Adding dMagnetic - A Magnetic Scrolls Interpreter with ANSI art?

[dettus]

Hello.


My name is Thomas Dettbarn, and following a suggestion on 
debian-upstream@, I would like to advertise an RFP/RFA I reported to the 
bugtracker:


https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929619


Hopefully this increases its visibility. :)


This package, which I would very much like to see in your package 
collection, is a Magnetic Scrolls Interpreter. When I grew up, they 
wrote beautiful text adventures, such as "The Pawn" or "The Guild Of 
Thieves". My dreams were always to be able to play them not only on 
modern hardware, but also in a terminal window.


I succeeded, you can see the beautiful screenshots on the website I 
created for that purpose: http://www.dettus.net/dMagnetic



 I already succeeded in creating the inkling of the package, you would 
have to download the sources, apply the patches, and then you could 
compile everything. I took the liberty of uploading it to github: 
https://github.com/dettus/ports_and_packages/


What I am looking for is somebody putting on the finishing touches on 
the package, and ideally taking over as "Maintainer", since I see myself 
more as a "Developer".



Thomas Dettbarn


P.S.: Please please put my project in your package repository! :)

Re: Some questions about DD status and salsa

[Jonathan Carter]

On 2019/05/28 01:05, MENGUAL Jean-Philippe wrote:
> I am happy with being now a non-uploading DD. And I dont know where to
> ask, sorry for the noise.
> 
> For non-uploading DD, is a salsa account created? I tried to auth with
> it, but not possible, then to reset the passwd, but I dont rceive mail
> to do it on @debian.org.

Our nomenclature is a bit confusing on that one. In reality, a DD and a
none-uploading DD are very similar, the significant difference is that a
none-uploading DD doesn't have upload rights to the debian archive. Both
are full project members that represent the project and can vote in the
elections.

People who aren't DDs can sign up for a guest account on salsa using:
https://signup.salsa.debian.org/

More information on https://wiki.debian.org/Salsa/Doc

-Jonathan

-- 
  ⢀⣴⠾⠻⢶⣦⠀  Jonathan Carter (highvoltage) 
  ⣾⠁⢠⠒⠀⣿⡁  Debian Developer - https://wiki.debian.org/highvoltage
  ⢿⡄⠘⠷⠚⠋   https://debian.org | https://jonathancarter.org
  ⠈⠳⣄  Be Bold. Be brave. Debian has got your back.

Accepted pkgsel 0.66 (source) into unstable

[Holger Wansing]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 28 May 2019 07:24:25 +0200
Source: pkgsel
Architecture: source
Version: 0.66
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team 
Changed-By: Holger Wansing 
Closes: 927490
Changes:
 pkgsel (0.66) unstable; urgency=medium
 .
   * Team upload
 .
   [ Cyril Brulebois ]
   * Remove Christian Perrier from Uploaders, with many thanks for all
 his contributions over the years! (Closes: #927490)
 .
   [ Updated translations ]
   * Arabic (ar.po) by Osama
Checksums-Sha1:
 55068cd4d25191f01096c295cd4605e09f26b277 1570 pkgsel_0.66.dsc
 0d9c13bdb5c8fad409bfe23af8512a896aa51cf0 56712 pkgsel_0.66.tar.xz
 442cb0e10a898c8475882c4d377d85c91d13df6f 5203 pkgsel_0.66_amd64.buildinfo
Checksums-Sha256:
 5c8feb1b13093c252383b6fce95b72bff91e1a725bb2e797dbfe18d272ecc5e2 1570 
pkgsel_0.66.dsc
 31f212da3ae84e55e00095731ca9c5070939f2a6f058c2e35d21a51d4b8a62bf 56712 
pkgsel_0.66.tar.xz
 17adbd481e362fa63892e38be46330658ce9700827d9841600a32804a3faa1d7 5203 
pkgsel_0.66_amd64.buildinfo
Files:
 6344b53c73d55da35eaab53f6bf1d5ff 1570 debian-installer standard pkgsel_0.66.dsc
 d909eaac5defa42999f760de3f4dc40d 56712 debian-installer standard 
pkgsel_0.66.tar.xz
 36b161639594a9e16384a3b0b72b6afb 5203 debian-installer standard 
pkgsel_0.66_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJJBAEBCAAzFiEESWrG6BRCSzSFCDUpWfGHyhVusHYFAlzsyKUVHGh3YW5zaW5n
QG1haWxib3gub3JnAAoJEFnxh8oVbrB2FEoP/3/fEABuotMHNx2BA505JN13ZlV6
4kCZvn5rus8CkiVbKQ1QpJdinjK42udNresbgqVMLrGBdW8Bqz7AOTb6zhLVe+NS
8kCm/w0TgvXxvFIWUkPj9m7NJ5T6uhtx4RSMq9O1ICgWr7ONxU57yIR1VtL4Mxgw
zwYGxIdhrHClw9kHk//um8ad/DTszkj6ZW+eTVOhnfr6Wp1N61ZeMIg+qHutySF6
6xWKIliN48AeCtEikXherkJcmKgofpS7gnJ0/bLqbeK0fKWr88MJ3vsF44eAKbYZ
AWUis/PX6oHRZGF7s5Xtx6kEsrvmf/huszybO4bivwaGI0bDg7OJRFMQI828HzZm
O7HlTZZqJ3IVjIBndU4sxrF41/vOUUBRspa8TDuDPt285MDMgSzGuOf3b8yiC9ES
Dskkxj/63Kp2qfnn3VaccF5MgbNgJbdNBcYZQ5ZUFN4VloKNj0c4pm5lMm2lvO+E
bPHZjcwyVKeFf3EK0ZdvL58Mh8mqiWF5ADUl80rLyUqmUzaFDlZkPfGub3MHbZJF
c3fclpXDLc3fXADKUiwA+ohJ6fintBKaFPWwqP8RjRS+90ZZxnmtciscvwzQKXVj
0Ya0RIjrFTXE3CCe5SG/2sdmntQ9lTPOUgpXKyz9NcH6MHD7T2qdn7uQzbHrjLBx
MmI3BSoa86Qp2WjU
=fDXj
-END PGP SIGNATURE-

Accepted partman-target 115 (source) into unstable

[Holger Wansing]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 28 May 2019 07:17:20 +0200
Source: partman-target
Architecture: source
Version: 115
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team 
Changed-By: Holger Wansing 
Changes:
 partman-target (115) unstable; urgency=medium
 .
   * Team upload
 .
   [ Updated translations ]
   * Hebrew (he.po) by Yaron Shahrabani
Checksums-Sha1:
 2cc8d1b16c496e07fa22eeae58b9b5b75a5cb71f 1743 partman-target_115.dsc
 3873c05e38e702a0febfcd46cbbc972eb60de375 126692 partman-target_115.tar.xz
 4a16c00d84e74796579eb7ab68dc409f95385456 5289 
partman-target_115_amd64.buildinfo
Checksums-Sha256:
 e5a1f569037c2963888c3bf5bf05be0b88f697b55f6f4fb580c5edc15b605910 1743 
partman-target_115.dsc
 42a19cec6f651ed891f0530299da313b343f55e8797cec245e816bac03840b01 126692 
partman-target_115.tar.xz
 80ec63c661ed20e4c5b7324ade1f50ea843ba3f2dd7a4d17b509dcf45a0220be 5289 
partman-target_115_amd64.buildinfo
Files:
 e961e5b4d62f02530f9945e47d20675a 1743 debian-installer standard 
partman-target_115.dsc
 76ed85295210de4fa0564c42d1e00be9 126692 debian-installer standard 
partman-target_115.tar.xz
 f3fa4cd800908236a2eb807b5ed8006c 5289 debian-installer standard 
partman-target_115_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJJBAEBCAAzFiEESWrG6BRCSzSFCDUpWfGHyhVusHYFAlzsxbgVHGh3YW5zaW5n
QG1haWxib3gub3JnAAoJEFnxh8oVbrB2t7EP/Rbwgrrb5gWaIiS3y8wq7boBsXgS
TOHkSw53rQ3lx11IXxg5cFM77LSky89oJiOoLJkEkjfdxf7/31ZqDBtgmPTbgVD+
+cvd6rGzjsFArJQMwcmdpUg3HDvJqX4b9dvDLxnod7t1hMjF88XJDpcrxmuhiJCd
W5STw+EkYP6FVqjn5Y8jAI2VMUlsXQnKm4Kt60QmzrjokuePaW5mcA/bXR04w1wK
4q9D3+U8QS592h7WHL/8Q0wqAHIgs6Kj6lb+jYqw8HxhtNh8dc15M1LK2FRuzDJi
SQLVE9Rvoiso1tpH2K+6dnnrkdyeAJmCiScedFIsHJ+3rQ/r/KVAPQwhh6qlP62L
wyiQzwVeReyx29EP54atIUdyi/6ibNhCtem4Jmj+Kl2J/YxQcHmjPMoVI4r70tM+
A5oms6ZM7/GU1ablLVkWhRsEzQQ2aIJfHdowWorLup2kqlQe8Dco4DgPXdNwmfcZ
kDjMeubTMS1MCRVOIVl/R6QU6fUBeH3OyKTqR4QEzuAMsawthD6ul+ZI9vTdX/ry
wsMEV1rWicKlHTwPi7H7xeCHca2YaEs8MZhlWNIHbjiQtaXhYAb+3xgNMSfhWXIP
zu87w3eJOiIAmpuo5y7b5HaPo/Wql18v+EAAjuZtmpKdNdkot6sr/xbp7hRpPPHA
a6sMf8TfkFArRuIT
=ANbF
-END PGP SIGNATURE-

Accepted apt-setup 1:0.150 (source) into unstable

[Holger Wansing]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 28 May 2019 07:09:04 +0200
Source: apt-setup
Architecture: source
Version: 1:0.150
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team 
Changed-By: Holger Wansing 
Closes: 927494
Changes:
 apt-setup (1:0.150) unstable; urgency=medium
 .
   * Team upload
 .
   * Remove Christian Perrier from Uploaders, with many thanks for all
 his contributions over the years! (Closes: #927494)
 .
   [ Updated translations ]
   * Hebrew (he.po) by Yaron Shahrabani
Checksums-Sha1:
 1efdd73fab0032d0f1d8cc00d7c4d1a55fa608a9 1823 apt-setup_0.150.dsc
 b05d4bbe5c7a32f36130fbe63696121ef6f6d090 253324 apt-setup_0.150.tar.xz
 2ee05bb24b93f6454b9d0ddc326ef22841459c5d 5817 apt-setup_0.150_amd64.buildinfo
Checksums-Sha256:
 480320a908a9081b01f28835b32ce628ce21782802ae82fc5e258d50c3e04c2c 1823 
apt-setup_0.150.dsc
 5964b22049e59b0bd2fc198c35e65ac1093693eb83ae73fe54916e171191a15a 253324 
apt-setup_0.150.tar.xz
 9033a72886b0f99c43c33a4489df759ec698980720112a537f78c028d96f1d0f 5817 
apt-setup_0.150_amd64.buildinfo
Files:
 4b1e39430b93a4800391ac6e89c59cd0 1823 debian-installer optional 
apt-setup_0.150.dsc
 c78e7d800a445a848b85f9b236f9de5f 253324 debian-installer optional 
apt-setup_0.150.tar.xz
 1ff3ee44b6271a7b081bfa2ae3f8 5817 debian-installer optional 
apt-setup_0.150_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJJBAEBCAAzFiEESWrG6BRCSzSFCDUpWfGHyhVusHYFAlzsxAwVHGh3YW5zaW5n
QG1haWxib3gub3JnAAoJEFnxh8oVbrB2i8gQALW2RH+rux20JhY0FmX0y+SA7o8U
KH1ovMOxSmaOopl+RVwNRVXH/7bh/v5runYBowvmnrqPqNQLLVf2RNyFMT376yDS
rFTd7+X3xXMq7IrbzcApoC5tAA92DK63MfC5ZvuAGSj2zvhS9mpHJgx3U9RI1bmJ
G60+K69chVuKR09TqKehlMkTByN3lPMgCV0bhCYgSrc5pX/GpTgXO3ycIrHo2gTr
+8yz/QiCEMBeNm9NdvxAIKwwhxtW1ve8ZMLKxRBbj/OOEG4vDlmJba9gF5fzEjvZ
Wk9N1Ez4/wkC5OU6c+KRj/R6HCpKtq990ru2yTdaKgDi9ZWCxnr60OZQ8z+lBS+b
z6JwiNJfeZFZuZ4ek7XSPWKFItrWtRFi593vUOcoHHkLas6mAunzah8hFxXt1gK5
gIuBWvBhec3FnMgphFwuuDWI8gk/BycYgUqjdhn3R8I8JIZ3fKO2RjfWukFGC4fI
6CNy87eq34zDdEOcleDF3Xz0jvFW8fcMNOEgy9gFdQ4AwWyOa6alfDhGJcGRBjGW
7Rfdso1VsLaFWhAHfzm3X9wwHkhrQXpwQtoXix+LxBUnAOby9XgKpG6AuQ1JJxt5
VAMrumNseuwsOsX2CLA4ikGvgzF2ldt/I2DsKTo1HaMsYI5+gbR3UeddiAI8JBfJ
60lo7boL64GR9E8F
=h16f
-END PGP SIGNATURE-

Accepted t-digest 1:3.0-2 (source) into unstable

[tony mancill]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 27 May 2019 21:23:15 -0700
Source: t-digest
Architecture: source
Version: 1:3.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers 

Changed-By: tony mancill 
Closes: 929618
Changes:
 t-digest (1:3.0-2) unstable; urgency=medium
 .
   [ tony mancill ]
   * Bump debian revision to avoid reuse of 3.0-1 (Closes: #929618)
   * Update Vcs URLs to point to Salsa
   * Add a human maintainer (myself) to Uploaders
   * Drop get-orig-source target from debian/rules
   * Bump Standards-Version to 4.3.0
   * Use debhelper 12 and dh sequencer; drop cdbs build-dep
 .
   [ Hilko Bengen ]
   * Remove myself from Uploaders
Checksums-Sha1:
 0b663a9355d02a21aba1f8210f46edad3d874c83 2122 t-digest_3.0-2.dsc
 7f21a6ad5787de14fc6ba523d51e751856ad1a69 3196 t-digest_3.0-2.debian.tar.xz
 10ddae1e87ed03a88af9f0ac522145a649fd9f13 13664 t-digest_3.0-2_amd64.buildinfo
Checksums-Sha256:
 44ecbfe1bc5b566e55327c40fa8b6335dcaace0e13ebed6b059c4f33848420c6 2122 
t-digest_3.0-2.dsc
 bfdc56f78190c181138610160f44e00d7e0a29ad519dff686a06ed49ea187671 3196 
t-digest_3.0-2.debian.tar.xz
 50c47368fd7e96871b5a3608008823f6276538c3deebf60ae838eddf44ab9b29 13664 
t-digest_3.0-2_amd64.buildinfo
Files:
 777068173143ddbbc2fd20a2ae86de82 2122 java optional t-digest_3.0-2.dsc
 1de01215035ad5f0195696faefb3d8fc 3196 java optional 
t-digest_3.0-2.debian.tar.xz
 5b9a641dc689eb79e08cdc53fad8ec3b 13664 java optional 
t-digest_3.0-2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJIBAEBCgAyFiEE5Qr9Va3SequXFjqLIdIFiZdLPpYFAlzswKIUHHRtYW5jaWxs
QGRlYmlhbi5vcmcACgkQIdIFiZdLPpaOhxAAq25OAJr9b/NLHH06GXsBJ8t53R3C
TqpFaGnU5JOQ2+FlGAYM/pdjLqZm1oT1sBw8ttqhRmelSi+YUpYj8IotXU6RfeLd
IkhQfLDn/IzqB8Ub/tja0ZDI6VrnquN1I3QR9vOWFTbsZuF9vYGK/4Gk2eJCHF+x
AnZebe+XAdnYbobN6egdADqe0UENgm8S9h0aGrohIR50jJ8Q7Dd23FXJkQWqHkHm
big1d9S5/oVlrrrhn60+R/PREfzn5bVpVHT2SerUAWWyD3Va+xY5n4JXlSQnJtYr
w6qqNlkxe5zv2Zqzvxr82G15ffIEv6iAaDayNOURFutGTeNX81FUzZ7ZAwaWvW8r
UJc2PHNdP6Nf7i0HTfVqS71WxUVBX5BWPqZB2d1jIba1uv6L1rNLoPg9TGhdEvQT
8nB4Mz5Jq8HPdxuRiBLocNpWZU7EbdZwz++UYocQ4HJlyGluUqsYkcVrPcdG/tQm
ygiS5LC8A+BmEyWMRVu7grGn++CLGEPoZRXBMU1YOwUVXJZghL7Yhq/YEgmk58kB
fxAkPrlDvYBX+JotRmXYm1BX4L5ARz5zXikNG/jIFgMEEkjYq3NA+0UczYtrhn1t
vuWVJrtzCVALV+ua/PsdqzYnEYTH/oAAXIgQZFL8AD/F1755IoCL6dFoVJHjRUgV
Lph2wIgBsYhx7uQ=
=wcHY
-END PGP SIGNATURE-

Re: Difficult Packaging Practices

[Vincent Bernat]

 ❦ 28 mai 2019 08:59 +08, Paul Wise :

>> People using tools like fpm will never get familiar with our tools and
>> will never be contributors.
>
> I enjoyed your blog post about pragmatic packaging using Debian's
> tools instead of fpm, it seems like a good approach if one is
> committed to using Debian, especially since it allows for incremental
> improvement towards a package that could even enter Debian.
>
> https://vincent.bernat.ch/en/blog/2019-pragmatic-debian-packaging
>
> OTOH I get the feeling that most FLOSS upstreams are interested in
> cross-OS and cross-distro packaging rather than Debian-specific
> packaging. I don't have a good feeling for how "sticky" OS/distro
> choices are for folks who are building non-FLOSS services on top of
> FLOSS distros.

Yes, upstreams are more likely to prefer one tool. However, if you
contribute a native implementation that works accross the same set of
Debian-derivative distributions, in my experience, they are usually
eager to accept it it stays simple enough to not be a maintenance
burden. Of course, it helps if they didn't start with fpm.
-- 
Make sure your code "does nothing" gracefully.
- The Elements of Programming Style (Kernighan & Plauger)


signature.asc
Description: PGP signature

Accepted raqm 0.7.0-1 (source) into experimental

[Ahmed El-Mahmoudy]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 28 May 2019 05:02:33 +0200
Source: raqm
Binary: libraqm0 libraqm-dev
Architecture: source
Version: 0.7.0-1
Distribution: experimental
Urgency: medium
Maintainer: أحمد المحمودي (Ahmed El-Mahmoudy) 

Changed-By: أحمد المحمودي (Ahmed El-Mahmoudy) 

Description:
 libraqm-dev - Development files for Raqm library
 libraqm0   - Library for complex text layout
Changes:
 raqm (0.7.0-1) experimental; urgency=medium
 .
   * New upstream version 0.7.0
   * Remove gbp.conf
   * Update symbols file
   * Print Raqm version string in build test
   * Install complete include/ & pkgconfig/ folders in -dev package
   * Add Build-Depends-Package field to symbols file
Checksums-Sha1:
 cd88235ba60449ad4292d59a632d1e3e1321aa25 1630 raqm_0.7.0-1.dsc
 47ec51ce4567d4af828c90100f771f3de75f4ed9 683634 raqm_0.7.0.orig.tar.gz
 6d1704bef4ae0ebf0e6cc4ae6e85413df92ef1db 3336 raqm_0.7.0-1.debian.tar.xz
 39628f826c6d2f1a143b0a90e36b8cfe5df8a99f 5754 raqm_0.7.0-1_source.buildinfo
Checksums-Sha256:
 117bcd5c5a64d6fc751f1d7cb93e9c9a208a47d98783932b29acbd4b289d4e33 1630 
raqm_0.7.0-1.dsc
 e28575ecdd4e8a1d277d9be8268bb663ce1e476aaf55eb0456787821ddf0f941 683634 
raqm_0.7.0.orig.tar.gz
 585a15eb9695e1cafea294dcc8371d217db6c386fc50483e3b37fbcb50c286ca 3336 
raqm_0.7.0-1.debian.tar.xz
 96494e3b0af13503a5d128f4e4ae36110ba6c6f67b3b2b3437736064011470be 5754 
raqm_0.7.0-1_source.buildinfo
Files:
 0bb9ad83aca61053bad6f404342b67b4 1630 libs optional raqm_0.7.0-1.dsc
 d75dbe365fabebd053a9aecfc3d9e09f 683634 libs optional raqm_0.7.0.orig.tar.gz
 60b8e80401ae7b5434716b2d25e0272a 3336 libs optional raqm_0.7.0-1.debian.tar.xz
 c8e1efc61d5455cc9a37e68f83a791e5 5754 libs optional 
raqm_0.7.0-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQEcBAEBCgAGBQJc7KTtAAoJELwZapTt3aG3bmUH/jwmdpv3CrAjo553NeLq4Tcy
eD7oy439mBL0Uw2Vyf0h6obvX1vYqMZxVpIzStybgoAmVWMozdUU+QEfSDYZyesH
WdKaMGPbQPkSDDNAHMlEK5e9Kw4h+/SmhMVJAbzqSmis7PfACU58+WYCvFtrkNF/
mf7FhhDuZF5Omyie8QNoyOO7KPIQl3sl2aVAg3egRZ8s12YUhW0o/lCFaYuBGwqi
a+2Jb7/5sqmd/UsDQ7SfMxkavd74zadZlLqTGBgW1UHTbK1EhJf0xfLbrxaD9JeK
9UCIwUUZulvXixfQStGxqV7WiL+fEXmfaS0wklcYoqo+c9P5JPp69ZArMzBXpTo=
=bj3P
-END PGP SIGNATURE-

Re: Difficult Packaging Practices

[Paul Wise]

On Mon, May 27, 2019 at 2:52 PM Vincent Bernat wrote:

> People using tools like fpm will never get familiar with our tools and
> will never be contributors.

I enjoyed your blog post about pragmatic packaging using Debian's
tools instead of fpm, it seems like a good approach if one is
committed to using Debian, especially since it allows for incremental
improvement towards a package that could even enter Debian.

https://vincent.bernat.ch/en/blog/2019-pragmatic-debian-packaging

OTOH I get the feeling that most FLOSS upstreams are interested in
cross-OS and cross-distro packaging rather than Debian-specific
packaging. I don't have a good feeling for how "sticky" OS/distro
choices are for folks who are building non-FLOSS services on top of
FLOSS distros.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Accepted dot-forward 1:0.71-5 (source) into unstable

[Andreas Beckmann]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 28 May 2019 01:50:05 +0200
Source: dot-forward
Architecture: source
Version: 1:0.71-5
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group 
Changed-By: Andreas Beckmann 
Changes:
 dot-forward (1:0.71-5) unstable; urgency=medium
 .
   * QA upload.
   * Bump version to 1:0.71-5 to not reuse a version number that was used
 before the epoch was added (last pre-epoch upload was 0.71-4). This avoids
 clashes on filenames in the archive (versions in filenames don't include
 the epoch).
Checksums-Sha1:
 16ec683b2f3cf15f5bf9009c7f982ed6986516f1 1897 dot-forward_0.71-5.dsc
 b2b7615f3e6aa38ce02b87ab3051e5f622da073a 4148 dot-forward_0.71-5.debian.tar.xz
 24af796ee4b5db3151286e2fe957231adf827da8 5019 
dot-forward_0.71-5_source.buildinfo
Checksums-Sha256:
 bd5ecf8f53135be10008fb254b13c8c259e423bcdfbc9ce4a06a4045f262b736 1897 
dot-forward_0.71-5.dsc
 152bbedbae4f91e4290f6aa4e59e770dafab7dfad5cb186073b27f30b4ac557c 4148 
dot-forward_0.71-5.debian.tar.xz
 056871aa42d6f6bde48dcd33ba9119a17807d87b7e261f2beea2b9739cbaf0a5 5019 
dot-forward_0.71-5_source.buildinfo
Files:
 a2cd56ef3f88cb04cd11c3c4d75146a9 1897 mail optional dot-forward_0.71-5.dsc
 d01928fa2663a674b22ba98c5d92f532 4148 mail optional 
dot-forward_0.71-5.debian.tar.xz
 db60b2cedc75b3c3771d0e9b5fc18b1b 5019 mail optional 
dot-forward_0.71-5_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAlzseH0QHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCFzWD/4uVxEJkYBwxKnDMjgNsG/EKAvRxj+pA8mA
jh29lnmUknHuLZBFV9IJa4bivK2Y3L38NyBKjvS0WSt9DlDvaTATVzl+nq2nyG+U
U0o3d4GstI67HBg2QTdp8JkZRD7Rsu/RvuPc487o0uvzwtvCARu4fUtbay3Woo2M
6c7t0HaPCihqA7/TxwsTMSP2qw4PpmV+xdfKTfuPK88IAkP1TINeGlrAAl0RiO07
5abxzMUBH/mkubzn44VQG35egVNORk06R1QrzVfT5go20MCk+6H7o1q/xowcYdM/
BGJuR0vPD9xov25SQiV5niv+76psYS96qhCe/rZIJuScPRnSMJJ4xgdrv1RWFj6+
4bzi4L+eiQqn6pFrYXcDyvrLA+3alWZQL2nECaT/Bf4VrWGzQ7trzBXeZOod1rQw
74Ojh+22zLHL3lDrxCgqq8qnqLmMeOaIo0wzv2NZV0OZX6E7uyocTXnIXFZlRATy
rneeUiKFVptUwxhT0jQ/DpS4zwepjJ4lduKPtIDFLliO4rYhS75/JboxUW+6hjSh
XCkDtk5kj5xH7k/tOnqfK78ghQEVy9jJvyiF5BXIlvg0ojBV4ausXmo2DuRkpVub
O1WGVbdrMgN9GBNvWct2MbAUz87G+YylWAssdCNtDn2E7k0dUWZ8RleDFpZtjCld
duvn7eaI9Q==
=Lu7q
-END PGP SIGNATURE-

Some questions about DD status and salsa

[MENGUAL Jean-Philippe]

Hi,

I am happy with being now a non-uploading DD. And I dont know where to
ask, sorry for the noise.

For non-uploading DD, is a salsa account created? I tried to auth with
it, but not possible, then to reset the passwd, but I dont rceive mail
to do it on @debian.org.

Thanks for your help

Regards


   
-- 
signature_jp_2
Logo Hypra  JEAN-PHILIPPE MENGUAL
DIRECTEUR TECHNIQUE ET QUALITÉ
102, rue des poissonniers, 75018, Paris
Tel : +331 84 73 06 61  Mob : +336 76 34 93 37

jpmeng...@hypra.fr 
www.hypra.fr 
Facebook Hypra  Twitter Hypra
 Linkedin Jean-Philippe

Accepted plinth 19.8 (source) into experimental

[James Valleroy]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 27 May 2019 18:11:25 -0400
Source: plinth
Architecture: source
Version: 19.8
Distribution: experimental
Urgency: medium
Maintainer: FreedomBox packaging team 

Changed-By: James Valleroy 
Changes:
 plinth (19.8) experimental; urgency=medium
 .
   [ Pavel Borecki ]
   * Translated using Weblate (Czech)
 .
   [ Allan Nordhøy ]
   * Translated using Weblate (Norwegian Bokmål)
 .
   [ Sunil Mohan Adapa ]
   * i2p: Update SVG logo with standard units, size and margins
   * HACKING: Add guidelines for creating new icons
   * icons: Add new SVG icons for all apps
   * icons: Add license information for SVG icons
   * templates: Use SVG icons for apps page and shortcuts
   * icons: Ensure SVG presence for all non-app icons
   * icons: Update copyright information remaining icons
   * doc: Update the correct license for documentation
   * apache: Serve SVG files compressed using gzip
 .
   [ Doma Gergő ]
   * Translated using Weblate (Hungarian)
 .
   [ ssantos ]
   * Translated using Weblate (German)
 .
   [ Mesut Akcan ]
   * Translated using Weblate (Turkish)
 .
   [ ventolinmono ]
   * Translated using Weblate (Spanish)
 .
   [ Petter Reinholdtsen ]
   * Translated using Weblate (Norwegian Bokmål)
 .
   [ James Valleroy ]
   * locate: Update translation strings
   * doc: Fetch latest manual
   * debian: Remove duplicate priority field
   * doc: Remove unused duplicate image
Checksums-Sha1:
 2121abeb6e993d941e7b8ca825177a7a1be6af26 2520 plinth_19.8.dsc
 c4f39ceb213abb3483eef8cc4aabeb093da74941 19914216 plinth_19.8.tar.xz
 73ccae5b24944d0436169587b70ed30f83b5524d 13085 plinth_19.8_amd64.buildinfo
Checksums-Sha256:
 fc85a9df3a2f0cb4ab3401afa9c7caedba1fb1ef55d46e2928829610495d5fee 2520 
plinth_19.8.dsc
 0e55447da8daa00712d7ff87bb862a699c7bd75089cd5daf89e737dfd35469ed 19914216 
plinth_19.8.tar.xz
 0a763150c56631b07e6e6c4c8421ba772de1df968e57c1a36d520af8414b7ca0 13085 
plinth_19.8_amd64.buildinfo
Files:
 0c4662463b98fea52fe25c006e5dadf6 2520 web optional plinth_19.8.dsc
 6915b56f3aa7e95e1bec6be99d866521 19914216 web optional plinth_19.8.tar.xz
 165322a7042509372ff2e6a8e7aaeab7 13085 web optional plinth_19.8_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJKBAEBCgA0FiEEfWrbdQ+RCFWJSEvmd8DHXntlCAgFAlzsaBkWHGp2YWxsZXJv
eUBtYWlsYm94Lm9yZwAKCRB3wMdee2UICGgeD/4kMH3Sz7UEK+Fpq3QjgYY40NCe
PEVXZz7+QmrU53oL7ORiZNo4rdboRTF0yEq0WXPRCFF6e6bSuBaAMOHJrM+Nj5uV
1kCa5RRIrB4nGyh338BfJ6frboHrXjjAVD5/SwSyOxciGIPWyGAEgw0lLQxbxZWo
PL4dyubVul9pqr7Bo1+S5Ijtw2hdtNZCYMa/CWfT1Lvpc6VtbC6JkENjpTzTCRFA
Is/wBNd7NWxJ1SDkjrCdwnt427BPI9H0RhObeQLWS+eUyWZlyUe6EmEKSMm1wmAy
LuYIudbWOytCkBJWmNWwxOtKoi/xtyf0Y9eobI3sWBP7CoHjl/39J/LKmlMfyuJX
2XjJxTgWjgHaG4D1nbuKD91Qb1qLSBN0FKRK/+vx7qt4j/JauhVL+6To1PGnNRMk
MiYURX5YNi+ecz8WVLgh8YsrMrbwpF7mCEpa5/zXa0jD8AHpHIDvEbR4aOzOf7st
p0QcyatreoVmg8UkIbbl+8OIjzheQJJq3Srn9U1tSfj+0Jgu1FHlk/xN5yOCe5n3
KtvwRXToW4T1vWyCj0JMBkPfeqYol3fqWrat2Ca/iTqE1DqUl8ChrWCMBq6ybD3s
NH0k8nQC7dLbGIYaJr0xgM4XgSXFR0C+ln4onwFP1LLDqaGi2YFaNvIJ63y6Eday
o5bZgv5F9ha9as92Dw==
=IpZ2
-END PGP SIGNATURE-

Accepted daisy-player 11.7-1 (source) into experimental

[Samuel Thibault]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 27 May 2019 23:47:11 +0200
Source: daisy-player
Binary: daisy-player daisy-player-dbgsym
Architecture: source
Version: 11.7-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Accessibility Team 
Changed-By: Samuel Thibault 
Description:
 daisy-player - player for DAISY Digital Talking Books
Changes:
 daisy-player (11.7-1) experimental; urgency=medium
 .
   * New upstream release.
Checksums-Sha1:
 a348e0c06b7d22bab8d5221fd62acdb97d94d6cb 2413 daisy-player_11.7-1.dsc
 f3ed8d93df6a5fad354da1a71779a7cc9d6b772a 973512 daisy-player_11.7.orig.tar.gz
 1519efc2b4f68fc8812a27ea4dbfdc5c997953d3 488 daisy-player_11.7.orig.tar.gz.asc
 38c3b1dcd3995ebe6618ba3b062e5a4553efef5b 10244 
daisy-player_11.7-1.debian.tar.xz
Checksums-Sha256:
 5d679a5a8db584f1b86f9675b283a7ce402651bb01a510e2ba2bce4d2597a792 2413 
daisy-player_11.7-1.dsc
 ac2f525086d60a7d26b5e6a57624775efe9ddf248a84363e2b0b3fe4b14bd898 973512 
daisy-player_11.7.orig.tar.gz
 b015258ab3128e518702f5208b509d6bd6b88fd0f939ce343653621fb1f67fca 488 
daisy-player_11.7.orig.tar.gz.asc
 7c72892de6312853b1701ca36a40a9fc65598eae8d3d1e245b5b3df09b336d51 10244 
daisy-player_11.7-1.debian.tar.xz
Files:
 58b08670a0067878273a3b9287ce4b28 2413 sound optional daisy-player_11.7-1.dsc
 e777437fc9e3028f9ef036544033c54b 973512 sound optional 
daisy-player_11.7.orig.tar.gz
 652c78e86db61cdb70f10e651317d8f3 488 sound optional 
daisy-player_11.7.orig.tar.gz.asc
 1ccabb110c31eff45d47a64e0afa4d21 10244 sound optional 
daisy-player_11.7-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEM/p7ZGGVAfjOnI+X4/ZanpVg20wFAlzsXO4ACgkQ4/ZanpVg
20wWEQ/9EvQvWV2l5m44hNBLdUAs3G1jB+lTRl4y6rEOmzIDEnd+U2wpIUSxPT5X
t6I5r9khReYPCowVFE+Sb7DT8lKYm4XeO11XlY0HWgCOVDbvyT5451o9/g/74DBE
bVcaZaKTVTEAOyT1HtRkEvK9rLcaw/HDpTZhTcVmJY0A2+ZMQiOLKjPhK7rW4B9d
x69JVgrho7dX/GQl8UVm0Far5NIUDYatgATiXpoOzjn25q1iBi1pIZoSLn0EP5Lk
rVgVSGbpGbOgbGgLu3Ots1YdSy075rkhu+yeID2Q0enXjrNUkM4zIFLvknqhJpV1
z8gcKB14fVSLwmDin0ASY5eeU6YZ1ZO/JfbxPvnwFK4fDNjcroUEOjqbCT+94Yvb
Xb1/ToayHjKjFYUFN7zr0U6wxEfy5BKmNbfjfEVAJp4SJ3b3Z12OH9m7uLHzWTNf
2ppAOqqe8bolJN/IHZuYlm8Mn2DYOG4np5DHf8byEeGOY002/mT+ATDpw8n4lkax
3NQ2mivlglNMcRqDVCHnqYKeVoJXN+pdF6MpVbmsParyfTzQMFNJEdVN7tmyaPSC
DZxOg4Ap7nDuQpm8Pb6TLnidT3BRCzv//D6ZEqQqvs5iRt7w8Px2MAQoBSQhAU1o
5QDqbtaVdDoCiFrDzhYt4xDw3UeVeaOZCvoeOI7TgOKfGuS+n4A=
=NIVC
-END PGP SIGNATURE-

Accepted telegram-desktop 1.7.0-1 (source) into experimental

[Nicholas Guriev]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 27 May 2019 23:16:58 +0300
Source: telegram-desktop
Architecture: source
Version: 1.7.0-1
Distribution: experimental
Urgency: medium
Maintainer: Nicholas Guriev 
Changed-By: Nicholas Guriev 
Changes:
 telegram-desktop (1.7.0-1) experimental; urgency=medium
 .
   * New upstream version.
   * Update crl subproject to commit 84072fb.
   * Update patches:
  - Remove the -flto compiler flag.
  - Add Do-not-sync-wallpaper.patch.
Checksums-Sha1:
 31391c9e274bea18511a577f74dc704c6defbcd1 2469 telegram-desktop_1.7.0-1.dsc
 1ee737986ad64fa40fd70f085a3c95747360604c 14327246 
telegram-desktop_1.7.0.orig.tar.gz
 5fcc991ead13cb5857016bd83382e1937b0de681 33964 
telegram-desktop_1.7.0-1.debian.tar.xz
 763c0cbc78f95952af631578435c222e95a3eab3 18447 
telegram-desktop_1.7.0-1_amd64.buildinfo
Checksums-Sha256:
 4976cdf367b84ae54b5af411ac82c9dc7e134a95ad7823f8e83b977a43da5097 2469 
telegram-desktop_1.7.0-1.dsc
 3be1f6979da9dd0061f27ad5082f96633a4dfde078b1406554b13d5e9674a8bb 14327246 
telegram-desktop_1.7.0.orig.tar.gz
 080f8bdeeb8ae87eb67123aca8bd2cbcc9e1a109189c6108c4811ca6ea8d990f 33964 
telegram-desktop_1.7.0-1.debian.tar.xz
 1d4560fd6e891e2409d1d78ba106ac21566c2396aa4f2d7cec1e6d8d0dd6eee0 18447 
telegram-desktop_1.7.0-1_amd64.buildinfo
Files:
 385e32476acf789af44021b8e232 2469 net optional telegram-desktop_1.7.0-1.dsc
 c5160817afb3acb53d65f3dd03108b07 14327246 net optional 
telegram-desktop_1.7.0.orig.tar.gz
 6378e2ff41e7ecd679630c0ef340acf5 33964 net optional 
telegram-desktop_1.7.0-1.debian.tar.xz
 d1fb9852818ef15af0f957bdd04df7e5 18447 net optional 
telegram-desktop_1.7.0-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAlzsVtUACgkQCBa54Yx2
K627tA/+KrpDKxJsSQtMJKb4brhMnXxgf/0L6esIQACaum9QVhl0oJskeT40srwg
k8YKGPAw48BTFyTu4RealDKWtfig5sCuSE7Moodz9bvFr34DgRACxsJHBomrKLpO
zFVdr4Rog4AaamJzFvXbYKtUBxzB5z7Yv9DbVjSjH9lcngc2WkwaVQ92JN0IMqfn
OxvumYAVRbG4IrrhihiJU+t/Wg4ySKXTfDC6f9HUPSMgasACerr/QicPsCIbALLw
ST3FEydnA75eNsbdDWxgGqYGgYqBdrExC8yk8759YPbQPc0zNkxuCh1YUFhRsaoJ
lbCcMqY4Ks0W8+eYhz0E2eVlcFbykgdKkklD1RC237M82wF1twav9tcB+YsKbaOt
hUpUKUNCBOpNkyZzGx8/0kONl9i7NkzRISeK/1wSs1S1rQ51QcGmEi5Ul3FXN+qg
nSt3TrEDI1f+QPtr+t2MftHjSY2ziausRWCLSTWIEEGc/QS9iBHqzLm6uAjgN3Of
HIh83kxeAsO/TNKs94cT44yxaHX7qEWfQJlz3sjOrFVSEW7yvxg8KHtG91OOUQKB
pRVg66qDwq83XETf6j7y/mv6+msl93VFymsIsu1YzqMcmQIR/zwpnccHkW5de8AC
eFGIPWfsmduYu8Y7lokRuAyfUZ8aUAhO5I7RqN8i7/FR0KgTN2w=
=CZ/Q
-END PGP SIGNATURE-

Accepted gcc-snapshot 1:20190527-1 (source) into unstable

[Matthias Klose]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 27 May 2019 23:25:34 +0200
Source: gcc-snapshot
Architecture: source
Version: 1:20190527-1
Distribution: unstable
Urgency: medium
Maintainer: Debian GCC Maintainers 
Changed-By: Matthias Klose 
Changes:
 gcc-snapshot (1:20190527-1) unstable; urgency=medium
 .
   * Snapshot, taken from the trunk (20190527, r271670).
Checksums-Sha1:
 bb59331385e27a9ffa681efd8af1da30494776ce 11708 gcc-snapshot_20190527-1.dsc
 af56afec3b12c22114467a0779c7b981f88acf64 66900864 
gcc-snapshot_20190527.orig.tar.gz
 9f36c7bf0aaebe035bce916dbfe782c337928f20 4867903 
gcc-snapshot_20190527-1.diff.gz
 a4e22b3fdf756b2ff689693d3bf943bb132fd24f 8681 
gcc-snapshot_20190527-1_source.buildinfo
Checksums-Sha256:
 afb4188db2d5b976cc20cf091ec4e8cdf230caa03da1ff5da51c48e7516a 11708 
gcc-snapshot_20190527-1.dsc
 14230c22b102a26ccc51169bd601372a2111f0d3ef4c7fa4c6cb56eef6bd 66900864 
gcc-snapshot_20190527.orig.tar.gz
 db12824df144df438508e0d1959f7efe0ee5427c0dcb8e9e7e083a0e4fdc 4867903 
gcc-snapshot_20190527-1.diff.gz
 42cdd8667b8cf98f274b867184ae6968aed923bed1a382dff8707a9e33271d70 8681 
gcc-snapshot_20190527-1_source.buildinfo
Files:
 da699497dbeff308cf4dd2196bf22f23 11708 devel optional 
gcc-snapshot_20190527-1.dsc
 1360c79442f5eed9904a38159c095003 66900864 devel optional 
gcc-snapshot_20190527.orig.tar.gz
 5e4e92eca6587e852518af86a24e4d6f 4867903 devel optional 
gcc-snapshot_20190527-1.diff.gz
 c16eedc85394324182378d0b0becc880 8681 devel optional 
gcc-snapshot_20190527-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAlzsWFgQHGRva29AZGVi
aWFuLm9yZwAKCRC9fqpgd4+m9cadD/wMhdRQzTIOFOVM55qHzKd0rKfYrDFXfoly
xDN7VcmW+d/BUgaQ1WVs2fBrNsH6S7Wvzw3RXeELeEwAKuCHOraeQNtEKr4WciLT
qwQzVbkZ5pGBiMn5fxy2oWHotE9rg/1Hm26uJl0GQku8xz25OKMXADCKTYR3Id/c
SpQz4fWrpGnyzM39NVc0IiT2W0lIjSZ+Lkqzu7GztqmXx9sgFcJpLHOQTYtKvVIC
dYz0XRE3SE0v8hPwf23jF98IpTs6evXdkuUVuymD7qWOuzxnhcEHbpYHoNN2fmv4
CKv2pT97Si+5/nYaHLzbdT2iBpwdoYzgCMbGxUo/qdF+S0vzBeY7XZvKYVfexz65
I3+HQV5QLAGOdZ5ppevp28E0Pxv04YJIuPiTxT6tStXrdu5T9dP9R5PmzWXiczbF
wvTstZfX6X6zraCX4xherPygHYN7i1BDt/WmlQf6BdCfMIW7F1AVfso4SQfpPyqE
XFVMUUaJhYYp1PyNzLpU7LTbo+FQJq49yi6T6DHbeobj4SbHX/2geYpFUwuO1PIl
031p1h7zvOc328mMwMtU48wG+VfXn/BrI/EyjZ7wPCVMKzf6Qe85vc/A7FB+Cg9Q
PcOw6807m84oIpvAZ5HOUFUcR2WWh1A130/YoEd693dycfHsB5LXy4Rg0a/nskqE
BB6jy5hGvw==
=7286
-END PGP SIGNATURE-

Accepted poppler 0.71.0-5 (source amd64 all) into unstable

[Moritz Muehlenhoff]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 27 May 2019 22:51:48 +0200
Source: poppler
Binary: gir1.2-poppler-0.18 libpoppler-cpp-dev libpoppler-cpp0v5 
libpoppler-cpp0v5-dbgsym libpoppler-dev libpoppler-glib-dev libpoppler-glib-doc 
libpoppler-glib8 libpoppler-glib8-dbgsym libpoppler-private-dev 
libpoppler-qt5-1 libpoppler-qt5-1-dbgsym libpoppler-qt5-dev libpoppler82 
libpoppler82-dbgsym poppler-utils poppler-utils-dbgsym
Architecture: source amd64 all
Version: 0.71.0-5
Distribution: unstable
Urgency: medium
Maintainer: Debian freedesktop.org maintainers 

Changed-By: Moritz Muehlenhoff 
Description:
 gir1.2-poppler-0.18 - GObject introspection data for poppler-glib
 libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface)
 libpoppler-cpp0v5 - PDF rendering library (CPP shared library)
 libpoppler-dev - PDF rendering library -- development files
 libpoppler-glib-dev - PDF rendering library -- development files (GLib 
interface)
 libpoppler-glib-doc - PDF rendering library -- documentation for the GLib 
interface
 libpoppler-glib8 - PDF rendering library (GLib-based shared library)
 libpoppler-private-dev - PDF rendering library -- private development files
 libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library)
 libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 
interface)
 libpoppler82 - PDF rendering library
 poppler-utils - PDF utilities (based on Poppler)
Closes: 926530 929423
Changes:
 poppler (0.71.0-5) unstable; urgency=medium
 .
   * CVE-2018-10872 (Closes: #926530)
   * CVE-2019-12293 (Closes: #929423)
Checksums-Sha1:
 ef0f005b6a4beca7881d91ec31f7442c2f27e71d 3290 poppler_0.71.0-5.dsc
 aa9a1bdeaa67c62bf25dea1b11f2b46abc3b9559 39792 poppler_0.71.0-5.debian.tar.xz
 263f0ee515ccdc084b3ab79d13b7a7f7518beabc 38056 
gir1.2-poppler-0.18_0.71.0-5_amd64.deb
 0a36abb081a395d3cf0d2e5d73851ce28ba5c1c0 28520 
libpoppler-cpp-dev_0.71.0-5_amd64.deb
 646f6ba5981d396c81d7c8b99c3c8467b4f55210 805160 
libpoppler-cpp0v5-dbgsym_0.71.0-5_amd64.deb
 e0f0e4224ab3dbf1a2ae7be563f4f43bcac7931b 52480 
libpoppler-cpp0v5_0.71.0-5_amd64.deb
 1a2978a70b7269d17635fac2408f5ff83ec01e50 23736 
libpoppler-dev_0.71.0-5_amd64.deb
 964896c5c6368f603bcfc19aeed6315422e97292 68516 
libpoppler-glib-dev_0.71.0-5_amd64.deb
 da5c55210307274b0b95b24be87e48138770a806 91528 
libpoppler-glib-doc_0.71.0-5_all.deb
 c5222b9b66f3ef507fc75a0737ae38746aab294e 1686332 
libpoppler-glib8-dbgsym_0.71.0-5_amd64.deb
 b5cc1b638909a61a64192d148ed4821efabb885a 124688 
libpoppler-glib8_0.71.0-5_amd64.deb
 3df508a8b67e50797c42ea6cf3a192772bcae7cd 187440 
libpoppler-private-dev_0.71.0-5_amd64.deb
 49e83fe120cc0aed9e4ed8a2b4b57b75a608ca81 4290056 
libpoppler-qt5-1-dbgsym_0.71.0-5_amd64.deb
 bc7d6bbdd8e4da140cbd989554aa5b09cb0120cf 157648 
libpoppler-qt5-1_0.71.0-5_amd64.deb
 a15942b087dd72f115922d4aa4c7261af3b524f8 52000 
libpoppler-qt5-dev_0.71.0-5_amd64.deb
 df87dc4cc706abff1178d5dd519b1ee231002929 7751808 
libpoppler82-dbgsym_0.71.0-5_amd64.deb
 bd003bafe34e4865e5175e0b5c0b9bf600171112 1506548 
libpoppler82_0.71.0-5_amd64.deb
 14ddc9b984a9882626d6222f02983388faa85561 2942836 
poppler-utils-dbgsym_0.71.0-5_amd64.deb
 66733055a7ec6b2d80e36ed6520486d6bf1eb56e 184268 
poppler-utils_0.71.0-5_amd64.deb
 d4bd80b80cefddeb0b384fc538b11898a4358466 18368 poppler_0.71.0-5_amd64.buildinfo
Checksums-Sha256:
 4d6ade0a08aea864c8f5beb1e621cf04b68237064352b7dc4162a75abb45866e 3290 
poppler_0.71.0-5.dsc
 0e70d8bcd9deb7ff07e998aa5541ea6a95ade8fd1aac9bdbdae02a0585eb6757 39792 
poppler_0.71.0-5.debian.tar.xz
 dd153f088010b87ca850ccb0724a61cfb848328f82b2606a628071e6549bad87 38056 
gir1.2-poppler-0.18_0.71.0-5_amd64.deb
 843f86986bbdfb0b184b8d2648c65e1af347907bd021d351fbd30c520c09cc00 28520 
libpoppler-cpp-dev_0.71.0-5_amd64.deb
 995fb3158da493f1822a3aabd12d8c5cb968558a094680a998bcfd424cdea32b 805160 
libpoppler-cpp0v5-dbgsym_0.71.0-5_amd64.deb
 f306ae1b40f0e45ecf2f010f2db3eb48fadc689da19ac454773bfc16e28fcde7 52480 
libpoppler-cpp0v5_0.71.0-5_amd64.deb
 8d751677c2b27d4bbb228d0935bf9959f4c7b9bc6bd9b124a22e4c1c9789b802 23736 
libpoppler-dev_0.71.0-5_amd64.deb
 41bd2dd0af3a2577dd98912f7af5c07e3fdbebd59f894d8a9d6ab8f87058964c 68516 
libpoppler-glib-dev_0.71.0-5_amd64.deb
 dfb3d6df288d2e52ab8ca5921f60b6290637566342cbea7dc896cce45fe9353c 91528 
libpoppler-glib-doc_0.71.0-5_all.deb
 160f89281ece885eb8f53f7512fafccfebb5290e9b17bb367e3696fbefe8c5f5 1686332 
libpoppler-glib8-dbgsym_0.71.0-5_amd64.deb
 3a63046ec519b8cf326a29e4fa95ff33e5c0f252953df212ffad871a58e4a024 124688 
libpoppler-glib8_0.71.0-5_amd64.deb
 7c0325ef0e60845f5c42f6fcfbbd30c150de97fbc8327d1cf632d0adf309f95a 187440 
libpoppler-private-dev_0.71.0-5_amd64.deb
 fa6c4aeffbc6602cde85d2030937fad08df16ee85a3f2363610e236e3f611ca6 4290056 
libpoppler-qt5-1-dbgsym_0.71.0-5_amd64.deb
 a6c5f9fe56baadb5c0c75dbec1e8f893244a0b0feea4c2ae70eda773af70bb43 157648 
libpoppler-qt5-1_0.71.0-5_amd64.deb
 f0a7a58f823b5a5fc5b09ba28b5602b6230902cae7c0d9c34e035ece5ef05539 

Accepted openjdk-8 8u212-b03-1 (source) into unstable

[Matthias Klose]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 29 Apr 2019 14:51:40 +0200
Source: openjdk-8
Architecture: source
Version: 8u212-b03-1
Distribution: unstable
Urgency: medium
Maintainer: OpenJDK Team 
Changed-By: Matthias Klose 
Closes: 922757 925407
Changes:
 openjdk-8 (8u212-b03-1) unstable; urgency=medium
 .
   [ Matthias Klose ]
   * Configure --with-vendor-name.
   * 8221355: Fix performance regression after JDK-8155635 backport into 8u.
 .
   [ Tiago Stürmer Daitx ]
   * Update to 8u212-b03. LP: #1826001.
   * Security fixes:
 - S8211936, CVE-2019-2602: Better String parsing.
 - S8218453, CVE-2019-2684: More dynamic RMI interactions.
 - S8219066, CVE-2019-2698: Fuzzing TrueType fonts: setCurrGlyphID().
   * Revert to GTK2 as default since GTK3 still has padding and component
 issues:
 - debian/rules: always Build-Depends on libgtk2.0-dev and Depends on
   libgtk2.0-0 instead of relying on gtk3 for some releases.
   * debian/control: add missing dependency on testng (required by the
 testsuites).
 .
   [ Andrej Shadura ]
   * debian/rules: check for nodoc instead of nodocs in DEB_BUILD_OPTIONS.
 Closes: 922757.
 .
   [ Matthias Klose ]
   * debian/rules, debian/tests/jtdiff-autopkgtest.sh,
 debian/tests/jtreg-autopkgtest.in, debian/tests/jtreg-autopkgtest.sh:
 only set the JDK under test and allow jtreg to use its default JDK
 for running the tests.
 .
   [ Thorsten Glaser ]
   * Improve compatibility with older releases. Closes: #925407.
 - debian/rules: determine source date using backwards-compatible
   dpkg-parsechangelog call.
 - debian/control.in: put @bd_cross@ onto same line as @bd_nss@ as
   it can be empty.
Checksums-Sha1:
 5697ff576e87c38bc7faa9163f3d0ed1e7d6ea2b 4597 openjdk-8_8u212-b03-1.dsc
 2422e4e99eeb16b1e5d1185aad265ee267fc9ff6 70845512 
openjdk-8_8u212-b03.orig.tar.xz
 4f5564a98086fb2cbc40c5d24158dbb8dcfe336d 241080 
openjdk-8_8u212-b03-1.debian.tar.xz
 b5af2496f0d76dc429fedcb21ca262cc05670974 17087 
openjdk-8_8u212-b03-1_source.buildinfo
Checksums-Sha256:
 a7310457b4b74ea60c497411736af226e7f53c2251bf133d43f99a9e5d9642db 4597 
openjdk-8_8u212-b03-1.dsc
 5d632686ff7c52ff4399866971f864485755e5a5058e3123b8a36adc4170d6f2 70845512 
openjdk-8_8u212-b03.orig.tar.xz
 0dc25e8e52ee51df6ba30287974fb2b21e43a40efd7f522beb5730b414efd0fb 241080 
openjdk-8_8u212-b03-1.debian.tar.xz
 8f6c7af02389f33f79bf32dce84cd4dbf425509aa511b90d14aa15634b1509d4 17087 
openjdk-8_8u212-b03-1_source.buildinfo
Files:
 809bcbf62992038c337aa203eaea4e9a 4597 java optional openjdk-8_8u212-b03-1.dsc
 476e2fb53b3bb824abc1574b3f86b91c 70845512 java optional 
openjdk-8_8u212-b03.orig.tar.xz
 f87ed1a1e6fc9a5bc3be3599369cee06 241080 java optional 
openjdk-8_8u212-b03-1.debian.tar.xz
 9cc58e2deeecfc535672c83e6278f96a 17087 java optional 
openjdk-8_8u212-b03-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAlzsT7MQHGRva29AdWJ1
bnR1LmNvbQAKCRC9fqpgd4+m9dMLD/93ZIGK8zqckxIc3RHw2V09BUrBxTH0pb4s
8d5D/x8OzmbAKCWDnaeZo6zLh38Hvmj0sZLdjrIUVRJdpoJ1XWXRrH5JmtKD4RrB
a0u1rsctkm172l1aznqP1Toul9l1m6hHfLIGWQDw6A1TzxNxS3xzg0v+VjlvjQ+x
8JozOXhLA3djJE8ZQ6wJQHvBKUZ8FEcAW6WN1+IQcmSQHL2QeWTX6boxg0VJ+Tcz
heLmG3k6NAJ4y4CepW4tdd20UD1vr469/6Pnq/SBMtEqc1LHl/rqEVL1xBGHBY0/
45beeJ/G45bh9mnjF6tUjXQEYsXrjmZ3sUiAitcqD3MurO3GMCuLGGtf0eD7GHHT
f9vjeuITdGiuidBOHVVcL1ENw7p33NL91B2SOCzVXC1J+PwaQTq75BoECVBDSRVq
OPcUvtimMYV2KiKt8RBN/dA7OF9uIuTFlwE51wywE0wIelirtO1ZlrtgvstjXl07
4y67L1Ar7Mc/o9p0VqEm6ZxchF4PQwSYj23sY2iLbpsjnPSGw9LikRMsxVZV7ur1
hOb4tHFf1eVUngXnISdSe1bXM0cCJ+EvKPPKPLqGGPYRNALRylWypCYwRZJgY01h
du0rr7DWJE68s9JpsTA0s29fzC8HS0N/ltISGOrcuwvrSj5mRV9Pmca8oXwuAHM1
Z2ecDXEE0w==
=L3zZ
-END PGP SIGNATURE-

Accepted libtgvoip 2.4.4-1 (source) into experimental

[Nicholas Guriev]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 01 Apr 2019 22:57:35 +0300
Source: libtgvoip
Architecture: source
Version: 2.4.4-1
Distribution: experimental
Urgency: medium
Maintainer: Nicholas Guriev 
Changed-By: Nicholas Guriev 
Changes:
 libtgvoip (2.4.4-1) experimental; urgency=medium
 .
   * New upstream release.
Checksums-Sha1:
 d0bb82b8ee79fc33e919649f0e254b54ec4a540e 1940 libtgvoip_2.4.4-1.dsc
 485f97aa6d827401827a2621e46cc35defa14a2e 1484679 libtgvoip_2.4.4.orig.tar.gz
 b298e9fd4866b1fd67ec5d49ba29b775021b4ab0 7216 libtgvoip_2.4.4-1.debian.tar.xz
 12388a616ae0f46a6b79c152913b389ae3866217 8253 libtgvoip_2.4.4-1_amd64.buildinfo
Checksums-Sha256:
 e9cbb3495c988d4aeaf5b7c6f2f34b5fb80f7a85901cf1360c302b8a0fd5e4df 1940 
libtgvoip_2.4.4-1.dsc
 682f87b9654711cfc7b260b3ca9d2a05dac3f8dd6774d947381c73e7a72a0261 1484679 
libtgvoip_2.4.4.orig.tar.gz
 1fb84745ae5905c2a651650d1096e84ce6da25570876c5338e11ab3653e91412 7216 
libtgvoip_2.4.4-1.debian.tar.xz
 016c728eb1333dbe44ca17899bdbfa368d422bca5cb3c2a73fd4ad097a16a1d8 8253 
libtgvoip_2.4.4-1_amd64.buildinfo
Files:
 7de19f2c9d63a5dc1ae721210a599b82 1940 libs optional libtgvoip_2.4.4-1.dsc
 f232e43f65cf9c6ebad831ee24b74d48 1484679 libs optional 
libtgvoip_2.4.4.orig.tar.gz
 994064aad005310663c29ab5d72d8336 7216 libs optional 
libtgvoip_2.4.4-1.debian.tar.xz
 de13a765f898fa0d77f55bfa0672d130 8253 libs optional 
libtgvoip_2.4.4-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAlzsQuEACgkQCBa54Yx2
K62FhxAAmi94qrpNI4dyHSxVEEmZ7TtXOdY2yAKxfjYKasGowFTQq0AOoxFKXh5c
9IgK9vkjz/jdpa6ZFzecwXxANPa0FaUjLv3r09GJdgoY0ocIs2S1KahvqcFnKjmH
p70sl/TJA50IWszdLeF/7cuq6/E0dEeFX8Cv6Pw36DKwxCSoxfZTiq6yb/invjAB
mLwhBiwLI+PQENwdY78zy93OP/Z5cnupGP2gxyXX0uwibxnt5LQpf+bZA0MyV4xE
fM6fct8nLswVDq8I0bXfz/Aos+td4NxYmYLuaHg87z6YcrqABtAPXZ3XLGYWHnnr
6ZIopze0qElBb90RpdW4p3zjVWsXMN7kR2XxoqaXKw7PMBwXqD5s9GS904ljZyJn
mPNpljJ6YB9nDlkAAeooEIAc8OCuZvZFUD6l7xPC/+ezRaXyrecRn+3i+co1w35z
CcmyOToVoBh06JRf+RDY8wFOaprS6uwrzYAL5hDWEvAq8/BNPKncts21yBJFsgtF
WEYMCxs0V46K91SDCQOXAVtW+NxXYhUXkzGClFD9125DlRH/YLxZcGl1jyDWr0ea
dIFglf57+J8p1Qui00NPDG/sWagUGmRGtmruOw0blsBIORKMc+KIQBkHvIJQMRVo
4r/gJA8DSVG/O42w5Fe87PPpFHq0dpHs8QzMYgtiFYt8Pt4nkls=
=pYbz
-END PGP SIGNATURE-

Accepted openjdk-8 8u212-b01-1 (all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x source) into unstable, unstable

[Matthias Klose]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 19 Mar 2019 08:26:02 +0100
Source: openjdk-8
Binary: openjdk-8-doc openjdk-8-source openjdk-8-dbg openjdk-8-demo 
openjdk-8-doc openjdk-8-jdk-headless openjdk-8-jdk openjdk-8-jre-headless 
openjdk-8-jre openjdk-8-jre-zero openjdk-8-source
Architecture: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el 
s390x source
Version: 8u212-b01-1
Distribution: sid
Urgency: medium
Maintainer: all Build Daemon (x86-bm-01) 

Changed-By: Matthias Klose 
Description: 
 openjdk-8-dbg - Java runtime based on OpenJDK (debugging symbols)
 openjdk-8-demo - Java runtime based on OpenJDK (demos and examples)
 openjdk-8-doc - OpenJDK Development Kit (JDK) documentation
 openjdk-8-jdk-headless - OpenJDK Development Kit (JDK) (headless)
 openjdk-8-jdk - OpenJDK Development Kit (JDK)
 openjdk-8-jre-headless - OpenJDK Java runtime, using  (headless)
 openjdk-8-jre - OpenJDK Java runtime, using
 openjdk-8-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
 openjdk-8-source - OpenJDK Development Kit (JDK) source files
Changes:
 openjdk-8 (8u212-b01-1) unstable; urgency=medium
 .
   * Update to 8u212-b01.
   * Enable SA on AArch64.
Checksums-Sha1: 
 7d824cdbdf078959b2d9998b3bc1a23280e94250 11980408 
openjdk-8-doc_8u212-b01-1_all.deb
 5c1bbac7cb94680198404dc2ceac151fced96a8e 46326452 
openjdk-8-source_8u212-b01-1_all.deb
 8f5ffea1c9738ae8a7fc35dcec2a63c39746f9d7 17626 
openjdk-8_8u212-b01-1_all.buildinfo
 83dedaa89ebdf138f698dcb3d9b9662571fe146f 2011848 
openjdk-8-dbg_8u212-b01-1_amd64.deb
 0743970e2dbd56fabbfd6a2834ceba7b181c 1822752 
openjdk-8-demo_8u212-b01-1_amd64.deb
 072204f8c56d5d0aa3198404cbd7768e4a1c40d3 8183492 
openjdk-8-jdk-headless_8u212-b01-1_amd64.deb
 13900189fd9a0382af89640f1b5713b005612968 1392772 
openjdk-8-jdk_8u212-b01-1_amd64.deb
 6ad1bbc0bef59b65484f3816745aa57a6d9db10b 27148996 
openjdk-8-jre-headless_8u212-b01-1_amd64.deb
 680e67e0629c3d5b0cf9f5f4d2871ca4698ac102 1944408 
openjdk-8-jre-zero_8u212-b01-1_amd64.deb
 081c9a8a1fe9f354716de2e164da8ac06d9509bf 69432 
openjdk-8-jre_8u212-b01-1_amd64.deb
 ae48f6366f7cb94276f38d9e4f283d8e837f70a3 19039 
openjdk-8_8u212-b01-1_amd64.buildinfo
 5a7332a3e0cd00b45b3828eb66277511c3e89f2b 2064636 
openjdk-8-dbg_8u212-b01-1_arm64.deb
 33185867ed6036dc1c12790837261de925a95e4c 1820260 
openjdk-8-demo_8u212-b01-1_arm64.deb
 d53f8f0ef29c2909dc66061e4a1e4cd5862a9a6b 8210716 
openjdk-8-jdk-headless_8u212-b01-1_arm64.deb
 077278917128fbf9500281d26dcffd52567301d4 1486056 
openjdk-8-jdk_8u212-b01-1_arm64.deb
 155bc3d973555beaffae95d040a3420cf3b6825e 26902152 
openjdk-8-jre-headless_8u212-b01-1_arm64.deb
 748c649015311f3b024b7fbbd5eae53a55e5671d 1891984 
openjdk-8-jre-zero_8u212-b01-1_arm64.deb
 96fc0228e900bf6f79e9fcff1d45c211e149a062 66020 
openjdk-8-jre_8u212-b01-1_arm64.deb
 9ee0b1ff0b55b09dc596e67e4815c5bceb83f666 19028 
openjdk-8_8u212-b01-1_arm64.buildinfo
 a05d5e7de3f1216ff3e3457b074b4fec5b59726e 1606260 
openjdk-8-dbg_8u212-b01-1_armel.deb
 526b4cd62d017836cd0c3c45e46df602db72cda3 1810200 
openjdk-8-demo_8u212-b01-1_armel.deb
 67a0d5040a8afae61a2b92489cbf8817dced284d 6238192 
openjdk-8-jdk-headless_8u212-b01-1_armel.deb
 3c3baa6fd42c249b20edfea1ab3ea860227266d3 381448 
openjdk-8-jdk_8u212-b01-1_armel.deb
 00b5d61a6a3b172da98e43a7bb4bb5f00c2a14e8 25159816 
openjdk-8-jre-headless_8u212-b01-1_armel.deb
 b5c46f1b15c5a2fe9f20936715c5d59b4f61b3e8 62952 
openjdk-8-jre_8u212-b01-1_armel.deb
 89a78c0071aba69b8f7e3e03b4cc3f51acc772fc 18695 
openjdk-8_8u212-b01-1_armel.buildinfo
 f2205548b32f141159df4be997a8a7dde8074b13 1831328 
openjdk-8-dbg_8u212-b01-1_armhf.deb
 6e4ee879ae51de8f43abbb2d92a776e7f37b5015 1811552 
openjdk-8-demo_8u212-b01-1_armhf.deb
 965b7ef3057739c2d81cb683f068abba22034fd4 6228780 
openjdk-8-jdk-headless_8u212-b01-1_armhf.deb
 8925513eadfcb61d73df3a467390442fd6e28d89 1499244 
openjdk-8-jdk_8u212-b01-1_armhf.deb
 f989322f85ae08426511b277547e004ec2eb34ea 25568492 
openjdk-8-jre-headless_8u212-b01-1_armhf.deb
 eefe5341bb11543946d846178fdc72cdca9d0eca 1619820 
openjdk-8-jre-zero_8u212-b01-1_armhf.deb
 d28fe2363975639ba598ba551eb22d5c3fbf1e29 62516 
openjdk-8-jre_8u212-b01-1_armhf.deb
 8095a2b66d8d17a6c79e70ff261dde7d321d7b30 19020 
openjdk-8_8u212-b01-1_armhf.buildinfo
 65ce63fb546d9214b9537f083fc815db661a79be 1900904 
openjdk-8-dbg_8u212-b01-1_i386.deb
 03529f93e8bea38bfc77450962d64acfe4eda67a 1823628 
openjdk-8-demo_8u212-b01-1_i386.deb
 ec57808c7b81e044eba5f3de9b6492a6b561494f 8182960 
openjdk-8-jdk-headless_8u212-b01-1_i386.deb
 198e228eaa4dafe3ee705e0158e3c59259ff8803 1406324 
openjdk-8-jdk_8u212-b01-1_i386.deb
 9bc77dd8d2a6c7a9cbb86d2ff682b9c9d7d861cf 26810048 
openjdk-8-jre-headless_8u212-b01-1_i386.deb
 ddcaf3dd772f320dc917ebc6b0b01b18a77b4831 1819772 
openjdk-8-jre-zero_8u212-b01-1_i386.deb
 5e2e1dd9a9e85c4b2154c2a51eaf1c6cf130df1a 70376 
openjdk-8-jre_8u212-b01-1_i386.deb
 6fc45bd4f2e00e15b1b40faac396d2fee073cf41 18968 
openjdk-8_8u212-b01-1_i386.buildinfo
 

Accepted creduce 2.10.0-1 (source) into experimental

[Matthias Klose]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 27 May 2019 20:53:41 +0200
Source: creduce
Architecture: source
Version: 2.10.0-1
Distribution: experimental
Urgency: medium
Maintainer: Debian GCC Maintainers 
Changed-By: Matthias Klose 
Changes:
 creduce (2.10.0-1) experimental; urgency=medium
 .
   * C-Reduce 2.10.0 release.
   * Build using llvm-8.
Checksums-Sha1:
 a8c245010d188e97265027de67f5f50fdcf28fe7 2063 creduce_2.10.0-1.dsc
 77c3dafb2446133ca2f2aeae34b2e4b79de5231d 779318 creduce_2.10.0.orig.tar.gz
 e5f5175f041482b9344793a5af55fa8546d0bfd8 7004 creduce_2.10.0-1.debian.tar.xz
 f7b06a9ea8217582ffc671d770559ddf58ed1d15 7119 creduce_2.10.0-1_source.buildinfo
Checksums-Sha256:
 2fd3ba84291307e16e0a53b23098f7e8730682a53572feec5850a5b77d0a24bc 2063 
creduce_2.10.0-1.dsc
 db1c0f123967f24d620b040cebd53001bf3dcf03e400f78556a2ff2e11fea063 779318 
creduce_2.10.0.orig.tar.gz
 e2b89c770b492c4aff03b6352d5003bfb610c009e0edd29dd8284aa2e2771c24 7004 
creduce_2.10.0-1.debian.tar.xz
 70456c48c266475f356fa377a3f2a3b935c28517ff3802bcbf0ffe299575f054 7119 
creduce_2.10.0-1_source.buildinfo
Files:
 4927e255e7ee223f89ec81a15eee7c57 2063 devel optional creduce_2.10.0-1.dsc
 ec9d5fd3c71840c7361cdf626fe1f202 779318 devel optional 
creduce_2.10.0.orig.tar.gz
 4e5893ffba098037ea9313765fda1675 7004 devel optional 
creduce_2.10.0-1.debian.tar.xz
 6914006e83c072172efffaa9e3d70d20 7119 devel optional 
creduce_2.10.0-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAlzsNcoQHGRva29AZGVi
aWFuLm9yZwAKCRC9fqpgd4+m9e58D/9vSKM/4dt5jppZE3YJcRA1XpYsEbGVBa0j
WWuNLiK+C78naTX7MN8PoLy8eTFrfgRU8FJm/xdLcW4kFPlJJ5vSAOwmYJJInYek
poWT8GDJOaPTlfduBXAXsuzNUNblrOAEsEGphlszsiK2lP8n1PPfTLiN4HBqnnm3
GkyllhDANomppNEEe9vi5oP9DzIZfHcN56Q/OZr3MN2zM3kgyQYkMaLte4SJ450o
9BDDGzRGXoStpCA5rGDGyr0aV4BKx2LXJTUynDTTrKx/Q6jIrBpMjx1LNWYL6Mny
LMxRGv2eQbY/tD0rDtjjLaQS1e44jHG1ViSzxDDX73lv2LX6vghSjPoCruB+ex2L
X5sxcFf/QWEdsc+6c4ojUvzroQlPEi2pw7Lw/4454yxzndGer/blXI2V/4jqjrfW
llfkZPb8SMhOSGvwapwyCls6sFe+zKFlNMgO4+ijZ23ZrbAz8WmmNcc3Ryciez3t
aDkq0ZFg/4xbwySRqjZYhJGNCuexp8k/U24Z8dhvquA9x71Uca06t/fWfgji7pv+
ruF55kq+izBxtn80ityuxZ6K7nTYrgmTZ2YCxR4X2TxSAoKHQ4ce8nGj5CJ8JyjR
NXsoCOuDO7VtVeL9JP5UegMe6JdvHpizAuV4b8UrsRvYF4Au6N2ILfE1BMgGLaSN
+ghChXffaQ==
=jAGl
-END PGP SIGNATURE-

Accepted node-liftoff 3.1.0-2 (source) into experimental

[Pirate Praveen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 28 May 2019 00:24:28 +0530
Source: node-liftoff
Architecture: source
Version: 3.1.0-2
Distribution: experimental
Urgency: medium
Maintainer: Debian Javascript Maintainers 

Changed-By: Pirate Praveen 
Changes:
 node-liftoff (3.1.0-2) experimental; urgency=medium
 .
   * Team upload
   * Tighten dependency on node-flagged-respawn
   * Add copyright of embedded modules
Checksums-Sha1:
 85db7657de176efd340606c54238d62f169e46da 2765 node-liftoff_3.1.0-2.dsc
 87bc557ba13e7bfdac91db2bba047cd4880b4d1e 4728 
node-liftoff_3.1.0-2.debian.tar.xz
 4b9d1ca6e79abe7b9c19b74250e8746303b37601 10441 
node-liftoff_3.1.0-2_source.buildinfo
Checksums-Sha256:
 44f988d8926c44159187ff62532aabd14122d49c1aee382bf0da9fdb3117ba6e 2765 
node-liftoff_3.1.0-2.dsc
 18853f2734d1ca1c90bbbfd6638ec68b542c3c5f41b873c8ff654fda873a617b 4728 
node-liftoff_3.1.0-2.debian.tar.xz
 adc911df89fb6d805940e510fd80126bd81277e83a15ffa1dbf3d8469585baba 10441 
node-liftoff_3.1.0-2_source.buildinfo
Files:
 d0d9fa08719db99296cb392745d6fd2c 2765 javascript optional 
node-liftoff_3.1.0-2.dsc
 9700ec89c2fddb43a570115bb826fb3a 4728 javascript optional 
node-liftoff_3.1.0-2.debian.tar.xz
 51a4af68910401dbcb116869eee1e599 10441 javascript optional 
node-liftoff_3.1.0-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIyBAEBCAAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlzsNDcACgkQzh+cZ0US
wip01Q/3SJ8Hw4RskfdEnCxoiHiopyaqn/eb59v6Ti9L0/OzrAdxClgdJDCPtjmF
pm33GCOzC5vIXujgkSJ7S+25jEJO/Z9qt3wFpWB+H7Bt859pOFQAO8EaC2vkj/ok
MudLkd3VDAI6WYxk5IgvKPX9aMosoBqYjhSZfZ6WyPPI4xyzijDPe6tkyd+rgoKZ
/62tjGofS32yin5Kqa8MAApVZT8V31fV28AySrIp46VAVccBcttGzRF1Io/aeAGj
6O6/AuMoCcKET4cAnvTBjesVZnj7zHIUzXeeqHwWUaU+cw98cAuroQzPkLu6wNXm
Fs7fVzVZIxm+Tj8Hp6KRT0nYLS6SF9jdVQXRo+Inu/FlI3KbaodEdKL/t6sqSd2J
KM6HVIxL5xjB09SelC+ofgUr110+uOuk0ATLaLnh8ih36kJPwx16JUH9xc/L5AXu
t5h5538Dy7yAej6ZupJ6X6nrC634XoY/mIEeCOMPT3o8A9I3SRLSaM4snDxIhgdi
GRhBRjPemHvSpSLuA3c/4Y8OSzs6PzLCqHyuTYuhquCdbbk6athNBAXQZc6tuUq4
gCZjfSGykbTNY/r950VWfdNGqRsrqByO/DUcrbDOuAdx/k/KtKdDEcUqtWN0hBp7
D6fSsMP06tLabM4VgDmas5uYSmfRwPxT4WFrFh1d6LUtf21QxQ==
=lyjg
-END PGP SIGNATURE-

Accepted openjdk-13 13~22-1 (source) into experimental

[Matthias Klose]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 27 May 2019 19:44:41 +0200
Source: openjdk-13
Architecture: source
Version: 13~22-1
Distribution: experimental
Urgency: medium
Maintainer: OpenJDK Team 
Changed-By: Matthias Klose 
Closes: 928167
Changes:
 openjdk-13 (13~22-1) experimental; urgency=medium
 .
   * OpenJDK 13 snapshot, build 22.
   * Fix src.zip symlink. Addresses: #923118.
   * Update patch for m68k support (Adrian Glaubitz). Closes: #928167.
   * Configure with --with-version-pre='ea' for upstream tags which are
 not upstream releases (has to be set manually).
   * Refresh patches.
Checksums-Sha1:
 cd10b86ca05355a3c0f354c2d728a5d4989fb21b 4638 openjdk-13_13~22-1.dsc
 39fe78a4db013ed35c7f19268c3730e9a4e4bad3 68930120 openjdk-13_13~22.orig.tar.xz
 9611034274a45657f165dc735fced376e735e55e 164904 
openjdk-13_13~22-1.debian.tar.xz
 b59aec495d9233a02062fdc39334bab9b52cf7a6 17673 
openjdk-13_13~22-1_source.buildinfo
Checksums-Sha256:
 32906782b0bf7ca1defa5068481bbc43d83f5692336f9f0f8fa097c6e5e16878 4638 
openjdk-13_13~22-1.dsc
 50b8bdfb3cb2e6f8790118bfee03607355d15c10459892d14c31f3a670a7439b 68930120 
openjdk-13_13~22.orig.tar.xz
 5b59aba4f9e59f807f4a7f381a9e3a7e122db3cd4fd9ee11b5b1382fa33ed488 164904 
openjdk-13_13~22-1.debian.tar.xz
 1b05e96c3be1759f1737c98ce8c2916a1e301c571fb06b5dc60f461305b8bbab 17673 
openjdk-13_13~22-1_source.buildinfo
Files:
 dd1968f53016bf6f3282c9d4dbab093f 4638 java optional openjdk-13_13~22-1.dsc
 7e7319037ca46d078862578d7e189605 68930120 java optional 
openjdk-13_13~22.orig.tar.xz
 7201c1d7f16ddc3e2688d0a5662ae85b 164904 java optional 
openjdk-13_13~22-1.debian.tar.xz
 1480b7ed91b4dbfe89c469672e437296 17673 java optional 
openjdk-13_13~22-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAlzsLtcQHGRva29AdWJ1
bnR1LmNvbQAKCRC9fqpgd4+m9UNbD/93Bv+Ec5MpGi6wJx8vL7c7mGtqTWEmlzeK
kIgqJWLGXtctg1KQdxnCKdXfUPFV0DO+NszCb85eUV/cWrzU8S5O8OnLXqH9u5wJ
uJVKV+RDk0sTahdKHJIA1GD2g8ocXKU0XN0D5p27YyH2Y67qz324TPgeu8UDT1yh
GLSEheou+ZlsVv+tGjpG3KU82xy+1yN9yjVWmOCuxPpbjMK/0zh6MlsfQkTN0lxl
N/bsCF1uPFe4DPj02o7PY1wvZMO/4mPQN8ndLjESxltK5vhZTN+HZewhGeVr01Cb
foDcSxWAJrmJhaeOaCN3jNbxVH63efHoX4+93dVjcnEwjSFt7o+UdVu59iZu8GY1
OX1CbZHVvgJ4Q409EMYrjLMvhi7xSaSd3WLpgCAK6jIMh8OjZ5bmMKLjcTLhsW9u
FX0IPEH2SVUENVctkhKur/ruGSePoeStgS94vdVY7CpIv6zN77VfInxMguA593eQ
Q5DRLYPkD83rM97Fux18jvP1Ycmb0Pk5wImM+sgzmLxfiYiTDU2AK+P0Mwbs3tuj
FCVjyjhVFtoaW+wrcHxqp8Rotsn9x5CBT+y263Y5XMFBWGt8WQWrckMGhM3eejRe
dXA4/9b3jP0/6rKFrizSDAXIG1WO7PI80U3+3OhVkjghEmvgzM8/2y9+iJLH7MA6
Rc2qNq34pg==
=cozs
-END PGP SIGNATURE-

Re: Consensus Call: Do We Want to Require or Recommend DH; comments by 2019-06-16

[Russ Allbery]

Jonas Meurer  writes:

> Depending on the software you packages, doing the initial packaging
> already requires a lot of knowledge about library handling, doc build
> systems, makefiles, the filesystem hierarchy standard, language-specific
> toolchains, etc.

> To properly build the package you have to learn either sbuild or
> pbuilder. Which involves understanding and creating chroots/VMs/...

> For proper version controlling, things like git-buildpackage (and/or
> dgit) and the "3.0 (quilt)" format need to be understood.

> And for testing, you need to learn about piuparts, autopkgtest, as well
> as again chroots and/or containers for local testing.

> That's a very high bar for entering the world of Debian packaging.

I completely agree.

How can we fix this?  I've written some documentation of my personal
approaches, but I think documentation, even with step-by-step
instructions, may not be the best way to cut through all that complexity.

When I look at other ecosystems, there often is less diversity than we
have in Debian (newer languages like Rust or Go, for instance, have
converged strongly on a single choice of build system), but perhaps even
more helpfully they've automated a lot of that flow or at least wrapped it
into single tools.

Debian rightfully values its diversity, and while I think pushing us to
think about whether that diversity is still serving a purpose is valuable,
I am sure we don't want to give it up entirely.  But I think there's a
missing gap here for a very opinionated combination of a tool and a
document that says "here is one coherent way to package things for Debian;
you don't have to do things this way at all, but if you don't have
opinions about all this stuff, use this."  I don't think we have that
right now.

By this, I mean way more than just the packaging.  Imagine a world where
you apt-get install decisive (name made up) and then run decisive setup
and it sets up an sbuild environment for you, and then run decisive init
on an upstream directory and it builds a packaging template using dh and
3.0 (quilt) and autogenerates your copyright file using licensecheck.
Running decisive format runs cme fix, running decisive lint runs lintian
and cme check, running decisive check runs puiparts for you, and
autopkgtest, and whatever else we can come up with.  Running decisive
upload runs dgit push for you.  And so forth.

We have some of those pieces already, of course, and writing this sort of
tool is a little fraught for all the tools upstream of them since they'll
get an influx of user bugs from people who don't really understand how the
tool works because they're not using it directly.  So this isn't without
cost.  But I don't think we've ever assembled the *entire* packaging
workflow into a tool like this that has strong opinions and a mandate to
*not* allow every possible variation and instead just focus on being a
very simple and easy-to-understand workflow for the 80% case.  (Obviously
we'd want to try to design it so that it's relatively easy to use
selectively as someone gets better at packaging and makes some alternate
choices.)

To be clear, I personally don't have time to work on this.  But I think it
would fill a valuable niche in our ecosystem, particularly if accompanied
by a supporting document that lays out *why* those tools were chosen and
provides a few pointers to alternatives for someone who starts getting
curious about other ways to do things.  I've seen this kind of approach be
successful elsewhere; the idea is to make common things easy while getting
out of your way if you need to do something uncommon and complicated.

-- 
Russ Allbery (r...@debian.org)   

Accepted poedit 2.2.3-1~exp1 (source) into experimental

[Gianfranco Costamagna]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 27 May 2019 19:37:38 +0200
Source: poedit
Binary: poedit poedit-common
Architecture: source
Version: 2.2.3-1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Debian l10n developers 
Changed-By: Gianfranco Costamagna 
Description:
 poedit - gettext catalog editor
 poedit-common - Common files for poedit
Changes:
 poedit (2.2.3-1~exp1) experimental; urgency=medium
 .
   * New upstream version 2.2.3
Checksums-Sha1:
 26b759ed794cd3313bffe25f3f91668cb44992bb 2404 poedit_2.2.3-1~exp1.dsc
 4675bb29b7b1f7e2eada68355273ee0d36bb19a6 2834106 poedit_2.2.3.orig.tar.gz
 a4440a334970f00a4afd9e1c8c9a3f7a4baac014 19604 
poedit_2.2.3-1~exp1.debian.tar.xz
 8118da2438ba87f4fc8a7ac9b31b1ca1f1df52f3 18640 
poedit_2.2.3-1~exp1_source.buildinfo
Checksums-Sha256:
 1f363d7339ece2b0af486b02b22e1899bd1b7c20f453dba7e31ec23d4330c687 2404 
poedit_2.2.3-1~exp1.dsc
 47d52895b836a8505742a4f9bf94da5936b244877fac2ff9ab0bb94464548688 2834106 
poedit_2.2.3.orig.tar.gz
 9606168bc3d7c397a815101fdfea023b8ac02a750e4bfa417796785333c42823 19604 
poedit_2.2.3-1~exp1.debian.tar.xz
 d6e3bda7cc53f6c8f63d75682aafa344c780072c000953ec9a61df019f3b56da 18640 
poedit_2.2.3-1~exp1_source.buildinfo
Files:
 0818ecc2c1933d63cf459b9b01d2ecbc 2404 text optional poedit_2.2.3-1~exp1.dsc
 7cd9b0e0f2c6a2fa18739dbbfcd722e5 2834106 text optional poedit_2.2.3.orig.tar.gz
 4ee1e82ca1776987b5c79e223b737218 19604 text optional 
poedit_2.2.3-1~exp1.debian.tar.xz
 216b22cf7d0d331c818a2634d7cfa348 18640 text optional 
poedit_2.2.3-1~exp1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEkpeKbhleSSGCX3/w808JdE6fXdkFAlzsIHcACgkQ808JdE6f
XdmRghAAnDID4JNwBrHaeMiQNuewsM5EhoHS+wj4IVqTxD/Qxzmw6H8wLjThqThn
OsMerf0Xtiv0NiP25lD/SXSLDeF3iDS8gKb/tKEvM08DoScxC+MNbsQai0TGDihL
RJ9vPi37ySatjLqcAfSacrlEgmH451k7R9mfyCvOS2yuNx/QCWuq9KBgseDe0Pur
tMvZM7gH6bQRj0wZvV3Zpw/q/TmW1O07embv/GmXnI85PofM+ZpGaVhAIR9NNynQ
EhVOLUl+QUZxg9WDu0IEKoUSzeDuIKB9+qBUaQozpXvKHm0jXWOgPAoL//+NjcQ8
9SWtVDl/HTA6Gh+em0Y7hmsrcBpv8v3JCcGxQMVRnDiT9leXMVSZrF+LpQmysdz4
KgdoHTCJnhZ+SIWwNOkDaToFsbrN25DP/9NYVNMd8nMkIPI23J0gMT/7uHSh0AlC
0VgE98ntSp1Ss6O6YJA371+nZvWL8ppSfgY7yD4kOXkNGE0YOloMatjNUfg29AKn
n2cd0OCmoRxn0ZPsW5UpL4DakFk05WVEfnJu5btKkQyYL9ZS3ui5OpgoYMIZ2HKn
4ZFid9WN/apj1o98FnZHwSV7HgvWpJ0pGvrCyJhr7oj4ygw1d2+X+/K4/O25+ciK
GJbDRMuE8kScnSjVrLgBnEK7mRASfWPE32s5QiMqh4SXyl6jx3Y=
=IoVD
-END PGP SIGNATURE-

Accepted poppler 0.71.0-4.1 (source amd64 all) into unstable

[Jonathan Wiltshire]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 25 May 2019 17:10:35 +0100
Source: poppler
Binary: gir1.2-poppler-0.18 libpoppler-cpp-dev libpoppler-cpp0v5 
libpoppler-cpp0v5-dbgsym libpoppler-dev libpoppler-glib-dev libpoppler-glib-doc 
libpoppler-glib8 libpoppler-glib8-dbgsym libpoppler-private-dev 
libpoppler-qt5-1 libpoppler-qt5-1-dbgsym libpoppler-qt5-dev libpoppler82 
libpoppler82-dbgsym poppler-utils poppler-utils-dbgsym
Architecture: source amd64 all
Version: 0.71.0-4.1
Distribution: unstable
Urgency: medium
Maintainer: Debian freedesktop.org maintainers 

Changed-By: Jonathan Wiltshire 
Description:
 gir1.2-poppler-0.18 - GObject introspection data for poppler-glib
 libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface)
 libpoppler-cpp0v5 - PDF rendering library (CPP shared library)
 libpoppler-dev - PDF rendering library -- development files
 libpoppler-glib-dev - PDF rendering library -- development files (GLib 
interface)
 libpoppler-glib-doc - PDF rendering library -- documentation for the GLib 
interface
 libpoppler-glib8 - PDF rendering library (GLib-based shared library)
 libpoppler-private-dev - PDF rendering library -- private development files
 libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library)
 libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 
interface)
 libpoppler82 - PDF rendering library
 poppler-utils - PDF utilities (based on Poppler)
Closes: 924029
Changes:
 poppler (0.71.0-4.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Prevent a crash due to null pointer dereferencing in
 goo/GooString.h (Closes: #924029)
Checksums-Sha1:
 d853e6e7b34614631cd9a77b3b5e2d2ad3de62fb 3298 poppler_0.71.0-4.1.dsc
 25b16c75fc25948c06cf230cabc5fb91b1fecb92 38540 poppler_0.71.0-4.1.debian.tar.xz
 187acd68241da7ef40a6a2908616c5d3367b5f95 38052 
gir1.2-poppler-0.18_0.71.0-4.1_amd64.deb
 0fdc92246a4c96211bb8013df602a11fbc6f2d15 28508 
libpoppler-cpp-dev_0.71.0-4.1_amd64.deb
 62ddde67bc7c0627bb264603e7291f1ad3fb8268 805180 
libpoppler-cpp0v5-dbgsym_0.71.0-4.1_amd64.deb
 59c13cde0544f6889ef0a4cc5d262e3cb06b3cd1 52464 
libpoppler-cpp0v5_0.71.0-4.1_amd64.deb
 81e5bcc3e52b28d2d6806f5552368d881f30fead 23716 
libpoppler-dev_0.71.0-4.1_amd64.deb
 69854f777fee7074ecffb6c8611f4e75dad0e4cf 68500 
libpoppler-glib-dev_0.71.0-4.1_amd64.deb
 488734bbae118a32a0c430267c736b6bd2f15913 91508 
libpoppler-glib-doc_0.71.0-4.1_all.deb
 b5e2231b608588134616ed9bfa0f73c544ffa1ef 1685988 
libpoppler-glib8-dbgsym_0.71.0-4.1_amd64.deb
 8ff913ce675f201dab45f68d7f3900f2d367364d 124628 
libpoppler-glib8_0.71.0-4.1_amd64.deb
 79eff47732f5ca3952660a9844afb035999cd7b2 187776 
libpoppler-private-dev_0.71.0-4.1_amd64.deb
 c1175efbf1c55a8c24319d1986d229d663d90814 4290076 
libpoppler-qt5-1-dbgsym_0.71.0-4.1_amd64.deb
 068d2542d1d66a63f576f6035b9cc2b1ea386938 158456 
libpoppler-qt5-1_0.71.0-4.1_amd64.deb
 c7cc9731458d1a006c8412757289d4f73f05734a 51984 
libpoppler-qt5-dev_0.71.0-4.1_amd64.deb
 6ce309cb8df181e2607f6d6e32f3b6253a6dbb69 7662708 
libpoppler82-dbgsym_0.71.0-4.1_amd64.deb
 9863a8ab5ed671b91984c160df1b8dfb44601411 1506780 
libpoppler82_0.71.0-4.1_amd64.deb
 d1914592772cfc9a8d4fe07b56c03e57875b36eb 2943340 
poppler-utils-dbgsym_0.71.0-4.1_amd64.deb
 5583c2b9577c0e12189f3b41e03702dadfb4c084 184468 
poppler-utils_0.71.0-4.1_amd64.deb
 ee2c1d91a479efd4a9493a845b10acfc30875dd8 18160 
poppler_0.71.0-4.1_amd64.buildinfo
Checksums-Sha256:
 b641c346d7b24f036bb740f56eb8ba6df46ee3b766b6c1be5d9e77e4687a8875 3298 
poppler_0.71.0-4.1.dsc
 7669d38a7d7ea18bc7fdde44d08159aab307bee757506d070044d3bc36b34269 38540 
poppler_0.71.0-4.1.debian.tar.xz
 061206c89ecc16ba7e1fd5cc166dd1ccda8f18c0bcaef444b43ed28cde2ff30b 38052 
gir1.2-poppler-0.18_0.71.0-4.1_amd64.deb
 fdda1c16e0e1335828f5e1887e3062fe5353bcb900d8416d8e6b751d88f75b98 28508 
libpoppler-cpp-dev_0.71.0-4.1_amd64.deb
 f51127549442226c60b64bb0045110c112e0f745f13dab93edfc0652365a8fe9 805180 
libpoppler-cpp0v5-dbgsym_0.71.0-4.1_amd64.deb
 12d186be7a97902f1acef482c36827a476df5e08436c496403ee9cf656c46d80 52464 
libpoppler-cpp0v5_0.71.0-4.1_amd64.deb
 74ee5868e746b9b888ccc1d67fa81f0f2ddf0c11d6012f151507d63a3c4bd3d2 23716 
libpoppler-dev_0.71.0-4.1_amd64.deb
 ea7e50723b757c3769ce3bad5df4353670576b99448971f3888c1034cdc5b3ef 68500 
libpoppler-glib-dev_0.71.0-4.1_amd64.deb
 9a8bfbf2b983d08f3c575cb343f442e518b75289dfdde5b6e3a9e6500a40c190 91508 
libpoppler-glib-doc_0.71.0-4.1_all.deb
 41bf94d0a430e4403c267239630d03c9e01c98093bc8b34affbb6f35cc318d6a 1685988 
libpoppler-glib8-dbgsym_0.71.0-4.1_amd64.deb
 8db3241b93e0cf1cd3584e75f6f644322e9fb07edfacd2b913db51e9ea1dcf02 124628 
libpoppler-glib8_0.71.0-4.1_amd64.deb
 94e6b604c480e1f009913feb309c7d190ee595218ad22b0a3cef9fc829efa837 187776 
libpoppler-private-dev_0.71.0-4.1_amd64.deb
 3dfd5a9890de37cf9507a744e3a9128fa2afd59de9247a055e63be64a5d7b14a 4290076 
libpoppler-qt5-1-dbgsym_0.71.0-4.1_amd64.deb
 

Accepted wireshark 2.6.8-1.1 (source) into unstable

[Dr. Tobias Quathamer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 27 May 2019 16:08:44 +0200
Source: wireshark
Architecture: source
Version: 2.6.8-1.1
Distribution: unstable
Urgency: medium
Maintainer: Balint Reczey 
Changed-By: Dr. Tobias Quathamer 
Closes: 929446
Changes:
 wireshark (2.6.8-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * CVE-2019-12295
 In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14,
 the dissection engine could crash. This was addressed in
 epan/packet.c by restricting the number of layers and
 consequently limiting recursion. (Closes: #929446)
Checksums-Sha1:
 638a99183f0251eae3adcddc57e683e3b925ec84 3531 wireshark_2.6.8-1.1.dsc
 55c82bbb3e02077378a512f69f6ff8e0f4dcc5cf 71716 
wireshark_2.6.8-1.1.debian.tar.xz
 e4ea88d8c0ddfbc1e510b9c76d088d2229e2eebc 25763 
wireshark_2.6.8-1.1_amd64.buildinfo
Checksums-Sha256:
 71f0a3be5a1360c0b2e60eda3f71fc9d771254099e2296ed0839679c61f41b5a 3531 
wireshark_2.6.8-1.1.dsc
 4161d9c12abceb7ffce74e581b5762f4ee49f947b06fb690b408a95be1c8bd2c 71716 
wireshark_2.6.8-1.1.debian.tar.xz
 8f16585bc19d4455fcd4ae73c811e8494d7211a1dada520252db807480b54941 25763 
wireshark_2.6.8-1.1_amd64.buildinfo
Files:
 00b410721d6db832f99b54d345fe28ae 3531 net optional wireshark_2.6.8-1.1.dsc
 6c5f09f829283d29f4d3211f40839c5d 71716 net optional 
wireshark_2.6.8-1.1.debian.tar.xz
 821834ae84ee480417346744f29fe2aa 25763 net optional 
wireshark_2.6.8-1.1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEE0cuPObxd7STF0seMEwLx8Dbr6xkFAlzr8vwACgkQEwLx8Dbr
6xk4Ag/+JpqEK+LFiT40ZkBPOobmDZlGSdNcimDcdKQJQ49HBzo/im11w9w/Udxf
ZCy8bVGqZWLvKuzE0zsY6uCMG0uZxRAX8W8xyKGKNHxiInyNM2NkabZvkifBRg+V
WcY8BsjHRS5kpP7grlDA4wkoG1y8StVLhNXmt45bmySaylpw7Fc7VVPKKd8gStSJ
nT82ifOaTqsdV2YcJaoLlWl7+Z5N/O8xVuT9uB76zzC10pPyXQq461Mcf+GYvNLm
CIQo1mLG2DQzxM8TDDKfk2UMWjutK21IIvCM1BGPPOTiESmapIVhmX2vX3pRrLoR
/0dr2p2tJwiEsQ7iKD7CwJmtQ3kgQBojCbillRbSyKvHCL1pWImIKAlGQouxid53
0VAa07lyzFeLsHDcACRX/hVG7TZt86H6fw5wmHTKKD4hsP/3klIkKymsXaKu3bGi
hbnsjhCnNG+DZLoxNv/cH5KMTpWdBneuT80wGqmpcsKBdlmp5U7HlJM/4fcxXAqn
sRRauNxvgSWMIQMYmIj3fferJfjBbwYNWj3p82ED+evAueHFkHdN7Sv0qrbwc2dO
0yM+Ez/L1ocqsLA98DgxLq4jPKHBV+RAsthPvy6mYRJplcyW07KYMzwR6zNgIwN2
cdw8XND8PBf5FjaFCHIP3F/6kZ/1DVuyyuecdQ91OYfczyoy5Rk=
=Glfy
-END PGP SIGNATURE-

Re: Consensus Call: Do We Want to Require or Recommend DH; comments by 2019-06-16

[Scott Kitterman]

On May 27, 2019 11:50:38 AM UTC, Sam Hartman  wrote:
>> "Scott" == Scott Kitterman  writes:
>Scott> If we want to make not using dh except in certain situations
>Scott> a bug, it seems like something for a policy should kind of
>Scott> item.  We have an existing process for updating policy, so
>Scott> this should probably be kicked over there for further
>Scott> evaluation.
>
>So a discussion like this tends to serve as inputs to discussions in
>the
>rest of the project including policy.  However, I'd hope that delegates
>like the policy editors or the TC would be guided by project consensus.
>
>And If this consensus call stands, my next action as DPL will be to
>talk
>to various people who are impacted about next steps.
>
>The project is not well served by having each team rehash all the
>global
>discussions.
>Absolutely, whoever takes this on on the policy front (TC or policy
>editors) should figure out how to say this in policy.  Absolutely if
>they find factors we failed to consider globally they should come back
>to us.  If they read the discussion and believe I made the wrong
>consensus call for that discussion, they should come back and say so.
>
>But no I think we as a community right here get to decide what's a bug
>if we want to, and I think it's reasonable for us to hold our delegates
>accountable for implementing that decision or having a good reason to
>do
>otherwise.
>
>--Sam

That's fine.  I've no objection to the determination that there is rough 
consensus among the DD's that participate on debian-devel that packages should 
use dh.

My concern is that this is not sufficient to resolve the question of if a 
package buggy that does not do so.  I'd like it also to be clear that because 
lintian flags something like this isn't enough to make a package buggy.

I think the policy process is the next step to implement this aspect of the 
discussion.

Scott K

Re: Consensus Call: Do We Want to Require or Recommend DH; comments by 2019-06-16

[Scott Leggett]

On 2019-05-27.12:27, Jonas Meurer wrote:
> Unfortunately I don't have *links* either, but when introducing people
> into the world of Debian packaging recently, I always got the impression
> that they were heavily overwhelmed by the complexity of the Debian
> ecosystem.

As a recently promoted DM, this was definitely my experience. It's taken
me years to become somewhat competent at building packages.

> Depending on the software you packages, doing the initial packaging
> already requires a lot of knowledge about library handling, doc build
> systems, makefiles, the filesystem hierarchy standard, language-specific
> toolchains, etc.
> 
> To properly build the package you have to learn either sbuild or
> pbuilder. Which involves understanding and creating chroots/VMs/...

You also have to even know that sbuild and pbuilder are options, how
those relate to all the other tools like debuild, pdebuild,
dpkg-buildpackage etc..

> For proper version controlling, things like git-buildpackage (and/or
> dgit) and the "3.0 (quilt)" format need to be understood.

This is also not at all obvious for a newcomer.

> And for testing, you need to learn about piuparts, autopkgtest, as well
> as again chroots and/or containers for local testing.

For a long time I didn't use piuparts or autopkgtest due to barely being
aware that they existed. And don't forget the dozens of useful
devscripts like wrap-and-sort that it seems not all packagers know
about.

> That's a very high bar for entering the world of Debian packaging.
>
> My opinion is that more uniformity in packaging practices will bring a
> bit more simplicity as well. Therefore I applaud Sam's initiative to
> require DH whereever it's sensible.

Absolutely. This is an incremental change to simplify one corner of the
sprawling Debian packaging ecosystem. I hope it's just the first of
many recommendations for a "happy path" to Debian packaging nirvana.

> I think that Debian would gain a lot if the vast majority of packages
> were packaged using DH and development would happen in Git on Salsa
> using a common Git format. I agree that there should be exceptions.

Agreed.

-- 
Regards,
Scott Leggett.


signature.asc
Description: PGP signature

Re: Consensus Call: Do We Want to Require or Recommend DH; comments by 2019-06-16

[Jonas Meurer]

Hi Sam,

Sam Hartman:
>> "Jonas" == Jonas Meurer  writes:
> Jonas> My opinion is that more uniformity in packaging practices
> Jonas> will bring a bit more simplicity as well. Therefore I applaud
> Jonas> Sam's initiative to require DH whereever it's sensible.
> 
> Hi.
> I'm acting as a facilitator here not as a proponent.
> My job as DPL in this discussion is not to guide us to requiring dh.
> My job is to understand what we as a project want and then to ask the
> appropriate teams in our project to implement this.
> 
> It would be inappropriate for me as DPL to actually be trying to get us
> to require dh until we as a community decide (as I believe we've done)
> that in a lot of circumstances, that's what we want.

Sorry for not being clear here. I didn't mean that you're the one who
*decides* on this question, but that you're the one who took the
initiative to drive forward a project-wide consensus to require DH
whereever sensible.

Cheers
 jonas



signature.asc
Description: OpenPGP digital signature

Accepted cloudcompare 2.10.1-2 (source) into unstable

[Gürkan Myczko]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 27 May 2019 07:36:32 +0200
Source: cloudcompare
Architecture: source
Version: 2.10.1-2
Distribution: unstable
Urgency: medium
Maintainer: Gürkan Myczko 
Changed-By: Gürkan Myczko 
Closes: 928986
Changes:
 cloudcompare (2.10.1-2) unstable; urgency=medium
 .
   * Thanks Juhani Numminen for the patch to have
 RPATH absolute. (Closes: #928986)
Checksums-Sha1:
 1335ca71a938d52c6de496585855eae174178cc4 2080 cloudcompare_2.10.1-2.dsc
 febda3c3ace7474f3650375986af4680f4fc2371 7556 
cloudcompare_2.10.1-2.debian.tar.xz
 f5335150527a8cc7016b7c2ac984a958bcd8487e 6011 
cloudcompare_2.10.1-2_source.buildinfo
Checksums-Sha256:
 4c2ad7e3aa74d8bb74767688128c68c38adb6318f8929b95cd19b95489dda1f5 2080 
cloudcompare_2.10.1-2.dsc
 4b4ad42fa084e661be48503392d2410ad564189ff79ff4e966f6c6c9c27701fe 7556 
cloudcompare_2.10.1-2.debian.tar.xz
 363f1af01f4ca02bad1b2782a009dcef125213caf3d99ecff4fdda7c1c45f36e 6011 
cloudcompare_2.10.1-2_source.buildinfo
Files:
 4fec3b2f0d5dc2d4b3ea05ab0849d885 2080 graphics optional 
cloudcompare_2.10.1-2.dsc
 1e58d353bc0d40e76f81f1cc91b287be 7556 graphics optional 
cloudcompare_2.10.1-2.debian.tar.xz
 f08886a099555e318f3a1b0b7241bdca 6011 graphics optional 
cloudcompare_2.10.1-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEkjZVexcMh/iCHArDweDZLphvfH4FAlzr1UUACgkQweDZLphv
fH7EaA//RzPUkSPYlrdqNkOKt5VHjmpZRDwn8d9XGQAL6Suewhg8PbD39g6VyKri
e+Gac051dCw7TRF2tJDpTMW5cbgWUAllSQB0kZP+BpZtEGk/H0/CYkuk2WXXtmR4
1sGtO2lSQPeyi7ry3XKGXq/LptFy6FuRNUca7JmzJb5sjjNxy2BdfoWDwFpn3qSo
TdI1hlmG47H8PYYSXxOwoMoOwCpSjncmCJosZN3mrKnRJ18/6FO+tfUI/ZXSZ8Kh
VyoFZcugyBMebZEadjKNNTYL1fRxmRHykjbKfwGYDDY730SUsW7wGmV5XZ5Atvq7
fgS49xOlVe35n69cP4ElBICMphTjJZsQlicp9B1q9JwXyVONCRSgyrxnOxXz9lK8
mYKFaPBp9oYiOp5Wpv+OrqR84/jpTPU/KvR3CjTfCtoPyQcGXBRdRNwhfVIC4bJO
wNXl3d3dKx6RkZMZlVx0QZTWmrGwhyKm/XHAC0N152zHQeHxGEAsAZuOLsub5Gse
8XQs5/GXTbD50I71oofkRYxn3ZzP2d4F3IVX+jnIm1PhnRZG9vNK4m/O8ICXJbhC
eilANbpJUlfpIxObhEz31E1DAFvhO605FHet0JTdxUA1AoUTf6HRj5tGwyXQJWPL
ecoCIhxKz9OCMkfcHvctKRfWcsMH0CRis303obdyv9aEDvUxSBY=
=23wt
-END PGP SIGNATURE-

Accepted ltsp 5.18.12-2 (source) into unstable

[Vagrant Cascadian]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 27 May 2019 04:58:46 -0700
Source: ltsp
Architecture: source
Version: 5.18.12-2
Distribution: unstable
Urgency: medium
Maintainer: Debian LTSP Maintainers 
Changed-By: Vagrant Cascadian 
Closes: 924103 925173
Changes:
 ltsp (5.18.12-2) unstable; urgency=medium
 .
   [ Frans Spiesschaert ]
   * [INTL:nl] Dutch translation of debconf messages (Closes: #924103).
 .
   [ Vagrant Cascadian ]
   * Add patch to fix loop mounting and ensure mount is read-only. Thanks
 to Alkis Georgopoulos.
   * Add patch to fix codename detection (Closes: #925173). Thanks to
 Wolfgang Schweer.
Checksums-Sha1:
 bb9adb94d33572a05d936ec58b334308991fd2bf 1684 ltsp_5.18.12-2.dsc
 b6614d48bbd440b348b4df8953d47ff6b6d6f9e8 76920 ltsp_5.18.12-2.debian.tar.xz
 fa06e045efeff44265de31a1a2105237e6cbc0e2 6859 ltsp_5.18.12-2_amd64.buildinfo
Checksums-Sha256:
 2b09bada0ca2cd409d8a8628088907aa6645757d0370c916339061ce330b3b79 1684 
ltsp_5.18.12-2.dsc
 c6c2ead5d42f718a5e334536b3d23143b889b63c223b9f0f51c538b8983e8143 76920 
ltsp_5.18.12-2.debian.tar.xz
 14496e5e09c049c055b40ae738dd92cc0afccb95724beaa288c55e2b101b8725 6859 
ltsp_5.18.12-2_amd64.buildinfo
Files:
 2ef52c62263d01b6ced3ba7498a15b71 1684 misc optional ltsp_5.18.12-2.dsc
 5a90a99cf63b479ea89e5e5c40bdf54c 76920 misc optional 
ltsp_5.18.12-2.debian.tar.xz
 8938e475d0f4e2364b481b042e0bd0cd 6859 misc optional 
ltsp_5.18.12-2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iIkEARYKADEWIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCXOvSixMcdmFncmFudEBk
ZWJpYW4ub3JnAAoJENxRj8h/lxaqUr0A/RjcwK7dItB5DT86pnrepVdI79tT3UZv
KLSQCFScQXVjAP96xxovxfARGTjnGPbRhmFrUpD5aKrBPLL8kfzCX4ZwAA==
=cIfS
-END PGP SIGNATURE-

Bug#929620: ITP: python-django-storages -- storage backends in Django

[Michael Fladischer]

Package: wnpp
Severity: wishlist
Owner: Michael Fladischer 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: python-django-storages
  Version : 1.7.1
  Upstream Author : Josh Schneier 
* URL : https://github.com/jschneier/django-storages/
* License : BSD-3-Clause, Expat
  Programming Lang: Python
  Description : storage backends in Django


 django-storages is a collection of custom storage backends for Django. Each
 storage backend has its own unique settings you will need to add to your
 settings.py file. Read the documentation for your storage engine(s) of choice
 to determine what you need to add.

I intend to maintain this package as part of DPMT.

-BEGIN PGP SIGNATURE-

iQFFBAEBCgAvFiEEqVSlRXW87UkkCnJc/9PIi5l90WoFAlzr1xoRHGZsYWRpQGRl
Ymlhbi5vcmcACgkQ/9PIi5l90WpZwgf/bY/LnCwGA+ODJGMC/5plSLKd0DhllDkA
LOQi9GTVMD+SuUN+HIPprHsgzs0smbVhGyAfbMVEUIkqZB6Iz7RfSHPoPm5aPU3A
viJ5rooUa0xldeOVzGE5q8lXRRmoXDjt0qKhxZJG6NfnQiLfAo69swzYDpaU7A3/
EaMD3rnkkLibmRZBXCXOP00jtPW7sFwprJI6ihpLsSgIYDLGOHol1Hv3xkbL3lYG
pu7ox/+iOU4IDR+tpa4QInTr2DcsYW64xKYwTULiW2cbLIZDpEHGnxsBp41aZwAN
qThSrD7kQSYl4jXS9cFZCvY8xSaQumZVJPvQ0uYozasM1Mz8pC/nNA==
=VEj8
-END PGP SIGNATURE-

Re: Consensus Call: Do We Want to Require or Recommend DH; comments by 2019-06-16

[Sam Hartman]

> "Jonas" == Jonas Meurer  writes:


Jonas> My opinion is that more uniformity in packaging practices
Jonas> will bring a bit more simplicity as well. Therefore I applaud
Jonas> Sam's initiative to require DH whereever it's sensible.

Hi.
I'm acting as a facilitator here not as a proponent.
My job as DPL in this discussion is not to guide us to requiring dh.
My job is to understand what we as a project want and then to ask the
appropriate teams in our project to implement this.

It would be inappropriate for me as DPL to actually be trying to get us
to require dh until we as a community decide (as I believe we've done)
that in a lot of circumstances, that's what we want.


--Sam

Re: Difficult Packaging Practices

[Sam Hartman]

> "Ben" == Ben Finney  writes:

Ben> Sam Hartman  writes:
>> If you just want to get upstream's idea of their package onto a
>> system with their release schedule and their recommended
>> dependency versions, there are better ways than getting a package
>> into Debian.

Ben> In the Debian mentors forum (that is, the chat channel, the
Ben> mailing list, etc.) we make a point of saying: that's fine!

Ben> Not every package needs to be in Debian, for its users to
Ben> install that package.

I think I was trying to agree with you.


I'd actually recommend understanding people's pain points for other
approaches and making sure there aren't things we can do to make it
easier.

As an example, Ubuntu makes it easy to add side-loaded channels (ppas).
we don't.

The fast-paced repository discussion from earlier this year is another
example of where we could address a pain point.

Another pain point is people who would like to do the work of making
something stable but who need a fixed set of dependencies; the space
where containers might be a solution.
We as a distribution haven't done a lot there beyond including flatpak
and snap.

--Sam

Re: Consensus Call: Do We Want to Require or Recommend DH; comments by 2019-06-16

[Alex Mestiashvili]

On 5/27/19 6:29 AM, Andreas Tille wrote:
> On Sun, May 26, 2019 at 07:28:55PM +0200, Vincent Bernat wrote:
>>> We "uphold this reputation" by maintaining many packages, which is
>>> good.
>>
>> Do we? I am now using nix to get packages for stuff not in Debian. Our
>> package count is artificially inflated by *-perl packages, golang-*
>> packages which may not be present in some other distributions. But for
>> some ecosystems, we are severely behind. We may argue we are better on
>> some metrics, but this has nothing to do with the fact we have so many
>> ways to build a package.
> 
> Some Debian Med people are concerned about the droping usage of Debian
> Med packages since people prefer BioConda[1] over it.  There is even a
> scientific paper (I've only seen a printed version not online yet) who
> compares ways to package biology software.  We are way better than other
> distributions - but we are lagging begind BioConda a lot.  We have some
> upstreams who are doing Debian packaging by the help of the Debian Med
> team but that's just a minor fraction.  Lots of BioConda packages are
> maintained by Upstream since they consider it easy.
> 
> In short:  Our "reputation" is scaring people away to favour other
> techniques. 
> 
> Kind regards
> 
>Andreas.
> 
> [1] https://bioconda.github.io/
> 

Debian packaging is also pretty easy if one doesn't care about FHS,
Mutli-Arch, licensing, reproducibility, autopkgtests, hardening and so
on. I believe the list is quite long.

One of the killer features of conda is that conda software can be
managed without root. In some cases it is very important. And of course
that conda is available on osx and windows.

Best,
Alex

Re: Consensus Call: Do We Want to Require or Recommend DH; comments by 2019-06-16

[Sam Hartman]

> "Scott" == Scott Kitterman  writes:
Scott> If we want to make not using dh except in certain situations
Scott> a bug, it seems like something for a policy should kind of
Scott> item.  We have an existing process for updating policy, so
Scott> this should probably be kicked over there for further
Scott> evaluation.

So a discussion like this tends to serve as inputs to discussions in the
rest of the project including policy.  However, I'd hope that delegates
like the policy editors or the TC would be guided by project consensus.

And If this consensus call stands, my next action as DPL will be to talk
to various people who are impacted about next steps.

The project is not well served by having each team rehash all the global
discussions.
Absolutely, whoever takes this on on the policy front (TC or policy
editors) should figure out how to say this in policy.  Absolutely if
they find factors we failed to consider globally they should come back
to us.  If they read the discussion and believe I made the wrong
consensus call for that discussion, they should come back and say so.

But no I think we as a community right here get to decide what's a bug
if we want to, and I think it's reasonable for us to hold our delegates
accountable for implementing that decision or having a good reason to do
otherwise.

--Sam

Accepted fasttracker2 0.1+b156-1 (source) into experimental

[Gürkan Myczko]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 27 May 2019 12:21:42 +0200
Source: fasttracker2
Architecture: source
Version: 0.1+b156-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Multimedia Maintainers 

Changed-By: Gürkan Myczko 
Changes:
 fasttracker2 (0.1+b156-1) experimental; urgency=medium
 .
   * New upstream version.
Checksums-Sha1:
 a991736bb4738013ca221a1d5f5ba994970e2e39 2036 fasttracker2_0.1+b156-1.dsc
 de1f3f6964770a0e77498e1125814c348df41662 478305 
fasttracker2_0.1+b156.orig.tar.gz
 18f8200223d0702a6fedcd9281aa1ed5f966e19c 10376 
fasttracker2_0.1+b156-1.debian.tar.xz
 14d88bb1546213ca4d66249d168d31985654cb14 5041 
fasttracker2_0.1+b156-1_source.buildinfo
Checksums-Sha256:
 fef27ee476d395f1b312666a193b0ea41f4e480063c0af786f021f54812a2345 2036 
fasttracker2_0.1+b156-1.dsc
 32ffcbd95ac333d2c7402c581ea0ef43ca6946b4889ac3ddcbc9e0fda11eaad0 478305 
fasttracker2_0.1+b156.orig.tar.gz
 31dba9173635da11521d92b74cdb86927710f2c78c46aeb6fa2ee514c78f9eba 10376 
fasttracker2_0.1+b156-1.debian.tar.xz
 c1848ed07ee80dcc7efc9d4f49ac0a6d78ed24c07ccac7129fa8f7c769a648e7 5041 
fasttracker2_0.1+b156-1_source.buildinfo
Files:
 fac7c23f6d9a40e0870f12c063359ac3 2036 non-free/sound optional 
fasttracker2_0.1+b156-1.dsc
 e7357809ec6b333a26ff2f4888bff1ca 478305 non-free/sound optional 
fasttracker2_0.1+b156.orig.tar.gz
 054d8c643dff3fa248d0b1295d20478e 10376 non-free/sound optional 
fasttracker2_0.1+b156-1.debian.tar.xz
 8529e8734ff445199ec7e72cabf02a26 5041 non-free/sound optional 
fasttracker2_0.1+b156-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEkjZVexcMh/iCHArDweDZLphvfH4FAlzryPoACgkQweDZLphv
fH5yFhAAgNWhjfCdb4GiFw+p3jUfG8gEbE3POj0vBUh8B1qrzL3AR0hp84lwZgjd
G8jDApLDqmKOzPJoFsejgiocVYJA6FC8oo4d+0zuKvszK/eja51UlFNS6naZVxhs
+Y0rAlrlPVdnCfjcRce+o7JVA+Yvdm5p7jV83Ib4eSrM4sVPOOp42bB6vB7zFpOZ
lyRn3ovN08u2O1nakSIqrCwFPO64/r802Myjeyi1rBwE6dHOTlqmQnjxURazVjz0
SJr4J6y85WAKwYMxtEmzraE1Ije+jsT2Vpyjlwnt7op2c6Kjv4tKmWgDvgQaI9U6
vtGREij9koHM+WkU1WU1db14giiztmgl+Pe4C7wZQIW1wqgqJNW7ESx1EB+6vTfm
vnPElUjAyDYhYj/tHXNFmcylmGDTn/c9N2ortAJYt3KBTFmxDzDp449pPHqOSClA
cesftOPQnoFmMaPsV8PEXxscgrSoom29FnJbBlAxjnV36oZS9RxPbKvR0UGLSQ0j
o12MveYLP8mEwEu+0heOb0RGGAxBX2IMMm0zG1WAwc4ReY1O55RizuTl46JuTGMP
r3bTpGu1q/R3RPiNo60elhXkNeQWZOreqIvUMuSVKrYqL+xBnwZGbeKMTOaeNuWR
xSjwakxf68qiqH1TvylQpLwEUAhPxyAJuztD8kdcRIy1Dj9juUI=
=Huau
-END PGP SIGNATURE-

Re: Difficult Packaging Practices

[Sam Hartman]

> "Russ" == Russ Allbery  writes:

Russ> This is my experience as well.  I've occasionally tried to get
Russ> people at work (at various jobs) interested in packaging
Russ> software for Debian, without all that much success.  The
Russ> problem seems less any one specific thing and more that
Russ> they're perfectly content with a Debian package created by
Russ> running fpm on some install tree, and don't see the point in
Russ> doing any more work than that.  This is usually in the context
Russ> where there's some other config management system in use, so
Russ> to them all the packaging format is good for is as a container
Russ> of files with a version number attached.

I've actually had somewhat better experience getting Debian packages
built at work.
At least in environments where we had a fairly pure Debian ecosystem (or
say Debian+windows) I've been able to get people to build packages using
.dscs.  And if I set up the gitlab CI integration, that works fairly
well.

At my current job we even have interest in making some of the stuff
comply with policy and actually make its way back into Debian.
And I think we're possibly getting close to activation energy to do some
of that.

But the challenge is that the quality bar you need for a local
environment is much lower than for inclusion in a global OS.

I think the only reason I've had different experience than Russ is two
factors.  First, I didn't show people fpm (and they weren't aware).
Second, I think the environments I'm talking about are a lot smaller
than Russ where some of the social concerns really do matter.

At the first Cloud sprint we saw something similar.  The folks from
Google wanted to talk to us about getting some of their cloud APIs into
Debian.
But they wanted an approach that allowed them to build for all
distributions.  They wanted us to accept fpm input as source.
They didn't actually want to do the work that is Debian specific in
packaging.
I ended up saying that unfortunately, unless someone wanted to commit to
doing that work, it wasn't a package we as a community want to accept.
I tried to be more polite than that and to explain why those were our
norms.

To be clear, I'm sure there are a lot of ways our processes and
documentation can be improved.
However there are some reasons why what we're asking people to do is
hard.  And I don't think we want to give up on those.

Accepted sssd 2.1.0-1 (source) into experimental

[Timo Aaltonen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 27 May 2019 13:55:38 +0300
Source: sssd
Architecture: source
Version: 2.1.0-1
Distribution: experimental
Urgency: medium
Maintainer: Debian SSSD Team 
Changed-By: Timo Aaltonen 
Changes:
 sssd (2.1.0-1) experimental; urgency=medium
 .
   * New upstream release.
   * sssd-tools.install: Local domain support is deprecated and not
 built by default anymore, so drop the files.
   * control, sssd-common.install: Secrets responder is dropped, deprecated.
   * control: Add ldap-utils to build-depends, tests need it.
   * sssd-common.install: Add new internal libs for iface/sbus.
   * fix-whitespace-test.diff: Fix ignoring the debian dir.
   * rules: Update the clean target.
Checksums-Sha1:
 373f461802d51419418ac930cf4922a5d0f01b27 5154 sssd_2.1.0-1.dsc
 561a6830f63af0f231e525bfc6e1d9b0146bc759 6463331 sssd_2.1.0.orig.tar.gz
 54904b74eb2e458da12a74540942e0cfc2e80ed9 163 sssd_2.1.0.orig.tar.gz.asc
 3cb070abaa5adbc06f390a355226486c175fb4e4 113727 sssd_2.1.0-1.diff.gz
 575f0b3d927c3f0bbb811e15128c6fd50f829e23 9932 sssd_2.1.0-1_source.buildinfo
Checksums-Sha256:
 b3a0b39621756b83b8e336dc893a12464aece4a7adbc0d2954f692b41bd4cac8 5154 
sssd_2.1.0-1.dsc
 10f04bd8a1ae7e888e2bcc13edc1a64ef19b4990866c09c65c667d0c72b66743 6463331 
sssd_2.1.0.orig.tar.gz
 e048e5b01e65bd523365c72a7f93e409aa4758092953284db62e6d4e9c7260a1 163 
sssd_2.1.0.orig.tar.gz.asc
 71420797581c676459df4c8be089a7ba8b37c202fa07f0d0454a49a9b2431230 113727 
sssd_2.1.0-1.diff.gz
 522e80253dc1607a7914240fe95e2b9dfb659b9a6105abc34980802b016ae049 9932 
sssd_2.1.0-1_source.buildinfo
Files:
 fc4a90073cc011208e0dd302b5de9f23 5154 utils optional sssd_2.1.0-1.dsc
 52f806f5e25da0650b89622c8ac0dd95 6463331 utils optional sssd_2.1.0.orig.tar.gz
 9a750a0327eff85d935445d30eaa7730 163 utils optional sssd_2.1.0.orig.tar.gz.asc
 e6b1195ee6edba588e70f74de718917a 113727 utils optional sssd_2.1.0-1.diff.gz
 4d87fa4e66fd428da133c2512f45f126 9932 utils optional 
sssd_2.1.0-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEdS3ifE3rFwGbS2Yjy3AxZaiJhNwFAlzrwjcACgkQy3AxZaiJ
hNxK8w//YFWXtXrzqx+4lG0PSZI2NnJVwUIN14dBTR0chiyt9RdHpgvjOtzBNePE
p/n/Qw9O6ruOO+zFJE1PxxIf+xGS8BsAQOgmcE3ppN68IRbxY9HhuSRVxhBT4/SW
Oeg5xr6vDQCLOYBOi3EmiCUCzYp3ghBcGdFj9QHdvrDpfaZrHO5exMSmKy5Giiy2
zq5581Y0c4e8jUXKQqOiLBzhL0RMte6lQkL+4dvBC7F+3ET89IHXOyfeRyY+kOwQ
x3ZfmCEDgvTgsU0T223RsPA8tMk21Kyvtef1G3HxnkQjTVqyktqghUVjEnvevPWF
ZRIpbr8k/0k63IVfQeb2rWDBEb0tTP2Qd/mq+q1MnHFdAdT1eFgMO5azo/aJPc77
dvusRbAhMdLn3dvImfa38RXAAvb1eVLqFRWwxVf8H7jZBWuuznEgDVtipbLV8150
SaNqI8TFjgBscxfEKlKBRRJUQ00yFgg4yDyFlMh23zqi6dfhJdy2w4LKXRr/q7Pg
FLfF5eF11Dr0yqIIg8lExRWfqMctPz74XM9AHUCL5/4sogzfCesK///uRe8zeXb/
1BKnALa3iaaLgCpgYLcDIAwJz0RGh6qsKveBgFiIozq/LcCEkvgnePbjSnGqAAgN
YdKG6aULfh+yGms8RGpp2tqfjIaAQfWcCMnu1gvRuiEm7OtUTQk=
=KhaF
-END PGP SIGNATURE-

Re: Consensus Call: Do We Want to Require or Recommend DH; comments by 2019-06-16

[Jonas Meurer]

Adrian Bunk:
> On Sun, May 26, 2019 at 11:34:39AM +0200, Vincent Bernat wrote:
>> ...
>> We have a reputation of having difficult
>> packaging practices. We uphold this reputation as long as we have so
>> many ways to do the same thing.
> 
>   [citation needed]
> 
> I do honestly not know what statements/comparisons from people outside
> Debian are the basis for this claim, and whether making dh more mandatory
> is even related to them.
> 
> [...]
> 
> Often the most difficult part of packaging are the unique rules the 
> Debian ftp team requires for debian/copyright that are not required in 
> distributions with actual lawyers. That's a completely separate topic.
> 
> It is perfectly possible that there is something else I am not aware
> of, and you are assuming everyone in this discussion is.
> 
> It would therefore be really useful if you could send some links to 
> statements from people outside Debian *why* they consider Debian to
> have difficult packaging practices.

Unfortunately I don't have *links* either, but when introducing people
into the world of Debian packaging recently, I always got the impression
that they were heavily overwhelmed by the complexity of the Debian
ecosystem.

Depending on the software you packages, doing the initial packaging
already requires a lot of knowledge about library handling, doc build
systems, makefiles, the filesystem hierarchy standard, language-specific
toolchains, etc.

To properly build the package you have to learn either sbuild or
pbuilder. Which involves understanding and creating chroots/VMs/...

For proper version controlling, things like git-buildpackage (and/or
dgit) and the "3.0 (quilt)" format need to be understood.

And for testing, you need to learn about piuparts, autopkgtest, as well
as again chroots and/or containers for local testing.

That's a very high bar for entering the world of Debian packaging.

My opinion is that more uniformity in packaging practices will bring a
bit more simplicity as well. Therefore I applaud Sam's initiative to
require DH whereever it's sensible.

I think that Debian would gain a lot if the vast majority of packages
were packaged using DH and development would happen in Git on Salsa
using a common Git format. I agree that there should be exceptions.

Cheers
 jonas



signature.asc
Description: OpenPGP digital signature

Accepted spectre-meltdown-checker 0.42-1 (source) into unstable

[Sylvestre Ledru]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 27 May 2019 11:52:53 +0200
Source: spectre-meltdown-checker
Architecture: source
Version: 0.42-1
Distribution: unstable
Urgency: medium
Maintainer: Sylvestre Ledru 
Changed-By: Sylvestre Ledru 
Changes:
 spectre-meltdown-checker (0.42-1) unstable; urgency=medium
 .
   * New upstream release
Checksums-Sha1:
 6cfaa352388b10069dd0730d11c1bd4a67f44724 2066 
spectre-meltdown-checker_0.42-1.dsc
 6a676d3639fdbedee4071e1e1009c48614101cfb 57491 
spectre-meltdown-checker_0.42.orig.tar.gz
 688e5f5cf3e199ed0679aa86a30383f3bdcc613f 2232 
spectre-meltdown-checker_0.42-1.debian.tar.xz
 dea25ca51ff174d4622a3d013e070bbfe8848a18 5449 
spectre-meltdown-checker_0.42-1_amd64.buildinfo
Checksums-Sha256:
 209d5cf8bdb20f1feb17f475d5aed3289219a529ddb99da1f87d55174670c834 2066 
spectre-meltdown-checker_0.42-1.dsc
 79b4137e4988753deae63a5c0c63ab521cafe09ba1547d3a6368cf7ba07272b7 57491 
spectre-meltdown-checker_0.42.orig.tar.gz
 c57e71bf421e2a4e110104d8332b5da87d7f21dfadda4f09e07f838956dc7e78 2232 
spectre-meltdown-checker_0.42-1.debian.tar.xz
 6e7d479914615e9a51fe650acf72911762f7f56e279a4391ede8f41057f18a16 5449 
spectre-meltdown-checker_0.42-1_amd64.buildinfo
Files:
 0392ea66ba2d5992b17f5087a63ff764 2066 kernel optional 
spectre-meltdown-checker_0.42-1.dsc
 c8aca684284d604adb67cb6d9d07ce70 57491 kernel optional 
spectre-meltdown-checker_0.42.orig.tar.gz
 aefd21be05c479ff20d4f4c7eadd35de 2232 kernel optional 
spectre-meltdown-checker_0.42-1.debian.tar.xz
 4c54c49c7ef16062be76a0249b6f0025 5449 kernel optional 
spectre-meltdown-checker_0.42-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEtg21mU05vsTRqVzPfmUo2nUvG+EFAlzrtEMACgkQfmUo2nUv
G+GMiQ//Tnew6Hwsq/q0PG7noNGpBVmb8tw3ji+WX43xqFWqnNn1Wyic4ZTsDRvj
acoXrDNergDhdUm+KiPS89nOr5GLnIJRIOZ8C8dcQDY7Eco1pNEuuYm44j1FzE5T
rQRrDUcyFcpG+mu1Qq8GoDou+8YQcsk4xpZJqCyCs7sysvasXZxY3h3TkWO43lnL
lyQAs7xFXHAXlMXHcSymogkyWJQGSMytPPIXlZLZWeffuIUkFlTqmYv/6wwZSPsW
aM2L34DPcK7CMQo7YNv3DLA8YDYN8EjAtRYGYnMpWmqs6QcedXakUiCHXYWHglI7
TUgau1s6zq7PM6+ruVGkPW+ODCwnINz7+HRPC8PdIxrpTWonkp2FBkqwbC1LDi3K
Cd8Kfqdk4akj46WlJltxJUEgtLNakYxhWPEFTfvWaBjphF2iJ6ZizBt+kyVDQIZf
8o5MLT1+w2e6/e0KJX1TyPDtq6Jf7XcSjf1W3lUZdUY8/m+j3Twf46kr/D9k/v6b
V2rRIw5CLQtaSLs6lvhWFr6UYthVgCETkdc1+MfB4NE9ROCJYyzlItGV7SwEpsFd
M7i/mIf58Cmw9q5CuPVcZ0ilHpAKukGVAuNhg+82ModrckXxi5ZAp60TLVmgeXpp
ZQIl2/CfIlEAvfaCSF/D3B6mFLViPtmN4aJU0CGi771vnSahqrU=
=G+CG
-END PGP SIGNATURE-

Accepted python-fabio 0.9.0+dfsg-1~exp1 (source) into experimental

[Picca Frédéric-Emmanuel]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 27 May 2019 09:52:57 +0200
Source: python-fabio
Architecture: source
Version: 0.9.0+dfsg-1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Picca Frédéric-Emmanuel 
Changes:
 python-fabio (0.9.0+dfsg-1~exp1) experimental; urgency=medium
 .
   * New upstream version 0.9.0+dfsg
Checksums-Sha1:
 6fa566f3ee445e11424b3e1ff38c07b2f6f62abb 3426 
python-fabio_0.9.0+dfsg-1~exp1.dsc
 ad4ca49025be2be592e1487a83fa522c0b4e2828 702020 
python-fabio_0.9.0+dfsg.orig.tar.xz
 4a1489360d43757dfd7f7d995301062ddad1e6ca 8572 
python-fabio_0.9.0+dfsg-1~exp1.debian.tar.xz
Checksums-Sha256:
 31d59a86d3e46b5f5cb356bf1308dda64d514b2c258501b32862c596e1103253 3426 
python-fabio_0.9.0+dfsg-1~exp1.dsc
 2b6db54002daa84d4cb692b66dc10ea8ab896c0c8f660715a7ad46945890c614 702020 
python-fabio_0.9.0+dfsg.orig.tar.xz
 255e280af846f369f6c5b5cd85f0d4e3990c1dcf9ef2918e1047ed56684aa2b1 8572 
python-fabio_0.9.0+dfsg-1~exp1.debian.tar.xz
Files:
 b5b642519ad9bd6e208d9b352984f4fc 3426 science optional 
python-fabio_0.9.0+dfsg-1~exp1.dsc
 34e8df081d830d6f9f02415d7f6a8ba1 702020 science optional 
python-fabio_0.9.0+dfsg.orig.tar.xz
 e3ce167bd12199124fa80fd786179e71 8572 science optional 
python-fabio_0.9.0+dfsg-1~exp1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJFBAEBCgAvFiEE6S5+bp6dprGqMTncVjKQb0aW4BUFAlzrqiwRHHBpY2NhQGRl
Ymlhbi5vcmcACgkQVjKQb0aW4BUTqg//RrM+Uq40p6aLYF1Nu0ANaECeBeb6XCY7
5HHj7TY18BXiedDUdOpYFFU/6haV0sRHGzWxZKp9xsZbdlkL8SfIDXuuL5THa7sx
SOtecX+MhPEiqpAG280xZq38yC4VD+pD3hflvmycmQzzb1OVaWDZ9CAkn6zkiZPn
WFja0PyHzQSUCCMSplorqC50njXpOzZSTT/fK3EXWKwtQFN5CdgYP7DXjv8qbUZd
9FdfL+nc+lPTmPmCh2kKLG4QAr91Dn1CF84TVg6IBllWO7oB6HYSj7Tm6LXeNPZI
Goc9DWHrZ5Zbq11RAvRqe7Qrv5qVkE8H2ffBDgmIKZjPxH1XsGUUNyefYGRdi0tw
GYokwHxSI/wt71T2GaFfTCKSrzZnuH8B1BDpqEaxJX0yeISE6fOLlbbqyLsDcsPA
3EBW8QNoyLfimA+dMtHFLUjwg4BOoNCPWKaRJCuqsI85sQgBdbapBuixskUBepla
Lhb6lq2q9galFa+wDiiYbtvfFwqjVngqiqBZy7UL7fbR9HlA2eWfyFW6GxgZhWtp
bZnknofU+J16u0UOcO8a8Gskv3FF4Iup8jdKUAbY7yO3ZcpC+DZtKXJTouvzQD9A
WfqEOkUughgSfPchix8tWWSy1YZR53qMnZ6tSQCru84sEFAWCsOOJQ57X0TMBd1F
puLBMXNSWt0=
=V46F
-END PGP SIGNATURE-

Accepted pdb2pqr 2.1.1+dfsg-5 (source amd64 all) into unstable

[Andrius Merkys]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 27 May 2019 01:52:46 -0400
Source: pdb2pqr
Binary: pdb2pqr pdb2pqr-dbgsym pdb2pqr-doc
Architecture: source amd64 all
Version: 2.1.1+dfsg-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team 

Changed-By: Andrius Merkys 
Description:
 pdb2pqr- Preparation of protein structures for electrostatics calculations
 pdb2pqr-doc - example files accompanying pdb2pqr
Closes: 903759
Changes:
 pdb2pqr (2.1.1+dfsg-5) unstable; urgency=medium
 .
   * Team upload.
 .
   [ Andreas Tille ]
   * Build-Depends: dh-python
 .
   [ Andrius Merkys ]
   * Fixing autopkgtest 'installation-test' by substituting non-existent PDB
 file with an existing one. Removing autopkgtest 'ligands-test' as it
 depended on files that are not shipped by the upstream anymore.
 (Closes: #903759)
Checksums-Sha1:
 b4a154f64c7ecf187feb0329d03385239fcb9d5e 2277 pdb2pqr_2.1.1+dfsg-5.dsc
 a4ae85ad0c0a45cb1d60b03c74aac998908b7441 13480 
pdb2pqr_2.1.1+dfsg-5.debian.tar.xz
 09bfc05dcd29f0b0cf2f052af1c370e0bfd0c758 313320 
pdb2pqr-dbgsym_2.1.1+dfsg-5_amd64.deb
 82858841b8f335c56eadfd79d70c26105ca90a81 475716 
pdb2pqr-doc_2.1.1+dfsg-5_all.deb
 d5f9c8784e26e47afb0b9f7c6f48ae21f68bb0b7 8155 
pdb2pqr_2.1.1+dfsg-5_amd64.buildinfo
 ce61379fc36420bb800d7bfdfb6b97d75939d4f9 385344 pdb2pqr_2.1.1+dfsg-5_amd64.deb
Checksums-Sha256:
 a8fe78ad0c2c4ec40ab906e158b8ef61c5a393198f45146c7a51ea5d3d112cb9 2277 
pdb2pqr_2.1.1+dfsg-5.dsc
 adfbca35964183db2ff81b4dbe075a6765a52584a0870e7824fe7aea85926299 13480 
pdb2pqr_2.1.1+dfsg-5.debian.tar.xz
 0cd99bef6013e9ddfbbdcff01438dac4592f382015baf66e4b9f36ddcab9af47 313320 
pdb2pqr-dbgsym_2.1.1+dfsg-5_amd64.deb
 88abc3091fc4bfc42d1cf07faeaa4e42c771f8ca8402ac29d175673f7f604907 475716 
pdb2pqr-doc_2.1.1+dfsg-5_all.deb
 de653ad0908cbdd0356b79ed627aff1ca946ce841b2cd2b01bf02f8708fec9d7 8155 
pdb2pqr_2.1.1+dfsg-5_amd64.buildinfo
 f4faae366a2094f283de148f056cdd3659ba4b914a27b2da0d94be5e1a584df8 385344 
pdb2pqr_2.1.1+dfsg-5_amd64.deb
Files:
 b9dca1333f674f8acfde813de34a34e8 2277 science optional pdb2pqr_2.1.1+dfsg-5.dsc
 5a3b2543d1a91c5e616b032da29ea658 13480 science optional 
pdb2pqr_2.1.1+dfsg-5.debian.tar.xz
 d5b218219d8b51cbbb73c592e56e0e7b 313320 debug optional 
pdb2pqr-dbgsym_2.1.1+dfsg-5_amd64.deb
 45e9d444a0c3a93b12cad5f93347529c 475716 doc optional 
pdb2pqr-doc_2.1.1+dfsg-5_all.deb
 eed29d7f90a448e3d59abc901ad896b5 8155 science optional 
pdb2pqr_2.1.1+dfsg-5_amd64.buildinfo
 32e76349f909ea1b805cf4e59e0c4187 385344 science optional 
pdb2pqr_2.1.1+dfsg-5_amd64.deb

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEdyKS9veshfrgQdQe5fQ/nCc08ocFAlzrhxoSHG1lcmt5c0Bk
ZWJpYW4ub3JnAAoJEOX0P5wnNPKHxxAQAIF9D0B01zXAvWI/fF6NsVu0wjCGnPvm
brwct+3RjTKt+ZHIxUKBxyNpHLKayAQVHywhiU+ENMdd/jtOa/gIsJgs6Pw9O2UG
aV4TC/FXGg5jyWfyeqdD0o4isWWQoleYkvJetOuM5hCIjlYCgzTsixxwPCj4RuIC
2GAzIpZRpkwyxDftkqdNDUvbEzn+nvTr+2r8kmdoG8ErRGGrLvLmhLCH/e9iAkYr
2CEU1n/bmIRES3nEo4Z0LAb6VHLKINMqMao0A6dIvjA0aK5TOMb6ecz7S7/pMXSS
ZJxfyoy9jzK4W41cZJ9tiYxFyrXbMQ8Q2JGhmQiIzo/tE4MAFNL8OFzQL5rEiQLG
ybhVPUNMHSxl1J0782+7ELWmQpoW7UA7cvbCQWjriFuwBgh3bfzbnT+9ubWoi7GW
8MkYEIYO3A+unHXkesURGh/++RrtYIlhe/94L3xgE6EPas8YRHV8EpV1HrfhcerR
NYcv835ZWU3lvDpmJR5Fz229JbE5dyX92zlpCq5ueENG+waso7eAlXaPEY57mIsb
SUBvZosha/9MWplj2M/QF2keYxd2xaYGInKP0S4DWEX6ngXSIjlnpY3X5rEzG1hJ
vGi9bfuDox1h9TeDesHwjfmcBLBHPzyzjATK7m4bF7Zw2To61Wm5GkVNci+2ycOb
OQqX8N0f4sHJ
=x7T7
-END PGP SIGNATURE-

Accepted heimdal 7.5.0+dfsg-3 (source) into unstable

[Brian May]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 21 May 2019 18:04:35 +1000
Source: heimdal
Architecture: source
Version: 7.5.0+dfsg-3
Distribution: unstable
Urgency: high
Maintainer: Brian May 
Changed-By: Brian May 
Closes: 923930 928966 929064
Changes:
 heimdal (7.5.0+dfsg-3) unstable; urgency=high
 .
   * CVE-2018-16860: Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum.
 Closes: #928966.
   * CVE-2019-12098: Always confirm PA-PKINIT-KX for anon PKINIT.
 Closes: #929064.
   * Update test certificates to pre 2038 expiry. Closes: #923930.
Checksums-Sha1:
 a7dfb3243e2cf59d0334967a3db53c94b4bea41e 3579 heimdal_7.5.0+dfsg-3.dsc
 1ba39f71a5627a23afbc8b987362831bed764f7d 8955005 heimdal_7.5.0+dfsg.orig.tar.gz
 b3bd61ebd0bddce418bbf8330a2fd30690820244 461448 
heimdal_7.5.0+dfsg-3.debian.tar.xz
 7d7b658952dc64e9aebb09aa58c581a692473528 7458 
heimdal_7.5.0+dfsg-3_source.buildinfo
Checksums-Sha256:
 f1ecfa0cbd70cb43c5ab59eb6661d4364212df69d76824a9f27861bbfa6e750c 3579 
heimdal_7.5.0+dfsg-3.dsc
 489119b7a1a900b88163765654dc59cba9a321b078fafc76629e2b85ef140867 8955005 
heimdal_7.5.0+dfsg.orig.tar.gz
 35f14816be232a043326eea977ebb1edff5a8f9223919ee18a88148565ab3e5c 461448 
heimdal_7.5.0+dfsg-3.debian.tar.xz
 3b13ca5b0389856531546f5d66d97bbf8e7b174829c14c6fd5f5031e52677430 7458 
heimdal_7.5.0+dfsg-3_source.buildinfo
Files:
 2e2a528050fddb368c8b1fc04dbeb8ed 3579 net optional heimdal_7.5.0+dfsg-3.dsc
 b45b9d03cdd4f3288e79feba99e13a51 8955005 net optional 
heimdal_7.5.0+dfsg.orig.tar.gz
 04177cfa68af6bffa74dcf3299d4bcab 461448 net optional 
heimdal_7.5.0+dfsg-3.debian.tar.xz
 4c721ac8bc3107252e3d2879104e8dac 7458 net optional 
heimdal_7.5.0+dfsg-3_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEKpwfR8DOwu5vyB4TKpJZkldkSvoFAlzriloACgkQKpJZkldk
SvrbUw//SDm061NBlyH6zENfV7e7P7H5CXSj++38wH0aN1NFl4QWFXhVMaCETeMd
B9sRUoa5QQb5zwi7R9BXXT16JDt9X1g8la1G7hhKXVrpuSdG/MdYjjxPL4r2gaLh
iQP43zCjK2g279jV7nBnuA2TIv5FGVlWQnWCrJ/SJ3uqsTCeCnDIbWmWI1buO2wb
MZPBlvGKono4SMVSfwJNUMc1TEEh2X5e0VPNCUnFcwJg/j9BB+YUcVKty3rcJulp
qSSlmkAQLlIXQPxxmZ6SZtx692EiflZzLexFGklJV9cx28cnV/tYY5xdi9N+r9u3
MQnWkl29zjuzlJ6eWiBzzrdiomWGstFskCwHpkPnz/R1M3Jo71fQXnSTR/fuvlB4
4jnCBFbTfnknKUL/LQNwFAHlxu4b9DqMUpnvkNaq9T/0kbkcgjzZcdK/lxXVG5zg
Danx6JUUo5tOIWQyNwLQKOKhV1oUd4Iuebtqw+QOjRUqsFBtdBPpHchdRI9FI9eo
j+HRPeUfuMERTfD6yMhKagjh2bmjCRyly2PdFOrVM9wWFm+T7RgbOTmbH9Yb9U7q
zpEKEfiAZwZBIdQ+3fh//lYEj5xg72PI+8wERd3j+P9daQ10jkY13lUaeS3HLdpq
W3QFiTYVuUszttEBby5uYl3Q2y4TZPnCxf4SCrlV8Z4ozYDgN+0=
=Ahvh
-END PGP SIGNATURE-

Re: Difficult Packaging Practices

[Vincent Bernat]

 ❦ 27 mai 2019 16:15 +10, Ben Finney :

>> If you just want to get upstream's idea of their package onto a system
>> with their release schedule and their recommended dependency versions,
>> there are better ways than getting a package into Debian.
>
> In the Debian mentors forum (that is, the chat channel, the mailing
> list, etc.) we make a point of saying: that's fine!
>
> Not every package needs to be in Debian, for its users to install that
> package. Someone who wants what you describe above can learn how to make
> a Debian package that will only be side-loaded from that community's own
> repository, or whatever.

People using tools like fpm will never get familiar with our tools and
will never be contributors.
-- 
The man who sets out to carry a cat by its tail learns something that
will always be useful and which never will grow dim or doubtful.
-- Mark Twain


signature.asc
Description: PGP signature

Re: Consensus Call: Do We Want to Require or Recommend DH; comments by 2019-06-16

[Jonas Smedegaard]

Quoting Andreas Tille (2019-05-27 06:29:05)
> On Sun, May 26, 2019 at 07:28:55PM +0200, Vincent Bernat wrote:
> > > We "uphold this reputation" by maintaining many packages, which is 
> > > good.
> > 
> > Do we? I am now using nix to get packages for stuff not in Debian. 
> > Our package count is artificially inflated by *-perl packages, 
> > golang-* packages which may not be present in some other 
> > distributions. But for some ecosystems, we are severely behind. We 
> > may argue we are better on some metrics, but this has nothing to do 
> > with the fact we have so many ways to build a package.
> 
> Some Debian Med people are concerned about the droping usage of Debian 
> Med packages since people prefer BioConda[1] over it.  There is even a 
> scientific paper (I've only seen a printed version not online yet) who 
> compares ways to package biology software.  We are way better than 
> other distributions - but we are lagging begind BioConda a lot.  We 
> have some upstreams who are doing Debian packaging by the help of the 
> Debian Med team but that's just a minor fraction.  Lots of BioConda 
> packages are maintained by Upstream since they consider it easy.
> 
> In short: Our "reputation" is scaring people away to favour other 
> techniques.

We agree that some get scared away from Debian.  Question is why.

Like rpm, Debian arguably has a single unified _core_ structure: 
debian/rules must be a make file.  hat Sam, me, and Vincent disagree on 
in this subthread is is lack of a unified _framework_ like short-form dh 
sequencer being mandatory is what scares people off.

Does that paper you talk about point to _causes_ Debian packaging being 
more scary? Is it a) complexities related to hardening, cross-building, 
bootstrapping etc. or b) lack of a single¹ unified build framework, or 
c) that Debian is "different" in package naming and code availability 
than other system package managers or or misc. language-specific package 
managers, or d) something else than what you snipped from the beginning 
of this subthread?


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private


signature.asc
Description: signature

Twoi Fani z FanPage czekają na nowy post. Sprawdź.

[Specjalista ds . Facebook’a | Olaf Dyk .]

Dzień dobry,



skuteczne administrowanie*_ FanPage na Facebook’u _*to nasza specjalność.



W związku z tym, pragniemy zaproponować Państwu przesłanie więcej informacji w 
tym zakresie aby zwiększyć zysk Państwa firmy oraz ilość fanów.



Przesłanie odpowiedzi o treści *TAK*, umożliwi nam kontakt z Państwem.



Ponieważ sami prowadzimy biznes, jesteśmy świadomi, że podstawą każdej firmy są 
klienci.



Zadbamy o przypływ nowych klientów dla Państwa firmy .



 
Pozdrawiam Serdecznie
Specjalista ds.Facebook’a | Olaf Dyk.

Re: Difficult Packaging Practices

[Ben Finney]

Sam Hartman  writes:

> If you just want to get upstream's idea of their package onto a system
> with their release schedule and their recommended dependency versions,
> there are better ways than getting a package into Debian.

In the Debian mentors forum (that is, the chat channel, the mailing
list, etc.) we make a point of saying: that's fine!

Not every package needs to be in Debian, for its users to install that
package. Someone who wants what you describe above can learn how to make
a Debian package that will only be side-loaded from that community's own
repository, or whatever.

Perhaps that needs to be stated louder or more consistently?

-- 
 \   “Truth is stranger than fiction, but it is because fiction is |
  `\ obliged to stick to possibilities, truth isn't.” —Mark Twain, |
_o__)  _Following the Equator_ |
Ben Finney