This is an automated email from the git hooks/post-receive script.
mgilbert pushed a change to tag debian/2.4.8-1
in repository yui-compressor.
at 232b334 (commit)
No new revisions were added by this update.
--
Alioth's /usr/local/bin/git-commit-notice on
This is an automated email from the git hooks/post-receive script.
mgilbert pushed a commit to branch master
in repository yui-compressor.
commit 232b3349e1d25f989a83a3897977a7fc91587624
Author: Michael Gilbert <mgilb...@debian.org>
Date: Sat Feb 10 22:18:27 2018 +
updates to s
This is an automated email from the git hooks/post-receive script.
mgilbert pushed a change to branch master
in repository yui-compressor.
from 97d4a4c interim changelog
new 232b334 updates to support upstream version 2.4.8
The 1 revisions listed above as "new" are entirely
On Wed, Mar 9, 2016 at 10:20 AM, Markus Koschany wrote:
> https://github.com/JetBrains/kotlin
>
> This one seems to be the blocker because kotlin build-depends on
> components of IntelliJ IDEA and all in all that's a lot of stuff for a
> mere library.
This is the huge dependency stack that I was
> I have switched the build-dependency to default-jdk and changed
> JAVA_HOME in debian/rules accordingly. However the package FTBFS with
> OpenJDK 8. I guess packaging the latest upstream release would be the
> best option.
2.9.3 is supposed to support building without ant. I looked at it a
On Sat, Sep 5, 2015 at 10:55 AM, shirish wrote:
> Might spur somebody into action.
In debian, things get done by those willing to scratch an itch. If
you have this itch, please go scratch it.
Best wishes,
Mike
__
This is the maintainer address of Debian's Java team
/changelog 2013-05-16 08:49:59.0 +
+++ fop-1.1.dfsg2/debian/changelog 2014-11-01 22:14:22.0 +
@@ -1,3 +1,10 @@
+fop (1:1.1.dfsg2-0.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Remove non-free files from the upstream tarball (closes: 657281).
+
+ -- Michael
On Sat, Nov 1, 2014 at 6:51 PM, Emmanuel Bourg \wrote:
Le 01/11/2014 23:29, Michael Gilbert a écrit :
Hi, I've uploaded an nmu repacking the tarball without the non-free
file to delayed/5. See attached. Please let me know if I should
delay longer.
Isn't including the free equivalent
+++ jruby-1.5.6/debian/changelog 2014-11-01 21:08:49.0 -0400
@@ -1,3 +1,10 @@
+jruby (1.5.6-8.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Build-depend openjdk = 7u71-2.5.3 (closes: #759947).
+
+ -- Michael Gilbert mgilb...@debian.org Sun, 02 Nov 2014 01:02:24 +
+
jruby
package: libjinput-java
severity: serious
version: 20100502+dfsg-7
This package currently depends on libjinput-jni, which is currently
not build on the kfreebsds (#657771), so the libjinput-java is
uninstallable on those architectures.
Best wishes,
Mike
__
This is the maintainer address of
On Fri, Oct 10, 2014 at 9:06 AM, Emmanuel Bourg wrote:
Restoring the apt binary in the openjdk-7-jdk package should fix this
issue. It was removed in openjdk-7/7u65-2.5.1-5 but it's still available
upstream.
This issue will come back with the Java 8 transition.
I looked at what it will take
On Wed, Jan 15, 2014 at 3:31 PM, David Prévot wrote:
Control: retitle -1 Please upgrade lwjgl to a more recent version
Hi Michael,
On Sun, Nov 13, 2011 at 10:55:38AM -0500, Michael Gilbert wrote:
i worked on packaging the upstream version 2.8.1 today
It looks like you forgot to push your
Hi,
I've uploaded an nmu fixing this issue. Please see attached patch.
Best wishes,
Mike
wagon2.patch
Description: Binary data
__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers.
Please use
control: severity -1 normal
You have a mix of deb-multimedia packages, which often leads to
problems. Please try to reproduce this on a clean installation.
Best wishes,
Mike
__
This is the maintainer address of Debian's Java team
Debian Release: 7.0
500 unstablewww.deb-multimedia.org
500 testing www.deb-multimedia.org
So which one should I remove? Unstable?
You should remove all packages that you've installed from either.
Best wishes,
Mike
__
This is the maintainer address of Debian's Java team
Hi Andreas
I've uploaded both packages to mentors.
commons-httpclient - bug #692442 CVE-2012-5783
axis - bug #692650 CVE-2012-5784
Since axis uses commons-httpclient, we need fix and upload both
packages.
Upstream has ignored axis patch, and rejected commons-httpclient patch.
I've backported the routine to validate certificate name, and I've made
a patch (attached).
I'm not sure it's a good idea apply the patch, it can break programs
that connect with bad hostnames (ips, host in /etc/hostname, etc)
Would you mind getting your patches for these issues reviewed
version: 6.0.35-5+nmu1
__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers.
Please use
debian-j...@lists.debian.org for discussions and questions.
Hi, I've uploaded an nmu fixing this issue. Please see attached patch.
Best wishes,
Mike
tomcat7.patch
Description: Binary data
__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers.
Please use
package: src:lwjgl
version: 2.7.1+dfsg-1
severity: normal
i worked on packaging the upstream version 2.8.1 today, but it has a
new dependency on asm4 that doesn't exist in debian yet. it currently
has an RFP bug.
__
This is the maintainer address of Debian's Java team
affects 623950 lwjgl
thanks
bug # 623950 is the asm4 rfp.
__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers.
Please use
debian-j...@lists.debian.org for discussions and questions.
The following commit has been merged in the master branch:
commit 7532f52eff099d649668c84bb28534b35fefa184
Author: Michael Gilbert michael.s.gilb...@gmail.com
Date: Sun Nov 13 09:36:40 2011 -0500
fix clean rule
diff --git a/debian/changelog b/debian/changelog
index c4f3579..76aa619 100644
The following commit has been merged in the master branch:
commit 4f4fe2ba044cf0131ee790061aeb4d64049b936d
Author: Michael Gilbert michael.s.gilb...@gmail.com
Date: Sun Nov 13 09:37:23 2011 -0500
fix vcs-git field
diff --git a/debian/changelog b/debian/changelog
index 76aa619..d5a9732
The following commit has been merged in the master branch:
commit 8ef0715b33ae1f8c40d730d33dccd5faf7193f60
Author: Michael Gilbert michael.s.gilb...@gmail.com
Date: Sun Nov 13 09:48:12 2011 -0500
update copyright file
diff --git a/debian/changelog b/debian/changelog
index d5a9732..11a5e06
The tag, debian/2.7.1+dfsg-2 has been created
at f792bb87936270129dd3fb31e0af8d11d8bab9be (commit)
- Shortlog
commit f792bb87936270129dd3fb31e0af8d11d8bab9be
Author: Michael Gilbert michael.s.gilb...@gmail.com
Date: Sun Nov
package: jinput
version: 20100502+dfsg-4
severity: normal
jinput.jar should have /usr/share/java/jutils.jar in its Class-Path in
the manifest file. without this, dependencies need to include jutils
explicitly in their Class-Paths (even though there isn't a direct
depends, which is a bit odd and
to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -
commit 8e15984941d592bbfe790520801a18f19f542094
Author: Michael Gilbert michael.s.gilb...@gmail.com
Date: Sat May 7 14:04:19
7439548c46692cf26d2c402c878ddb05e842c4d0
Author: Michael Gilbert michael.s.gilb...@gmail.com
Date: Sun Apr 3 16:46:09 2011 -0400
pristine-tar for 2.7.1+dfsg
---
Summary of changes:
lwjgl_2.7.1+dfsg.orig.tar.gz.delta
(commit)
- Log -
commit 09bd29f33e456dfa8ed08d4ecf6caaa361e780d7
Author: Michael Gilbert michael.s.gilb...@gmail.com
Date: Sun Apr 3 16:42:33 2011 -0400
import upstream 2.7.1+dfsg
(commit)
from 09bd29f33e456dfa8ed08d4ecf6caaa361e780d7
- Log -
commit cb1276cd76e26cb78a6a681349ab5af7b034d31f
Author: Michael Gilbert michael.s.gilb...@gmail.com
Date: Sun Apr 3 18:06:11 2011 -0400
drop files deleted
Hi,
I've packaged yui-builder to help solve bug #512915 in yui. Would
anyone be so kind as to review and sponsor the upload?
http://mentors.debian.net/debian/pool/main/y/yui-builder
Thanks,
Mike
__
This is the maintainer address of Debian's Java team
package: ant-contrib
severity: normal
tags: patch
antcontrib.properties is missing an entry for the 'for' task. see
attached patch that fixes the problem.
best wishes,
mike
ant-contrib.debdiff
Description: Binary data
__
This is the maintainer address of Debian's Java team
environment that has Rhino ]
+ [ Michael Gilbert ]
+ * Download the required rhino source files in the orig tarball
+fetching script.
+ * Add patches for build file to use system rhino and jargs libraries.
+ * Apply yui-compressor patches to the included rhino source.
+ * Add
On Tue, 08 Dec 2009 09:26:54 +0100, Torsten Werner wrote:
Michael Gilbert schrieb:
it is much more straightforward to simply check that the
existing fix is applied. since you should have a relationship with
upstream, it should be relatively straightforward to get a response
from them
this reference may be informative:
http://lists.alioth.debian.org/pipermail/secure-testing-team/2009-May/002394.html
mike
___
pkg-java-maintainers mailing list
pkg-java-maintainers@lists.alioth.debian.org
reopen 559765
thanks
On Mon, 07 Dec 2009 10:38:07 +0100, Niels Thykier wrote:
I found the upstream bug report[1] where upstream say they have fixed it
in 6.1.7 (and provide a fix for earlier versions as well) - I saw no
reason to doubt this.
changelog notes are not sufficient justification to
On Mon, 7 Dec 2009 21:21:14 +0100, Torsten Werner wrote:
tags 559765 + wontfix
thanks
On Mon, Dec 7, 2009 at 5:10 PM, Michael Gilbert
michael.s.gilb...@gmail.com wrote:
changelog notes are not sufficient justification to close a security
issue. the source needs to be checked against
Package: jetty
Version: 6.1.21-1
Severity: serious
Tags: security
Hi,
The following CVE (Common Vulnerabilities Exposures) id was
published for jetty.
CVE-2007-6672[0]:
| Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass
| protection mechanisms and read the source of files via
package: libgnucrypto-java
version: 2.1.0-4
severity: important
tags: security
hi,
libgnucrypto-java embeds classpath, which is very outdated. this also
makes security updates very troublesome. please update the package to
use the libraries provided by classpath. thanks.
mike
Package: libgnucrypto-java
Version: 2.1.0-2
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities Exposures) id was
published for classpath. libgnucrypto-java embeds classpath, so it is
also affected.
CVE-2008-5659[0]:
| The gnu.java.security.util.PRNG class in GNU
package: lucene2
version: 2.9.0+ds1-3
severity: important
tags: security
Hi,
Your package embeds prototype.js, which makes security updates very
cumbersome, difficult, and potentially error-prone. Please update your
package to make use of the system prototype.js provided by the
libjs-prototype
package: lucene2
version: 2.3.1+ds1-1
severity: serious
tags: security
Hi,
Your package contains an embedded version of prototype.js that is
vulnerable to either CVE-2007-2383 (affecting prototype.js before 1.5.1)
[0], CVE-2008-7220 (affecting prototype.js before 1.6.0.2) [1], or both.
Your
42 matches
Mail list logo
