Bug#609183: unblock: calendarserver/2.4.dfsg-4
Hi Mehdi, Thanks for the response. I would consider this to be a serious bug that an upgrade is necessary. That is because if users are using NSS directory backend and upgrade their calendars, the calendars would no longer be accessible after the upgrade. The only reason why a bug is not filed is because users who are using NSS directory backend in lenny have probably not yet upgraded to squeeze :). I do understand that squeeze is in deep freeze but still feel that this is a relevant enough problem that the package be unblocked. Also the postinst script which performs the migration is only called during the upgrade and is of no use once calendarserver is upgraded from 1.x to 2.x. Therefore I strongly feel that calendarserver should be unblocked. Anyway, you being part of the release team, I trust and respect your decision. But I just wanted to explain why I felt unblocking was necessary :). Thanks and Regards, Rahul. On Saturday 08 January 2011 04:20 AM, Mehdi Dogguy wrote: On 01/07/2011 05:18 AM, Rahul Amaram wrote: Please unblock package calendarserver The latest version of calendarserver in sid (2.4.dfsg-4) has a postinst script which facilitates for auto-migration of caldavd data directories when using NSS directory backend. This is very useful for users who use NSS directory service backend and would like to have their old calendars available after the upgrade as it will seamlessly migrate their calendars. While I agree that this is an improvement, it still seems like a new feature in the package and I don't feel comfortable with unblocking it. I'd prefer to keep the current package in Squeeze as is, if no RC bugs are reported against it. Regards, -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4d280491.3040...@synovel.com
Bug#608658: RM: clive/0.4.18-1 (stable)
Mehdi Dogguy writes: >> Please consider removing clive/0.4.18-1 from Lenny. It does no >> longer work due to changes to the web sites it extracts the video >> URLs from. > > Do you think that you'll need to file a similar RoM bug in two years to > remove clive from Squeeze? Hopefully not. I am quite sure clive will need several updates over Squeeze's lifetime, but there are two problems with Lenny's version: It's written in Python. clive is now maintained by the Perl Group and I know only very little Python (it was maintained by the Python Apps Team in the past). Further most necessary changes to keep clive working are quite small, but I don't want to figure out all changes over the past two years required to make Lenny's version work again. Regards, Ansgar -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87zkrckygl@marvin.43-1.org
RM: libxtemplate-ruby1.8/testing -- ROM; no real maintainer, very low usage
Hi, Please remove libxtemplate-ruby1.8 (as well as the dummy binary package libxtemplate-ruby, generated from the same sources) from Squeeze — I adopted it as it was lacking a human maintainer (had only the team address on it). The package requires very low-maintenance, but does not even get that. I will also file for removal from unstable in a separate message. signature.asc Description: Digital signature
Re: Accepted gnumed-client 0.7.10-2 (source all)
On 12/30/2010 09:11 PM, Adam D. Barratt wrote: > On Thu, 2010-12-30 at 20:52 +0100, Julien Cristau wrote: >> On Thu, Dec 30, 2010 at 20:45:10 +0100, Andreas Tille wrote: >> >>> On Thu, Dec 30, 2010 at 08:39:29PM +0100, Julien Cristau wrote: On Thu, Dec 30, 2010 at 19:32:06 +, Andreas Tille wrote: > gnumed-client (0.7.10-2) testing-proposed-updates; > urgency=low . Why does this contain the 0.8.5-1 changelog entry? That looks broken. >>> >>> Because package version 0.8.5-1 was released previosely and I >>> intended to keep a full record of all released packages in the >>> changelog. >> >> That makes no sense. The 0.7.10-2 package doesn't contain the >> changes from 0.8.5-1, why should it contain its changelog? > > More to the point, it's going to make the BTS believe that 0.7.10-2 > is a direct descendent of 0.8.5-1 and contains any bugs present in > the latter version, which is clearly not the case. The previous > intermingling of 0.7.10-1 in the unstable changelog is also broken; > the packages are not descended from each other, the changelog should > not claim that they are. > @Andreas: Can you please re-upload with that section removed from the changelog? Regards, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4d27a746.8090...@debian.org
Bug#609272: unblock: wps2sxw/0.1.0-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, Please unblock package wps2sxw Fixes debian/copyright (found by NEW processing of its successor wps2odt) unblock wps2sxw/0.1.0-2 -- System Information: Debian Release: 6.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Grüße/Regards, Rene -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110107232755.ga20...@rene-engelhard.de
Bug#609183: marked as done (unblock: calendarserver/2.4.dfsg-4)
Your message dated Fri, 07 Jan 2011 23:50:44 +0100 with message-id <4d2798c4.4020...@dogguy.org> and subject line Re: Bug#609183: unblock: calendarserver/2.4.dfsg-4 has caused the Debian Bug report #609183, regarding unblock: calendarserver/2.4.dfsg-4 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 609183: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609183 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package calendarserver The latest version of calendarserver in sid (2.4.dfsg-4) has a postinst script which facilitates for auto-migration of caldavd data directories when using NSS directory backend. This is very useful for users who use NSS directory service backend and would like to have their old calendars available after the upgrade as it will seamlessly migrate their calendars. The changes in the new version are just the inclusion of a postinst script for performing upgradation of the calendar data directories when using NSS service backend. Nothing else has really been modified. unblock calendarserver/2.4.dfsg-4 -- System Information: Debian Release: 5.0.7 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/2 CPU cores) --- End Message --- --- Begin Message --- On 01/07/2011 05:18 AM, Rahul Amaram wrote: > > Please unblock package calendarserver > > The latest version of calendarserver in sid (2.4.dfsg-4) has a > postinst script which facilitates for auto-migration of caldavd data > directories when using NSS directory backend. This is very useful for > users who use NSS directory service backend and would like to have > their old calendars available after the upgrade as it will seamlessly > migrate their calendars. > While I agree that this is an improvement, it still seems like a new feature in the package and I don't feel comfortable with unblocking it. I'd prefer to keep the current package in Squeeze as is, if no RC bugs are reported against it. Regards, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ --- End Message ---
Bug#608937: unblock: phatch/0.2.7-3
On 01/04/2011 07:57 PM, Piotr Ożarowski wrote: > > Please unblock package phatch > > It was removed two days ago because Nautilus scripts didn't work, > I removed phatch-nautilus binary package (Stani will change it a little > bit in next upstream release) so please unblock phatch and let it > propagate to testing again. > Doesn't seem possible since #608952 is still open (and RC). Regards, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4d2797bd.4080...@dogguy.org
Bug#603702: unblock: iceowl/1.0~b1+dfsg1-2
On Fri, 2010-12-24 at 09:22 +0100, Guido Günther wrote: > Hi, > On Thu, Dec 23, 2010 at 10:02:45PM +, Adam D. Barratt wrote: > > On Tue, 2010-11-16 at 15:58 +0100, Guido Günther wrote: > > > As discussed with Moritz from the security team there won't be any > > > security support from upstream for any of the beta releases. So I added > > > a note explaining that to README.Debian: [...] > > Just to check that we're all on the same page, having read the addition > > to README.Debian, does this mean that there won't be any updates at all > > to the package via security.d.o during squeeze's lifetime? > > Yes. If neither upstream nor the security team are willing to provide security support, are you prepared to do that yourself for squeeze's lifetime as stable, if required? Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1294440685.2903.1340.ca...@hathi.jungle.funky-badger.org
Processed: tagging 608502
Processing commands for cont...@bugs.debian.org: > tags 608502 + moreinfo Bug #608502 [release.debian.org] unblock: python-django/1.2.4-1 Added tag(s) moreinfo. > thanks Stopping processing here. Please contact me if you need assistance. -- 608502: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608502 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.129444043027572.transcr...@bugs.debian.org
Bug#609252: marked as done (RM: osso-gwconnect/1.0.12.debian-1)
Your message dated Fri, 7 Jan 2011 23:45:16 +0100 with message-id <20110107224516.go2...@radis.liafa.jussieu.fr> and subject line Re: Bug#609252: RM: osso-gwconnect/1.0.12.debian-1 has caused the Debian Bug report #609252, regarding RM: osso-gwconnect/1.0.12.debian-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 609252: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609252 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm I haven't got a way of testing the package once built and nobody has offered test results. Julien noted that the package should be removed, however that message went against a different bug report: usertag 545625 squeeze-will-remove http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=593049#52 The RC bug against osso-gwconnect is 593049 So filing an RM request for the version in testing myself. -- System Information: Debian Release: 6.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-trunk-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash --- End Message --- --- Begin Message --- On Fri, Jan 7, 2011 at 19:16:21 +, Neil Williams wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: rm > > I haven't got a way of testing the package once built and nobody has > offered test results. > Julien noted that the package should be removed, however that message > went against a different bug report: usertag 545625 squeeze-will-remove > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=593049#52 > > The RC bug against osso-gwconnect is 593049 > copy/paste fail, I guess. Thanks, removal hint added. Cheers, Julien signature.asc Description: Digital signature --- End Message ---
Hola, ¿cómo estás ?
¿ Te agradaría conocerme ? Te invito a visitar mi página www.maytemier.com ¡Espero verte muy pronto!
Bug#608658: RM: clive/0.4.18-1 (stable)
On 01/02/2011 02:32 PM, Ansgar Burchardt wrote: > > Please consider removing clive/0.4.18-1 from Lenny. It does no > longer work due to changes to the web sites it extracts the video > URLs from. Do you think that you'll need to file a similar RoM bug in two years to remove clive from Squeeze? Regards, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4d2794e4.20...@dogguy.org
Bug#608707: marked as done (unblock: libnih/1.0.2-2)
Your message dated Fri, 07 Jan 2011 23:29:45 +0100 with message-id <4d2793d9.8020...@dogguy.org> and subject line Re: Bug#608707: unblock: libnih/1.0.2-2 has caused the Debian Bug report #608707, regarding unblock: libnih/1.0.2-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 608707: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608707 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: freeze-exception Please unblock package libnih libnih currently ships the library development files in /lib. The recent discussion on debian-devel [1] showed that this is not desirable and even violates the FHS, thus could be considered RC. I've prepared a updated package where I also drops the libtool la files, which has been a release goal. Both libnih-dev and libnih-dbus-dev ship a pkg-config file and no other libtool la files are referencing libnih.la or libnih-dbus.la, so this should be safe. The changelog reads: libnih (1.0.2-2) unstable; urgency=low * Install library development files to /usr/lib and not /lib. * Remove libtool *.la files as there are no reverse dependencies referencing them. * Bump Standards-Version to 3.9.1. No further changes. -- Michael Biebl Sun, 02 Jan 2011 21:09:40 +0100 The complete debdiff is attached. Cheers, Michael unblock libnih/1.0.2-2 [1] http://lists.debian.org/debian-devel/2011/01/msg00021.html -- System Information: Debian Release: 6.0 APT prefers unstable APT policy: (500, 'unstable'), (200, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru libnih-1.0.2/debian/changelog libnih-1.0.2/debian/changelog --- libnih-1.0.2/debian/changelog 2010-06-13 23:37:08.0 +0200 +++ libnih-1.0.2/debian/changelog 2011-01-02 21:10:45.0 +0100 @@ -1,3 +1,12 @@ +libnih (1.0.2-2) unstable; urgency=low + + * Install library development files to /usr/lib and not /lib. + * Remove libtool *.la files as there are no reverse dependencies referencing +them. + * Bump Standards-Version to 3.9.1. No further changes. + + -- Michael Biebl Sun, 02 Jan 2011 21:09:40 +0100 + libnih (1.0.2-1) unstable; urgency=low * Initial upload to Debian. Closes: #585071 diff -Nru libnih-1.0.2/debian/control libnih-1.0.2/debian/control --- libnih-1.0.2/debian/control 2010-06-13 23:37:08.0 +0200 +++ libnih-1.0.2/debian/control 2011-01-02 21:10:45.0 +0100 @@ -2,7 +2,7 @@ Section: libs Priority: optional Maintainer: Michael Biebl -Standards-Version: 3.8.4 +Standards-Version: 3.9.1 Build-Depends: debhelper (>= 7.3.15), pkg-config (>= 0.22), libdbus-1-dev (>= 1.2.16), libexpat1-dev (>= 2.0.0), dbus (>= 1.2.16) Vcs-Git: git://git.debian.org/git/collab-maint/libnih.git Vcs-Browser: http://git.debian.org/?p=collab-maint/libnih.git;a=summary diff -Nru libnih-1.0.2/debian/gbp.conf libnih-1.0.2/debian/gbp.conf --- libnih-1.0.2/debian/gbp.conf 1970-01-01 01:00:00.0 +0100 +++ libnih-1.0.2/debian/gbp.conf 2011-01-02 21:10:45.0 +0100 @@ -0,0 +1,2 @@ +[DEFAULT] +pristine-tar = True diff -Nru libnih-1.0.2/debian/libnih1.install libnih-1.0.2/debian/libnih1.install --- libnih-1.0.2/debian/libnih1.install 2010-06-13 23:37:08.0 +0200 +++ libnih-1.0.2/debian/libnih1.install 2011-01-02 21:10:45.0 +0100 @@ -1 +1 @@ -lib/libnih.so.* +usr/lib/libnih.so.* lib/ diff -Nru libnih-1.0.2/debian/libnih-dbus1.install libnih-1.0.2/debian/libnih-dbus1.install --- libnih-1.0.2/debian/libnih-dbus1.install 2010-06-13 23:37:08.0 +0200 +++ libnih-1.0.2/debian/libnih-dbus1.install 2011-01-02 21:10:45.0 +0100 @@ -1 +1 @@ -lib/libnih-dbus.so.* +usr/lib/libnih-dbus.so.* lib/ diff -Nru libnih-1.0.2/debian/libnih-dbus-dev.install libnih-1.0.2/debian/libnih-dbus-dev.install --- libnih-1.0.2/debian/libnih-dbus-dev.install 2010-06-13 23:37:08.0 +0200 +++ libnih-1.0.2/debian/libnih-dbus-dev.install 2011-01-02 21:10:45.0 +0100 @@ -1,6 +1,4 @@ -lib/libnih-dbus.a -lib/libnih-dbus.la -lib/libnih-dbus.so +usr/lib/libnih-dbus.a usr/include/libnih-dbus.h -usr/include/nih-dbus +usr/include/nih-dbus/ usr/lib/pkgconfig/libnih-dbus.pc diff -Nru libnih-1.0.2/debian/libnih-dev.install libnih-1.0.2/debian/libnih-dev.install --- libnih-1.0.2/debian/libnih-dev.install 2010-06-13 23:37:08.0 +0200 +++ libnih-1.0.2/debian/libnih-dev.install 2011-01-02 21:10:45.0 +0100 @@ -1,7 +1,5
Bug#608818: marked as done (unblock: syslog-ng/3.1.3-2)
Your message dated Fri, 7 Jan 2011 23:25:35 +0100 with message-id <20110107222535.gn2...@radis.liafa.jussieu.fr> and subject line Re: Bug#608818: unblock: syslog-ng/3.1.3-2 has caused the Debian Bug report #608818, regarding unblock: syslog-ng/3.1.3-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 608818: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608818 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package syslog-ng. It fixes a kfreebsd-specific security issue w/o CVE. unblock syslog-ng/3.1.3-2 -- System Information: Debian Release: 6.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash --- End Message --- --- Begin Message --- On Mon, Jan 3, 2011 at 19:06:40 +0100, Moritz Muehlenhoff wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Please unblock package syslog-ng. It fixes a kfreebsd-specific > security issue w/o CVE. > Unblocked, thanks. Cheers, Julien signature.asc Description: Digital signature --- End Message ---
Bug#608827: marked as done (unblock: tenshi/0.11-2)
Your message dated Fri, 07 Jan 2011 23:15:27 +0100 with message-id <4d27907f.6050...@dogguy.org> and subject line Re: Bug#608827: unblock: tenshi/0.11-2 has caused the Debian Bug report #608827, regarding unblock: tenshi/0.11-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 608827: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608827 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: freeze-exception Hello, I'd be glad if you could unblock tenshi/0.11-2. The upload would fix the following RC bug: #606789 (and duplicate #605240) I have attached the relevant debdiff of the changes made to the package. Below is its changelog: --8<-8<-- tenshi (0.11-2) unstable; urgency=low * debian/control: - Bumped Standards-Version to 3.9.1. - Added Vcs-Svn and Vcs-Browser. - Set debhelper dependency to (>= 7.0.8) as dh_overrides are not used by debian/rules anymore. * debian/postinst: - Changed tenshi user home directory from /var/run/tenshi to /var/lib/tenshi as files in /var/run are cleared at boot time. This made the package upgrade from lenny to squeeze fail. Thank you Lucas Nussbaum for spotting this issue. (Closes: #605240, #606789) * debian/patches: - 20-manpage.diff: Added typo correction in manpage. * debian/source: - Added format file set to "1.0". * debian/rules: - Removed the dh_installinit override, in order to stop the tenshi script before upgrading the package. This will be applicable during the next upgrade. * debian/preinst: - Added this pre-installation script in order to stop the tenshi daemon before starting the upgrade to the current release. This had to be done as the -R flag was passed to dh_installinit in previous release. * debian/postrm: - Replaced deluser(8) with userdel(8) as adduser package is purged before tenshi. Thank you Hideki Yamane for the patch. --8<-8<-- I hope that the changes are not too important for it to be granted an exception? Thank you for your consideration, Ignace M unblock tenshi/0.11-2 tenshi0.11-1-2.debdiff Description: Binary data --- End Message --- --- Begin Message --- On 01/03/2011 07:43 PM, Ignace Mouzannar wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: freeze-exception > > Hello, > > I'd be glad if you could unblock tenshi/0.11-2. > > The upload would fix the following RC bug: #606789 (and duplicate #605240) > Unblocked. Regards, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ --- End Message ---
Bug#608754: marked as done (unblock: corosync/1.2.1-4)
Your message dated Fri, 07 Jan 2011 23:00:46 +0100 with message-id <4d278d0e.7050...@dogguy.org> and subject line Re: Bug#608754: unblock: corosync/1.2.1-4 has caused the Debian Bug report #608754, regarding unblock: corosync/1.2.1-4 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 608754: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608754 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock corosync 1.2.1-4 with this single change: * [2ebaf59] Move corosync start out of rcS since we want to be able to log to syslog and rsyslog isn't started in rcS. (Closes: #608269) Without this the daemon won't start up reliably when syslog logging is enabled (the default). This doesn't hit people using RHCS or logging to a file but it hits all people using the default config with pacemaker so it could be considered rc instead of just important. Cheers, -- Guido -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing'), (50, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash --- End Message --- --- Begin Message --- On 01/03/2011 12:02 PM, Guido Günther wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Please unblock corosync 1.2.1-4 with this single change: > > * [2ebaf59] Move corosync start out of rcS since we want to be able to log >to syslog and rsyslog isn't started in rcS. (Closes: #608269) > Unblocked. Cheers, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ --- End Message ---
Bug#608350: marked as done (unblock: gnash/0.8.8-7)
Your message dated Fri, 07 Jan 2011 22:53:04 +0100 with message-id <4d278b40.3080...@dogguy.org> and subject line Re: Bug#608350: unblock: gnash/0.8.8-7 has caused the Debian Bug report #608350, regarding unblock: gnash/0.8.8-7 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 608350: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608350 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package gnash Main reason to unblock it is that 0.8.8-7 makes it working on kfreebsd-* systems too by disabling jemalloc (#604573). Thanks. gnash (0.8.8-7) * Added patch 07_jemalloc to make kfreebsd-* archs treated like *bsd oses (Closes: #604573). * Transitional packages architecture from any to all (Closes: #603609). * Added patch to fix texinfo docs. gnash (0.8.8-6) * Added patches that fix some upstream bugs + 01_38be50cecc, 02_b3d5da01fb, 03_c22769f0ab + 04_baseuri1, 05_baseuri2 + 06_ytfix: youtube videos starts immediately. * Fixed browser-plugin-gnash piuparts error. unblock gnash/0.8.8-7 --- End Message --- --- Begin Message --- On 12/30/2010 06:42 AM, Gabriele Giacone wrote: > > Please unblock package gnash > > Main reason to unblock it is that 0.8.8-7 makes it working on > kfreebsd-* systems too by disabling jemalloc (#604573). Thanks. > #604573 isn't RC, and isn't a regression. Besides, the diff shows the following: Package: gnash-common-opengl Priority: extra -Architecture: any +Architecture: all Depends: gnash-common (= ${binary:Version}), ${misc:Depends} It means that if we binNMU gnash, the first dependency will become unsatisfiable. lintian shows that problem: $ lintian gnash_0.8.8-7.dsc E: gnash source: not-binnmuable-all-depends-any klash-opengl -> klash E: gnash source: not-binnmuable-all-depends-any gnash-opengl -> gnash E: gnash source: not-binnmuable-all-depends-any swfdec-mozilla -> browser-plugin-gnash E: gnash source: not-binnmuable-all-depends-any gnash-common-opengl -> gnash-common (Shouldn't that be added to ftp-masters reject list?) Given the lintian errors and non-rc-ness of 604573, I'll close this bugreport and not unblock the package. If you think I'm on crack and missed an important detail, please let me know. Regards, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ --- End Message ---
Re: Permission to upload oaklisp_1.3.3-3.1 (NMU)
On Tue, 2011-01-04 at 16:29 +, Barak A. Pearlmutter wrote: > I've thought about it, and I'm okay w/ removing oaklisp from squeeze. > As you say, it has a low popcount. Okay, thanks. In that case, I've added a removal hint. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1294428197.2903.291.ca...@hathi.jungle.funky-badger.org
Bug#609252: RM: osso-gwconnect/1.0.12.debian-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm I haven't got a way of testing the package once built and nobody has offered test results. Julien noted that the package should be removed, however that message went against a different bug report: usertag 545625 squeeze-will-remove http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=593049#52 The RC bug against osso-gwconnect is 593049 So filing an RM request for the version in testing myself. -- System Information: Debian Release: 6.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-trunk-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110107191621.5758.79577.report...@dwarf.codehelp
Bug#609210: marked as done (liblocal-lib-perl/1.006005-1+squeeze1 for testing-proposed-updates fixing #609192)
Your message dated Fri, 07 Jan 2011 19:11:10 + with message-id <1294427470.2903.226.ca...@hathi.jungle.funky-badger.org> and subject line Re: Bug#609210: liblocal-lib-perl/1.006005-1+squeeze1 for testing-proposed-updates fixing #609192 has caused the Debian Bug report #609210, regarding liblocal-lib-perl/1.006005-1+squeeze1 for testing-proposed-updates fixing #609192 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 609210: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609210 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal Hi release team When building liblocal-lib-perl without having access to the home directory of the building user liblocal-lib-perl in squeeze FTBFS. The version in unstable is not affected. I prepared a backport from the Makefile.PL there. Attached is the debdiff for the t-p-u upload. See: http://bugs.debian.org/609192 Could you accept this into t-p-u? Thanks in advance and for your work. Bests Salvatore -- System Information: Debian Release: 6.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash diff -Nru liblocal-lib-perl-1.006005/debian/changelog liblocal-lib-perl-1.006005/debian/changelog --- liblocal-lib-perl-1.006005/debian/changelog 2010-07-14 18:03:02.0 +0200 +++ liblocal-lib-perl-1.006005/debian/changelog 2011-01-07 12:12:55.0 +0100 @@ -1,3 +1,12 @@ +liblocal-lib-perl (1.006005-1+squeeze1) testing-proposed-updates; urgency=low + + * Update my email address. + * Patch Makefile.PL with fix-ftbfs-609192.patch to avoids CPAN client +configuration when not required which causes FTBFS if building user +home directory is not writeable (Closes: #609192). + + -- Salvatore Bonaccorso Fri, 07 Jan 2011 09:36:54 +0100 + liblocal-lib-perl (1.006005-1) unstable; urgency=low * New upstream release diff -Nru liblocal-lib-perl-1.006005/debian/control liblocal-lib-perl-1.006005/debian/control --- liblocal-lib-perl-1.006005/debian/control 2010-07-14 18:03:02.0 +0200 +++ liblocal-lib-perl-1.006005/debian/control 2011-01-07 12:12:55.0 +0100 @@ -5,7 +5,7 @@ Build-Depends-Indep: perl (>= 5.10), libcapture-tiny-perl Maintainer: Debian Perl Group Uploaders: Jonathan Yu , gregor herrmann , - Salvatore Bonaccorso + Salvatore Bonaccorso Standards-Version: 3.9.0 Homepage: http://search.cpan.org/dist/local-lib/ Vcs-Svn: svn://svn.debian.org/pkg-perl/trunk/liblocal-lib-perl/ diff -Nru liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch --- liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch 1970-01-01 01:00:00.0 +0100 +++ liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch 2011-01-07 12:29:17.0 +0100 @@ -0,0 +1,86 @@ +Description: Fix FTBFS when homedirectory of building user is not + writeable. +Origin: vendor +Bug-Debian: http://bugs.debian.org/609192 +Forwarded: no +Author: Salvatore Bonaccorso +Reviewed-by: Salvatore Bonaccorso +Last-Update: 2011-01-07 + +--- a/Makefile.PL b/Makefile.PL +@@ -92,7 +92,8 @@ + my $cpan = $? >> 8; + my $cpan_command = ''; + +-system($^X, '-MCPAN', '-e', ++my $did_cpan_config = 0; ++my $cpan_config_command = + 'my $done; require ExtUtils::MakeMaker; +my $orig = ExtUtils::MakeMaker->can("prompt"); +*ExtUtils::MakeMaker::prompt = sub ($;$) { +@@ -121,8 +122,7 @@ + delete @{$CPAN::Config}{keys %$CPAN::Config}; + $CPAN::Config->{urllist} = $save; + CPAN::Config->init; +- }' +-); ++ }'; + + $ENV{PERL_MM_USE_DEFAULT} = 1; + +@@ -138,6 +138,8 @@ + $cpan_command .= 'force("install","CPAN"); '; + } + if(length $cpan_command) { ++ system($^X, '-MCPAN', '-e', $cpan_config_command); ++ $did_cpan_config++; + system($^X, '-MCPAN', '-e', $cpan_command); + } + if ($cpan) { +@@ -147,6 +149,8 @@ + # if we call this code directly, the changes get written to + # $BOOTSTRAP/lib/perl5/CPAN/Config.pm, not where the user expects them to + # be in their ~/.cpan/CPAN/MyConfig.pm. ++ system($^X, '-MCPAN', '-e', $cpan_config_command) ++unless $did_cpan_config; + system($^X, '-MCPAN', + '-e', + q[CPAN::HandleConfig->load;], +@@ -200,25 +204,27 @@ + # It will already be installed by the time we
Re: Bug#606370: CVE-2010-2761 CVE-2010-4410 CVE-2010-4411
On Fri, Jan 07, 2011 at 02:48:28PM +0200, Niko Tyni wrote: > On Thu, Jan 06, 2011 at 10:37:11PM +0200, Niko Tyni wrote: > > On Mon, Dec 27, 2010 at 04:23:40PM +0200, Niko Tyni wrote: > > > > > Assuming this is the case, I'm attaching preliminary patches for > > > > > > 3.29 (perl-modules / lenny) > > > 3.38 (libcgi-pm-perl / lenny) > > > 3.43 (perl-modules / squeeze + sid) > > > 3.49 (libcgi-pm-perl / squeeze) > > > 3.50 (libcgi-pm-perl / sid) > > > All this means I need another test session when I'm feeling less tired, > > so no perl upload tonight. > > Done, just uploaded perl/5.10.1-17 with the attached patch. > > Changes: > perl (5.10.1-17) unstable; urgency=medium > . >* [SECURITY] CVE-2010-2761 CVE-2010-4410 CVE-2010-4411: > fix CGI.pm MIME boundary and multiline header vulnerabilities. > (Closes: #606995) > > Release team: please consider > > unblock perl/5.10.1-17 > > The patch applies to lenny (5.10.0-19lenny2) as well with some fuzz after > s/rearrange_header/rearrange/. > > Moritz: shall I upload a fixed lenny package to stable-security? > FWIW, I'd prefer to wait the five days for squeeze migration before a > DSA in case we get any regression reports. Let's wait a bit, it's not urgent. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110107174506.ga2...@galadriel.inutil.org
Bug#609239: [release.debian.org] Please unblock k3d 0.8.0.2-5
Package: release.debian.org Severity: normal I just uploaded this package to unstable. Here is the changelog: * Using "dh_shlibdeps -a -- debian/k3d/usr/lib/k3d/plugins/*.module" to have shared lib dependencies right, so the module TimeSource (and others) do not fail to load when the program starts (Closes: #609200). Thanks to Paul Wise for the tip. * Change Build-Depends to depend on Boost >= 1.42 (were ">> 1.42" before, which do not exist, but were pulled in somehow, maybe by other dependencies) The bug #609200 fixed by this release is important, since many plugins or program modules do not work if the libraries that they depend upon are not available, and many of them are libraries not installed in many systems. dh_shlibdeps didn't generate the appropriate dependencies probably because the packages were not named *.so, and the problem was undetected for several versions. If the unblock is not acceptable for some reason, probably it would be better to remove it altogether. Cheers. -- Manuel A. Fernandez Montecelo -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201101071833.11046.manuel.montez...@gmail.com
Re: Patch for leafpad to Fix UTF16 save (Grave; Closes: #606145)
On 07/01/2011 16:27, Jari Aalto wrote: To the release team Lead: I'd like to express my dissatisfaction of how Julien approached the issue. The proper directions to talk to the developers would need to be improved. Something along the line: "Hi, there is a grave bug and we'd need a targetted fix that would only touch that bug. Please let us know when the upload is there and notify the release team with an RFE (Request for an exception)" I did that for 6tunnel (asking many times) and it didn't work well. So, please propose another approach that does work with you. Regards, -- Mehdi Dogguy مهدي الدڤي me...@{dogguy.org,debian.org} -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4d274227.9030...@debian.org
Re: Please unblock schroot 1.4.18-1
On Fri, Jan 07, 2011 at 04:26:18PM +0100, Julien Cristau wrote: > On Fri, Jan 7, 2011 at 15:06:35 +, Roger Leigh wrote: > > > Is this OK to upload and be allowed into testing? > > > At least not until the previous version goes in (I didn't look at the > proposed changes). Of course. I won't be uploading anything until then. Thanks, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `-GPG Public Key: 0x25BFB848 Please GPG sign your mail. signature.asc Description: Digital signature
Patch for leafpad to Fix UTF16 save (Grave; Closes: #606145)
2010-12-23 23:19 Julien Cristau , 606...@bugs.debian.org > On Fri, Dec 17, 2010 at 16:39:42 +, brian m. carlson wrote: > > tags 606145 + patch > > kthxbye > > > > The problem here is that when writing out the file, we use fputs. fputs > > only operates on C strings and stops when it reaches a NUL byte. Of > > course, since UTF-16 is a double-byte character set, ASCII characters > > are encoded with one byte being 0 (NUL). The easy solution is to use > > fwrite with the byte count we get from and the attached patch does so. > > > Jari, any chance for an upload to fix this in the next few days? > > Cheers, > Julien 2010-12-26 19:43 Julien Cristau : >> On 12/26/2010 06:07 AM, Jari Aalto wrote: >> > dget http://cante.net/~jaalto/tmp/debian/leafpad/leafpad_0.8.17-4.dsc >> > On Sun, Dec 26, 2010 at 08:34:55 -0800, tony mancill wrote: >> Hi Jari, Julien, and Brian: >> >> I'm around - I have go back to work tomorrow. I have uploaded 0.8.17-4 to >> unstable; (...) > > Tony > > *sigh* > > the changes to debian/rules are very much not ok. > > there's an undocumented change to data/leafpad.desktop. > > Cheers, > Julien 2010-12-26 20:25 Julien Cristau : > On Sun, Dec 26, 2010 at 10:04:25 -0800, tony mancill wrote: > >> Very much not okay in what regard? If you're asking for an absolute minimal >> changeset on behalf other the release team, please make that clear by >> documenting it somewhere, preferably in the bug report. Otherwise, there's >> nothing in the thread [1] that indicates this is targeted for squeeze. >> > Yes there is. This bug is RC, it affects squeeze. If you'd bothered > to read d-d-a (as you're supposed to) you would know that we're in deep > freeze, and as such any RC bug fixes should be uploaded with minimal > changes. > >> You can debdiff the the -3 and -4 package to verify that the changes to >> debian/rules don't affect the contents of the resulting binary package. >> This is >> neither a security upload nor an NMU, and according to the PTS page [2] the >> bug >> isn't RC either. >> > I don't know what makes you think that. This bug has 'grave' severity, > and that's even mentioned in your mail's Subject field. Please wake up. > > Cheers, > Julien 2010-12-26 22:01 "Adam D. Barratt" : > Hi Jari, > > I've just been reviewing your recent upload of leafpad, in order to > determine whether it was suitable for unblocking for Squeeze. > > Firstly, thank you for fixing the outstanding RC bug on the package. > However, I'm somewhat disappointed that you chose to mix unrelated and > unneeded changes in as part of the upload, specifically this change: > > + * debian/rules > +- Simplify targets for dh(1). > > Leaving aside for one moment the appropriateness of making such a change > in deep freeze, I do wonder how this change was intended to work: > > +override_dh_auto_instakk: > > fwiw, reviewing the difference between the > patches/debian-changes-0.8.17-{3,4}, the changes from -3 to replace all > the GPL license headers with the new version omitting the FSF address > have also been lost in this upload; this patch never seems to have > actually been applied to the package, however, so its loss isn't a > particular problem. SUMMARY - Julien asked a speed fix. No further explantions given. - I send what I had in progress in my repository + the grave fix - Tony uploaded - Julien complained about the upload, with unneccessary chit-chat. - Tony asked what exactly was the problem. - Not very constructive comments from Julien. - Elsewhere Adam was forced to do double work. To the release team Lead: I'd like to express my dissatisfaction of how Julien approached the issue. The proper directions to talk to the developers would need to be improved. Something along the line: "Hi, there is a grave bug and we'd need a targetted fix that would only touch that bug. Please let us know when the upload is there and notify the release team with an RFE (Request for an exception)" Now I, Tony, and Adam had to do extra work to engage in a "fix" discussion just because important things were left untold. I'm going to prepare yet another upload, but I'm not exactly thrilled. Jari -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87d3o8ivjk@picasso.cante.net
Re: Please unblock schroot 1.4.18-1
On Fri, Jan 7, 2011 at 15:06:35 +, Roger Leigh wrote: > Is this OK to upload and be allowed into testing? > At least not until the previous version goes in (I didn't look at the proposed changes). Cheers, Julien signature.asc Description: Digital signature
Bug#609210: liblocal-lib-perl/1.006005-1+squeeze1 for testing-proposed-updates fixing #609192
Hi Julien On Fri, Jan 07, 2011 at 01:42:04PM +0100, Julien Cristau wrote: > On Fri, Jan 7, 2011 at 12:59:03 +0100, Salvatore Bonaccorso wrote: > > > diff -Nru liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch > > liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch > > --- liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch > > 1970-01-01 01:00:00.0 +0100 > > +++ liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch > > 2011-01-07 12:29:17.0 +0100 > > @@ -0,0 +1,86 @@ > > +Description: Fix FTBFS when homedirectory of building user is not > > + writeable. > > +Origin: vendor > > +Bug-Debian: http://bugs.debian.org/609192 > > +Forwarded: no > > +Author: Salvatore Bonaccorso > > +Reviewed-by: Salvatore Bonaccorso > > Self-review? That looks... weird. Indeed, have removed that from patch. I used our patchedit tool to add DEP3 conformant patch headers and got that doubled. > > +Last-Update: 2011-01-07 > > + > > +--- a/Makefile.PL > > b/Makefile.PL > > Anyway, please go ahead. It's uploaded and accepted to t-p-u. Thanks and bests Salvatore signature.asc Description: Digital signature
Re: Please unblock schroot 1.4.18-1
On Thu, Dec 30, 2010 at 08:14:10PM +, Adam D. Barratt wrote: > On Thu, 2010-12-30 at 15:38 +, Roger Leigh wrote: > > On Wed, Dec 08, 2010 at 08:44:48PM +, Adam D. Barratt wrote: > > > As discussed on IRC, it's a shame that this resulted in a new > > > translatable (and currently untranslated) string, although the fact that > > > the string should rarely be seen and is in the program translation > > > rather than a debconf template mitigates this slightly. > > > > I've allowed a fortnight for translation updates to come back, and > > made a new release (1.4.17-1) containing five translation updates > > and an additional RC bugfix. Please could you unblock this to > > allow it into squeeze? > > Unblocked; thanks. Sorry to trouble you again, but I found soon after this release #609108 which was breaking schroot on all kfreebsd platforms. This is actually due to the statfs structure being broken on FreeBSD, limiting the mount and umount commands to paths less than 88 characters (80 in practice). While we can't fix that major design flaw, we can reduce the path length to <80 in most circumstances by not using long UUIDs in session names. The proposed changes to this bug are in this git diff: http://git.debian.org/?p=buildd-tools/schroot.git;a=commitdiff;h=132cb05f7908f31052998934dd10883bea4a0e93;hp=release/schroot-1.4.17 Here, we fix the libuuid autodetection and enable/disable logic in configure.ac and also fix a similar issue in the PAM logic. On the Debian packaging side, we don't build-dep on uuid-dev on kfreebsd, and deliberately disable it when running configure. We also update the 50chrootname setup script to handle non-UUID generated session names. This has been tested on native kfreebsd by Julián Moreno Patiño and Jakub Wilk, and by myself on KVM/qemu with a kfreebsd-amd64 VM as well as on linux-amd64. Is this OK to upload and be allowed into testing? Thanks, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `-GPG Public Key: 0x25BFB848 Please GPG sign your mail. signature.asc Description: Digital signature
Re: please allow freevo 1.9.0-9
On Thu, Jan 6, 2011 at 17:24:25 +0100, A Mennucc wrote: > Dear jcristau and d-release all, > > the current version of freevo in testing is 1.9.0-7 ; it is affected by > RC bugs > #607921 "python-freevo: package fails to upgrade properly from lenny". > #606782 "freevo messes with /home" > So the change to debian/freevo.default is ugly. The point of these files are to set variables used by the init script, not be random shell scripts, see policy 9.3.2. Often there are some variables in the `init.d' scripts whose values control the behavior of the scripts, and which a system administrator is likely to want to change. As the scripts themselves are frequently `conffile's, modifying them requires that the administrator merge in their changes each time the package is upgraded and the `conffile' changes. To ease the burden on the system administrator, such configurable values should not be placed directly in the script. Instead, they should be placed in a file in `/etc/default', which typically will have the same base name as the `init.d' script. This extra file should be sourced by the script when the script runs. It must contain only variable settings and comments in SUSv3 `sh' format. It may either be a `conffile' or a configuration file maintained by the package maintainer scripts. See Section 10.7, `Configuration files' for more details. Cheers, Julien signature.asc Description: Digital signature
NEW changes in proposedupdates
Processing changes file: xulrunner_1.9.0.19-7_amd64.changes ACCEPT Processing changes file: xulrunner_1.9.0.19-7_alpha.changes ACCEPT Processing changes file: xulrunner_1.9.0.19-7_arm.changes ACCEPT Processing changes file: xulrunner_1.9.0.19-7_armel.changes ACCEPT Processing changes file: xulrunner_1.9.0.19-7_hppa.changes ACCEPT Processing changes file: xulrunner_1.9.0.19-7_i386.changes ACCEPT Processing changes file: xulrunner_1.9.0.19-7_ia64.changes ACCEPT Processing changes file: xulrunner_1.9.0.19-7_mips.changes ACCEPT Processing changes file: xulrunner_1.9.0.19-7_mipsel.changes ACCEPT Processing changes file: xulrunner_1.9.0.19-7_powerpc.changes ACCEPT Processing changes file: xulrunner_1.9.0.19-7_s390.changes ACCEPT Processing changes file: xulrunner_1.9.0.19-7_sparc.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1pbcxf-0002fl...@franck.debian.org
Re: Bug#606370: CVE-2010-2761 CVE-2010-4410 CVE-2010-4411
On Fri, January 7, 2011 12:48, Niko Tyni wrote: > Done, just uploaded perl/5.10.1-17 with the attached patch. > > Changes: > perl (5.10.1-17) unstable; urgency=medium > . >* [SECURITY] CVE-2010-2761 CVE-2010-4410 CVE-2010-4411: > fix CGI.pm MIME boundary and multiline header vulnerabilities. > (Closes: #606995) Unblocked; thanks. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/7ddbd881554a3ac3b99011ad59122094.squir...@adsl.funky-badger.org
Re: Bug#606370: CVE-2010-2761 CVE-2010-4410 CVE-2010-4411
On Thu, Jan 06, 2011 at 10:37:11PM +0200, Niko Tyni wrote: > On Mon, Dec 27, 2010 at 04:23:40PM +0200, Niko Tyni wrote: > > > Assuming this is the case, I'm attaching preliminary patches for > > > > 3.29 (perl-modules / lenny) > > 3.38 (libcgi-pm-perl / lenny) > > 3.43 (perl-modules / squeeze + sid) > > 3.49 (libcgi-pm-perl / squeeze) > > 3.50 (libcgi-pm-perl / sid) > All this means I need another test session when I'm feeling less tired, > so no perl upload tonight. Done, just uploaded perl/5.10.1-17 with the attached patch. Changes: perl (5.10.1-17) unstable; urgency=medium . * [SECURITY] CVE-2010-2761 CVE-2010-4410 CVE-2010-4411: fix CGI.pm MIME boundary and multiline header vulnerabilities. (Closes: #606995) Release team: please consider unblock perl/5.10.1-17 The patch applies to lenny (5.10.0-19lenny2) as well with some fuzz after s/rearrange_header/rearrange/. Moritz: shall I upload a fixed lenny package to stable-security? FWIW, I'd prefer to wait the five days for squeeze migration before a DSA in case we get any regression reports. -- Niko Tyni nt...@debian.org From: Niko Tyni Subject: [CVE-2010-2761 CVE-2010-4410 CVE-2010-4411] CGI.pm MIME boundary and multiline header vulnerabilities Origin: upstream Bug-Debian: http://bugs.debian.org/606995 CVE-2010-2761 hardcoded MIME boundary, fixed in CGI.pm-3.50 CVE-2010-4410 CRLF injection vulnerability, fixed in CGI.pm-3.50 CVE-2010-4411 double CR/LF injection vulnerability, fixed in CGI.pm-3.51 --- MANIFEST |2 + lib/CGI.pm | 26 +++- lib/CGI/t/headers.t| 47 lib/CGI/t/multipart_init.t | 20 ++ 4 files changed, 94 insertions(+), 1 deletions(-) diff --git a/MANIFEST b/MANIFEST index 2b5a968..e0e950f 100644 --- a/MANIFEST +++ b/MANIFEST @@ -1935,7 +1935,9 @@ lib/CGI/t/cookie.t See if CGI::Cookie works lib/CGI/t/fast.t See if CGI::Fast works (if FCGI is installed) lib/CGI/t/form.t See if CGI.pm works lib/CGI/t/function.t See if CGI.pm works +lib/CGI/t/headers.t See if CGI.pm works lib/CGI/t/html.t See if CGI.pm works +lib/CGI/t/multipart_init.t See if CGI.pm works lib/CGI/t/no_tabindex.t See if CGI.pm works lib/CGI/t/pretty.t See if CGI.pm works lib/CGI/t/push.t See if CGI::Push works diff --git a/lib/CGI.pm b/lib/CGI.pm index 008bc7b..d859e76 100644 --- a/lib/CGI.pm +++ b/lib/CGI.pm @@ -1382,7 +1382,14 @@ END_OF_FUNC sub multipart_init { my($self,@p) = self_or_default(@_); my($boundary,@other) = rearrange_header([BOUNDARY],@p); -$boundary = $boundary || '--- =_aa0'; +if (!$boundary) { +$boundary = '--- =_'; +my @chrs = ('0'..'9', 'A'..'Z', 'a'..'z'); +for (1..17) { +$boundary .= $chrs[rand(scalar @chrs)]; +} +} + $self->{'separator'} = "$CRLF--$boundary$CRLF"; $self->{'final_separator'} = "$CRLF--$boundary--$CRLF"; $type = SERVER_PUSH($boundary); @@ -1467,6 +1474,23 @@ sub header { 'EXPIRES','NPH','CHARSET', 'ATTACHMENT','P3P'],@p); +# CR escaping for values, per RFC 822 +for my $header ($type,$status,$cookie,$target,$expires,$nph,$charset,$attachment,$p3p,@other) { +if (defined $header) { +# From RFC 822: +# Unfolding is accomplished by regarding CRLF immediately +# followed by a LWSP-char as equivalent to the LWSP-char. +$header =~ s/$CRLF(\s)/$1/g; + +# All other uses of newlines are invalid input. +if ($header =~ m/$CRLF|\015|\012/) { +# shorten very long values in the diagnostic +$header = substr($header,0,72).'...' if (length $header > 72); +die "Invalid header value contains a newline not followed by whitespace: $header"; +} +} + } + $nph ||= $NPH; $type ||= 'text/html' unless defined($type); diff --git a/lib/CGI/t/headers.t b/lib/CGI/t/headers.t new file mode 100755 index 000..661b74b --- /dev/null +++ b/lib/CGI/t/headers.t @@ -0,0 +1,47 @@ + +# Test that header generation is spec compliant. +# References: +# http://www.w3.org/Protocols/rfc2616/rfc2616.html +# http://www.w3.org/Protocols/rfc822/3_Lexical.html + +use strict; +use warnings; + +use Test::More 'no_plan'; + +use CGI; + +my $cgi = CGI->new; + +like $cgi->header( -type => "text/html" ), +qr#Type: text/html#, 'known header, basic case: type => "text/html"'; + +eval { $cgi->header( -type => "text/html".$CGI::CRLF."evil: stuff" ) }; +like($@,qr/contains a newline/,'invalid header blows up'); + +like $cgi->header( -type => "text/html".$CGI::CRLF." evil: stuff " ), +qr#Content-Type: text/html evil: stuff#, 'known header, with leading and trailing whitespace on the continuation line'; + +eval { $cgi->header( -foobar => "text/html".$CGI::CRLF."evil: stuff"
Bug#609214: marked as done (unblock: mapserver/5.6.5-2)
Your message dated Fri, 7 Jan 2011 13:11:52 - with message-id and subject line Re: Bug#609214: unblock: mapserver/5.6.5-2 has caused the Debian Bug report #609214, regarding unblock: mapserver/5.6.5-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 609214: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609214 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package mapserver * Fix Validation of symbol index values (CVE-2010-1678) [http://trac.osgeo.org/mapserver/ticket/3641] unblock mapserver/5.6.5-2 -- System Information: Debian Release: 6.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash --- End Message --- --- Begin Message --- On Fri, January 7, 2011 12:50, Francesco Paolo Lovergine wrote: > Please unblock package mapserver > > * Fix Validation of symbol index values (CVE-2010-1678) > [http://trac.osgeo.org/mapserver/ticket/3641] Unblocked; thanks. Regards, Adam --- End Message ---
Bug#609214: unblock: mapserver/5.6.5-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package mapserver * Fix Validation of symbol index values (CVE-2010-1678) [http://trac.osgeo.org/mapserver/ticket/3641] unblock mapserver/5.6.5-2 -- System Information: Debian Release: 6.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110107125024.31311.98436.report...@blegrez.ba.issia.cnr.it
Bug#609210: liblocal-lib-perl/1.006005-1+squeeze1 for testing-proposed-updates fixing #609192
On Fri, Jan 7, 2011 at 12:59:03 +0100, Salvatore Bonaccorso wrote: > diff -Nru liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch > liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch > --- liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch > 1970-01-01 01:00:00.0 +0100 > +++ liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch > 2011-01-07 12:29:17.0 +0100 > @@ -0,0 +1,86 @@ > +Description: Fix FTBFS when homedirectory of building user is not > + writeable. > +Origin: vendor > +Bug-Debian: http://bugs.debian.org/609192 > +Forwarded: no > +Author: Salvatore Bonaccorso > +Reviewed-by: Salvatore Bonaccorso Self-review? That looks... weird. > +Last-Update: 2011-01-07 > + > +--- a/Makefile.PL > b/Makefile.PL Anyway, please go ahead. Cheers, Julien signature.asc Description: Digital signature
Bug#609210: liblocal-lib-perl/1.006005-1+squeeze1 for testing-proposed-updates fixing #609192
Package: release.debian.org Severity: normal Hi release team When building liblocal-lib-perl without having access to the home directory of the building user liblocal-lib-perl in squeeze FTBFS. The version in unstable is not affected. I prepared a backport from the Makefile.PL there. Attached is the debdiff for the t-p-u upload. See: http://bugs.debian.org/609192 Could you accept this into t-p-u? Thanks in advance and for your work. Bests Salvatore -- System Information: Debian Release: 6.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash diff -Nru liblocal-lib-perl-1.006005/debian/changelog liblocal-lib-perl-1.006005/debian/changelog --- liblocal-lib-perl-1.006005/debian/changelog 2010-07-14 18:03:02.0 +0200 +++ liblocal-lib-perl-1.006005/debian/changelog 2011-01-07 12:12:55.0 +0100 @@ -1,3 +1,12 @@ +liblocal-lib-perl (1.006005-1+squeeze1) testing-proposed-updates; urgency=low + + * Update my email address. + * Patch Makefile.PL with fix-ftbfs-609192.patch to avoids CPAN client +configuration when not required which causes FTBFS if building user +home directory is not writeable (Closes: #609192). + + -- Salvatore Bonaccorso Fri, 07 Jan 2011 09:36:54 +0100 + liblocal-lib-perl (1.006005-1) unstable; urgency=low * New upstream release diff -Nru liblocal-lib-perl-1.006005/debian/control liblocal-lib-perl-1.006005/debian/control --- liblocal-lib-perl-1.006005/debian/control 2010-07-14 18:03:02.0 +0200 +++ liblocal-lib-perl-1.006005/debian/control 2011-01-07 12:12:55.0 +0100 @@ -5,7 +5,7 @@ Build-Depends-Indep: perl (>= 5.10), libcapture-tiny-perl Maintainer: Debian Perl Group Uploaders: Jonathan Yu , gregor herrmann , - Salvatore Bonaccorso + Salvatore Bonaccorso Standards-Version: 3.9.0 Homepage: http://search.cpan.org/dist/local-lib/ Vcs-Svn: svn://svn.debian.org/pkg-perl/trunk/liblocal-lib-perl/ diff -Nru liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch --- liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch 1970-01-01 01:00:00.0 +0100 +++ liblocal-lib-perl-1.006005/debian/patches/fix-ftbfs-609192.patch 2011-01-07 12:29:17.0 +0100 @@ -0,0 +1,86 @@ +Description: Fix FTBFS when homedirectory of building user is not + writeable. +Origin: vendor +Bug-Debian: http://bugs.debian.org/609192 +Forwarded: no +Author: Salvatore Bonaccorso +Reviewed-by: Salvatore Bonaccorso +Last-Update: 2011-01-07 + +--- a/Makefile.PL b/Makefile.PL +@@ -92,7 +92,8 @@ + my $cpan = $? >> 8; + my $cpan_command = ''; + +-system($^X, '-MCPAN', '-e', ++my $did_cpan_config = 0; ++my $cpan_config_command = + 'my $done; require ExtUtils::MakeMaker; +my $orig = ExtUtils::MakeMaker->can("prompt"); +*ExtUtils::MakeMaker::prompt = sub ($;$) { +@@ -121,8 +122,7 @@ + delete @{$CPAN::Config}{keys %$CPAN::Config}; + $CPAN::Config->{urllist} = $save; + CPAN::Config->init; +- }' +-); ++ }'; + + $ENV{PERL_MM_USE_DEFAULT} = 1; + +@@ -138,6 +138,8 @@ + $cpan_command .= 'force("install","CPAN"); '; + } + if(length $cpan_command) { ++ system($^X, '-MCPAN', '-e', $cpan_config_command); ++ $did_cpan_config++; + system($^X, '-MCPAN', '-e', $cpan_command); + } + if ($cpan) { +@@ -147,6 +149,8 @@ + # if we call this code directly, the changes get written to + # $BOOTSTRAP/lib/perl5/CPAN/Config.pm, not where the user expects them to + # be in their ~/.cpan/CPAN/MyConfig.pm. ++ system($^X, '-MCPAN', '-e', $cpan_config_command) ++unless $did_cpan_config; + system($^X, '-MCPAN', + '-e', + q[CPAN::HandleConfig->load;], +@@ -200,25 +204,27 @@ + # It will already be installed by the time we reach here if bootstrapping, + # otherwise, if we're running from CPAN then it will be installed soon + # enough, and we'll come back here.. +-if (!$@) { +-CPAN::HandleConfig->load; +-for my $eumm_setting ( qw/makepl_arg make_install_arg/ ) { +-if ($CPAN::Config->{$eumm_setting} =~ /(?:PREFIX|INSTALL_BASE)/) { +-die <<"DEATH"; ++if (!$@ ) { ++CPAN::HandleConfig->require_myconfig_or_config; ++if ( $CPAN::Config ) { ++for my $eumm_setting ( qw/makepl_arg make_install_arg/ ) { ++if ($CPAN::Config->{$eumm_setting} =~ /(?:PREFIX|INSTALL_BASE)/) { ++die <<"DEATH"; + WHOA THERE! It looks like you've got $CPAN::Config->{$eumm_setting} set. This is + known to cause problems with local::lib. Please either remove this setting or + clear out your .cpan directory. + DEATH ++} + } +-} + +-for my $mb