Rebuilding all 100+ r-cran-* packages for R 2.10.0 + security question
[ I send the following to d-devel and d-science earlier today; Cyril
responded suggesting that talk to -release re paragraphs 2 and 3, and to
-security re paragraph 4. Comments welcome, and CCs appreciated. --Dirk ]
On 16 October 2009 at 13:29, Dirk Eddelbuettel wrote:
| R 2.10.0, due out October 26, will switch to an internal html converter from
| the latex-alike Rd format coupled with an internal webserver. See below for
| the section on 'Significant user-visible changes' in the NEWS file from
| 2.10.0 -- taken from the Oct 13 beta currently in unstable.
|
| This means we "should" rebuild all packages or else they will upon load
| trigger a nagging message 'package foo was built under R version x.y.z and
| may not function properly' as well as possible malfunctions of the help
| system. As we're only talking 100+ packages, this should work.
|
| I would appreciate some pointers as to how I can milk out fancypants new mega
| databases to extracts all packages (matching r-cran-*; there are only one or
| two exceptions to that rules) and their maintainers ... and ideally even
| monitor most recent re-builds. Anybody feel like sharing some hints with me
| off-line?
|
| Also, and the security minded folks may want to consider the second bullet
| point: do we need to worry about this or not as it is just the loopback
| interface? Seems fine to me but I figured I'd better ask :)
|
| Please CC me on replies.
|
| Cheers, Dirk
|
|
|
|
|
| **
| **
| * 2.10 SERIES NEWS *
| **
| **
|
|
| CHANGES IN R VERSION 2.10.0
|
|
| SIGNIFICANT USER-VISIBLE CHANGES
|
| o Package help is now converted from Rd by the R-based converters
| that were first introduced in 2.9.0. This means
|
| - Packages that were installed by R-devel after 2009-08-09
| should not be used with earlier versions of R, and most
| aspects of package help (including the runnable examples)
| will be missing if they are so used.
|
| - Text, HTML and latex help and examples for packages
| installed under the new system are converted on-demand from
| stored parsed Rd files. (Conversions stored in packages
| installed under R < 2.10.0 are used if no parsed Rd files
| are found. It is recommended that such packages be
| re-installed.)
|
|
| o HTML help is now generated dynamically using an HTTP server
| running in the R process and listening on the loopback
| interface.
|
| - Those worried about security implications of such a server
| can disable it by setting the environment variable
| R_DISABLE_HTTPD to a non-empty value. This disables
| help.start() and HTML help (so text help is shown instead).
|
| - The Java/Javascript search engine has been replaced by an
| HTML interface to help.search(). help.start() no longer has
| an argument 'searchEngine' as it is no longer needed.
|
| - The HTML help can now locate cross-references of the form
| \link[pkg]{foo} and \link[pkg:foo]{bar} where 'foo' is an
| alias in the package, rather than the documented (basename
| of a) filename (since the documentation has been much
| ignored).
|
|
|
|
| --
| Three out of two people have difficulties with fractions.
|
|
| --
| To UNSUBSCRIBE, email to debian-science-requ...@lists.debian.org
| with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
|
--
Three out of two people have difficulties with fractions.
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#548642: transition: liblo
On Sun, 2009-09-27 at 16:29 -0400, Felipe Sateler wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > > New upstream liblo bumps SONAME, so we need to transition. Also, we take > this opportunity to change the -dev package name to unversion it. > liblo-dev now provides liblo0-dev to avoid breaking too many packages. > However, rosegarden and sineshaper have versioned build-dependencies on > liblo0-dev. They both require versions already in oldstable, so a simple > NMU dropping the versioning is enough for them. All other packages > should require binNMUs, and the new version is supposed to be API-compatible > with the old one. Ping? > > Direct reverse dependencies: > > ardour > csound > dssi > fluidsynth-dssi > freej > hexter > jamin > ll-scope > nekobee > qtractor > rosegarden* > sineshaper* > whysynth > wsynth-dssi > xsynth-dssi > > > > -- System Information: > Debian Release: squeeze/sid > APT prefers unstable > APT policy: (500, 'unstable'), (1, 'experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 2.6.30-1-amd64 (SMP w/2 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash -- Saludos, Felipe Sateler signature.asc Description: This is a digitally signed message part
Re: [Stable] Bug#550625: libc6: Realloc sometimes fails to copy all memory correctly
On Fri, 2009-10-16 at 16:19 +0200, Aurelien Jarno wrote: > Adam D. Barratt a écrit : > > Hi, > > > > On Mon, 2009-10-12 at 11:10 +0200, Aurelien Jarno wrote: > >> Would it be possible to do a stable upload to fix this problem (see > >> below)? > > > >>From the bug log I'd say this should indeed be fixed in stable. Please > > could you supply the proposed debdiff for confirmation? > > We plan to use the one from Peter Palfrader, see: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550625#15 Please go ahead. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Processed: limit package to release.debian.org, tagging 547037, tagging 547414, tagging 549704
Processing commands for cont...@bugs.debian.org: > limit package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 547037 + pending Bug #547037 [release.debian.org] pu: package request-tracker3.6/3.6.7-5+lenny2 Added tag(s) pending. > tags 547414 + pending Bug #547414 [release.debian.org] pu: package movabletype-opensource/4.2.3-1+lenny1 Added tag(s) pending. > tags 549704 + pending Bug #549704 [release.debian.org] pu: package apache2/2.2.9-10+lenny5 Added tag(s) pending. > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#549704: pu: package apache2/2.2.9-10+lenny5
Hi, On Mon, 2009-10-05 at 20:11 +0200, Stefan Fritsch wrote: > please review apache2/2.2.9-10+lenny5 for inclusion in > 5.0.4. It fixes minor security issues and some other bugs. Approved. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: [Stable] Bug#550625: libc6: Realloc sometimes fails to copy all memory correctly
Adam D. Barratt a écrit : > Hi, > > On Mon, 2009-10-12 at 11:10 +0200, Aurelien Jarno wrote: >> Would it be possible to do a stable upload to fix this problem (see >> below)? > >>From the bug log I'd say this should indeed be fixed in stable. Please > could you supply the proposed debdiff for confirmation? We plan to use the one from Peter Palfrader, see: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550625#15 -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#550101: opu: package mksh/28.0-2
Hi, On Wed, 2009-10-07 at 16:14 +, Thorsten Glaser wrote: > Fix CVE-2008-1845. History: [...] > This is why I dug out the old .dsc (debdiff attached) and now > would like to request that someone upload this (I'm only a DM, > not a DD). The diff looks fine for opu; please upload (via a sponsor, as you mentioned). Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: [Stable] Bug#550625: libc6: Realloc sometimes fails to copy all memory correctly
Hi, On Mon, 2009-10-12 at 11:10 +0200, Aurelien Jarno wrote: > Would it be possible to do a stable upload to fix this problem (see > below)? >From the bug log I'd say this should indeed be fixed in stable. Please could you supply the proposed debdiff for confirmation? Thanks, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Please hint flash-kernel/2.23
Please hint flash-kernel/2.23 into testing. It adds support for two new devices. It has been in unstable for over 2 weeks but won't move automatically because of the udeb. -- Martin Michlmayr http://www.cyrius.com/ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
