Hello,
On Mon, Dec 25 2017, Russ Allbery wrote:
> Seconded the above change and with or without the wording change
> discussed in the other part of this thread.
Thank you for your review.
Here is the current diff awaiting a final second:
diff --git a/policy/ch-relationships.rst
Package: ftp.debian.org
Severity: normal
Hi,
please remove zoo. It's orphaned without a new maintainer for three
years now, dead upstream (last release from 1993) and has open
security issues (#774453, #774032). There's a couple of Suggests:
against the package, I'll file bugs to drop them once
Hello,
On Mon, Dec 25 2017, Russ Allbery wrote:
> commit e0759206c2960f3fd6427583f10c4f87b39b152e (HEAD ->
> bug885219-rra) Author: Russ Allbery Date: Mon Dec 25
> 18:06:25 2017
>
> Allow libc to install files in /lib64
>
> diff --git a/policy/ch-opersys.rst
Package: texlive-latex-extra
Version: 2016.20170123-5
Severity: normal
Dear Maintainer,
it appears that CTAN package wordcount is only distributed
partially: the tex file is distributed, but not the script.
hth,
Jerome
-- Package-specific info:
IMPORTANT INFORMATION: We will
Package: imagemagick
Severity: important
Tags: security
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17504:
https://github.com/ImageMagick/ImageMagick/issues/872
ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/ce3a586a43a7d13442587eb7f28d129557b6a135
ImageMagick-7:
I wonder if we can achieve the same by using apt pinning (man
apt_preferences), for e.g. writing a file to /etc/apt/preferences.d/.
--
regards Thomas
Package: imagemagick
Version: 8:6.9.7.4+dfsg-16
Severity: important
Tags: security
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17499:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3=33078=5fbb164c3830293138917f9b14264ed1
ImageMagick-7:
Source: undertow
Severity: important
Tags: security
The only source here is a report in Red Hat Bugzilla, so might be worth
contacting
upstream for additional information:
https://bugzilla.redhat.com/show_bug.cgi?id=1490301
Cheers,
Moritz
On 2017-12-26 Robert Stephan wrote:
> Package: hugin
> Version: 2017.0.0+dfsg-1
> Priority: optional
> Section: graphics
> When trying to change in Menu Interface to Advanced or Expert Hugin crashes
> and report :
> /usr/include/wx-3.0/wx/object.h(160):
Re: Russ Allbery 2017-12-26 <87wp1as3na@hope.eyrie.org>
> 1. Status quo: there is an undocumented editor virtual package, Policy
>says that nothing has to provide or depend on it, and some random
>collection of editors provide it. I think this is a bad place to be,
>so I would
Package: wnpp
Severity: wishlist
Owner: Francesco P. Lovergine
* Package name: libdoxygen-filter-perl
Version : 1.7.2
Upstream Author : Bret Jordan <>
* URL : https://github.com/jordan2175/doxygen-filter-perl
* License : Apache 2.0
Package: sponsorship-requests
Severity: normal
Dear mentors,
I am once again looking for a sponsor for an NMU of the package "freetype".
This version addresses concerns raised by Adam Borowski and Gianfranco
Costamagna,
and removes the arch-dependent libdir output instead of freetype-config
tags 877163 - moreinfo
thanks
On Sat, Nov 18, 2017 at 07:27:54PM -0500, Scott Kitterman wrote:
> Checking reverse dependencies...
> # Broken Build-Depends:
> ngspice/non-free: elyxer
>
> That'll have to be dealt with first.
Took some time, but now it's finally done for i386 and amd64 with
the
Hi Steve,
I've revised my NMU in response to feedback from Adam Borowski and Gianfranco
Costamagna.
This version far less invasive.
Hugh
freetype2.debdiff
Description: freetype2.debdiff
Control: tags -1 +pending
Le mardi, 26 décembre 2017, 09.54:49 h CET Paul Wise a écrit :
> The recent upgrade did not deal with obsolete conffiles properly.
> Please use the dpkg-maintscript-helper support provided by
> dh_installdeb to remove these obsolete conffiles on upgrade.
Oh, good catch,
Hi,
On Tue, Dec 26, 2017 at 12:23:28PM +0100, Carsten Schoenert wrote:
> Hello Guido and intrigeri,
>
> On Mon, Dec 25, 2017 at 11:34:08AM +0100, Guido Günther wrote:
>
> > Since we want to establish a lower bound for fixed versions (those that
> > ship the symlink) it's probably better written
> Reason for Severity=serious: This leaves /var (or other
> filesystems) in an unclean state, so could possibly lead to
> data loss!
Please tell me why this would be serious: any filesystem from this millenium
can handle unclean shutdown fine -- especially if there's a sync before
Hello Guido and intrigeri,
On Mon, Dec 25, 2017 at 11:34:08AM +0100, Guido Günther wrote:
> Since we want to establish a lower bound for fixed versions (those that
> ship the symlink) it's probably better written as:
>
>
> if test -n "$2" && dpkg --compare-versions "$2" gt
In data martedì 26 dicembre 2017 13:00:02 CET, Vincas Dargis ha scritto:
> VLC 3.0.0 entered Testing, and Dragon and Amarok started to crash.
>
> Could it have been possible to kinda stop VLC upload because some
> depended packages breaks? That would be nice in this case.
The fixed phonon-vlc
On Mon, Dec 25, 2017 at 09:26:58PM +0100, Ludovico Cavedon wrote:
> - #866721 and #866719, which are securirity-related issues. Do you want
> me to reach out to the security team about these first?
Those are marked no-dsa for quite a while, so not needed.
Cheers,
Moritz
On Tue, Dec 26, 2017 at 09:01:47AM +0100, Gudjon I. Gudjonsson wrote:
> Hi Sven
>
> > bi-directional sat link.) Though I'm not 100% sure if the {xhtml,png}
> > stuff is POSIX sh compatible.
> You are right, it fails when sbuilding.
>
> The package is finally uploaded without any elyxer
tags 773613 + patch
thanks
Hi Jeremy,
while I understand your reason, the way you are handling this is rather
rude. If you want to remove a package, the nice way is to file
"important" bugs early and rise the severity at some point, some months
later. Or are you planning to fix the apps from the gpsd-clients package
very
The below seems to be the minimal patch to enable compilation with
nettle-3.4 (and breaking support for earlier nettle versions in the
process). Something more elaborate based on NETTLE_VERSION_MAJOR,
NETTLE_VERSION_MINOR is possible, but I'm not sure it's needed.
Regards,
/Niels
diff --git
VLC 3.0.0 entered Testing, and Dragon and Amarok started to crash.
Could it have been possible to kinda stop VLC upload because some depended
packages breaks? That would be nice in this case.
Package: sponsorship-requests
Severity: normal
Dear mentors,
I am looking for a sponsor for my package "kildclient". This version
fixes a minimal impact CVE bug (that was considered as not needing a DSA
by the security team)
* Package name: kildclient
Version : 3.2.0-1
Control: retitle -1 pokemmo/1.4.3-1 [ITP] -- Multiplayer online game based on
the Pokemon universe
Control: tags -1 wontfix
Control: block 884576 by -1
Hallo Carlos,
Here's a review:
- I'm confused about the claimed license:
Hello again,
Here is the dmidecode, attached.
Best regards,
--
Alexandre ANRIOT
# dmidecode 3.0
Getting SMBIOS data from sysfs.
SMBIOS 2.8 present.
81 structures occupying 3577 bytes.
Table at 0x7AF09000.
Handle 0xDA00, DMI type 218, 11 bytes
OEM-specific Type
Header and Data:
tags 812429 + moreinfo
thanks
> I get the warning "W: bitz-server source: dbg-package-missing-depends
> libicap0-dbg" on an this package:
Do you still consider this to be a problem now that we have
automatic debug packages in general (ignoring the specific case
of bitz-server)?
Regards,
--
tags 637473 + pending
thanks
Fixed in Git:
https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=3c5ee5b2b146c6ff39deac5129e032eed15c0534
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Package: abiword
Version: 3.0.2-2+deb9u1
Severity: important
Dear Maintainer,
if I install abiword, it does not work:
apt install abiword
abiword
... does not run. Complains about missing libraries (swrast_dri.so)
To fix this, I installed manually:
apt install libgl1-mesa-dri
The package
Package: libvirt-daemon
Version: 3.10.0-1
Severity: normal
Dear Maintainer,
I always had problems with iSCSI storage and virt-manager / libvirt.
I have storage pool, which are not auto-started, because I dont't use
them everytime.
There is :
- an iSCSI storage pool
- a LVM storage pool, based
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Hello,
I want to upload a fix for bug #884582. The search breaks, if there is a
password protected file in the directory.
I did a new upstream version in sid, which only contains
tags 885327 + pending
thanks
Fixed in Git:
https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=b9b7f4d95fb3ecf21e2ed175dcfd7eff3980a06b
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Package: ftp.debian.org
Severity: normal
Hi,
the new version of src:kdepim-runtime requires QtWebEngine, which so
far is ported to a limited number of architectures. Hence, please
remove the binaries of kdepim-runtime on the other architectures.
Thanks,
--
Pino
PS: #631081 has a word about this, which makes sense:
> - we obviously don't want to drop LANG and LC_* because we want the user
> to use his native language parameters
So here's my proposed patch:
#!/bin/sh
set -e
-if dpkg-divert --list | grep -q "/usr/bin/pidgin.orig by pidgin-sipe"
+if
In data lunedì 25 dicembre 2017 19:53:04 CET, David Baron ha scritto:
> Package: kmail
> Version: 4:17.08.3-1
> Severity: important
>
> --- Please enter the report below this line. ---
> Message content window (displayed below list) is blacked out. Seems not to
> display at all along side.
Do
Package: pidgin-sipe
Version: 1.23.0-2
Severity: normal
Hi,
The postinst script didn't do what it was supposed to do,
and "dpkg-reconfigure pidgin-sipe" or
"aptitude reinstall pidgin-sipe" didn't helped either.
#if dpkg-divert --list | grep -q "/usr/bin/pidgin.orig by pidgin-sipe"
I guess this
In data sabato 9 dicembre 2017 23:48:10 CET, Pino Toscano ha scritto:
> In data venerdì 8 dicembre 2017 19:53:03 CET, Emilio Pozuelo Monfort ha
> scritto:
> > On 05/12/17 22:03, Pino Toscano wrote:
> > > Package: release.debian.org
> > > Severity: normal
> > > User:
The libnftables library will be included in the upstream nftables
source tarball.
In data martedì 12 dicembre 2017 11:07:54 CET, Emilio Pozuelo Monfort ha
scritto:
> On 09/12/17 23:46, Pino Toscano wrote:
> > In data venerdì 8 dicembre 2017 19:52:13 CET, Emilio Pozuelo Monfort ha
> > scritto:
> >> On 05/12/17 21:57, Pino Toscano wrote:
> >>> Package: release.debian.org
> >>>
Package: reportbug
Version: 7.1.7
Severity: normal
Dear Maintainer,
I tried to start reportbugi from ui (xfce) but unfortunatelly it doesn't start
as
expected
-- Package-specific info:
** Environment settings:
INTERFACE="text"
** /home/kdiam/.reportbugrc:
reportbug_version "7.1.7"
mode novice
Package: libsikulixapi-java
Version: 1.1.1-7
Severity: serious
Hi,
This dependency is not binNMU safe:
Package: libsikulixapi-java
Depends: libsikulixapi-jni (>= 1.1.1-7), libsikulixapi-jni (<< 1.1.1-7+)
but due to a binNMU we have:
libsikulixapi-jni | 1.1.1-7 | testing| amd64,
Package: lintian
Version: 2.5.65
Severity: wishlist
X-Debbugs-CC: reproducible-bui...@lists.alioth.debian.org
Hi,
Please warn about packages that ship Python .doctree files.
They are not needed to display the documentation and contain the
absolute build path, thus affecting reproducibility.
Hello,
For the record, I get a similar behaviour with a USB key (using
"debian-8.10.0-amd64-netinst.iso").
I get a black screen after Grub, with no information nor message displayed.
Best regards,
--
Alexandre ANRIOT
Chris Lamb wrote:
> flask-peewee: please make the build reproducible
Updated patch attached that calls dh_auto_clean in the overridden
target (!).
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
--- a/debian/rules
2017-10-12 23:44 GMT+02:00 Sebastian Andrzej Siewior <
sebast...@breakpoint.cc>:
> Hi,
>
> this is a remainder about the openssl transition [0]. We really want to
> remove libssl1.0-dev from unstable for Buster. I will raise the severity
> of this bug to serious in a month. Please react before
Source: flask-peewee
Version: 0.6.7-1
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: buildpath
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
Hi,
Whilst working on the Reproducible Builds effort [0], we noticed
that flask-peewee could not be
Control: tags -1 confirmed
On 25/12/17 18:11, László Böszörményi (GCS) wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: transition
>
> Hi RMs,
>
> libsodium had to change the soname with 1.0.15 due to an API break by
> the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
tags 863741 + moreinfo
severity 863741 normal
thanks
Hello Martin,
thank you for spending your time helping to make Debian better with
this bug report.
Please can you test the release 3.26.2-1 if the error is still present.
Many thanks
CU
Hello Svante,
On Sat, Dec 23, 2017 at 7:41 PM, Svante Signell
wrote:
> Hello,
>
> These patches was submitted to Debian November 13 2017. Nothing has
> happened so far, so maybe upstream would be interested to consider the
> patches for next release.
I would like to
Hi,
Have made changes in
/etc/security/limits.d/core_dump.conf
then set path to save code dumps into /tmp
vniiem@sim-ng-data /tmp % /sbin/sysctl -a -r kernel.core
kernel.core_pattern = /tmp/core.%e.%p.%t
kernel.core_pipe_limit = 0
kernel.core_uses_pid = 0
Then relogin and reinstall proftpd,
Package: libfreetype6-dev
Version: 2.8.1-0.1
Severity: important
Dear Maintainer,
freetype-config does not contain any calls to pkg-config,
despite it supporting that logic (see the 'if' block).
Looking in the source, autoconf substitues %PKG_CONFIG%
at compile-time, but freetype-config only
On Mon, Dec 25, 2017 at 08:23:55PM -0600, Simon Quigley wrote:
> Tonight or tomorrow I'll get this ready for a review (I don't have
> upload access to Debian so I'll need someone to review/sponsor).
Great! Just let me know when it’s ready, I’ll be happy to sponsor you.
--
⢀⣴⠾⠻⢶⣦⠀ Sébastien
Package: wnpp
Severity: wishlist
Owner: Pirate Praveen
X-Debbugs-CC: debian-de...@lists.debian.org
* Package name: node-decode-uri-component
Version : 0.2.0
Upstream Author : Sam Verschueren
(github.com/SamVerschueren)
* URL
Package: sponsorship-requests
Severity: normal [important for RC bugs, wishlist for new packages]
Dear mentors,
I am looking for a sponsor for my package "ngspice"
* Package name: ngspice
Version : 27-1
Upstream Author : [fill in name and email of upstream]
* URL
Hi Sven
> bi-directional sat link.) Though I'm not 100% sure if the {xhtml,png}
> stuff is POSIX sh compatible.
You are right, it fails when sbuilding.
The package is finally uploaded without any elyxer dependency. Thanks a lot for
your help.
Regards
Gudjon
201 - 257 of 257 matches
Mail list logo