Hello,
On Fri, 21 Jul 2023, Daniel Gröber wrote:
> One mention I found is in Raphaël and Roland's DAH (now in CC):
> https://debian-handbook.info/browse/stable/sect.apt-get.html#sect.apt-upgrade
I also saw your associated bug report. Thanks for highlighting this
issue to me. I updated
Hi Axel,
this is a clear design choice of upstream and given that all those
libraries are maintained by the same person (and that he is not providing
any official API stability), I don't think it's really problematic.
Also all those libraries are really small.
Trying to package them separately
Hi,
On Mon, 02 Aug 2021, Samuel Henrique wrote:
> So to try to summarize our approach to the salsa group/org: We can add
> people to it once they have made a few contributions and we're
> confident that they can have permissions to push to any repo we own.
Yes.
> > See
Hello Samuel & Guilherme,
Welcome in the team Guilherme!
On Sat, 31 Jul 2021, Samuel Henrique wrote:
> I have created the repo and gave you Salsa's maintainer role:
> https://salsa.debian.org/pkg-security-team/seclists
>
> Can you also apply to join the org on Salsa?
>
Hi,
On Sat, 12 Jun 2021, Jan Gru wrote:
> Thank you again for reviewing the package and providing detailed feedback as
> well as hints on the solution of the issues.
> I already submitted a merge request containing my changes [5]. I hope, I
> have addressed all issues in an adequate manner.
I
Hello,
I have looked at regripper. Here are my comments/questions:
In the README I see this:
> The following Perl module files have been modified, and the modified versions
> are
> provided as part of this repo:
> C:\Perl\site\lib\Parse\Win32Registry\WinNT\File.pm
>
Hello Arnaud,
On mar., 27 avril 2021, Arnaud Rebillout wrote:
> I'd like to join.
>
> I've been working as a Kali Linux developer for a few months now. Part of my
> job includes maintaining packages.
Welcome in the team!
You have been added to the pkg-security-team in salsa.debian.org.
On Sat, 16 Jan 2021, Francisco Vilmar Cardoso Ruviaro wrote:
> That's right Peter, pkg-config was missing, thanks!
>
> I think librtr[1] is now ready for review and upload.
Uploaded. Thank you!
--
⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog
⣾⠁⢠⠒⠀⣿⡁
⢿⡄⠘⠷⠚⠋The Debian Handbook:
Hi,
On Thu, 24 Dec 2020, Francisco Vilmar Cardoso Ruviaro wrote:
> I fixed an RC bug [0] in librtr [1].
>
> Please, review and upload.
Adrian Bunk pointed out that your fix is clearly incorrect. Can you at
least revert your change please ? It would be nice if you tried to
understand your
On Mon, 21 Dec 2020, Francisco Vilmar Cardoso Ruviaro wrote:
> I hastened and created the libcerror project [1], sorry.
> Could you please delete it?
Done.
Cheers,
--
⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog
⣾⠁⢠⠒⠀⣿⡁
⢿⡄⠘⠷⠚⠋The Debian Handbook: https://debian-handbook.info/get/
⠈⠳⣄ Debian
Hi,
On Sat, 19 Dec 2020, Francisco Vilmar Cardoso Ruviaro wrote:
> Dear security tools team,
>
> I prepared a new version of sleuthkit [1], release 4.10.1+dfsg.
>
> The version 4.10.1+dfsg introducing the ABI change (SONAME bump),
> /usr/lib/*/libtsk.so.19.1.2 > /usr/lib/*/libtsk.so.19.1.3.
On Fri, 27 Nov 2020, Samuel Henrique wrote:
> For reference, this was the ticket:
> https://github.com/libyal/libvhdi/issues/15
>
> I thought about this, as we have the option of performing the upload
> without a transition. My conclusion is that we should get the opinion of
> the release team on
Hello,
On Tue, 08 Dec 2020, Mo Zhou wrote:
> Could you please add me (lumin) into the pkg-security-team?
Done. Note that our packaging conventions are documented in
https://wiki.debian.org/Teams/pkg-security
> I'm interested in maintaining the "ImHex" hex editor within this team.
An hex editor
out, I don't really participated in any security-related
> activities at least within Debian.
>
> What prompted me to join security-tools team is a suggestion by Raphael
> Hertzog, after my email asking for a state of capstone package.
Welcome in the team! The few conventions that we have
Hello Francisco,
On Mon, 30 Nov 2020, Francisco Vilmar Cardoso Ruviaro wrote:
> I raised some requirements for packaging libluksde,
>
> >* python3-libluksde: https://github.com/libyal/libluksde
>
> I worked on libcerror, if it is satisfactory, please review and upload,
> thanks!
> 1-
Hello,
I wanted to help a little bit to fix #971311 & #971308 related to
the deprecation of PyCrypto but I have opened a can of worms.
We need to package new upstream releases of dfvfs and plaso to fix those
(and other RC bugs like #971149). But the new dfvfs requires 4 new packages:
*
Hello,
the irker bot that we were using for IRC notifications has been down for a
while so I switched all our repositories to use KGB (I used the script
from https://salsa.debian.org/pkg-security-team/pkg-security-team).
I updated the team's wiki page accordingly.
Thanks to Unit193 for the
Hello Francisco,
On Fri, 23 Oct 2020, Francisco Vilmar Cardoso Ruviaro wrote:
> having talked to Samuel Henrique, he has been my mentor and helped me
> introduce
> some packages to the team (bruteforce-wallet and stegcracker), so I would like
> to join the team to help in any way possible,
>
>
Hello,
On Sun, 18 Oct 2020, Samuel Henrique wrote:
> Now if anybody tells me they're fine with advocating someone solely
> based on the activity on this list, without sponsoring their uploads,
> I can continue doing the reviews and we move the discussions to here.
I'm fine with this. I would
Hi,
I'm rather busy but I have noted to look into it if Samuel or someone
else doesn't look into it soon.
Cheers,
On Wed, 02 Sep 2020, Karthik కార్తిక్ wrote:
> Package: sponsorship-requests
> Severity: wishlist
>
> Dear mentors,
>
> I am looking for a sponsor for my package "bully":
>
> *
Hi,
On Tue, 07 Jul 2020, Marcos Fouces wrote:
> I also done some work on ganglia-web and ganglia-linux-modules packages
> (also unpublished).
>
> I believe that it is still a good piece of software that deserve its
> place on Debian so i would like to step up as uploader (co-uploaders
>
Hi,
On Fri, 03 Jul 2020, Christian Blichmann wrote:
> I understand that I first need to become a "Sponsored Maintainer" and that
> my packaging will need thorough review before being considered for inclusion
> in Debian.
> Would the proper next steps be to file an ITP and request a Git repo on
>
Hello,
On Mon, 15 Jun 2020, constantine wrote:
> To whom it may concern,
>
> I want to join to your precious security team for helping(any help)
You will have to find out by yourself ways to help... it's not too hard
if you are willing to do some research:
Hello,
I have been approving more and more merge requests of the janitor bot[1]
and I read recently that it's possible to grant commit rights to the bot
so that I don't have to approve them manually.
[1] example:
https://salsa.debian.org/pkg-security-team/ccrypt/-/merge_requests/1
While I
Hello Eriberto,
in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938797#46 you said
that you were working on volatility3. Can you give us some updates?
While Debian dropped volatility, we have kept it in Kali as we hoped
to have volatility3 available as replacement soon.
Can we help in some
On Mon, 30 Mar 2020, Sandro Tosi wrote:
> great, thanks! (if you could grant me access to the Debian Security
> Tools Packaging Team i could commit some of my changes directly, like
> the upcoming drop of python-scapy)
Done. Your access will expire at the end of May.
Cheers,
--
⢀⣴⠾⠻⢶⣦⠀
Hi,
On Sun, 29 Mar 2020, Sandro Tosi wrote:
> so maybe it's time to drop pyrit and it's only reverse dependency
> wifite?
Ack for pyrit. I requested the removal of the package from unstable.
However, wifite works without pyrit. I uploaded a new version dropping
the build-dependency and the
Hi,
On Sat, 21 Mar 2020, Marcos Fouces wrote:
> I just uploaded a new release of websploit [0]. Upstream migrated it to
> Python 3.
>
> Please, check and review (and give me upload rights if you want).
Looks like SZ Lin took care of the upload.
Cheers,
--
⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog
Hi,
On Fri, 27 Mar 2020, Stéphane Neveu wrote:
> I made a new release of ledger-wallets-udev. Could you please review it ?
> https://salsa.debian.org/pkg-security-team/ledger-wallets-udev
Sorry for the delay. Reviewed and uploaded.
What about trying to become a DM so that you can maintain that
Hi,
On Wed, 18 Mar 2020, Marcos Fouces wrote:
> Any DD available for review and upload this new release.
Uploaded!
Cheers,
--
⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog
⣾⠁⢠⠒⠀⣿⡁
⢿⡄⠘⠷⠚⠋The Debian Handbook: https://debian-handbook.info/get/
⠈⠳⣄ Debian Long Term Support: https://deb.li/LTS
Hello Javier,
On Fri, 27 Mar 2020, Javier Fernandez-Sanguino wrote:
> I would like to request access to the pkg-security team and would also
> like to add the security packages that I currently maintain (see
> below) so they are managed by the overall team.
Welcome in the team!
You have been
Hi,
On Fri, 07 Feb 2020, Marcos Fouces wrote:
> Hi team!
>
> I packaged a new release of polenum [0]. Could you review and upload?
Uploaded it yesterday.
Thanks.
--
⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog
⣾⠁⢠⠒⠀⣿⡁
⢿⡄⠘⠷⠚⠋The Debian Handbook: https://debian-handbook.info/get/
⠈⠳⣄ Debian
Hi,
sorry for the delay in my answer.
On Sun, 26 Jan 2020, eamanu wrote:
> I would like join to the team :-)
Nice, welcome !
> I plan help on Python 2 support remove and import Kali package to Debian.
> Also, I would like to package new security related tools.
>
> My salsa user is
Hi Andrej,
On Sun, 02 Feb 2020, Andrej Shadura wrote:
> Having chatted with Sebastian at FOSDEM, I thought I could help maintain
> radare and friends, so I’d like to join the team for this purpose.
Welcome! You have been added to the salsa group. Have a look at
On Thu, 30 Jan 2020, Samuel Henrique wrote:
> Just a heads up that I will be pushing this before the end of FOSDEM.
Thanks. It would be nice to have a script to configure our repositories
with that kind of change.
In Kali I have this:
Hello Fardin,
On Tue, 28 Jan 2020, Optimous Prime wrote:
> I'm Fardin Allahverdinazhand, developer of the "websploit framework"
> project.
>
> I'd like to join the team to do some maintenance on "websploit", Marcos has
> helped me
>
> to build my own package and we are in touch now.
>
> My
Hello Dmitry,
On Tue, 28 Jan 2020, Dmitry Smirnov wrote:
> I'd like to join the team to eventually do some maintenance on "pyrit"
> package as my package "pyrit-opencl" has been incorporated into "pyrit"
> upstream.
You have been added to the salsa group. Have a look a the few team rules:
Hi,
On Mon, 20 Jan 2020, Aleksey Kravchenko wrote:
> I've fixed libpff dependency on Python 2 (Closes #936901) and lintian
> warnings,
>
> producing the libpff_20180714-2 package [1].
>
> Please review it and upload!
Done. I just dropped the "--with autoreconf" which is no longer required
with
Hi,
On Wed, 22 Jan 2020, Aleksey Kravchenko wrote:
> I've prepared ssldump package [1] with new upstream release.
>
> Please review it and upload.
Done. I have no special comments to make, good job.
Cheers,
--
⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog
⣾⠁⢠⠒⠀⣿⡁
⢿⡄⠘⠷⠚⠋The Debian Handbook:
Hello,
On Wed, 22 Jan 2020, factoreal wrote:
> I would like to join to this team and work on some things like testing,
> debugging, and building for some packages. Please guide me.
Thanks for your interest but this a bit too vague for us to help you. You
can have a look at
Hi Balint,
On Wed, 22 Jan 2020, Bálint Réczey wrote:
> I'd like to join the team to do QA-like work on some packages.
You have been added to the salsa group. Can you say a bit more about
your plans?
Cheers,
--
⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog
⣾⠁⢠⠒⠀⣿⡁
⢿⡄⠘⠷⠚⠋The Debian Handbook:
Hello Adrian,
I saw all the delayed NMUs that you prepared for packages in the
pkg-security team. Thanks for this.
Please go ahead and reschedule them so that they are uploaded immediately.
Bonus points if you can apply your patches to the git repositories: I
granted you access to the team
Hi,
On Mon, 30 Dec 2019, SZ Lin (林上智) wrote:
> I'm curious about the benefit of putting gbp.conf in each package
> instead of using ~/.gbp.conf. It's painful to have to update this file
> once the team decided to change the default configuration afterward, and
> I didn't see any extraordinary
On Sat, 30 Nov 2019, Aleksey Kravchenko wrote:
> Your help will be greatly appreciated ;)
So I forced pushed debian/master to match unstable and I made further
cleanups and changes and I uploaded the result. I also force pushed
the upstream branch to match the latest state of debian/master.
I
Hi,
On Sat, 16 Nov 2019, Marcos Fouces wrote:
> Could any DD review and upload?
Done.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/
Hi,
On Sat, 16 Nov 2019, Marcos Fouces wrote:
> I packaged a new release of recon-ng [0]. It should not be uploaded
> directly due to new python modules dependencies that i also packaged
> [1] [2].
>
> Could any DD review and upload them:
>
> [0]
Hi,
On Sun, 13 Oct 2019, Samuel Henrique wrote:
> You see, o-saft needs an old version of openssl to be able to check for
> old ssl things (ciphers etc.).
>
> I know there has been some talk about getting an "openssl-insecure"
> package for the testssl.sh[0] package for the same reason. I think
Hi,
On Sun, 29 Sep 2019, Samuel Henrique wrote:
> If nobody objects, I will be enabling and pushing salsa-ci.yml to all of
> our packages soon.
I'm fine with it, but please make sure to skip the CI for the initial
push. Otherwise you will have grumpy salsa admins. They asked the python
team to
Hi,
On Fri, 30 Aug 2019, Alexander Wirt wrote:
> > We're not speaking of crap software, we're just speaking of software that
> > can't be maintained multiple years by backports of security patches, where
> > we get fixes only with new upstream versions (mixed with new features).
> I don't want to
On Fri, 30 Aug 2019, Alexander Wirt wrote:
> There were several discussions over the last years. And yes, our vision of
> backports does not match the vision of those fastpace/not ready for
> stable/whatever you call them repos. In our vision debian-backports consists
> of new (tested, as in "is
Hi,
On Fri, 30 Aug 2019, Pirate Praveen wrote:
> Fast Track repo works exactly like current backports except the packages
> are added from unstable (or experimental during transitions and freeze)
> as they cannot go to testing and hence to current backports.
>
> As Paul noted earlier, backports
(Note: pkg-security@tracker.d.o is not a valid email, dropped)
Hi,
On Thu, 29 Aug 2019, Holger Levsen wrote:
> > In general, we (Debian) don't have a good answer to this problem and
> > virtualbox is clearly a bad precedent. We really need to find a solution
> > to this in concertation with the
Hi,
On Thu, 29 Aug 2019, Moritz Mühlenhoff wrote:
> The upstream link makes it sound as if they are one of those upstreams
> which reject the idea of distributions shipping an older release to
> a stable distro. For a tool like radare2 that seems fair enough, so
> how about simply excluding it
Hi,
On Sun, 18 Aug 2019, Samuel Henrique wrote:
> What do you say we do the same on our channel?
We are not using KGB but irker and it's not so verbose... it's already
showing a limited number of commits for each push (3 currently).
And for now, we haven't enabled salsa-ci on our repositories
Hi,
On Mon, 15 Apr 2019, Samuel Henrique wrote:
> Perfect, if by that time I haven't written an advocacy for your
> application, ping me and I will look into that, I reckon Raphaël is gonna
> write one already but you will need two.
> I have some stuff from DebConf19 to work on during the
Hi,
On Sun, 24 Feb 2019, Marcos Fouces wrote:
> Hellos Samuel
>
> When i sent this email, i still did not fixed the bug you refer
> (#922563) but only the first one (#864242). I share your concern about this.
>
> Create a separate branch without this change would be a good idea?
We're now too
Hello Sven,
On Sun, 10 Mar 2019, Sven Geuer wrote:
> I fixed bug #924042 in tomb [1]. Please review and upload.
Unfortunately we're now in deep freeze and we should only upload
mimimal set of changes. You have made more changes than just adding
the missing recommends/suggests so the package
Hi,
On Thu, 07 Feb 2019, Sophie Brun wrote:
> > On 6/2/19 17:57, Christian Kastner wrote:
> >> On 2019-02-05 16:27, Sophie Brun wrote:
> Please note that the problem itself is with the autopkgtest of the
> package, build is ok, you will only spot it if you enable such tests.
> That
Hi,
On Mon, 31 Dec 2018, Sven Geuer wrote:
> Regarding joining the group I seem to miss the obvious. I didn't see
> how to do so on [2]. Please advice.
I have added you to the team (there's no button to request to join, you
have to ask here, I just clarified this on the wiki page).
Cheers,
--
Hello,
I created a new "pkg-security-team" git repository with some helper
scripts to manage our repositories.
$ git clone g...@salsa.debian.org:pkg-security-team/pkg-security-team.git
$ sudo apt install mr
$ bin/setup-team-repos
Most notably bin/setup-team-repos will install the "mrconfig"
Hi,
On Thu, 22 Nov 2018, Marcos Fouces wrote:
> I did some housekeeping on nmapsi4 package [1].
>
> Any DD could review and upload it? (if appropiate)
Done.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master
Hi,
On Wed, 21 Nov 2018, Marcos Fouces wrote:
> I did some work on ncrack package [1] mostly based on nmap packaging
> done by Lukas.
>
> Any DD could review and upload it? (if appropiate)
Done and uploaded. I just tweaked the copyright file a little bit
to add a comment in its proper place
On Wed, 31 Oct 2018, Samuel Henrique wrote:
> I think it's safe to downgrade to Recommends, as most users install
> recommends anyway.
>
> I will do it soon if there isn't any objections to this.
Yeah, fine for me.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS:
Hi,
On Tue, 25 Sep 2018, Marcos Fouces wrote:
> I packaged a new upstream release of t50. Please, could you review and
> upload if appropiate?.
Done. Note that I switched the watch file to use sourceforge.net so that
we can use the upstream PGP signature.
Cheers,
--
Raphaël Hertzog ◈ Debian
Hi,
On Mon, 03 Sep 2018, p...@reseau-libre.net wrote:
> I've updated dhcpig to suppress the dependency to go-md2man. This
> allows the build on non-linux hosts (hurd, kfreebsd...). If any of the
> DDs have some time to review the update ?
Done and uploaded.
Cheers,
--
Raphaël Hertzog ◈ Debian
Hi,
On Sat, 25 Aug 2018, Giovani Ferreira wrote:
> > There are similar problems with the hashrat package that you uploaded
> > too.
>
> I think these 2 commits will be lost, is there a way to fix this?
It depends on what you have to do.
If you worked in git to prepare your last upload and
and
Hello Hilko,
the git repositories of grr-client-templates, libevt and nmap are lacking
the changes (and tags) corresponding to your last upload(s).
Can you push them?
Thank you.
--
Raphaël Hertzog ◈ Writer/Consultant ◈ Debian Developer
Discover the Debian Administrator's Handbook:
→
Hello,
I would like to suggest to remove lcrack from Debian. The software has not
evolved since 2004 and upstream website has disappeared.
There are better alternatives to crack passwords such as hashcat and john.
However forensics-extra does depend on it, it would have to be updated first.
Are
Hello Marcos,
On Thu, 02 Aug 2018, Marcos Fouces wrote:
> I uploaded a new package with a newer upstream release of arp-scan [0].
>
> Could you check it?
I fixed some lintian errors (see below) and I uploaded the result.
I: arp-scan source: out-of-date-standards-version 4.1.5 (released
On Wed, 25 Jul 2018, p...@reseau-libre.net wrote:
> The package has been updated. build, lintian and piuparts are ok. I've
> updated the salsa repository for review. If you ok with this I can upload
> this evening.
Ah, I forgot to push my changes, sorry. Anyway your changes are OK, here are
the
Hi,
On Wed, 25 Jul 2018, p...@reseau-libre.net wrote:
> I took a look on current upstream release, the bug is already patched in the
> future 0.1.11.
> We just have to wait for this release.
You don't have to wait. You can just apply the relevant patch via
debian/patches/:
Hi Phil,
moving the discussion to the mailing list (instead of the
tracker team).
On Wed, 25 Jul 2018, p...@reseau-libre.net wrote:
> After review of the OpenSCAP Daemon bug (#904371), which is an
> incompatibility of it with the python 3.7 version. I have 2 questions:
>
> - the associated bug
On Sun, 22 Jul 2018, Samuel Henrique wrote:
> Has anybody had a look at what we could do with these? If we could
> generate a template for our team with all the hooks ready?
> I'm not sure what kind of things can be set up with a template.
>
> I can give a further look if nobody has done so.
I
Hello,
On Fri, 13 Jul 2018, Alexander Kulak wrote:
> please consider uploading ccrypt 1.10-7.
> Change:
> fix removing obsoleted conffile (closes: #893687).
Done, uploaded.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Hello Samuel,
On Sun, 10 Jun 2018, Samuel Henrique wrote:
> >URL: https://webhook.salsa.debian.org/tagpending/
> >(replace by the name of the source package)
> >
> But that URL does not work, for example:
> https://webhook.salsa.debian.org/tagpending/mdk3
> gives me:
>
> Not Found
Why
On Fri, 25 May 2018, Pierre Chifflier wrote:
> Indeed, the patch is part of openscap, and the files are now present in
> libopenscap8 (starting from 1.2.16-2):
Ok, I got the details wrong but the initial problem is still present.
The autopkgtest tests are not passing:
Hello Samuel,
I have a few comments.
On Mon, 21 May 2018, Samuel Henrique wrote:
> I did most of this work on a google spreadsheet[0].
While I can understand the convenient nature of this service,
this is not really in the spirit of Debian to rely on proprietary
services.
I also understand
Hi,
On Sat, 12 May 2018, Samuel Henrique wrote:
> I've got a new account: samueloph
>
> I'd need access to the team on salsa.d.o so i can remove my old account
> samueloph-guest.
Done (at master level like all DD, so that you can create repositories,
but that means you can also add new members,
Hello Manas,
On Mon, 07 May 2018, Manas Kashyap wrote:
> I am Manas kashyap , a Debian contributor , i have packaged ,
> ruby-websocket
> (https://salsa.debian.org/Manas-kashyap-guest/ruby-websocket) . and , I
> need a sponsor for this package as , this package was packaged for kali
> but wasn't
Hi,
On Wed, 02 May 2018, Samuel Henrique wrote:
> Yes, i gave a quick look at the logs and it looks like a missing build-dep
> on libssl-dev, it fails at:
> #include
>
> I'll try to confirm that and push a fix.
I saw that but this failure should have been seen in all architectures in
that
Hello Marcos,
On Tue, 01 May 2018, Marcos Fouces wrote:
> I just uploaded a package with the new release of dnsrecon [1]
Uploaded.
> Also the new release of recon-ng could be uploaded as well [2]
Finalized and uploaded as well.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian
On Wed, 02 May 2018, Samuel Henrique wrote:
> > I updated aircrack-ng to latest upstream version.
> > I pushed everything on Git repo. Please check the package and upload it
> > if it's ok.
>
> Uploaded, thanks for doing the work
Have you seen the build failures on arm64, ppc64el, armel, armhf?
[ Moving discussion to debian-security-tools@lists.debian.org, Gianfranco
please don't use the old list ]
On Thu, 05 Apr 2018, Gianfranco Costamagna wrote:
> Hello, can anybody please reply here in case he is interested as a student
> for GSoC this year?
You don't have to ask this question.
Hello everybody,
I was initially not planning to mentor this GSoC project because I don't
have the time required to mentor people who are not familiar enough with
Debian packaging in general. However the fact that Gianfranco was willing
to co-mentor and the presence of already experienced
Hi,
On Thu, 13 Oct 2011, Ansgar Burchardt wrote:
> it would be nice if the security tracker could track uploads to p-u,
> similar to how it already shows uploads to the security archive.
And relate this with data/next-point-update.txt and
next-oldstable-point-update.txt to mark the CVE as fixed
Hi,
On Tue, 13 Mar 2018, Alexander Kulak wrote:
> I tried to avoid dh-elpa because it requires creating a separate binary
> package, but after digging deeper (e86381a1 commit message)
> I have indeed created it.
> All informational lintian warning are fixed too, with distinct commit
> message
On Tue, 13 Mar 2018, Raphael Hertzog wrote:
> I looked at your package but I'm not familiar with the emacs integration
> thing.
> I saw that you have a lintian warning about this:
I also wanted to ask you why you have a Build-Depends on "autopoint". It's
not a common build dep
Hi,
On Sat, 10 Mar 2018, Stéphane Neveu wrote:
> Sure, I've renamed everything (I hope) except the git directory
> directly on salsa because I cannot ssh on salsa anymore :/ I'm not
> sure what happened.
Nothing happened. Nobody (except salsa admins) can ssh into salsa. Part of
the point of the
On Mon, 25 May 2015, Moritz Muehlenhoff wrote:
If I understand the approach correctly, this mean we could as well add
the fixed versions through (o)s-pu directly to the data/CVE/list once
accepted by the stable release managers instead of keeping them in
separate list
Hi Petter,
On Thu, 30 Apr 2015, Petter Reinholdtsen wrote:
But neither Redhat nor Ubuntu believe this CVE affect their software.
Also NVD only list windows as affected. Are you sure Qt is affected by
this CVE, or could there be a typo somewhere?
It was indeed a typo. The qt4-x11 update I
Hi,
On Mon, 23 Mar 2015, Raphael Hertzog wrote:
On Mon, 23 Mar 2015, Holger Levsen wrote:
I also noticed that we have nowhere data that says that an
issue is undetermined... maybe those issues should be entirely dropped?
I agree that those issues should not be displayed in the tracker
On Mon, 23 Mar 2015, Holger Levsen wrote:
I also noticed that we have nowhere data that says that an
issue is undetermined... maybe those issues should be entirely dropped?
I agree that those issues should not be displayed in the tracker, but I'm not
entirely convinced they should be
Hi,
On Mon, 09 Mar 2015, Holger Levsen wrote:
I have deployed this now. It might be that fixed_version=0 means not
affected but i'm not sure yet and my mind wants a break (for a moment)...
Another nice thing to add in the generated file is whether the package is
listed in dsa-needed.txt and
On Mon, 16 Mar 2015, Raphael Hertzog wrote:
On Mon, 09 Mar 2015, Holger Levsen wrote:
I have deployed this now. It might be that fixed_version=0 means not
affected but i'm not sure yet and my mind wants a break (for a moment)...
Another nice thing to add in the generated file is whether
Hi,
On Mon, 16 Mar 2015, Holger Levsen wrote:
Hi Raphael,
On Montag, 16. März 2015, Raphael Hertzog wrote:
I'm currently trying to use the generated json but the data below the
releases field doesn't correspond to what we discussed. It contains
entries like wheezy-security or squeeze
On Wed, 25 Feb 2015, Florian Weimer wrote:
* Raphael Hertzog:
On Sun, 22 Feb 2015, Florian Weimer wrote:
I've moved the debsecan Git repository to Gitorious. Please speak up
if you want to be added to the push ACL.
Out of curiosity, why not on git.debian.org ?
As far as I
On Mon, 09 Mar 2015, Holger Levsen wrote:
I dont, as I've converted the previous yaml output to json, because I liked
the humand readability of the result...
Even for the YAML output I would have used a YAML library, so it doesn't
make more sense for me :-)
That said your repositories field
Hi,
On Thu, 26 Feb 2015, Holger Levsen wrote:
so I've deployed my patches now and you can get json at
https://security-tracker.debian.org/tracker/data/json now.
I haven't tested the output against a json validator yet... so feedback
welcome and I do expect some more work to do...
Yeah, a
On Tue, 24 Feb 2015, Holger Levsen wrote:
On Dienstag, 24. Februar 2015, Richard Hartmann wrote:
Depending on your layout, you don't really need two different JSON
files, though.
how would you distinguish between squeeze, which includes lts and security,
and squeeze, which doesnt? Same
Hi,
On Sun, 22 Feb 2015, Florian Weimer wrote:
I've moved the debsecan Git repository to Gitorious. Please speak up
if you want to be added to the push ACL.
Out of curiosity, why not on git.debian.org ?
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS:
1 - 100 of 111 matches
Mail list logo
