[DRE-maint] rerun 0.13.0-1 MIGRATED to testing
FYI: The status of the rerun source package in Debian's testing distribution has changed. Previous version: 0.11.0-1 Current version: 0.13.0-1 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See https://release.debian.org/testing-watch/ for more information. ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] ruby-mail-gpg 0.4.0-1 MIGRATED to testing
FYI: The status of the ruby-mail-gpg source package in Debian's testing distribution has changed. Previous version: 0.3.3-1 Current version: 0.4.0-1 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See https://release.debian.org/testing-watch/ for more information. ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] gitlab_8.13.11+dfsg1-8+deb9u2_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 27 Mar 2018 14:38:53 +0530 Source: gitlab Binary: gitlab Architecture: source all Version: 8.13.11+dfsg1-8+deb9u2 Distribution: stretch-security Urgency: medium Maintainer: Debian Ruby Extras Maintainers Changed-By: Pirate Praveen Description: gitlab - git powered software platform to collaborate on code (non-omnibus Closes: 888508 893905 Changes: gitlab (8.13.11+dfsg1-8+deb9u2) stretch-security; urgency=medium . * Fixes CVE-2018-8971 (Closes: #893905) * Fixes CVE-2017-0920 (Closes: #888508) Checksums-Sha1: e0d3a414ae5577da5e456eaa01162e43444eae91 2569 gitlab_8.13.11+dfsg1-8+deb9u2.dsc e50e86b6e67daa64224d2e9be2ef762da577bff2 27931813 gitlab_8.13.11+dfsg1.orig.tar.gz 79625ef89f5edb375cca0d3ba1645244d570d548 59288 gitlab_8.13.11+dfsg1-8+deb9u2.debian.tar.xz 79d87657e013d19c340b73a98c39d6cafed7aa53 26368266 gitlab_8.13.11+dfsg1-8+deb9u2_all.deb 72e111ca6d9757ea8be472e4b7d5dd9a2efeb503 8886 gitlab_8.13.11+dfsg1-8+deb9u2_amd64.buildinfo Checksums-Sha256: 3cd160bb6cef243d17e551d5666eef376d23c11230c0069f55c2b79a9f2ecc0d 2569 gitlab_8.13.11+dfsg1-8+deb9u2.dsc 714862e0211f50b07bc064d2a9059e3d650351b5ea12ff03ee3f154dc8a9071c 27931813 gitlab_8.13.11+dfsg1.orig.tar.gz 0e5b1d541e440d37391d462541433eac20483578034599a664eb074f3c21f145 59288 gitlab_8.13.11+dfsg1-8+deb9u2.debian.tar.xz c9521c08dfef5be0cef1def0c030653afdea2b6938fb488fa1040e6a26511163 26368266 gitlab_8.13.11+dfsg1-8+deb9u2_all.deb e2321422138003231c3d74ba981f34f5da05c68d848461c1843c8e51dda9c9ea 8886 gitlab_8.13.11+dfsg1-8+deb9u2_amd64.buildinfo Files: e2726830387a26ad39b822b274a6316f 2569 ruby optional gitlab_8.13.11+dfsg1-8+deb9u2.dsc 2ac0a5e5ce01500d7ac797005efda0e0 27931813 ruby optional gitlab_8.13.11+dfsg1.orig.tar.gz a238aff5dfcf623b8cfa747499122731 59288 ruby optional gitlab_8.13.11+dfsg1-8+deb9u2.debian.tar.xz 4edaa7ba9bfd63052f2579bcb9edc0b1 26368266 ruby optional gitlab_8.13.11+dfsg1-8+deb9u2_all.deb 156984a781c17df49416af64c1857cd3 8886 ruby optional gitlab_8.13.11+dfsg1-8+deb9u2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlsAYukACgkQzh+cZ0US wipdaxAAhD+6z/0UjIvVA1qZ2K4we2B046dllp5Z4ZdqA5kI5Wxg2PuI5aU2CBg3 BMn/OGTXHk0VZSR+s8jJDRZwgqbBeLWy9rfqado+Eg2eKfFSh9+3FWpM3Wsu2vOr N+nwfPR0omWhivUlju0jSko6fTw/4DlkHHqGrKfVC2FWID/NJfHguCqHRlv8CDeR JYxlGuQ659pY3gZJ1fnJK3VtyXTrZfCH2Na8OrRL5S4D1Kz9y/keAiczqBl4BPRZ 4mZ3nAi4JifY/Uizfz4Ff99s6rgrQN8i4iw2CAhTqq085yC5NNI5N59KLIaS AbVKJ625iF8gAHa4q2D/uavytjbMBKtVur60jhgnmV4f5/nw4MYWr+Mf43ivp9b/ xavt/NdME3tj9qRc9KUeKyc6gI95s/bZArgVPnNCbjT/fpnsJyMoKLGtEqLyS21A +/r2aob8T0L+ixU+tGkRNY9W2YNBX82YUt7NVhv4XPTvZJW9pQcSnIm/lkkkHbFd 7/Cuw7lg2WYGognabf3lIqfhpKURnxYSg9J1HzejnsSo+IeUY0IfAtbfyJ1UhzQx hnhsPd+gZ0HauII0EqDPLMb/PX+8Eoc4Ru0I3IDfF0JRYojt3plush5RL8TBCDT4 lOv568pBcIWXG2p93g8HYVzVLWCqBWh/SxZI9HwAo5lVEWc6jfc= =Yb4C -END PGP SIGNATURE- Thank you for your contribution to Debian. ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] gitlab_8.13.11+dfsg1-8+deb9u3_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 26 May 2018 14:37:57 +0530 Source: gitlab Binary: gitlab Architecture: source all Version: 8.13.11+dfsg1-8+deb9u3 Distribution: stretch-security Urgency: high Maintainer: Debian Ruby Extras Maintainers Changed-By: Pirate Praveen Description: gitlab - git powered software platform to collaborate on code (non-omnibus Closes: 900066 Changes: gitlab (8.13.11+dfsg1-8+deb9u3) stretch-security; urgency=high . * Fix regression in cve-2017-0920.patch (Closes: #900066) (Thanks to kp666) Checksums-Sha1: 769b5ffa34bf87155c0e1fd4e7a631271db578e3 2569 gitlab_8.13.11+dfsg1-8+deb9u3.dsc e50e86b6e67daa64224d2e9be2ef762da577bff2 27931813 gitlab_8.13.11+dfsg1.orig.tar.gz bf6e4caf2af7d3dd329f37ed9672eaedea07e2cf 59360 gitlab_8.13.11+dfsg1-8+deb9u3.debian.tar.xz e663b09acb01dca8365cfb78bb1a7f37a1b688cc 26368538 gitlab_8.13.11+dfsg1-8+deb9u3_all.deb 0fadf6b88218dc6f7e13acecbb55d97999ed3e7c 8886 gitlab_8.13.11+dfsg1-8+deb9u3_amd64.buildinfo Checksums-Sha256: cfa157b260589d99f8637556e977e3eb45d0794a1f126a8bbcf67f0078d8a226 2569 gitlab_8.13.11+dfsg1-8+deb9u3.dsc 714862e0211f50b07bc064d2a9059e3d650351b5ea12ff03ee3f154dc8a9071c 27931813 gitlab_8.13.11+dfsg1.orig.tar.gz 4d7114fea5431e1a2d02a3a68c7c62def9f6ef1ebdd8f36f85f29beb0b5b5def 59360 gitlab_8.13.11+dfsg1-8+deb9u3.debian.tar.xz a428c8401f2884a7bad14c10ae338d896d47fe951f1d2f76e5368391a9aa977e 26368538 gitlab_8.13.11+dfsg1-8+deb9u3_all.deb 67716c6c253e175e7c263dcc478e81feb115945b5689faf73431458b01f3f64c 8886 gitlab_8.13.11+dfsg1-8+deb9u3_amd64.buildinfo Files: a8a9eacfa6bd80434e0eca5b220819ce 2569 ruby optional gitlab_8.13.11+dfsg1-8+deb9u3.dsc 2ac0a5e5ce01500d7ac797005efda0e0 27931813 ruby optional gitlab_8.13.11+dfsg1.orig.tar.gz 1c6194e10f5c1eadcee6f0438205df42 59360 ruby optional gitlab_8.13.11+dfsg1-8+deb9u3.debian.tar.xz 71a9fe5a1b4af43330e9bca041d68f14 26368538 ruby optional gitlab_8.13.11+dfsg1-8+deb9u3_all.deb 3e2b37553563b325a2e44534bf8fe55f 8886 ruby optional gitlab_8.13.11+dfsg1-8+deb9u3_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlsJVdMACgkQzh+cZ0US wio+cRAAnlH2T2tCnoYNTtPirXth5R/cHfqGxRDMLLy5wrOwhPJOnfGaf9zb3hlP /uhuTopj7lu+92IiKn5Gxrucj8w4wqTCBcQ12r/ikV1DItQMUE42THICYRVANA9F j1+jd7rJQEefP1GwaOnQjB6Izs99xvw/Yfk/pvsZTw6JOF6irHleJpdfrI637OYk 0UHr+KILHdHGKfPGvJpNZ4jPqYRbAmjTiU+gNPPUpV4CtwKLc37eh+H77YwKVc8x OL7J3j58QebKCqTpjmtqc1cxrS0Trz1j+6ou5DfLp2GqxPg53eCK2eVfS8hvL2eM qJY7jwspW4H4R6lgTQZSbvBh2AI6rLdY8TeR6ztng0pttEUA13HR8u3mU17PzTz5 XXgYbQ/jdxF+g8tuHQRTfwTiX2dr/hQmxJkbCp2zP10AXqCvwt3tb0+XC9JIJvCJ FDdDno6uE0U8GfELJKGXp9qiK0GDParcxUNevHHhnYUiM28lhztjtZZ8rnsgLyMK WqzxYh+ZD4dTX+RtXQISNlACiPP2CC6LNdhGHMlvWVrayQhZs00fGuIIy33bspms HalGtiJDZeBoGl6J7YHm0e+b/86m9ZGCirXA8/dr8ObbGRMKhfJXYZcOg2Fi9dyU i8w81ud8y4rUMJm0/2wEdoG/IjcUs7kpH1Cu502+25JQuz3XwYw= =QYPF -END PGP SIGNATURE- Thank you for your contribution to Debian. ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#893905: marked as done (gitlab: CVE-2018-8801 CVE-2018-8971)
Your message dated Mon, 28 May 2018 21:17:09 + with message-id and subject line Bug#893905: fixed in gitlab 8.13.11+dfsg1-8+deb9u2 has caused the Debian Bug report #893905, regarding gitlab: CVE-2018-8801 CVE-2018-8971 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 893905: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893905 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: gitlab Severity: grave Tags: security Please see https://about.gitlab.com/2018/03/20/critical-security-release-gitlab-10-dot-5-dot-6-released/ Cheers, Moritz --- End Message --- --- Begin Message --- Source: gitlab Source-Version: 8.13.11+dfsg1-8+deb9u2 We believe that the bug you reported is fixed in the latest version of gitlab, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 893...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Pirate Praveen (supplier of updated gitlab package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 27 Mar 2018 14:38:53 +0530 Source: gitlab Binary: gitlab Architecture: source all Version: 8.13.11+dfsg1-8+deb9u2 Distribution: stretch-security Urgency: medium Maintainer: Debian Ruby Extras Maintainers Changed-By: Pirate Praveen Description: gitlab - git powered software platform to collaborate on code (non-omnibus Closes: 888508 893905 Changes: gitlab (8.13.11+dfsg1-8+deb9u2) stretch-security; urgency=medium . * Fixes CVE-2018-8971 (Closes: #893905) * Fixes CVE-2017-0920 (Closes: #888508) Checksums-Sha1: e0d3a414ae5577da5e456eaa01162e43444eae91 2569 gitlab_8.13.11+dfsg1-8+deb9u2.dsc e50e86b6e67daa64224d2e9be2ef762da577bff2 27931813 gitlab_8.13.11+dfsg1.orig.tar.gz 79625ef89f5edb375cca0d3ba1645244d570d548 59288 gitlab_8.13.11+dfsg1-8+deb9u2.debian.tar.xz 79d87657e013d19c340b73a98c39d6cafed7aa53 26368266 gitlab_8.13.11+dfsg1-8+deb9u2_all.deb 72e111ca6d9757ea8be472e4b7d5dd9a2efeb503 8886 gitlab_8.13.11+dfsg1-8+deb9u2_amd64.buildinfo Checksums-Sha256: 3cd160bb6cef243d17e551d5666eef376d23c11230c0069f55c2b79a9f2ecc0d 2569 gitlab_8.13.11+dfsg1-8+deb9u2.dsc 714862e0211f50b07bc064d2a9059e3d650351b5ea12ff03ee3f154dc8a9071c 27931813 gitlab_8.13.11+dfsg1.orig.tar.gz 0e5b1d541e440d37391d462541433eac20483578034599a664eb074f3c21f145 59288 gitlab_8.13.11+dfsg1-8+deb9u2.debian.tar.xz c9521c08dfef5be0cef1def0c030653afdea2b6938fb488fa1040e6a26511163 26368266 gitlab_8.13.11+dfsg1-8+deb9u2_all.deb e2321422138003231c3d74ba981f34f5da05c68d848461c1843c8e51dda9c9ea 8886 gitlab_8.13.11+dfsg1-8+deb9u2_amd64.buildinfo Files: e2726830387a26ad39b822b274a6316f 2569 ruby optional gitlab_8.13.11+dfsg1-8+deb9u2.dsc 2ac0a5e5ce01500d7ac797005efda0e0 27931813 ruby optional gitlab_8.13.11+dfsg1.orig.tar.gz a238aff5dfcf623b8cfa747499122731 59288 ruby optional gitlab_8.13.11+dfsg1-8+deb9u2.debian.tar.xz 4edaa7ba9bfd63052f2579bcb9edc0b1 26368266 ruby optional gitlab_8.13.11+dfsg1-8+deb9u2_all.deb 156984a781c17df49416af64c1857cd3 8886 ruby optional gitlab_8.13.11+dfsg1-8+deb9u2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlsAYukACgkQzh+cZ0US wipdaxAAhD+6z/0UjIvVA1qZ2K4we2B046dllp5Z4ZdqA5kI5Wxg2PuI5aU2CBg3 BMn/OGTXHk0VZSR+s8jJDRZwgqbBeLWy9rfqado+Eg2eKfFSh9+3FWpM3Wsu2vOr N+nwfPR0omWhivUlju0jSko6fTw/4DlkHHqGrKfVC2FWID/NJfHguCqHRlv8CDeR JYxlGuQ659pY3gZJ1fnJK3VtyXTrZfCH2Na8OrRL5S4D1Kz9y/keAiczqBl4BPRZ 4mZ3nAi4JifY/Uizfz4Ff99s6rgrQN8i4iw2CAhTqq085yC5NNI5N59KLIaS AbVKJ625iF8gAHa4q2D/uavytjbMBKtVur60jhgnmV4f5/nw4MYWr+Mf43ivp9b/ xavt/NdME3tj9qRc9KUeKyc6gI95s/bZArgVPnNCbjT/fpnsJyMoKLGtEqLyS21A +/r2aob8T0L+ixU+tGkRNY9W2YNBX82YUt7NVhv4XPTvZJW9pQcSnIm/lkkkHbFd 7/Cuw7lg2WYGognabf3lIqfhpKURnxYSg9J1HzejnsSo+IeUY0IfAtbfyJ1UhzQx hnhsPd+gZ0HauII0EqDPLMb/PX+8Eoc4Ru0I3IDfF0JRYojt3plush5RL8TBCDT4 lOv568pBcIWXG2p93g8HYVzVLWCqBWh/SxZI9HwAo5lVEWc6jfc= =Yb4C -END PGP SIGNATURE End Message --- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#900066: marked as done (gitlab: 500 error on merge request creation)
Your message dated Mon, 28 May 2018 21:17:10 + with message-id and subject line Bug#900066: fixed in gitlab 8.13.11+dfsg1-8+deb9u3 has caused the Debian Bug report #900066, regarding gitlab: 500 error on merge request creation to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 900066: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900066 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: gitlab Version: 8.13.11+dfsg1-8+deb9u2 Severity: normal * What led up to the situation? I upgraded to the latest security update (8.13.11+dfsg1-8+deb9u2) and rebooted the box. * What exactly did you do (or not do) that was effective (or ineffective)? I tried creating a new merge request. * What was the outcome of this action? Gitlab throws a 500 error "Whoops, something went wrong on our end." The merge request is indeed not created (it does not show up in the merge request list, which has other, previously created entries) /var/log/gitlab/production.log shows the following error: Processing by ProjectsController#autocomplete_sources as JSON Parameters: {"type"=>"MergeRequest", "namespace_id"=>"operations", "id"=>"ems"} Completed 200 OK in 502ms (Views: 169.8ms | ActiveRecord: 53.2ms) Started POST "/operations/ems/merge_requests" for [redacted ip address] at 2018-05-25 16:09:41 +0100 Processing by Projects::MergeRequestsController#create as HTML Parameters: {"utf8"=>"✓", "authenticity_token"=>"[redacted token]", "merge_request"=>{"title"=>"[redacted merge request title]", "description"=>"", "label_ids"=>[""], "force_remove_source_branch"=>"0", "lock_version"=>"0", "source_project_id"=>"1", "source_branch"=>"[redacted source git branch]", "target_project_id"=>"1", "target_branch"=>"master"}, "namespace_id"=>"operations", "project_id"=>"ems"} Completed 500 Internal Server Error in 123ms (ActiveRecord: 13.2ms) NameError (undefined local variable or method `source_project' for # Did you mean? @source_project): app/services/merge_requests/create_service.rb:6:in `execute' app/controllers/projects/merge_requests_controller.rb:254:in `create' lib/gitlab/request_profiler/middleware.rb:15:in `call' lib/gitlab/middleware/go.rb:16:in `call' * What outcome did you expect instead? A merge request should have been created just fine. I should have been taken to the created merge request page instead of being shown an error page. Earlier this morning before the upgrade, merge requests could be created just fine. The system is fully up to date. I tried re-installing gitlab with apt-get install --reinstall gitlab. Rake tasks (which I assume were ran by the post-install script) pre-compiled a bunch of assets once again and validated my config and projects, but merge requests still can't be created. Browsing projects/issues/other pages seem to work fine, although I haven't checked every possible action. -- System Information: Debian Release: 9.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-6-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages gitlab depends on: ii adduser 3.115 ii asciidoctor 1.5.4-2 ii bc 1.06.95-9+b3 ii bundler 1.13.6-2 ii dbconfig-pgsql 2.0.8 ii debconf [debconf-2.0] 1.5.61 ii git 1:2.11.0-3+deb9u2 ii gitlab-shell 3.6.6-4 ii gitlab-workhorse 0.8.5+debian-3+b2 ii init-system-helpers 1.48 ii libjs-chartjs 1.0.2-1 ii libjs-clipboard 1.4.2-1 ii libjs-fuzzaldrin-plus 0.3.1+git.20161008.da2cb58+dfsg-4 ii libjs-graphael 0.5+dfsg-1 ii libjs-jquery-cookie 11-3 ii libjs-jquery-history 11-3 ii libjs-jquery-nicescroll 3.6.6-1 ii lsb-base 9.20161125 ii nginx 1.10.3-1+deb9u1 ii nginx-full [nginx] 1.10.3-1+deb9u1 ii nodejs 4.8.2~dfsg-1 ii openssh-client 1:7.4p1-10+deb9u3 ii
[DRE-maint] Bug#900066: gitlab: 500 error on merge request creation
Thanks. I applied the update earlier this morning and can confirm that the bug is fixed. Cheers, -Simon -- Simon Vetter Embedded Software Engineer - EDF store & forecast Phone: +33 7 83 40 26 11 On 05/26/2018 03:36 PM, Salvatore Bonaccorso wrote: Hi, On Sat, May 26, 2018 at 06:25:40PM +0530, Pirate Praveen wrote: On Saturday 26 May 2018 03:34 PM, Simon Vetter wrote: Awesome, thank you for your prompt reply. In the meantime and assuming the fix is in non-compiled code (i.e. ruby), would you mind sharing a patch here so I can apply it and get merge requests up and running again? Sure, here is the patch. https://salsa.debian.org/ruby-team/gitlab/commit/cfdebd5834791b9152dc32af10a63b8db6ddbab9 The regression update (DSA-4206-2) has been issued and the packages available on the security mirrors. Regards, Salvatore ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#900297: ruby-ethon: switch dependency to libcurl4
Package: ruby-ethon Version: 0.9.0-1 Severity: serious Tags: buster sid Hi, curl has bumped the SONAME to libcurl4 for the openssl 1.1 ABI. Please update the dependency to libcurl4. Note that Ubuntu has already done the switch and they had some remarks wrt the ABI: ruby-ethon (0.9.0-1ubuntu1) bionic; urgency=medium * Bump dependency from libcurl3 to libcurl4 for the openssl1.1 transition. Note that this changes the ABI with respect to SSL_CTX objects; consumers of ruby-ethon must now switch to using OpenSSL 1.1 objects instead of OpenSSL 1.0 if they use curl_easy_setopt(SSL_CTX_FUNCTION). -- Steve LangasekThu, 01 Mar 2018 21:49:45 -0800 Cheers, Emilio ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Processed: affects 900283
Processing commands for cont...@bugs.debian.org: > affects 900283 security.debian.org,release.debian.org Bug #900283 [redmine] Bug in redmine 3.3.1-4+deb9u1 CVE-2017-15569.patch Added indication that 900283 affects security.debian.org and release.debian.org > thanks Stopping processing here. Please contact me if you need assistance. -- 900283: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900283 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#900283: Bug in redmine 3.3.1-4+deb9u1 CVE-2017-15569.patch
Package: redmine Version: 3.3.1-4+deb9u1 Dear Maintainers, on Thu, 12 Apr 2018 11:33:06 -0300 Debian published a security update for Redmine in version 3.3.1. This security update includes patch CVE-2017-15569. https://sources.debian.org/patches/redmine/3.3.1-4+deb9u1/CVE-2017-15569.patch/ I write to report a bug with this patch. Custom fields with multiple values will not be put to a table correctly. The way I found out was: Create a tracker, that utilizes a custom field of type list or user and has multiple values allowed. Create an issue, that has more then one value in that custom field. E.g. two users. If I then do a query on my project, I get a HTTP-error 500 response and see the following in my logs: -->8-- Completed 500 Internal Server Error in 442ms (ActiveRecord: 84.3ms) ActionView::Template::Error (undefined local variable or method `item' for #<#:0x007f128233ed70>): 28: <% end %> 29: "> 30: <%= check_box_tag("ids[]", issue.id, false, :id => nil) %> 31: <% query.inline_columns.each do |column| %> 32: <%= content_tag('td', column_content(column, issue), :class => column.css_classes) %> 33: <% end %> 34: app/helpers/queries_helper.rb:132:in `block in column_content' app/helpers/queries_helper.rb:132:in `collect' --8<-- Changing the word "item" to "issue" resolves this problem. I'm using Debian 4.9.88-1 (2018-04-29) x86_64 GNU/Linux with kernel 4.9.0-6-amd64 and libc6 2.24-11+deb9u3. Please contact us if you have any further questions or would like to have more information. Kind regards Frank Hebold -- Frank Hebold Auszubildender zum Fachinformatiker (IHK) HiperScan GmbH Weißeritzstr. 3 01067 Dresden Germany phone +49 351 212 496 20 fax +49 351 212 496 99 mailto: frank.heb...@hiperscan.com www.hiperscan.com www.apo-ident.de HiperScan GmbH, Dresden commercial register number HRB 24683 local court Dresden CEOs: Dr. Alexander Wolter, Michael Thoma ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] ruby-unf-ext_0.0.7.4-1~bpo9+1_amd64.changes is NEW
binary:ruby-unf-ext is NEW. binary:ruby-unf-ext is NEW. source:ruby-unf-ext is NEW. Your package has been put into the NEW queue, which requires manual action from the ftpteam to process. The upload was otherwise valid (it had a good OpenPGP signature and file hashes are valid), so please be patient. Packages are routinely processed through to the archive, and do feel free to browse the NEW queue[1]. If there is an issue with the upload, you will receive an email from a member of the ftpteam. If you have any questions, you may reply to this email. [1]: https://ftp-master.debian.org/new.html or https://ftp-master.debian.org/backports-new.html for *-backports ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Processing of ruby-unf-ext_0.0.7.4-1~bpo9+1_amd64.changes
ruby-unf-ext_0.0.7.4-1~bpo9+1_amd64.changes uploaded successfully to localhost along with the files: ruby-unf-ext_0.0.7.4-1~bpo9+1.dsc ruby-unf-ext_0.0.7.4.orig.tar.gz ruby-unf-ext_0.0.7.4-1~bpo9+1.debian.tar.xz ruby-unf-ext-dbgsym_0.0.7.4-1~bpo9+1_amd64.deb ruby-unf-ext_0.0.7.4-1~bpo9+1_amd64.buildinfo ruby-unf-ext_0.0.7.4-1~bpo9+1_amd64.deb Greetings, Your Debian queue daemon (running on host usper.debian.org) ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] ruby-omniauth-auth0_2.0.0-0+deb9u1_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 06 May 2018 14:55:04 +0530 Source: ruby-omniauth-auth0 Binary: ruby-omniauth-auth0 Architecture: source all Version: 2.0.0-0+deb9u1 Distribution: stretch-security Urgency: medium Maintainer: Debian Ruby Extras MaintainersChanged-By: Pirate Praveen Description: ruby-omniauth-auth0 - Omniauth OAuth2 strategy for the Auth0 platform Changes: ruby-omniauth-auth0 (2.0.0-0+deb9u1) stretch-security; urgency=medium . * New upstream release (required for gitlab security update/CVE-2018-8971) Checksums-Sha1: 1eef3bf03168cecece2be4aaeb9ce5bfe311b856 2244 ruby-omniauth-auth0_2.0.0-0+deb9u1.dsc 82e51e5536f9588296f0ab8e9be58a70ac77b6c7 8281 ruby-omniauth-auth0_2.0.0.orig.tar.gz 377f350714245746b30d1f57620dd70463af0f1a 2304 ruby-omniauth-auth0_2.0.0-0+deb9u1.debian.tar.xz e9f38e6aa27abe81331065039eae93bea9eecd4b 6854 ruby-omniauth-auth0_2.0.0-0+deb9u1_all.deb 40e8840d01ad7b020e11d75a5b759dbadd209e33 9302 ruby-omniauth-auth0_2.0.0-0+deb9u1_amd64.buildinfo Checksums-Sha256: febc65bf0370b19a248579a82fa70e03dd643766d92bdf648a07414d645ff815 2244 ruby-omniauth-auth0_2.0.0-0+deb9u1.dsc 28179d319c59467c4d4679df210b600619fb2b1c0a15f010902d6da004d1052c 8281 ruby-omniauth-auth0_2.0.0.orig.tar.gz 040a5686db70cd59622a7c09d12bf268e843a98081ec85895c87fb4d0f453d23 2304 ruby-omniauth-auth0_2.0.0-0+deb9u1.debian.tar.xz 1270a2e2d671f773b5c79369a6a918018625383c3282f175a4a9495d8b9c4810 6854 ruby-omniauth-auth0_2.0.0-0+deb9u1_all.deb 38d7673fdc03b9190ece19b4f882a0b6ff2fba73ce947105411bcb861db70a4d 9302 ruby-omniauth-auth0_2.0.0-0+deb9u1_amd64.buildinfo Files: a8a7bca23a94cc48c8e42fdf48896ace 2244 ruby optional ruby-omniauth-auth0_2.0.0-0+deb9u1.dsc f93bb89ccabbc8c415d397bc4420f123 8281 ruby optional ruby-omniauth-auth0_2.0.0.orig.tar.gz 3d685675ea2617090824730cd6fc6bbe 2304 ruby optional ruby-omniauth-auth0_2.0.0-0+deb9u1.debian.tar.xz 8ca16cd50ca62880793a1fd29fc4f2dd 6854 ruby optional ruby-omniauth-auth0_2.0.0-0+deb9u1_all.deb 71fa43dab71cf3c86c74033b34211579 9302 ruby optional ruby-omniauth-auth0_2.0.0-0+deb9u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlr/45MACgkQzh+cZ0US wip/rA/+McYvrPiHh7kTyQcJQr4lsFA9bIPqHzzyTIHKJj4RoY+c1sKlJjVISQFq 1rPwJU3xH+kCFbl2/dLwRP+9pR6Yffi4tz/JAW+Rc//1vqm0a3svvaJGuxJFjgyF WOzH7O42bz3pF9lVuElFdQ76Ckbns4NW+KGwNR+TdIV1nCd7ISvtOt8ZaKmCfOgo ex+lq5kAeuje2v3d+5AxbQ3lMn6T8GsFzBhcz+80s3O6VChpksgFJo44wlH2G/Iv ik1yjwfYsiUy/7Gm07efaOY1YDpQnnJ8dLmPXfzu0iYnK5fJ83qohROeVpV+ttse cCbvUeA9ywHldFgzaV1vAV0Os+AhCAzWVFrIH5YTjfcwizxo6v3f39dzRZ8Gdab1 Za6C7NeUNudXKcHdYNT7m698KhLlUq6kf7KwXruZc/VKrOHxM+sZp+pFWVm1JrTY JAtqt9OPNpBk+15lCBbKGCK4oq0kgoKpGojcdTuQERVNxX1jATB0usPK0fhkndWO zn/KqHcj5PTqsKeG3ID8YyACroo19hd0dM7d28zsvYS6Wvx6eWCfDR2iiSUhB/dD W1gyW8YuO7JLtBsC8NhOHEHfNKiTtD+HVyO7BTnZAOMRDGelzmBr3xBQoJlqAiCs +R6NvSQgy2tsxJEnThk4SPrNnqMJoYVjPOTpaqyD1tEkL1L3kTY= =cZg6 -END PGP SIGNATURE- Thank you for your contribution to Debian. ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] ruby-seed-fu_2.3.7-1~bpo9+1_amd64.changes REJECTED
ruby-seed-fu_2.3.7.orig.tar.gz: Does not match file already existing in the pool. binary:ruby-seed-fu is NEW. binary:ruby-seed-fu is NEW. source:ruby-seed-fu is NEW. === Please feel free to respond to this email if you don't understand why your files were rejected, or if you upload new files which address our concerns. ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Processing of ruby-seed-fu_2.3.7-1~bpo9+1_amd64.changes
ruby-seed-fu_2.3.7-1~bpo9+1_amd64.changes uploaded successfully to localhost along with the files: ruby-seed-fu_2.3.7-1~bpo9+1.dsc ruby-seed-fu_2.3.7.orig.tar.gz ruby-seed-fu_2.3.7-1~bpo9+1.debian.tar.xz ruby-seed-fu_2.3.7-1~bpo9+1_all.deb ruby-seed-fu_2.3.7-1~bpo9+1_amd64.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org) ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers