Re: Accepted linux 3.16.64-1 (all source) into oldstable
On Wed, 2019-03-27 at 20:19 +0100, Pascal Hambourg wrote: > Hello, > > Le 27/03/2019 à 08:32, Ben Hutchings wrote : > > Binary: linux-doc-3.16 linux-manual-3.16 linux-source-3.16 > > linux-support-3.16.0-8 > > Since this is an ABI change, is linux-latest going to be updated too so > that it pulls the latest binary kernels ? Yes, sorry for the delay. Ben. -- Ben Hutchings The first rule of tautology club is the first rule of tautology club. signature.asc Description: This is a digitally signed message part
Re: Accepted linux 3.16.64-1 (all source) into oldstable
Hello, Le 27/03/2019 à 08:32, Ben Hutchings wrote : Binary: linux-doc-3.16 linux-manual-3.16 linux-source-3.16 linux-support-3.16.0-8 Since this is an ABI change, is linux-latest going to be updated too so that it pulls the latest binary kernels ?
Re: jessie-updates gone
On 2019-03-27 11:50, Matus UHLAR - fantomas wrote: On 27.03.19 11:20, Bernie Elbourn wrote: If it is possible to wiz up a blank jessie-updates this will save me visiting a bunch of systems throwing apt errors in next few days. I wonder if it wasn't blank already. All of its contents was supposed to be moved to jessie main archive with last point release and no content should be there after that. Packages aren't moved from -updates to (old)stable, they're moved from p-u. Packages only get removed from -updates following manual action from a Release Team member. In the case of jessie, it appears there was still at least an old kernel package in there. Regards, Adam
Re: jessie-updates gone
On 27/03/2019 13:33, Markus Koschany wrote: > Hi, > > adding Jörg to the loop who is our responsible FTP master and the only > one who can make that happen. Actually there are three ftp-masters, not just one :-) > Am 27.03.19 um 12:50 schrieb Matus UHLAR - fantomas: >> On 27.03.19 11:20, Bernie Elbourn wrote: >>> I am very grateful for all the work done here. You are all heroes! >>> >>> Can I gently ask if we can just blank the stretch-updates archive next >>> time >>> round please. Otherwise every stable machine out there now will need a >>> change. >> >> That's what I meant too. I probably should have emphasized that. >> >>> If it is possible to wiz up a blank jessie-updates this will save me >>> visiting a bunch of systems throwing apt errors in next few days. >> >> I wonder if it wasn't blank already. All of its contents was supposed to be >> moved to jessie main archive with last point release and no content should >> be there after that. > > So the idea is to readd the empty jessie-updates directory to avoid apt > errors when updating? Jörg is this possible? Yes, I talked to them earlier today and they agreed to bringing it back to avoid these problems on users that have jessie-updates on their sources.list. jessie-proposed-updates could also be brought back, though that's not enabled by default upon installation so it should be less problematic if it stays removed (though some people may have it so it wouldn't hurt to bring it back as well). Cheers, Emilio
Re: jessie-updates gone
Hi, adding Jörg to the loop who is our responsible FTP master and the only one who can make that happen. Am 27.03.19 um 12:50 schrieb Matus UHLAR - fantomas: > On 27.03.19 11:20, Bernie Elbourn wrote: >> I am very grateful for all the work done here. You are all heroes! >> >> Can I gently ask if we can just blank the stretch-updates archive next >> time >> round please. Otherwise every stable machine out there now will need a >> change. > > That's what I meant too. I probably should have emphasized that. > >> If it is possible to wiz up a blank jessie-updates this will save me >> visiting a bunch of systems throwing apt errors in next few days. > > I wonder if it wasn't blank already. All of its contents was supposed to be > moved to jessie main archive with last point release and no content should > be there after that. So the idea is to readd the empty jessie-updates directory to avoid apt errors when updating? Jörg is this possible? Regards, Markus signature.asc Description: OpenPGP digital signature
Re: Missing installer images for Jessie
On 26/03/2019 14:47, Sven Wiltink wrote: > Hi, > > It appears that the installer images for Jessie are missing from the > mirrors. > > Could this be related to the archiving of non-LTS arhcitectures?[1] The last jessie images (recently updated for the apt vulnerability) can be found at https://cdimage.debian.org/cdimage/archive/8.11.1/ The links from https://www.debian.org/releases/jessie/debian-installer/ point to that. And https://wiki.debian.org/LTS/Installing points to that page. However most (all?) mirrors don't sync the archive/ dir where the jessie image lives now, so you need to get it from cdimage.debian.org. Cheers, Emilio
Re: jessie-updates gone
On 27.03.19 11:20, Bernie Elbourn wrote: I am very grateful for all the work done here. You are all heroes! Can I gently ask if we can just blank the stretch-updates archive next time round please. Otherwise every stable machine out there now will need a change. That's what I meant too. I probably should have emphasized that. If it is possible to wiz up a blank jessie-updates this will save me visiting a bunch of systems throwing apt errors in next few days. I wonder if it wasn't blank already. All of its contents was supposed to be moved to jessie main archive with last point release and no content should be there after that. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Support bacteria - they're the only culture some people have.
Re: jessie-updates gone
I am very grateful for all the work done here. You are all heroes! Can I gently ask if we can just blank the stretch-updates archive next time round please. Otherwise every stable machine out there now will need a change. If it is possible to wiz up a blank jessie-updates this will save me visiting a bunch of systems throwing apt errors in next few days. Huge thanks Bernie
Re: ghostscript testing
Hi, On 27/03/2019 00:00, Markus Koschany wrote: > Am 26.03.19 um 15:55 schrieb Sylvain Beucler: > [...] >> Markus, I read in the archives that you backported fixes in earlier >> security uploads - any other tip? :) > I did all the testing myself by setting up a Jessie environment and then > I tested with the POCs and the command line tools to spot any > regressions. I could reproduce all issues, so at one point I was > confident the problem at hand was solved. Without an extensive test > suite or a reproducer this is quite challenging. Since we made the > decision to follow new upstream releases, we just have to make sure that > reverse-dependencies keep working. So I would do some smoke testing and > verify that the reported problem is fixed. Thanks for confirming I didn't miss anything. Waiting for 9.27 then. Cheers! Sylvain
Missing installer images for Jessie
Hi, It appears that the installer images for Jessie are missing from the mirrors. Could this be related to the archiving of non-LTS arhcitectures?[1] Cheers, Sven [1] https://lists.debian.org/debian-devel-announce/2019/03/msg6.html
[SECURITY] [DLA 1732-1] openjdk-7 security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: openjdk-7 Version: 7u211-2.6.17-1~deb8u1 CVE ID : CVE-2019-2422 A memory disclosure vulnerability was discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in information disclosure or bypass of sandbox restrictions. For Debian 8 "Jessie", this problem has been fixed in version 7u211-2.6.17-1~deb8u1. We recommend that you upgrade your openjdk-7 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlybRUIACgkQnUbEiOQ2 gwIX+Q/+LS0Jag8PGk1Hy8RnxorE93hi2fGOjD8u74ZID4KRfMNd/81yK4Uhg/+B H744T1mY029DcIsB8yYx5hLYD0M/Ijh/sIGq5r2kANoyIMRVk5L+A9UpX5fWwx8r h3tGUrQt9gPKS7sG5TjEpcdl4fuQ4tRbqsV2lpzLC92dtJOnusv4oR2YfWhqKIBn TrWPOxctTgMMpPGJTiJiMoFAQcmDHEv4iID3kx+TT+H8aceuj+NnOaWtVo7JAyDi MZFDXtPZBauHzG/SiLMJNFAtQhdnTIRJdt94dy6t9L0BrZd3xvXqDTUD7Qyhm9t8 mA3XjIKBD5mFjBh89SZShb85pnjMk/JrWAsaSAJYrSAt5BwJImyEylwE3by7XFir 3vcGCjnhJvex6fMHgZc5jMUh1ftoXU757cdgXwU/m4B2wYDKYv3gkhtbXgQoNOK9 f4k1hYUxziOCnACtTyHFjYhp5ko/y15ZRD85uDd+9z8RM4kHQKMcI2dNvaZZ07DD 0s+iMKRtZ24U8Ia0iDctxU/5mALcSDOf/sNUoxajLWef+dMPxuGpgPnOM6CHg2Zb lgvFMpcnPLSHGBBFBo+cNMjMIA5+d1kvNIon5xEQNtrB07qiCzEy2KQsQZlpU/kU A9/Ny7tjhqB8OMMxI//uDdzYVSgGopqxqnGEg434NHN9mMx5+Ng= =+5k3 -END PGP SIGNATURE-
Accepted openjdk-7 7u211-2.6.17-1~deb8u1 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 26 Mar 2019 20:17:57 +0100
Source: openjdk-7
Binary: openjdk-7-jdk openjdk-7-jre-headless openjdk-7-jre openjdk-7-jre-lib
openjdk-7-demo openjdk-7-source openjdk-7-doc openjdk-7-dbg icedtea-7-jre-jamvm
openjdk-7-jre-zero
Architecture: source amd64 all
Version: 7u211-2.6.17-1~deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: OpenJDK Team
Changed-By: Emilio Pozuelo Monfort
Description:
icedtea-7-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
openjdk-7-dbg - Java runtime based on OpenJDK (debugging symbols)
openjdk-7-demo - Java runtime based on OpenJDK (demos and examples)
openjdk-7-doc - OpenJDK Development Kit (JDK) documentation
openjdk-7-jdk - OpenJDK Development Kit (JDK)
openjdk-7-jre - OpenJDK Java runtime, using ${vm:Name}
openjdk-7-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
openjdk-7-jre-lib - OpenJDK Java runtime (architecture independent libraries)
openjdk-7-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
openjdk-7-source - OpenJDK Development Kit (JDK) source files
Changes:
openjdk-7 (7u211-2.6.17-1~deb8u1) jessie-security; urgency=medium
.
* Backport to jessie-security.
Checksums-Sha1:
5ef4f0e09fcadcc69a3313b31ee9a9bc77b23d37 4677
openjdk-7_7u211-2.6.17-1~deb8u1.dsc
1f805a4a7234a905c08cb99b786aeeb1fa40d0ba 54110615
openjdk-7_7u211-2.6.17.orig.tar.gz
f45ce4f4ae84ec48476922545e23508fe1244df5 173328
openjdk-7_7u211-2.6.17-1~deb8u1.debian.tar.xz
5ba39c8fa72195734faa79f1313d879e1a99d0a2 16289018
openjdk-7-jdk_7u211-2.6.17-1~deb8u1_amd64.deb
012442c563e1113370e875ef23af96e536e52c7f 40008356
openjdk-7-jre-headless_7u211-2.6.17-1~deb8u1_amd64.deb
12dde024602c397c3ac388f3f91f2159f031160b 175826
openjdk-7-jre_7u211-2.6.17-1~deb8u1_amd64.deb
1e504b0cdda223af6d69269946d0972a9d7188be 1887698
openjdk-7-demo_7u211-2.6.17-1~deb8u1_amd64.deb
d1c53db7be35435d8d3b860de2e83a1f49bb5378 178214276
openjdk-7-dbg_7u211-2.6.17-1~deb8u1_amd64.deb
856e8e13dac1603638891d30a095f83555415060 723222
icedtea-7-jre-jamvm_7u211-2.6.17-1~deb8u1_amd64.deb
ff9a8b70384687f5cf2cdf7a0ac6135d471f58db 1738938
openjdk-7-jre-zero_7u211-2.6.17-1~deb8u1_amd64.deb
b11c9acc487e2acef02c6332119432bc74a7ffd0 313856
openjdk-7-jre-lib_7u211-2.6.17-1~deb8u1_all.deb
3563ff8cb47093608ec2ea4bda48b6f4ed505d7a 40296160
openjdk-7-source_7u211-2.6.17-1~deb8u1_all.deb
f788a2cdf85abb740c834f64625195d8cdb194a0 11179070
openjdk-7-doc_7u211-2.6.17-1~deb8u1_all.deb
Checksums-Sha256:
842bfc8a27dd693d9819c0c1732f849f66065bcc3113116e7007d394a1a7c813 4677
openjdk-7_7u211-2.6.17-1~deb8u1.dsc
4bcb8247f12c07d5002a3763bbf937da6daeee942439507eea9c4fc4fb190f96 54110615
openjdk-7_7u211-2.6.17.orig.tar.gz
a2a82ad7ad83f602ea6b654561ffa5b3837f591993dcb10cae49383cde17562c 173328
openjdk-7_7u211-2.6.17-1~deb8u1.debian.tar.xz
fffa3cdba843b5c7242eabf6e79621981a8cbaf1600cb88df095a517b2b4c758 16289018
openjdk-7-jdk_7u211-2.6.17-1~deb8u1_amd64.deb
598d479a504972b49c69b732bb7603c4f16626cdee0b69fd713eb4e0e5a85963 40008356
openjdk-7-jre-headless_7u211-2.6.17-1~deb8u1_amd64.deb
b4d2e68f3b7270746670e81227ad9ec1b21bcf1ebbe29cfc2ac1ad65248795fb 175826
openjdk-7-jre_7u211-2.6.17-1~deb8u1_amd64.deb
d874d4fcf34c52a0f9bdd76e3005a97be1eb492a35ef0580ff625394364000db 1887698
openjdk-7-demo_7u211-2.6.17-1~deb8u1_amd64.deb
f6c9020379c88f9883bc9f7238d91b3bd77d5d538b1e5e28b20f715dc040f4c9 178214276
openjdk-7-dbg_7u211-2.6.17-1~deb8u1_amd64.deb
1d4d95b73564bace186d5f0d1e0f562b963a6dafa6fd7330f1184d20a8379b87 723222
icedtea-7-jre-jamvm_7u211-2.6.17-1~deb8u1_amd64.deb
80035a0776b407b2aba678863be23373642b37dc24f3deb328d7ab1b9e7cc30c 1738938
openjdk-7-jre-zero_7u211-2.6.17-1~deb8u1_amd64.deb
e5116d8dcfd3e143d77d26d8930ba3cee486b1515dd7eb6179b4247da0583aae 313856
openjdk-7-jre-lib_7u211-2.6.17-1~deb8u1_all.deb
268f0030cf5f4db18d7fb4dfa96a45ec959036ee885b4adf8d84685d25192098 40296160
openjdk-7-source_7u211-2.6.17-1~deb8u1_all.deb
2dc9f9fcd632aeb18bdd413191ab6017e56899ba2898cf5bed726afc5379cc4c 11179070
openjdk-7-doc_7u211-2.6.17-1~deb8u1_all.deb
Files:
cd508ed59da47e893be57d383bc525dc 4677 java optional
openjdk-7_7u211-2.6.17-1~deb8u1.dsc
d367ab4666084b53a12c2e7ab526bcfe 54110615 java optional
openjdk-7_7u211-2.6.17.orig.tar.gz
6fcaf4f2d04ce017203599a48ea46c32 173328 java optional
openjdk-7_7u211-2.6.17-1~deb8u1.debian.tar.xz
8405d58bf0e6fc0c10e94dfb8b96153e 16289018 java optional
openjdk-7-jdk_7u211-2.6.17-1~deb8u1_amd64.deb
4e44e2ddd162878d8326884623dda7cc 40008356 java optional
openjdk-7-jre-headless_7u211-2.6.17-1~deb8u1_amd64.deb
ea2cd2e90ef0ce16caf50da2974556f8 175826 java optional
openjdk-7-jre_7u211-2.6.17-1~deb8u1_amd64.deb
99eaae21e23544b0f4f4742c82451832 1887698 java optional
openjdk-7-demo_7u211-2.6.17-1~deb8u1_amd64.deb
f4f951f3fd93d86a4ff787b81c969edc 178214276 debug optional
openjdk-7-dbg_7u211-2.6.17-1~deb8u1_amd64.deb
977beaf454387e24df1e218bc3668e97 723222 java optional
Accepted linux 3.16.64-1 (all source) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 25 Mar 2019 18:05:41 + Binary: linux-doc-3.16 linux-manual-3.16 linux-source-3.16 linux-support-3.16.0-8 Source: linux Architecture: all source Version: 3.16.64-1 Distribution: jessie-security Urgency: high Maintainer: Debian Kernel Team Changed-By: Ben Hutchings Description: linux-doc-3.16 - Linux kernel specific documentation for version 3.16 linux-manual-3.16 - Linux kernel API manual pages for version 3.16 linux-source-3.16 - Linux kernel source for version 3.16 with Debian patches linux-support-3.16.0-8 - Support files for Linux 3.16 Changes: linux (3.16.64-1) jessie-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.60 - [x86] drm/i915: Try EDID bitbanging on HDMI after failed read - [x86] drm/i915: Log a message when rejecting LRM to OACONTROL - [x86] drm/i915: Fix command parser to validate multiple register access with the same command. - [x86] drm/i915/cmdparser: Do not check past the cmd length. - regmap: Correct offset handling in regmap_volatile_range - regmap: Support bulk reads for devices without raw formatting - regmap: Don't use format_val in regmap_bulk_read - HID: i2c-hid: fix size check and type usage - HID: i2c-hid: Fix "incomplete report" noise - HID: core: Fix size as type u32 - jbd2: if the journal is aborted then don't allow update of the log tail - ext4: don't update checksum of new initialized bitmaps - media: cx25821: prevent out-of-bounds read on array card - [armhf] serial: arc_uart: Fix out-of-bounds access through DT alias - [armhf] serial: imx: Fix out-of-bounds access through serial port index - rtl8187: Fix NULL pointer dereference in priv->conf_mutex - IB/srp: Fix srp_abort() - staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr - [x86] crypto: cast5-avx - fix ECB encryption when long sg follows short one - [x86] Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list - [x86] watchdog: f71808e_wdt: Fix WD_EN register read - vt: change SGR 21 to follow the standards - media: rc: oops in ir_timer_keyup after device unplug - [armhf] usb: dwc3: pci: Properly cleanup resource - ext4: protect i_disksize update by i_data_sem in direct write path - USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw - [armhf] crypto - Fix random regeneration of S_shipped - [x86] ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status() - ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation - ALSA: pcm: Avoid potential races between OSS ioctls and read/write - ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams - pinctrl: pinctrl-single: Fix pcs_request_gpio() when bits_per_mux != 0 - Btrfs: fix unexpected cow in run_delalloc_nocow - ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls - hwmon: (nct6775) Fix writing pwmX_mode - ipc,shm: move BUG_ON check into shm_lock - ipc: convert invalid scenarios to use WARN_ON - ipc/shm: handle removed segments gracefully in shm_mmap() - ipc/util: Helpers for making the sysvipc operations pid namespace aware - ipc/shm: Fix shmctl(..., IPC_STAT, ...) between pid namespaces. - ipc/shm: fix use-after-free of shm file via remap_file_pages() - ipc/msg: Fix msgctl(..., IPC_STAT, ...) between pid namespaces - ipc/sem: make semctl setting sempid consistent - ipc/sem: Fix semctl(..., GETPID, ...) between pid namespaces - [armhf] usb: musb: gadget: misplaced out of bounds check - iio:buffer: make length types match kfifo types - iio:kfifo_buf: check for uint overflow - [x86] xen/acpi: off by one in read_acpi_id() - crypto: ahash - Fix early termination in hash walk - btrfs: Refactor transaction handling in received subvolume ioctl - btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol - ext4: add bounds checking to ext4_xattr_find_entry() - Btrfs: fix copy_items() return value when logging an inode - btrfs: tests/qgroup: Fix wrong tree backref level - ext4: correctly detect when an xattr value has an invalid size - ext4: add extra checks to ext4_xattr_block_get() - sky2: Increase D3 delay to sky2 stops working after suspend - cifs: fix memory leak in SMB2_open() - ext4: force revalidation of directory pointer after seekdir(2) - ALSA: pcm: Fix UAF at PCM release via PCM timer access - [armhf] rtc: snvs: Fix usage of snvs_rtc_enable - drm/radeon: Fix PCIe lane width calculation - RDMA/ucma: Don't allow setting RDMA_OPTION_IB_PATH without an RDMA device - ubifs: Check ubifs_wbuf_sync() return code - ubi: Fix error for write access - ubi: Reject MLC NAND
