Re: use of RDRAND in $random_library

Joey Hess wrote: Josh Triplett wrote: However, just as we encourage projects to reuse libraries rather than copying code around, we *should* encourage projects to use standardized randomness libraries rather than hardcoding rdrand (or, for that matter, hardcoding /dev/urandom).

Re: use of RDRAND in $random_library

Hi, Steve Langasek: Debian should do the right thing, regardless of what upstreams may believe. I don't trust the hardware random generator. At all. Given what's been revealed about the NSA so far, being extra paranoid about anything we cannot verify to be secure is the right thing to do.

Re: holes in secure apt

Hi Chris, On Thu, June 12, 2014 01:06, Christoph Anton Mitterer wrote: reopen 749795 stop A better way would be to add more 'found' versions so the BTS version tracking shows this bug as affecting stable. Anyone who believed in getting trusted sources might have been attacked with forged

Re: use of RDRAND in $random_library

On Wed, 11 Jun 2014, Josh Triplett wrote: Any program desiring high-performance random numbers has a good reason to use RDRAND or RDSEED: they produce randomness *far* faster than the kernel, and Yes, because SIGILL is so much faster… Anyway. Even on systems supporting RDRAND, user space

Re: holes in secure apt

* Thijs Kinkhorst th...@debian.org, 2014-06-12, 08:58: On Thu, June 12, 2014 01:06, Christoph Anton Mitterer wrote: reopen 749795 stop A better way would be to add more 'found' versions so the BTS version tracking shows this bug as affecting stable. Indeed. reopen throws away information

Re: holes in secure apt

On Thu, 12 Jun 2014, Christoph Anton Mitterer wrote: Anyone who believed in getting trusted sources might have been attacked with forged packages, and even the plain build of such package might have undermined users' security integrity. Then I believe Debian itself may be undermined. The

HTTPS everywhere! (was: holes in secure apt)

* Christoph Anton Mitterer cales...@scientia.net, 2014-06-12, 01:06: - not really secure APT related: apt-listbugs Not sure whether it uses https for getting bug infos... $ grep -r /soap.cgi lib/ lib/debian/btssoap.rb:@server=http://#{host}:#{port}/cgi-bin/soap.cgi; bts(1) and

Bug#751378: ITP: openlibm -- standalone implementation of C mathematical functions

Package: wnpp Severity: wishlist Owner: Sébastien Villemot sebast...@debian.org * Package name: openlibm Version : 0.3 Upstream Author : Julia development team * URL : https://github.com/JuliaLang/openlibm * License : BSD, MIT, ISC, public domain Programming

Bug#751379: ITP: openspecfun -- collection of special mathematical functions

Package: wnpp Severity: wishlist Owner: Sébastien Villemot sebast...@debian.org * Package name: openspecfun Version : 0.3 Upstream Author : Julia development team * URL : https://github.com/JuliaLang/openspecfun * License : MIT, public domain Programming

Re: Bug#751378: ITP: openlibm -- standalone implementation of C mathematical functions

Sébastien Villemot wrote: The OpenLibm code derives from the FreeBSD msun implementation, which in turn […] OpenLibm builds on Linux, and with little effort, should build on FreeBSD as well. It builds with both, GCC and clang. Although largely tested on x86, it also includes experimental

Re: Bug#751378: ITP: openlibm -- standalone implementation of C mathematical functions

Le jeudi 12 juin 2014 à 11:41 +, Thorsten Glaser a écrit : Sébastien Villemot wrote: The OpenLibm code derives from the FreeBSD msun implementation, which in turn […] OpenLibm builds on Linux, and with little effort, should build on FreeBSD as well. It builds with both, GCC and clang.

Re: Anyone using autopkgtest-xenlvm? Needs a maintainer or get dropped

Martin Pitt writes (Anyone using autopkgtest-xenlvm? Needs a maintainer or get dropped): If anyone is still using this, can you please get in contact with autopkgtest-de...@lists.alioth.debian.org and tell us the status of it? Would you like to continue maintaining/testing it? For the

Bug#751397: ITP: drmips -- Educational MIPS simulator - DrMIPS

Package: wnpp Severity: wishlist Owner: Bruno Nova brunomb.n...@gmail.com * Package name: drmips Version : 1.2.1 Upstream Author : Bruno Nova brunomb.n...@gmail.com * URL : https://bitbucket.org/brunonova/drmips/ * License : GPL Programming Lang: Java

Re: use of RDRAND in $random_library

At Thu, 12 Jun 2014 08:36:16 +0200, Matthias Urlichs wrote: That being said, sometimes you just need the binary equivalent of an uncompressible Lorem Ipsum text (dd if=/dev/urandom), but IMHO the kernel could (and should) provide a device for that. If you just want to overwrite something with

Re: holes in secure apt

On Thu, 2014-06-12 at 00:07 -0400, Joey Hess wrote: AAICS, #749795 talked about bringing this to the security team's attention, but they never seem to have been CCed. Thanks for doing that now... So the security team may not be aware that a security hole in apt was recently fixed, that

Re: holes in secure apt

On Thu, 2014-06-12 at 08:58 +0200, Thijs Kinkhorst wrote: Anyone who believed in getting trusted sources might have been attacked with forged packages, and even the plain build of such package might have undermined users' security integrity. The same is the case with all debian build

Re: holes in secure apt

On Thu, Jun 12, 2014 at 01:06:28AM +0200, Christoph Anton Mitterer wrote: In my opinion this is really some horrible bug... probably it could have been very easily found by others, and we have no idea whether it was exploited already or not. Probably yes. Someone in the last ~11 years could

Bug#749795: Info received (holes in secure apt)

Thank you for the additional information you have supplied regarding this Bug report. This is an automatically generated reply to let you know your message has been received. Your message is being forwarded to the package maintainers and other interested parties for their attention; they will

Re: holes in secure apt

On Thu, 2014-06-12 at 16:54 +0200, Christoph Anton Mitterer wrote: On Thu, 2014-06-12 at 08:58 +0200, Thijs Kinkhorst wrote: If you want to discuss your plans to work on improving APT, you're more on-topic at de...@lists.debian.org. I think this goes beyond just APT (even though APT is

Re: holes in secure apt

On Thu, 2014-06-12 at 10:30 +0200, Thorsten Glaser wrote: On Thu, 12 Jun 2014, Christoph Anton Mitterer wrote: Anyone who believed in getting trusted sources might have been attacked with forged packages, and even the plain build of such package might have undermined users' security

Re: use of RDRAND in $random_library

Josh Triplett j...@joshtriplett.org writes: At least two reasons: because a random number source that doesn't require kernel privileges should not need to take the performance hit of going through the kernel, I'm very dubious that this performance hit is substantial enough that it should have

Re: HTTPS everywhere! (was: holes in secure apt)

On Thu, 2014-06-12 at 10:56 +0200, Jakub Wilk wrote: $ grep -r /soap.cgi lib/ lib/debian/btssoap.rb: @server=http://#{host}:#{port}/cgi-bin/soap.cgi; :-( bts(1) and reportbug(1) don't use HTTPS either, AFAICS. :-( I noticed that http://bugs.debian.org/ started redirecting to the

improving downloader packages (was: Re: holes in secure apt)

Hi Chris, You raise a lot of broad concerns under the header holes in secure apt which I'm afraid does not much to get us closer to a more secure Debian. Not many people will object that making Debian even more secure is a bad idea; it just needs concrete action, not a large list of potential

Re: use of RDRAND in $random_library

On Thu, Jun 12, 2014 at 10:19:37AM -0700, Russ Allbery wrote: I've never seen a convincing argument that the kernel /dev/random is likely to be *less* secure than the hardware random number generator. It's either more secure or the same level of security. Given that, it's a risk analysis, and

Re: HTTPS everywhere!

]] Christoph Anton Mitterer Supplying the Debian Root CA to people not using Debian could have been easily done by a *single* site that uses a cert available in all browsers... which offers the Debian Root CA for secure and trusted download. That's a nice theory. It does not align

Re: holes in secure apt

+++ Christoph Anton Mitterer [2014-06-12 01:06 +0200]: - [c]debootstrap I think they both default now to verify signatures (which is a good thing)... but IIRC, debootstrap also defaults to not verify anything... if the keyrings aren't installed - admittedly this is unlikely... but possible...

Re: use of RDRAND in $random_library

On Thu, Jun 12, 2014 at 10:23:58AM +0200, Thorsten Glaser wrote: On Wed, 11 Jun 2014, Josh Triplett wrote: device is inferiour to the random devices on OpenBSD/MirBSD, so you should seed the aRC4 state with additional random bytes: As far as I know, OpenBSD stopped using (A)RC4 for their

Re: holes in secure apt

Hi! On Thu, 2014-06-12 at 19:43:56 +0100, Wookey wrote: +++ Christoph Anton Mitterer [2014-06-12 01:06 +0200]: - [c]debootstrap I think they both default now to verify signatures (which is a good thing)... but IIRC, debootstrap also defaults to not verify anything... if the keyrings

Re: use of RDRAND in $random_library

Hi! On Thu, 2014-06-12 at 21:19:06 +0200, Kurt Roeckx wrote: On Thu, Jun 12, 2014 at 10:23:58AM +0200, Thorsten Glaser wrote: On Wed, 11 Jun 2014, Josh Triplett wrote: device is inferiour to the random devices on OpenBSD/MirBSD, so you should seed the aRC4 state with additional random

Re: use of RDRAND in $random_library

Kurt Roeckx dixit: As far as I know, OpenBSD stopped using (A)RC4 for their random number generation for good reason, even though the function is They stopped, but not for good reason. But you can also use the new unlicenced algorithm they use, if you really feel like it, it’s not bad either,

Re: holes in secure apt

On Thu, 12 Jun 2014 19:43:56 +0100 Wookey woo...@wookware.org wrote: +++ Christoph Anton Mitterer [2014-06-12 01:06 +0200]: - [c]debootstrap I think they both default now to verify signatures (which is a good thing)... but IIRC, debootstrap also defaults to not verify anything... if the

sofftware outside Debian (Re: holes in secure apt)

Hi Christoph, On Donnerstag, 12. Juni 2014, Christoph Anton Mitterer wrote: [many things] both flashplugin-nonfree and torbrowser-launcher are (or will be) in contrib (and thus not be part of Debian) for exactly those reasons you described. And both rightfully belong to contrib, even though

Bug#751439: ITP: lgeneral-data -- strategy game in the tradition of Panzer General -- data

Package: wnpp Severity: wishlist Owner: Markus Koschany a...@gambaru.de * Package name: lgeneral-data Version : 1.0 Upstream Author : Steve McGuba, Markus Koschany * URL : https://gitorious.org/lgeneral-data * License : CC-BY-SA-3.0 Programming Lang: none

Work-needing packages report for Jun 13, 2014

The following is a listing of packages for which help has been requested through the WNPP (Work-Needing and Prospective Packages) system in the last week. Total number of orphaned packages: 585 (new: 2) Total number of packages offered up for adoption: 140 (new: 3) Total number of packages

Re: Re: use of RDRAND in $random_library

Theodore Ts'o wrote: On Thu, Jun 12, 2014 at 10:19:37AM -0700, Russ Allbery wrote: I've never seen a convincing argument that the kernel /dev/random is likely to be *less* secure than the hardware random number generator. It's either more secure or the same level of security. Given that,

Re: use of RDRAND in $random_library

Josh Triplett j...@joshtriplett.org writes: If you don't trust a hardware random number generator, you should not xor it and another random number source together; after all, if you believe the numbers coming out of the hardware random source are not actually random, you might just as easily

Re: use of RDRAND in $random_library

Russ Allbery dijo [Thu, Jun 12, 2014 at 07:08:40PM -0700]: If you don't trust a hardware random number generator, you should not xor it and another random number source together; after all, if you believe the numbers coming out of the hardware random source are not actually random, you

Re: use of RDRAND in $random_library

Gunnar Wolf gw...@gwolf.org writes: Russ Allbery dijo [Thu, Jun 12, 2014 at 07:08:40PM -0700]: I would certainly hope that the mixing algorithm of any decent random number source is better than just xor. And given that, I don't believe the mathematics supports your assertion here. It's

Re: use of RDRAND in $random_library

Ugh, sorry to follow up to myself, but I got a key part of this wrong. Russ Allbery r...@debian.org writes: At least based on my understanding of the theory, I think that mixing a backdoored entropy source with other entropy sources in a random number generator like Fortuna (which is based on

Accepted autopkgtest 2.18 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 07:48:58 +0200 Source: autopkgtest Binary: autopkgtest Architecture: source all Version: 2.18 Distribution: unstable Urgency: medium Maintainer: Autopkgtest team autopkgtest-de...@lists.alioth.debian.org

Accepted gnome-main-menu 1.8.0-2 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 08:25:51 +0200 Source: gnome-main-menu Binary: mate-gnome-main-menu-applet mate-gnome-main-menu-applet-dbg Architecture: source amd64 Version: 1.8.0-2 Distribution: unstable Urgency: low Maintainer: MATE Packaging

Accepted gringo 4.3.0-2 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 09:16:31 +0200 Source: gringo Binary: gringo Architecture: source amd64 Version: 4.3.0-2 Distribution: unstable Urgency: low Maintainer: Debian Science Maintainers

Accepted opensmtpd 5.4.2p1-2 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 11 Jun 2014 21:30:20 +0200 Source: opensmtpd Binary: opensmtpd Architecture: source amd64 Version: 5.4.2p1-2 Distribution: unstable Urgency: medium Maintainer: Ryan Kavanagh r...@debian.org Changed-By: Ryan Kavanagh

Accepted libverilog-perl 3.404-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 10:19:15 +0200 Source: libverilog-perl Binary: libverilog-perl Architecture: source amd64 Version: 3.404-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group

Accepted libio-interface-perl 1.07-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 10:36:18 +0200 Source: libio-interface-perl Binary: libio-interface-perl Architecture: source amd64 Version: 1.07-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group

Accepted r-cran-statmod 1.4.20-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 10:26:20 +0200 Source: r-cran-statmod Binary: r-cran-statmod Architecture: source amd64 Version: 1.4.20-1 Distribution: unstable Urgency: medium Maintainer: Debian Science Team

Accepted glpk-java 1.0.36-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 10:45:35 +0200 Source: glpk-java Binary: libglpk-java Architecture: source amd64 Version: 1.0.36-1 Distribution: unstable Urgency: medium Maintainer: Debian Science Team

Accepted libpoe-component-client-mpd-perl 2.000-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 11:08:30 +0200 Source: libpoe-component-client-mpd-perl Binary: libpoe-component-client-mpd-perl Architecture: source all Version: 2.000-1 Distribution: unstable Urgency: low Maintainer: Debian Perl Group

Accepted claws-mail 3.10.1-2 (source amd64 all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 12 Jun 2014 11:12:38 +0200 Source: claws-mail Binary: claws-mail claws-mail-dbg libclaws-mail-dev claws-mail-plugins claws-mail-spamassassin claws-mail-pgpmime claws-mail-pgpinline claws-mail-smime-plugin claws-mail-bogofilter

Accepted dvd-slideshow 0.8.4.2-3 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 12:17:04 +0100 Source: dvd-slideshow Binary: dvd-slideshow Architecture: source all Version: 0.8.4.2-3 Distribution: unstable Urgency: low Maintainer: Debian Multimedia Maintainers

Accepted libbluray 1:0.6.0+dfsg-1 (source amd64 all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 14:34:26 +0200 Source: libbluray Binary: libbluray-dev libbluray1 libbluray1-dbg libbluray-bdj libbluray-bin libbluray-doc Architecture: source amd64 all Version: 1:0.6.0+dfsg-1 Distribution: unstable Urgency:

Accepted node-lodash 2.4.1+dfsg-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 12 May 2014 16:19:58 +0200 Source: node-lodash Binary: node-lodash libjs-lodash Architecture: source all Version: 2.4.1+dfsg-1 Distribution: unstable Urgency: low Maintainer: Debian Javascript Maintainers

Accepted node-findup-sync 0.1.3-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 30 Mar 2014 17:05:46 + Source: node-findup-sync Binary: node-findup-sync Architecture: source all Version: 0.1.3-1 Distribution: unstable Urgency: low Maintainer: Debian Javascript Maintainers

Accepted bobcat 3.23.00-2 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 00:14:10 -0700 Source: bobcat Binary: libbobcat3 libbobcat-dev Architecture: source amd64 Version: 3.23.00-2 Distribution: unstable Urgency: medium Maintainer: Frank B. Brokken f.b.brok...@rug.nl Changed-By: tony

Accepted oasis 0.4.4-1 (source amd64 all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 15:21:21 +0200 Source: oasis Binary: oasis liboasis-ocaml-dev liboasis-ocaml liboasis-ocaml-doc Architecture: source amd64 all Version: 0.4.4-1 Distribution: unstable Urgency: low Maintainer: Debian OCaml

Accepted blackbox 0.70.1-22 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 22:44:02 +0900 Source: blackbox Binary: blackbox libbt-dev libbt0 Architecture: source amd64 Version: 0.70.1-22 Distribution: unstable Urgency: medium Maintainer: Debian QA Group packa...@qa.debian.org Changed-By:

Accepted iprutils 2.4.2-1 (source powerpc)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 15:14:40 +0100 Source: iprutils Binary: iprutils iprutils-udeb Architecture: source powerpc Version: 2.4.2-1 Distribution: unstable Urgency: medium Maintainer: Colin Watson cjwat...@debian.org Changed-By: Colin

Accepted libtest-harness-perl 3.32-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 17:19:44 +0200 Source: libtest-harness-perl Binary: libtest-harness-perl Architecture: source all Version: 3.32-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group

Accepted libtext-csv-xs-perl 1.09-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 17:13:36 +0200 Source: libtext-csv-xs-perl Binary: libtext-csv-xs-perl Architecture: source amd64 Version: 1.09-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group

Accepted libiberty 20140612-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 12 Jun 2014 16:25:23 +0200 Source: libiberty Binary: libiberty-dev Architecture: source amd64 Version: 20140612-1 Distribution: unstable Urgency: medium Maintainer: Debian GCC Maintainers debian-...@lists.debian.org Changed

Accepted minetest 0.4.9+repack-6 (source amd64 all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 16:39:16 +0200 Source: minetest Binary: minetest minetest-dbg minetest-server minetest-data Architecture: source amd64 all Version: 0.4.9+repack-6 Distribution: unstable Urgency: medium Maintainer: Debian Games

Accepted natlog 1.01.0-2 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 06:43:44 -0700 Source: natlog Binary: natlog Architecture: source amd64 Version: 1.01.0-2 Distribution: unstable Urgency: medium Maintainer: Frank B. Brokken f.b.brok...@rug.nl Changed-By: tony mancill

Accepted python-virtualenv 1.11.6-2 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 10:50:35 -0400 Source: python-virtualenv Binary: python-virtualenv python3-virtualenv virtualenv Architecture: source all Version: 1.11.6-2 Distribution: unstable Urgency: medium Maintainer: Debian Python Modules

Accepted gnome-mplayer 1.0.9-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 18:12:17 +0200 Source: gnome-mplayer Binary: gnome-mplayer gnome-mplayer-dbg Architecture: source amd64 Version: 1.0.9-1 Distribution: unstable Urgency: low Maintainer: Debian Multimedia Maintainers

Accepted gmtk 1.0.9-1 (source amd64 all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 17:59:22 +0200 Source: gmtk Binary: libgmtk1 libgmtk1-dbg libgmlib1 libgmlib1-dbg libgmtk-dev libgmlib-dev libgmtk1-data Architecture: source amd64 all Version: 1.0.9-1 Distribution: unstable Urgency: medium

Accepted libnetaddr-ip-perl 4.075+dfsg-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 18:13:38 +0200 Source: libnetaddr-ip-perl Binary: libnetaddr-ip-perl Architecture: source amd64 Version: 4.075+dfsg-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group

Accepted libtest-bdd-cucumber-perl 0.25-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 18:09:49 +0200 Source: libtest-bdd-cucumber-perl Binary: libtest-bdd-cucumber-perl Architecture: source all Version: 0.25-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group

Accepted php-texy 2.5.1-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 11:00:27 -0400 Source: php-texy Binary: php-texy Architecture: source all Version: 2.5.1-1 Distribution: unstable Urgency: medium Maintainer: Debian PHP PEAR Maintainers pkg-php-p...@lists.alioth.debian.org

Accepted libmoosex-has-sugar-perl 1.000001-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 18:20:46 +0200 Source: libmoosex-has-sugar-perl Binary: libmoosex-has-sugar-perl Architecture: source all Version: 1.01-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group

Accepted libmoo-perl 1.005000-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 18:25:54 +0200 Source: libmoo-perl Binary: libmoo-perl Architecture: source all Version: 1.005000-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group pkg-perl-maintain...@lists.alioth.debian.org

Accepted gecko-mediaplayer 1.0.9-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 18:41:24 +0200 Source: gecko-mediaplayer Binary: gecko-mediaplayer Architecture: source amd64 Version: 1.0.9-1 Distribution: unstable Urgency: medium Maintainer: Debian Multimedia Maintainers

Accepted libio-all-perl 0.63-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 18:37:56 +0200 Source: libio-all-perl Binary: libio-all-perl Architecture: source all Version: 0.63-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group

Accepted lava-coordinator 0.1.5-2 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 07 May 2014 20:02:59 +0100 Source: lava-coordinator Binary: lava-coordinator Architecture: source all Version: 0.1.5-2 Distribution: unstable Urgency: medium Maintainer: Debian LAVA team

Accepted django-sortedm2m 0.7.0-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 13 May 2014 17:46:30 +0200 Source: django-sortedm2m Binary: python-sortedm2m python3-sortedm2m python-sortedm2m-data Architecture: source all Version: 0.7.0-1 Distribution: unstable Urgency: low Maintainer: Benjamin Drung

Accepted pktools 2.5.2+20140505-1 (source i386)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 27 Mar 2014 15:57:15 +0100 Source: pktools Binary: pktools pktools-dev Architecture: source i386 Version: 2.5.2+20140505-1 Distribution: unstable Urgency: low Maintainer: Debian GIS Project

Accepted ceph-dkms 3.14+git20140429-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 07 May 2014 11:22:53 +1000 Source: ceph-dkms Binary: ceph-dkms Architecture: source all Version: 3.14+git20140429-1 Distribution: experimental Urgency: low Maintainer: Ceph Maintainers ceph-maintain...@lists.ceph.com

Accepted tbdialout 1.7.2-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 02 May 2014 18:47:56 +0200 Source: tbdialout Binary: xul-ext-tbdialout Architecture: source all Version: 1.7.2-1 Distribution: unstable Urgency: low Maintainer: Debian Mozilla Extension Maintainers

Accepted direnv 2.3.0-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 27 Apr 2014 23:04:40 +0100 Source: direnv Binary: direnv Architecture: source amd64 Version: 2.3.0-1 Distribution: unstable Urgency: medium Maintainer: Punit Agrawal punitagra...@gmail.com Changed-By: Punit Agrawal

Accepted efibootmgr 0.7.0-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 05 Jun 2014 16:44:45 -0500 Source: efibootmgr Binary: efibootmgr Architecture: source amd64 Version: 0.7.0-1 Distribution: unstable Urgency: medium Maintainer: Daniel Jared Dominguez jared_doming...@dell.com Changed-By: Daniel

Accepted golang-context 0.0~git20140522.1.1f3e8a4-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 11 Jun 2014 20:20:31 -0400 Source: golang-context Binary: golang-context-dev Architecture: source all Version: 0.0~git20140522.1.1f3e8a4-1 Distribution: unstable Urgency: medium Maintainer: Daniel Mizyrycki

Accepted golang-mux 0.0~git20140505.1.136d54f-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 11 Jun 2014 21:18:57 -0400 Source: golang-mux Binary: golang-mux-dev Architecture: source all Version: 0.0~git20140505.1.136d54f-1 Distribution: unstable Urgency: medium Maintainer: Daniel Mizyrycki mzdan...@glidelink.net

Accepted libsvn-look-perl 0.40-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 21:45:04 +0200 Source: libsvn-look-perl Binary: libsvn-look-perl Architecture: source all Version: 0.40-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group

Accepted node-source-map 0.1.34-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 12 Jun 2014 22:59:12 +0200 Source: node-source-map Binary: node-source-map libjs-source-map Architecture: source all Version: 0.1.34-1 Distribution: unstable Urgency: medium Maintainer: Debian Javascript Maintainers

Accepted openafs 1.6.9-1 (source i386 all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 12:39:25 -0700 Source: openafs Binary: openafs-client openafs-fuse openafs-kpasswd openafs-fileserver openafs-dbserver openafs-doc openafs-krb5 libkopenafs1 libafsauthent1 libafsrpc1 libopenafs-dev

Accepted php-parser 1.0.0~beta1-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 14:36:41 -0400 Source: php-parser Binary: php-parser Architecture: source all Version: 1.0.0~beta1-1 Distribution: experimental Urgency: medium Maintainer: Debian PHP PEAR Maintainers

Accepted pushpin 0.0~20140430-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 21:58:39 +0200 Source: pushpin Binary: pushpin Architecture: source amd64 Version: 0.0~20140430-1 Distribution: experimental Urgency: low Maintainer: Jan Niehusmann j...@debian.org Changed-By: Jan Niehusmann

Accepted gcc-4.7 4.7.4-1 (source all amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 12 Jun 2014 21:39:38 +0200 Source: gcc-4.7 Binary: gcc-4.7-base libgcc-4.7-dev lib64gcc-4.7-dev lib32gcc-4.7-dev libn32gcc-4.7-dev libx32gcc-4.7-dev gcc-4.7 gcc-4.7-multilib gcc-4.7-plugin-dev gcc-4.7-hppa64 gcc-4.7-spu

Accepted libsigc++-2.0 2.2.11-4 (source amd64 all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 12 Jun 2014 17:14:42 +0200 Source: libsigc++-2.0 Binary: libsigc++-2.0-0c2a libsigc++-2.0-dev libsigc++-2.0-doc Architecture: source amd64 all Version: 2.2.11-4 Distribution: unstable Urgency: low Maintainer: Debian GNOME

Accepted doit 0.25.0-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 20:17:08 -0300 Source: doit Binary: python-doit python3-doit python-doit-doc Architecture: source all Version: 0.25.0-1 Distribution: unstable Urgency: medium Maintainer: Agustin Henze t...@debian.org Changed-By:

Accepted firebug 2.0-1 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 21:22:05 -0400 Source: firebug Binary: xul-ext-firebug Architecture: source all Version: 2.0-1 Distribution: unstable Urgency: medium Maintainer: Debian Mozilla Extension Maintainers

Accepted golang-mux 0.0~git20140505.1.136d54f-2 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 12 Jun 2014 22:07:36 -0400 Source: golang-mux Binary: golang-mux-dev Architecture: source all Version: 0.0~git20140505.1.136d54f-2 Distribution: unstable Urgency: medium Maintainer: Daniel Mizyrycki mzdan...@glidelink.net

Accepted golang-context 0.0~git20140522.1.1f3e8a4-2 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 12 Jun 2014 21:50:59 -0400 Source: golang-context Binary: golang-context-dev Architecture: source all Version: 0.0~git20140522.1.1f3e8a4-2 Distribution: unstable Urgency: medium Maintainer: Daniel Mizyrycki

Accepted jd 1:2.8.8-140601-2 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 08 Jun 2014 00:01:22 +0900 Source: jd Binary: jd Architecture: source amd64 Version: 1:2.8.8-140601-2 Distribution: unstable Urgency: medium Maintainer: Hideki Yamane henr...@debian.org Changed-By: Hideki Yamane

Accepted xcb-util-renderutil 0.3.9-1 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Fri, 13 Jun 2014 11:54:12 +0900 Source: xcb-util-renderutil Binary: libxcb-render-util0 libxcb-render-util0-dev Architecture: source amd64 Version: 0.3.9-1 Distribution: unstable Urgency: low Maintainer: Debian X Strike Force

Accepted dms 1.0.1g-4 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 10 Jun 2014 09:04:39 +1200 Source: dms Binary: dms-core dms-wsgi dms-dr dms Architecture: source amd64 Version: 1.0.1g-4 Distribution: unstable Urgency: medium Maintainer: DMS Maintainers

Accepted dms 1.0.1g-2 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 28 Apr 2014 08:52:13 +1200 Source: dms Binary: dms-core dms-wsgi dms-dr dms Architecture: source amd64 Version: 1.0.1g-2 Distribution: unstable Urgency: medium Maintainer: Matthew Grant m...@mattgrant.net.nz Changed-By:

Accepted dms 1.0.1g-3 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 04 May 2014 22:32:08 +1200 Source: dms Binary: dms-core dms-wsgi dms-dr dms Architecture: source amd64 Version: 1.0.1g-3 Distribution: unstable Urgency: medium Maintainer: DMS Maintainers

Accepted dms 1.0.1g-5 (source amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 12 Jun 2014 20:14:31 +1200 Source: dms Binary: dms-core dms-wsgi dms-dr dms Architecture: source amd64 Version: 1.0.1g-5 Distribution: unstable Urgency: medium Maintainer: DMS Maintainers

Accepted c++-annotations 9.9.1-2 (source all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 20:39:24 -0700 Source: c++-annotations Binary: c++-annotations c++-annotations-html c++-annotations-txt c++-annotations-latex c++-annotations-pdf c++-annotations-ps c++-annotations-dvi c++-annotations-contrib

Accepted stealth 2.11.04-2 (source amd64 all)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Jun 2014 07:01:07 -0700 Source: stealth Binary: stealth stealth-doc Architecture: source amd64 all Version: 2.11.04-2 Distribution: unstable Urgency: medium Maintainer: Frank B. Brokken f.b.brok...@rug.nl Changed-By: tony

  1   2   >