Hi,
On 9 August 2018 at 09:31, Andrej Shadura wrote:
> I would like to fix CVE-2018-14526 (#905739) in stable:
[snip]
> This is a low priority security issue, and doesn't require a DSA.
>
> [0] https://security-tracker.debian.org/tracker/CVE-2018-14526
I forgot to mention I did no
+
+ * SECURITY UPDATE:
+- CVE-2018-14526: Ignore unauthenticated encrypted EAPOL-Key data
+ (Closes: #905739)
+
+ -- Andrej Shadura Thu, 09 Aug 2018 09:23:49 +0200
+
wpa (2:2.4-1+deb9u1) stretch-security; urgency=high
* Non-maintainer upload by the Security Team.
diff -Nru
wpa-2.4
Control: reopen -1
Control: retitle -1 unblock: matrix-synapse/0.99.2-2
On Sun, 17 Mar 2019 at 08:51, Niels Thykier wrote:
>
> Andrej Shadura:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags:
by the user running synapse
+(Closes: #923573).
+ * No longer enable webclient by default (Closes: #923574).
+ * Print a warning when the server name has not been set (Closes: #923586).
+ * Update NEWS with a note on .well-known vs SRV.
+
+ -- Andrej Shadura Sat, 16 Mar 2019 16:48:56 +0100
with OpenSSL 1.1+ (Closes: #924632).
+
+ -- Andrej Shadura Fri, 15 Mar 2019 17:44:51 +0100
+
wpa (2:2.7+git20190128+0c1e29f-2) unstable; urgency=medium
* Apply an RFC patch to work around big endian keyidx.
diff --git a/debian/hostapd.init b/debian/hostapd.init
index 6151f22..0d2e970 100644
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Current jasperreports in Debian fails to build from source with all Java
versions starting from 9 due to the Java modules issue (see #912467),
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
This package fails to build from source (#917738), and unlike with some
other openhft packages, I am not able to get it fixed. I’ve spent days
Control: tag -1 buster
Hi,
The pending jupyter-notebook 5.7.4-2 upload will have removed the build
dependency on node-xterm, at which point node-xterm can be temoved from
testing.
--
Cheers,
Andrej
Hi,
On Sun, 10 Mar 2019 at 00:27, Debian Bug Tracking System
wrote:
> > retitle 924157 RM: openhft-chronicle-threads/1.1.6-1
Apparently, this can now be closed since Tony Mancill has fixed the RC
bug in openhft-chronicle-threads.
--
Cheers,
Andrej
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock the package wpa.
This upload fixes a security vulnerability in WPA3-Personal and EAP (#926801):
- CVE-2019-9494: SAE cache attack against ECC groups (VU#871675)
-
/debian/changelog
index 6f748d7..7f718d2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+python-darkslide (4.0.1-2) unstable; urgency=medium
+
+ * Support python-markdown >= 3 (Closes: #923977).
+ * Bump the python3-markdown build dependency.
+
+ -- Andrej Shadura Sat, 13
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package matrix-synapse.
Originally, 0.99 was meant to be the last version before 1.0, but due
to a bunch of issues discovered since then, some of them
security-related, new
Hi,
On Wed, 29 May 2019 at 23:43, Paul Gevers wrote:
> You're not going to like it.
>
> On Sat, 25 May 2019 12:46:12 +0100 Andrej Shadura
> wrote:
> > I’m attaching a git diff between patches-applied trees of 0.99.2-5
> > currently in buster and 0.99.5.1-1 c
Hi again,
On Wed, 29 May 2019 at 23:48, Andrej Shadura wrote:
> On Wed, 29 May 2019 at 23:43, Paul Gevers wrote:
> > You're not going to like it.
> >
> > 381 files changed, 20100 insertions(+), 16629 deletions(-)
> >
> > This isn't re-viewable and is very
On Sat, 27 Apr 2019 12:30:03 -0400 Antoine Beaupre
wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
>
> Please unblock package matrix-synapse
>
> The package currently in buster generates gigabytes of logs which can
>
0.0.0.0 and :: by default for URL previews
+
+ -- Andrej Shadura Fri, 03 May 2019 22:26:41 +0200
+
matrix-synapse (0.99.2-4) unstable; urgency=medium
[ Antoine Beaupré ]
diff --git
a/debian/patches/blacklist-localhost-by-default-for-URL-previews.patch
b/debian/patches/blacklist-localhost
/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+wpa (2:2.4-1+deb9u5) stretch; urgency=medium
+
+ * SECURITY UPDATE:
+- AP mode PMF disconnection protection bypass.
+ More details:
+ + https://w1.fi/security/2019-7/
+ Closes: #940080 (CVE-2019-16275)
+
+ -- Andrej Shadura Mon, 13
a/debian/changelog b/debian/changelog
index 8e7373a9..db6133f9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+borgbackup (1.1.9-2+deb10u1) buster; urgency=medium
+
+ * Fix index corruption bug leading to data loss (Closes: #953615).
+
+ -- Andrej Shadura Sun, 03 May 2020 17:20
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
Synapse 0.99 was never meant to be a properly usable release in buster,
and it was only included as some sort of a plug to make upgrades a
On Mon, May 04, 2020 at 03:35:25PM +0200, Julien Cristau wrote:
> On Mon, May 04, 2020 at 03:30:53PM +0200, Andrej Shadura wrote:
> > Synapse 0.99 was never meant to be a properly usable release in buster,
> > and it was only included as some sort of a plug to make upgrades a tiny
On Mon, May 04, 2020 at 06:33:26PM +0200, Julien Cristau wrote:
> > I think in this case it’s okay because of this NEWS entry:
> >
> > https://sources.debian.org/src/matrix-synapse/0.99.2-6/debian/NEWS/
> I'm not sure how that makes it any better? NEWS is shown on upgrade at
> best, so anyone
randomisation issue with some cards.
+ LP: #1867908.
+
+ -- Andrej Shadura Tue, 24 Mar 2020 11:26:58 +0100
+
wpa (2:2.7+git20190128+0c1e29f-6+deb10u1) buster-security; urgency=medium
* SECURITY UPDATE:
diff --git a/debian/patches/series b/debian/patches/series
index 8056df6..6e716ec 100644
On Tue, 24 Mar 2020 11:33:57 +0100 Andrej Shadura
wrote:
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
I’m proposing to upload a couple of upstream patches improving Wi
an upstream patch to fix the MAC randomisation issue with some cards
+(LP: #1867908, Closes: #954457)
+
+ -- Andrej Shadura Sun, 03 May 2020 15:40:34 +0200
+
wpa (2:2.4-1+deb9u4) stretch-security; urgency=high
* SECURITY UPDATE (2019-5):
diff --git a/debian/patches/2019-7/0001-AP-Silently-ignore
Control: retitle -1 stretch-pu: package wpa/2:2.4-1+deb9u6
Hi,
On Sun, 5 Jul 2020, at 18:08, Cyril Brulebois wrote:
> Andrej Shadura (2020-05-03):
> > Oh, I somehow forgot about it. Please see attached debdiff; I have
> > also added the same minor fix I wanted to push into
Hi,
On Fri, 10 Jul 2020, at 19:13, Moritz Mühlenhoff wrote:
> Let's remove it for the upcoming 10.5 update, then?
Sure.
--
Cheers,
Andrej
Hi,
On Thu, 16 Jul 2020, at 01:27, Cyril Brulebois wrote:
> Hi Andrej,
>
> Andrej Shadura (2020-05-03):
> > I’m proposing to upload an upstream patch fixing an index corruption
> > in borgbackup leading to a data loss, see #953615.
>
> I know stretch is a
Hi,
On Sat, 24 Apr 2021, at 12:38, Graham Inggs wrote:
> On Fri, 23 Apr 2021 at 13:12, Andrej Shadura wrote:
> > I finally came back from lunch, the latest debdiff and the diffoscope
> > output are attached.
>
> The diffoscope output of a no-change rebuild of 1.7.22-1
/pristine-lfs
Author: Andrej Shadura
diff --git a/debian/changelog b/debian/changelog
index 9804ad5..1afd619 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+pristine-lfs (20210404.0-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ -- Andrej Shadura Sun, 04 Apr 2021
On Mon, 05 Apr 2021 15:26:04 +0200 Andrej Shadura
wrote:
> retitle 986411 unblock: pristine-lfs/20210404.0-2
> thanks
>
> Chris has reported a bug (#986446): test results XML file was
> shipped with the package; I have now fixed that bug with an extra upload.
Please find a
Hi,
On Fri, 23 Apr 2021, at 12:13, Sergei Golovan wrote:
> On Fri, Apr 23, 2021 at 1:07 PM Andrej Shadura wrote:
> > > Currently, tcltls conflicts with openssl because it tries to generate
> > > DH pair on the fly,
> > > which sometimes fails due to lack
Hi,
On Fri, 23 Apr 2021, at 12:25, Sergei Golovan wrote:
> It's not necessary. I've just pushed the fix to Salsa. Can you ask the
> release team for the freeze exception?
Why are you so quick? :)
Anyway, I guess you can post the updated debdiff this time around, the
difference between yours
Hi again,
On Fri, 23 Apr 2021, at 12:16, Andrej Shadura wrote:
> On Fri, 23 Apr 2021, at 12:13, Sergei Golovan wrote:
> > No, it wouldn't. The point is that there's no need of any patch. An
> > extra option in debian/rules should be sufficient. I'll try it today
> > and co
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hi,
As described in [1], I’d like to go ahead with a replacing the Freedesktop.org
implementation of pkg-config with pkgconf. This will involve pkgconf
taking over the binary package
Hi all,
I’ve been rebuilding packages with pkgconf for the past couple of weeks, and it
looks very good so far:
http://pkgconf-migration.debian.net/
I have identified and resolved some issues, and most of the build failures I’ve
seen were not related to pkgconf itself, but were caused by
Hi,
On Wed, 5 Oct 2022, at 10:22, Sebastian Ramacher wrote:
>> I’m currently running a rebuild of all packages using pkg-config [2] to
>> determine if there are issues that need addressing during this
>> transition. So far I found one issue [3] that affects a couple of
>> packages, I’m going to
Hi,
Just a small update: I’m now confident we’re ready to go ahead with the actual
transition.
I’m still rebuilding some heavy packages that failed to build because of lack
of disk space or RAM, but most of the other failures are unrelated to pkgconf,
while remaining issues can be resolved
* Apply an upstream patch to fix a crash in the patch parsing code.
+
+ -- Andrej Shadura Mon, 24 Apr 2023 15:19:32 +0200
+
git-crecord (20230226.0-1) unstable; urgency=medium
* New upstream release.
diff --git a/debian/patches/0001-Fix-a-typo-in-a-variable-name.patch
b/debian/pat
-shell/fish-shell/pull/9540 and #1000351.
+
+ -- Andrej Shadura Mon, 01 May 2023 19:01:01 +0200
+
fish (3.6.0-3) unstable; urgency=medium
* Cherry-pick upstream fixes from the v3.6.1 branch.
diff --git a/debian/patches/0003-workaround-for-Midnight-Commander.patch
b/debian/patches/0003
/changelog
@@ -1,3 +1,15 @@
+libbssolv-perl (0.17-4) unstable; urgency=medium
+
+ [ Debian Janitor ]
+ * Bump debhelper from old 12 to 13.
+ * Update standards version to 4.6.0, no changes needed.
+
+ [ Andrej Shadura ]
+ * Add a patch proposed upstream to accept "0" as a valid e
Hi,
On Tue, 2 May 2023, at 07:51, Sebastian Ramacher wrote:
>> + [ Debian Janitor ]
>> + * Bump debhelper from old 12 to 13.
> This change is no longer appropriate at this stage of the freeze. See
> also https://release.debian.org/testing/FAQ.html. Please re-upload
> without this change.
I
Hi,
On Tue, 2 May 2023, at 08:44, Sebastian Ramacher wrote:
>> I have not uploaded yet. Are other changes acceptable?
>
> Ah, good. The Standards-Version bump is additional noise, but is
> acceptable. Note though, that the change doesn't bump the version to
> 4.6.2 whichi is the latest version.
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: syncthing-...@packages.debian.org
Control: affects -1 + src:syncthing-gtk
Please unblock package syncthing-gtk
Syncthing-GTK has been hardcoding a non-PEP-440-compliant
:50.0
+0100
+++ reserialize-20220929/debian/changelog 2023-05-24 17:01:40.0
+0200
@@ -1,3 +1,10 @@
+reserialize (20220929-2) unstable; urgency=medium
+
+ * Drop tomllib patch, it never properly worked
+(Closes: #1036536, #1036537).
+
+ -- Andrej Shadura Wed, 24 May 2023 17:01:40
44 matches
Mail list logo