Bug#706148: pu: package clamav/0.97.8+dfsg-1~squeeze1
On Saturday, April 27, 2013 11:43:08 AM Adam D. Barratt wrote: > Control: tags -1 + pending > > On Thu, 2013-04-25 at 08:53 -0400, Scott Kitterman wrote: > > New clamav release with security fixes, all the usual reasons > > > > 0.97.8 > > -- > > ClamAV 0.97.8 addresses several reported potential security bugs. Thanks > > to Felix Groebert of the Google Security Team for finding and reporting > > these issues. > > Flagged for acceptance in to p-u; thanks. > > I've also aged the unstable upload so we can get the fixes in to wheezy > more quickly. Once that's sorted we can look at an SUA. > > Regards, > > Adam Here's a rough of the SUA: Debian Stable Updates Announcement SUA 33-1 http://www.debian.org debian-release@lists.debian.org Scott Kitterman April 28th, 2013 --- Package : clamav Version : 0.97.8+dfsg-1~squeeze1 Importance : medium Upstream published version 0.97.8. This is a bugfix release. The changes are not strictly required for operation, but users of the previous version in squeeze may not be able to make use of all current virus signatures and may get warnings. The bug fixes that are part of this release include security-relevant fixes. Felix Groebert of the Google Security Team discovered multiple security issues with clamav. An attacker could use these to cause clamav to crash, resulting in a denial of service, or possibly execute arbitrary code. If you use clamav, we highly recommend you upgrade to this version. [the impact is whishy washy because we don't actually know what the impacts are and no one (AFAICT) is telling] Scott K -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/124284535.Z6PBmCTatC@scott-latitude-e6320
Bug#706286: pre-approve: libpng/1.2.49-4
On Sat, Apr 27, 2013 at 08:30:06PM +0200, Andreas Beckmann wrote: >Package: release.debian.org >Severity: normal >User: release.debian@packages.debian.org >Usertags: unblock > >I identified three packages that don't ship a SONAME symlink and cause >spurious creation and removal of this link by ldconfig. Spurious since >the packages themselves don't call ldconfig, so another installation >will trigger the ldconfig run - 2 seconds or 2 months later. > >As this makes the (dis-)appearance nondeterministic, this could produce >heisenbugs that will be hard to debug. So better ship the link in the >package and let dpkg instead of ldconfig manage creation/removal. > >libpng12-dev is one of them (#706181), due to the >/usr/lib//libpng12.so -> /lib//libpng12.so.0 >link. ldconfig would create >/usr/lib//libpng12.so.0 -> libpng.so > >The attached patch changes the symlinks in the -dev package to >/usr/lib//libpng12.so -> libpng12.so.0 -> /lib//libpng12.so.0 > >Anibal has already signaled to prepare an updated package, so I filed an >unblock versioned as a new maintainer upload. > >This fix could go via unstable, the only difference between sid and >wheezy are some changelog entries. > >Andreas > >unblock libpng/1.2.49-4 The debdiff between 1.2.49-1 (testing) and my new version 1.2.49-4 is below. debdiff libpng_1.2.49-1.dsc libpng_1.2.49-4.dsc diff -Nru libpng-1.2.49/debian/changelog libpng-1.2.49/debian/changelog --- libpng-1.2.49/debian/changelog 2012-04-09 12:14:09.0 +1000 +++ libpng-1.2.49/debian/changelog 2013-04-26 16:49:13.0 +1000 @@ -1,3 +1,27 @@ +libpng (1.2.49-4) unstable; urgency=low + + [ Andreas Beckmann ] + * libpng12-dev: Ship /usr/lib/${DEB_HOST_MULTIARCH}/libpng12.so.0 -> +/lib/${DEB_HOST_MULTIARCH}/libpng12.so.0 symlink, too, to prevent ldconfig +from playing ping-pong with the SONAME link. (Closes: #706181) + + -- Anibal Monsalve Salazar Fri, 26 Apr 2013 16:42:23 +1000 + +libpng (1.2.49-3) unstable; urgency=low + + * Remove patches/02-681408-CVE-2012-3386-Makefile.in.patch. +This patch is unnecessary. This issue is already fixed in automake. + + -- Nobuhiro Iwamatsu Tue, 28 Aug 2012 16:22:51 +0900 + +libpng (1.2.49-2) unstable; urgency=high + + * Change "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386 +Add 02-681408-CVE-2012-3386-Makefile.in.patch +Closes: #681408 + + -- Anibal Monsalve Salazar Fri, 13 Jul 2012 12:31:39 +1000 + libpng (1.2.49-1) unstable; urgency=high * New upstream version 1.2.49 diff -Nru libpng-1.2.49/debian/libpng12-dev.links.in libpng-1.2.49/debian/libpng12-dev.links.in --- libpng-1.2.49/debian/libpng12-dev.links.in 2011-07-18 21:52:43.0 +1000 +++ libpng-1.2.49/debian/libpng12-dev.links.in 2013-04-26 16:41:04.0 +1000 @@ -1,3 +1,4 @@ /usr/share/man/man1/libpng12-config.1.gz /usr/share/man/man1/libpng-config.1.gz /usr/include/libpng12 /usr/include/libpng -/lib/${DEB_HOST_MULTIARCH}/libpng12.so.0 /usr/lib/${DEB_HOST_MULTIARCH}/libpng12.so +/lib/${DEB_HOST_MULTIARCH}/libpng12.so.0 /usr/lib/${DEB_HOST_MULTIARCH}/libpng12.so.0 +/usr/lib/${DEB_HOST_MULTIARCH}/libpng12.so.0 /usr/lib/${DEB_HOST_MULTIARCH}/libpng12.so -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130427220718.ga4...@master.debian.org
[PATCH] release-notes: Improve description of kernel upgrade
Since the 686 flavour has been removed, change the example to use the amd64 flavour and for i386 include a link back to the information about replacement of the 686 flavour. --- a/release-notes/en/upgrading.dbk +++ b/release-notes/en/upgrading.dbk @@ -836,7 +836,7 @@ - + Kernel flavour selection Debian's 686 kernel configuration has been replaced by @@ -1238,13 +1238,15 @@ If you are unsure about which package to select, run uname -r and look for a package with a similar name. For example, if you -see '2.6.32-5-686', it is recommended that you install -linux-image-686. You may also -use apt-cache to see a long description of each package -in order to help choose the best one available. For example: +see '2.6.32-5-amd64', it is recommended that you install +linux-image-amd64. +See also . +You may also use apt-cache to see a long +description of each package in order to help choose the best one +available. For example: -# apt-cache show linux-image-686 +# apt-cache show linux-image-amd64 You should then use apt-get install to install it. Once -- Ben Hutchings Klipstein's 4th Law of Prototyping and Production: A fail-safe circuit will destroy others. signature.asc Description: This is a digitally signed message part
Bug#706296: pu: package ldap2dns/0.3.1-3+squeeze1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: pu Hi, ldap2dns has a nasty bug (#333448) that makes installation fail sometimes with spurious errors. The fix is simple: just drop debconf confmodule sourcing - it is not used at all. Backported from wheezy. Andreas diff -u ldap2dns-0.3.1/debian/changelog ldap2dns-0.3.1/debian/changelog --- ldap2dns-0.3.1/debian/changelog +++ ldap2dns-0.3.1/debian/changelog @@ -1,3 +1,16 @@ +ldap2dns (0.3.1-3+squeeze1) stable; urgency=low + + * Non-maintainer upload. + + [ Luk Claes ] + * Do not include /usr/share/debconf/confmodule in postinst +(Closes: #333448). + + [ Andreas Beckmann ] + * Backport postinst fix from wheezy (0.3.1-3.1) + + -- Andreas Beckmann Sat, 27 Apr 2013 22:38:10 +0200 + ldap2dns (0.3.1-3) unstable; urgency=low * New maintainer (Closes: #248520) diff -u ldap2dns-0.3.1/debian/postinst ldap2dns-0.3.1/debian/postinst --- ldap2dns-0.3.1/debian/postinst +++ ldap2dns-0.3.1/debian/postinst @@ -20,8 +20,6 @@ ;; esac -. /usr/share/debconf/confmodule - umask 022 echo ""
Re: Bug#706110: libgnome{, vfs}2-common: fails to upgrade from squeeze: prerm failure: gconf-schemas: not found
[re-added -release CC that went missing at some point] On Sat, 2013-04-27 at 21:29 +0200, Josselin Mouette wrote: > Le samedi 27 avril 2013 à 16:34 +0100, Adam D. Barratt a écrit : > > > Some versions are bumped, but everything still satisfiable in wheezy. > > > > There's also several new dependencies on gconf-service; maintainers, is > > that expected? I guess they're unlikely to cause issues given that > > gconf2 already depends on gconf-service. > > This is the way gconf deals with multiarch, see libgconf-2-4.shlibs. Okay, thanks. In that case, I guess we could go ahead with the uploads. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367091204.13168.80.ca...@jacala.jungle.funky-badger.org
Bug#706286: pre-approve: libpng/1.2.49-4
Oops, missed the udeb built from libpng, so this is probably another r1 candidate as 1.2.49-1+deb7u1. Andreas -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/517c1b74.2040...@debian.org
Bug#706286: pre-approve: libpng/1.2.49-4
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock I identified three packages that don't ship a SONAME symlink and cause spurious creation and removal of this link by ldconfig. Spurious since the packages themselves don't call ldconfig, so another installation will trigger the ldconfig run - 2 seconds or 2 months later. As this makes the (dis-)appearance nondeterministic, this could produce heisenbugs that will be hard to debug. So better ship the link in the package and let dpkg instead of ldconfig manage creation/removal. libpng12-dev is one of them (#706181), due to the /usr/lib//libpng12.so -> /lib//libpng12.so.0 link. ldconfig would create /usr/lib//libpng12.so.0 -> libpng.so The attached patch changes the symlinks in the -dev package to /usr/lib//libpng12.so -> libpng12.so.0 -> /lib//libpng12.so.0 Anibal has already signaled to prepare an updated package, so I filed an unblock versioned as a new maintainer upload. This fix could go via unstable, the only difference between sid and wheezy are some changelog entries. Andreas unblock libpng/1.2.49-4 diff -Nru libpng-1.2.49/debian/changelog libpng-1.2.49/debian/changelog --- libpng-1.2.49/debian/changelog 2012-04-09 04:14:09.0 +0200 +++ libpng-1.2.49/debian/changelog 2013-04-27 20:04:03.0 +0200 @@ -1,3 +1,27 @@ +libpng (1.2.49-3.1) UNRELEASED; urgency=low + + * Non-maintainer upload. + * libpng12-dev: Ship /usr/lib/${DEB_HOST_MULTIARCH}/libpng12.so.0 -> +/lib/${DEB_HOST_MULTIARCH}/libpng12.so.0 symlink, too, to prevent ldconfig +from playing ping-pong with the SONAME link. (Closes: #706181) + + -- Andreas Beckmann Fri, 26 Apr 2013 00:33:36 +0200 + +libpng (1.2.49-3) unstable; urgency=low + + * Remove patches/02-681408-CVE-2012-3386-Makefile.in.patch. +This patch is unnecessary. This issue is already fixed in automake. + + -- Nobuhiro Iwamatsu Tue, 28 Aug 2012 16:22:51 +0900 + +libpng (1.2.49-2) unstable; urgency=high + + * Change "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386 +Add 02-681408-CVE-2012-3386-Makefile.in.patch +Closes: #681408 + + -- Anibal Monsalve Salazar Fri, 13 Jul 2012 12:31:39 +1000 + libpng (1.2.49-1) unstable; urgency=high * New upstream version 1.2.49 diff -Nru libpng-1.2.49/debian/libpng12-dev.links.in libpng-1.2.49/debian/libpng12-dev.links.in --- libpng-1.2.49/debian/libpng12-dev.links.in 2011-07-18 13:52:43.0 +0200 +++ libpng-1.2.49/debian/libpng12-dev.links.in 2013-04-26 00:32:55.0 +0200 @@ -1,3 +1,4 @@ /usr/share/man/man1/libpng12-config.1.gz /usr/share/man/man1/libpng-config.1.gz /usr/include/libpng12 /usr/include/libpng -/lib/${DEB_HOST_MULTIARCH}/libpng12.so.0 /usr/lib/${DEB_HOST_MULTIARCH}/libpng12.so +/lib/${DEB_HOST_MULTIARCH}/libpng12.so.0 /usr/lib/${DEB_HOST_MULTIARCH}/libpng12.so.0 +/usr/lib/${DEB_HOST_MULTIARCH}/libpng12.so.0 /usr/lib/${DEB_HOST_MULTIARCH}/libpng12.so [The following lists of changes regard files as different if they have different names, permissions or owners.] Files in second .deb but not in first - lrwxrwxrwx root/root /usr/lib/x86_64-linux-gnu/libpng12.so -> libpng12.so.0 lrwxrwxrwx root/root /usr/lib/x86_64-linux-gnu/libpng12.so.0 -> /lib/x86_64-linux-gnu/libpng12.so.0 Files in first .deb but not in second - lrwxrwxrwx root/root /usr/lib/x86_64-linux-gnu/libpng12.so -> /lib/x86_64-linux-gnu/libpng12.so.0 Control files: lines which differ (wdiff format) Depends: libpng12-0 (= [-1.2.49-1),-] {+1.2.49-3.1),+} zlib1g-dev Installed-Size: [-588-] {+589+} Version: [-1.2.49-1-] {+1.2.49-3.1+}
Bug#706281: t-p-u: libusb/0.1.12-20+nmu2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock I identified three packages that don't ship a SONAME symlink and cause spurious creation and removal of this link by ldconfig. Spurious since the packages themselves don't call ldconfig, so another installation will trigger the ldconfig run - 2 seconds or 2 months later. As this makes the (dis-)appearance nondeterministic, this could produce heisenbugs that will be hard to debug. So better ship the link in the package and let dpkg instead of ldconfig manage creation/removal. libusb-dev is one of them (#706278), due to the /usr/lib//libusb.so -> /lib//libusb-0.1.so.4.4.4 link. The SONAME is libusb-0.1.so.4 and ldconfig will create /usr/lib//libusb-0.1.so.4 -> libusb.so The attached patch adds this link to the libusb-dev package: /usr/lib//libusb-0.1.so.4 > /lib//libusb-0.1.so.4 As libusb builds an udeb, too, this will probably have to wait for r1. libusb currently has a non-standard NMU version, we could fix this into 0.1.12-20.1 (or 0.1.12-20.2), but using the more canonical +deb7u1 suffix will be difficult. So I just incremented the "bad" version. Andreas unblock libusb/0.1.12-20+nmu2 diff -Nru libusb-0.1.12/debian/changelog libusb-0.1.12/debian/changelog --- libusb-0.1.12/debian/changelog 2012-09-22 16:02:30.0 +0200 +++ libusb-0.1.12/debian/changelog 2013-04-27 18:22:54.0 +0200 @@ -1,3 +1,12 @@ +libusb (2:0.1.12-20+nmu2) testing; urgency=low + + * Non-maintainer upload. + * libusb-dev: Ship /usr/lib//libusb-0.1.so.4 -> +/lib//libusb-0.1.so.4 symlink to prevent spurious creation of +that SONAME link by ldconfig. (Closes: #706278) + + -- Andreas Beckmann Sat, 27 Apr 2013 18:16:00 +0200 + libusb (2:0.1.12-20+nmu1) testing-proposed-updates; urgency=low * Non-maintainer upload. diff -Nru libusb-0.1.12/debian/libusb-dev.install libusb-0.1.12/debian/libusb-dev.install --- libusb-0.1.12/debian/libusb-dev.install 2011-07-16 12:59:12.0 +0200 +++ libusb-0.1.12/debian/libusb-dev.install 2013-04-27 18:15:47.0 +0200 @@ -1,5 +1,6 @@ usr/bin/libusb-config usr/include/usb.h usr/lib/*/libusb.a +usr/lib/*/libusb-0.1.so.4 usr/lib/*/libusb.so usr/lib/*/pkgconfig/libusb.pc diff -Nru libusb-0.1.12/debian/rules libusb-0.1.12/debian/rules --- libusb-0.1.12/debian/rules 2011-12-31 01:56:04.0 +0100 +++ libusb-0.1.12/debian/rules 2013-04-27 18:34:34.0 +0200 @@ -147,6 +147,8 @@ $(CURDIR)/debian/tmp/lib/$(DEB_HOST_MULTIARCH) ln -sf /lib/$(DEB_HOST_MULTIARCH)/libusb-0.1.so.4.4.4 \ $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libusb.so + ln -sf /lib/$(DEB_HOST_MULTIARCH)/libusb-0.1.so.4 \ + $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libusb-0.1.so.4 # Move all files in their corresponding package dh_install -s -Nlibusb-0.1-udeb --list-missing --sourcedir=debian/tmp
Processed: Re: Bug#706271: t-p-u: libdmtx/0.7.2-2+build1
Processing control commands: > tag -1 pending Bug #706271 [release.debian.org] t-p-u: libdmtx/0.7.2-2+build1 Added tag(s) pending. -- 706271: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706271 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b706271.13670838964679.transcr...@bugs.debian.org
Bug#706271: t-p-u: libdmtx/0.7.2-2+build1
Control: tag -1 pending On 2013-04-27 18:49, Adam D. Barratt wrote: > On Sat, 2013-04-27 at 15:49 +0200, Andreas Beckmann wrote: >> I'd like to NMU libdmtx and do a no-change rebuild in t-p-u to fix two >> issues: >> * get rid of the binNMU >> * fix MA incompatible gzip compression >> http://lists.debian.org/517b2943.7020...@debian.org >> >> I verified that i386 and amd64 are now co-installable. > > Please go ahead. Uploaded to DELAYED/1. I uploaded the i386 build s.t. we can verify that the amd64 build done on a buildd produces an identical .gz file this time. Andreas -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/517c0b72.4090...@debian.org
Processed: Re: Bug#706271: t-p-u: libdmtx/0.7.2-2+build1
Processing control commands: > tags -1 + confirmed Bug #706271 [release.debian.org] t-p-u: libdmtx/0.7.2-2+build1 Added tag(s) confirmed. -- 706271: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706271 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b706271.136708137716247.transcr...@bugs.debian.org
Bug#706271: t-p-u: libdmtx/0.7.2-2+build1
Control: tags -1 + confirmed On Sat, 2013-04-27 at 15:49 +0200, Andreas Beckmann wrote: > I'd like to NMU libdmtx and do a no-change rebuild in t-p-u to fix two > issues: > * get rid of the binNMU > * fix MA incompatible gzip compression > http://lists.debian.org/517b2943.7020...@debian.org > > I verified that i386 and amd64 are now co-installable. Please go ahead. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367081367.13168.77.ca...@jacala.jungle.funky-badger.org
NEW changes in stable-new
Processing changes file: clamav_0.97.8+dfsg-1~squeeze1_mips.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1uw7zd-0006bm...@franck.debian.org
NEW changes in stable-new
Processing changes file: clamav_0.97.8+dfsg-1~squeeze1_armel.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1uw7l6-0002hp...@franck.debian.org
Processed: reopening 704227, user release.debian....@packages.debian.org, usertagging 704227, tagging 704227 ...
Processing commands for cont...@bugs.debian.org: > reopen 704227 Bug #704227 {Done: Jonathan Wiltshire } [release.debian.org] unblock: freebsd-utils/9.0+ds1-11 Bug reopened Ignoring request to alter fixed versions of bug #704227 to the same values previously set > user release.debian@packages.debian.org Setting user to release.debian@packages.debian.org (was christ...@debian.org). > usertags 704227 pu Usertags were: unblock. Usertags are now: unblock pu. > tags 704227 + wheezy Bug #704227 [release.debian.org] unblock: freebsd-utils/9.0+ds1-11 Added tag(s) wheezy. > retitle 704227 pu: freebsd-utils/9.0+ds1-11 Bug #704227 [release.debian.org] unblock: freebsd-utils/9.0+ds1-11 Changed Bug title to 'pu: freebsd-utils/9.0+ds1-11' from 'unblock: freebsd-utils/9.0+ds1-11' > thanks Stopping processing here. Please contact me if you need assistance. -- 704227: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704227 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.136707791724134.transcr...@bugs.debian.org
NEW changes in stable-new
Processing changes file: clamav_0.97.8+dfsg-1~squeeze1_amd64.changes ACCEPT Processing changes file: clamav_0.97.8+dfsg-1~squeeze1_ia64.changes ACCEPT Processing changes file: clamav_0.97.8+dfsg-1~squeeze1_kfreebsd-amd64.changes ACCEPT Processing changes file: clamav_0.97.8+dfsg-1~squeeze1_kfreebsd-i386.changes ACCEPT Processing changes file: clamav_0.97.8+dfsg-1~squeeze1_powerpc.changes ACCEPT Processing changes file: clamav_0.97.8+dfsg-1~squeeze1_sparc.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1uw76f-0007xw...@franck.debian.org
NEW changes in stable-new
Processing changes file: clamav_0.97.8+dfsg-1~squeeze1_s390.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1uw6s4-0004qf...@franck.debian.org
Bug#706110: libgnome{, vfs}2-common: fails to upgrade from squeeze: prerm failure: gconf-schemas: not found
Followup-For: Bug #706110 Control: tag -1 patch On 2013-04-27 10:35, Adam D. Barratt wrote: > If we could get it done over the weekend, that should be okay. I'd be > interested in seeing a binary debdiff of the rebuilt packages against > those in wheezy though. Here are patch + binary debdiffs. Some versions are bumped, but everything still satisfiable in wheezy. Andreas diff -Nru libgnome-2.32.1/debian/changelog libgnome-2.32.1/debian/changelog --- libgnome-2.32.1/debian/changelog 2011-10-05 10:50:07.0 +0200 +++ libgnome-2.32.1/debian/changelog 2013-04-27 16:33:23.0 +0200 @@ -1,3 +1,10 @@ +libgnome (2.32.1-2.1) UNRELEASED; urgency=low + + * Non-maintainer upload. + * libgnome2-common: Add dummy prerm. (Closes: #706110) + + -- Andreas Beckmann Sat, 27 Apr 2013 16:20:35 +0200 + libgnome (2.32.1-2) unstable; urgency=low * Bump Standards-Version to 3.9.2. No further changes. diff -Nru libgnome-2.32.1/debian/libgnome2-common.prerm libgnome-2.32.1/debian/libgnome2-common.prerm --- libgnome-2.32.1/debian/libgnome2-common.prerm 1970-01-01 01:00:00.0 +0100 +++ libgnome-2.32.1/debian/libgnome2-common.prerm 2013-04-27 16:32:20.0 +0200 @@ -0,0 +1,6 @@ +#!/bin/sh +set -e + +# dummy empty prerm, see #706110 + +#DEBHELPER# libgnome2-0: File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Depends: {+gconf-service,+} libbonobo2-0 (>= 2.15.0), libc6 (>= 2.4), libcanberra0 (>= 0.2), [-libgconf2-4-] {+libgconf-2-4+} (>= 2.31.1), libglib2.0-0 (>= 2.24.0), libgnomevfs2-0 (>= 1:2.17.90), liborbit2 (>= 1:2.14.10), libpopt0 (>= [-1.16),-] {+1.14),+} libgnome2-common (>= 2.32), libgnome2-common (<< 2.33), gvfs Installed-Size: [-566-] {+574+} Version: [-2.32.1-2-] {+2.32.1-2.1+} libgnome2-common: [The following lists of changes regard files as different if they have different names, permissions or owners.] Files in second .deb but not in first - -rwxr-xr-x root/root DEBIAN/prerm Control files: lines which differ (wdiff format) Installed-Size: [-5713-] {+4931+} Version: [-2.32.1-2-] {+2.32.1-2.1+} libgnome2-dbg: File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Depends: libgnome2-0 (= [-2.32.1-2)-] {+2.32.1-2.1)+} Installed-Size: [-699-] {+782+} Version: [-2.32.1-2-] {+2.32.1-2.1+} libgnome2-dev: File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Depends: libgnome2-0 (= [-2.32.1-2),-] {+2.32.1-2.1),+} libglib2.0-dev, libbonobo2-dev, liborbit2-dev, libgconf2-dev, libgnomevfs2-dev, libcanberra-dev, libpopt-dev Installed-Size: [-624-] {+621+} Version: [-2.32.1-2-] {+2.32.1-2.1+} libgnome2-doc: File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Installed-Size: [-861-] {+822+} Version: [-2.32.1-2-] {+2.32.1-2.1+} diff -Nru gnome-vfs-2.24.4/debian/changelog gnome-vfs-2.24.4/debian/changelog --- gnome-vfs-2.24.4/debian/changelog 2011-03-16 17:08:00.0 +0100 +++ gnome-vfs-2.24.4/debian/changelog 2013-04-27 17:00:29.0 +0200 @@ -1,3 +1,10 @@ +gnome-vfs (1:2.24.4-1.1) UNRELEASED; urgency=low + + * Non-maintainer upload. + * libgnomevfs2-common: Add dummy prerm. (Closes: #706110) + + -- Andreas Beckmann Sat, 27 Apr 2013 16:59:41 +0200 + gnome-vfs (1:2.24.4-1) unstable; urgency=low * New upstream release. diff -Nru gnome-vfs-2.24.4/debian/libgnomevfs2-common.prerm gnome-vfs-2.24.4/debian/libgnomevfs2-common.prerm --- gnome-vfs-2.24.4/debian/libgnomevfs2-common.prerm 1970-01-01 01:00:00.0 +0100 +++ gnome-vfs-2.24.4/debian/libgnomevfs2-common.prerm 2013-04-27 17:01:46.0 +0200 @@ -0,0 +1,6 @@ +#!/bin/sh +set -e + +# dummy empty prerm, see #706110 + +#DEBHELPER# libgnomevfs2-0-dbg: File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Depends: libgnomevfs2-0 (= [-1:2.24.4-1)-] {+1:2.24.4-1.1)+} Installed-Size: [-3428-] {+3874+} Version: [-1:2.24.4-1-] {+1:2.24.4-1.1+} libgnomevfs2-0: File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Depends: {+gconf-service,+} libacl1 (>= [-2.2.11-1),-] {+2.2.51-8),+} libavahi-client3 (>= 0.6.16), libavahi-common3 (>= 0.6.16), libavahi-glib1 (>= 0.6.16), libc6 (>= 2.4), libdbus-1-3 (>= 1.0.2), libdbus-glib-1-2 (>= 0.78), libfam0, [-libgconf2-4-] {+libgconf-2-4+} (>= [-2.27.0),-] {+2.31.1),+} libgcrypt11 (>= [-1.4.6),-] {+1.4.5),+} libglib2.0-0 (>= [-2.24.0),-] {+2.31.8),+} libgnutls26 (>= [-2.9.11-0),-] {+2.12.17-0),+} libselinux1 (>= 1.32), libxml2 (>= 2.7.4), zlib1g (>=
Bug#694378: marked as done (unblock: apt-cacher-ng/0.7.11-1)
Your message dated Sat, 27 Apr 2013 16:19:50 +0100 with message-id <1367075990.13168.72.ca...@jacala.jungle.funky-badger.org> and subject line Re: Bug#694378: please allow up-to-date apt-cacher-ng in wheezy has caused the Debian Bug report #694378, regarding unblock: apt-cacher-ng/0.7.11-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 694378: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694378 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package apt-cacher-ng it solves #683803 and #677983 (*) since version 0.7.8. These changes are especially required to support http.debian.net redirection properly and to stop the total breakage of "apt-get update" runs on some systems. There are upstream changes but I consider most of them harmless (I am upstream) or they have been tested in Unstable/Experimental for already 16 weeks. Little problems in 0.7.8's changes have been solved in 0.7.10 (18 days in Unstable without new bug reports). (*): assumed, no user complaints this time while previous fixing attempts caused very prompt responses $ debdiff apt-cacher-ng_0.7.6-1_amd64.deb apt-cacher-ng_0.7.10-1_amd64.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Depends: libbz2-1.0, libc6 (>= 2.10), libgcc1 (>= 1:4.1.1), liblzma5 (>= [-5.1.1alpha+20110809),-] {+5.1.1alpha+20120614),+} libstdc++6 (>= 4.6), libwrap0 (>= 7.6-4~), zlib1g (>= 1:1.1.4), debconf (>= 0.5) | debconf-2.0, adduser Installed-Size: [-1158-] {+1175+} Version: [-0.7.6-1-] {+0.7.10-1+} unblock apt-cacher-ng/0.7.10-1 -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.5.0+ (SMP w/4 CPU cores; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash --- End Message --- --- Begin Message --- On Mon, 2013-02-18 at 18:47 +0100, Andreas B. Mundt wrote: > again (cf. #683803) I was bitten by (apt-cacher-ng 0.7.6-1): > > Sun Feb 17 11:47:50 > 2013|http.debian.net/debian/pool/main/p/popt/libpopt0_1.16-7_i386.deb storage > error [301 Moved Permanently], last errno: Operation now in progress > Sun Feb 17 11:56:55 > 2013|http.debian.net/debian/pool/main/libc/libcap2/libcap2_2.22-1.2_i386.deb > storage error [301 Moved Permanently], last errno: Operation now in progress > > This happens rarely, but even with "RedirMax: 0", and it spoils the > debian-lan > setup. > > So please consider the fixed package for wheezy. Offering a fixed package > in backports doesn't make Debian better, because either you use the package > from > backports which will not be better by being in backports or you don't use > acng > at all - which will not need a fixed package. And it causes extra work > to include backport repositories, especially for debian-lan. I do hope I won't end up regretting doing so, but... unblocked. Regards, Adam--- End Message ---
Processed: Re: Bug#699806: unblock: dlocate/1.02+nmu3
Processing commands for cont...@bugs.debian.org: > user release.debian@packages.debian.org Setting user to release.debian@packages.debian.org (was a...@adam-barratt.org.uk). > usertags 699806 = pu Usertags were: unblock. Usertags are now: pu. > retitle 699806 pu: dlocate/1.02+deb7u1 Bug #699806 [release.debian.org] unblock: dlocate/1.02+nmu3 Changed Bug title to 'pu: dlocate/1.02+deb7u1' from 'unblock: dlocate/1.02+nmu3' > thanks Stopping processing here. Please contact me if you need assistance. -- 699806: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699806 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.136707396526332.transcr...@bugs.debian.org
Bug#699806: unblock: dlocate/1.02+nmu3
On 04/27/2013 04:45 PM, Adam D. Barratt wrote: Apologies for not getting back to you about this again sooner. Unfortunately it's now too late to get these fixes in to r0, but I do think we should consider whether some of them are appropriate for a stable update at a later point. Sounds like a great idea. So, I should push that to wheezy-proposed-updates after the release? I haven't done any stable updates before, that's why I'm asking :). Cheers, Adrian -- .''`. John Paul Adrian Glaubitz : :' : Debian Developer - glaub...@debian.org `. `' Freie Universitaet Berlin - glaub...@physik.fu-berlin.de `-GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913 -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/517be51f.9060...@physik.fu-berlin.de
Bug#699806: unblock: dlocate/1.02+nmu3
user release.debian@packages.debian.org usertags 699806 = pu retitle 699806 pu: dlocate/1.02+deb7u1 thanks On Tue, 2013-02-05 at 13:34 +0100, John Paul Adrian Glaubitz wrote: > dlocate has been neglected for quite some time now. I have collected > some patches to fix several minor but annoying bugs in the bugtracker > and fixed the manpages. I understand that these changes are not relevant > for security-related issues and I naturally accept if my unblock request > gets rejected. However, I think all these changes are nice to have and > bring the package into a much better shape for shipping with Wheezy. Apologies for not getting back to you about this again sooner. Unfortunately it's now too late to get these fixes in to r0, but I do think we should consider whether some of them are appropriate for a stable update at a later point. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367073955.13168.68.ca...@jacala.jungle.funky-badger.org
Bug#702353: unblock: python2.7/2.7.3-8
On Sun, 2013-03-24 at 23:07 +0100, Matthias Klose wrote: > > What's the rationale for the second item? hashlib already provides > > those through libcrypto, AIUI, why is the duplication necessary? > > - to provide the same modules as in the debug interpreter. > - to provide them in python2.7-minimal, where hashlib isn't available. The only in-archive packages using -minimal appear to be python-support and python itself. What particular benefit does having the modules in -minimal provide for wheezy? Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367073515.13168.65.ca...@jacala.jungle.funky-badger.org
Processed: Re: Bug#704729: unblock: alsa-base/1.0.25+3 (pre-approval)
Processing commands for cont...@bugs.debian.org: > user release.debian@packages.debian.org Setting user to release.debian@packages.debian.org (was a...@adam-barratt.org.uk). > usertags 704729 = pu Usertags were: unblock. Usertags are now: pu. > retitle 704729 pu: alsa-base/1.0.25+3~deb7u1 Bug #704729 [release.debian.org] unblock: alsa-base/1.0.25+3 (pre-approval) Changed Bug title to 'pu: alsa-base/1.0.25+3~deb7u1' from 'unblock: alsa-base/1.0.25+3 (pre-approval)' > thanks Stopping processing here. Please contact me if you need assistance. -- 704729: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704729 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.136707301719687.transcr...@bugs.debian.org
Bug#704729: unblock: alsa-base/1.0.25+3 (pre-approval)
user release.debian@packages.debian.org usertags 704729 = pu retitle 704729 pu: alsa-base/1.0.25+3~deb7u1 thanks On Thu, 2013-04-25 at 14:35 +0200, Jordi Mallach wrote: > I decided to upload the alsa-base patch in the minimal incarnation I > posted here a few days ago. Just in case this dropped off your radar, or > simply to get further instructions, I'm notifying this here. If you want > to skip this for tpu but would want a pu upload, I can prepare another one > for r1. Just say, I'll do. :) Apologies for not getting back to you about this sooner. At this point I think it might be better to revisit this after the release. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367073009.13168.61.ca...@jacala.jungle.funky-badger.org
Re: Fixing #698914 for wheezy (grub booting Windows 8 via UEFI)
On Sat, 2013-04-27 at 15:37 +0200, Cyril Brulebois wrote: > Steve McIntyre (25/04/2013): > > I opened #698914 a while back, concerned about the lack of support > > in grub and os-prober for detecting Windows 8 on UEFI systems so [...] > We'd need a d-i wheezy rc3. Not sure there's room/time for that. Would > be nice if we could grab that fix and one for grub-installer, but I'm > not sure the latter is going to be ready in time. I guess we could > deal with the “releasing d-i” in less than 2 days once components are > in place (since we already know exactly what's getting updated, that > we won't get any last-minute FTBFS to fix, that we have an easy > announce to draft, and since I'll be personally much more available > than during the past weeks). > > Release managers, what do you think? I am somewhat nervous about the timescales, but if we can get targetted fixes in and builds turned around quickly then I think it's probably worth it to reduce some of the support pain. > (On a side note, d-i wheezy rc2 is getting released right now. > Struggling with cvs as usual, oh the fun.) \o/ (at RC2, not CVS). Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367071264.13168.56.ca...@jacala.jungle.funky-badger.org
Bug#706271: t-p-u: libdmtx/0.7.2-2+build1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package libdmtx Hi, I'd like to NMU libdmtx and do a no-change rebuild in t-p-u to fix two issues: * get rid of the binNMU * fix MA incompatible gzip compression http://lists.debian.org/517b2943.7020...@debian.org I verified that i386 and amd64 are now co-installable. Andreas PS: I deliberately choose +build1 instead of +deb7u1 becaus ethat sorts between +b1 and +deb7u1 unblock libdmtx/0.7.2-2+build1 diff -Nru libdmtx-0.7.2/debian/changelog libdmtx-0.7.2/debian/changelog --- libdmtx-0.7.2/debian/changelog 2012-03-06 03:09:05.0 +0100 +++ libdmtx-0.7.2/debian/changelog 2013-04-27 14:44:51.0 +0200 @@ -1,3 +1,11 @@ +libdmtx (0.7.2-2+build1) testing; urgency=low + + * Non-maintainer upload. + * No-change rebuild to restore multi-arch co-installability. Fix +incompatibly compressed files and clear binNMU. + + -- Andreas Beckmann Sat, 27 Apr 2013 14:34:19 +0200 + libdmtx (0.7.2-2) unstable; urgency=low * Updated standards. File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Source: libdmtx [-(0.7.2-2)-] Version: [-0.7.2-2+b1-] {+0.7.2-2+build1+} File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Depends: libc6 (>= 2.3.4), libdmtx0a (>= 0.7.2), libgomp1 (>= 4.2.1), libmagickcore5 (>= [-8:6.7.4.0),-] {+8:6.7.7.10),+} libmagickwand5 (>= [-8:6.7.4.0)-] {+8:6.7.7.10)+} Installed-Size: [-69-] {+70+} Source: libdmtx [-(0.7.2-2)-] Version: [-0.7.2-2+b1-] {+0.7.2-2+build1+} File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Depends: libdmtx0a (= [-0.7.2-2+b1)-] {+0.7.2-2+build1)+} Installed-Size: [-333-] {+334+} Source: libdmtx [-(0.7.2-2)-] Version: [-0.7.2-2+b1-] {+0.7.2-2+build1+}
Re: Fixing #698914 for wheezy (grub booting Windows 8 via UEFI)
Steve McIntyre (25/04/2013): > I opened #698914 a while back, concerned about the lack of support > in grub and os-prober for detecting Windows 8 on UEFI systems so > that working boot entries would be added automatically at > installation time. At the time, I did not consider the issue > RC. However, discussion yesterday with Wolodja Wentland suggests > that this is becoming a more common problem than I feared, and users > are tripping over this and asking for support on #debian and > elsewhere. I'm thinking that this bug should therefore be considered > RC for the Wheezy r0 release at this point. We'd need a d-i wheezy rc3. Not sure there's room/time for that. Would be nice if we could grab that fix and one for grub-installer, but I'm not sure the latter is going to be ready in time. I guess we could deal with the “releasing d-i” in less than 2 days once components are in place (since we already know exactly what's getting updated, that we won't get any last-minute FTBFS to fix, that we have an easy announce to draft, and since I'll be personally much more available than during the past weeks). Release managers, what do you think? (On a side note, d-i wheezy rc2 is getting released right now. Struggling with cvs as usual, oh the fun.) Mraw, KiBi. signature.asc Description: Digital signature
Bug#706047: marked as done (unblock bacula/5.2.6+dfsg-9)
Your message dated Sat, 27 Apr 2013 14:20:53 +0100 with message-id <20130427132053.gb18...@lupin.home.powdarrmonkey.net> and subject line Re: Bug#706047: unblock bacula/5.2.6+dfsg-9 has caused the Debian Bug report #706047, regarding unblock bacula/5.2.6+dfsg-9 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 706047: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706047 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi! Does all prepared changes acceptable for unblock? debdiff between 5.2.6+dfsg-8 and prepared 5.2.6+dfsg-9 in attach. 1. Update info about upstream license changes. Upstream change license since squeeze release, but this was not properly described in debian/copyright. 2. Remove incorrect systemd service file for bacula-fd due to unaccepted for freeze changes in fixes (Closes: #699943). This changes is a continue of 5.2.6+dfsg-7. I incorrectly think, that bacula-fd systemd service file workable and did not remove it, but systemd maintainers prefer to remove this file too. -- with best regards, Alexander Golovko email: alexan...@ankalagon.ru xmpp: alexan...@ankalagon.ru diffstat for bacula-5.2.6+dfsg bacula-5.2.6+dfsg bacula-fd.install |1 changelog | 10 copyright | 707 -- 3 files changed, 701 insertions(+), 17 deletions(-) diff -Nru bacula-5.2.6+dfsg/debian/bacula-fd.install bacula-5.2.6+dfsg/debian/bacula-fd.install --- bacula-5.2.6+dfsg/debian/bacula-fd.install 2013-01-29 16:42:27.0 +0400 +++ bacula-5.2.6+dfsg/debian/bacula-fd.install 2013-04-24 01:55:47.0 +0400 @@ -1,3 +1,2 @@ usr/sbin/bacula-fd usr/lib/bacula/bpipe-fd.so -platforms/systemd/bacula-fd.service lib/systemd/system diff -Nru bacula-5.2.6+dfsg/debian/changelog bacula-5.2.6+dfsg/debian/changelog --- bacula-5.2.6+dfsg/debian/changelog 2013-01-29 18:47:28.0 +0400 +++ bacula-5.2.6+dfsg/debian/changelog 2013-04-24 01:56:14.0 +0400 @@ -1,3 +1,13 @@ +bacula (5.2.6+dfsg-9) unstable; urgency=low + + * debian/copyright: ++ Update info about upstream license changes. + * debian/bacula-fd.install: +- Remove incorrect systemd service file for bacula-fd due to unaccepted for + freeze changes in fixes (Closes: #699943). + + -- Alexander Golovko Wed, 24 Apr 2013 01:56:12 +0400 + bacula (5.2.6+dfsg-8) unstable; urgency=high * debian/additions/common-functions.dpkg: diff -Nru bacula-5.2.6+dfsg/debian/copyright bacula-5.2.6+dfsg/debian/copyright --- bacula-5.2.6+dfsg/debian/copyright 2013-01-29 16:42:27.0 +0400 +++ bacula-5.2.6+dfsg/debian/copyright 2013-04-24 01:55:20.0 +0400 @@ -3,6 +3,11 @@ and now by the Debian Bacula Team . +Debian-specific files distributed under terms of GPLv2, because: + * at moment of packaging upstream license was GPLv2 + * files was created without explicit license info, that considered as the + same license, as upstream. + It was downloaded from http://www.bacula.org Upstream Authors: Kern Sibbald and John Walker. @@ -11,7 +16,8 @@ The original Bacula code was Copyright Kern Sibbald and John Walker. After November 2004, it became Copyright Kern Sibbald, and finally, the copyright was transferred to the Free Software Foundation Europe -on 15 November 2006. +on 15 November 2006. The license was changed from GPLv2 to AGPLv3 +on 24 July 2010. Trademark: The name Bacula is a registered trademark of Kern Sibbald. @@ -19,31 +25,31 @@ === License: -For the most part, Bacula is licensed under the GPL version 2. This +For the most part, Bacula is licensed under the AGPL version 3. This code is listed under Copyright Free Software Foundation Europe e.V. -What follows is the addition(s) to the GPL version 2 license, that +What follows is the addition(s) to the AGPL version 3 license, that applies to code that is copyrighted by the Free Software Foundation Europe e.V. Linking: -As a special exception to the GPLv2, the Bacula Project gives +As a special exception to the AGPLv3, the Bacula Project gives permission to link the code of its release of Bacula with the OpenSSL project's "OpenSSL" library (or with modified versions of it that use the same license as the "OpenSSL" library), and distribute the linked -executables. You must obey the GNU General Public License in all +executables. You must obey the GNU Affero General Public License in all respects for all of the code
Fwd: Re: not co-installable Multi-Arch:same packages
Dear maintainers, you might consider doing a no-change upload for your package to get rid of a bin-NMU and restore multiarch co-installability. Ensure to build in a really clean sid chroot, otherwise another binNMU could be required to "fix" your package and break MA co-installability again. If you file an unblock request, you should include a *binary* debdiff to the packages in testing, too, to ensure no library dependencies from unstable get picked up. On 2013-04-27 10:21, Adam D. Barratt wrote: > On Sat, 2013-04-27 at 01:45 +0200, Andreas Beckmann wrote: >> a few Multi-Arch: same packages have all their dependencies satisfied, >> but are not co-installable because they got binNMUs. A sourceful >> no-change upload to rebuild them should restore co-installability. >> I've identified 8 source packages where this would help: >> bogl >> clutter-gst >> libdmtx >> libftdi >> libopenraw >> libpano13 >> lua-sql >> myodbc > > Note that such issues are not RC for wheezy. If the maintainers are > interested in fixing them, I might be minded to accept such changes, but > it would need to be /very/ soon. I have to admit to being concerned > about changes that might be introduced by a rebuild of a package in > unstable after several months though... On 2013-04-27 10:27, Adam D. Barratt wrote: > Alternatively, we can look at fixing these issues for the first point > release. That gives us more time to evaluate any potential side-effects > of the rebuilds. Andreas PS: libdmtx would have to go via t-p-u, I'll look into this in more detail because there is another issue, too -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/517bb14f.5060...@debian.org
Re: frozen-proposed-updates?
Hello Am Fri, 26 Apr 2013 09:47:27 +0200 schrieb Julien Cristau : > On Fri, Apr 26, 2013 at 02:44:05 +0200, Christian Hammers wrote: > > > Hello > > > > I'd like to upload a package that fixes a bug in testing's > > quagga_0.99.21-4. I can't upload it via unstable as we have > > already 0.99.22 there and neither can I upload it to > > stable-proposed-updates as this is still for squeeze, right? > > > > So I have to wait a week for the release and then use s-p-u? > > > Please describe the fixes and include the debdiff, we'll figure things > out from there. Here is the debdiff with changelog entry and diff: -=(~/debian/quagga/wheezy)$ debdiff quagga_0.99.21-4.dsc quagga_0.99.21-4+wheezy1.dsc diff -Nru quagga-0.99.21/debian/changelog quagga-0.99.21/debian/changelog --- quagga-0.99.21/debian/changelog 2013-01-06 15:58:00.0 +0100 +++ quagga-0.99.21/debian/changelog 2013-04-25 02:09:06.0 +0200 @@ -1,3 +1,10 @@ +quagga (0.99.21-4+wheezy1) testing-proposed-updates; urgency=medium + + * Applied a patch to prevent ospfd to crash randomly when a neighbor +goes down. Thanks to David Lamparter for pointing out. Closes: #706120 + + -- Christian Hammers Mon, 22 Apr 2013 23:00:01 +0200 + quagga (0.99.21-4) unstable; urgency=medium * Fixed regression bug that caused OSPF "distribute-list" statements to be diff -Nru quagga-0.99.21/debian/patches/99_fix_thread_cancel_event.diff quagga-0.99.21/debian/patches/99_fix_thread_cancel_event.diff --- quagga-0.99.21/debian/patches/99_fix_thread_cancel_event.diff 1970-01-01 01:00:00.0 +0100 +++ quagga-0.99.21/debian/patches/99_fix_thread_cancel_event.diff 2013-04-22 22:09:13.0 +0200 @@ -0,0 +1,51 @@ +From aaa964a8f861d5cd68723adc27236548f3f05713 Mon Sep 17 00:00:00 2001 +From: Jorge Boncompte [DTI2] +Date: Mon, 07 May 2012 15:17:31 + +Subject: lib: fix thread_cancel_event() + + ospfd was crashing some times on neighbour going down. The cause was that +ospf_nsm_event() was accessing already freed memory in ospf_nbr_delete() +call from ospf_nsm_event(). + + What happens is that since commit b5043aab (lib: fix incorrect thread +list...) now a thread can be on the event and ready lists but +thread_cancel_event() doesn't account for that. + +* thread.c: (thread_cancel_event) loop on the ready list too to cancel + pending events. + +Signed-off-by: Jorge Boncompte [DTI2] +Signed-off-by: David Lamparter +--- +diff --git a/lib/thread.c b/lib/thread.c +index b36c43a..dd0413b 100644 +--- a/lib/thread.c b/lib/thread.c +@@ -916,6 +916,24 @@ thread_cancel_event (struct thread_master *m, void *arg) + thread_add_unuse (m, t); + } + } ++ ++ /* thread can be on the ready list too */ ++ thread = m->ready.head; ++ while (thread) ++{ ++ struct thread *t; ++ ++ t = thread; ++ thread = t->next; ++ ++ if (t->arg == arg) ++{ ++ ret++; ++ thread_list_delete (&m->ready, t); ++ t->type = THREAD_UNUSED; ++ thread_add_unuse (m, t); ++} ++} + return ret; + } + +-- +cgit v0.9.0.2 +curl: try 'curl --help' or 'curl --manual' for more information diff -Nru quagga-0.99.21/debian/patches/series quagga-0.99.21/debian/patches/series --- quagga-0.99.21/debian/patches/series2013-01-06 15:45:54.0 +0100 +++ quagga-0.99.21/debian/patches/series2013-04-25 02:33:43.0 +0200 @@ -7,3 +7,4 @@ 10_doc__Makefiles__makeinfo-force.diff 99_CVE-2012-1820_bgp_capability_orf.diff 99_distribute_list.diff +99_fix_thread_cancel_event.diff bye, -christian- signature.asc Description: PGP signature
NEW changes in stable-new
Processing changes file: clamav_0.97.8+dfsg-1~squeeze1_i386.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1uw2eo-0002wf...@franck.debian.org
Processed: closing 699492
Processing commands for cont...@bugs.debian.org: > close 699492 Bug #699492 [release.debian.org] unblock bacula-doc/5.2.6-2 Marked Bug as done > thanks Stopping processing here. Please contact me if you need assistance. -- 699492: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699492 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.136705981924392.transcr...@bugs.debian.org
Re: Security fix for jquery-jplayer 2.1.0-1
On Sat, 2013-04-27 at 12:41 +0200, Pau Garcia i Quiles wrote: > On Sat, Apr 27, 2013 at 10:31 AM, Adam D. Barratt > wrote: > One middle ground that's been used in some other packages is > to > apply the patch directly but also add a copy of the patch to > the source > package (possibly in an otherwise unused debian/patches > directory). > > I have done that. New debdiff attached. > Thanks; please go ahead. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367059678.13168.39.ca...@jacala.jungle.funky-badger.org
Processed: Re: Bug#706148: pu: package clamav/0.97.8+dfsg-1~squeeze1
Processing control commands: > tags -1 + pending Bug #706148 [release.debian.org] pu: package clamav/0.97.8+dfsg-1~squeeze1 Added tag(s) pending. -- 706148: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706148 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b706148.136705939621744.transcr...@bugs.debian.org
Bug#706148: pu: package clamav/0.97.8+dfsg-1~squeeze1
Control: tags -1 + pending On Thu, 2013-04-25 at 08:53 -0400, Scott Kitterman wrote: > New clamav release with security fixes, all the usual reasons > > 0.97.8 > -- > ClamAV 0.97.8 addresses several reported potential security bugs. Thanks to > Felix Groebert of the Google Security Team for finding and reporting these > issues. Flagged for acceptance in to p-u; thanks. I've also aged the unstable upload so we can get the fixes in to wheezy more quickly. Once that's sorted we can look at an SUA. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367059388.13168.38.ca...@jacala.jungle.funky-badger.org
Bug#706047: unblock bacula/5.2.6+dfsg-9
В Sat, 27 Apr 2013 00:13:10 +0100 Jonathan Wiltshire пишет: > Control: tag -1 + confirmed > > On Wed, Apr 24, 2013 at 02:17:12AM +0400, Alexander Golovko wrote: > > Package: release.debian.org > > Severity: normal > > User: release.debian@packages.debian.org > > Usertags: unblock > > > > Hi! > > > > Does all prepared changes acceptable for unblock? > > > > > > debdiff between 5.2.6+dfsg-8 and prepared 5.2.6+dfsg-9 in attach. > > > > > > 1. Update info about upstream license changes. > > > > Upstream change license since squeeze release, but this was not > > properly described in debian/copyright. > > > > > > 2. Remove incorrect systemd service file for bacula-fd due to > > unaccepted for freeze changes in fixes (Closes: #699943). > > > > This changes is a continue of 5.2.6+dfsg-7. I incorrectly think, > > that bacula-fd systemd service file workable and did not remove it, > > but systemd maintainers prefer to remove this file too. > > Please upload urgently. Uploaded into sid > > > -- > Jonathan Wiltshire j...@debian.org > Debian Developer http://people.debian.org/~jmw > > 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 > > i have six years of solaris sysadmin experience, from > 8->10. i am well qualified to say it is made from bonghits > layered on top of bonghits -- with best regards, Alexander Golovko email: alexan...@ankalagon.ru xmpp: alexan...@ankalagon.ru signature.asc Description: PGP signature
Re: Security fix for jquery-jplayer 2.1.0-1
On Sat, Apr 27, 2013 at 10:31 AM, Adam D. Barratt wrote: > On Sat, 2013-04-27 at 09:12 +0200, Vincent Bernat wrote: > > ❦ 27 avril 2013 09:01 CEST, "Thijs Kinkhorst" : > > > > >> Wheezy contains my package jquery-jplayer 2.1.0-1, which is affected > by a > > >> few security issues which have been recently fixed upstream. One of > the > > >> issues is CVE-2013-1942. Two other issues, although important, did > not get > > >> a CVE number. > [...] > > > * Convert to source format 3.0 (quilt) to apply the patches that > carry the > > >fixes > [...] > > Not in the release team either but I disagree that switching to 3.0 > > (quilt) is an unacceptable change. This is far more simple than adding a > > patch system in debian/rules and better practice than putting those > > changes in diff.gz. > > Adding a patch system at this stage isn't really appropriate either, I'm > afraid. One middle ground that's been used in some other packages is to > apply the patch directly but also add a copy of the patch to the source > package (possibly in an otherwise unused debian/patches directory). > I have done that. New debdiff attached. -- Pau Garcia i Quiles http://www.elpauer.org (Due to my workload, I may need 10 days to answer) jquery-jplayer_2.1.0-1_to_2.1.0-2.debdiff Description: Binary data
Bug#706253: marked as done (unblock: device-tree-compiler/1.3.0-2)
Your message dated Sat, 27 Apr 2013 11:21:22 +0100 with message-id <1367058082.13168.37.ca...@jacala.jungle.funky-badger.org> and subject line Re: Bug#706253: unblock: device-tree-compiler/1.3.0-2 has caused the Debian Bug report #706253, regarding unblock: device-tree-compiler/1.3.0-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 706253: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706253 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package device-tree-compiler It fixes RC bug reported at: < http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706137 > diff -Nru device-tree-compiler-1.3.0/debian/changelog device-tree-compiler-1.3.0/debian/changelog --- device-tree-compiler-1.3.0/debian/changelog 2013-04-27 08:01:11.0 + +++ device-tree-compiler-1.3.0/debian/changelog 2013-04-27 07:51:57.0 + @@ -1,3 +1,10 @@ +device-tree-compiler (1.3.0-3) unstable; urgency=low + + * libfdt-dev: Missing header file prevents the library usage +Thanks Domenico Andreoli (Closes: #706137) + + -- Hector Oron Sat, 27 Apr 2013 07:47:09 + + device-tree-compiler (1.3.0-2) unstable; urgency=low * Add libfdt package (Closes: #477565) diff -Nru device-tree-compiler-1.3.0/debian/patches/local-add-missing-header-706137.patch device-tree-compiler-1.3.0/debian/patches/local-add-missing-header-706137.patch --- device-tree-compiler-1.3.0/debian/patches/local-add-missing-header-706137.patch 1970-01-01 00:00:00.0 + +++ device-tree-compiler-1.3.0/debian/patches/local-add-missing-header-706137.patch 2013-04-27 07:51:43.0 + @@ -0,0 +1,32 @@ +Description: libfdt-dev: Missing header file prevents the library usage + device-tree-compiler (1.3.0-3) unstable; urgency=low + . + * libfdt-dev: Missing header file prevents the library usage + Thanks Domenico Andreoli (Closes: #706137) +Author: Hector Oron +Bug-Debian: http://bugs.debian.org/706137 + +--- +The information above should follow the Patch Tagging Guidelines, please +checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here +are templates for supplementary fields that you might want to add: + +Origin: , +Bug: +Bug-Debian: http://bugs.debian.org/ +Bug-Ubuntu: https://launchpad.net/bugs/ +Forwarded: +Reviewed-By: +Last-Update: + +--- device-tree-compiler-1.3.0.orig/libfdt/Makefile.libfdt device-tree-compiler-1.3.0/libfdt/Makefile.libfdt +@@ -4,7 +4,7 @@ + # be easily embeddable into other systems of Makefiles. + # + LIBFDT_soname = libfdt.$(SHAREDLIB_EXT).1 +-LIBFDT_INCLUDES = fdt.h libfdt.h ++LIBFDT_INCLUDES = fdt.h libfdt.h libfdt_env.h + LIBFDT_VERSION = version.lds + LIBFDT_SRCS = fdt.c fdt_ro.c fdt_wip.c fdt_sw.c fdt_rw.c fdt_strerror.c + LIBFDT_OBJS = $(LIBFDT_SRCS:%.c=%.o) diff -Nru device-tree-compiler-1.3.0/debian/patches/series device-tree-compiler-1.3.0/debian/patches/series --- device-tree-compiler-1.3.0/debian/patches/series2013-04-27 08:01:11.0 + +++ device-tree-compiler-1.3.0/debian/patches/series2013-04-27 07:50:46.0 + @@ -20,3 +20,4 @@ 20_Add-fdtget-utility-to-read-property-values-from-a-de.patch 21_Add-fdtput-utility-to-write-property-values-to-a-dev.patch 22_Introduce-TESTS_BIN-in-Makefiles-to-identify-tested-.patch +local-add-missing-header-706137.patch diff -Nru device-tree-compiler-1.3.0/debian/source/format device-tree-compiler-1.3.0/debian/source/format --- device-tree-compiler-1.3.0/debian/source/format 2013-04-27 08:01:11.0 + +++ device-tree-compiler-1.3.0/debian/source/format 2013-04-27 07:49:40.0 + @@ -1 +1 @@ -1.0 +3.0 (quilt) unblock device-tree-compiler/1.3.0-3 -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (900, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 3.8-trunk-686-pae (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash --- End Message --- --- Begin Message --- On Sat, 2013-04-27 at 12:04 +0200, Hector Oron wrote: > 2013/4/27 Adam D. Barratt : > > >> It slipped through, I noticed, but I thought it was not an issue. I > >> could do new upload and revert it. > > > That would be appreciated; thanks. > > Done. Fixed in device-tree-compiler 1.3.0-4, a debdiff against package > in wheezy: Unblocked; thanks. Regards, Adam--- End Message ---
Bug#706253: unblock: device-tree-compiler/1.3.0-2
Hello, 2013/4/27 Adam D. Barratt : >> It slipped through, I noticed, but I thought it was not an issue. I >> could do new upload and revert it. > That would be appreciated; thanks. Done. Fixed in device-tree-compiler 1.3.0-4, a debdiff against package in wheezy: diff -u device-tree-compiler-1.3.0/debian/changelog device-tree-compiler-1.3.0/debian/changelog --- device-tree-compiler-1.3.0/debian/changelog +++ device-tree-compiler-1.3.0/debian/changelog @@ -1,3 +1,16 @@ +device-tree-compiler (1.3.0-4) unstable; urgency=low + + * Revert accidental source format change. + + -- Hector Oron Sat, 27 Apr 2013 09:59:06 + + +device-tree-compiler (1.3.0-3) unstable; urgency=low + + * libfdt-dev: Missing header file prevents the library usage +Thanks Domenico Andreoli (Closes: #706137) + + -- Hector Oron Sat, 27 Apr 2013 07:47:09 + + device-tree-compiler (1.3.0-2) unstable; urgency=low * Add libfdt package (Closes: #477565) diff -u device-tree-compiler-1.3.0/debian/patches/series device-tree-compiler-1.3.0/debian/patches/series --- device-tree-compiler-1.3.0/debian/patches/series +++ device-tree-compiler-1.3.0/debian/patches/series @@ -22,0 +23 @@ +local-add-missing-header-706137.patch only in patch2: unchanged: --- device-tree-compiler-1.3.0.orig/debian/patches/local-add-missing-header-706137.patch +++ device-tree-compiler-1.3.0/debian/patches/local-add-missing-header-706137.patch @@ -0,0 +1,19 @@ +Description: libfdt-dev: Missing header file prevents the library usage + device-tree-compiler (1.3.0-3) unstable; urgency=low + . + * libfdt-dev: Missing header file prevents the library usage + Thanks Domenico Andreoli (Closes: #706137) +Author: Hector Oron +Bug-Debian: http://bugs.debian.org/706137 + +--- device-tree-compiler-1.3.0.orig/libfdt/Makefile.libfdt device-tree-compiler-1.3.0/libfdt/Makefile.libfdt +@@ -4,7 +4,7 @@ + # be easily embeddable into other systems of Makefiles. + # + LIBFDT_soname = libfdt.$(SHAREDLIB_EXT).1 +-LIBFDT_INCLUDES = fdt.h libfdt.h ++LIBFDT_INCLUDES = fdt.h libfdt.h libfdt_env.h + LIBFDT_VERSION = version.lds + LIBFDT_SRCS = fdt.c fdt_ro.c fdt_wip.c fdt_sw.c fdt_rw.c fdt_strerror.c + LIBFDT_OBJS = $(LIBFDT_SRCS:%.c=%.o) -- Héctor Orón -.. . -... .. .- -. -.. . ...- . .-.. --- .--. . .-. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caodfwegc6ydjs2osdammwg1uyrgvctvnjjlh7lgdyvjmgo6...@mail.gmail.com
Bug#706253: unblock: device-tree-compiler/1.3.0-2
On Sat, 2013-04-27 at 11:55 +0200, Hector Oron wrote: > 2013/4/27 Adam D. Barratt : > >> +3.0 (quilt) > > > Why is this change included? It's not documented in the changelog, has > > been on the list of things /not/ to do in the freeze policy for ages and > > the package appears to have an already functioning patch system in any > > case. > > It slipped through, I noticed, but I thought it was not an issue. I > could do new upload and revert it. That would be appreciated; thanks. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367056867.13168.32.ca...@jacala.jungle.funky-badger.org
Bug#706253: unblock: device-tree-compiler/1.3.0-2
Hello, 2013/4/27 Adam D. Barratt : >> diff -Nru device-tree-compiler-1.3.0/debian/source/format >> device-tree-compiler-1.3.0/debian/source/format >> --- device-tree-compiler-1.3.0/debian/source/format 2013-04-27 >> 08:01:11.0 + >> +++ device-tree-compiler-1.3.0/debian/source/format 2013-04-27 >> 07:49:40.0 + >> @@ -1 +1 @@ >> -1.0 >> +3.0 (quilt) > Why is this change included? It's not documented in the changelog, has > been on the list of things /not/ to do in the freeze policy for ages and > the package appears to have an already functioning patch system in any > case. It slipped through, I noticed, but I thought it was not an issue. I could do new upload and revert it. Regards, -- Héctor Orón -.. . -... .. .- -. -.. . ...- . .-.. --- .--. . .-. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caodfwehexf4_ooueuhd1z9oztqk9fbmjvq3zmgh-_arleea...@mail.gmail.com
Re: Bug#706110: libgnome{, vfs}2-common: fails to upgrade from squeeze: prerm failure: gconf-schemas: not found
On Sat, 2013-04-27 at 01:35 +0200, Andreas Beckmann wrote: > If skipping the old gconf-schemas --unregister call is not problematic > because an equivalent action will be done by trigger processing (and no > stale schemas will stay registered), adding the empty dummy prerm should > be a safe solution. And we should do it at least for the two packages > that have shown to produce the problem so far. If we could get it done over the weekend, that should be okay. I'd be interested in seeing a binary debdiff of the rebuilt packages against those in wheezy though. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367051731.13168.18.ca...@jacala.jungle.funky-badger.org
Re: Security fix for jquery-jplayer 2.1.0-1
On Sat, 2013-04-27 at 09:12 +0200, Vincent Bernat wrote: > ❦ 27 avril 2013 09:01 CEST, "Thijs Kinkhorst" : > > >> Wheezy contains my package jquery-jplayer 2.1.0-1, which is affected by a > >> few security issues which have been recently fixed upstream. One of the > >> issues is CVE-2013-1942. Two other issues, although important, did not get > >> a CVE number. [...] > > * Convert to source format 3.0 (quilt) to apply the patches that carry the > >fixes [...] > Not in the release team either but I disagree that switching to 3.0 > (quilt) is an unacceptable change. This is far more simple than adding a > patch system in debian/rules and better practice than putting those > changes in diff.gz. Adding a patch system at this stage isn't really appropriate either, I'm afraid. One middle ground that's been used in some other packages is to apply the patch directly but also add a copy of the patch to the source package (possibly in an otherwise unused debian/patches directory). Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367051468.13168.16.ca...@jacala.jungle.funky-badger.org
Re: not co-installable Multi-Arch:same packages
On Sat, 2013-04-27 at 09:21 +0100, Adam D. Barratt wrote: > On Sat, 2013-04-27 at 01:45 +0200, Andreas Beckmann wrote: > > a few Multi-Arch: same packages have all their dependencies satisfied, > > but are not co-installable because they got binNMUs. A sourceful > > no-change upload to rebuild them should restore co-installability. > > I've identified 8 source packages where this would help: [...] > Note that such issues are not RC for wheezy. If the maintainers are > interested in fixing them, I might be minded to accept such changes, but > it would need to be /very/ soon. I have to admit to being concerned > about changes that might be introduced by a rebuild of a package in > unstable after several months though... Alternatively, we can look at fixing these issues for the first point release. That gives us more time to evaluate any potential side-effects of the rebuilds. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367051272.13168.13.ca...@jacala.jungle.funky-badger.org
Re: Security fix for jquery-jplayer 2.1.0-1
❦ 27 avril 2013 09:18 CEST, Niels Thykier : >> Not in the release team either but I disagree that switching to 3.0 >> (quilt) is an unacceptable change. This is far more simple than adding a >> patch system in debian/rules and better practice than putting those >> changes in diff.gz. >> > > Hi, > > While you are welcome to disagree, this type of change has been > considered unacceptable since the start of the freeze[1]. > > ~Niels > > [1] http://release.debian.org/wheezy/freeze_policy.html > > Admittedly, it was not explicitly listed under "Rule 1" at first, but it > was still considered unacceptable. I didn't know such a rule (which is quite surprising). My bad. -- printk("HPFS: G... Kernel memory corrupted ... going on, but it'll crash very soon :-(\n"); 2.4.3 linux/fs/hpfs/super.c pgpaJDwTLTz8G.pgp Description: PGP signature
Re: not co-installable Multi-Arch:same packages
On Sat, 2013-04-27 at 01:45 +0200, Andreas Beckmann wrote: > a few Multi-Arch: same packages have all their dependencies satisfied, > but are not co-installable because they got binNMUs. A sourceful > no-change upload to rebuild them should restore co-installability. > I've identified 8 source packages where this would help: > bogl > clutter-gst > libdmtx > libftdi > libopenraw > libpano13 > lua-sql > myodbc Note that such issues are not RC for wheezy. If the maintainers are interested in fixing them, I might be minded to accept such changes, but it would need to be /very/ soon. I have to admit to being concerned about changes that might be introduced by a rebuild of a package in unstable after several months though... Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367050916.13168.10.ca...@jacala.jungle.funky-badger.org
Bug#706253: unblock: device-tree-compiler/1.3.0-2
Control: tags -1 + moreinfo On Sat, 2013-04-27 at 10:02 +0200, Hector Oron wrote: > Please unblock package device-tree-compiler > > It fixes RC bug reported at: > < http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706137 > Thanks for the fix, but... > diff -Nru device-tree-compiler-1.3.0/debian/source/format > device-tree-compiler-1.3.0/debian/source/format > --- device-tree-compiler-1.3.0/debian/source/format 2013-04-27 > 08:01:11.0 + > +++ device-tree-compiler-1.3.0/debian/source/format 2013-04-27 > 07:49:40.0 + > @@ -1 +1 @@ > -1.0 > +3.0 (quilt) Why is this change included? It's not documented in the changelog, has been on the list of things /not/ to do in the freeze policy for ages and the package appears to have an already functioning patch system in any case. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1367050461.13168.6.ca...@jacala.jungle.funky-badger.org
Processed: Re: Bug#706253: unblock: device-tree-compiler/1.3.0-2
Processing control commands: > tags -1 + moreinfo Bug #706253 [release.debian.org] unblock: device-tree-compiler/1.3.0-2 Added tag(s) moreinfo. -- 706253: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706253 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b706253.136705047123438.transcr...@bugs.debian.org
Bug#706253: unblock: device-tree-compiler/1.3.0-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package device-tree-compiler It fixes RC bug reported at: < http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706137 > diff -Nru device-tree-compiler-1.3.0/debian/changelog device-tree-compiler-1.3.0/debian/changelog --- device-tree-compiler-1.3.0/debian/changelog 2013-04-27 08:01:11.0 + +++ device-tree-compiler-1.3.0/debian/changelog 2013-04-27 07:51:57.0 + @@ -1,3 +1,10 @@ +device-tree-compiler (1.3.0-3) unstable; urgency=low + + * libfdt-dev: Missing header file prevents the library usage +Thanks Domenico Andreoli (Closes: #706137) + + -- Hector Oron Sat, 27 Apr 2013 07:47:09 + + device-tree-compiler (1.3.0-2) unstable; urgency=low * Add libfdt package (Closes: #477565) diff -Nru device-tree-compiler-1.3.0/debian/patches/local-add-missing-header-706137.patch device-tree-compiler-1.3.0/debian/patches/local-add-missing-header-706137.patch --- device-tree-compiler-1.3.0/debian/patches/local-add-missing-header-706137.patch 1970-01-01 00:00:00.0 + +++ device-tree-compiler-1.3.0/debian/patches/local-add-missing-header-706137.patch 2013-04-27 07:51:43.0 + @@ -0,0 +1,32 @@ +Description: libfdt-dev: Missing header file prevents the library usage + device-tree-compiler (1.3.0-3) unstable; urgency=low + . + * libfdt-dev: Missing header file prevents the library usage + Thanks Domenico Andreoli (Closes: #706137) +Author: Hector Oron +Bug-Debian: http://bugs.debian.org/706137 + +--- +The information above should follow the Patch Tagging Guidelines, please +checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here +are templates for supplementary fields that you might want to add: + +Origin: , +Bug: +Bug-Debian: http://bugs.debian.org/ +Bug-Ubuntu: https://launchpad.net/bugs/ +Forwarded: +Reviewed-By: +Last-Update: + +--- device-tree-compiler-1.3.0.orig/libfdt/Makefile.libfdt device-tree-compiler-1.3.0/libfdt/Makefile.libfdt +@@ -4,7 +4,7 @@ + # be easily embeddable into other systems of Makefiles. + # + LIBFDT_soname = libfdt.$(SHAREDLIB_EXT).1 +-LIBFDT_INCLUDES = fdt.h libfdt.h ++LIBFDT_INCLUDES = fdt.h libfdt.h libfdt_env.h + LIBFDT_VERSION = version.lds + LIBFDT_SRCS = fdt.c fdt_ro.c fdt_wip.c fdt_sw.c fdt_rw.c fdt_strerror.c + LIBFDT_OBJS = $(LIBFDT_SRCS:%.c=%.o) diff -Nru device-tree-compiler-1.3.0/debian/patches/series device-tree-compiler-1.3.0/debian/patches/series --- device-tree-compiler-1.3.0/debian/patches/series2013-04-27 08:01:11.0 + +++ device-tree-compiler-1.3.0/debian/patches/series2013-04-27 07:50:46.0 + @@ -20,3 +20,4 @@ 20_Add-fdtget-utility-to-read-property-values-from-a-de.patch 21_Add-fdtput-utility-to-write-property-values-to-a-dev.patch 22_Introduce-TESTS_BIN-in-Makefiles-to-identify-tested-.patch +local-add-missing-header-706137.patch diff -Nru device-tree-compiler-1.3.0/debian/source/format device-tree-compiler-1.3.0/debian/source/format --- device-tree-compiler-1.3.0/debian/source/format 2013-04-27 08:01:11.0 + +++ device-tree-compiler-1.3.0/debian/source/format 2013-04-27 07:49:40.0 + @@ -1 +1 @@ -1.0 +3.0 (quilt) unblock device-tree-compiler/1.3.0-3 -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (900, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 3.8-trunk-686-pae (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130427080225.27413.4317.report...@polynomio.collabora.co.uk
Re: Security fix for jquery-jplayer 2.1.0-1
On 2013-04-27 09:12, Vincent Bernat wrote: > ❦ 27 avril 2013 09:01 CEST, "Thijs Kinkhorst" : > >> [...] > > Not in the release team either but I disagree that switching to 3.0 > (quilt) is an unacceptable change. This is far more simple than adding a > patch system in debian/rules and better practice than putting those > changes in diff.gz. > Hi, While you are welcome to disagree, this type of change has been considered unacceptable since the start of the freeze[1]. ~Niels [1] http://release.debian.org/wheezy/freeze_policy.html Admittedly, it was not explicitly listed under "Rule 1" at first, but it was still considered unacceptable. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/517b7bc2.8090...@thykier.net
Re: Security fix for jquery-jplayer 2.1.0-1
❦ 27 avril 2013 09:01 CEST, "Thijs Kinkhorst" : >> Wheezy contains my package jquery-jplayer 2.1.0-1, which is affected by a >> few security issues which have been recently fixed upstream. One of the >> issues is CVE-2013-1942. Two other issues, although important, did not get >> a CVE number. >> >> I have backported the patches and created jquery-jplayer 2.1.0-2. Debdiff >> is attached. >> >> Is it OK to upload this to the archive? > > Although I'm not in the release team, I'm sure the following changes are > unacceptable at this point: > > * Convert to source format 3.0 (quilt) to apply the patches that carry the >fixes > * Update standards to 3.9.4.0 (no changes needed) > > Can you prepare an upload without these (where you just apply the patches > in the old-style 1.0 way)? Not in the release team either but I disagree that switching to 3.0 (quilt) is an unacceptable change. This is far more simple than adding a patch system in debian/rules and better practice than putting those changes in diff.gz. -- printk(KERN_WARNING "Multi-volume CD somehow got mounted.\n"); 2.2.16 /usr/src/linux/fs/isofs/inode.c pgpubzQm8c5Bf.pgp Description: PGP signature
Re: Security fix for jquery-jplayer 2.1.0-1
Hi Pau, On Sat, April 27, 2013 01:31, Pau Garcia i Quiles wrote: > Wheezy contains my package jquery-jplayer 2.1.0-1, which is affected by a > few security issues which have been recently fixed upstream. One of the > issues is CVE-2013-1942. Two other issues, although important, did not get > a CVE number. > > I have backported the patches and created jquery-jplayer 2.1.0-2. Debdiff > is attached. > > Is it OK to upload this to the archive? Although I'm not in the release team, I'm sure the following changes are unacceptable at this point: * Convert to source format 3.0 (quilt) to apply the patches that carry the fixes * Update standards to 3.9.4.0 (no changes needed) Can you prepare an upload without these (where you just apply the patches in the old-style 1.0 way)? Thanks, Thijs -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cb5e856619f39ae20344bfd365a1944a.squir...@aphrodite.kinkhorst.nl