"Theodore Ts'o" writes:
>> 1) Use upstream's PGP signed git-archive tarball.
>
> Here's how I do it in e2fsprogs which (a) makes the git-archive
> tarball be bit-for-bit reproducible given a particular git commit ID,
> and (b) minimizes the size of the tarball when stored using
> pristine-tar:
>
Bruno Haible writes:
> Simon Josefsson wrote:
>> Finally, while this is somewhat gnulib specific, I think the practice
>> goes beyond gnulib
>
> Yes, gnulib-tool for modules written in C is similar to
>
> * 'npm install' for JavaScript source code packages [1],
&
eam
tarball with pre-generated content and gnulib code, and latest version
1.8-3 that builds from a minimal source-only tarball is small:
--- a/debian/control
+++ b/debian/control
@@ -6,6 +6,8 @@ Uploaders:
Simon Josefsson ,
Build-Depends:
debhelper-compat (= 13),
+ git,
+ gnulib
Hi
According to the mirror list
https://www.debian.org/distrib/archive
it should be possible to reach archive.debian.org via rsync, however
this fails for me. Is this intentional, or can this be fixed?
Further it seems mirrors are out of sync. I noticed that several
mirrors lack buster.
Philip Hands writes:
> Mathias Gibbens writes:
>
>> On Sun, 2024-04-21 at 18:47 +0200, Simon Josefsson wrote:
> ...
>>> /usr/libexec/minio-client/bin/mc -> /usr/bin/mcli
>
> Might I suggest that the link goes the other way, so that the symlink
> lives
Marco d'Itri writes:
> On Apr 21, Mathias Gibbens wrote:
>
>> While that might work for them, it obviously doesn't at a higher
>> packaging level. Per Policy Section 10.1, I'm bringing this to d-devel
>> for any comments or suggestions on my plan for packaging the MinIO
>> Client. Following
Jonas Smedegaard writes:
> Quoting Simon Josefsson (2024-04-18 09:34:26)
>> Jonas Smedegaard writes:
>>
>> > That said, you are welcome to try nudge me if some concrete task
>> > emerges where you image I might be of help.
>>
>> Thanks -- I'm mov
Sebastian Ramacher writes:
> Hi,
>
> as the progress on the t64 transition is slowing down, I want to give an
> overview of some of the remaining blockers that we need to tackle to get
> it unstuck. I tried to identify some clusters of issues, but there might
> be other classes of issues.
Jonas Smedegaard writes:
> That said, you are welcome to try nudge me if some concrete task
> emerges where you image I might be of help.
Thanks -- I'm moving this out of 921954@bugs and cc'ing debian-devel to
allow others to help and to allow you from not having to feel a need to
reply at all
Colin Watson writes:
> On Mon, Apr 01, 2024 at 11:33:06AM +0200, Simon Josefsson wrote:
>> Running ./bootstrap in a tarball may lead to different results than the
>> maintainer running ./bootstrap in pristine git. It is the same problem
>> as running 'autoreconf -f
"G. Branden Robinson" writes:
> At 2024-03-31T22:32:49+, Stefano Rivera wrote:
>> Upstreams would probably prefer that we used git repositories
>> *directly* as source artifacts, but that comes with a whole other can
>> of worms...
>
> Speaking from my upstream groff perspective, I wouldn't
Gioele Barabucci writes:
> But pulling a successful collision attack is not a trivial task. For
> instance, the xz attacker did not have all that was required to carry
> it out (for example they had no direct access to the git
> servers... yet).
Is that necessary? It seems that if you have
Bastian Blank writes:
> On Sun, Mar 31, 2024 at 12:05:54PM +0500, Andrey Rakhmatullin wrote:
>> On Sat, Mar 30, 2024 at 11:22:33PM -0300, Santiago Ruano Rincón wrote:
>> > As others have said, the best solution is to relay on HSW for handling
>> > the cryptographic material.
>> Aren't these
Russ Allbery writes:
> Simon Josefsson writes:
>> Sean Whitton writes:
>
>>> We did some analysis on the SHA1 vulnerabilities and determined that
>>> they did not meaningfully affect dgit & tag2upload's design.
>
>> Can you share that analys
Jonathan Carter writes:
> On 2024/03/30 11:05, Simon Josefsson wrote:
>>> 1. Move towards allowing, and then favoring, git-tags over source tarballs
>>
>> Some people have suggested this before -- and I have considered adopting
>> that approach myself, but one
Sean Whitton writes:
> Hello,
>
> On Sat 30 Mar 2024 at 12:19pm +01, Simon Josefsson wrote:
>
>> Relying on signed git tags is not reliable because git is primarily
>> SHA1-based which in 2019 cost $45K to do a collission attack for.
>
> We did some analys
Gioele Barabucci writes:
> Just as an example, bootstrapping coreutils currently requires
> bootstrapping at least 68 other packages, including libx11-6 [1]. If
> coreutils supported [2], the transitive closure of its
> Build-Depends would be reduced to 20 packages, most of which in
>
Antonio Russo writes:
> 1. Move towards allowing, and then favoring, git-tags over source tarballs
Some people have suggested this before -- and I have considered adopting
that approach myself, but one thing that is often overlooked is that
building from git usually increase the Build-Depends
Hans-Christoph Steiner writes:
>> In business, such things are confirmed (often badly) by independent
>> audit. For a volunteer-driven community effort, we have to rely on
>> everyone to exercise their best judgement in these sorts of matters.
>
> Debian could also get independent, professional
> > I've looked at Sigstore, it looks nice. It seems to be architected
> > for use
> > cases that assume highly reliable and unblocked single domains.
> > That's a
> > showstopper for us. Also, the official client app is 100% JVM code
> > right now
> > (Java+Kotlin), so integrating Go
tis 2024-02-06 klockan 16:50 +0100 skrev Hans-Christoph Steiner:
>
>
> Simon Josefsson:
> > Hans-Christoph Steiner writes:
> >
> > > Thanks for digging in here, its very important work! I'd be
> > > happy to
> > > contribute where I can. I
Stephan Verbücheln writes:
> II. Typical Debian case
>
> 1. Debian developer signs source tarballs and upload them
> 2. The signature only has to be secure until the code lands in the FTP
> 3. Debian builds the binary packages
> 4. Debian creates Release files with hashes of the packages
> 5.
Bill Allombert writes:
> On Mon, Feb 05, 2024 at 08:49:09AM +0100, Simon Josefsson wrote:
>> Bill Allombert writes:
>>
>> > Le Thu, Feb 01, 2024 at 10:38:03AM +0100, Simon Josefsson a écrit :
>> >> Hi
>> >>
>> >> I'm expl
Hans-Christoph Steiner writes:
> Thanks for digging in here, its very important work! I'd be happy to
> contribute where I can. I'm a DD and a core contributor to F-Droid,
> where we wrestle with basically the same issues. So we've thought a
> lot about these kinds of things, but definitely
Bill Allombert writes:
> Le Thu, Feb 01, 2024 at 10:38:03AM +0100, Simon Josefsson a écrit :
>> Hi
>>
>> I'm exploring how to defend against an attacker who can create valid
>> signatures for cryptographic private keys (e.g., PGP) that users need to
>> tru
Hi
I'm exploring how to defend against an attacker who can create valid
signatures for cryptographic private keys (e.g., PGP) that users need to
trust when using an operating system such as Debian. A signature like
that can be used in a targetted attacks against one victim.
For example, apt
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: cosign
Version : 2.2.2-1
Upstream Author : The Sigstore Authors
* URL : https://github.com/sigstore/cosign
* License : Apache-2.0
Programming Lang: Go
Description : Code signing
Luca Boccassi writes:
> On Wed, 24 Jan 2024 at 13:34, Simon Josefsson wrote:
>>
>> Luca Boccassi writes:
>>
>> >> Having reflected a bit, and learned through my own experience and
>> >> others' insights [1] that Go Build-Depends are not transitive
Luca Boccassi writes:
>> Having reflected a bit, and learned through my own experience and
>> others' insights [1] that Go Build-Depends are not transitive, I'd like
>> to update my proposal on how to handle a security bug in any Go/Rust/etc
>> package and the resulting package rebuilds:
>
>
Simon Josefsson writes:
>> > My naive approach on how to fix a security problem in package X
>> > which is
>> > statically embedded into other packages A, B, C, ... would be to
>> > rebuild
>> > the transitive closure of all packages that Build-De
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: sigsum-go
Version : 1.7.1-1
Upstream Author : The Sigsum Project Authors
* URL : https://git.glasklar.is/sigsum/core/sigsum-go
* License : BSD-2-Clause
Programming Lang: Go
Description
Adam Borowski writes:
> On Mon, Jan 15, 2024 at 10:17:17AM +0100, Bastian Blank wrote:
>> On Sun, Jan 14, 2024 at 04:24:57PM +0100, Simon Josefsson wrote:
>> > Isn't that what the text refers to? Vendoring and static linking are
>> > two examples of the same problem
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-github-common-nighthawk-go-figure
Version : 0.0~git20210622.734e95f-1
Upstream Author : Daniel Deutsch
* URL : https://github.com/common-nighthawk/go-figure
* License : Expat
Bastian Blank writes:
> On Tue, Jan 16, 2024 at 10:59:30AM +0100, Simon Josefsson wrote:
>> Rebuilding a bit more than what is strictly needed sounds fine as a
>> first solution to me.
>
> Building maybe. But how do you want to publish them? The security
> archi
"IOhannes m zmölnig (Debian GNU|Linux)" writes:
> On 1/16/24 13:56, Jérémy Lal wrote:
>>>
>>> As Built-Using is for license compliance only, no?
>>>
>>> See
>>>
>>> https://www.debian.org/doc/debian-policy/ch-relationships.html#additional-source-packages-used-to-build-the-binary-built-using
>>
tis 2024-01-16 klockan 11:22 +0100 skrev Jérémy Lal:
>
>
> Le mar. 16 janv. 2024 à 11:00, Simon Josefsson
> a écrit :
> > Paul Wise writes:
> >
> > > On Mon, 2024-01-15 at 10:17 +0100, Bastian Blank wrote:
> > >
> > > > I asked for practi
Paul Wise writes:
> On Mon, 2024-01-15 at 10:17 +0100, Bastian Blank wrote:
>
>> I asked for practical solutions, not theoretical ones. We don't have a
>> suitable way to rebuild all packages just because right now.
>
> There are some ideas on the static linking wiki page:
>
>
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-github-sigstore-protobuf-specs
Version : 0.2.1-1
Upstream Author : sigstore
* URL : https://github.com/sigstore/protobuf-specs
* License : Apache-2.0
Programming Lang: Go
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-bitbucket-creachadair-shell
Version : 0.0.8-1
Upstream Author : Michael J. Fromberger
* URL : https://bitbucket.org/creachadair/shell/
* License : BSD-3-Clause
Programming Lang
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: trillian
Version : 1.6.0-1
Upstream Author : Google
* URL : https://github.com/google/trillian
* License : Apache-2.0
Programming Lang: Go
Description : A transparent, highly
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-github-transparency-dev-merkle
Version : 0.0.2-1
Upstream Author : Pavel Kalinnikov, Al Cutter, Martin Hutchinson, M Hickford,
et al
* URL : https://github.com/transparency-dev/merkle
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-k8s-sigs-release-utils
Version : 0.7.7-1
Upstream Author : Kubernetes SIGs
* URL : https://github.com/kubernetes-sigs/release-utils
* License : Apache-2.0
Programming Lang: Go
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-github-adamkorcz-go-fuzz-headers-1
Version : 0.0~git20230919.8b5d3ce-1
Upstream Author : Adam Korcz
* URL : https://github.com/AdamKorcz/go-fuzz-headers-1
* License : Apache-2.0
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-github-cavaliergopher-rpm
Version : 1.2.0-1
Upstream Author : Ryan Armstrong, et al
* URL : https://github.com/cavaliergopher/rpm
* License : BSD-3-clause
Programming Lang: Go
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-github-veraison-go-cose
Version : 1.2.1-1
Upstream Author : Veraison
* URL : https://github.com/veraison/go-cose
* License : MPL-2.0
Programming Lang: Go
Description : go
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-github-cyberphone-json-canonicalization
Version : 0.0~git20220623.57a0ce2-1
Upstream Author : Anders Rundgren
* URL : https://github.com/cyberphone/json-canonicalization
* License
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-github-zeebo-errs
Version : 1.3.0-1
Upstream Author : Jeff Wendling
* URL : https://github.com/zeebo/errs
* License : Expat
Programming Lang: Go
Description : errs is a Go
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: in-toto-golang
Version : 0.9.0-1
Upstream Author : Aditya Sirish, Christian Rebischke, Lukas Pühringer, et al
* URL : https://github.com/in-toto/in-toto-golang
* License : Apache-2.0
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-github-spiffe-go-spiffe
Version : 2.1.6-1
Upstream Author : Agustín Martínez Fayó, Andrew Harding, et al
* URL : https://github.com/spiffe/go-spiffe
* License : Apache-2.0
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-github-shibumi-go-pathspec
Version : 1.3.0-1
Upstream Author : Sander van Harmelen, Christian Rebischke
* URL : https://github.com/shibumi/go-pathspec
* License : Apache-2.0
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: relic
Version : 7.6.1-1
Upstream Author : SAS Institute, Inc.
* URL : https://github.com/sassoftware/relic
* License : Apache-2.0
Programming Lang: Go
Description : digitally sign
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-github-qur-ar
Version : 0.0~git20130629.282534b-1
Upstream Author : Blake Smith, Julian Phillips
* URL : https://github.com/qur/ar
* License : Expat
Programming Lang: Go
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
* Package name: golang-github-sassoftware-go-rpmutils
Version : 0.2.0-1
Upstream Author : SAS Institute, Inc.
* URL : https://github.com/sassoftware/go-rpmutils
* License : Apache-2.0
Programming Lang
Bastian Blank writes:
> Hi Simon
>
> On Sun, Jan 14, 2024 at 10:47:18AM +0100, Simon Josefsson wrote:
>> As an analogy, consider the ./configure scripts that is generated by
>> autoconf during build of many packages. The script typically generate
>> code that is put
Bastian Blank writes:
> On Fri, Dec 29, 2023 at 11:30:14AM +0100, Simon Josefsson wrote:
>> * Package name: ssh3
>
> This package name is clearly not acceptable. SSH is a well known name
> and this project is completely unrelated to it.
Agreed. Packagers have set
Stephan Verbücheln writes:
> On Sat, 30 Dec 2023 12:47:48 + Colin Watson
> wrote:
>> I also feel that something security-critical like this that's
>> labelled by upstream as "still experimental" probably shouldn't
>> be in a Debian release.
>
> It is written in Go. The problem of Go library
Colin Watson writes:
> On Sat, Dec 30, 2023 at 12:13:28AM +0100, Philipp Kern wrote:
>> On 29.12.23 11:30, Simon Josefsson wrote:
>> > SSH3 is a complete revisit of the SSH protocol, mapping its semantics on
>> > top of the HTTP mechanisms. In a nutshell, SSH3 uses
Packaging of SSH3 is available here:
https://salsa.debian.org/go-team/packages/ssh3
https://salsa.debian.org/jas/ssh3/
Thanks to the Salsa CI/CD pipeline there is an aptly repository
available for easy testing, if anyone would like to experiment or help.
Below you can find a snippet how you can
Philipp Kern writes:
> On 29.12.23 11:30, Simon Josefsson wrote:
>> Package: wnpp
>> Severity: wishlist
>> X-Debbugs-Cc: debian-devel@lists.debian.org, debian...@lists.debian.org
>> * Package name: ssh3
>>Version : 0.1.4
>>Ups
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson
X-Debbugs-CC: debian-devel@lists.debian.org, debian...@lists.debian.org
* Package name: golang-github-golang-jwt-jwt-v5
Version : 5.2.0-1
Upstream Author : golang-jwt maintainers, Dave Grijalva
* URL : https
Package: wnpp
Severity: wishlist
X-Debbugs-Cc: debian-devel@lists.debian.org, debian...@lists.debian.org
* Package name: ssh3
Version : 0.1.4
Upstream Contact: François Michel
* URL : https://github.com/francoismichel/ssh3
* License : Apache-2.0
Programming
Package: wnpp
Severity: wishlist
Owner: si...@josefsson.org
X-Debbugs-CC: debian-devel@lists.debian.org
* Package name: apt-verify
Version : 2.0
Upstream Contact: Simon Josefsson
* URL : https://gitlab.com/debdistutils/apt-verify
* License : AGPLv3
Jonathan McDowell writes:
> On Mon, Dec 04, 2023 at 11:07:38AM +0100, Simon Josefsson wrote:
>> Judit Foglszinger writes:
>> >> > Dmitri, could you re-run the numbers with the debian-maintainer
>> >> > keyring?
>> >>
>> >&
Judit Foglszinger writes:
> Hi,
>
>> > Dmitri, could you re-run the numbers with the debian-maintainer keyring?
>>
>> That is correct. I have updated the results now.
>> The 2,455 no public key has now become 1,238
>
> Another is the DN keyring.
> Also I'd expect many keys to be found in older
Salvo Tomaselli writes:
>> hi, on "no public key" list there are my uploads, I'm debian maintainer
>> (https://nm.debian.org/person/fantu/), I signed with my key and I have
>> DM upload right for them
>> (https://qa.debian.org/developer.php?login=fantonifabio%40tiscali.it)
>
> I think he just
Package: wnpp
Severity: wishlist
Hi! I am planning to package priv-wrapper:
https://cwrap.org/priv_wrapper.html
priv_wrapper aims to help running processes which are dropping
privileges or are restricting resources in test environments. A
disabled call always succeeds (i.e. returns
Michael Biebl writes:
> Hi,
>
> we are early in the bookworm release cycle, so I guess it's the
> perfect time to bring up this topic.
Sorry for hijacking the thread, but perhaps now is a good time to stop
using the legacy syslog time format and use the standardized RFC 5424
format? It is the
Paul Wise writes:
> Hi all,
>
> I noticed that sometimes Debian's choice of upstream source for
> packaging can be suboptimal. This is especially apparent for the
> different per-language upstream packaging ecosystems[1], where the
> upstream packaging differs from the upstream VCS in some
Hi! I'm now resuming work on the libidn shared library transition, and
I'm ready for the upload to experimental. I wanted to ping back here to
get more review. I'm following Andreas Metzler's outline, but included
some tweaks suggested by Simon McVittie. I decided to do some more
changes that
Simon McVittie writes:
> On Wed, 26 May 2021 at 19:18:24 +0200, Simon Josefsson wrote:
>> Andreas Metzler writes:
>> > Why not use a versioned Provides *instead* of the dummy package?
>>
>> Yeah, I never understand exactly when these dummy packages ar
Andreas Metzler writes:
> On 2021-05-26 Guillem Jover wrote:
>> On Tue, 2021-05-25 at 19:43:21 +0200, Andreas Metzler wrote:
> [...]
>> I'd probably instead make this a versioned Provides, so that the
>> transitional package can be removed right away from systems, it does
>> not interfere with
Andreas Metzler writes:
> On 2021-05-24 Simon Josefsson wrote:
>> Hi! This is for post-bullseye, but I appreciate guidance if anyone has
>> time. Shared library version transitions trigger uncertainty in me.
>
>> I want to upload a new upstream libidn release into Deb
mån 2021-05-24 klockan 20:45 +0200 skrev Timo Röhling:
> Hi Simon!
>
> * Simon Josefsson [2021-05-24 19:34]:
> > I want to upload a new upstream libidn release into Debian, but
> > upstream
> > has done a shared library transition.
> You should probably read the
references to libidn9 and libidn9-dev, last seen in 2003
+ and didn't reach testing according to the tracker.
+ * For libidn11, drop confusing 'Replaces: libidn11-dev'.
+
+ -- Simon Josefsson Sun, 16 May 2021 00:08:06 +0200
+
libidn (1.33-3) unstable; urgency=low
[ Simon Josefsson ]
diff
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 23 Aug 2019 05:42:17 +0200
Source: oz
Binary: oz
Architecture: source all
Version: 0.17.0-2
Distribution: unstable
Urgency: low
Maintainer: Simon Josefsson
Changed-By: Simon Josefsson
Description:
oz - install
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 15 Aug 2019 13:56:40 +0200
Source: oz
Architecture: source
Version: 0.17.0-1
Distribution: unstable
Urgency: low
Maintainer: Simon Josefsson
Changed-By: Simon Josefsson
Closes: 933509
Changes:
oz (0.17.0-1) unstable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 08 Aug 2019 20:07:46 +0200
Source: gss
Architecture: source
Version: 1.0.3-4
Distribution: unstable
Urgency: low
Maintainer: Debian GSS Team
Changed-By: Simon Josefsson
Changes:
gss (1.0.3-4) unstable; urgency=low
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 02 Aug 2019 15:15:01 +0200
Source: gsasl
Architecture: source
Version: 1.8.1-1
Distribution: unstable
Urgency: low
Maintainer: Debian XMPP Maintainers
Changed-By: Simon Josefsson
Closes: 838032 865164
Changes:
gsasl (1.8.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 23 Jul 2019 11:14:28 +0200
Source: shishi
Architecture: source
Version: 1.0.2-7
Distribution: unstable
Urgency: medium
Maintainer: Debian Shishi Team
Changed-By: Simon Josefsson
Changes:
shishi (1.0.2-7) unstable; urgency
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 20 Jul 2019 22:35:12 +0200
Source: libidn2
Architecture: source
Version: 2.2.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Libidn team
Changed-By: Simon Josefsson
Closes: 882581 929879
Changes:
libidn2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 20 Jul 2019 20:57:31 +0200
Source: libntlm
Architecture: source
Version: 1.5-2
Distribution: unstable
Urgency: low
Maintainer: Debian Authentication Maintainers
Changed-By: Simon Josefsson
Changes:
libntlm (1.5-2) unstable
Changed-By: Simon Josefsson
Description:
python-yubico - Python library for talking to Yubico YubiKeys
python-yubico-tools - Tools for Yubico YubiKeys
Changes:
python-yubico (1.3.2-2) unstable; urgency=medium
.
* Acknowledge NMU.
* Move package from github to salsa, updating Vcs-* URLs
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Mon, 28 Jan 2019 22:29:15 +0100
Source: jabberd2
Binary: jabberd2 jabberd2-dbgsym
Architecture: source amd64
Version: 2.7.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian XMPP Maintainers
Changed-By: Simon Josefsson
: Debian Authentication Maintainers
Changed-By: Simon Josefsson
Description:
python-pyhsm - Python code for talking to a Yubico YubiHSM hardware
yhsm-daemon - YubiHSM server daemon
yhsm-tools - Common files for YubiHSM applications
yhsm-validation-server - Validation server using YubiHSM
yhsm
-By: Simon Josefsson
Description:
yubikey-piv-manager - Graphical tool for managing your PIV-enabled YubiKey
Changes:
yubikey-piv-manager (1.4.2-2) unstable; urgency=medium
.
* Update Standards-Version from 3.9.8 to 4.2.1.
* Move packaging to Salsa, fix Vcs-Browser/Vcs-Git/README.source URLs
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 26 Sep 2018 11:34:05 +0200
Source: ykclient
Binary: libykclient3 libykclient-dev
Architecture: source amd64
Version: 2.15-2
Distribution: unstable
Urgency: low
Maintainer: Debian Authentication Maintainers
Changed-By: Simon
Maintainers
Changed-By: Simon Josefsson
Description:
libykpiv-dev - Development files for the YubiKey PIV Library
libykpiv1 - Library for communication with the YubiKey PIV smartcard
ykcs11 - PKCS#11 module for the YubiKey PIV applet
yubico-piv-tool - Command line tool for the YubiKey PIV
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Mon, 24 Sep 2018 15:17:57 +0200
Source: oz
Binary: oz
Architecture: source all
Version: 0.16.0-2
Distribution: unstable
Urgency: low
Maintainer: Simon Josefsson
Changed-By: Simon Josefsson
Description:
oz - install
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 24 Aug 2018 22:03:11 +0200
Source: libntlm
Binary: libntlm0-dev libntlm0
Architecture: source
Version: 1.5-1
Distribution: unstable
Urgency: low
Maintainer: Debian Authentication Maintainers
Changed-By: Simon Josefsson
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 04 Aug 2018 08:50:40 +0200
Source: yubico-pam
Binary: libpam-yubico
Architecture: source amd64
Version: 2.26-1
Distribution: unstable
Urgency: low
Maintainer: Debian Authentication Maintainers
Changed-By: Simon Josefsson
Maintainers
Changed-By: Simon Josefsson
Description:
libykpiv-dev - Development files for the YubiKey PIV Library
libykpiv1 - Library for communication with the YubiKey PIV smartcard
ykcs11 - PKCS#11 module for the YubiKey PIV applet
yubico-piv-tool - Command line tool for the YubiKey PIV
org>
Changed-By: Simon Josefsson <si...@josefsson.org>
Description:
jabberd2 - Jabber instant messenger server
Closes: 858935
Changes:
jabberd2 (2.6.1-3) unstable; urgency=medium
.
* Update Vcs-Browser and Vcs-Git URLs to salsa.
* Use libssl instead of libssl1.0. Closes: #858935.
Ch
org>
Changed-By: Simon Josefsson <si...@josefsson.org>
Description:
jabberd2 - Jabber instant messenger server
Changes:
jabberd2 (2.6.1-2) unstable; urgency=medium
.
* Remove trailing whitespace.
Fix lintian file-contains-trailing-whitespace.
* Bump debhelper compat to 11.
-
<help-lib...@gnu.org>
Changed-By: Simon Josefsson <si...@josefsson.org>
Description:
idn2 - Internationalized domain names (IDNA2008/TR46) command line tool
libidn2-0 - Internationalized domain names (IDNA2008/TR46) library
libidn2-0-dev - Internationalized domain names (I
org>
Changed-By: Simon Josefsson <si...@josefsson.org>
Description:
gss-doc- Documentation for GSS (except man pages)
gss-man- Man pages for GSS
libgss-dbg - Debugging symbols for GSS
libgss-dev - Development and documentation files for Generic Security Services
libgss3
Authentication Maintainers
<pkg-auth-maintain...@lists.alioth.debian.org>
Changed-By: Simon Josefsson <si...@josefsson.org>
Description:
libykpers-1-1 - Library for personalization of YubiKey OTP tokens
libykpers-1-dev - Development files for the YubiKey OTP personalization libr
Authentication Maintainers
<pkg-auth-maintain...@lists.alioth.debian.org>
Changed-By: Simon Josefsson <si...@josefsson.org>
Description:
libykpers-1-1 - Library for personalization of YubiKey OTP tokens
libykpers-1-dev - Development files for the YubiKey OTP personalization libr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 18 Aug 2017 20:46:46 +0200
Source: oz
Binary: oz
Architecture: source all
Version: 0.16.0-1
Distribution: unstable
Urgency: low
Maintainer: Simon Josefsson <si...@josefsson.org>
Changed-By: Simon Josefsson <si...@jose
<pkg-auth-maintain...@lists.alioth.debian.org>
Changed-By: Simon Josefsson <si...@josefsson.org>
Description:
libu2f-host-dev - Development files for the U2F host C library libu2f-host
libu2f-host0 - Universal 2nd Factor (U2F) host communication C Library
u2f-host - Command lin
lib...@gnu.org>
Changed-By: Simon Josefsson <si...@josefsson.org>
Description:
idn2 - Internationalized domain names (IDNA2008/TR46) command line tool
libidn2-0 - Internationalized domain names (IDNA2008/TR46) library
libidn2-0-dev - Internationalized domain names (IDNA2008/TR46) transit
1 - 100 of 473 matches
Mail list logo
