date:20120822

Bug#683299: unblock: open-vm-tools/2:8.8.0+2012.05.21-724730-4

2012-08-22 Thread Daniel Baumann

ping.

-- 
Address:Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email:  daniel.baum...@progress-technologies.net
Internet:   http://people.progress-technologies.net/~daniel.baumann/


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/5034843b.9020...@progress-technologies.net

Bug#685368: marked as done (Upload of scim-tables to testing-proposed-update)

2012-08-22 Thread Debian Bug Tracking System

Your message dated Wed, 22 Aug 2012 08:29:19 +0100
with message-id e208d3351e84f0d885dbf9fba1238...@mail.adsl.funky-badger.org
and subject line Re: Bug#685368: Upload of scim-tables to 
testing-proposed-update
has caused the Debian Bug report #685368,
regarding Upload of scim-tables to testing-proposed-update
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
685368: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685368
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal

Greetings Release Team,

I'm writing to you as I would like your approval to upload scim-tables package
to
testing-proposed-update in order to fix bug #684835.

The main change is a new patch to fix the FTBFS, others include the updates of
debhelper related files, compat file, debian-standard-version, etc.

Please find the relevant diff here:
https://github.com/tzhuan/scim-tables-debain-0.5.9/compare/master...0.5.9-2

Best regards,
Tz-Huan



-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_TW.UTF-8, LC_CTYPE=zh_TW.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to zh_TW.UTF-8)
Shell: /bin/sh linked to /bin/dash
---End Message---
---BeginMessage---

On 22.08.2012 06:27, Tz-Huan Huang wrote:

On Wed, Aug 22, 2012 at 1:41 AM, Adam D. Barratt
a...@adam-barratt.org.uk wrote:

On Tue, 2012-08-21 at 11:38 +0800, Tz-Huan Huang wrote:

Yes, the patch is from new upstream release (0.5.11).

[...]

I have re-made a new package contains only the necessary bit,
please find it attached.


Thanks.  Please go ahead.


Thanks! However, I didn't get any response from my sponsor for a long 
time,

I have uploaded to mentors.debian.net to look for a sponsor.


Looks like someone already picked it up.

I've added an approve hint, so the package will be eligible to migrate 
once all of the architecture builds are available.


Regards,

Adam---End Message---

Bug#685278: unblock: sysvinit/2.88dsf-32

2012-08-22 Thread Roger Leigh

On Sun, Aug 19, 2012 at 09:25:19AM +0100, Roger Leigh wrote:
Please unblock package sysvinit

sysvinit in unstable does contain two bugs marked RC:
#679409: This only appears to affect upstart; it's not yet clear
what the root cause of this is, or if it's actually a
bug in this package.
#672959: Affects kFreeBSD only. And it's also present in testing.
This is being investigated by the kFreeBSD porters, and
will hopefully be fixed in a future upload.

I don't think the presence of either of these bugs warrants delaying
migration, since a lot of important bugs are fixed by migration, and
they could certainly use wider testing before release.

#679409 is not a sysvinit bug; this has been moved to lightdm.
#672959 has been fixed thanks to the effors of the kfreebsd porters,
with fixed packages being here:
http://people.debian.org/~rleigh/sysvinit/sysvinit_2.88dsf-33.dsc
(also fixed in git)

sysvinit 2.88dsf-32 is just coming up to being 10 days old. I can
upload the -33 with the above fix now, or wait until -32 has
migrated, depending upon what you want.

I also have a couple of patches which add update-rc.d/invoke-rc.d
support for systemd, which are currently queued here:

http://anonscm.debian.org/gitweb/?p=collab-maint/sysvinit;a=shortlog;h=refs/heads/jessie-pending
Having update-rc.d and invoke-rc.d support systemd in addition to
sysvinit and upstart is quite important for systemd integration with
Debian. If the release team could give the go-ahead, I can pull
these into -33 (or -34).

Thanks,
Roger

--
.''`. Roger Leigh
: :' : Debian GNU/Linuxhttp://people.debian.org/~rleigh/
`. `' schroot and sbuild http://alioth.debian.org/projects/buildd-tools
`-GPG Public Key F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800

--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120822074755.gf22...@codelibre.net

Bug#684763: pu: package tor/0.2.2.38-1

2012-08-22 Thread Peter Palfrader

On Tue, 21 Aug 2012, Adam D. Barratt wrote:

  I would like to package this new version as 0.2.2.38-1, and upload it to
  squeeze so that we can get these issues fixed in Debian.
 
 Apologies for not spotting earlier that there wasn't one attached, but
 please could we have a debdiff against the package currently in p-u?

Ok, built a package for review.  Patches attached.

Cheers,
-- 
   |  .''`.   ** Debian **
  Peter Palfrader  | : :' :  The  universal
 http://www.palfrader.org/ | `. `'  Operating System
   |   `-http://www.debian.org/
diff -u tor-0.2.2.37/debian/changelog tor-0.2.2.38/debian/changelog
--- tor-0.2.2.37/debian/changelog
+++ tor-0.2.2.38/debian/changelog
@@ -1,3 +1,33 @@
+tor (0.2.2.38-1) stable; urgency=low
+
+  * New upstream version, fixing three security issues, as discussed
+in #684763:
+- Avoid an uninitialized memory read when reading a vote or consensus
+  document that has an unrecognized flavor name. This read could
+  lead to a remote crash bug. Fixes bug 6530; bugfix on 0.2.2.6-alpha.
+  [CVE-2012-3518]
+- Try to leak less information about what relays a client is
+  choosing to a side-channel attacker. Previously, a Tor client would
+  stop iterating through the list of available relays as soon as it
+  had chosen one, thus finishing a little earlier when it picked
+  a router earlier in the list. If an attacker can recover this
+  timing information (nontrivial but not proven to be impossible),
+  they could learn some coarse-grained information about which relays
+  a client was picking (middle nodes in particular are likelier to
+  be affected than exits). The timing attack might be mitigated by
+  other factors (see bug 6537 for some discussion), but it's best
+  not to take chances. Fixes bug 6537; bugfix on 0.0.8rc1.
+  [CVE-2012-3519]
+  * Note that contrary to the upstream release notes and changelog the
+folloiwng issue is not fixed by this release.  Discussion in the
+upstream bug tracker suggests it is not triggerable in practice.
+- Avoid read-from-freed-memory and double-free bugs that could occur
+  when a DNS request fails while launching it. Fixes bug 6480;
+  bugfix on 0.2.0.1-alpha.
+  [CVE-2012-3517; https://bugs.torproject.org/6480]
+
+ -- Peter Palfrader wea...@debian.org  Wed, 22 Aug 2012 08:49:43 +0200
+
 tor (0.2.2.37-1~squeeze+1) stable; urgency=low
 
   * Update tor in stable to 0.2.2.37 as per discussion in #679224:
diff -u tor-0.2.2.37/debian/micro-revision.i 
tor-0.2.2.38/debian/micro-revision.i
--- tor-0.2.2.37/debian/micro-revision.i
+++ tor-0.2.2.38/debian/micro-revision.i
@@ -1 +1 @@
-350efaa9780aadbe
+b523db523103e00b
File lists identical (after any substitutions)

Control files of package tor: lines which differ (wdiff format)
---
Version: [-0.2.2.37-1~squeeze+1-] {+0.2.2.38-1+}

Control files of package tor-dbg: lines which differ (wdiff format)
---
Depends: tor (= [-0.2.2.37-1~squeeze+1)-] {+0.2.2.38-1)+}
Version: [-0.2.2.37-1~squeeze+1-] {+0.2.2.38-1+}

Control files of package tor-geoipdb: lines which differ (wdiff format)
---
Depends: tor (= [-0.2.2.37-1~squeeze+1)-] {+0.2.2.38-1)+}
Version: [-0.2.2.37-1~squeeze+1-] {+0.2.2.38-1+}
diff --git a/ChangeLog b/ChangeLog
index fd9097a..3d24db5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,28 @@
+Changes in version 0.2.2.38 - 2012-08-12
+  Tor 0.2.2.38 fixes a rare race condition that can crash exit relays;
+  fixes a remotely triggerable crash bug; and fixes a timing attack that
+  could in theory leak path information.
+
+  o Security fixes:
+- Avoid read-from-freed-memory and double-free bugs that could occur
+  when a DNS request fails while launching it. Fixes bug 6480;
+  bugfix on 0.2.0.1-alpha.
+- Avoid an uninitialized memory read when reading a vote or consensus
+  document that has an unrecognized flavor name. This read could
+  lead to a remote crash bug. Fixes bug 6530; bugfix on 0.2.2.6-alpha.
+- Try to leak less information about what relays a client is
+  choosing to a side-channel attacker. Previously, a Tor client would
+  stop iterating through the list of available relays as soon as it
+  had chosen one, thus finishing a little earlier when it picked
+  a router earlier in the list. If an attacker can recover this
+  timing information (nontrivial but not proven to be impossible),
+  they could learn some coarse-grained information about which relays
+  a client was picking (middle nodes in particular are likelier to
+  be affected than exits). The timing attack might be mitigated by
+  other factors (see bug 6537 for some discussion), but it's best
+

Bug#685284: unblock: first bunch of packages switching to xz

2012-08-22 Thread Julien Cristau

On Wed, Aug 22, 2012 at 02:35:57 +0200, Philipp Kern wrote:

 On Sun, Aug 19, 2012 at 12:32:58PM +0200, Ansgar Burchardt wrote:
  Please unblock these uploads of packages switching to xz compression.
  They should have no source changes besides a new changelog entry:
 
 Uhm, given that the reason they were compressed with xz is a change in cdbs,
 this should be cleared up in testing before accepting them. Because any 
 rebuild
 in testing (or then stable) will inflate them again.
 
Which means a cdbs tpu upload?

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#685596: unblock: gcc-4.4/4.4.7-2

2012-08-22 Thread Matthias Klose

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

gcc-4.4/4.4.7-2 removes the ObjC/ObjC++ frontends, so that gcc-4.5 can be
removed (see #675431).


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/5034acb3.8020...@debian.org

Bug#685284: unblock: first bunch of packages switching to xz

2012-08-22 Thread Adam D. Barratt


On 22.08.2012 10:51, Julien Cristau wrote:

On Wed, Aug 22, 2012 at 02:35:57 +0200, Philipp Kern wrote:


On Sun, Aug 19, 2012 at 12:32:58PM +0200, Ansgar Burchardt wrote:
 Please unblock these uploads of packages switching to xz 
compression.

 They should have no source changes besides a new changelog entry:

Uhm, given that the reason they were compressed with xz is a change 
in cdbs,
this should be cleared up in testing before accepting them. Because 
any rebuild

in testing (or then stable) will inflate them again.


Which means a cdbs tpu upload?


There's a request (from Ansgar) for either that or an unblock in 
#685287.


Regards,

Adam


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/57e95e33e913000f4913dcce83fa4...@mail.adsl.funky-badger.org

Bug#685597: unblock: ppl/0.11.2-8

2012-08-22 Thread Matthias Klose

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

unblock to fix #669479, #680896 for wheezy. the split out ppl-config binary is
not used by apron and cloog-ppl, so no changes for build dependencies in other
packages are needed.


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/5034af62.9090...@debian.org

Bug#685287: unblock or tpu: cdbs/0.4.117

2012-08-22 Thread Julien Cristau

On Sun, Aug 19, 2012 at 12:55:36 +0200, Ansgar Burchardt wrote:

 I have attached both the current diff from unstable to testing and a
 diff of only the changes in 0.4.117.  If you prefer an upload to tpu
 instead of unblocking the version currently in unstable, this would be
 the changes I would ask Jonas to include.
 
I think the latter (just the xz change in tpu) would be best.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#685528: marked as done (unblock: gnome-packagekit/3.4.2-2)

2012-08-22 Thread Debian Bug Tracking System

Your message dated Wed, 22 Aug 2012 13:05:34 +0200
with message-id 5034bcfe.50...@thykier.net
and subject line Re: Bug#685528: unblock: gnome-packagekit/3.4.2-2
has caused the Debian Bug report #685528,
regarding unblock: gnome-packagekit/3.4.2-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
685528: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685528
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package gnome-packagekit

The only change here is compression with XZ to keep the GNOME disk images
small. So this should be safe to go.
Regards,
Matthias

unblock gnome-packagekit/3.4.2-2

-- System Information:
Debian Release: wheezy/sid
Architecture: amd64 (x86_64)
Foreign Architectures: i386
---End Message---
---BeginMessage---
On 2012-08-21 18:18, Matthias Klumpp wrote:
 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: unblock
 
 Please unblock package gnome-packagekit
 
 The only change here is compression with XZ to keep the GNOME disk images
 small. So this should be safe to go.
 Regards,
 Matthias
 
 unblock gnome-packagekit/3.4.2-2
 
 -- System Information:
 Debian Release: wheezy/sid
 Architecture: amd64 (x86_64)
 Foreign Architectures: i386
 
 

Unblocked, thanks.

~Niels---End Message---

Bug#685284: unblock: first bunch of packages switching to xz

2012-08-22 Thread Niels Thykier

On 2012-08-19 12:32, Ansgar Burchardt wrote:
Package: release.debian.org
Usertags: xz-for-wheezy

Please unblock these uploads of packages switching to xz compression.
They should have no source changes besides a new changelog entry:

unblock empathy/3.4.2.3-1+build1
unblock eog/3.4.2-1+build1
unblock epiphany-browser/3.4.2-1+build1
unblock evince/3.4.0-2+build1
unblock gconf/3.2.5-1+build1
unblock gnome-terminal/3.4.1.1-1+build1
unblock gnome-user-docs/3.4.2-1+build1
unblock libgweather/3.4.1-1+build1
unblock nautilus/3.4.2-1+build1

Looks fine, but I haven't unblocked these.

And these packages having trivial changes to switch to xz compression
(debdiff attached):

unblock app-install-data/2012.06.16.1
unblock gnome-packagekit/3.4.2-2
unblock oxygencursors/0.0.2012-06-kde4.8-2.1
unblock xkeyboard-config/2.5.1-2

Unblocked these (and closed #685528).

Please also unblock pkg-kde-tools. It changes the default compression
for most KDE package to xz.

unblock pkg-kde-tools/0.15.2

Ansgar

It includes a new file, which I suspect is cruft (CC'ed Modestas):

bugreport.cgi?msg=15;filename=0001-debian-qt-kde.mk-Use-xz-compression-by-default.-Clos.patch;att=1;bug=657243

So /not/ unblocked, but other than that it looks fine.

Also spratch Ansgar:
unblock fftw3/3.3.2-3.1
unblock flite/1.4-release-6

Also unblocked.

Michael Biebl wrote:
unblock metacity/1:2.34.3-3

Ok, but possibly relying on the cdbs here, so not unblocked.

unblock gtk+3.0/3.4.2-3

Has udeb, so need confirmation from d-i or KiBi and also relying on
cdbs. Otherwise, ok from my PoV.

~Niels

Bug#685284: unblock: first bunch of packages switching to xz

2012-08-22 Thread Michael Biebl

Hi,

On 22.08.2012 13:09, Niels Thykier wrote:

 unblock gtk+3.0/3.4.2-3
 
 Has udeb, so need confirmation from d-i or KiBi and also relying on
 cdbs.  Otherwise, ok from my PoV.

The gtk+3.0 udeb is not actually used by d-i (the graphical installer is
still gtk2 based), so I don't think we need an explicit confirmation
from the d-i team.

Cheers,
Michael


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#685600: unblock: icedove/10.0.6-2

2012-08-22 Thread Christoph Goehre

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package icedove

It's a security update for 10.0.5 and it fixes the following CVE's:

CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953,
CVE-2012-1954, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958,
CVE-2012-1959, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963,
CVE-2012-1964, CVE-2012-1967

For a detailed overview take a look at this[1]. Here are the changes, which are
documented in the changelog file:

icedove (10.0.6-2) unstable; urgency=low

  * [a657277] rebuild patch queue from patch-queue branch
added patches:
- fixes/Bug-693343-a11y-disabled-in-Gnome-3-when-GNOME_ACCES.patch
  (Closes: #682913)
- porting/fix-FTBFS-on-Alpha-add-arch-support-for-IPC.patch
  (Closes: #685126)
  * [bf09ad9] update build dependencies (Thanks to Mike) (Closes: #666722)

 -- Christoph Goehre ch...@sigxcpu.org  Fri, 17 Aug 2012 16:11:57 +0200

icedove (10.0.6-1) unstable; urgency=high

  * [1b75920] New Upstream version 10.0.6 (Closes: #682817)
  * Fixes for MFSA2012-{42,44-45,47-49,51-54,56}, also known as
CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953,
CVE-2012-1954, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958,
CVE-2012-1959, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963,
CVE-2012-1964, CVE-2012-1967
  * [5fdf662] rebuild patch queue from patch-queue branch
added patches:
- fixes/Bug-761082-Only-export-TabMessageUtils.h-in-mozilla-.patch
modified patches:
- icedove/fix-branding-in-migration-wizard-and-the-addon-manag.patch

 -- Christoph Goehre ch...@sigxcpu.org  Sun, 05 Aug 2012 19:05:48 +0200


Cheers,
Christoph

[1] http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html


signature.asc
Description: Digital signature

Bug#685482: marked as done (unblock: python-django/1.4.1-2)

2012-08-22 Thread Debian Bug Tracking System

Your message dated Wed, 22 Aug 2012 13:32:13 +0200
with message-id 5034c33d.7050...@thykier.net
and subject line Re: Bug#685482: unblock: python-django/1.4.1-2
has caused the Debian Bug report #685482,
regarding unblock: python-django/1.4.1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
685482: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685482
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package python-django

The current testing version is incompatible with python 2.7.3 (which is in
unstable). The version of python in wheezy (2.7.3~rc2) does not trigger
the bug but somehow I expect that doko will ask for an unblock and it
does not hurt to be forward-compatible in this case.

In python-django/1.4.1-2, I only added the upstream patch which fixes this
issue.

This whole problem was tracked in the RC bug #683648.

unblock python-django/1.4.1-2

The full debdiff is here:

diff -Nru python-django-1.4.1/debian/changelog 
python-django-1.4.1/debian/changelog
--- python-django-1.4.1/debian/changelog2012-08-02 10:52:42.0 
+0200
+++ python-django-1.4.1/debian/changelog2012-08-21 08:42:54.0 
+0200
@@ -1,3 +1,14 @@
+python-django (1.4.1-2) unstable; urgency=low
+
+  * New patch 01_use_stdlib_htmlparser_when_possible.diff to not override
+Python stdlib's HTMLParser with Python versions which are unaffected by
+http://bugs.python.org/issue670664 Closes: #683648
+Thanks to David Watson da...@planetwatson.co.uk for the patch.
+  * Update the above patch to use the version committed upstream (commit
+57d9ccc).
+
+ -- Raphaël Hertzog hert...@debian.org  Tue, 21 Aug 2012 08:42:10 +0200
+
 python-django (1.4.1-1) unstable; urgency=low
 
   * New upstream security and maintenance release. Closes: #683364
diff -Nru 
python-django-1.4.1/debian/patches/01_use_stdlib_htmlparser_when_possible.diff 
python-django-1.4.1/debian/patches/01_use_stdlib_htmlparser_when_possible.diff
--- 
python-django-1.4.1/debian/patches/01_use_stdlib_htmlparser_when_possible.diff  
1970-01-01 01:00:00.0 +0100
+++ 
python-django-1.4.1/debian/patches/01_use_stdlib_htmlparser_when_possible.diff  
2012-08-21 08:40:30.0 +0200
@@ -0,0 +1,213 @@
+Description: Do not use Django's custom HTMLParser when the stdlib version 
works
+ Django provided its own HTMLParser derived from stdlib's HTMLParser to
+ work around a bug (http://bugs.python.org/issue670664). Unfortunately,
+ this derived object breaks when the stdlib's HTMLParser is fixed.
+ .
+ Thus we modify Django to only use the derived objects with Python
+ versions which are known to be affected by the problem.
+Author: David Watson da...@planetwatson.co.uk
+Reviewed-by: Raphaël Hertzog hert...@debian.org
+Origin: upstream, 
https://github.com/django/django/commit/57d9ccc4aaef0420f6ba60a26e6af4e83b803ae9
+Bug: https://code.djangoproject.com/ticket/18239
+Bug-Debian: http://bugs.debian.org/683648
+
+diff --git a/django/utils/html_parser.py b/django/utils/html_parser.py
+index b280057..4449461 100644
+--- a/django/utils/html_parser.py
 b/django/utils/html_parser.py
+@@ -1,98 +1,109 @@
+ import HTMLParser as _HTMLParser
+ import re
++import sys
+ 
++current_version = sys.version_info
+ 
+-class HTMLParser(_HTMLParser.HTMLParser):
+-
+-Patched version of stdlib's HTMLParser with patch from:
+-http://bugs.python.org/issue670664
+-
+-def __init__(self):
+-_HTMLParser.HTMLParser.__init__(self)
+-self.cdata_tag = None
++use_workaround = (
++(current_version  (2, 6, 8)) or
++(current_version = (2, 7) and current_version  (2, 7, 3)) or
++(current_version = (3, 0) and current_version  (3, 2, 3))
++)
+ 
+-def set_cdata_mode(self, tag):
+-try:
+-self.interesting = _HTMLParser.interesting_cdata
+-except AttributeError:
+-self.interesting = re.compile(r'/\s*%s\s*' % tag.lower(), re.I)
+-self.cdata_tag = tag.lower()
++if not use_workaround:
++HTMLParser = _HTMLParser.HTMLParser
++else:
++class HTMLParser(_HTMLParser.HTMLParser):
++
++Patched version of stdlib's HTMLParser with patch from:
++http://bugs.python.org/issue670664
++
++def __init__(self):
++_HTMLParser.HTMLParser.__init__(self)
++self.cdata_tag = None
+ 
+-def clear_cdata_mode(self):
+-self.interesting = _HTMLParser.interesting_normal
+-

Bug#681016: [release.debian.org] unblock: dotlrn/2.5.0+dfsg-8

2012-08-22 Thread Hector Romojaro

Just waiting to see if anyone else has something to say about it, but it
doesn't seem the case.

Ok, i'll prepare the fix for #677060 and ask for upload to
testing-proposed-updates.

Thanks for having a look at this.

Regards, Héctor


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/1345635302.23437.4.camel@bulma

Bug#685284: unblock: first bunch of packages switching to xz

2012-08-22 Thread Modestas Vainius

Hello,

On 2012 m. of August 22 d., Wednesday 14:09:28 Niels Thykier wrote:
 It includes a new file, which I suspect is cruft (CC'ed Modestas):
 
 
 
 bugreport.cgi?msg=15;filename=0001-debian-qt-kde.mk-Use-xz-compression-by-d
 efault.-Clos.patch;att=1;bug=657243 
 
 So /not/ unblocked, but other than that it looks fine.

Yeah, indeed, I will clean this up tonight (probably).


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/201208221430.00247.mo...@debian.org

Please accept psgml into testing

2012-08-22 Thread Neil Roeth

Please accept the new version of psgml that I uploaded into unstable.  
It meets a Wheezy guideline for a change that can be accepted: fixes 
for severity: important bugs in packages of priority: optional or extra, 
only when this can be done via |unstable|;.  The only change between it 
and the version in testing is the fix for one severity: important bug, 
685467.


Thanks.

--
Neil Roeth

Re: Please accept psgml into testing

2012-08-22 Thread Niels Thykier

On 2012-08-22 14:11, Neil Roeth wrote:
 Please accept the new version of psgml that I uploaded into unstable. 
 It meets a Wheezy guideline for a change that can be accepted: fixes
 for severity: important bugs in packages of priority: optional or extra,
 only when this can be done via |unstable|;.  The only change between it
 and the version in testing is the fix for one severity: important bug,
 685467.
 
 Thanks.
 


+   if which ucfr /dev/null; then
+   ucfr --purge psgml $STARTDIR/50$STARTFILE
+   fi


That fi has a funny identation, which I guess was unintentional.
Anyhow, it does affect the semantics, so unblocked.

Please consider filing an unblock bug next time; they are a lot easier
for us to keep track of.

Thanks,
~Niels


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/5034cdf2.8060...@thykier.net

Bug#681002: release.debian.org: Freeze exception for libguestfs

2012-08-22 Thread Julien Cristau

On Sat, Jul 21, 2012 at 22:08:21 +0200, Hilko Bengen wrote:

 Would an updated package, with changes over 1:1.18.1-1 as shown in the
 attached patch, be acceptable for wheezy?
 
[...]

 diff --git a/debian/changelog b/debian/changelog
 index bfdf63e..e4c5c0a 100644
 --- a/debian/changelog
 +++ b/debian/changelog
 @@ -1,3 +1,9 @@
 +libguestfs (1:1.18.1-1wheezy1) testing; urgency=low
 +
 +  * [40d6de2] Remove useless dh_python* overrides (Closes: #681587)
 +
 + -- Hilko Bengen ben...@debian.org  Sat, 21 Jul 2012 16:36:10 +0200
 +
  libguestfs (1:1.18.1-1) unstable; urgency=low
  
* New upstream version
 diff --git a/debian/rules b/debian/rules
 index 6386c1d..f496a8e 100755
 --- a/debian/rules
 +++ b/debian/rules
 @@ -126,13 +126,6 @@ override_dh_install:
   erlang-depends -perlang-guestfs
   dh_install
  
 -# Workaround for python3-defaults  3.2~b2-1
 -# (do not rename .so files outside dist-packages directory)
 -override_dh_python3:
 - dh_python3 -p python-libguestfs
 -override_dh_python2:
 - dh_python2 -p python-libguestfs -V 2.6-
 -
  # Workaround for Lintian warning
  # {pre,post}inst-has-useless-call-to-ldconfig
  override_dh_makeshlibs:
 git finished.

If that results in correct dependencies then yes, it seems acceptable.

Thanks,
Julien


signature.asc
Description: Digital signature

Bug#685616: tpu: lxc/0.8.0~rc1-8.1 (pre-approval)

2012-08-22 Thread David Prévot

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: tpu

Please allow the upload of package lxc to testing-proposed-update.

It only fixes some debconf template translations, already fixed in Sid,
but I'm afraid the Sid version contains changes not in line with the
freeze policy, and I couldn't find any trace of pre-approval or unblock
request about it.

Czech and Danish translations of debconf templates are about to be 100%
complete, thus the interest in getting that fixed in Wheezy.

Please find attached the debdiff against the package in testing, for the
tpu, and for the Sid version if you'd prefer consider an unblock.

The packages built in a Wheezy environment are online:

http://people.debian.org/~taffit/lxc/

Regards

David

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-3-amd64 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diffstat for lxc-0.8.0~rc1 lxc-0.8.0~rc1

 changelog |   39 +++
 local/examples/lxc-debian.cfg |   24 -
 local/examples/lxc-progress.cfg   |   38 +++
 local/lxc-debconf |   71 ++--
 local/lxc-list|   17 +-
 local/lxc-ls  |7 ++
 lxc-dev.install   |2 
 lxc.README.Debian |   31 
 lxc.TODO  |5 +
 lxc.install   |2 
 lxc.postrm|2 
 patches/13-lxc-setcap-paths.patch |   24 +
 patches/14-lxc-destroy-symlinks.patch |   13 +
 patches/series|2 
 po/cs.po  |   27 +++---
 po/da.po  |   34 ++---
 po/ja.po  |   86 ++
 17 files changed, 327 insertions(+), 97 deletions(-)

diff -Nru lxc-0.8.0~rc1/debian/changelog lxc-0.8.0~rc1/debian/changelog
--- lxc-0.8.0~rc1/debian/changelog	2012-07-03 18:26:52.0 -0400
+++ lxc-0.8.0~rc1/debian/changelog	2012-08-22 03:01:21.0 -0400
@@ -1,3 +1,42 @@
+lxc (0.8.0~rc1-10) unstable; urgency=low
+
+  * Adding some lxc related boot parameters in readme (Closes: #683999).
+  * Correcting spelling typo in previous changelog entry.
+  * Adding note about lxc directory in readme.
+  * Sourcing /etc/default/lxc in lxc-ls (Closes: #684124).
+  * Listing attached consoles in lxc-list.
+  * Using printf in lxc-list to produce a table output.
+  * Adding updated Danish debconf translations from Joe Dalton
+joedalt...@yahoo.dk (Closes: #684572).
+  * Mounting /proc with hidepid=2 on progress by default.
+  * Also removing auto symlink when destroying containers.
+  * Protecting multiarch queries since install files are run with set -
+e.
+  * Adding missing live-config preseedings in lxc-debconf (Closes:
+#680469).
+  * Updating todo file.
+
+ -- Daniel Baumann daniel.baum...@progress-technologies.net  Wed, 22 Aug 2012 09:01:11 +0200
+
+lxc (0.8.0~rc1-9) unstable; urgency=low
+
+  * Updating todo file.
+  * Correcting freudian typo in lxc directory removal in postrm (Closes:
+#679842).
+  * Adding updated Czech debconf translations from Michal Simunek
+michal.simu...@gmail.com (Closes: #679681).
+  * Using split out live-debconfig now.
+  * Adding patch to correct paths to lxc-init in lxc-setcap (Closes:
+#682790).
+  * Adding Japanese debconf translations from Kenshi Muto
+km...@debian.org (Closes: #683123).
+  * Using relative mount paths for /proc and /sys in container
+configurations produced by lxc-debconf (Closes: #683444).
+  * Shortening name of dpkg.cfg.d configuration file used during chroot
+operations.
+
+ -- Daniel Baumann daniel.baum...@progress-technologies.net  Sat, 04 Aug 2012 10:38:43 +0200
+
 lxc (0.8.0~rc1-8) unstable; urgency=low
 
   * Removing comments in lxc-debconf debconf templates, apparently
diff -Nru lxc-0.8.0~rc1/debian/local/examples/lxc-debian.cfg lxc-0.8.0~rc1/debian/local/examples/lxc-debian.cfg
--- lxc-0.8.0~rc1/debian/local/examples/lxc-debian.cfg	2012-06-29 17:14:41.0 -0400
+++ lxc-0.8.0~rc1/debian/local/examples/lxc-debian.cfg	2012-08-16 10:11:55.0 -0400
@@ -27,18 +27,18 @@
 lxc lxc-debconf/eth0/veth string veth-debian
 
 # live-debconfig
-live-config live-debconfig/hostname/hostname string debian
-live-config live-debconfig/ifupdown/eth0-comment string The primary network interface
-live-config live-debconfig/ifupdown/eth0-method select dhcp
-#live-config live-debconfig/ifupdown/eth0-address string 
-#live-config live-debconfig/ifupdown/eth0-broadcast string 
-#live-config

Bug#681233: unblock: pynn/0.7.4-1

2012-08-22 Thread Yaroslav Halchenko

 unblocked anyway...

thanks Julien!  you made me blush that I have missed them in my
quick review of the changes.

NB I am CCing upstream who might like to straighten those up

On Wed, 22 Aug 2012, Julien Cristau wrote:
   def setup(timestep=0.1, min_delay=0.1, max_delay=0.1, 
  debug=False,**extra_params):
  +
  +logger.debug(setup() called, extra_params = +str(extra_params))

 this is broken, surely it should be below the docstring?

ideally -- yes -- but should be harmless

   
   Should be called at the very beginning of a script.
   extra_params contains any keyword arguments that are required by a 
  given
   simulator but not by others.
   


 also the sys.path.append('/usr/lib/python2.x/site-packages/oldxml')
 seems like a horrible, horrible hack.

indeed... with not 100% clear motive (besides suggesting wanting
an older xml module, which was just bluntly manually copied on
that system).

Andrew -- could you clarify?:

src/neuroml.py:sys.path.append('/usr/lib/python%s/site-packages/oldxml' % 
sys.version[:3]) # needed for Ubuntu
src/neuroml2.py:sys.path.append('/usr/lib/python%s/site-packages/oldxml' % 
sys.version[:3]) # needed for Ubuntu

may be those are just left-overs which could be safely dropped?

-- 
Yaroslav O. Halchenko
Postdoctoral Fellow,   Department of Psychological and Brain Sciences
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
Phone: +1 (603) 646-9834   Fax: +1 (603) 646-1419
WWW:   http://www.linkedin.com/in/yarik


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120822160843.gn2...@onerussian.com

python-distutils-extra needs update in wheezy to fix FTBFS on linaro-image-tools and nautilus-image-manipulator (#682631)

2012-08-22 Thread Salvatore Bonaccorso

Hi Martin

Note: not opening a bug against release.debian.org yet.

(I'm CC'ing the Release Team List and respective packages and Gregor,
who too contributed on the patch needed for #682631).

The debdiff unfortunately is not only related to #682631, but am I
correct that all changes there should be in wheezy? I know not yet the
10 day testing period is over, but are you going to ask for an unblock
for python-distutils-extra?

I'm attaching the full debdiff which is currently found for the
package in testing and the one in unstable.

The fix would be needed to fix the FTBFS for linaro-image-tools and
nautilus-image-manipulator in wheezy.

Regards,
Salvatore
Base version: python-distutils-extra_2.34-1 from testing
Target version: python-distutils-extra_2.36-1 from unstable

Hints in place:
== kibi
  # 20120715
  unblock python-distutils-extra/2.34-1

 DistUtilsExtra/__init__.py   |2 +-
 DistUtilsExtra/auto.py   |   17 -
 PKG-INFO |2 +-
 debian/changelog |   24 
 debian/rules |   11 ---
 python_distutils_extra.egg-info/PKG-INFO |2 +-
 test/auto.py |   24 ++--
 7 files changed, 69 insertions(+), 13 deletions(-)

diff -Nru python-distutils-extra-2.34/DistUtilsExtra/__init__.py python-distutils-extra-2.36/DistUtilsExtra/__init__.py
--- python-distutils-extra-2.34/DistUtilsExtra/__init__.py	2012-06-26 05:32:53.0 +
+++ python-distutils-extra-2.36/DistUtilsExtra/__init__.py	2012-08-15 09:12:23.0 +
@@ -1 +1 @@
-__version__ = '2.34'
+__version__ = '2.36'
diff -Nru python-distutils-extra-2.34/DistUtilsExtra/auto.py python-distutils-extra-2.36/DistUtilsExtra/auto.py
--- python-distutils-extra-2.34/DistUtilsExtra/auto.py	2012-07-09 09:11:21.0 +
+++ python-distutils-extra-2.36/DistUtilsExtra/auto.py	2012-08-15 09:14:16.0 +
@@ -39,7 +39,7 @@
 # Author: Martin Pitt martin.p...@ubuntu.com
 
 import os, os.path, fnmatch, stat, sys, subprocess
-import ast
+import ast, locale
 import distutils.core
 from functools import reduce
 
@@ -101,8 +101,15 @@
 
 if src:
 print('WARNING: the following files are not recognized by DistUtilsExtra.auto:')
+enc = locale.getpreferredencoding()
 for f in sorted(src):
-print ('  ' + f)
+# ensure that we can always print the file name
+if(sys.version_info[0]  3):
+# hack to make this work with Python 2
+f_loc = f.decode('ascii', 'ignore')
+else:
+f_loc = f.encode(enc, errors='replace').decode(enc, errors='replace')
+print ('  ' + f_loc)
 
 #
 # parts of setup()
@@ -380,7 +387,7 @@
 with open(file, 'rb') as f:
 # send binary blob for python2, otherwise sending an unicode object with
 # encoding directive makes ast triggering an exception in python2
-if(sys.version_info.major  3):
+if(sys.version_info[0]  3):
 file_content = f.read()
 else:
 file_content = f.read().decode('UTF-8')
@@ -621,8 +628,8 @@
 f_py = f + '.py'
 if os.access(f, os.X_OK) and os.path.splitext(f)[1] == '' and \
 not os.path.exists(f_py):
-line = open(f).readline()
-if line.startswith('#!') and 'python' in line:
+line = open(f, 'rb').readline()
+if line.startswith(b'#!') and b'python' in line:
 os.symlink(os.path.basename(f), f_py)
 files.add(f_py)
 exe_symlinks.append(f_py)
diff -Nru python-distutils-extra-2.34/PKG-INFO python-distutils-extra-2.36/PKG-INFO
--- python-distutils-extra-2.34/PKG-INFO	2012-07-09 09:13:31.0 +
+++ python-distutils-extra-2.36/PKG-INFO	2012-08-15 09:20:06.0 +
@@ -1,6 +1,6 @@
 Metadata-Version: 1.0
 Name: python-distutils-extra
-Version: 2.34
+Version: 2.36
 Summary: Add support for i18n, documentation and icons to distutils
 Home-page: UNKNOWN
 Author: Sebastian Heinlein, Martin Pitt
diff -Nru python-distutils-extra-2.34/debian/changelog python-distutils-extra-2.36/debian/changelog
--- python-distutils-extra-2.34/debian/changelog	2012-07-09 09:14:25.0 +
+++ python-distutils-extra-2.36/debian/changelog	2012-08-15 09:23:31.0 +
@@ -1,3 +1,27 @@
+python-distutils-extra (2.36-1) unstable; urgency=low
+
+  * debian/rules: Run tests against all supported python 2 and 3 versions.
+This catches bugs with Python 2.6. (Closes: #684967)
+  * debian/rules: Skip tests if $DEB_BUILD_OPTIONS contains nocheck.
+(Closes: #684966)
+  * debian/rules: Run tests under LC_ALL=C, to fix FTBFS in cases where
+LC_CTYPE is set

Bug#683441: unblock: otrs2/3.1.7+dfsg1-3

2012-08-22 Thread Patrick Matthäi

Package: release.debian.org
Followup-For: Bug #683441

Hey kibi,

I have prepared an new upload with urgency high, because now it also needs an
security fix. I will wait on your approve before I upload it.
diff:

diff -Naur '--exclude=.svn' tags/3.1.7+dfsg1-3/debian/changelog 
branches/wheezy/debian/changelog
--- tags/3.1.7+dfsg1-3/debian/changelog 2012-07-30 10:01:45.0 +0200
+++ branches/wheezy/debian/changelog2012-08-22 18:50:11.539325047 +0200
@@ -1,9 +1,20 @@
+otrs2 (3.1.7+dfsg1-4) UNRELEASED; urgency=high
+
+  * Correct typo in changelog from my last upload.
+  * Add upstream patch 28-osa-2012-01-ie-xss from OSA-2012-01, which fixes a
+XSS vulnerability when using the Internet Explorer.
+  * Move libmail-imapclient-perl from Suggests to Depends and also depend on
+the version in Wheezy. This is an additional fix for the 3.1.7+dfsg1-3
+upload to ensure that the correct version is installed.
+
+ -- Patrick Matthäi pmatth...@debian.org  Sun, 19 Aug 2012 12:47:35 +0200
+
 otrs2 (3.1.7+dfsg1-3) unstable; urgency=low
 
   * Add backported upstream patch 27-imaptls-more-than-one-email. Using IMAPTLS
 will purge all e-mails, if more than one is located in the inbox. This is
 because of newer Mail::IMAPClient module versions return an array reference
-insteaf of an array on the -message action.
+instead of an array on the -message action.
 
  -- Patrick Matthäi pmatth...@debian.org  Mon, 30 Jul 2012 09:53:24 +0200
 
diff -Naur '--exclude=.svn' tags/3.1.7+dfsg1-3/debian/control 
branches/wheezy/debian/control
--- tags/3.1.7+dfsg1-3/debian/control   2012-07-30 10:01:45.0 +0200
+++ branches/wheezy/debian/control  2012-08-22 18:48:03.458134088 +0200
@@ -47,6 +47,7 @@
  ttf-dejavu-extra,
  ttf-dejavu-core,
  libyaml-perl,
+ libmail-imapclient-perl (= 3.31),
  libjson-perl
 Recommends: postgresql | mysql-server,
  procmail | maildrop,
@@ -55,7 +56,6 @@
 Suggests: otrs2-doc-en | otrs2-doc-de,
  libnet-ldap-perl,
  libjson-xs-perl,
- libmail-imapclient-perl,
  libnet-smtp-tls-butmaintained-perl,
  libtext-csv-xs-perl,
  libencode-hanextra-perl
diff -Naur '--exclude=.svn' 
tags/3.1.7+dfsg1-3/debian/patches/28-osa-2012-01-ie-xss.diff 
branches/wheezy/debian/patches/28-osa-2012-01-ie-xss.diff
--- tags/3.1.7+dfsg1-3/debian/patches/28-osa-2012-01-ie-xss.diff
1970-01-01 01:00:00.0 +0100
+++ branches/wheezy/debian/patches/28-osa-2012-01-ie-xss.diff   2012-08-22 
18:44:14.328005878 +0200
@@ -0,0 +1,70 @@
+# Upstream advisory 2012-01:
+# This advisory covers vulnerabilities discovered in the OTRS core system. Due
+# to the XSS vulnerability in Internet Explorer an attacker could send a
+# specially prepared HTML email to OTRS which would cause JavaScript code to be
+# executed in your Internet Explorer while displaying the email.
+
+diff -Naur 
otrs2-3.1.7+dfsg1.orig/Kernel/Output/HTML/Standard/AgentTicketZoom.dtl 
otrs2-3.1.7+dfsg1/Kernel/Output/HTML/Standard/AgentTicketZoom.dtl
+--- otrs2-3.1.7+dfsg1.orig/Kernel/Output/HTML/Standard/AgentTicketZoom.dtl 
2012-06-21 13:40:05.0 +0200
 otrs2-3.1.7+dfsg1/Kernel/Output/HTML/Standard/AgentTicketZoom.dtl  
2012-08-22 18:38:22.676743135 +0200
+@@ -2,7 +2,7 @@
+ # AgentTicketZoom.dtl - provides HTML for AgentTicketZoom.pm
+ # Copyright (C) 2001-2012 OTRS AG, http://otrs.org/
+ # --
+-# $Id: AgentTicketZoom.dtl,v 1.207.2.2 2012/06/11 08:20:01 mg Exp $
++# $Id: AgentTicketZoom.dtl,v 1.207.2.4 2012/08/17 08:52:41 mg Exp $
+ # --
+ # This software comes with ABSOLUTELY NO WARRANTY. For details, see
+ # the enclosed file COPYING for license information (AGPL). If you
+@@ -177,7 +177,11 @@
+ !-- dtl:block:TotalAccountedTime --
+ !-- dtl:block:PendingUntil --
+ label$Text{Pending till}:/label
+-p class=Value 
$QData{PendingUntilClass}$Data{PendingUntil}/p
++p class=Value $QData{PendingUntilClass}
++$Data{PendingUntil}
++br/
++$TimeShort{$QData{UntilTimeHuman}}
++/p
+ div class=Clear/div
+ !-- dtl:block:PendingUntil --
+ !-- dtl:block:Owner --
+@@ -628,7 +632,9 @@
+ !-- dtl:block:BodyHTML --
+ div
+ # execute IFrame JS asynchronously. Otherwise it could happen before our API 
was loaded
+-iframe width=100% frameborder=0 
id=Iframe$QData{ArticleID} onload=window.setTimeout( function (){ if 
(typeof Core === 'object'  typeof Core.Agent === 'object'  typeof 
Core.Agent.TicketZoom === 'object') { 
Core.Agent.TicketZoom.IframeAutoHeight($('#Iframe$QData{ArticleID}')); } }, 
500); 
src=$Env{Baselink}Action=AgentTicketAttachment;Subaction=HTMLView;ArticleID=$QData{ArticleID};FileID=$QData{AttachmentIDOfHTMLBody}/iframe
++# Use the HTML5 sandbox attribute to prevent plugins and scripts from being 
executed in the browser.
++# Use IE's (non-standard) security attribute to achieve

76 matches

Mail list logo