e tags. I'll reply to this instead of starting
over.
> On Tue, 2023-10-17 at 07:32 -0400, Jay Berkenbilt wrote:
> > The attached patch to qpdf 11.3.0 fixes a bug that could potentially
> > result in loss of data. I'd like permission from the release team to
> > . . .
> >
>
&
ase let me know if I should proceed with an update to stable.
--Jay Berkenbilt (a.k.a. q...@debian.org)--- libqpdf/QPDFTokenizer.cc.orig 2023-10-17 07:19:31.829119946 -0400
+++ libqpdf/QPDFTokenizer.cc 2023-10-17 07:20:55.689510562 -0400
@@ -739,17 +739,22 @@
void
QPDFTokenizer::inCharCo
Yeah, that's what what I decided to do. Thanks.
On Thu, Apr 9, 2020, at 2:08 PM, Florian Weimer wrote:
> * Jay Berkenbilt:
>
> > I'm about to release qpdf 10. Someone contributed an openssl crypto
> > provider. Do you think I should build with the qpdf packages for
> > de
on anyone's system since openssl
is basically always going to be there.
Opinions welcome. Thanks!
On Sun, Nov 10, 2019, at 9:10 PM, Jay Berkenbilt wrote:
> Okay, thanks for all the response, public and private. There seems to be
> broad consensus to use the gnutls crypto and disable the native o
500, Jay Berkenbilt wrote:
> > I am the upstream author and the debian maintainer of qpdf.
> >
> > At the request of RedHat, I have made an enhancement to qpdf that
> > allows an external library to be used for crypto functions rather than
> > using qpdf's native
I am the upstream author and the debian maintainer of qpdf.
At the request of RedHat, I have made an enhancement to qpdf that
allows an external library to be used for crypto functions rather than
using qpdf's native crypto implementations. The qpdf library includes
code to compute hashes with
On Mon, May 27, 2019 at 4:14 PM Paul Gevers wrote:
> Control: tags -1 moreinfo
>
> On Sun, 19 May 2019 20:43:29 -0400 Jay Berkenbilt wrote:
> > The changes between qpdf 8.4.0 and 8.4.2 are bug fixes, but I am
> > asking for consideration because this update includes f
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
The latest version of qpdf includes an soname bump. The qpdf
transition is very small. The only other source package with a
dependency on libqpdf is cups-filters. qpdf 6.0.0 with
I am not going to be able to handle the ICU transition and am looking
for a new maintainer for ICU (an RFA is open). Whoever takes over ICU
will have to manage the transition to whatever version of ICU is current
at the time, and it will have to be handled after jessie is released.
--
To
+++ icu-52.1/debian/changelog 2015-01-21 21:47:39.0 -0500
@@ -1,3 +1,10 @@
+icu (52.1-7) unstable; urgency=high
+
+ * Patch to CVE-2014-6591, CVE-2014-6585 a font parsing bug.
+(Closes: #775884)
+
+ -- Jay Berkenbilt q...@debian.org Wed, 21 Jan 2015 21:33:19 -0500
+
icu (52.1-6) unstable
-9330. (Closes: #773987)
+
+ -- Jay Berkenbilt q...@debian.org Tue, 30 Dec 2014 11:32:04 -0500
+
tiff (4.0.3-11) unstable; urgency=medium
* Don't crash on JPEG = non-JPEG conversion (Closes: #741451)
diff -Nru tiff-4.0.3/debian/patches/CVE-2014-9330.patch tiff-4.0.3/debian/patches/CVE-2014-9330
the fix!
+
+ -- Jay Berkenbilt q...@debian.org Tue, 23 Dec 2014 15:51:40 -0500
+
tiff (4.0.3-10) unstable; urgency=medium
* Remove libtiff4-dev, completing the tiff transition. Packages that
diff -Nru tiff-4.0.3/debian/patches/jpeg-colorspace.patch tiff-4.0.3/debian/patches/jpeg-colorspace.patch
with no /Content in the page dictionary,
enabling printing of files with blank pages as produced by some
software. (Closes: #769599)
-- Jay Berkenbilt q...@debian.org Fri, 14 Nov 2014 21:07:25 -0500
--
unblock qpdf/5.1.2-2
-- System Information:
Debian Release: jessie/sid
APT prefers
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
ICU version 53 is out, and this is the latest version of ICU that will
be available before the freeze for Jesse, so this will be the only
remaining ICU transition the Jesse freeze.. (ICU
Emilio Pozuelo Monfort po...@debian.org wrote:
On 23/06/14 21:20, Jay Berkenbilt wrote:
There are 27 packages (including 1 pending upload) left that still
have build dependencies on libtiff4-dev:
https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=libtiff4-dev;users=q...@debian.org
they will be FTBFS. I'm thinking most people
will probably fix their packages soon after this, and I can work on NMUs
for the rest after a little more time. I think we should act soon if we
want go get the libtiff4-dev transitional out of the archive before
jessie.
Any objections?
--
Jay Berkenbilt q
to request removal?
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/20140122153512.0235710083.qww314...@jberkenbilt-linux.appiancorp.com
Adam D. Barratt a...@adam-barratt.org.uk wrote:
On 2013-12-21 14:49, Adam D. Barratt wrote:
On 2013-12-20 22:02, Jay Berkenbilt wrote:
Adam D. Barratt a...@adam-barratt.org.uk wrote:
Before giving a final ack, please could you provide a source
debdiff of
the package you're proposing
that the current vips in jessie and sid are not affected by this
problem, nor is the version in squeeze. This problem only affects the
version in wheezy.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble
Adam D. Barratt a...@adam-barratt.org.uk wrote:
Before giving a final ack, please could you provide a source debdiff of
the package you're proposing to upload, preferably versioned as 7.28.5-1
+deb7u1?
Attached. Thanks!
--
Jay Berkenbilt q...@debian.org
diff -Nru vips-7.28.5/debian
is installed on all architectures now. Thanks!
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/20131204082445.0398451667.qww314
Julien Cristau jcris...@debian.org wrote:
On Tue, Dec 3, 2013 at 16:02:17 -0500, Jay Berkenbilt wrote:
If you're good with this plan, give me the word, and I will do the
upload. I can probably take care of the mass bug filing...I can script
it locally unless you have a quick way to do
Julien Cristau jcris...@debian.org wrote:
Hi Jay,
first, sorry for not handling this sooner.
Apology accepted. I know you guys have too much to do and not enough
resources.
On Fri, Jul 26, 2013 at 11:33:03 -0400, Jay Berkenbilt wrote:
Rationale for not keeping libtiff4-dev
I neglected to mention that ICU 5.2 is packaged and in experimental.
When I get the green light from the release team to upload, it should be
ready to go.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
I'd like to upgrade the version of ICU from 4.8 to 52. They changed
their version numbering scheme essentially multiplying everything by 10.
We skipped a few versions (49, 50, 51)
and will go with your modification unless someone
tells me not to.
I am assuming this is not an invitation to proceed yet, right? I am
holding off on doing it until I actually get an explicit go-ahead. If
I'm supposed to take this as a green light, please let me know.
--
Jay Berkenbilt q...@debian.org
Package: release.debian.org
Usertags: transition
I have uploaded qpdf 5.0.0-2 to unstable. This is a transition from
libqpdf10 to libqpdf13. It's source compatible, and the one package
(cups-filters) that build depends on libqpdf-dev just needs a binary
NMU. (I'm not even sure I have to tell
team to get this done at the appropriate time and in the
appropriate way.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org
make libtiff5-dev an alias
to libtiff5-alt-dev, assuming they do not reply to that suggestion from
this message.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
forward. Thanks.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130601145540.0542213282.qww314159@soup
I'm not sure where the tiff transition falls on your long list, but I
thought I'd add a little more information on what issues we may
encounter.
Jay Berkenbilt q...@debian.org wrote:
Wasting no time, I'd like to remind the release team that I'm really
hoping Jessie will ship with only one
better that I have overlooked.
I'd obviously like to get on this as soon as possible, but I understand
that there are many competing priorities and will certainly work with
the release team to get this done at the appropriate time and in the
appropriate way.
--
Jay Berkenbilt q...@debian.org
-0400
+++ icu-4.8.1.1/debian/changelog 2013-03-21 11:29:08.0 -0400
@@ -1,3 +1,10 @@
+icu (4.8.1.1-12) unstable; urgency=high
+
+ * Add patch to address CVE-2013-0900, a threading race condition.
+(Closes: #702346)
+
+ -- Jay Berkenbilt q...@debian.org Thu, 21 Mar 2013 11:29:08 -0400
:37:40.0 -0500
+++ icu-4.8.1.1/debian/changelog 2013-03-16 14:58:26.0 -0400
@@ -1,3 +1,10 @@
+icu (4.8.1.1-11) unstable; urgency=medium
+
+ * Fix crash on rendering incremental Malayalam text input. Thanks Colin
+Watson. (Closes: #702982)
+
+ -- Jay Berkenbilt q...@debian.org
:35.0 -0500
@@ -1,3 +1,11 @@
+tiff3 (3.9.6-11) unstable; urgency=high
+
+ * Fix /usr/share/doc symlink to directory transition. When upgrading
+from very old versions (pre 3.8.2-8), /usr/share/doc may contain
+symbolic links that should be removed. (Closes: #699041)
+
+ -- Jay Berkenbilt q
-15 06:13:58.0 -0500
@@ -1,3 +1,11 @@
+tiff3 (3.9.6-10) unstable; urgency=high
+
+ * Add fix for CVE-2012-5581, reimplementing DOTRANGE handling to make it
+safer. Thanks to Red Hat security team for backporting the fix.
+(Closes: #694693)
+
+ -- Jay Berkenbilt q...@debian.org Sat
to prepare this upload. (Closes: #692345)
+
+ -- Jay Berkenbilt q...@debian.org Sat, 17 Nov 2012 12:40:25 -0500
+
tiff (4.0.2-4) unstable; urgency=high
* Previous change was uploaded with the wrong CVE number. I updated the
diff -Nru tiff-4.0.2/debian/patches/CVE-2012-4564.patch tiff-4.0.2
package that fixes an important bug and that can go into wheezy
through unstable, I believe it should be eligible for an unblock
request. The debdiff is attached. Thanks for considering it.
--
Jay Berkenbilt q...@debian.org
diff -Nru icu-4.8.1.1/debian/changelog icu-4.8.1.1/debian/changelog
--- icu
was a few
seconds too late. So those versions only lived a few minutes. The bug
was only reported against the tiff package but affects both tiff and
tiff3.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble
the repackaging of the
upstream source tarball, which was basically just to remove the
offending files. Then I added a patch to fix the Makefile to remove
references to those files, refreshed the other patches with quilt
refresh -p1, and updated the watch file to add dversionmangle.
--
Jay
At the request of Ansgar Burchardt, I re-uploaded ICU with xz
compression to save space on the first CD. The upload includes no other
changes. I'm requesting a freeze exception for this version.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ
Adam D. Barratt a...@adam-barratt.org.uk wrote:
On Tue, 2012-08-14 at 08:49 -0400, Jay Berkenbilt wrote:
At the request of Ansgar Burchardt, I re-uploaded ICU with xz
compression to save space on the first CD. The upload includes no other
changes. I'm requesting a freeze exception
Jonathan Nieder jrnie...@gmail.com wrote:
Hi,
Jay Berkenbilt wrote:
Okay, I've attached two files here. The first is a copy of
version-symbols.patch with the real changes, so this excludes the
changes to the regenerated configure file. The second file is a source
debdiff.
I am
Jay Berkenbilt q...@debian.org wrote:
Okay, I've attached two files here. The first is a copy of
version-symbols.patch with the real changes, so this excludes the
changes to the regenerated configure file. The second file is a source
debdiff. . . .
If it looks good, I'll proceed
should work for the version of tiff in stable.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120721214405.1487172600.qww314159
in the versioned library.
If it looks good, I'll proceed with the upload.
--
Jay Berkenbilt q...@debian.org
Index: qpdf-2.3.1/autoconf.mk.in
===
--- qpdf-2.3.1.orig/autoconf.mk.in 2011-12-28 17:19:40.0 -0500
+++ qpdf-2.3.1/autoconf.mk.in
versions enabled
regardless, and as I said, there are no packages in the archive at all,
let alone library packages, that currently depend on qpdf.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble
for
libtool to link with the correct -ltiff. This situation will cause
lintian errors, but the problem will go away after the libtiff
transition is complete.
-- Jay Berkenbilt q...@debian.org, Thu, 24 May 2012 15:50:07 -0400
--
Again, I
really like to find a
solution so that vips and nip2 (among others) can have bigtiff support
before wheezy.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive
Cyril Brulebois k...@debian.org wrote:
Hi Jay,
Jay Berkenbilt q...@debian.org (19/05/2012):
Can you think of any reason that this could possibly cause any harm?
I don't think it will since it won't have any impact at all on
packages that don't explicitly build depend on libtiff5-alt-dev
Julien Cristau jcris...@debian.org wrote:
On Sun, Jan 29, 2012 at 07:05:25 -0500, Jay Berkenbilt wrote:
[snip]
Any objections to this plan? I would probably wait until after wheezy
to work on removal of tiff3, but I guess we could move libtiff-dev to
libtiff5-dev sooner than that if lots
Julien Cristau jcris...@debian.org wrote:
On Mon, Feb 20, 2012 at 09:56:58 -0500, Jay Berkenbilt wrote:
Do I have to do anything to ask for all tiff reverse dependencies to be
automatically rebuild (other than mentioning it here)? I expect the
uploads within half an hour.
I'll take care
Jay Berkenbilt q...@debian.org wrote:
[please cc me on responses; I am not subscribed to debian-release]
I have uploaded tiff3_3.9.5-3 with libtiff4, libtiff4-dev, and
libtiffxx0c2 and tiff_4.0.0-1 with libtiff5, libtiff-dev, libtiffxx5,
libtiff-tools, libtiff-doc, and libtiff-opengl
team know that they can start binary NMUs of everything that
links with tiff.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org
Julien Cristau jcris...@debian.org wrote:
On Mon, Jan 23, 2012 at 11:00:53 -0500, Jay Berkenbilt wrote:
Upstream has committed symbol versioning for both the 3.9.x branch and
the trunk (4.0.0) and is prepared to release 3.9.6 and 4.0.1 with symbol
versioning once we sign off that it's what
Jay Berkenbilt q...@debian.org wrote:
Julien Cristau jcris...@debian.org wrote:
On Sat, Jan 21, 2012 at 19:10:00 -0500, Jay Berkenbilt wrote:
Julien Cristau jcris...@debian.org wrote:
As I said previously, if versioned symbols don't happen (in both the old
and new versions
Jay Berkenbilt q...@debian.org wrote:
As I said previously, if versioned symbols don't happen (in both the old
and new versions), then the transition is unlikely to happen too. It
was done for png and jpeg, so it's not like it'd be a first.
I have the skills to do this and understand
Julien Cristau jcris...@debian.org wrote:
On Sat, Jan 21, 2012 at 19:10:00 -0500, Jay Berkenbilt wrote:
Julien Cristau jcris...@debian.org wrote:
As I said previously, if versioned symbols don't happen (in both the old
and new versions), then the transition is unlikely to happen too
to the
new version of the tiff packages.
Thanks.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120121113810.3089362963.qww314159@soup
of looking for an easy
solution.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120121191000.3089338302.qww314159@soup
Julien Cristau jcris...@debian.org wrote:
On Tue, Dec 13, 2011 at 09:02:50 -0500, Jay Berkenbilt wrote:
So, what is the recommendation of the release team? If you agree that
we should do a transition as soon as possible after the final 4.0.0 is
released (so that wheezy can have 4.x), do you
of the release team? If you agree that
we should do a transition as soon as possible after the final 4.0.0 is
released (so that wheezy can have 4.x), do you have any guesses as to
when you would be ready for an upload?
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release
On 11/08/2011 05:46 PM, Julien Cristau wrote:
On Sat, Sep 10, 2011 at 13:04:13 -0400, Jay Berkenbilt wrote:
Julien Cristau jcris...@debian.org wrote:
On 05/29/2011 10:19 PM, Jay Berkenbilt wrote:
I'd like to schedule a transition for ICU from 4.4 to 4.8. . . .
This can't really happen
Please see bug 640225. A request is made there to binNMU tiff so it no
longer links with libjpeg.so.62. I believe that is the correct
solution, rather than having me do a new upload.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
for interfaces that have been deprecated for a long time, and
this is pretty much comparable to earlier ICU releases. I will wait to
upload ICU to unstable until I get an okay from the release team and
until I hear from openoffice.org maintainers.
--
Jay Berkenbilt q...@debian.org
of the above), but I thought by using
libjpeg-dev, I was protecting my package against having to be
re-uploaded in the event of a jpeg transition. I could look at the
current state, but that doesn't necessarily tell me what the long-term
plans are.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE
in the unstable
package's changelog.
My original message is below for reference.
--Jay
Jay Berkenbilt q...@debian.org wrote:
There is a bug in ICU 4.4, for which we have a small and minimally
invasive patch, that causes OpenOffice.org rendering of Malayalam to not
work. The reporter argues
the reporter so he can clarify/correct anything I may have
said here.
Please advise as to whether I should upload a to t-p-u. I'll upload to
unstable either way.
--Jay
---BeginMessage---
Jay Berkenbilt said on Mon, Nov 22, 2010 at 11:12:12AM -0500,:
the patch and upload, but only
I've just uploaded tiff-3.9.4-5, which fixes RC bug 600188,
CVE-2010-3087. The change adds a single patch. I uploaded with urgency
high and am requesting a freeze exception.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject
will also be contacting the security team about fixing it
in stable.
--
Jay Berkenbilt q...@debian.org
Index: debian/changelog
===
--- debian/changelog (.../tags/7.20.7-1) (revision 1488)
+++ debian/changelog (.../branches/7.20) (revision
in the changelog.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20101002134407.0289400883.qww314...@soup
Julien Cristau jcris...@debian.org wrote:
On Fri, Aug 20, 2010 at 16:27:13 -0400, Jay Berkenbilt wrote:
For qpdf, this is a new upstream version that is binary compatible with
the old one. qpdf is isolated in the dependency tree (no other packages
depend on it), and I am upstream, so I can
::disableIncompatbleEncryption(float), and then verify by
looking at QPDFWriter.hh in 2.1.5 that this was in fact a private
method.
I designed QPDF's APIs the way they are in significant part to make it
possible to make certain types of changes without breaking binary
compatibility.
--
Jay Berkenbilt
Julien Cristau jcris...@debian.org wrote:
Seems we're just talking past each other.
On Sat, Aug 21, 2010 at 10:53:20 -0400, Jay Berkenbilt wrote:
I interpreted shlibs bump to mean changing the SONAME. Do you mean
something different?
I wasn't talking about the library's SONAME, I
.
Thanks for your consideration.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/20100820162713.2402820247.qww314
I have uploaded tiff-3.9.4-2 to fix CVE-2010-2233. Please unblock so
the security fix can be propagated to testing. I did the upload with
urgency=high. Thanks.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject
*.gif from the list of installed
docs and that changes the build dependency on doxygen to be = 1.7.1.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http
Adam D. Barratt a...@adam-barratt.org.uk wrote:
On Fri, June 25, 2010 22:46, Jay Berkenbilt wrote:
So, I don't want to nag since I know the release team is busy managing
many conflicting priorities, but I'd like to get some sense of when I
can upload ICU 4.4. If it's soon, I'll wait
4.4. If it's soon, I'll wait on uploading the 4.6 test
releases. If not, then I may just go ahead and start on 4.6 with
experimental. However, I will still want to upload 4.4 to unstable.
Thanks.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ
Jay Berkenbilt q...@debian.org wrote:
ICU 4.4 was released a few weeks ago. There are very few changes from
4.4.rc1. I'm going to do one upload of 4.4 to experimental to make sure
it builds properly on all platforms. If all goes well, I'd like to go
ahead and upload to unstable. Please
with the upgrade. As before, there are no API changes for people who
stick to published interfaces, so binary NMUs for reverse dependencies
should be adequate, as it has been for the last few ICU transitions.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ
not to start until after squeeze is released. I'll contact the
release team separately about preparing for that. Maybe we can learn
from the jpeg8 transition, but I'll save the details for another
message.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ
(2.8.0-3+lenny1) stable; urgency=low
+
+ * Apply patch to correct CVE-2009-1885: DoS attack from nested DTDs.
+
+ -- Jay Berkenbilt q...@debian.org Sat, 06 Feb 2010 22:01:25 -0500
+
xerces-c2 (2.8.0-3) unstable; urgency=low
* Change priority from extra to optional as priority optional packages
Adam D. Barratt a...@adam-barratt.org.uk wrote:
On Sun, 2010-02-07 at 13:30 -0500, Jay Berkenbilt wrote:
Adam D. Barratt a...@adam-barratt.org.uk wrote:
Please prepare an update (built against stable, either on a stable
system or in a chroot), and send a debdiff against the current stable
/xerces-c2-2.8.0-3+lenny1.patch]
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
a manual push before. In any case, I'd be grateful if
someone could look into why this isn't transitioning. I can't see any
reason that it shouldn't.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble
. I'll delay my 3.9.0 upload a bit
until I get an answer.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Jay Berkenbilt q...@debian.org wrote:
I screwed up and released tiff 3.9.0beta+deb1 to experimental earlier
this week instead of 3.9.0~beta+deb1. Now I'd like to upload 3.9.0 to
unstable. I really don't want to introduce an epoch. Is it possible to
make 3.9.0beta+deb1 just disappear? It's
Andreas Metzler ametz...@downhill.at.eu.org wrote:
On 2009-08-21 Jay Berkenbilt q...@debian.org wrote:
Jay Berkenbilt q...@debian.org wVrote:
I screwed up and released tiff 3.9.0beta+deb1 to experimental earlier
this week instead of 3.9.0~beta+deb1. Now I'd like to upload 3.9.0
I have uploaded ICU 4.2.1 to unstable. Once it builds, it should be
possible to initiate rebuilds of its reverse dependencies. Thanks.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Luk Claes l...@debian.org wrote:
Please upload now.
Great, glad we're ready. However, I'm getting ready to be gone without
email access for a week, and I have an RC bugfix in ICU 4.0.1 unstable
waiting to transition. I wouldn't want to introduce a new problem while
I'm not here to deal with
for all you do to keep things moving. Please see this message as
a gentle tug from someone who wants to cause as little disruption as
possible rather than as a complaint or criticism.
--
Jay Berkenbilt q...@debian.org
Jay Berkenbilt q...@debian.org wrote:
I'd like to get a place in line
Philipp Kern pk...@debian.org wrote:
It's now been a full month since my first message about scheduling an
ICU 4.2 transition, and I have still not done an upload to unstable
because I am still waiting for a response. Again, with the utmost
respect and admiration for the hard work being done
. Please see this message as
a gentle tug from someone who wants to cause as little disruption as
possible rather than as a complaint or criticism.
--
Jay Berkenbilt q...@debian.org
Jay Berkenbilt q...@debian.org wrote:
I'd like to get a place in line for doing a transition to ICU 4.2. I
Rene Engelhard r...@debian.org wrote:
Hi,
Jay Berkenbilt wrote:
permission to upload ICU 4.2.1 to unstable. I understand and fully
support the new policy of getting advance permission and trying to
coordinate transitions, but I'm unsure of how long I should expect to
wait before receiving
contain the bug.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
, openoffice.org previously reported that it worked with
4.2. In any case, I won't upload to unstable before I hear back from
the release team. I'll be uploading 4.2.1 to experimental in the mean
time unless you say, yeah, go ahead and upload to unstable. :-)
--
Jay Berkenbilt q...@debian.org
Adam D. Barratt a...@adam-barratt.org.uk wrote:
The BTS's version tracking is based on upload history as laid out in the
package's changelog, not version nor date comparisons. The changelog
for icu 4.0.1-3 (unstable) included the entries for the 4.2-1 upload to
experimental . . .
Okay,
, this will prevent xerces-c2 from transitioning.
Hopefully someone can poke this to resolve the problem. Thanks.
--
Jay Berkenbilt q...@debian.org
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Rene Engelhard r...@debian.org wrote:
Rene Engelhard wrote:
Jay Berkenbilt wrote:
I have just uploaded ICU 4.2 in experimental. As is generally the
case, this release of ICU is expected to be source-compatible with
earlier versions, including 4.0 which is currently in unstable
1 - 100 of 188 matches
Mail list logo
