This is already fixed in unstable, waiting for pacemaker to migrate.
For example in my case gsd-rfkill was necessary for enabling the
Bluetooth settings in gnome-control-center. It is also provided by
/usr/lib/systemd/user/gnome-session@gnome-flashback-metacity.target.d
(for xmonad 0.17.1-1 in Debian bookworm).
--
Feri.
On Sun, 11 Feb 2024 13:11:51 +0100 Holger Wansing wrote:
> Ferenc Wágner wrote (Mon, 26 Jun 2023 12:27:49 +0200):
>
>> This issue was fixed in 1.178ubuntu12, as detailed at
>> https://bugs.launchpad.net/ubuntu/+source/console-setup/+bug/1824227
>> Please consider tak
2023-12-06 19:00 időpontban Andreas Metzler ezt írta:
On 2023-12-06 Chris Hofstaedtler wrote:
[...]
Are there any blockers, or could this move forward?
I expect all other packages will have fixes in unstable on December
10th, and then I would like to continue with the next steps for the
Hi,
I finally managed to get back to this and arrived at the patch bundle
below. The first patch fixes the actual problem for me, the second one
aligns the corresponding debug logs (which aren't enabled in the current
build, but were useful during debugging), and the third one fixes a
On Mon, 25 Jan 2021 17:45:29 +0100 Johannes Schauer Marin Rodrigues
wrote:
> The problem is, that when you combine --source-only-changes with --keyid, then
> debsign will be run twice (once for the normal changes file and once for the
> source-only changes file) and both times with --re-sign.
On Tue, 19 Sep 2023 23:33:28 +0200 Bastian Germann wrote:
> Version: 2.0.1-1
Hi Bastian,
pngquant 2.0.1-1 seems to have Nelson in its Uploaders field[1], that
line was removed by 862d6537026411d378b8a8be6c578b43b8e9fcd0 and
uploaded in 2.13.1-1. Did you mistype the version or did you mean to
Package: man-db
Version: 2.10.2-1
Severity: normal
Tags: upstream
Dear Maintainer,
I experienced this on an Ubuntu jammy system, but the current Debian
unstable version is probably affected as well (based on the sources
available on salsa.debian.org).
Please consider these logs:
05:29:32 hn
Roberto Lumbreras writes:
> timeout is defined as "struct timeval":
>
>struct timeval {
>time_t tv_sec; /* Seconds */
>suseconds_t tv_usec; /* Microseconds */
>};
>
> timeout.tv_used is suseconds_t == time_t == int, so I can't understand
> why
Package: slirp
Severity: important
Tags: patch upstream
Dear Maintainer,
When trying to use slirp with user-mode-linux (eth0=slirp) under Debian
bookworm (amd64), I noticed that as soon as I up the virtual interface,
slirp prints its usual banner and immediately exits with status 1. The
slirp
Florent Carli writes:
> I could not reproduce with the packages you mentionned, so it's a good sign
Hi,
Pacemaker 2.1.5-1+deb12u1 is already available in the
bookworm-proposed-updates archive. It also contains the two other
patches Ken mentioned [1], please give it some testing if you can.
"Adam D. Barratt" writes:
> Assuming that all of the changes are in unstable (or not required
> there), please go ahead.
Hi Adam,
All three patches are cherry-picks (although one required manual
backporting) from 2.1.6, which is already in testing.
Source-only upload done, hope it's all right.
Control: tag -1 - confirmed
Jonathan Wiltshire writes:
> On Wed, Jul 05, 2023 at 07:14:09PM +0200, Ferenc Wágner wrote:
>
>> Shortly after the release of bookworm we got a report that Pacemaker
>> regressed in certain migration scenarios when compared to the bullseye
>
)
+
+ -- Ferenc Wágner Sun, 02 Jul 2023 21:39:59 +0200
+
pacemaker (2.1.5-1) unstable; urgency=medium
* [5792d59] Work around lazy loading of GitHub release pages in watch file
diff -Nru pacemaker-2.1.5/debian/gbp.conf pacemaker-2.1.5/debian/gbp.conf
--- pacemaker-2.1.5/debian/gbp.conf 2023
Hi,
I've pushed the proposed backported fix to
https://salsa.debian.org/ha-team/pacemaker/-/commits/wferi/debian/bookworm/,
it would be great if you could test it. You can download the build
artifacts from https://salsa.debian.org/ha-team/pacemaker/-/pipelines/547159
if you don't want to build
Package: pacemaker
Version: 2.1.5-1
Severity: important
Tags: patch
As reported on the mailing list by Florent Carli
https://alioth-lists.debian.net/pipermail/debian-ha-maintainers/2023-June/008761.html:
I encountered a regression with pacemaker when upgrading from debian
bullseye to bookworm.
Control: tag + patch
Hi,
This issue was fixed in 1.178ubuntu12, as detailed at
https://bugs.launchpad.net/ubuntu/+source/console-setup/+bug/1824227
Please consider taking over the fix.
--
Thanks,
Feri.
Source: xmltooling
Severity: important
Tags: patch upstream security
Shibboleth Service Provider Security Advisory [12 June 2023]
An updated version of the XMLTooling library that is part of the
OpenSAML and Shibboleth Service Provider software is now available
which corrects a server-side
Cyril Brulebois writes:
> I'm implying that installation images produced by debian-cd (and available
> on cdimage.d.o) should have firmware packages available and ready to deploy,
> and should do that automatically; while netboot images (produced by the
> debian-installer build system) don't,
Cyril Brulebois writes:
> Ferenc Wágner (2023-05-22):
>> Cyril Brulebois writes:
>> > Which installer did you use?
>>
>> Its lsb-release says:
>>
>> DISTRIB_ID=Debian
>> DISTRIB_DESCRIPTION="Debian GNU/Linux installer"
&g
Cyril Brulebois writes:
> Ferenc Wágner (2023-05-22):
>
>> I had a similar experience with a desktop system containing a Radeon
>> RX470 graphics card. The text-based installation went all right and
>> then even the Gnome desktop opened after reboot, but it ran in
Hi,
I had a similar experience with a desktop system containing a Radeon
RX470 graphics card. The text-based installation went all right and
then even the Gnome desktop opened after reboot, but it ran in a
low-resolution mode until I manually installed firmware-amd-graphics
(the
b...@debian.org writes:
> cxxtest has historically a limitation with
> TS_ASSERT_EQUALS/TS_ASSERT_DIFFERS, which validates the following test:
>
> char str[] = "toto";
> char* str2 = strdup(str);
> TS_ASSERT_EQUALS(str, str2);
> TS_ASSERT_DIFFERS(str, str2);
>
> With the new Git
Package: socat
Version: 1.7.4.1-3
Severity: wishlist
Dear Maintainer,
The buildd logs show lots of skipped tests, for example:
test 43 LISTEN_PF_IP4: pf=4 overrides option -6 on listen... TCP4 not available
test 44 LISTEN_PF_IP6: pf=6 overrides option -4 on listen... TCP4 not available
These
Package: lvm2
Version: 2.03.11-2.1
Severity: normal
Dear Maintainer,
The lvmautoactivation(7) man page is missing from the lvm2 binary
package. Please consider looking for other possible omissions as well.
--
Thanks,
Feri.
Ferenc Wágner writes:
> Sebastian Ramacher writes:
>
>> ACK, please go ahead.
>
> Great, shibboleth-sp was uploaded and is already fully green in the
> transition tracker. Please schedule the binNMUs for
> shibboleth-resolver.
Hi,
The transition tracker is alrea
Sebastian Ramacher writes:
> ACK, please go ahead.
Great, shibboleth-sp was uploaded and is already fully green in the
transition tracker. Please schedule the binNMUs for
shibboleth-resolver.
--
Thanks,
Feri.
control: tags -1 - moreinfo
Sebastian Ramacher writes:
> On 2023-01-24 17:17:36 +0100, Ferenc Wágner wrote:
>
>> Package: release.debian.org
>> Severity: normal
>> User: release.debian@packages.debian.org
>> Usertags: transition
>>
>> When reporti
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
When reporting #1028286 (transition: xml-security-c) I totally missed
that one of the mentioned planned upper layer uploads is the
shibboleth-sp 3.3 -> 3.4 upgrade,
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
In a recent message [1] Shibboleth upstream strongly recommended
building xml-security-c without Xalan support to reduce the attack
surface of Shibboleth
"Adam D. Barratt" writes:
> I'm not hugely happy that this has ended up not being in stretch, to
> be quite honest.
Agreed. I was pushing for it in vain, unfortunately.
> We're in the process of organising the final point release for buster,
> as support for it moves over to the LTS team, so
Wow... Thanks, Guido! :)
--
Best regards,
Feri
Hi Guido!
Hope you're doing fine. Have you got any plans for the next GBP PyPI
release yet? I understand there're only two patches committed since
0.9.27 and I don't want to hurry you, just need to plan an immediate way
forward, because this bug breaks our automated workflow. "Don't expect
Sebastian Andrzej Siewior writes:
> Your package is failing to build using OpenSSL 3.0 with the
> following error:
>
> | make[5]: Entering directory '/<>/xmltoolingtest'
> | ../build-aux/test-driver: line 112: 1662259 Segmentation fault "$@" >>
> "$log_file" 2>&1
> | FAIL: xmltoolingtest
Package: cxxtest
Version: 4.4+git171022-2
Dear Maintainer,
# apt install cxxtest
[...]
Setting up python3.9 (3.9.7-4) ...
Setting up python3 (3.9.2-3) ...
running python rtupdate hooks for python3.9...
/usr/share/cxxtest/cxxtest/cxx_parser.py:2090: SyntaxWarning: "is" with a
literal. Did you
Package: debhelper
Version: 13.5.2
Severity: normal
Dear Maintainer,
If some upstream install procedure places service files under
/usr/lib/systemd/system, dh_installsystemd won't notice those in
debian/tmp during package build, thus such units won't be enabled and
started on the installation of
deb9u1 in
+stretch added the new file /usr/lib/ocf/resource.d/pacemaker/ifspeed to
+pacemaker, while it resides in pacemaker-resource-agents in buster.
+(Closes: #985173)
+
+ -- Ferenc Wágner Sun, 28 Mar 2021 03:21:46 +0200
+
pacemaker (2.0.1-5+deb10u1) buster-security; urgenc
results in a potential denial of service condition exploitable by
+a remote, unauthenticated attacker.
+Thanks to Scott Cantor (Closes: #987608)
+ * [3a6ac33] Refresh our patches
+
+ -- Ferenc Wágner Tue, 27 Apr 2021 12:11:06 +0200
+
shibboleth-sp (3.2.1+dfsg1-1) unstable; urgency=high
Source: shibboleth-sp
Version: 3.0.2+dfsg1-1
Severity: important
Tags: upstream patch security
Forwarded: https://issues.shibboleth.net/jira/browse/SSPCPP-927
Shibboleth Service Provider Security Advisory [26 April 2021]
An updated version of the Service Provider software is now
available which
Package: corosync
Version: 3.1.0-3
Severity: normal
Tags: patch upstream
Forwarded: https://github.com/corosync/corosync/issues/630
As reported by Lukey3332:
Sometimes corosync crashes at startup, but only if compression is enabled.
Distribution: Debian Bullseye
Corosync version:
Corosync
100
+++ shibboleth-sp-3.2.1+dfsg1/debian/changelog 2021-03-17 14:29:08.0
+0100
@@ -1,3 +1,12 @@
+shibboleth-sp (3.2.1+dfsg1-1) unstable; urgency=high
+
+ * [4ecfe4a] New upstream release: 3.2.1
+High urgency because it contains the fix for the phishing vulnerability
+https://shibbolet
Source: piuparts
Severity: minor
Dear Maintainer,
https://manpages.debian.org/unstable/piuparts/piuparts.1.en.html says:
> --scriptsdir*='DIR'::
> Directory where are custom scripts are placed. By default, this is
> not set. For more information about this, read README_server.txt
However,
Package: src:shibboleth-sp
Version: 3.0.2+dfsg1-1
Severity: important
Tags: upstream patch security
Forwarded: https://issues.shibboleth.net/jira/browse/SSPCPP-922
Shibboleth Service Provider Security Advisory [17 March 2021]
An updated version of the Service Provider software is available
which
Package: openssh-server
Version: 1:8.4p1-4
Severity: minor
Dear Maintainer,
I installed openssh-server in an autopkgtest VM for debugging. It works
fine, but pollutes the logs with red messages like
sshd[2122]: pam_env(sshd:session): Unable to open env file:
/etc/default/locale: No such file
+0100
@@ -1,3 +1,11 @@
+libqb (2.0.3-1) unstable; urgency=medium
+
+ * [f0b428b] New upstream release (2.0.3)
+ * [ff0eed7] Delete upstream patch, refresh the rest
+ * [bee0959] Acknowledge new symbols
+
+ -- Ferenc Wágner Thu, 04 Mar 2021 06:11:31 +0100
+
libqb (2.0.2-1) unstable; urgency=medium
Package: lintian
Version: 2.15.0
Severity: normal
Dear Maintainer,
The tag info for package-installs-apt-sources states that "packages
whose names end in -apt-source or -archive-keyring are permitted to
install such files. However, only the first suffix is exempted by the
code. I don't know
Source: net-snmp
Severity: wishlist
Dear Maintainer,
Net-SNMP has systemd integration support, including socket activation,
which would be very handy for letting snmptrapd run without root
privileges and even CAP_NET_BIND_SERVICE. It would also enable getting
rid of the conditional and
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
The recent 3.2 release of the Shibboleth SP is a minor release, but due
to the internal structure of the stack it entails the usual three
transitions for xmltooling,
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
I'd like to transition to libqb version 2. The dependency list is
fairly short, and mostly contains packages under the HA Team umbrella.
The only breakage is caused
Package: debhelper
Version: 12.1.1
Severity: minor
Dear Maintainer,
I was surprised that a daemon start failure during install did not stop
dpkg from exiting with a successful exit status. After much digging I
found https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766194#22, which
explains the
Package: lintian
Version: 2.96.0
Severity: normal
Dear Maintainer,
SNMP MIB files are generally /usr/share/snmp/mibs/*.txt, though
these text files aren't documentation. Please make them exempt
from package-contains-documentation-outside-usr-share-doc.
See libsnmp-base for example.
--
Thanks,
Package: dpkg-dev
Version: 1.19.7
Severity: minor
Dear Maintainer,
The VARIABLES section of the dpkg-architecture manual starts by
The following variables are set by dpkg-architecture...
However, these variables are also *used* by dpkg-architecture, and
evidenced by the documentation of the
Package: dpkg-dev
Version: 1.19.7
Severity: minor
Dear Maintainer,
man dpkg-architecture states that
-u, --print-unset
Print a similar command to --print-unset but to unset all variables.
I think it should reference --print-set instead, since that is already
defined above.
--
Thanks,
/changelog 2020-07-04 12:47:24.0
+0200
@@ -1,3 +1,10 @@
+xml-security-c (1.7.3-4+deb9u3) stretch; urgency=medium
+
+ * [02c3993] New patch: Fix a length bug in concat method.
+Thanks to Scott Cantor (Closes: #922984 )
+
+ -- Ferenc Wágner Sat, 04 Jul 2020 12:47:24 +0200
+
xml
Package: wordpress-shibboleth
Severity: serious
Dear Maintainer,
The Shibboleth SP package migrated from providing libapache2-mod-shib2
to libapache2-mod-shib; the former is already transitional in buster.
Please switch to using the new package name to keep wordpress-shibboleth
installable.
--
Package: src:lcd4linux
Severity: minor
Dear Maintainer,
The lcd4linux package Build-Depends on libgphoto2-dev, but does not
actually use it during the build. I don't even understand how it could,
so I kindly ask you to consider dropping the dependency if possible. It
would simplify checking
Package: src:opencv
Severity: minor
Dear Maintainer,
The opencv package Build-Depends on libgphoto2-dev, but does not
actually use it during the build. Please either drop the dependency,
or consider making use of it via a patch like
diff -Nru opencv-4.2.0+dfsg/debian/rules
@@ -1,3 +1,10 @@
+camera.app (0.8.0-12.1) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload.
+ * libgphoto_2.5.25-1 dropped the config scripts, switch to pkg-config.
+
+ -- Ferenc Wágner Thu, 18 Jun 2020 18:16:16 +0200
+
camera.app (0.8.0-12) unstable; urgency=medium
* Fix Vcs fields
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
The 3.1 release of the Shibboleth software stack changed the ABI and API
of all the components. It's pretty self-contained in Debian, though.
The affected packages
Package: wireshark
Version: 2.6.8-1.1
Severity: normal
Dear Maintainer,
While I was fiddling with the column setup, wireshark received a SIGSEGV
and crashed. I'll keep the core file around for some time in case
there's interest; the backtrace starts like this:
(gdb) bt full
#0 __strcmp_ssse3
Package: kdenlive
Version: 19.12.3-1~bpo10+1
Severity: normal
Dear Maintainer,
During the backport of kdenlive to buster, I hit a couple of problems
which may be of your interest:
1. kdenlive Build-Depends on libmlt-dev (>= 6.10.0), but trying to build
with 6.12 in buster gives a message
Source: freeradius
Version: 3.0.17+dfsg-1.1
Severity: wishlist
Dear Maintainer,
In the default installation freeradius runs as user freerad, which is
also the user owning the /etc/freeradius directory structure. This
means that an arbitrary code execution compromise in the daemon means
Package: rootskel
Severity: normal
Dear Maintainer,
If I preseed multiple nameservers on the kernel command line, like for
example netcfg/get_nameservers="193.225.12.63 193.225.14.58", in the
installed system the following /etc/modprobe.d/local.conf appears:
--8<--
# Local
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Dear Stable Release Team,
I'v got a bold request: please let me update Kronosnet in buster from
1.8-2 to 1.13-something to fix #946222. During the buster freeze
period, upstream
(3.0.1-2+deb10u1) buster; urgency=medium
+
+ * [f826af9] This branch is for buster updates
+ * [bfbfd3e] New patch: totemsrp: Reduce MTU to left room second mcast.
+Thanks to Jan Friesse (Closes: #950476)
+
+ -- Ferenc Wágner Sun, 02 Feb 2020 12:32:26 +0100
+
corosync (3.0.1-2) unstable
Package: corosync
Version: 3.0.1-2
Severity: important
Forwarded: https://bugzilla.redhat.com/show_bug.cgi?id=1765025
Control: fixed -1 3.0.3-1
Only happens when using knet as the transport as the MTU size is set
larger than the allowed knet buffer size for some large packets.
The actual impact
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Dear Stable Release Team,
I'm looking for guidance first: I'd like to fix #950135 (libxmltooling8:
Race condition bug in new session cookie feature leads to SP crash) in
buster.
+CVE: not assigned
+Thanks to Scott Cantor (Closes: #913136)
+
+ -- Ferenc Wágner Mon, 10 Dec 2018 11:45:41 +0100
+
xml-security-c (1.7.3-4+deb9u1) stretch-security; urgency=high
* [93b87c6] New patch: Default KeyInfo resolver doesn't check for empty
diff -Nru
xml-security-c-1.7.3/debian
Package: systemd
Version: 241-7~deb10u2
Severity: minor
Dear Maintainer,
Booting a pretty stock buster system produces the following warning:
[ 46.321681] systemd[1]: Failed to bump fs.file-max, ignoring: Invalid
argument
This is due to a stable kernel update, see
Package: icinga2-bin
Version: 2.10.3-2
Severity: important
Tags: upstream
Forwarded: https://github.com/Icinga/icinga2/issues/7401
Dear Maintainer,
This bug has a major impact on the usability of Icinga2, because
spurious notifications mean considerable disruption for the staff
receiving them.
Package: munin-node
Version: 2.0.49-1~bpo9+1
Severity: normal
Dear Maintainer,
Today I noticed that my /home mount is not graphed by the df plugin
against my expectations. After too much debugging I realized that the
ProtectHome=true setting in /lib/systemd/system/munin-node.service
causes the
Package: nagios-nrpe-server
Version: 3.2.1-2
Severity: minor
Dear Maintainer,
I see this in the logs of a buster machine:
Sep 2 16:07:58 gum systemd-tmpfiles[21883]:
[/usr/lib/tmpfiles.d/nagios-nrpe-server.conf:2] Line references path below
legacy directory /var/run/, updating
Package: src:libxcomposite
Version: 1:0.4.4-2
Severity: normal
Dear Maintainer,
x11proto-composite-dev is a "transitional dummy package" by its
description, and indeed empty, but I can't remove it from my system
because libxcomposite-dev depends on it (and the libxcomposite source
package
Package: libauthen-radius-perl
Version: 0.29-1
Severity: important
Dear Maintainer,
I recently upgraded to buster and noticed that our RADIUS test plugin
does not work anymore. Downgrading libauthen-radius-perl to 0.27-1
fixes the issue. Take the first example from the top of the man page:
Package: openssl
Version: 1.1.1c-1
Severity: serious
(You seem to use the serious severity for such reports.)
Dear OpenSSL Maintainers,
Please see https://github.com/kronosnet/kronosnet/issues/226: the
Kronosnet upstream CI started to fail in the Valgrind memory checks
after the libssl upgrade
] Backport three more patches from upstream fixing memory safety
+bugs.
+Clearing up fallout from the preceding security fixes.
+Thanks to Ken Gaillot
+
+ -- Ferenc Wágner Sun, 02 Jun 2019 14:01:06 +0200
+
pacemaker (2.0.1-4) unstable; urgency=high
* [54ace53] Fix check for already
Package: coturn
Version: 4.3.1.2-1
Severity: critical
Justification: causes serious data loss
Dear Misi,
The coturn package ships /var/lib/turn/turndb as an empty SQLite
database template, thus unexpectedly overwrites it without warning on
upgrade or reinstall, destroying any data the user might
+1,35 @@
+2019-04-25 Christine Caulfield
+
+ version: bump soname for 1.0.5 release
+
+2019-04-23 Ferenc Wágner
+
+ Let remote_tempdir() assume a NUL-terminated name
+ This is the case already. We also fix a buffer overflow opportunity in
+ the memcpy() call
Source: libqb
Version: 1.0.4-1
Severity: grave
Tags: upstream
Justification: renders package unusable
Forwarded: https://github.com/ClusterLabs/libqb/issues/338
IPC connection setup is aborted if the application is unable to chown()
the temporary communication directory under /dev/shm to the
Source: libqb
Version: 1.0.3-2
Severity: grave
Tags: patch upstream security
Justification: user security hole
Forwarded: https://github.com/ClusterLabs/libqb/issues/338
Control: found -1 0.11.1-2
Libqb creates files in world-writable directories (/dev/shm, /tmp) with
rather predictable file
+by the kernel
+
+ -- Ferenc Wágner Wed, 03 Apr 2019 10:33:30 +0200
+
kronosnet (1.8-1) unstable; urgency=medium
* [ff7beff] New upstream release (1.8)
diff -Nru
kronosnet-1.8/debian/patches/send-test-skip-the-SCTP-test-if-SCTP-is-not-supported-by-.patch
kronosnet-1.8/debian/patches/send-test-skip
)
+
+ -- Ferenc Wágner Mon, 01 Apr 2019 13:39:28 +0200
+
pacemaker (2.0.1-1) unstable; urgency=medium
* [7d6ff2e] New upstream release (2.0.1)
diff -Nru pacemaker-2.0.1/debian/control pacemaker-2.0.1/debian/control
--- pacemaker-2.0.1/debian/control 2019-03-04 21:30:38.0 +0100
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package opensaml
Dear Release Team,
To fix their latest security bug, Shibboleth upstream made a coordinated
patch release of the full stack, as usual. You already
Package: init-system-helpers
Version: 1.48
Severity: wishlist
Dear Maintainers,
Debhelper compat level 12 is stable and available in stretch-backports,
but uses the --skip-systemd-native option of invoke-rc.d, thus adds
init-system-helpers (>= 1.54~) to misc:Pre-Depends. This is necessary
to
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package shibboleth-sp
Dear Release Team,
When upstream fixed #924346 in xmltooling, they also fixed the same
problem (uncaught parser exceptions) in shibboleth-sp to
Provider software's case is usually the shibd daemon process,
+but can be Apache in some cases. Note that the crash occurs prior to
+evaluation of a message's authenticity, so can be exploited by an
+untrusted attacker.
+https://shibboleth.net/community/advisories/secadv_20190311.t
r (2.0.1-1) unstable; urgency=medium
+
+ * [7d6ff2e] New upstream release (2.0.1)
+
+ -- Ferenc Wágner Mon, 04 Mar 2019 21:34:46 +0100
+
pacemaker (2.0.1~rc5-1) unstable; urgency=medium
* [79e9089] Drop duplicate external library linkages
diff -Nru pacemaker-2.0.1~rc5/doc/Pacemaker_Development
Source: libgphoto2
Version: 2.5.22-2
Severity: important
Tags: upstream patch
Dear Maintainer,
I successfully used gvfs-gphoto2-volume-monitor to download photos from
my Sony Alpha 5000 under jessie, but libgphoto2 broke for that camera in
stretch (I don't know the exact version). This
Package: rubberband-cli
Version: 1.8.1-7
Severity: normal
Dear Maintainer,
The rubberband.1 manual page got out of sync with the help output of the
rubberband binary, for example it does not mention the -M option.
Please consider updating it.
--
Thanks,
Feri.
Package: src:capnproto
Version: 0.7.0-3
Severity: normal
Tags: upstream
Dear Maintainer,
When trying to build a stretch backports of capnproto, I hit a build
test failure:
[ TEST ] kj/filesystem-disk-test.c++:835: DiskFile holes
kj/filesystem-disk-test.c++:889: failed: expected
Emilio Pozuelo Monfort writes:
> On 15/01/2019 17:23, wf...@niif.hu wrote:
>
>> The uploads are done, but the testing migration of pacemaker and pcs
>> probably deadlocked due to the autopkgtest of the latter. Unstable pcs
>> needs unstable pacemaker, so they can only go together, which may
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hi Release Team,
We'd like to transition to Pacemaker 2. The ben file below is mostly
equivalent to that of auto-pacemaker, but misses pacemaker-dev, because
I'm not sure how to handle
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
nmu pam-mysql_0.8.1-1 . ANY . unstable . -m "Rebuild against MariaDB 10.3
(switch to internal implementaion of some dropped symbols)"
Emilio Pozuelo Monfort writes:
> On 02/01/2019 15:21, Ferenc Wágner wrote:
>
>> please schedule a rebuild of sheepdog and dlm on all relevant
>> architectures, that should finish it.
>
> Done.
Thanks, the rebuilds went through just fine, I think we can close thi
Package: lintian
Version: 2.5.50.4
Severity: minor
Dear Maintainer,
The extended description of skip-systemd-native-flag-missing-pre-depends
says:
This flag is useful for maintainer scripts that want to defer systemd
actions to deb-systemd-invoke(1p). However, it was only added in
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hi,
First of all, I'm sorry for inadvertently starting the Corosync
transition. It isn't a problematic one, though: please schedule a
rebuild of sheepdog and dlm on all relevant
CVE: not assigned
+Thanks to Scott Cantor (Closes: #913136)
+
+ -- Ferenc Wágner Mon, 10 Dec 2018 11:45:41 +0100
+
xml-security-c (1.7.3-4+deb9u1) stretch-security; urgency=high
* [93b87c6] New patch: Default KeyInfo resolver doesn't check for empty
diff -Nru
xml-security-c-1.7.3/
Andreas Beckmann writes:
> shibboleth-resolver FTBFS everywhere:
>
> checking for pkg-config... no
It's just pkg-config missing from Build-Depends.
Sam, are you around to fix this?
--
Thanks,
Feri
Package: ftp.debian.org
Severity: normal
Hi,
This request goes with #915155 (removal of opensaml2), please find
additional rationale there. Here we build libshibsp8 instead of
libshibsp7, thus the need for manual action.
--
Thanks,
Feri.
Package: ftp.debian.org
Severity: normal
Hi,
The rename was part of a library transition, so the libsaml9 binary
package is not taken over by opensaml, we build libsaml10 instead.
I'm filing a separate removal request for the shibboleth-sp2 direct
dependency; the shibboleth-resolver and
1 - 100 of 303 matches
Mail list logo
