[DRE-maint] rerun 0.13.0-1 MIGRATED to testing

2018-05-28 Thread Debian testing watch 
FYI: The status of the rerun source package
in Debian's testing distribution has changed.

  Previous version: 0.11.0-1
  Current version:  0.13.0-1

-- 
This email is automatically generated once a day.  As the installation of
new packages into testing happens multiple times a day you will receive
later changes on the next day.
See https://release.debian.org/testing-watch/ for more information.

___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] ruby-mail-gpg 0.4.0-1 MIGRATED to testing

2018-05-28 Thread Debian testing watch 
FYI: The status of the ruby-mail-gpg source package
in Debian's testing distribution has changed.

  Previous version: 0.3.3-1
  Current version:  0.4.0-1

-- 
This email is automatically generated once a day.  As the installation of
new packages into testing happens multiple times a day you will receive
later changes on the next day.
See https://release.debian.org/testing-watch/ for more information.

___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] gitlab_8.13.11+dfsg1-8+deb9u2_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

2018-05-28 Thread Debian FTP Masters 


Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 27 Mar 2018 14:38:53 +0530
Source: gitlab
Binary: gitlab
Architecture: source all
Version: 8.13.11+dfsg1-8+deb9u2
Distribution: stretch-security
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers 

Changed-By: Pirate Praveen 
Description:
 gitlab - git powered software platform to collaborate on code (non-omnibus
Closes: 888508 893905
Changes:
 gitlab (8.13.11+dfsg1-8+deb9u2) stretch-security; urgency=medium
 .
   * Fixes CVE-2018-8971 (Closes: #893905)
   * Fixes CVE-2017-0920 (Closes: #888508)
Checksums-Sha1:
 e0d3a414ae5577da5e456eaa01162e43444eae91 2569 gitlab_8.13.11+dfsg1-8+deb9u2.dsc
 e50e86b6e67daa64224d2e9be2ef762da577bff2 27931813 
gitlab_8.13.11+dfsg1.orig.tar.gz
 79625ef89f5edb375cca0d3ba1645244d570d548 59288 
gitlab_8.13.11+dfsg1-8+deb9u2.debian.tar.xz
 79d87657e013d19c340b73a98c39d6cafed7aa53 26368266 
gitlab_8.13.11+dfsg1-8+deb9u2_all.deb
 72e111ca6d9757ea8be472e4b7d5dd9a2efeb503 8886 
gitlab_8.13.11+dfsg1-8+deb9u2_amd64.buildinfo
Checksums-Sha256:
 3cd160bb6cef243d17e551d5666eef376d23c11230c0069f55c2b79a9f2ecc0d 2569 
gitlab_8.13.11+dfsg1-8+deb9u2.dsc
 714862e0211f50b07bc064d2a9059e3d650351b5ea12ff03ee3f154dc8a9071c 27931813 
gitlab_8.13.11+dfsg1.orig.tar.gz
 0e5b1d541e440d37391d462541433eac20483578034599a664eb074f3c21f145 59288 
gitlab_8.13.11+dfsg1-8+deb9u2.debian.tar.xz
 c9521c08dfef5be0cef1def0c030653afdea2b6938fb488fa1040e6a26511163 26368266 
gitlab_8.13.11+dfsg1-8+deb9u2_all.deb
 e2321422138003231c3d74ba981f34f5da05c68d848461c1843c8e51dda9c9ea 8886 
gitlab_8.13.11+dfsg1-8+deb9u2_amd64.buildinfo
Files:
 e2726830387a26ad39b822b274a6316f 2569 ruby optional 
gitlab_8.13.11+dfsg1-8+deb9u2.dsc
 2ac0a5e5ce01500d7ac797005efda0e0 27931813 ruby optional 
gitlab_8.13.11+dfsg1.orig.tar.gz
 a238aff5dfcf623b8cfa747499122731 59288 ruby optional 
gitlab_8.13.11+dfsg1-8+deb9u2.debian.tar.xz
 4edaa7ba9bfd63052f2579bcb9edc0b1 26368266 ruby optional 
gitlab_8.13.11+dfsg1-8+deb9u2_all.deb
 156984a781c17df49416af64c1857cd3 8886 ruby optional 
gitlab_8.13.11+dfsg1-8+deb9u2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlsAYukACgkQzh+cZ0US
wipdaxAAhD+6z/0UjIvVA1qZ2K4we2B046dllp5Z4ZdqA5kI5Wxg2PuI5aU2CBg3
BMn/OGTXHk0VZSR+s8jJDRZwgqbBeLWy9rfqado+Eg2eKfFSh9+3FWpM3Wsu2vOr
N+nwfPR0omWhivUlju0jSko6fTw/4DlkHHqGrKfVC2FWID/NJfHguCqHRlv8CDeR
JYxlGuQ659pY3gZJ1fnJK3VtyXTrZfCH2Na8OrRL5S4D1Kz9y/keAiczqBl4BPRZ
4mZ3nAi4JifY/Uizfz4Ff99s6rgrQN8i4iw2CAhTqq085yC5NNI5N59KLIaS
AbVKJ625iF8gAHa4q2D/uavytjbMBKtVur60jhgnmV4f5/nw4MYWr+Mf43ivp9b/
xavt/NdME3tj9qRc9KUeKyc6gI95s/bZArgVPnNCbjT/fpnsJyMoKLGtEqLyS21A
+/r2aob8T0L+ixU+tGkRNY9W2YNBX82YUt7NVhv4XPTvZJW9pQcSnIm/lkkkHbFd
7/Cuw7lg2WYGognabf3lIqfhpKURnxYSg9J1HzejnsSo+IeUY0IfAtbfyJ1UhzQx
hnhsPd+gZ0HauII0EqDPLMb/PX+8Eoc4Ru0I3IDfF0JRYojt3plush5RL8TBCDT4
lOv568pBcIWXG2p93g8HYVzVLWCqBWh/SxZI9HwAo5lVEWc6jfc=
=Yb4C
-END PGP SIGNATURE-


Thank you for your contribution to Debian.

___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] gitlab_8.13.11+dfsg1-8+deb9u3_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

2018-05-28 Thread Debian FTP Masters 


Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 26 May 2018 14:37:57 +0530
Source: gitlab
Binary: gitlab
Architecture: source all
Version: 8.13.11+dfsg1-8+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Debian Ruby Extras Maintainers 

Changed-By: Pirate Praveen 
Description:
 gitlab - git powered software platform to collaborate on code (non-omnibus
Closes: 900066
Changes:
 gitlab (8.13.11+dfsg1-8+deb9u3) stretch-security; urgency=high
 .
   * Fix regression in cve-2017-0920.patch (Closes: #900066)
 (Thanks to kp666)
Checksums-Sha1:
 769b5ffa34bf87155c0e1fd4e7a631271db578e3 2569 gitlab_8.13.11+dfsg1-8+deb9u3.dsc
 e50e86b6e67daa64224d2e9be2ef762da577bff2 27931813 
gitlab_8.13.11+dfsg1.orig.tar.gz
 bf6e4caf2af7d3dd329f37ed9672eaedea07e2cf 59360 
gitlab_8.13.11+dfsg1-8+deb9u3.debian.tar.xz
 e663b09acb01dca8365cfb78bb1a7f37a1b688cc 26368538 
gitlab_8.13.11+dfsg1-8+deb9u3_all.deb
 0fadf6b88218dc6f7e13acecbb55d97999ed3e7c 8886 
gitlab_8.13.11+dfsg1-8+deb9u3_amd64.buildinfo
Checksums-Sha256:
 cfa157b260589d99f8637556e977e3eb45d0794a1f126a8bbcf67f0078d8a226 2569 
gitlab_8.13.11+dfsg1-8+deb9u3.dsc
 714862e0211f50b07bc064d2a9059e3d650351b5ea12ff03ee3f154dc8a9071c 27931813 
gitlab_8.13.11+dfsg1.orig.tar.gz
 4d7114fea5431e1a2d02a3a68c7c62def9f6ef1ebdd8f36f85f29beb0b5b5def 59360 
gitlab_8.13.11+dfsg1-8+deb9u3.debian.tar.xz
 a428c8401f2884a7bad14c10ae338d896d47fe951f1d2f76e5368391a9aa977e 26368538 
gitlab_8.13.11+dfsg1-8+deb9u3_all.deb
 67716c6c253e175e7c263dcc478e81feb115945b5689faf73431458b01f3f64c 8886 
gitlab_8.13.11+dfsg1-8+deb9u3_amd64.buildinfo
Files:
 a8a9eacfa6bd80434e0eca5b220819ce 2569 ruby optional 
gitlab_8.13.11+dfsg1-8+deb9u3.dsc
 2ac0a5e5ce01500d7ac797005efda0e0 27931813 ruby optional 
gitlab_8.13.11+dfsg1.orig.tar.gz
 1c6194e10f5c1eadcee6f0438205df42 59360 ruby optional 
gitlab_8.13.11+dfsg1-8+deb9u3.debian.tar.xz
 71a9fe5a1b4af43330e9bca041d68f14 26368538 ruby optional 
gitlab_8.13.11+dfsg1-8+deb9u3_all.deb
 3e2b37553563b325a2e44534bf8fe55f 8886 ruby optional 
gitlab_8.13.11+dfsg1-8+deb9u3_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlsJVdMACgkQzh+cZ0US
wio+cRAAnlH2T2tCnoYNTtPirXth5R/cHfqGxRDMLLy5wrOwhPJOnfGaf9zb3hlP
/uhuTopj7lu+92IiKn5Gxrucj8w4wqTCBcQ12r/ikV1DItQMUE42THICYRVANA9F
j1+jd7rJQEefP1GwaOnQjB6Izs99xvw/Yfk/pvsZTw6JOF6irHleJpdfrI637OYk
0UHr+KILHdHGKfPGvJpNZ4jPqYRbAmjTiU+gNPPUpV4CtwKLc37eh+H77YwKVc8x
OL7J3j58QebKCqTpjmtqc1cxrS0Trz1j+6ou5DfLp2GqxPg53eCK2eVfS8hvL2eM
qJY7jwspW4H4R6lgTQZSbvBh2AI6rLdY8TeR6ztng0pttEUA13HR8u3mU17PzTz5
XXgYbQ/jdxF+g8tuHQRTfwTiX2dr/hQmxJkbCp2zP10AXqCvwt3tb0+XC9JIJvCJ
FDdDno6uE0U8GfELJKGXp9qiK0GDParcxUNevHHhnYUiM28lhztjtZZ8rnsgLyMK
WqzxYh+ZD4dTX+RtXQISNlACiPP2CC6LNdhGHMlvWVrayQhZs00fGuIIy33bspms
HalGtiJDZeBoGl6J7YHm0e+b/86m9ZGCirXA8/dr8ObbGRMKhfJXYZcOg2Fi9dyU
i8w81ud8y4rUMJm0/2wEdoG/IjcUs7kpH1Cu502+25JQuz3XwYw=
=QYPF
-END PGP SIGNATURE-


Thank you for your contribution to Debian.

___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] Bug#893905: marked as done (gitlab: CVE-2018-8801 CVE-2018-8971)

2018-05-28 Thread Debian Bug Tracking System 
Your message dated Mon, 28 May 2018 21:17:09 +
with message-id 
and subject line Bug#893905: fixed in gitlab 8.13.11+dfsg1-8+deb9u2
has caused the Debian Bug report #893905,
regarding gitlab: CVE-2018-8801 CVE-2018-8971
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
893905: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893905
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gitlab
Severity: grave
Tags: security

Please see
https://about.gitlab.com/2018/03/20/critical-security-release-gitlab-10-dot-5-dot-6-released/

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: gitlab
Source-Version: 8.13.11+dfsg1-8+deb9u2

We believe that the bug you reported is fixed in the latest version of
gitlab, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 893...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Pirate Praveen  (supplier of updated gitlab package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 27 Mar 2018 14:38:53 +0530
Source: gitlab
Binary: gitlab
Architecture: source all
Version: 8.13.11+dfsg1-8+deb9u2
Distribution: stretch-security
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers 

Changed-By: Pirate Praveen 
Description:
 gitlab - git powered software platform to collaborate on code (non-omnibus
Closes: 888508 893905
Changes:
 gitlab (8.13.11+dfsg1-8+deb9u2) stretch-security; urgency=medium
 .
   * Fixes CVE-2018-8971 (Closes: #893905)
   * Fixes CVE-2017-0920 (Closes: #888508)
Checksums-Sha1:
 e0d3a414ae5577da5e456eaa01162e43444eae91 2569 gitlab_8.13.11+dfsg1-8+deb9u2.dsc
 e50e86b6e67daa64224d2e9be2ef762da577bff2 27931813 
gitlab_8.13.11+dfsg1.orig.tar.gz
 79625ef89f5edb375cca0d3ba1645244d570d548 59288 
gitlab_8.13.11+dfsg1-8+deb9u2.debian.tar.xz
 79d87657e013d19c340b73a98c39d6cafed7aa53 26368266 
gitlab_8.13.11+dfsg1-8+deb9u2_all.deb
 72e111ca6d9757ea8be472e4b7d5dd9a2efeb503 8886 
gitlab_8.13.11+dfsg1-8+deb9u2_amd64.buildinfo
Checksums-Sha256:
 3cd160bb6cef243d17e551d5666eef376d23c11230c0069f55c2b79a9f2ecc0d 2569 
gitlab_8.13.11+dfsg1-8+deb9u2.dsc
 714862e0211f50b07bc064d2a9059e3d650351b5ea12ff03ee3f154dc8a9071c 27931813 
gitlab_8.13.11+dfsg1.orig.tar.gz
 0e5b1d541e440d37391d462541433eac20483578034599a664eb074f3c21f145 59288 
gitlab_8.13.11+dfsg1-8+deb9u2.debian.tar.xz
 c9521c08dfef5be0cef1def0c030653afdea2b6938fb488fa1040e6a26511163 26368266 
gitlab_8.13.11+dfsg1-8+deb9u2_all.deb
 e2321422138003231c3d74ba981f34f5da05c68d848461c1843c8e51dda9c9ea 8886 
gitlab_8.13.11+dfsg1-8+deb9u2_amd64.buildinfo
Files:
 e2726830387a26ad39b822b274a6316f 2569 ruby optional 
gitlab_8.13.11+dfsg1-8+deb9u2.dsc
 2ac0a5e5ce01500d7ac797005efda0e0 27931813 ruby optional 
gitlab_8.13.11+dfsg1.orig.tar.gz
 a238aff5dfcf623b8cfa747499122731 59288 ruby optional 
gitlab_8.13.11+dfsg1-8+deb9u2.debian.tar.xz
 4edaa7ba9bfd63052f2579bcb9edc0b1 26368266 ruby optional 
gitlab_8.13.11+dfsg1-8+deb9u2_all.deb
 156984a781c17df49416af64c1857cd3 8886 ruby optional 
gitlab_8.13.11+dfsg1-8+deb9u2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlsAYukACgkQzh+cZ0US
wipdaxAAhD+6z/0UjIvVA1qZ2K4we2B046dllp5Z4ZdqA5kI5Wxg2PuI5aU2CBg3
BMn/OGTXHk0VZSR+s8jJDRZwgqbBeLWy9rfqado+Eg2eKfFSh9+3FWpM3Wsu2vOr
N+nwfPR0omWhivUlju0jSko6fTw/4DlkHHqGrKfVC2FWID/NJfHguCqHRlv8CDeR
JYxlGuQ659pY3gZJ1fnJK3VtyXTrZfCH2Na8OrRL5S4D1Kz9y/keAiczqBl4BPRZ
4mZ3nAi4JifY/Uizfz4Ff99s6rgrQN8i4iw2CAhTqq085yC5NNI5N59KLIaS
AbVKJ625iF8gAHa4q2D/uavytjbMBKtVur60jhgnmV4f5/nw4MYWr+Mf43ivp9b/
xavt/NdME3tj9qRc9KUeKyc6gI95s/bZArgVPnNCbjT/fpnsJyMoKLGtEqLyS21A
+/r2aob8T0L+ixU+tGkRNY9W2YNBX82YUt7NVhv4XPTvZJW9pQcSnIm/lkkkHbFd
7/Cuw7lg2WYGognabf3lIqfhpKURnxYSg9J1HzejnsSo+IeUY0IfAtbfyJ1UhzQx
hnhsPd+gZ0HauII0EqDPLMb/PX+8Eoc4Ru0I3IDfF0JRYojt3plush5RL8TBCDT4
lOv568pBcIWXG2p93g8HYVzVLWCqBWh/SxZI9HwAo5lVEWc6jfc=
=Yb4C
-END PGP SIGNATURE End Message ---
___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] Bug#900066: marked as done (gitlab: 500 error on merge request creation)

2018-05-28 Thread Debian Bug Tracking System 
Your message dated Mon, 28 May 2018 21:17:10 +
with message-id 
and subject line Bug#900066: fixed in gitlab 8.13.11+dfsg1-8+deb9u3
has caused the Debian Bug report #900066,
regarding gitlab: 500 error on merge request creation
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
900066: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900066
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: gitlab
Version: 8.13.11+dfsg1-8+deb9u2
Severity: normal

   * What led up to the situation?
I upgraded to the latest security update (8.13.11+dfsg1-8+deb9u2) and 
rebooted the box.


   * What exactly did you do (or not do) that was effective (or 
ineffective)?


I tried creating a new merge request.

   * What was the outcome of this action?

Gitlab throws a 500 error "Whoops, something went wrong on our end." The 
merge request is indeed not created (it does not show up in the merge 
request list, which has other, previously created entries)


/var/log/gitlab/production.log shows the following error:

Processing by ProjectsController#autocomplete_sources as JSON
  Parameters: {"type"=>"MergeRequest", "namespace_id"=>"operations", 
"id"=>"ems"}

Completed 200 OK in 502ms (Views: 169.8ms | ActiveRecord: 53.2ms)
Started POST "/operations/ems/merge_requests" for [redacted ip address] 
at 2018-05-25 16:09:41 +0100

Processing by Projects::MergeRequestsController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"[redacted token]", 
"merge_request"=>{"title"=>"[redacted merge request title]", 
"description"=>"", "label_ids"=>[""], "force_remove_source_branch"=>"0", 
"lock_version"=>"0", "source_project_id"=>"1", 
"source_branch"=>"[redacted source git branch]", 
"target_project_id"=>"1", "target_branch"=>"master"}, 
"namespace_id"=>"operations", "project_id"=>"ems"}

Completed 500 Internal Server Error in 123ms (ActiveRecord: 13.2ms)

NameError (undefined local variable or method `source_project' for 
#

Did you mean?  @source_project):
  app/services/merge_requests/create_service.rb:6:in `execute'
  app/controllers/projects/merge_requests_controller.rb:254:in `create'
  lib/gitlab/request_profiler/middleware.rb:15:in `call'
  lib/gitlab/middleware/go.rb:16:in `call'


   * What outcome did you expect instead?

A merge request should have been created just fine. I should have been 
taken to the created merge request page instead of being shown an error 
page.



Earlier this morning before the upgrade, merge requests could be created 
just fine. The system is fully up to date.


I tried re-installing gitlab with apt-get install --reinstall gitlab. 
Rake tasks (which I assume were ran by the post-install script) 
pre-compiled a bunch of assets once again and validated my config and 
projects, but merge requests still can't be created.


Browsing projects/issues/other pages seem to work fine, although I 
haven't checked every possible action.


-- System Information:
Debian Release: 9.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-6-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)

Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gitlab depends on:
ii  adduser   3.115
ii  asciidoctor   1.5.4-2
ii  bc    1.06.95-9+b3
ii  bundler   1.13.6-2
ii  dbconfig-pgsql    2.0.8
ii  debconf [debconf-2.0] 1.5.61
ii  git   1:2.11.0-3+deb9u2
ii  gitlab-shell  3.6.6-4
ii  gitlab-workhorse  0.8.5+debian-3+b2
ii  init-system-helpers   1.48
ii  libjs-chartjs 1.0.2-1
ii  libjs-clipboard   1.4.2-1
ii  libjs-fuzzaldrin-plus 0.3.1+git.20161008.da2cb58+dfsg-4
ii  libjs-graphael    0.5+dfsg-1
ii  libjs-jquery-cookie   11-3
ii  libjs-jquery-history  11-3
ii  libjs-jquery-nicescroll   3.6.6-1
ii  lsb-base  9.20161125
ii  nginx 1.10.3-1+deb9u1
ii  nginx-full [nginx]    1.10.3-1+deb9u1
ii  nodejs    4.8.2~dfsg-1
ii  openssh-client    1:7.4p1-10+deb9u3
ii 

[DRE-maint] Bug#900066: gitlab: 500 error on merge request creation

2018-05-28 Thread Simon Vetter 

Thanks.

I applied the update earlier this morning and can confirm that the bug 
is fixed.


Cheers,

-Simon

--
Simon Vetter
Embedded Software Engineer - EDF store & forecast
Phone: +33 7 83 40 26 11

On 05/26/2018 03:36 PM, Salvatore Bonaccorso wrote:

Hi,

On Sat, May 26, 2018 at 06:25:40PM +0530, Pirate Praveen wrote:

On Saturday 26 May 2018 03:34 PM, Simon Vetter wrote:

Awesome, thank you for your prompt reply.

In the meantime and assuming the fix is in non-compiled code (i.e.
ruby), would you mind sharing a patch here so I can apply it and get
merge requests up and running again?

Sure, here is the patch.

https://salsa.debian.org/ruby-team/gitlab/commit/cfdebd5834791b9152dc32af10a63b8db6ddbab9

The regression update (DSA-4206-2) has been issued and the packages
available on the security mirrors.

Regards,
Salvatore


___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] Bug#900297: ruby-ethon: switch dependency to libcurl4

2018-05-28 Thread Emilio Pozuelo Monfort 
Package: ruby-ethon
Version: 0.9.0-1
Severity: serious
Tags: buster sid

Hi,

curl has bumped the SONAME to libcurl4 for the openssl 1.1 ABI.
Please update the dependency to libcurl4.

Note that Ubuntu has already done the switch and they had some
remarks wrt the ABI:

ruby-ethon (0.9.0-1ubuntu1) bionic; urgency=medium

  * Bump dependency from libcurl3 to libcurl4 for the openssl1.1 transition.
Note that this changes the ABI with respect to SSL_CTX objects;
consumers of ruby-ethon must now switch to using OpenSSL 1.1 objects
instead of OpenSSL 1.0 if they use curl_easy_setopt(SSL_CTX_FUNCTION).

 -- Steve Langasek   Thu, 01 Mar 2018 21:49:45 -0800

Cheers,
Emilio

___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] Processed: affects 900283

2018-05-28 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> affects 900283 security.debian.org,release.debian.org
Bug #900283 [redmine] Bug in redmine 3.3.1-4+deb9u1 CVE-2017-15569.patch
Added indication that 900283 affects security.debian.org and release.debian.org
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
900283: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900283
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] Bug#900283: Bug in redmine 3.3.1-4+deb9u1 CVE-2017-15569.patch

2018-05-28 Thread Frank Hebold 

Package: redmine
Version: 3.3.1-4+deb9u1


Dear Maintainers,

on Thu, 12 Apr 2018 11:33:06 -0300 Debian published a security update for 
Redmine in version 3.3.1.
This security update includes patch CVE-2017-15569.

https://sources.debian.org/patches/redmine/3.3.1-4+deb9u1/CVE-2017-15569.patch/

I write to report a bug with this patch. Custom fields with multiple values 
will not be put to a table correctly.
The way I found out was:
Create a tracker, that utilizes a custom field of type list or user and has 
multiple values allowed.
Create an issue, that has more then one value in that custom field. E.g. two 
users.
If I then do a query on my project, I get a HTTP-error 500 response and see the 
following in my logs:

-->8--
Completed 500 Internal Server Error in 442ms (ActiveRecord: 84.3ms)

ActionView::Template::Error (undefined local variable or method `item' for 
#<#:0x007f128233ed70>):
    28:   <% end %>
    29:   ">
    30:     <%= check_box_tag("ids[]", issue.id, 
false, :id => nil) %>
    31:     <% query.inline_columns.each do |column| %>
    32:     <%= content_tag('td', column_content(column, issue), :class => 
column.css_classes) %>
    33:     <% end %>
    34:   
  app/helpers/queries_helper.rb:132:in `block in column_content'
  app/helpers/queries_helper.rb:132:in `collect'
--8<--

Changing the word "item" to "issue" resolves this problem.

I'm using Debian 4.9.88-1 (2018-04-29) x86_64 GNU/Linux with kernel 
4.9.0-6-amd64 and libc6 2.24-11+deb9u3.

Please contact us if you have any further questions or would like to have more 
information.

Kind regards
Frank Hebold

--
Frank Hebold
Auszubildender zum Fachinformatiker (IHK)
HiperScan GmbH
Weißeritzstr. 3
01067 Dresden
Germany

phone +49 351 212 496 20
fax +49 351 212 496 99
mailto: frank.heb...@hiperscan.com
www.hiperscan.com
www.apo-ident.de

HiperScan GmbH, Dresden
commercial register number HRB 24683
local court Dresden
CEOs: Dr. Alexander Wolter, Michael Thoma

___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] ruby-unf-ext_0.0.7.4-1~bpo9+1_amd64.changes is NEW

2018-05-28 Thread Debian FTP Masters 
binary:ruby-unf-ext is NEW.
binary:ruby-unf-ext is NEW.
source:ruby-unf-ext is NEW.

Your package has been put into the NEW queue, which requires manual action
from the ftpteam to process. The upload was otherwise valid (it had a good
OpenPGP signature and file hashes are valid), so please be patient.

Packages are routinely processed through to the archive, and do feel
free to browse the NEW queue[1].

If there is an issue with the upload, you will receive an email from a
member of the ftpteam.

If you have any questions, you may reply to this email.

[1]: https://ftp-master.debian.org/new.html
 or https://ftp-master.debian.org/backports-new.html for *-backports

___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] Processing of ruby-unf-ext_0.0.7.4-1~bpo9+1_amd64.changes

2018-05-28 Thread Debian FTP Masters 
ruby-unf-ext_0.0.7.4-1~bpo9+1_amd64.changes uploaded successfully to localhost
along with the files:
  ruby-unf-ext_0.0.7.4-1~bpo9+1.dsc
  ruby-unf-ext_0.0.7.4.orig.tar.gz
  ruby-unf-ext_0.0.7.4-1~bpo9+1.debian.tar.xz
  ruby-unf-ext-dbgsym_0.0.7.4-1~bpo9+1_amd64.deb
  ruby-unf-ext_0.0.7.4-1~bpo9+1_amd64.buildinfo
  ruby-unf-ext_0.0.7.4-1~bpo9+1_amd64.deb

Greetings,

Your Debian queue daemon (running on host usper.debian.org)

___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] ruby-omniauth-auth0_2.0.0-0+deb9u1_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

2018-05-28 Thread Debian FTP Masters 


Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 06 May 2018 14:55:04 +0530
Source: ruby-omniauth-auth0
Binary: ruby-omniauth-auth0
Architecture: source all
Version: 2.0.0-0+deb9u1
Distribution: stretch-security
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers 

Changed-By: Pirate Praveen 
Description:
 ruby-omniauth-auth0 - Omniauth OAuth2 strategy for the Auth0 platform
Changes:
 ruby-omniauth-auth0 (2.0.0-0+deb9u1) stretch-security; urgency=medium
 .
   * New upstream release (required for gitlab security update/CVE-2018-8971)
Checksums-Sha1:
 1eef3bf03168cecece2be4aaeb9ce5bfe311b856 2244 
ruby-omniauth-auth0_2.0.0-0+deb9u1.dsc
 82e51e5536f9588296f0ab8e9be58a70ac77b6c7 8281 
ruby-omniauth-auth0_2.0.0.orig.tar.gz
 377f350714245746b30d1f57620dd70463af0f1a 2304 
ruby-omniauth-auth0_2.0.0-0+deb9u1.debian.tar.xz
 e9f38e6aa27abe81331065039eae93bea9eecd4b 6854 
ruby-omniauth-auth0_2.0.0-0+deb9u1_all.deb
 40e8840d01ad7b020e11d75a5b759dbadd209e33 9302 
ruby-omniauth-auth0_2.0.0-0+deb9u1_amd64.buildinfo
Checksums-Sha256:
 febc65bf0370b19a248579a82fa70e03dd643766d92bdf648a07414d645ff815 2244 
ruby-omniauth-auth0_2.0.0-0+deb9u1.dsc
 28179d319c59467c4d4679df210b600619fb2b1c0a15f010902d6da004d1052c 8281 
ruby-omniauth-auth0_2.0.0.orig.tar.gz
 040a5686db70cd59622a7c09d12bf268e843a98081ec85895c87fb4d0f453d23 2304 
ruby-omniauth-auth0_2.0.0-0+deb9u1.debian.tar.xz
 1270a2e2d671f773b5c79369a6a918018625383c3282f175a4a9495d8b9c4810 6854 
ruby-omniauth-auth0_2.0.0-0+deb9u1_all.deb
 38d7673fdc03b9190ece19b4f882a0b6ff2fba73ce947105411bcb861db70a4d 9302 
ruby-omniauth-auth0_2.0.0-0+deb9u1_amd64.buildinfo
Files:
 a8a7bca23a94cc48c8e42fdf48896ace 2244 ruby optional 
ruby-omniauth-auth0_2.0.0-0+deb9u1.dsc
 f93bb89ccabbc8c415d397bc4420f123 8281 ruby optional 
ruby-omniauth-auth0_2.0.0.orig.tar.gz
 3d685675ea2617090824730cd6fc6bbe 2304 ruby optional 
ruby-omniauth-auth0_2.0.0-0+deb9u1.debian.tar.xz
 8ca16cd50ca62880793a1fd29fc4f2dd 6854 ruby optional 
ruby-omniauth-auth0_2.0.0-0+deb9u1_all.deb
 71fa43dab71cf3c86c74033b34211579 9302 ruby optional 
ruby-omniauth-auth0_2.0.0-0+deb9u1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlr/45MACgkQzh+cZ0US
wip/rA/+McYvrPiHh7kTyQcJQr4lsFA9bIPqHzzyTIHKJj4RoY+c1sKlJjVISQFq
1rPwJU3xH+kCFbl2/dLwRP+9pR6Yffi4tz/JAW+Rc//1vqm0a3svvaJGuxJFjgyF
WOzH7O42bz3pF9lVuElFdQ76Ckbns4NW+KGwNR+TdIV1nCd7ISvtOt8ZaKmCfOgo
ex+lq5kAeuje2v3d+5AxbQ3lMn6T8GsFzBhcz+80s3O6VChpksgFJo44wlH2G/Iv
ik1yjwfYsiUy/7Gm07efaOY1YDpQnnJ8dLmPXfzu0iYnK5fJ83qohROeVpV+ttse
cCbvUeA9ywHldFgzaV1vAV0Os+AhCAzWVFrIH5YTjfcwizxo6v3f39dzRZ8Gdab1
Za6C7NeUNudXKcHdYNT7m698KhLlUq6kf7KwXruZc/VKrOHxM+sZp+pFWVm1JrTY
JAtqt9OPNpBk+15lCBbKGCK4oq0kgoKpGojcdTuQERVNxX1jATB0usPK0fhkndWO
zn/KqHcj5PTqsKeG3ID8YyACroo19hd0dM7d28zsvYS6Wvx6eWCfDR2iiSUhB/dD
W1gyW8YuO7JLtBsC8NhOHEHfNKiTtD+HVyO7BTnZAOMRDGelzmBr3xBQoJlqAiCs
+R6NvSQgy2tsxJEnThk4SPrNnqMJoYVjPOTpaqyD1tEkL1L3kTY=
=cZg6
-END PGP SIGNATURE-


Thank you for your contribution to Debian.

___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] ruby-seed-fu_2.3.7-1~bpo9+1_amd64.changes REJECTED

2018-05-28 Thread Debian FTP Masters 

ruby-seed-fu_2.3.7.orig.tar.gz: Does not match file already existing in the 
pool.


binary:ruby-seed-fu is NEW.
binary:ruby-seed-fu is NEW.
source:ruby-seed-fu is NEW.

===

Please feel free to respond to this email if you don't understand why
your files were rejected, or if you upload new files which address our
concerns.


___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers

[DRE-maint] Processing of ruby-seed-fu_2.3.7-1~bpo9+1_amd64.changes

2018-05-28 Thread Debian FTP Masters 
ruby-seed-fu_2.3.7-1~bpo9+1_amd64.changes uploaded successfully to localhost
along with the files:
  ruby-seed-fu_2.3.7-1~bpo9+1.dsc
  ruby-seed-fu_2.3.7.orig.tar.gz
  ruby-seed-fu_2.3.7-1~bpo9+1.debian.tar.xz
  ruby-seed-fu_2.3.7-1~bpo9+1_all.deb
  ruby-seed-fu_2.3.7-1~bpo9+1_amd64.buildinfo

Greetings,

Your Debian queue daemon (running on host usper.debian.org)

___
Pkg-ruby-extras-maintainers mailing list
Pkg-ruby-extras-maintainers@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers