Re: Proposed (lib)curl switch to openssl 1.1

On 01/11/2018 12:59 AM, Alessandro Ghedini wrote: > On Sat, Dec 02, 2017 at 06:09:39PM +0100, Julien Cristau wrote: >> On Thu, Nov 23, 2017 at 15:49:26 +, Ian Jackson wrote: >>> Reasons I am aware that it *might* be a bad idea are: >>> >>> 1. libcurl e

Re: Proposed (lib)curl switch to openssl 1.1

On Thu, Nov 23, 2017 at 15:49:26 +, Ian Jackson wrote: > (Resending to fix the mail headers, sorry. Please reply to this one, > not the previous one.) > > Hi. You're receiving this mail because you fall into one or more of the > following categories: > * Are associated with the curl

Re: javatools_0.48+deb8u1_amd64.changes ACCEPTED into proposed-updates->stable-new

On Mon, Aug 8, 2016 at 09:20:56 +0200, Emmanuel Bourg wrote: > Le 8/08/2016 à 03:04, Debian FTP Masters a écrit : > > > Changes: > > javatools (0.48+deb8u1) jessie; urgency=medium > > . > >* Non-maintainer upload. > >* Fixed the arch returned for ppc64el in java-arch.sh (closes:

Bug#833572: javatools: java-arch.sh returns wrong result on ppc64el

:49.0 +0200 @@ -1,3 +1,10 @@ +javatools (0.48+deb8u1) UNRELEASED; urgency=medium + + * Non-maintainer upload. + * Fixed the arch returned for ppc64el in java-arch.sh + + -- Julien Cristau <jcris...@debian.org> Sat, 06 Aug 2016 10:46:30 +0200 + javatools (0.48) unstable; urgency=

Bug#707797: jffi: hardcoded dependency on libffi5

Source: jffi Version: 1.0.2-9 Severity: serious Control: block 667906 with -1 Depends: ${misc:Depends}, libffi5 is broken since we're moving to libffi6. Cheers, Julien signature.asc Description: Digital signature __ This is the maintainer address of Debian's Java team

Bug#697617: Reopen jenkins remote execution vulnerability for unstable

On Tue, Jan 29, 2013 at 12:09:29 +, James Page wrote: reopen 697617 thanks There's no need to do that, fwiw. The bts knows if it's fixed in a certain version then earlier ones are affected... Cheers, Julien __ This is the maintainer address of Debian's Java team

Bug#611138: CVE-2010-4438

Hi, On Wed, Jan 26, 2011 at 19:46:32 +0100, Damien Raude-Morvan wrote: So I don't think Debian package is affected by this issue, but we'll have to wait until Oracle/Glassfish team publish some source code to confirm ths. Did that happen in the last year? Cheers, Julien __ This is the

Bug#628294: Bug#628328 closed by Damien Raude-Morvan draz...@debian.org (Bug#628328: fixed in plexus-containers 1.0~beta3.0.7-5)

On Tue, May 31, 2011 at 01:06:12 +, Debian Bug Tracking System wrote: plexus-containers (1.0~beta3.0.7-5) unstable; urgency=low . * Team upload. * Fix FTBFS with libgoogle-collections = 1.0, closes: #625972, #628328, #628294 #628294 and #628328 aren't filed against

Bug#649912: eclipse: FTBFS on various archs

Source: eclipse Version: 3.7.0-1 Severity: serious Justification: fails to build from source (but built successfully in the past) See the logs linked from https://buildd.debian.org/status/package.php?p=eclipse Logs end with:

Re: Bug#642740: xorg-docs: FTBFS: make[3]: *** [fonts.pdf] Error 1

reassign 642740 fop 1:1.0.dfsg2-3 kthxbye On Sat, Sep 24, 2011 at 22:21:49 +0200, Mònica Ramírez Arceda wrote: Source: xorg-docs Version: 1:1.6-1 Severity: serious Tags: wheezy sid User: debian...@lists.debian.org Usertags: qa-ftbfs-20110923 qa-ftbfs Justification: FTBFS on amd64 Hi,

Bug#631061: eclipse: Fails to FTBFS against iceweasel 4.0 or 5.0

On Sun, Jun 19, 2011 at 21:16:49 +0200, Niels Thykier wrote: Package: eclipse Version: 3.6.2-1 Severity: serious Tags: wheezy experimental sid User: pkg-mozilla-maintain...@lists.alioth.debian.org Usertags: xulrunner-2.0 Hi, Since the release team started filing bugs for this, I

Bug#612257: Three Tomcat vulnerabilities

On Thu, Feb 10, 2011 at 07:28:33 -0800, tony mancill wrote: Hello Moritz, You don't seem to have sent this to Moritz, only to the bug? Cheers, Julien signature.asc Description: Digital signature __ This is the maintainer address of Debian's Java team

Bug#611130: CVE-2010-2087

user release.debian@packages.debian.org usertag 611130 squeeze-can-defer tag 611130 squeeze-ignore kthxbye On Tue, Jan 25, 2011 at 21:43:36 +0100, Moritz Muehlenhoff wrote: Package: mojarra Severity: grave Tags: security http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2087

Bug#608286: CVE-2010-4312: does not use HTTPOnly for session cookies by default

user release.debian@packages.debian.org usertag 608286 squeeze-can-defer tag 608286 squeeze-ignore kthxbye On Wed, Dec 29, 2010 at 18:29:40 +0100, Giuseppe Iuculano wrote: Package: tomcat6 Severity: serious Tags: security Hi, the following CVE (Common Vulnerabilities Exposures) id

Bug#606295: squeeze blocker: Bug#606295: libhibernate3-java: FTBFS: maven-related errors

user release.debian@packages.debian.org usertag 606295 squeeze-is-blocker kthxbye On Fri, Dec 24, 2010 at 00:26:26 +0100, Julien Cristau wrote: This needs to be fixed for squeeze, we can't support this package if it can't be built; and there's a bunch of reverse dependencies so removal

Bug#606294: antlr3: FTBFS: maven-related errors

On Wed, Dec 8, 2010 at 22:06:12 +0100, Torsten Werner wrote: On Wed, Dec 8, 2010 at 9:26 PM, Lucas Nussbaum lu...@lucas-nussbaum.net wrote: What does antlr3 need from the network? If the resource it needs might disappear during the squeeze lifetime, it is still RC, I think. It tries to

Bug#445119: This package is two years old

On Sun, Oct 7, 2007 at 20:15:55 +0200, Michael Koch wrote: Then its perhaps best to file two bugs, one against ftp.debian.org to remove argouml from testing and another against argouml to prevent argouml from migrating into testing again. Then we can update argouml in unstable when its ready