Bug#699352: please update to 1.7R4
Package: librhino-java Version: 1.7R3-5 Severity: wishlist -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, closure compiler (which is a dep of gerrit) depends on version 1.7R4 + patches of rhino. Closure compiler keeps the source tree of rhino in its own SVN because it had some patches at a time. But at the moment there's no relevant difference between mozillas master branch and the code copy of closure compiler. In any case I want to build closure compiler using the Debian package of Rhino and not the copy of the rhino source in the closure compilers SVN. Would you like if I'd migrate the packaging repo from SVN to Git? Rhino upstream uses Git and you could track upstreams Git in your packaging repo. Would you like if I'd make a watch file for Rhino? Regards, Thomas Koch -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJRCTPNAAoJEAf8SJEEK6ZaiLwQAMK6fqKMoqfqjt4OGcv6yuge MQtB0loBQUYLZqNcdqYYGIEciNH+SibVgZD9hnivg9w5NUvb0LOKllOtFoSkC+tf z9zF++sZes5U5GJ5cZiINwCMW5bplpqD9QhJQ3eroQPNFhVdel1gCFeWyo5z9Bv5 l2g5i9wzfRq28beinLamZY26dAQuC9kOOUvdlCC/c0uzHU7IBHEPeolQbNAmx+UD lZ5NpcEccEDCfAbdXgkyVrCl9VzpWMnHgAbDWFcClD/v/3yUndhiIRKkwjsG6phJ fJb+cvHxx3jSP4t+tLPS2ldRhjtIf4MCM6cbcED60fI+hprcEzIh0DGaNLkCY3KF WlDexmCOSZHe+4zHmUJzyUOKMFXTqZRV28Tte/sx2/WbqokkHDt08xHNab2nSM49 rWmCAuN3MsxKofsvhJhWRq64K8co+f+psT4Yp6hpNPhsNdpsY+nzr+zdr1hYM+Cl jWx1e2iDOfCEUyB14XK2Iv4RX9T+Att7wK+yi2gyyG3qxOwklNJm4clZw7SAaGa6 +pTcJh021UImHeG5H6XZCQCbGNDZrEUEAnO5FLzb7l9KxdHi50pTg8nsreCyHq2p z0uU2CXoWeum6cyvVK/E+l9Wp0XIw/+KbrNUH6HJQQVJzN8ePcT3lTBBbPbxeYx9 smE7ReaOPTxIwHI0MiFZ =/WaS -END PGP SIGNATURE- __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Processed: Re: Bug#699256: cglib: FTBFS: [javadoc] /«BUILDDIR»/cglib-2.2.2+dfsg/src/proxy/net/sf/cglib/core/Constants.java:62: cannot find symbol
Processing control commands: retitle -1 cglib: FTBFS: 1) testFailOnMemoryLeak(net.sf.cglib.proxy.TestEnhancer)junit.framework.AssertionFailedError: Memory leak caused by Enhancer Bug #699256 [src:cglib] cglib: FTBFS: [javadoc] /«BUILDDIR»/cglib-2.2.2+dfsg/src/proxy/net/sf/cglib/core/Constants.java:62: cannot find symbol Changed Bug title to 'cglib: FTBFS: 1) testFailOnMemoryLeak(net.sf.cglib.proxy.TestEnhancer)junit.framework.AssertionFailedError: Memory leak caused by Enhancer' from 'cglib: FTBFS: [javadoc] /«BUILDDIR»/cglib-2.2.2+dfsg/src/proxy/net/sf/cglib/core/Constants.java:62: cannot find symbol' tag -1 + unreproducible Bug #699256 [src:cglib] cglib: FTBFS: 1) testFailOnMemoryLeak(net.sf.cglib.proxy.TestEnhancer)junit.framework.AssertionFailedError: Memory leak caused by Enhancer Added tag(s) unreproducible. -- 699256: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699256 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Bug#698974: umlet dependency on libjsyntaxpane-java
For the reccord, the packaging work is done in the package git. If someone could test it (with git-buildpackage), I will upload it. Thanks, Mt. On Tue, Jan 29, 2013 at 09:08:59PM +0100, Benjamin Mesing wrote: Hi, from my Point of view, there is nothing speaking against a new version of jsyntaxpane. As far as I understand it, umlet does not need to be recompiled and will work better with the new version, so please go ahead. Best regards Benjamin On Fri, 2013-01-25 at 23:00 +0100, Felix Natter wrote: hello Benjamin, I am working on the freeplane package which depends on libjsyntaxpane-java like your package umlet (and I think those two packages are the only ones which depend on libjsyntaxpane-java in testing). But freeplane needs a more recent version (r156 vs r148), so I looked at building umlet with jsyntaxpane-0.95~r156: - With the default unstable package (11.3-5, built from source on testing) I do not get colors and italics in the bottom right pane. - If I symlink /usr/share/java/jsyntaxpane.jar to jsyntaxpane-0.9.5~r156.jar [1], and restart umlet, then I get colors and italics in the editor pane. So it looks like it would be a good idea to use the new jsyntaxpane for both umlet and freeplane. (I posted here: http://code.google.com/p/umlet/issues/detail?id=120q=label%3AType-Defectcolspec=ID%20Type%20Status%20Priority%20UMLet%20Owner%20Summary but that is no longer relevant because it's a debian issue) [1] built from the latest http://jsyntaxpane.googlecode.com/svn/branches/r095/ using: $ change RELEASE to a version number in pom.xml $ mvn package (I can send you the file for testing if that is easier for you) Best Regards, -- Je crois que nous sommes dans une tendance irréversible pour plus de liberté et de démocratie, mais ça pourrait changer. -- G.W. Bush __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Bug#697617: jenkins: remote code execution vulnerability
Hi James, On Thu, Jan 10, 2013 at 05:03:44PM +, James Page wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/01/13 15:46, Miguel Landaeta wrote: We might want to consider whether updating unstable/testing to 1.480.2 is actually the best way forward at this point in time. Hi James, I don't know if it is feasible at this point in the release cycle to have a new upstream release of jenkins in sid even if it fixes some security issues. Agreed; its a last resort. I backported the fix for CVE-2013-0158 from stable branch and I applied it to 1.447.2+dfsg-2. It applies cleanly but I'm getting a FTBFS. I don't have time to review it right now but I'll go back to it later. I'm attaching the debdiff I got and the FTBFS log error. I did much the same for the version in Ubuntu 12.04 (1.424.6); and hit similar issues. The key problem is the extent of the patch to fix this issue and the amount of code change in the TCP/Agent communication area between 1.480.2 and earlier versions we already have packaged. I'm trying to get some advice from upstream on this - hopefully I'll hear back in the next ~24hrs Any news on this one. Jenkins has become a candidate for removal due to this one and I'd be sad to see a release without it. Cheers, -- Guido __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.