Bug#749142: RFS: gnustep-base/1.24.6-1 [RC] [security]
Package: sponsorship-requests Severity: important Control: block -1 with 748969 Dear mentors, I am looking for a sponsor for my package "gnustep-base". It builds these binary packages: gnustep-base-common - GNUstep Base library - common files gnustep-base-doc - Documentation for the GNUstep Base Library gnustep-base-examples - Examples using the GNUstep Base Library gnustep-base-runtime - GNUstep Base library - daemons and tools libgnustep-base-dev - GNUstep Base header files and development libraries libgnustep-base1.24 - GNUstep Base library libgnustep-base1.24-dbg - GNUstep Base library - debugging symbols To access further information about this package, please visit the following URL: http://mentors.debian.net/package/gnustep-base Alternatively, one can download the package with dget using this command: dget -x http://mentors.debian.net/debian/pool/main/g/gnustep-base/gnustep-base_1.24.6-1.dsc Changes since the last upload: gnustep-base (1.24.6-1) experimental; urgency=low * New upstream release: - Fixes FTBFS with recent libxml2 (Closes: #738347). - GNUSTEP_USER_DIRECTORY is no longer created unconditionally (Closes: #720190). * Ack NMUs; thanks Matthias Klose, gregor herrmann and Pino Toscano. * debian/patches/libobjc4.patch: * debian/patches/recent-libxml2-fix.patch: Remove; fixed upstream. * debian/patches/kfreebsd-fake-main.patch: * debian/patches/avoid-nsl-linkage.patch: * debian/patches/maxsymlinks.diff: Refresh. * debian/patches/autoreconf.patch: Regenerate. * debian/patches/texinfo5.diff: Add description. * debian/patches/hurd-ignore-NSURL-test.diff: Disable for now. * debian/patches/manpage-fixes.patch: Fix two more issues reported by lintian. * debian/patches/CVE-2014-2980.patch: New patch from upstream, fixes gdomap user security hole (Closes: #745470). * debian/patches/use-local-DTDs.patch: New; use local DTDs to avoid annoying warnings from autogsdoc when built in a chroot. Thanks Svante Signell (Closes: #736587). * debian/patches/series: Update. * debian/rules (build-arch): Remove dependency on patch. (binary-indep): Invoke dh_installxmlcatalogs with -n since only DTDs are being installed, not catalogs (Closes: #637093). (install-doc): Don't create Developer symlink; useless. (install-common): Use the system's ca-certificates.crt. (v_make): Bump to 2.6.6, for texi2html related changes in -make. * debian/gdomap.default: * debian/gnustep-base-runtime.gdomap.in: Disable the gdomap daemon by default (Closes: #717773). Provide "fancy" output; thanks Dirk Sandbrink (Closes: #729588). Remove set -e/-u because of the lsb logging. * debian/control.m4 (libgnustep-base`'SOV_BASE-dbg) : Typo fix; thanks Pascal De Vuyst (Closes: #697628). : Remove libgnustep-base1.20-dbg. (gnustep-base-doc) : Remove dpkg (>= 1.15.4) | install-info. (gnustep-base-common) : Add ca-certificates, needed for the GnuTLS support. (Build-Depends-Indep): Remove texi2html. Remove texlive-base (pulled in); add texlive-fonts-recommended, needed for the manual. (Vcs-Git, Vcs-Browser): Use the canonical URIs. (Standards-Version): Claim compliance with 3.9.5 as of this release. * debian/control: Regenerate. * debian/gnustep-base-runtime.postinst.in: Remove obsolete stuff. * debian/gnustep-base-runtime.prerm.in: Delete; obsolete. * debian/gnustep-base-runtime.NEWS: New; document that the gdomap daemon is not started by default. * debian/copyright: Update copyright years, add more copyright holders and ISC/Apache 2.0 blurbs. Typo fixes. -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87a9a7gt89@aneto.yavor.doganov.org
Bug#749152: RFS: top/2.2.3-1 [ITP]
Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "top" Package name: top Version : 2.2.3-1 Upstream Author : Hugo Pereira Da Costa URL : http://hugo.pereira.free.fr/software/ License : GPL2 Programming lang: C++ / Qt5 Section : admin It builds this binary package: top - windowed version of the console top command To access further information about this package, please visit the following URL: http://mentors.debian.net/package/top Alternatively, one can download the package with dget using this command: dget -x http://mentors.debian.net/debian/pool/main/t/top/top_2.2.3-1.dsc More information about top can be obtained from Hugo Pereira's website: http://hugo.pereira.free.fr/ It will be the first debian release. top (2.2.3-1) unstable; urgency=low * Initial release (Closes: #731881) -- Hugo Lefeuvre Sun, 18 May 2014 17:23:10 +0200 Regards, Hugo -- Hugo Lefeuvre (hugo6390)|www.hugo6390.org 4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E signature.asc Description: Digital signature
Re: Bug#749152: RFS: top/2.2.3-1 [ITP]
On Sat, May 24, 2014 at 04:54:40PM +0200, Hugo Lefeuvre wrote: > I am looking for a sponsor for my package "top" > > Package name: top > Version : 2.2.3-1 > Upstream Author : Hugo Pereira Da Costa > URL : http://hugo.pereira.free.fr/software/ > License : GPL2 > Programming lang: C++ / Qt5 > Section : admin > > It builds this binary package: > > top - windowed version of the console top command Thanks for your work on this. I am wondering whether "top" is the best package name, and "Top" the best binary name. I, for one, would be a little confused, given that the standard tool in the procps package is also named "top". What is your opinion? Would a different package name be an option? Thanks. Kumar -- No, that's wrong too. Now there's a race condition between the rm and the mv. Hmm, I need more coffee. -- Guy Maor on Debian Bug#25228 -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140524151720.GA3475@odessa
Bug#749152: RFS: top/2.2.3-1 [ITP]
On Sat, 24 May 2014, Hugo Lefeuvre wrote: > I am looking for a sponsor for my package "top" > > Package name: top > Version : 2.2.3-1 > Upstream Author : Hugo Pereira Da Costa > URL : http://hugo.pereira.free.fr/software/ > License : GPL2 > Programming lang: C++ / Qt5 > Section : admin > > It builds this binary package: > > top - windowed version of the console top command This is a massive namespace clash waiting to happen, and that's BAD. It is also a very bad idea to have "Top" as the application binary. You're just a technicallity away from conflicting with procps, and this is no way to do things. Can you take this upstream and check if they'd be amiable to renaming this to, e.g. "qttop" or something else that is not just a single camel-case character away from "top" ? -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140524160430.gb12...@khazad-dum.debian.net
Re: Bug#749152: RFS: top/2.2.3-1 [ITP]
Hi Kumar / Hi Henrique, The name of the binary is 'Top'. You think it would be a good idea to change the name of the binary ? As far as I'm concerned, I have no problems with Top. * The manpage works well - man top for the top command - man Top for the Top command But, if you think it's buggy, I'll change it. Naturally, I can also try to speak with the Upstream to change the name of the source program but I think it will be... very long. :) Regards, Hugo -- Hugo Lefeuvre (hugo6390)|www.hugo6390.org 4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E signature.asc Description: Digital signature
Re: Bug#749152: RFS: top/2.2.3-1 [ITP]
Hi Hugo, On 24/05/14 18:35, Hugo Lefeuvre wrote: But, if you think it's buggy, I'll change it. Naturally, I can also try to speak with the Upstream to change the name of the source program but I think it will be... very long. I think, everybody agrees that it's quite buggy, but you can do both in parallel: change the binary name in the package with a patch as well as the package name itself, and ask upstream to change their name. qtop did sound like a good suggestion. Eric -- I'm subscribed on debian-java, debian-mentors, pkg-java-maintainers and pkg-vdr-dvb-devel. No need to CC me on these lists. -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5380e476.7020...@lavar.de
Re: Bug#749152: RFS: top/2.2.3-1 [ITP]
On Sat, May 24, 2014 at 08:27:02PM +0200, Eric L. wrote: > I think, everybody agrees that it's quite buggy, but you can do both > in parallel: change the binary name in the package with a patch as > well as the package name itself, and ask upstream to change their > name. qtop did sound like a good suggestion. I'll do the changes in the evening. ;) -- Hugo Lefeuvre (hugo6390)|www.hugo6390.org 4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E signature.asc Description: Digital signature
Bug#748831: RFS: crashme/2.7-1 [ITA]
* Dariusz Dwornikowski , 2014-05-21,
13:48:
If you listed files to remove in debian/clean, you could avoid the
override in debian/rules.
Yes, fixed that too. Settled for d/rules.
Well, now I can't build the source package:
rm -f *.o
rm -f pddet
rm debian/upstream
rm: cannot remove ‘debian/upstream’: No such file or directory
debian/rules:13: recipe for target 'override_dh_auto_clean' failed
What happened to debian/patch/legacy.patch?
Upstream writes:
2.7 4-APR-2014 __APPLE__ port, fix linux 64 bit port.
I wonder how badly broken is the package in the archive (2.4). My
understanding is that it's completely useless on some architectures,
because it doesn't actually stress-test anything; but I might be wrong.
The relevant fix appears to be:
#if defined(__APPLE__) || defined(__FreeBSD__) || defined(linux)
/* if we don't do this on the 64-bit architectures
then all we get out of our badboy() calls
is a nice safe "bus error" signal.
*/
int pagesize;
pagesize = getpagesize();
if (mprotect((void *)long)data)/pagesize)*pagesize),
((n/pagesize)+1)*pagesize,
PROT_READ|PROT_WRITE|PROT_EXEC))
perror("mprotect");
#endif
Shouldn't we run this code also on non-Linux architectures? At least on
kfreebsd-amd64, heap is not executable by default, which is what this
code is trying to work around.
--
Jakub Wilk
--
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140524213848.ga6...@jwilk.net
Re: Bug#749152: RFS: top/2.2.3-1 [ITP]
It should be done now. The new name of the binary is qtop. I've uploaded the package on mentos.debian.org.[0] Regards, Hugo [0] https://mentors.debian.net/package/qtop -- Hugo Lefeuvre (hugo6390)|www.hugo6390.org 4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E signature.asc Description: Digital signature
Bug#733987: marked as done (RFS: dbab/1.0.1-1 [ITP] - dnsmasq-based ad-blocking using pixelserv)
Your message dated Sun, 25 May 2014 04:23:44 + with message-id and subject line closing RFS: dbab/1.0.1-1 [ITP] - dnsmasq-based ad-blocking using pixelserv has caused the Debian Bug report #733987, regarding RFS: dbab/1.0.1-1 [ITP] - dnsmasq-based ad-blocking using pixelserv to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 733987: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733987 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: sponsorship-requests Severity: normal Dear mentors, I am packing "The Best Ad Blocking Method"[1] into a Debian package and am looking for a sponsor for my package "dbab", which starts with reviewing it first. [1] http://sfxpt.wordpress.com/2011/02/21/the-best-ad-blocking-method/ * Package name: dbab Version : 1.0.1 Upstream Author : Tong Sun * URL : https://github.com/suntong001/dbab * License : bsd Section : net It builds those binary packages: dbab - dnsmasq-based ad-blocking using pixelserv To access further information about this package, please visit the following URL: http://mentors.debian.net/package/dbab Alternatively, one can download the package with dget using this command: dget -x http://mentors.debian.net/debian/pool/main/d/dbab/dbab_1.0.1.dsc More information about it can be obtained from, http://sfxpt.wordpress.com/2011/02/21/the-best-ad-blocking-method/ https://github.com/suntong001/dbab Regards, Tong Sun --- End Message --- --- Begin Message --- Package dbab has been removed from mentors.--- End Message ---
Bug#712734: marked as done (RFS: cloudprint/0.11-5 [ITP])
Your message dated Sun, 25 May 2014 04:23:50 + with message-id and subject line closing RFS: cloudprint/0.11-5 [ITP] has caused the Debian Bug report #712734, regarding RFS: cloudprint/0.11-5 [ITP] to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 712734: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712734 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my new package "cloudprint" Package name: cloudprint Version: 0.10-3 Upstream Author: Jason Michalski URL: https://pypi.python.org/pypi/cloudprint License: GPL3 Section: net It builds those binary packages: cloudprint - Google Cloud Print proxy cloudprint-service - provide a service for sharing printers on Google Cloud Print To access further information about this package, please visit the following URL: http://mentors.debian.net/package/cloudprint Alternatively, one can download the package with dget using this command: dget -x http://mentors.debian.net/debian/pool/main/c/cloudprint/cloudprint_0.10-3.dsc More information about cloudprint can be obtained from http://davesteele.github.io/cloudprint-debian/. ITP is at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705981 changelog: cloudprint (0.10-3) unstable; urgency=low * Copyright had license text for LGPL instead of the correct GPL-2+ * Quiet new lintian warning for init scripts calling /lib/init/*. -- David Steele Mon, 10 Jun 2013 22:27:07 -0400 cloudprint (0.10-2) unstable; urgency=low * Add dependency on CUPS. * Lintian fixes. * Man page fixes. * Better text in copyright file. -- David Steele Mon, 10 Jun 2013 21:15:27 -0400 cloudprint (0.10-1) unstable; urgency=low * Initial packaging (Closes: 705981) * Include cloudprint-service init.d support. -- David Steele Tue, 23 Apr 2013 19:42:12 -0400 Regards, Dave Steele --- End Message --- --- Begin Message --- Package cloudprint version 0.11-5 is in NEW now, and the package at mentors is not newer (2014-05-11) than the package in NEW (2014-05-11), so there is currently no package to sponsor. http://ftp-master.debian.org/new/cloudprint_0.11-5.html http://mentors.debian.net/package/cloudprint If for some reason you need to replace the package in NEW, then you can upload an updated package to mentors and feel free to reopen this RFS 712734 or open a new RFS.--- End Message ---
Bug#749152: marked as done (RFS: top/2.2.3-1 [ITP])
Your message dated Sun, 25 May 2014 04:23:44 + with message-id and subject line closing RFS: top/2.2.3-1 [ITP] has caused the Debian Bug report #749152, regarding RFS: top/2.2.3-1 [ITP] to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 749152: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=749152 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "top" Package name: top Version : 2.2.3-1 Upstream Author : Hugo Pereira Da Costa URL : http://hugo.pereira.free.fr/software/ License : GPL2 Programming lang: C++ / Qt5 Section : admin It builds this binary package: top - windowed version of the console top command To access further information about this package, please visit the following URL: http://mentors.debian.net/package/top Alternatively, one can download the package with dget using this command: dget -x http://mentors.debian.net/debian/pool/main/t/top/top_2.2.3-1.dsc More information about top can be obtained from Hugo Pereira's website: http://hugo.pereira.free.fr/ It will be the first debian release. top (2.2.3-1) unstable; urgency=low * Initial release (Closes: #731881) -- Hugo Lefeuvre Sun, 18 May 2014 17:23:10 +0200 Regards, Hugo -- Hugo Lefeuvre (hugo6390)|www.hugo6390.org 4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E signature.asc Description: Digital signature --- End Message --- --- Begin Message --- Package top has been removed from mentors.--- End Message ---
