Rebuilding all 100+ r-cran-* packages for R 2.10.0 + security question
[ I send the following to d-devel and d-science earlier today; Cyril responded suggesting that talk to -release re paragraphs 2 and 3, and to -security re paragraph 4. Comments welcome, and CCs appreciated. --Dirk ] On 16 October 2009 at 13:29, Dirk Eddelbuettel wrote: | R 2.10.0, due out October 26, will switch to an internal html converter from | the latex-alike Rd format coupled with an internal webserver. See below for | the section on 'Significant user-visible changes' in the NEWS file from | 2.10.0 -- taken from the Oct 13 beta currently in unstable. | | This means we "should" rebuild all packages or else they will upon load | trigger a nagging message 'package foo was built under R version x.y.z and | may not function properly' as well as possible malfunctions of the help | system. As we're only talking 100+ packages, this should work. | | I would appreciate some pointers as to how I can milk out fancypants new mega | databases to extracts all packages (matching r-cran-*; there are only one or | two exceptions to that rules) and their maintainers ... and ideally even | monitor most recent re-builds. Anybody feel like sharing some hints with me | off-line? | | Also, and the security minded folks may want to consider the second bullet | point: do we need to worry about this or not as it is just the loopback | interface? Seems fine to me but I figured I'd better ask :) | | Please CC me on replies. | | Cheers, Dirk | | | | | | ** | ** | * 2.10 SERIES NEWS * | ** | ** | | | CHANGES IN R VERSION 2.10.0 | | | SIGNIFICANT USER-VISIBLE CHANGES | | o Package help is now converted from Rd by the R-based converters | that were first introduced in 2.9.0. This means | | - Packages that were installed by R-devel after 2009-08-09 | should not be used with earlier versions of R, and most | aspects of package help (including the runnable examples) | will be missing if they are so used. | | - Text, HTML and latex help and examples for packages | installed under the new system are converted on-demand from | stored parsed Rd files. (Conversions stored in packages | installed under R < 2.10.0 are used if no parsed Rd files | are found. It is recommended that such packages be | re-installed.) | | | o HTML help is now generated dynamically using an HTTP server | running in the R process and listening on the loopback | interface. | | - Those worried about security implications of such a server | can disable it by setting the environment variable | R_DISABLE_HTTPD to a non-empty value. This disables | help.start() and HTML help (so text help is shown instead). | | - The Java/Javascript search engine has been replaced by an | HTML interface to help.search(). help.start() no longer has | an argument 'searchEngine' as it is no longer needed. | | - The HTML help can now locate cross-references of the form | \link[pkg]{foo} and \link[pkg:foo]{bar} where 'foo' is an | alias in the package, rather than the documented (basename | of a) filename (since the documentation has been much | ignored). | | | | | -- | Three out of two people have difficulties with fractions. | | | -- | To UNSUBSCRIBE, email to debian-science-requ...@lists.debian.org | with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org | -- Three out of two people have difficulties with fractions. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#548642: transition: liblo
On Sun, 2009-09-27 at 16:29 -0400, Felipe Sateler wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > > New upstream liblo bumps SONAME, so we need to transition. Also, we take > this opportunity to change the -dev package name to unversion it. > liblo-dev now provides liblo0-dev to avoid breaking too many packages. > However, rosegarden and sineshaper have versioned build-dependencies on > liblo0-dev. They both require versions already in oldstable, so a simple > NMU dropping the versioning is enough for them. All other packages > should require binNMUs, and the new version is supposed to be API-compatible > with the old one. Ping? > > Direct reverse dependencies: > > ardour > csound > dssi > fluidsynth-dssi > freej > hexter > jamin > ll-scope > nekobee > qtractor > rosegarden* > sineshaper* > whysynth > wsynth-dssi > xsynth-dssi > > > > -- System Information: > Debian Release: squeeze/sid > APT prefers unstable > APT policy: (500, 'unstable'), (1, 'experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 2.6.30-1-amd64 (SMP w/2 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash -- Saludos, Felipe Sateler signature.asc Description: This is a digitally signed message part
Re: [Stable] Bug#550625: libc6: Realloc sometimes fails to copy all memory correctly
On Fri, 2009-10-16 at 16:19 +0200, Aurelien Jarno wrote: > Adam D. Barratt a écrit : > > Hi, > > > > On Mon, 2009-10-12 at 11:10 +0200, Aurelien Jarno wrote: > >> Would it be possible to do a stable upload to fix this problem (see > >> below)? > > > >>From the bug log I'd say this should indeed be fixed in stable. Please > > could you supply the proposed debdiff for confirmation? > > We plan to use the one from Peter Palfrader, see: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550625#15 Please go ahead. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: limit package to release.debian.org, tagging 547037, tagging 547414, tagging 549704
Processing commands for cont...@bugs.debian.org: > limit package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 547037 + pending Bug #547037 [release.debian.org] pu: package request-tracker3.6/3.6.7-5+lenny2 Added tag(s) pending. > tags 547414 + pending Bug #547414 [release.debian.org] pu: package movabletype-opensource/4.2.3-1+lenny1 Added tag(s) pending. > tags 549704 + pending Bug #549704 [release.debian.org] pu: package apache2/2.2.9-10+lenny5 Added tag(s) pending. > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#549704: pu: package apache2/2.2.9-10+lenny5
Hi, On Mon, 2009-10-05 at 20:11 +0200, Stefan Fritsch wrote: > please review apache2/2.2.9-10+lenny5 for inclusion in > 5.0.4. It fixes minor security issues and some other bugs. Approved. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: [Stable] Bug#550625: libc6: Realloc sometimes fails to copy all memory correctly
Adam D. Barratt a écrit : > Hi, > > On Mon, 2009-10-12 at 11:10 +0200, Aurelien Jarno wrote: >> Would it be possible to do a stable upload to fix this problem (see >> below)? > >>From the bug log I'd say this should indeed be fixed in stable. Please > could you supply the proposed debdiff for confirmation? We plan to use the one from Peter Palfrader, see: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550625#15 -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#550101: opu: package mksh/28.0-2
Hi, On Wed, 2009-10-07 at 16:14 +, Thorsten Glaser wrote: > Fix CVE-2008-1845. History: [...] > This is why I dug out the old .dsc (debdiff attached) and now > would like to request that someone upload this (I'm only a DM, > not a DD). The diff looks fine for opu; please upload (via a sponsor, as you mentioned). Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: [Stable] Bug#550625: libc6: Realloc sometimes fails to copy all memory correctly
Hi, On Mon, 2009-10-12 at 11:10 +0200, Aurelien Jarno wrote: > Would it be possible to do a stable upload to fix this problem (see > below)? >From the bug log I'd say this should indeed be fixed in stable. Please could you supply the proposed debdiff for confirmation? Thanks, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Please hint flash-kernel/2.23
Please hint flash-kernel/2.23 into testing. It adds support for two new devices. It has been in unstable for over 2 weeks but won't move automatically because of the udeb. -- Martin Michlmayr http://www.cyrius.com/ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org