster; urgency=medium diff --git a/debian/clamav-daemon.config.in b/debian/clamav-daemon.config.in index 60bef89..131336c 100644 --- a/debi

Bug#946557: buster-pu: package clamav/0.102.1+dfsg-0+deb10u1

On 2019-12-11 10:46:36 [+0100], Christoph Berg wrote: > Re: Sebastian Andrzej Siewior 2019-12-10 > <20191210224647.dk4svg65hleftr7r@flow> > > +clamav (0.101.4+dfsg-0+deb10u1) buster; urgency=medium > > + > > + - update symbols file (bump to 101.4 and drop unu

Bug#946558: stretch-pu: package clamav/0.102.1+dfsg-0+deb9u1

test "x$XML_LIBS" = "x"; then +if test "x$XML_LIBS" = "x"; then CL_MSG_STATUS([libxml2 ],[no],[]) else CL_MSG_STATUS([libxml2 ],[yes, from $XML_HOME],[]) diff -Nru clamav-0.101.2+dfsg/debian/changelog clamav-0.101.4+dfsg/debian/changelog

Bug#941451: buster-pu: package python-cryptography/2.6.1-3+deb10u1

-maintainer upload. + * Backport two patches to fix the testsute with newer openssl. + * Ignore test_load_ecdsa_no_named_curve in the testsuite because it known to +break with newer openssl (Closes: #940547). + + -- Sebastian Andrzej Siewior Mon, 30 Sep 2019 20:55:00 +0200 + python

Bug#941452: stretch-pu: package python-cryptography/1.7.1-3+deb9u2

(Closes: #940547). + + -- Sebastian Andrzej Siewior Mon, 30 Sep 2019 20:58:11 +0200 + python-cryptography (1.7.1-3+deb9u1) stretch; urgency=medium * Remove BIO_callback_ctrl: The prototype differs with the OpenSSL's diff -Nru python-cryptography-1.7.1/debian/patches/series python

Bug#935707: buster-pu: package clamav/0.101.4+dfsg-0+deb10u1

On 2019-08-25 15:00:21 [+0100], Adam D. Barratt wrote: > Please go ahead. thanks, both packages are uploaded. > Regards, > > Adam > Sebastian

Bug#935708: stretch-pu: package clamav/0.101.4+dfsg-0+deb9u1

"x$XML_LIBS" = "x"; then CL_MSG_STATUS([libxml2 ],[no],[]) else CL_MSG_STATUS([libxml2 ],[yes, from $XML_HOME],[]) diff -Nru clamav-0.101.2+dfsg/debian/changelog clamav-0.101.4+dfsg/debian/changelog --- clamav-0.101.2+dfsg/debian/changelog 2019-04-05 22:07:01.00

Bug#935445: stretch-pu: package dansguardian/2.10.1.1-5.1+deb9u2

dansguardian-2.10.1.1/debian/changelog --- dansguardian-2.10.1.1/debian/changelog +++ dansguardian-2.10.1.1/debian/changelog @@ -1,3 +1,10 @@ +dansguardian (2.10.1.1-5.1+deb9u2) stretch; urgency=medium + + * Non-maintainer upload. + * Add support for clamav 0.101 (Closes: #923981). + + -- Sebastian Andrzej

Bug#935368: stretch-pu: package c-icap-modules/0.4.4-1+deb9u1

upload. + * Add support for clamav 0.101.1 (Closes: #919814). + + -- Sebastian Andrzej Siewior Sun, 10 Mar 2019 22:00:14 +0100 + c-icap-modules (1:0.4.4-1) unstable; urgency=medium * New upstream release diff -Nru c-icap-modules-0.4.4/debian/control c-icap-modules-0.4.4/debian/control

Bug#935366: stretch-pu: package havp/0.92a-4+deb9u1

to match + + -- Sebastian Andrzej Siewior Sun, 10 Mar 2019 17:30:34 +0100 + havp (0.92a-4) unstable; urgency=medium [ Andreas Cadhalpun ] diff -Nru havp-0.92a/debian/control havp-0.92a/debian/control --- havp-0.92a/debian/control 2015-07-31 22:54:50.0 +0200 +++ havp-0.92a/debian/control

Bug#935369: stretch-pu: package libclamunrar/0.101.2-0+deb9u1

m4_include([m4/reorganization/code_checks/unit_tests.m4]) diff -Nru libclamunrar-0.101.1/debian/changelog libclamunrar-0.101.2/debian/changelog --- libclamunrar-0.101.1/debian/changelog 2019-03-10 17:09:59.0 +0100 +++ libclamunrar-0.101.2/debian/changelog 2019-04-06 20:25:19.00

Bug#935367: stretch-pu: package python-clamav/0.4.1-8+deb9u1

] + * Add d/p/python-clamav-add-support-for-clamav-0.101.0.patch to that +python-clamav builds/works with clamav 101.1 and newer (Closes: #920959) + * Bump libclamav-dev build-depends to match + + -- Sebastian Andrzej Siewior Sun, 10 Mar 2019 20:49:14 +0100 + python-clamav (0.4.1-8) unstable

Bug#924278: stretch-pu: package clamav/0.100.2+dfsg-0+deb9u1

On 2019-08-20 23:45:18 [+0100], Adam D. Barratt wrote: > > and then open p-u bugs > > for the transition? > > Is anything required beyond binNMUs of r-deps? I tried to highight this in the first email of this bug: |It affects the following packages as part of the transistion which |require a

Bug#924278: stretch-pu: package clamav/0.100.2+dfsg-0+deb9u1

On 2019-08-20 22:18:28 [+0100], Adam D. Barratt wrote: > Indeed, and then we dropped the ball again. :-( > > Let's get this going. So I upload the here promissed Stretch package and then open p-u bugs for the transition? > Regards, > > Adam Sebastian

Re: Bug#934359: clamav: ZIP bomb causes extreme CPU spikes

On 2019-08-10 09:39:22 [+0200], Hugo Lefeuvre wrote: > Source: clamav > Version: 0.101.2+dfsg-3 > Severity: important > Tags: security upstream > Forwarded: https://bugzilla.clamav.net/show_bug.cgi?id=12356 > > Hi, > > clamav is affected by a DoS vulnerability caused by crafted, extremely >

Bug#934094: buster-pu: package clamav/0.101.2+dfsg-1+deb10u1

1.2+dfsg-1+deb10u1) buster; urgency=medium + + * Cherry-pick a fix from 0.101.3 to address a vulnerability to +non-recursive zip bombs. + + -- Sebastian Andrzej Siewior Tue, 06 Aug 2019 22:07:01 +0200 + clamav (0.101.2+dfsg-1) unstable; urgency=high * Import 0.101.2 diff -Nru clamav-0.

Bug#930221: unblock: m2crypto/ 0.31.0-3.1

was fixed in OpenSSL 1.1.1c (Closes: #929903). + + -- Sebastian Andrzej Siewior Sat, 08 Jun 2019 12:35:11 +0200 + m2crypto (0.31.0-3) unstable; urgency=medium * add 0002-tests-test_ssl-use-ciphercuites-for-TLS1.3-cipher-in.patch diff -Nru m2crypto-0.31.0/debian/patches/0003-Remove-duplicate

Bug#930194: unblock: openssl/1.1.1c-1

On 2019-06-08 10:22:54 [+0200], Paul Gevers wrote: > Control: tags -1 moreinfo > > Hi Sebastian, Hi Paul, > Can you please elaborate why this version meets the freeze policy, or > why it should get an exception? In the text above there is no mention at > all of serious bugs that get fixed.

Bug#930194: unblock: openssl/1.1.1c-1

Package: release.debian.org User: release.debian@packages.debian.org Usertags: unblock Severity: normal Please unblock package openssl. The updated package is the `c' version, which is the latest upstream release for the 1.1.1 series. This update causes a regresion in the m2crypto test suite

Bug#914591: stretch-pu: package python-cryptography/1.7.1-3

On 2019-04-15 08:50:52 [+0100], Adam D. Barratt wrote: > OK, thanks for the confirmation. > > Please go ahead. uploaded. > Regards, > > Adam Sebastian

Bug#914591: stretch-pu: package python-cryptography/1.7.1-3

On 2019-04-14 21:08:46 [+0100], Adam D. Barratt wrote: > On Sun, 2018-11-25 at 13:49 +0100, Sebastian Andrzej Siewior wrote: > > With the intention of pushing OpenSSL 1.1.0j into Stretch here is the > > proposed change for python-cryptography. > > The package python-cryptograp

Bug#919043: nmu: ckermit_302-5.3 (stretch)

On 2019-04-14 11:28:59 [+0100], Adam D. Barratt wrote: > In the interest of keeping things moving, please feel free to go ahead. thanks, uploaded. > Adam Sebastian

Bug#919043: nmu: ckermit_302-5.3 (stretch)

On 2019-04-13 22:25:19 [+0100], Adam D. Barratt wrote: > On Fri, 2019-02-15 at 00:04 +0100, Sebastian Andrzej Siewior wrote: > > I'm proposing this attached debdiff. > > For testing I compiled it against libssl1.0-dev 1.0.2j-5 and then > > upgraded to the version pro

Bug#926170: unblock: libclamunrar/0.101.2-1

ganization/code_checks/mpool.m4]) m4_include([m4/reorganization/code_checks/unit_tests.m4]) diff -Nru libclamunrar-0.101.1/debian/changelog libclamunrar-0.101.2/debian/changelog --- libclamunrar-0.101.1/debian/changelog 2019-02-28 23:57:23.0 +0100 +++ libclamunrar-0.101.2/debian/cha

Bug#924278: stretch-pu: package clamav/0.100.2+dfsg-0+deb9u1

On 2019-03-10 23:55:55 [+0100], To sub...@bugs.debian.org wrote: > We would like to update clamav in stable to 0.101.1 which is the latest > release provided by upstream. > This won't be as easy as it was previously because it will trigger a > transistion (libclamav7 -> libclamav9) in stable

Re: Bug#924278: stretch-pu: package clamav/0.100.2+dfsg-0+deb9u1

On 2019-03-10 23:55:55 [+0100], To sub...@bugs.debian.org wrote: > Package: release.debian.org > User: release.debian@packages.debian.org > Usertags: pu > Tags: stretch > Severity: normal This is just a short notice that this bug has been filled and it did not make to d-release@l.d.o because

Bug#922004: transition: clamav

On 2019-02-27 20:56:00 [+], Niels Thykier wrote: > Please go ahead. :) The transition looks complete. > Thanks, > ~Niels Sebastian

Bug#919043: nmu: ckermit_302-5.3 (stretch)

n-maintainer upload. + * Drop check openssl compile time version vs runtime version +(Closes: #917485). + + -- Sebastian Andrzej Siewior Thu, 14 Feb 2019 23:35:55 +0100 + ckermit (302-5.3) unstable; urgency=medium * Non-maintainer upload. diff -Nru ckermit-302/debian/patches/

Bug#914591: stretch-pu: package python-cryptography/1.7.1-3

On 2019-02-08 12:55:28 [+], Adam D. Barratt wrote: > Hi, Hi, > Apologies for the delay in getting back to you on this. no worries. > On 2018-11-25 12:49, Sebastian Andrzej Siewior wrote: > > Any feedback from the python team is welcome. > > Was there any feedback?

Bug#919043: nmu: ckermit_302-5.3 (stretch)

On 2019-01-12 13:25:12 [+0100], Andreas Beckmann wrote: > For #917485: > A proper fix to the package should drop this misleading line from the error > message and tighten the dependencies on libssl1.x.y unless the requirement can > be softened. a proper dependecy on libssl1.0-dev does the magic.

Bug#916884: [britney2] Does not consider B-D for migration to testing

On 2018-12-20 13:12:53 [+0200], Adrian Bunk wrote: > That's a duplicate of #145257. I've been tol to file that bug. > It used to be a lot worse, but has recently been fixed for binary-any > so only build dependencies for binary-all packages are left affected > by this bug. Okay. > I have an

Bug#916884: [britney2] Does not consider B-D for migration to testing

Package: release.debian.org User: release.debian@packages.debian.org Usertags: britney Severity: normal Britney does not look at build dependencies before migrating a package. Therefore it can migrate a package to testing which build-depends did not yet migrate. As a result this package can

Bug#871056: transition: openssl

On 2018-11-17 11:55:54 [+0100], Emilio Pozuelo Monfort wrote: > There's also kde4libs #858937. This got fixed and migrated to testing. Could we please get rid of libssl1.0.2 in testing? I have a RC bug against it so it should not reenter. > Emilio Sebastian

Bug#914591: stretch-pu: package python-cryptography/1.7.1-3

On 2018-11-25 13:49:15 [+0100], To sub...@bugs.debian.org wrote: diff -Nru python-cryptography-1.7.1/debian/changelog python-cryptography-1.7.1/debian/changelog --- python-cryptography-1.7.1/debian/changelog 2017-05-28 04:20:33.0 +0200 +++ python-cryptography-1.7.1/debian/changelog

Bug#914591: stretch-pu: package python-cryptography/1.7.1-3

. It has no +users. + + -- Sebastian Andrzej Siewior Sun, 02 Sep 2018 15:17:35 +0200 + python-cryptography (1.7.1-3) unstable; urgency=medium * Apply patch 6e7ea2e7 from upstream to fix compilation against OpenSSL diff -Nru python-cryptography-1.7.1/debian/patches/Remove

Bug#871056: transition: openssl

On 2018-02-25 10:59:57 [+0100], Emilio Pozuelo Monfort wrote: > We're getting close. According to the transition tracker, the remaining rdeps > in > testing are: … > kopete - no fix upstream, optional for jingle (call) support in XMPP … This is the last one in testing. kopete's #858938 has been

Bug#911186: stretch-pu: package clamav/0.100.1+dfsg-0+deb9u1

On 2018-10-20 10:42:06 [+0100], Adam D. Barratt wrote: > On Wed, 2018-10-17 at 00:26 +0200, Sebastian Andrzej Siewior wrote: > > clamav upstream published a new version which contains security > > relevant bug fixes, one of them has CVE-2018-15378 assigned. > > Is the expect

Bug#911186: stretch-pu: package clamav/0.100.1+dfsg-0+deb9u1

--- clamav-0.100.1+dfsg/debian/changelog 2018-07-21 13:13:59.00000 +0200 +++ clamav-0.100.2+dfsg/debian/changelog2018-10-12 23:44:44.0 +0200 @@ -1,3 +1,14 @@ +clamav (0.100.2+dfsg-0+deb9u1) stretch; urgency=medium + + * Import new upstream +- Bump symbol version d

Bug#911101: nmu: kannel-sqlbox_0.7.2-5

Package: release.debian.org User: release.debian@packages.debian.org Usertags: binnmu Severity: normal Hi, kannel-sqlbox was uploaded slightly after kannel 1.4.5-2. On most architectures, kannel-sqlbox was built against newer kannel-dev resulting in a dependency on libssl1.1. On a few

Bug#891872: transition: curl

On 2018-07-31 21:40:25 [+0200], To Emilio Pozuelo Monfort wrote: > On 2018-07-28 10:11:47 [+0200], Emilio Pozuelo Monfort wrote: > > We never break packages in testing (unless it's a critical situation, and > > this > > obviously isn't). Also the cruft package in unstable doesn't hurt much, so >

Bug#907906: stretch-pu: package openssl/1.1.0f-3+deb9u2

+- Fix segfault ERR_clear_error (Closes: #903566) +- Fix commandline option for CAengine (Closes: #907457) + * Abort the build if symbols are discovered which are not part of the +symbols file. + + -- Sebastian Andrzej Siewior Mon, 03 Sep 2018 23:59:02 +0200 + openssl (1.1.0f-3+deb9

Bug#891872: transition: curl

On 2018-07-28 10:11:47 [+0200], Emilio Pozuelo Monfort wrote: > We never break packages in testing (unless it's a critical situation, and this > obviously isn't). Also the cruft package in unstable doesn't hurt much, so it > can be left around for a while longer. What we want to do here is to get

Bug#904199: stretch-pu: package clamav/ 0.100.0+dfsg-0+deb9u2

On 2018-07-29 22:01:20 [+0100], Adam D. Barratt wrote: > > ClamAV is an AntiVirus toolkit for Unix. > > Upstream published version 0.100.1. > > This is a mostly a bug-fix release. The changes are not strictly > required for operation, but users of the previous version in stretch > may not be

Bug#904199: stretch-pu: package clamav/ 0.100.0+dfsg-0+deb9u2

On 2018-07-28 09:24:28 [+0100], Adam D. Barratt wrote: > Was the intent that the package would be pushed via -updates? Yes, please. If you need additinal information I can provide then on Sunday evening. > Regards, > > Adam Sebastian

Bug#891872: transition: curl

On 2018-07-25 10:47:50 [+0200], Emilio Pozuelo Monfort wrote: > > Any suggestions from the D-Science folks? > > Maybe send this to the scilab bug rather than the curl transition one? I Cced the scilab folks. I was more interrested in the release team's opinion if it is worth fixing those and get

Bug#891872: transition: curl

On 2018-07-19 00:39:27 [+0200], To Emilio Pozuelo Monfort wrote: > - scilab > rebuilt everywhere except for i386. Plus > #891351 [G| | ] [scilab] scilab segfaults at startup > #875790 [S|⛺+| ] [src:scilab] scilab: depends on openjdk-8 > #884033 [S| |☣] [scilab] scilab segfaults

Bug#904213: stretch-pu: package libclamunrar/0.99-3+deb9u1

spack ],[yes],[$mspack_msg]) if test "x$XML_LIBS" = "x"; then CL_MSG_STATUS([libxml2 ],[no],[]) else CL_MSG_STATUS([libxml2 ],[yes, from $XML_HOME],[]) fi CL_MSG_STATUS([yara],[$enable_yara],[$enable_yara]) +CL_MSG_STATUS([fts ],[yes],[$lfs

Bug#891872: transition: curl

On 2018-05-28 17:43:15 [+0200], Emilio Pozuelo Monfort wrote: > Let's go with this. I'll schedule the binNMUs soon. atm we have: - netsurf (sid only) #867694 [G| | ] [netsurf-fb] netsurf-fb: Completely unusable due to missing dependencies, symlinks and documentation #859230 [S| | ]

Bug#903005: stretch-pu: package clamav/0.100.0+dfsg-0+deb9u1

On 2018-07-05 06:25:45 [+0100], Adam D. Barratt wrote: > Please go ahead. uploaded, thanks. > Regards, > > Adam Sebastian

Bug#903005: stretch-pu: package clamav/0.100.0+dfsg-0+deb9u1

g-0+deb9u2) stretch; urgency=medium + + * Don't fail on recently removed config options (Closes: #902290). + + -- Sebastian Andrzej Siewior Wed, 04 Jul 2018 23:14:43 +0200 + clamav (0.100.0+dfsg-0+deb9u1) stretch; urgency=medium [ Sebastian Andrzej Siewior ] diff -Nru clamav-0.100.0+dfsg/debia

Re: New Clamav pu for Stretch/Jessie

On 2018-05-05 10:17:54 [+0100], Adam D. Barratt wrote: > Hi, Hi, > Was the intent was for the packages to be pushed to -updates, or are > you happy with them reaching users with the next point releases? I am happy with waiting until the next point release. Thank you for asking :) > Regards, >

New Clamav pu for Stretch/Jessie

Hi, I filled #896918 and #896919 for stretch-pu / jessie-pu. The bugs did not make it to the list due to their size. https://bugs.debian.org/896918 https://bugs.debian.org/896919 Sebastian

Bug#891972: Bug#89197[24]: stretch/jessie-pu: package clamav/0.99.2+dfsg-6+deb[89]u1

On 2018-03-03 16:02:37 [+0100], To sub...@bugs.debian.org wrote: > Package: release.debian.org > User: release.debian@packages.debian.org > Usertags: pu > Tags: stretch > Severity: normal > > Clamav upstream released 0.99.4 on 2018-03-01 fixing five CVEs [0]. I > mention only two of them

Bug#888552: stretch-pu: package clamav/0.99.2+dfsg-6+b1

On 2018-01-28 18:20:36 [+], Adam D. Barratt wrote: > > Please go ahead. uploaded. > Regards, > > Adam Sebastian

Bug#888553: jessie-pu: package clamav/0.99.2+dfsg-0+deb8u2

On 2018-01-28 18:21:35 [+], Adam D. Barratt wrote: > Please go ahead. uploaded > Regards, > > Adam Sebastian

Bug#888553: jessie-pu: package clamav/0.99.2+dfsg-0+deb8u2

On 2018-01-27 02:07:51 [+0100], To sub...@bugs.debian.org wrote: >diff -Nru clamav-0.99.2+dfsg/debian/libclamav7.symbols >clamav-0.99.2+dfsg/debian/libclamav7.symbols >--- clamav-0.99.2+dfsg/debian/libclamav7.symbols 2016-05-19 >18:40:20.0 +0200 >+++

Bug#888552: stretch-pu: package clamav/0.99.2+dfsg-6+b1

s: #888484): +- fixes for the following CVE's: CVE-2017-6418, CVE-2017-6420, + CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377, + CVE-2017-12378, CVE-2017-12379, CVE-2017-12380. + * Bump symbol version of cl_retflevel because CL_FLEVEL changed. + + -- Sebastian Andrz

Bug#888553: jessie-pu: package clamav/0.99.2+dfsg-0+deb8u2

12375, CVE-2017-12376, CVE-2017-12377, + CVE-2017-12378, CVE-2017-12379, CVE-2017-12380. + * Bump symbol version of cl_retflevel because CL_FLEVEL changed. + * Cherry-pick patch from bb11549 to fix a temp file cleanup issue +(Closes: #824196). + + -- Sebastian Andrzej Siewi

Re: Proposed (lib)curl switch to openssl 1.1

On 2017-11-23 17:09:09 [+0200], Adrian Bunk wrote: > On Thu, Nov 23, 2017 at 01:57:58PM +, Ian Jackson wrote: > > 2. For the reason just mentioned, it might be a good idea to put in a > >Breaks against old versions of packages using > >CURLOPT_SSL_CTX_FUNCTION. However, (a) I am not

Bug#876314: stretch-pu: package trace-cmd/2.6-0.1+b1

On 23 September 2017 18:52:20 CEST, Jonathan Wiltshire wrote: >I appreciate your diligence. Please go ahead. thanks, uploaded. > >Thanks, Sebastian

Bug#871056: transition: openssl

On 2017-09-13 18:51:43 [+0200], Emilio Pozuelo Monfort wrote: > tags 871056 confirmed > thanks just noticed that this bug has been confirmed. Does this mean anything for the openssl transition? Usually this confirmed comes with "Go ahead" which leads to an upload to unstable and the severity of

Bug#871056: Qt4 in the context of OpenSSL 1.0 removal

On 2017-08-26 16:44:34 [-0300], Lisandro Damián Nicanor Pérez Meyer wrote: > Hi! src:qt4-x11 is not listed in the transition but it's definitely using > libssl (although trough dllopen). It is. The other qt-related bugs are: #828522 [i| |♔] [src:qt4-x11] qt4-x11: FTBFS with openssl 1.1.0

Bug#876314: stretch-pu: package trace-cmd/2.6-0.1+b1

upload. + * Fix segfault while processing certain trace files (Closes: #867440). + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Wed, 20 Sep 2017 21:51:23 +0200 + trace-cmd (2.6-0.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru trace-cmd-2.6/debian/patche

Bug#871056: transition: openssl

Package: release.debian.org User: release.debian@packages.debian.org Usertags: transition Severity: normal This transition should be the final one to get libssl1.0.2 out of unstable for Buster and move all libssl1.0-dev users back to libssl-dev. There are new 1.0-users comming from to time.

Bug#867328: jessie-pu: package libclamunrar/0.99-0+deb8u3

) oldstable; urgency=medium + + * Cherry pick fix for arbitrary memory write. CVE-2012-6706 +(Closes: #867223). + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Wed, 05 Jul 2017 21:20:40 +0200 + libclamunrar (0.99-0+deb8u2) stable; urgency=medium * Add patches from up

Bug#867248: stretch-pu: package libclamunrar/0.99-3+deb9u1

) stable; urgency=medium + + * Cherry pick fix for arbitrary memory write. CVE-2012-6706 +(Closes: #867223). + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Wed, 05 Jul 2017 08:30:54 +0200 + libclamunrar (0.99-3) unstable; urgency=medium * Add a fixup for bb11601. dif

Bug#861686: unblock: openssl/1.1.0e-2

On 2017-05-07 16:39:00 [+], Niels Thykier wrote: > Sebastian Andrzej Siewior: > > uploaded and built on all releases architectures. > > Ack/RT unblock, CC'ing KiBi for a d-i ack. I don't want to rush or anything but in case it got forgotten, we are still waiting for the d-i

Bug#861686: unblock: openssl/1.1.0e-2

Control: tag -1 - moreinfo On 2017-05-02 20:24:19 [+0100], Jonathan Wiltshire wrote: > > Yes, please go ahead and remove the moreinfo tag when it is ready to > unblock. uploaded and built on all releases architectures. Sebastian

Bug#861686: unblock: openssl/1.1.0e-2

.0e/debian/changelog --- openssl-1.1.0e/debian/changelog 2017-02-16 18:57:58.0 +0100 +++ openssl-1.1.0e/debian/changelog 2017-05-01 21:50:37.0 +0200 @@ -1,3 +1,9 @@ +openssl (1.1.0e-2) unstable; urgency=medium + + * Make openssl depend on perl-base (Closes: #860254) + +

Bug#827061: transition: openssl

On 2017-02-22 00:46:56 [+0100], Emilio Pozuelo Monfort wrote: > Thanks. Investigating the rest would be good. I guess most of those are just > for So I made a list by the time I received that email I just managed to work through it. I check most of them manually but by the end of it I hacked

Bug#827061: transition: openssl

On 2017-02-22 00:46:56 [+0100], Emilio Pozuelo Monfort wrote: > > There are 78 packages in the unkown state. The first few I looked could > > actually have their libssl-dev dependency dropped. khtml is the first > > one which looked wrong. I will open a bug about that later. I didn't get > > any

Bug#827061: transition: openssl

On 2017-01-28 19:37:09 [+0100], Julien Cristau wrote: > At this point, it seems clear to me that we're getting nowhere fast. > With the freeze looming in a few days, this is growing to be a very big > risk for the stretch release. Where do we stand on the openssl transition from the perspective

Bug#855813: unblock: pound/2.7-1.3

) unstable; urgency=medium + + * Non-maintainer upload. + * Build it with libssl1.0-dev for Jessie (Closes: #828511). + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Sun, 19 Feb 2017 15:13:02 +0100 + pound (2.7-1.2) unstable; urgency=medium * Include .orig.tar.gz in upload. dif

Bug#855341: unblock: mini-httpd/1.23-1.2

On 2017-02-18 12:22:06 [+0100], Emilio Pozuelo Monfort wrote: > Go ahead, and ping us when it has been accepted and built. it is built everywhere. > Thanks, > Emilio Sebastian

Bug#855534: unblock: multiple packages, didn't make it to testing due to openssl1.1

Package: release.debian.org User: release.debian@packages.debian.org Usertags: unblock Severity: normal I hope it is okay, to open one bug instead of three: - libdigidoc removed from testing [0] not sure why. Adrian Bunk NMUed it to to build with libssl1.0-dev - h323plus got removed

Bug#855476: nmu: last rebuilds against openssl1.1

Package: release.debian.org User: release.debian@packages.debian.org Usertags: binnmu Severity: normal The following binNMU should move the remaining packages which are still linked against libssl1.0.2 in the archive to libssl1.1. Each one of them built successfully against openssl 1.1.0e

Bug#855161: unblock: transgui/5.0.1-4.1

On 2017-02-15 00:10:47 [+0100], Emilio Pozuelo Monfort wrote: > > I prepared an NMU upload to /2 and will reschedule until you are fine > > with it :) > > LGTM. in the meantime it built on every architecture on which it successfully built before. > Emilio Sebastian

Bug#855341: unblock: mini-httpd/1.23-1.2

-16 23:14:13.0 +0100 @@ -1,3 +1,10 @@ +mini-httpd (1.23-1.2) unstable; urgency=medium + + * Non-maintainer upload. + * Bring back lost HTTPS support (Closes: #818474). + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Thu, 16 Feb 2017 23:14:13 +0100 + mini-httpd (1.

Bug#855161: unblock: transgui/5.0.1-4.1

+(Closes: #855007, #839863). + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Tue, 14 Feb 2017 21:12:57 +0100 + transgui (5.0.1-4) unstable; urgency=medium * Remove error message when opening containing folder (Closes: #811289) diff -Nru transgui-5.0.1/debian/control tr

Bug#854155: unblock: openssl/1.1.0d-2

On 2017-02-13 18:01:34 [+0100], Emilio Pozuelo Monfort wrote: > On 04/02/17 15:20, Sebastian Andrzej Siewior wrote: > > Package: release.debian.org > > User: release.debian@packages.debian.org > > Usertags: unblock > > Severity: normal > > > > Plea

Bug#854412: unblock: tpm-tools/1.3.9-0.1

On 2017-02-06 21:35:00 [+], Niels Thykier wrote: > Ok, please go ahead with the upload. thank you. Uploaded & built. > For the next time: Please consider providing a filtered debdiff leaving > out auto-generated noise (just remember to include information about > what exactly you have

Re: unblock: tpm-tools/1.3.9-0.1

On 2017-02-06 21:18:53 [+0100], Sebastian Andrzej Siewior wrote: > Package: release.debian.org > User: release.debian@packages.debian.org > Usertags: unblock > Severity: normal > > Please unblock package tpm-tools which is not yet uploaded. The debdiff > is against th

Bug#854154: unblock: libesmtp/1.0.6-4.2

.0 +0100 +++ libesmtp-1.0.6/debian/changelog 2017-01-31 23:51:33.0 +0100 @@ -1,3 +1,10 @@ +libesmtp (1.0.6-4.2) unstable; urgency=medium + + * Non-maintainer upload. + * Drop "-lssl -lcrypto" from exported libs flags (Closes: #852884). + + -- Sebastian Andrzej Siewior <

Bug#854151: unblock: libapache2-mod-auth-cas/1.1-2.1

) unstable; urgency=medium + + * Non-maintainer upload. + * Build depend open OpenSSL 1.0 for Stretch (Closes: #850883). + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Tue, 31 Jan 2017 21:23:57 +0100 + libapache2-mod-auth-cas (1.1-2) unstable; urgency=medium * Update con

<    1   2   3   >