Bug#689386: marked as done (unblock: moodle/2.2.3.dfsg-2.3)
Your message dated Tue, 02 Oct 2012 08:16:31 +0200
with message-id <506a86bf.1030...@dogguy.org>
and subject line Re: Bug#689386: unblock: moodle/2.2.3.dfsg-2.3
has caused the Debian Bug report #689386,
regarding unblock: moodle/2.2.3.dfsg-2.3
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
689386: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689386
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package moodle
This version fixes the security bug #687924 and the following CVEs:
CVE-2012-4400
CVE-2012-4401
CVE-2012-4402
CVE-2012-4407
CVE-2012-4408
This is the changelog entry:
moodle (2.2.3.dfsg-2.3) unstable; urgency=low
* Non-maintainer upload.
* Backport multiple security issues from upstream's MOODLE_22_STABLE
branch. (Closes: #687924)
- MSA-12-0051: MDL-30792 - File upload size constraint issue
Fixes CVE-2012-4400
- MSA-12-0052: MDL-28207 - Course topics permission issue
Fixes CVE-2012-4401
- MSA-12-0053: MDL-34585 - Blog file access issue
Fixes CVE-2012-4407
- MSA-12-0054: MDL-34519 - Course reset permission issue
Fixes CVE-2012-4408
- MSA-12-0055: MDL-34368 - Web service access token issue
Fixes CVE-2012-4402
-- Didier Raboud Fri, 28 Sep 2012 12:52:21 +0200
And (as the only diff are new patches in debian/patches) the patches are
attached.
Cheers,
OdyX
unblock moodle/2.2.3.dfsg-2.3
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
>From ebf253af171efbc5ff3a0074538c85a5edcb2ee2 Mon Sep 17 00:00:00 2001
From: Rajesh Taneja
Date: Fri, 3 Aug 2012 11:44:20 +0800
Subject: [PATCH] MDL-30792 Files API: maxbytes will be set by
get_max_upload_file_size if less then 0 or greater then max
moodle limit
---
repository/filepicker.php |4 ++--
repository/repository_ajax.php |8 ++--
2 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/repository/filepicker.php b/repository/filepicker.php
index 68aee10..610ef13 100644
--- a/repository/filepicker.php
+++ b/repository/filepicker.php
@@ -93,9 +93,9 @@ if ($repository = $DB->get_record_sql($sql, array($repo_id))) {
}
}
-$moodle_maxbytes = get_max_upload_file_size();
+$moodle_maxbytes = get_max_upload_file_size($CFG->maxbytes, $course->maxbytes);
// to prevent maxbytes greater than moodle maxbytes setting
-if ($maxbytes == 0 || $maxbytes>=$moodle_maxbytes) {
+if (($maxbytes <= 0) || ($maxbytes >= $moodle_maxbytes)) {
$maxbytes = $moodle_maxbytes;
}
diff --git a/repository/repository_ajax.php b/repository/repository_ajax.php
index b7793c8..b7f76d1 100644
--- a/repository/repository_ajax.php
+++ b/repository/repository_ajax.php
@@ -83,9 +83,13 @@ if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
/// Check permissions
repository::check_capability($contextid, $repository);
-$moodle_maxbytes = get_max_upload_file_size();
+$coursemaxbytes = 0;
+if (!empty($course)) {
+ $coursemaxbytes = $course->maxbytes;
+}
+$moodle_maxbytes = get_max_upload_file_size($CFG->maxbytes, $coursemaxbytes);
// to prevent maxbytes greater than moodle maxbytes setting
-if ($maxbytes == 0 || $maxbytes>=$moodle_maxbytes) {
+if (($maxbytes <= 0) || ($maxbytes >= $moodle_maxbytes)) {
$maxbytes = $moodle_maxbytes;
}
--
1.7.10.4
>From 43bfb68de9bb2b3f849a1ebded1c2b8e7f738edc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20S=CC=8Ckoda?=
Date: Tue, 31 Jul 2012 16:02:54 +0200
Subject: [PATCH] MDL-34585 fix broken blog file access control
---
lib/filelib.php |6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/filelib.php b/lib/filelib.php
index 92565f9..ca20cd2 100644
--- a/lib/filelib.php
+++ b/lib/filelib.php
@@ -3230,15 +3230,15 @@ function file_pluginfile($relativepath, $forcedownload) {
}
}
-if ('publishstate' === 'public') {
+if ($entry->publishstate === 'public') {
if ($CFG->forcelogin) {
require_login();
}
-} else if ('publishstate' === 'site') {
+} else if ($entry->publishstate === 'site') {
require_login();
//ok
-} else if ('pub
Bug#689386: unblock: moodle/2.2.3.dfsg-2.3
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package moodle
This version fixes the security bug #687924 and the following CVEs:
CVE-2012-4400
CVE-2012-4401
CVE-2012-4402
CVE-2012-4407
CVE-2012-4408
This is the changelog entry:
moodle (2.2.3.dfsg-2.3) unstable; urgency=low
* Non-maintainer upload.
* Backport multiple security issues from upstream's MOODLE_22_STABLE
branch. (Closes: #687924)
- MSA-12-0051: MDL-30792 - File upload size constraint issue
Fixes CVE-2012-4400
- MSA-12-0052: MDL-28207 - Course topics permission issue
Fixes CVE-2012-4401
- MSA-12-0053: MDL-34585 - Blog file access issue
Fixes CVE-2012-4407
- MSA-12-0054: MDL-34519 - Course reset permission issue
Fixes CVE-2012-4408
- MSA-12-0055: MDL-34368 - Web service access token issue
Fixes CVE-2012-4402
-- Didier Raboud Fri, 28 Sep 2012 12:52:21 +0200
And (as the only diff are new patches in debian/patches) the patches are
attached.
Cheers,
OdyX
unblock moodle/2.2.3.dfsg-2.3
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
>From ebf253af171efbc5ff3a0074538c85a5edcb2ee2 Mon Sep 17 00:00:00 2001
From: Rajesh Taneja
Date: Fri, 3 Aug 2012 11:44:20 +0800
Subject: [PATCH] MDL-30792 Files API: maxbytes will be set by
get_max_upload_file_size if less then 0 or greater then max
moodle limit
---
repository/filepicker.php |4 ++--
repository/repository_ajax.php |8 ++--
2 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/repository/filepicker.php b/repository/filepicker.php
index 68aee10..610ef13 100644
--- a/repository/filepicker.php
+++ b/repository/filepicker.php
@@ -93,9 +93,9 @@ if ($repository = $DB->get_record_sql($sql, array($repo_id))) {
}
}
-$moodle_maxbytes = get_max_upload_file_size();
+$moodle_maxbytes = get_max_upload_file_size($CFG->maxbytes, $course->maxbytes);
// to prevent maxbytes greater than moodle maxbytes setting
-if ($maxbytes == 0 || $maxbytes>=$moodle_maxbytes) {
+if (($maxbytes <= 0) || ($maxbytes >= $moodle_maxbytes)) {
$maxbytes = $moodle_maxbytes;
}
diff --git a/repository/repository_ajax.php b/repository/repository_ajax.php
index b7793c8..b7f76d1 100644
--- a/repository/repository_ajax.php
+++ b/repository/repository_ajax.php
@@ -83,9 +83,13 @@ if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
/// Check permissions
repository::check_capability($contextid, $repository);
-$moodle_maxbytes = get_max_upload_file_size();
+$coursemaxbytes = 0;
+if (!empty($course)) {
+ $coursemaxbytes = $course->maxbytes;
+}
+$moodle_maxbytes = get_max_upload_file_size($CFG->maxbytes, $coursemaxbytes);
// to prevent maxbytes greater than moodle maxbytes setting
-if ($maxbytes == 0 || $maxbytes>=$moodle_maxbytes) {
+if (($maxbytes <= 0) || ($maxbytes >= $moodle_maxbytes)) {
$maxbytes = $moodle_maxbytes;
}
--
1.7.10.4
>From 43bfb68de9bb2b3f849a1ebded1c2b8e7f738edc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20S=CC=8Ckoda?=
Date: Tue, 31 Jul 2012 16:02:54 +0200
Subject: [PATCH] MDL-34585 fix broken blog file access control
---
lib/filelib.php |6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/filelib.php b/lib/filelib.php
index 92565f9..ca20cd2 100644
--- a/lib/filelib.php
+++ b/lib/filelib.php
@@ -3230,15 +3230,15 @@ function file_pluginfile($relativepath, $forcedownload) {
}
}
-if ('publishstate' === 'public') {
+if ($entry->publishstate === 'public') {
if ($CFG->forcelogin) {
require_login();
}
-} else if ('publishstate' === 'site') {
+} else if ($entry->publishstate === 'site') {
require_login();
//ok
-} else if ('publishstate' === 'draft') {
+} else if ($entry->publishstate === 'draft') {
require_login();
if ($USER->id != $entry->userid) {
send_file_not_found();
--
1.7.10.4
>From f4ab33b25ff2013d8334303a06fde1800cd8cce0 Mon Sep 17 00:00:00 2001
From: Rex Lorenzo
Date: Tue, 24 Jul 2012 12:01:11 -0700
Subject: [PATCH] MDL-34519 - Course reset not protected by proper capability
---
course/reset.php |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/course/reset.php b/course/reset.php
index cd0a66b..088c203 100644
--- a/course/reset.php
+++ b/course/reset.php
@@ -39,7 +39,7 @@ if (!$course = $DB->get_record('course', array('id'=>$id))) {
$PAGE->set_url('/course/reset.php', array('id'=>$id));
require_login($course);
-require_capability('moodle/course:update',
Re: Freeze Exceptions for libti*, TiLP, GFM and TilEm
Hello, >> I should've done this earlier, but better late than never, right? > > Not really. There are time limits and they passed quite a long time ago > now...after a considerable period of notice of the time limits > themselves... In the end, it was still good, because now I understand a bit more about the freeze. >> (I was under the impression that the packages must enter unstable >> before considering any wheezy/testing exceptions.) > > All the packages you mention are at the same version in testing and > unstable currently - if you are proposing updated packages to be > uploaded to unstable then, yes, the packages must be already in > unstable and without fresh RC bugs before considering a freeze > exception. Yup. > A release freeze is NOT the right time to test new upstream versions of > packages! All packages for consideration in a Debian stable release > must be allowed time for testing within Debian before the release. Yeah, I did not consider the time to testing any breakages, etc. in Debian. > New packages do not meet the criteria for freeze exceptions. > > 1. fixes for release critical bugs (i.e., bugs of severity critical, > grave, and serious) in all packages; > > 2. changes for release goals, if they are not invasive; > > 3. fixes for severity: important bugs in packages of priority: optional > or extra, only when this can be done via unstable; > > 4. translation updates and documentation fixes; pre-approved fixes; > > 5. as above, important changes that the maintainer feels are needed > before release. > > http://release.debian.org/wheezy/freeze_policy.html My intent was based on #5 - the current package(s), as they stand, are rather unusable. >> libticonv: >> * Fixes #686635 and #678872. The former is a copyright bug that has >> been fixed by a NMU, which provides a partial fix that is remedied by >> my update. #678872 is an ITA. > > If #686635 is only a partial fix, re-open the bug. Will do. >> libticables: >> * This one fixes a LOT of bugs: > > None of which are release critical for Debian. Ah - I originally thought that FTBFS was considered RC. > ITA bugs are not release critical. Yeah, I knew that. >> I believe that these packages are very beneficial for the >> Debian/Ubuntu/Mint TI Linux community, and have significant demand. > > But none have had any testing in Debian and the opportunity for these > packages to migrate into Wheezy has been missed. Unfortunately... > So the packages are not even ready for testing in unstable... just how > long is Debian expected to wait for these updates when the window for > these uploads closed 3 months ago already? > Doesn't look as if any of these prospective uploads meet any of the > criteria for a freeze exception. Alright, understood. > The packages have waited this long for an update, do the upload to > unstable after the release and then consider a backport. In the > meantime, please consider working on some of the existing RC bugs to > help get the release done. That way, everyone gets what they want > quickly. Well, if I have time and motivation. (Currently the only reason I can approach you with these packages is because I've hired a helper to work on the packaging with me...) Nevertheless, I will certainly work on fixing the aforementioned copyright bug. I've only started doing packaging work for these packages in May, very much close to the deadline. Despite some time I had in the summer to work on these packages, external circumstances prevented me from completing the work on time. Nevertheless, I understand that you can't allow these kind of exceptions, since _everyone_ will probably be asking for such an exception, and for bigger packages too, which would prevent a release from happening. Thanks for your time in helping me understand the freeze unblock criteria! One last question... For backports, would I ask end users to add that repo once the release occurs? And backports will NOT ever migrate packages to stable (wheezy), I would assume? Thanks! Albert -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cakmcsm+ftpc8u8vsvl_vmrabf6ekgroewkojqnrbn2es_we...@mail.gmail.com
Bug#681016: [release.debian.org] unblock: dotlrn/2.5.0+dfsg-8
Hi,
I have uploaded the new version containing the fix for the new RC bug
previously mentioned to svn, and asked for upload to t-p-u to my
sponsor[1].
About the bug and the fix, the problem was that /etc/dotlrn/config.tcl
was being modified by debconf on the install and, as it's marked as a
conffile, on the upgrade is detected as modified by the user (even if
that's not the case).
The fix consists in using another file (/etc/dotlrn/config.local)
containing the local config values, managed bu ucf and modified by
debconf on the install, and import these values from the original
config.tcl file. Also, the preinst script tries to revert the config.tcl
to its primordial state so it's not detected as modified on the upgrade.
Please let me know if you need more information or there is a problem.
Attached debdiff between 2.5.0+dfsg6 (version in testing) and 2.5.0
+dfsg-6+wheezy2 (the new version) for
your convenience.
Thank you very much for your time, and sorry for any inconvenience.
[1]
http://lists.alioth.debian.org/pipermail/pkg-tcltk-devel/2012-October/002102.html
Kind regards,
Héctor
diff -u dotlrn-2.5.0+dfsg/debian/control dotlrn-2.5.0+dfsg/debian/control
--- dotlrn-2.5.0+dfsg/debian/control
+++ dotlrn-2.5.0+dfsg/debian/control
@@ -14,7 +14,7 @@
Architecture: all
Depends: ${misc:Depends}, aolserver4-daemon (>= 4.5.1-11), aolserver4-nspostgres, aolserver4-nssha1, postgresql-client,
adduser, tclthread (>= 1:2.6.5-3), tcllib, tcl (>= 8.4), wwwconfig-common, debconf, xotcl,
- aolserver4-xotcl, imagemagick, zip, unzip, tdom (>= 0.8.3~20080525)
+ aolserver4-xotcl, imagemagick, zip, unzip, tdom (>= 0.8.3~20080525), ucf
Suggests: postgresql, daemontools, daemontools-run
Description: e-learning portal system based on OpenACS
dotLRN is a complete Learning Management System that integrates course
diff -u dotlrn-2.5.0+dfsg/debian/changelog dotlrn-2.5.0+dfsg/debian/changelog
--- dotlrn-2.5.0+dfsg/debian/changelog
+++ dotlrn-2.5.0+dfsg/debian/changelog
@@ -1,3 +1,21 @@
+dotlrn (2.5.0+dfsg-6+wheezy2) testing-proposed-updates; urgency=low
+
+ * Fixed local config management. Closes: #688435
+- Updated README.Debian
+- Autogenerated config.local file with database
+ local settings.
+- Added dotlrn.preinst file with a fix for old
+ postinst modified config.tcl.
+
+ -- Hector Romojaro Sat, 29 Sep 2012 01:12:07 +0200
+
+dotlrn (2.5.0+dfsg-6+wheezy1) testing-proposed-updates; urgency=low
+
+ * Fixed call to ucf on postrm. (#677060). For details about why this
+is fixed at testing-proposed-updates, please see #681016.
+
+ -- Hector Romojaro Wed, 22 Aug 2012 13:45:03 +0200
+
dotlrn (2.5.0+dfsg-6) unstable; urgency=low
* Updated Dutch translation. Closes: #660229
diff -u dotlrn-2.5.0+dfsg/debian/postinst dotlrn-2.5.0+dfsg/debian/postinst
--- dotlrn-2.5.0+dfsg/debian/postinst
+++ dotlrn-2.5.0+dfsg/debian/postinst
@@ -60,8 +60,6 @@
# Read debconf and edit the config file accordingly
get_config
- db_stop
- exec 0<&1
# Care about the repository
repository=/var/lib/dotlrn
@@ -151,10 +149,27 @@
/etc/init.d/postgresql reload
fi
fi
- # Modify config.tcl with debconf values
- dbuser=$dbu_name
- dbpass=$dbu_password
- sed -i "/^set db_host/,/^set db_user/d;s/## Debconf changes (DO NOT EDIT BYHAND) ##/&\nset db_host $dbserver\nset db_password \"$dbpass\"\nset db_port \"5432\"\nset db_user $dbuser/" /etc/dotlrn/config.tcl
+
+# Create /etc/dotlrn/config.local file with debconf
+# values, and manage with ucf.
+# Create file
+localconfigtmp=$(mktemp)
+localconfig="/etc/dotlrn/config.local"
+cat > $localconfigtmp /dev/null; then
+ucfr --purge dotlrn /etc/dotlrn/config.local
+fi
+rm -f /etc/aolserver4/conf.d/dotlrn.tcl /etc/aolserver4/conf.d/dotlrn.sh
+# Start aolserver after removal
+[ -f /etc/init.d/aolserver4 ] && invoke-rc.d aolserver4 start
;;
remove)
@@ -30,6 +33,8 @@
db_version 2.0
rm -rf /usr/share/dotlrn
+# Start aolserver after removal
+[ -f /etc/init.d/aolserver4 ] && invoke-rc.d aolserver4 start
;;
upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
diff -u dotlrn-2.5.0+dfsg/debian/patches/config.dpatch dotlrn-2.5.0+dfsg/debian/patches/config.dpatch
--- dotlrn-2.5.0+dfsg/debian/patches/config.dpatch
+++ dotlrn-2.5.0+dfsg/debian/patches/config.dpatch
@@ -5,9 +5,9 @@
## DP: Adaptation of config.tcl and daemontools/run to debian install.
@DPATCH@
-diff -urNad trunk~/etc/config.tcl trunk/etc/config.tcl
trunk~/etc/config.tcl 2009-03-31 19:14:52.0 +0200
-+++ trunk/etc/config.tcl 2009-10-16 20:36:07.0 +0200
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.
Re: Freeze Exceptions for libti*, TiLP, GFM and TilEm
On Mon, 1 Oct 2012 17:39:08 -0400 Albert Huang wrote: > I should've done this earlier, but better late than never, right? Not really. There are time limits and they passed quite a long time ago now...after a considerable period of notice of the time limits themselves... > (I was under the impression that the packages must enter unstable > before considering any wheezy/testing exceptions.) All the packages you mention are at the same version in testing and unstable currently - if you are proposing updated packages to be uploaded to unstable then, yes, the packages must be already in unstable and without fresh RC bugs before considering a freeze exception. A release freeze is NOT the right time to test new upstream versions of packages! All packages for consideration in a Debian stable release must be allowed time for testing within Debian before the release. > I would also like to ask for an exception for a NEW package, tilem. New packages do not meet the criteria for freeze exceptions. 1. fixes for release critical bugs (i.e., bugs of severity critical, grave, and serious) in all packages; 2. changes for release goals, if they are not invasive; 3. fixes for severity: important bugs in packages of priority: optional or extra, only when this can be done via unstable; 4. translation updates and documentation fixes; pre-approved fixes; 5. as above, important changes that the maintainer feels are needed before release. http://release.debian.org/wheezy/freeze_policy.html > libticonv: > * Fixes #686635 and #678872. The former is a copyright bug that has > been fixed by a NMU, which provides a partial fix that is remedied by > my update. #678872 is an ITA. If #686635 is only a partial fix, re-open the bug. > libticables: > * This one fixes a LOT of bugs: None of which are release critical for Debian. ITA bugs are not release critical. > I believe that these packages are very beneficial for the > Debian/Ubuntu/Mint TI Linux community, and have significant demand. But none have had any testing in Debian and the opportunity for these packages to migrate into Wheezy has been missed. > I've pasted the links of all of the debdiffs for the packages. > libticonv is the only package that may be considered "ready" for > uploading; the rest are undergoing last minute polish. Nevertheless, > all of them are provided for reference. So the packages are not even ready for testing in unstable... just how long is Debian expected to wait for these updates when the window for these uploads closed 3 months ago already? > Please consider granting freeze exceptions for these packages! Doesn't look as if any of these prospective uploads meet any of the criteria for a freeze exception. The packages have waited this long for an update, do the upload to unstable after the release and then consider a backport. In the meantime, please consider working on some of the existing RC bugs to help get the release done. That way, everyone gets what they want quickly. -- Neil Williams = http://www.linux.codehelp.co.uk/ pgpcvf08q9qre.pgp Description: PGP signature
Re: [Python-apps-team] Getting Trac 0.12.4 into wheezy?
On 2012-10-01 23:19, Arthur de Jong wrote: > We recently discussed the status of Trac for wheezy [0] and would like > to try to get Trac 0.12.4 into wheezy (it currently has 0.12.3-1). I fully support this with testing, reviewing, uploading... Whatever is necessary. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121001223240.ga15...@fama.tangosoft.com
Bug#689358: marked as done (unblock: libcanberra/0.28-5)
Your message dated Mon, 01 Oct 2012 22:56:11 +0100 with message-id <1349128571.4463.8.ca...@jacala.jungle.funky-badger.org> and subject line Re: Bug#689358: unblock: libcanberra/0.28-5 has caused the Debian Bug report #689358, regarding unblock: libcanberra/0.28-5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 689358: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689358 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, Please unblock package libcanberra * debian/watch: Switch to .xz tarballs All the GNOME releated packages are generating .xz tarballs, update the URL to watch them. * Move canberra-gtk-play manpage from libcanberra-gtk0 to gnome-session-canberra to follow the executable (Closes: #684676) Move the manpage so it follows the exec and also prevent future issues incase of soname bump. * Fix libcanberra-gstreamer-dbg long description (Closes: #675693) Fix a c/p error. * debian/rules: Drop update-patch-series target, this was when the package was maintained in git. This target was not working anymore and never used anyway. * Call dh_autoreconf during build to update m4/libtool.m4 and prevent hurd-i386 to be built with rpath (Closes: #677343) This issue was due to an out of date autofoo file, call autoreconf instead of patching the files. * debian/patches/undefined_reference.diff: Also link the GTK2 flavour against libX11 and the modules against libgmodule-2.0 Be sure there is no undefined symbols, also for the gtk2 favour of the library. changelog| 15 control |7 +++-- control.in |7 +++-- gnome-session-canberra.manpages |1 libcanberra-gtk0.manpages|1 patches/undefined_reference.diff | 47 +-- rules|8 -- watch|2 - 8 files changed, 62 insertions(+), 26 deletions(-) unblock libcanberra/0.28-5 Laurent Bigonville -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.5-trunk-amd64 (SMP w/8 CPU cores) Locale: LANG=fr_BE.utf8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash libcanberra.patch.gz Description: GNU Zip compressed data --- End Message --- --- Begin Message --- On Mon, 2012-10-01 at 23:30 +0200, Laurent Bigonville wrote: > Please unblock package libcanberra Unblocked. Regards, Adam--- End Message ---
Freeze Exceptions for libti*, TiLP, GFM and TilEm
Hello, I should've done this earlier, but better late than never, right? (I was under the impression that the packages must enter unstable before considering any wheezy/testing exceptions.) I would like to ask for a freeze exception for the following packages: * libticonv * libticables * libtifiles * libticalcs * tilp2 * gfm I would also like to ask for an exception for a NEW package, tilem. Justifications for an exception: Currently, these packages are 5 years old, and 5 years of development have fixed many stability issues. The current maintainer has abandoned the packages. The packages in their current state are very much unusable, and need a much-needed update. Furthermore, they require much needed updates to the package format. A few these packages (namely, libti*, though the exact ones isn't sure yet) have significant debian/copyright mistakes, and the others need to get new copyright info and have an update to the new DEP5 format. These packages do not interfere with the system in any way. The only package that may touch core system packages is libticables, which installs a udev rule that upstream provides, and which has been tested to work by many users, and is only limited to the TI calculators. There is significant community demand for an update to these packages. Upstream has gone as far as to provide an automated build script to help Debian/Ubuntu users build from SVN due to the lack of updates from the repositories. For NEW package TilEm: there is quite a bit of community demand for a TI Z80 calculator emulator for Debian (and Ubuntu). Specific justifications for an exception: libticonv: * Fixes #686635 and #678872. The former is a copyright bug that has been fixed by a NMU, which provides a partial fix that is remedied by my update. #678872 is an ITA. * Fixes a few buffer overflows - I unfortunately can't be specific about this, but I'd be happy to provide contact info and/or CC upstream on this. This is a charset conversion library, so those kind of problems are bound to occur. libticables: * This one fixes a LOT of bugs: #589752, #596601, #616731, #641092, #664405, #678828 I'll explain them below. FTBFS issues on sparc64 and s390x are fixed in upstream and in latest package update. (#596601, #641092) * libticables uses a rather old (and deprecated) udev rule format. This is updated to a working format compatible with the current udev package. (related to #589752) * Updates to packaging format to 3.0. (#664405) * Upstream fix. (#616731) * ITA. (#678828) libtifiles: * This one doesn't fix many important bugs - both are ITAs: #678835, #678837 * Again, some security fixes - upstream can help clarify. * Stability fixes with handing files - important for packages like libticalcs: * This one doesn't fix many important bugs - it's just an ITA: #678871 * Significant stability fixes are provided in the update, as well as a few security fixes. Upstream can clarify. tilp2: * Again, an ITA: #678059 * Again, significant stability fixes are provided in the update, as well as a few security fixes. Upstream can clarify. These fixes are important for user experience, as there are crashes when sending files to the calculator. gfm: * ITA: #678869 * Again, significant stability fixes are provided in the update, as well as a few security fixes. Upstream can clarify. These fixes are important for user experience. tilem: * ITP: #678829 * Community demand I believe that these packages are very beneficial for the Debian/Ubuntu/Mint TI Linux community, and have significant demand. I also believe that these packages should not (and will not) affect the system in any way (other than the udev rule). These packages are dependent on each other, as well as another package not listed here (tiemu). If necessary, these packages will be staged in experimental first before getting pushed to unstable. As for that package, I have an ITA for it. If you allow me to just do a dependency change on it (no updates to the format or copyright), then that should work out the only other dependency problem. I've pasted the links of all of the debdiffs for the packages. libticonv is the only package that may be considered "ready" for uploading; the rest are undergoing last minute polish. Nevertheless, all of them are provided for reference. https://dl.dropbox.com/u/1016340/debdiff/libticonv_1.1.0-1.1_1.1.3-1.diff https://dl.dropbox.com/u/1016340/debdiff/libticables_1.2.0-2_1.3.3+ds1-1.diff https://dl.dropbox.com/u/1016340/debdiff/libtifiles_1.1.1-1_1.1.5-1.diff https://dl.dropbox.com/u/1016340/debdiff/libticalcs_1.1.3+dfsg1-1_1.1.7+dfsg1-1.diff https://dl.dropbox.com/u/1016340/debdiff/tilp2_1.12-1_1.16+ds1-1.diff https://dl.dropbox.com/u/1016340/debdiff/gfm_1.03-2_1.06-1.diff As for tilem, the source package may be found here: http://mentors.debian.net/debian/pool/main/t/tilem/tilem_2.0-1.dsc The rest of the packages in their original form may be found at my mentors page:
Bug#689362: unblock: qt-at-spi/0.3.1-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hello,
Please unblock package qt-at-spi
unblock qt-at-spi/0.3.1-2
This adds the multi-arch declaration, so that users can install a 32bit
bridge for accessing 32bit applications on 64bit machines.
It also disables the bindnow hardening: the plugin has not (yet) defined
all the methods that moc references, and it thus was completely failing
to load, making KDE applications completely unaccessible, as described
in bug #688988.
Samuel
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.0.4 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--
Samuel
argh, pi est plus grand que 2. Ca casse tout
-+- #ens-mim -+-
diff -Nru qt-at-spi-0.3.1/debian/changelog qt-at-spi-0.3.1/debian/changelog
--- qt-at-spi-0.3.1/debian/changelog2012-06-08 23:05:43.0 +0200
+++ qt-at-spi-0.3.1/debian/changelog2012-10-01 01:44:58.0 +0200
@@ -1,3 +1,15 @@
+qt-at-spi (0.3.1-2) unstable; urgency=low
+
+ [ Luke Yelavich ]
+ * Declare multi-arch support, so the bridge can be used for 32bit
+applications.
+
+ [ Samuel Thibault ]
+ * rules: Disable bindnow hardening, it completely breaks loading the whole
+bridge (Closes: #688988).
+
+ -- Samuel Thibault Mon, 01 Oct 2012 01:41:13 +0200
+
qt-at-spi (0.3.1-1) unstable; urgency=low
[ Luke Yelavich ]
diff -Nru qt-at-spi-0.3.1/debian/control qt-at-spi-0.3.1/debian/control
--- qt-at-spi-0.3.1/debian/control 2012-06-08 23:05:43.0 +0200
+++ qt-at-spi-0.3.1/debian/control 2012-10-01 01:42:31.0 +0200
@@ -9,6 +9,8 @@
Package: qt-at-spi
Section: misc
Architecture: any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
Depends: ${shlibs:Depends}, ${misc:Depends}
Description: at-spi accessibility plugin for Qt
A plugin to export Qt widgets over AT-SPI2. This allows them
diff -Nru qt-at-spi-0.3.1/debian/rules qt-at-spi-0.3.1/debian/rules
--- qt-at-spi-0.3.1/debian/rules2012-06-08 23:05:43.0 +0200
+++ qt-at-spi-0.3.1/debian/rules2012-10-01 01:38:58.0 +0200
@@ -2,6 +2,7 @@
# -*- makefile -*-
export DEB_BUILD_HARDENING=1
+export DEB_BUILD_HARDENING_BINDNOW=0
%:
dh $@ --parallel
Bug#689361: unblock: at-spi2-atk/2.5.3-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hello,
Please unblock package at-spi2-atk
unblock at-spi2-atk/2.5.3-2
Upstream has fixed a lot of reference leaks (which would translate into
memory leaks in applications, including long-running ones such as the
desktop). These are recorded in patches/leak*.
In addition, bug #688094 shows that at-spi2-atk leaves a lot of sockets
in the user's home directory, and even root-owned ones for gksu
applications. This is mitigated by the two upstream fixes recorded in
patches/socket*
Lastly, there are a couple translation updates in patches/lv and
patches/pl
Samuel
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.0.4 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--
Samuel
argh, pi est plus grand que 2. Ca casse tout
-+- #ens-mim -+-
diff -Nru at-spi2-atk-2.5.3/debian/changelog at-spi2-atk-2.5.3/debian/changelog
--- at-spi2-atk-2.5.3/debian/changelog 2012-06-29 04:35:37.0 +0200
+++ at-spi2-atk-2.5.3/debian/changelog 2012-09-30 17:46:16.0 +0200
@@ -1,3 +1,13 @@
+at-spi2-atk (2.5.3-2) unstable; urgency=low
+
+ * patches/leak*: Cherry-pick from upstream: fix reference leaks.
+ * patches/socket*: Cherry-pick from upstream: mitigate at-spi socket
+creation. (Closes: #688094)
+ * patches/lv: Cherry-pick from upstream: lv translation update.
+ * patches/pl: Cherry-pick from upstream: pl translation update.
+
+ -- Samuel Thibault Sun, 30 Sep 2012 16:28:06 +0200
+
at-spi2-atk (2.5.3-1) unstable; urgency=low
[ Samuel Thibault ]
diff -Nru at-spi2-atk-2.5.3/debian/patches/leak1
at-spi2-atk-2.5.3/debian/patches/leak1
--- at-spi2-atk-2.5.3/debian/patches/leak1 1970-01-01 01:00:00.0
+0100
+++ at-spi2-atk-2.5.3/debian/patches/leak1 2012-09-30 17:30:26.0
+0200
@@ -0,0 +1,22 @@
+commit e4a899792e389b9d733f1a74702a8f4158f93acc
+Author: Cosimo Cecchi
+Date: Mon Jul 2 16:14:12 2012 -0400
+
+atk-adaptor: plug a refcount leak
+
+https://bugzilla.gnome.org/show_bug.cgi?id=679285
+
+diff --git a/atk-adaptor/adaptors/accessible-adaptor.c
b/atk-adaptor/adaptors/accessible-adaptor.c
+index 25d7823..77aacbb 100644
+--- a/atk-adaptor/adaptors/accessible-adaptor.c
b/atk-adaptor/adaptors/accessible-adaptor.c
+@@ -337,6 +337,8 @@ impl_GetRelationSet (DBusConnection * bus,
+ }
+ dbus_message_iter_close_container (&iter, &iter_array);
+ oom:
++ if (set)
++g_object_unref (set);
+ // TODO: handle out of memory */
+ return reply;
+ }
+
diff -Nru at-spi2-atk-2.5.3/debian/patches/leak2
at-spi2-atk-2.5.3/debian/patches/leak2
--- at-spi2-atk-2.5.3/debian/patches/leak2 1970-01-01 01:00:00.0
+0100
+++ at-spi2-atk-2.5.3/debian/patches/leak2 2012-09-30 17:30:31.0
+0200
@@ -0,0 +1,21 @@
+commit 246c99e7f62d5009d5bd4b09c491b74afddae9a6
+Author: Cosimo Cecchi
+Date: Mon Jul 2 16:14:48 2012 -0400
+
+atk-adaptor: plug a refcount leak
+
+https://bugzilla.gnome.org/show_bug.cgi?id=679285
+
+diff --git a/atk-adaptor/event.c b/atk-adaptor/event.c
+index d19f451..1cbda23 100644
+--- a/atk-adaptor/event.c
b/atk-adaptor/event.c
+@@ -1017,6 +1017,7 @@ children_changed_event_listener (GSignalInvocationHint *
signal_hint,
+ detail1);
+ emit_event (accessible, ITF_EVENT_OBJECT, name, minor, detail1, detail2,
+ "(so)", ao, append_object);
++ g_object_unref (ao);
+ }
+ else
+ {
+
diff -Nru at-spi2-atk-2.5.3/debian/patches/leak3
at-spi2-atk-2.5.3/debian/patches/leak3
--- at-spi2-atk-2.5.3/debian/patches/leak3 1970-01-01 01:00:00.0
+0100
+++ at-spi2-atk-2.5.3/debian/patches/leak3 2012-09-30 17:30:34.0
+0200
@@ -0,0 +1,57 @@
+commit d1e52eb847dcabf7a2be07dbd71cfcb4e0805306
+Author: Cosimo Cecchi
+Date: Thu Sep 13 13:37:50 2012 -0400
+
+atk-adaptor: plug some refcount leaks
+
+cache->add_traversal holds GObject references, so when we remove/pop
+items from it, we should also drop the reference, unless it's transfered
+to another queue.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=683979
+
+diff --git a/atk-adaptor/accessible-cache.c b/atk-adaptor/accessible-cache.c
+index afaedb0..3a30b51 100644
+--- a/atk-adaptor/accessible-cache.c
b/atk-adaptor/accessible-cache.c
+@@ -180,7 +180,10 @@ remove_object (GObject * source, GObject * gobj, gpointer
data)
+ g_hash_table_remove (cache->objects, gobj);
+ }
+ else
+-g_queue_remove (cache->add_traversal, gobj);
++{
++ g_queue_remove (cache->add_traversal, gobj);
++ g_object_unref (gobj);
++}
+ }
+
+ static void
+@@ -277,12 +280,14 @@ add_pend
Bug#689360: unblock: at-spi2-core/2.5.3-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hello,
Please unblock package at-spi2-core
unblock at-spi2-core/2.5.3-2
As Bug#663027 shows, the at-spi2-core package does not play well with
old versions of gdm: it freezes on keyboard typing. That's why Mario
added a Breaks: gdm3 (<< 3.4) to make sure that gdm gets upgraded to a
working version.
In addition, patches/pl contains the upstream polish translation update.
Thanks,
Samuel
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.0.4 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--
Samuel
Now I know someone out there is going to claim, "Well then, UNIX is intuitive,
because you only need to learn 5000 commands, and then everything else follows
from that! Har har har!"
(Andy Bates in comp.os.linux.misc, on "intuitive interfaces", slightly
defending Macs.)
diff -Nru at-spi2-core-2.5.3/debian/changelog
at-spi2-core-2.5.3/debian/changelog
--- at-spi2-core-2.5.3/debian/changelog 2012-06-29 04:35:57.0 +0200
+++ at-spi2-core-2.5.3/debian/changelog 2012-09-30 17:51:08.0 +0200
@@ -1,3 +1,13 @@
+at-spi2-core (2.5.3-2) unstable; urgency=low
+
+ [ Mario Lang ]
+ * Add Breaks on gdm3 < 3.4 (Closes: Bug#663027).
+
+ [ Samuel Thibault ]
+ * patches/pl: Cherry-pick from upstream: Update pl translation.
+
+ -- Samuel Thibault Sun, 30 Sep 2012 17:51:06 +0200
+
at-spi2-core (2.5.3-1) unstable; urgency=low
[ Samuel Thibault ]
diff -Nru at-spi2-core-2.5.3/debian/control at-spi2-core-2.5.3/debian/control
--- at-spi2-core-2.5.3/debian/control 2012-06-29 04:35:25.0 +0200
+++ at-spi2-core-2.5.3/debian/control 2012-09-30 17:17:15.0 +0200
@@ -21,6 +21,7 @@
Architecture: any
Multi-Arch: foreign
Depends: ${misc:Depends}, ${shlibs:Depends}
+Breaks: gdm3 (<< 3.4)
Description: Assistive Technology Service Provider Interface (dbus core)
This package contains the core components of GNOME Accessibility.
diff -Nru at-spi2-core-2.5.3/debian/patches/pl
at-spi2-core-2.5.3/debian/patches/pl
--- at-spi2-core-2.5.3/debian/patches/pl1970-01-01 01:00:00.0
+0100
+++ at-spi2-core-2.5.3/debian/patches/pl2012-09-30 17:13:45.0
+0200
@@ -0,0 +1,113 @@
+commit 0209f5bb65f632a11aac1642e56a4289aa2f3132
+Author: Piotr Drąg
+Date: Sat Sep 1 20:47:11 2012 +0200
+
+Updated Polish translation
+
+diff --git a/po/pl.po b/po/pl.po
+index eed3d73..968f9f3 100644
+--- a/po/pl.po
b/po/pl.po
+@@ -4,12 +4,15 @@
+ # pomóc w jego rozwijaniu i pielęgnowaniu, napisz do nas:
+ # gnom...@aviary.pl
+ # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
++# Artur Flinta , 2003.
++# Piotr Drąg , 2011-2012.
++# Aviary.pl , 2011-2012.
+ msgid ""
+ msgstr ""
+ "Project-Id-Version: at-spi2-core\n"
+ "Report-Msgid-Bugs-To: \n"
+-"POT-Creation-Date: 2011-03-28 20:51+0200\n"
+-"PO-Revision-Date: 2011-03-28 20:52+0200\n"
++"POT-Creation-Date: 2012-09-01 20:46+0200\n"
++"PO-Revision-Date: 2012-09-01 20:47+0200\n"
+ "Last-Translator: Piotr Drąg \n"
+ "Language-Team: Polish \n"
+ "Language: pl\n"
+@@ -21,82 +24,7 @@ msgstr ""
+ "X-Poedit-Language: Polish\n"
+ "X-Poedit-Country: Poland\n"
+
+-#: ../atspi/atspi-misc.c:290
+-#, c-format
+-msgid "AT-SPI: Unknown signature %s for RemoveAccessible"
+-msgstr "AT-SPI: nieznany podpis %s dla RemoveAccessible"
+-
+-#: ../atspi/atspi-misc.c:327
+-#, c-format
+-msgid "AT-SPI: Error calling getRoot for %s: %s"
+-msgstr "AT-SPI: błąd podczas wywoływania getRoot dla %s: %s"
+-
+-#: ../atspi/atspi-misc.c:485
+-#, c-format
+-msgid "AT-SPI: Error in GetItems, sender=%s, error=%s"
+-msgstr "AT-SPI: Błąd w GetItems, nadawca=%s, błąd=%s"
+-
+-#: ../atspi/atspi-misc.c:587
+-#, c-format
+-msgid ""
+-"AT-SPI: Called _atspi_dbus_return_accessible_from_message with strange "
+-"signature %s"
+-msgstr ""
+-"AT-SPI: wywołano _atspi_dbus_return_accessible_from_message z dziwnym "
+-"podpisem %s"
+-
+-#: ../atspi/atspi-misc.c:616
+-#, c-format
+-msgid ""
+-"AT-SPI: Called _atspi_dbus_return_hyperlink_from_message with strange "
+-"signature %s"
+-msgstr ""
+-"AT-SPI: wywołano _atspi_dbus_return_hyperlink_from_message z dziwnym "
+-"podpisem %s"
+-
+-#: ../atspi/atspi-misc.c:641
+-#, c-format
+-msgid "AT-SPI: AddAccessible with unknown signature %s\n"
+-msgstr "AT-SPI: AddAccessible z nieznanym podpisem %s\n"
+-
+-#: ../atspi/atspi-misc.c:934 ../atspi/atspi-misc.c:985
+-#: ../atspi/atspi-misc.c:1026
++#: ../atspi/atspi-component.c:313 ../atspi/atspi-misc.c:987
++#: ../atspi/atspi-value.c:111
+ msgid "The application no longer exists"
+ msgstr "Program już nie istnieje"
+-
+-#: ../atspi/atspi-misc.c:1062
+-#, c-format
+-msgid "AT-SPI: expected a variant when fetching %s from interface %s; got
%s\n"
Bug#689358: unblock: libcanberra/0.28-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, Please unblock package libcanberra * debian/watch: Switch to .xz tarballs All the GNOME releated packages are generating .xz tarballs, update the URL to watch them. * Move canberra-gtk-play manpage from libcanberra-gtk0 to gnome-session-canberra to follow the executable (Closes: #684676) Move the manpage so it follows the exec and also prevent future issues incase of soname bump. * Fix libcanberra-gstreamer-dbg long description (Closes: #675693) Fix a c/p error. * debian/rules: Drop update-patch-series target, this was when the package was maintained in git. This target was not working anymore and never used anyway. * Call dh_autoreconf during build to update m4/libtool.m4 and prevent hurd-i386 to be built with rpath (Closes: #677343) This issue was due to an out of date autofoo file, call autoreconf instead of patching the files. * debian/patches/undefined_reference.diff: Also link the GTK2 flavour against libX11 and the modules against libgmodule-2.0 Be sure there is no undefined symbols, also for the gtk2 favour of the library. changelog| 15 control |7 +++-- control.in |7 +++-- gnome-session-canberra.manpages |1 libcanberra-gtk0.manpages|1 patches/undefined_reference.diff | 47 +-- rules|8 -- watch|2 - 8 files changed, 62 insertions(+), 26 deletions(-) unblock libcanberra/0.28-5 Laurent Bigonville -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.5-trunk-amd64 (SMP w/8 CPU cores) Locale: LANG=fr_BE.utf8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash libcanberra.patch.gz Description: GNU Zip compressed data
Getting Trac 0.12.4 into wheezy?
Hi release team! We recently discussed the status of Trac for wheezy [0] and would like to try to get Trac 0.12.4 into wheezy (it currently has 0.12.3-1). Trac 0.12.4 is a LTS release and should only get fixes for serious issues and receives security support. It is probably easier to support 0.12.4 than 0.12.3 in terms of backporting changes and it would be useful to have fixes for some of the issues that were addressed in 0.12.4. The bugs that were fixes in 0.12.4 are in [1]. I've had a quick look and most seem to address important issues. The bug logs contain links to the specific changes which of which most seem to be minimal. Most changes are also backports from the development or 1.0 version so are likely well tested already. The diffstat totals between 0.12.3 and 0.12.4 are: 58 files changed, 441 insertions(+), 178 deletions(-) (excluding documentation, translations and tests) which would be OK to review if required. What is the release team's opinion on this? Thanks, [0] http://lists.alioth.debian.org/pipermail/python-apps-team/2012-September/006772.html [1] http://trac.edgewall.org/query?group=status&milestone=0.12.4 -- -- arthur - adej...@debian.org - http://people.debian.org/~adejong -- signature.asc Description: This is a digitally signed message part
Bug#689354: nmu: mksh_40.9.20120630-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu nmu mksh_40.9.20120630-3 . armhf . -m "Rebuild against fixed klibc" maximilian attems dixit: >On Sun, 30 Sep 2012, Thorsten Glaser wrote: […] >> and without busybox, and rebuilding mksh on armhf with >> it would also show success (in fact, once you uploaded, >> I’ll ask for a binNMU of mksh on armhf anyway). > >klibc built fine on all archs, go ahead!! :D Sure, thanks. I guess I’ll file the request now, but it might be best to wait a day or two, until all armhf buildds are sure to have the new libklibc-dev package available. Therefore, please binNMU src:mksh on armhf, so mksh-static gets built against the new klibc package after fixing its RC bug. Thanks! -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 m68k Kernel: Linux 2.6.32-5-xen-amd64 (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/mksh -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121001211350.9375.66864.report...@zigo.mirbsd.org
NEW changes in stable-new
Processing changes file: tiff_3.9.4-5+squeeze5_amd64.changes ACCEPT Processing changes file: tiff_3.9.4-5+squeeze5_armel.changes ACCEPT Processing changes file: tiff_3.9.4-5+squeeze5_i386.changes ACCEPT Processing changes file: tiff_3.9.4-5+squeeze5_ia64.changes ACCEPT Processing changes file: tiff_3.9.4-5+squeeze5_kfreebsd-amd64.changes ACCEPT Processing changes file: tiff_3.9.4-5+squeeze5_kfreebsd-i386.changes ACCEPT Processing changes file: tiff_3.9.4-5+squeeze5_mips.changes ACCEPT Processing changes file: tiff_3.9.4-5+squeeze5_mipsel.changes ACCEPT Processing changes file: tiff_3.9.4-5+squeeze5_powerpc.changes ACCEPT Processing changes file: tiff_3.9.4-5+squeeze5_s390.changes ACCEPT Processing changes file: tiff_3.9.4-5+squeeze5_sparc.changes ACCEPT Processing changes file: iceweasel_3.5.16-18_amd64.changes ACCEPT Processing changes file: iceweasel_3.5.16-18_armel.changes ACCEPT Processing changes file: iceweasel_3.5.16-18_i386.changes ACCEPT Processing changes file: iceweasel_3.5.16-18_ia64.changes ACCEPT Processing changes file: iceweasel_3.5.16-18_kfreebsd-amd64.changes ACCEPT Processing changes file: iceweasel_3.5.16-18_kfreebsd-i386.changes ACCEPT Processing changes file: iceweasel_3.5.16-18_mips.changes ACCEPT Processing changes file: iceweasel_3.5.16-18_mipsel.changes ACCEPT Processing changes file: iceweasel_3.5.16-18_powerpc.changes ACCEPT Processing changes file: iceweasel_3.5.16-18_s390.changes ACCEPT Processing changes file: iceweasel_3.5.16-18_sparc.changes ACCEPT Processing changes file: isc-dhcp_4.1.1-P1-15+squeeze8_amd64.changes ACCEPT Processing changes file: isc-dhcp_4.1.1-P1-15+squeeze8_armel.changes ACCEPT Processing changes file: isc-dhcp_4.1.1-P1-15+squeeze8_i386.changes ACCEPT Processing changes file: isc-dhcp_4.1.1-P1-15+squeeze8_ia64.changes ACCEPT Processing changes file: isc-dhcp_4.1.1-P1-15+squeeze8_kfreebsd-amd64.changes ACCEPT Processing changes file: isc-dhcp_4.1.1-P1-15+squeeze8_kfreebsd-i386.changes ACCEPT Processing changes file: isc-dhcp_4.1.1-P1-15+squeeze8_mips.changes ACCEPT Processing changes file: isc-dhcp_4.1.1-P1-15+squeeze8_mipsel.changes ACCEPT Processing changes file: isc-dhcp_4.1.1-P1-15+squeeze8_powerpc.changes ACCEPT Processing changes file: isc-dhcp_4.1.1-P1-15+squeeze8_s390.changes ACCEPT Processing changes file: isc-dhcp_4.1.1-P1-15+squeeze8_sparc.changes ACCEPT -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1timuq-0007tb...@franck.debian.org
Bug#689351: unblock: klibc/2.0.1-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package klibc
Has 3 fixes for armhf RC bug, plus security fix for dash
and a fix for x86 cross building.
See the diff:
diff --git a/debian/changelog b/debian/changelog
index 2e3a3c5..f595336 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,20 @@
+klibc (2.0.1-2) unstable; urgency=low
+
+ [ Sven Joachim ]
+ * [08c03cf] klibc: produces 64-bit binaries on i386 with x86_64 kernel
+(Closes: #677087)
+
+ [ Thorsten Glaser ]
+ * [d8eae3a] [klibc] arm: fix trashing of callee-saved registers in thumb
+ setjmp() (Closes: #634890)
+ * [81170b5] [klibc] arm: unbreak armhf shared binaries (those with thumb)
+ * [aeb7847] armhf builds are always thumb
+
+ [ Jim Meyering ]
+ * [9ba90cd] [klibc] Avoid overflow for very long variable name
+
+ -- maximilian attems Mon, 01 Oct 2012 15:54:05 +0200
+
klibc (2.0.1-1) unstable; urgency=high
* New upstream release (nfsmount, get{host,domain}name())
diff --git
a/debian/patches/0001-klibc-Avoid-overflow-for-very-long-variable-name.patch
b/debian/patches/0001-klibc-Avoid-overflow-for-very-long-variable-name.patch
new file mode 100644
index 000..3f151fa
--- /dev/null
+++ b/debian/patches/0001-klibc-Avoid-overflow-for-very-long-variable-name.patch
@@ -0,0 +1,62 @@
+From 127b17bb38dbfc95386a52b2159f059221d33497 Mon Sep 17 00:00:00 2001
+From: Jim Meyering
+Date: Tue, 3 Jul 2012 17:32:33 +0800
+Subject: [PATCH] [klibc] Avoid overflow for very long variable name
+
+Otherwise, this:
+ $ perl -le 'print "v"x(2**31+1) ."=1"' | dash
+provokes integer overflow:
+
+ (gdb) bt
+ #0 doformat (dest=0x61d580, f=0x416a08 "%s: %d: %s: ", ap=0x7fffd308)
+ at output.c:310
+ #1 0x004128c1 in outfmt (file=0x61d580, fmt=0x416a08 "%s: %d: %s: ")
+ at output.c:257
+ #2 0x0040382e in exvwarning2 (msg=0x417339 "Out of space",
+ ap=0x7fffd468) at error.c:125
+ #3 0x0040387e in exverror (cond=1, msg=0x417339 "Out of space",
+ ap=0x7fffd468) at error.c:156
+ #4 0x00403938 in sh_error (msg=0x417339 "Out of space") at
error.c:172
+ #5 0x0040c970 in ckmalloc (nbytes=18446744071562067984)
+ at memalloc.c:57
+ #6 0x0040ca78 in stalloc (nbytes=18446744071562067972)
+ at memalloc.c:132
+ #7 0x0040ece9 in grabstackblock (len=18446744071562067972)
+ at memalloc.h:67
+ #8 0x004106b5 in readtoken1 (firstc=118, syntax=0x419522 "",
+ eofmark=0x0, striptabs=0) at parser.c:1040
+ #9 0x004101a4 in xxreadtoken () at parser.c:826
+ #10 0x0040fe1d in readtoken () at parser.c:697
+ #11 0x0040edcc in parsecmd (interact=0) at parser.c:145
+ #12 0x0040c679 in cmdloop (top=1) at main.c:224
+ #13 0x0040c603 in main (argc=2, argv=0x7fffd9f8) at main.c:178
+
+ #8 0x004106b5 in readtoken1 (firstc=118, syntax=0x419522 "",
+ eofmark=0x0, striptabs=0) at parser.c:1040
+ 1040grabstackblock(len);
+ (gdb) p len
+ $30 = -2147483644
+
+Signed-off-by: Jim Meyering
+Signed-off-by: Herbert Xu
+Signed-off-by: maximilian attems
+---
+ usr/dash/parser.c |2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/usr/dash/parser.c b/usr/dash/parser.c
+index 528d005..6e076a5 100644
+--- a/usr/dash/parser.c
b/usr/dash/parser.c
+@@ -852,7 +852,7 @@ readtoken1(int firstc, char const *syntax, char *eofmark,
int striptabs)
+ {
+ int c = firstc;
+ char *out;
+- int len;
++ size_t len;
+ struct nodelist *bqlist;
+ int quotef;
+ int dblquote;
+--
+1.7.10.4
+
diff --git
a/debian/patches/0001-klibc-arm-fix-trashing-of-callee-saved-registers-in-.patch
b/debian/patches/0001-klibc-arm-fix-trashing-of-callee-saved-registers-in-.patch
new file mode 100644
index 000..2b700ca
--- /dev/null
+++
b/debian/patches/0001-klibc-arm-fix-trashing-of-callee-saved-registers-in-.patch
@@ -0,0 +1,39 @@
+From 9bdffde924573bf1c2f795a4b57a302d9485d248 Mon Sep 17 00:00:00 2001
+From: Thorsten Glaser
+Date: Sat, 29 Sep 2012 19:20:37 +
+Subject: [PATCH 1/2] [klibc] arm: fix trashing of callee-saved registers in
+ thumb setjmp()
+
+fixes http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=634890
+(although dynamically-linked binaries seem to have another bug)
+
+Signed-off-by: Thorsten Glaser
+Signed-off-by: maximilian attems
+---
+ usr/klibc/arch/arm/setjmp.S |3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/usr/klibc/arch/arm/setjmp.S b/usr/klibc/arch/arm/setjmp.S
+index d351e0e..92ffc43 100644
+--- a/usr/klibc/arch/arm/setjmp.S
b/usr/klibc/arch/arm/setjmp.S
+@@ -70,6 +70,7 @@ longjmp:
+ .type setjmp, #function
+ .thumb_func
+ setjmp:
++ mov r2, r0
+ mov r3, lr
+ stmia r0!, {r3, r4, r5, r6, r7}
+ mov r3, r8
+@@ -78,6 +79,8 @@ setjmp:
+ mov r6, fp
+ mov r7,
Re: Why tagged moreinfo? (WAS: Re: Processed: tagging 683323)
Control: tags 683323 - moreinfo On Mon, 2012-10-01 at 12:23 +0200, Julian Andres Klode wrote: > On Sat, Sep 15, 2012 at 06:36:03PM +, Debian Bug Tracking System wrote: > > Processing commands for cont...@bugs.debian.org: > > > > > tags 683323 + moreinfo > > Bug #683323 [release.debian.org] unblock: python-apt/0.8.7 > > Bug #684450 [release.debian.org] unblock: python-apt/0.8.7 > > Added tag(s) moreinfo. > > Added tag(s) moreinfo. > > Why did you add moreinfo? There were no unanswered questions. Mehdi > requested a debdiff for 0.8.4.1, Michael provided it. We'd like to > continue somehow. That mail never reached debian-release@, presumably because of the size. :-( A diff with the .po changes excluded would probably have worked (and been a little easier to review). Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1349116717.4463.7.ca...@jacala.jungle.funky-badger.org
Bug#689316: marked as done (unblock: prosody/0.8.2-4)
Your message dated Mon, 01 Oct 2012 19:34:35 +0100
with message-id <1349116475.4463.4.ca...@jacala.jungle.funky-badger.org>
and subject line Re: Bug#689316: unblock: prosody/0.8.2-4
has caused the Debian Bug report #689316,
regarding unblock: prosody/0.8.2-4
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
689316: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689316
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package prosody
This version fixes #681667 : Broken initscript (won't stop prosody)
The debdiff is pretty trivial: the init script starts prosody using
the Lua interpreter called lua5.1, but the passes --name lua to start-stop-
daemon. This is fixed in 0.8.2-4.
diff -Nru prosody-0.8.2/debian/prosody.init prosody-0.8.2/debian/prosody.init
--- prosody-0.8.2/debian/prosody.init 2011-03-02 11:51:28.0 +0100
+++ prosody-0.8.2/debian/prosody.init 2012-09-27 17:59:31.0 +0200
@@ -25,7 +25,7 @@
mkdir -p `dirname $PIDFILE`
chown prosody:adm `dirname $PIDFILE`
if start-stop-daemon --start --quiet --pidfile "$PIDFILE" \
- --chuid "$USER" --oknodo --user "$USER" --name lua \
+ --chuid "$USER" --oknodo --user "$USER" --name lua5.1 \
--startas "$DAEMON";
then
return 0
@@ -36,7 +36,7 @@
stop_prosody () {
if start-stop-daemon --stop --quiet --retry 30 \
- --oknodo --pidfile "$PIDFILE" --user "$USER" --name lua;
+ --oknodo --pidfile "$PIDFILE" --user "$USER" --name lua5.1;
then
return 0
else
@@ -46,7 +46,7 @@
signal_prosody () {
if start-stop-daemon --stop --quiet --pidfile "$PIDFILE" \
- --user "$USER" --name lua --oknodo --signal $1;
+ --user "$USER" --name lua5.1 --oknodo --signal $1;
then
return 0
else
unblock prosody/0.8.2-4
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
--- End Message ---
--- Begin Message ---
On Mon, 2012-10-01 at 16:11 +0200, Enrico Tassi wrote:
> Please unblock package prosody
>
> This version fixes #681667 : Broken initscript (won't stop prosody)
>
> The debdiff is pretty trivial: the init script starts prosody using
> the Lua interpreter called lua5.1, but the passes --name lua to start-stop-
> daemon. This is fixed in 0.8.2-4.
Unblocked; thanks.
Regards,
Adam--- End Message ---
Bug#689345: marked as done (unblock: moodle/2.2.3.dfsg-2.3)
Your message dated Mon, 01 Oct 2012 19:33:26 +0100 with message-id <1349116406.4463.3.ca...@jacala.jungle.funky-badger.org> and subject line Re: Bug#689345: unblock: moodle/2.2.3.dfsg-2.3 has caused the Debian Bug report #689345, regarding unblock: moodle/2.2.3.dfsg-2.3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 689345: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689345 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package moodle It fixes multiple security issues. unblock moodle/2.2.3.dfsg-2.3 -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash --- End Message --- --- Begin Message --- On Mon, 2012-10-01 at 19:57 +0200, Moritz Muehlenhoff wrote: > Please unblock package moodle > > It fixes multiple security issues. Unblocked by Mehdi. Regards, Adam--- End Message ---
Bug#689344: marked as done (unblock: gnugk/2:3.0.2-3)
Your message dated Mon, 01 Oct 2012 19:32:37 +0100 with message-id <1349116357.4463.2.ca...@jacala.jungle.funky-badger.org> and subject line Re: Bug#689344: unblock: gnugk/2:3.0.2-3 has caused the Debian Bug report #689344, regarding unblock: gnugk/2:3.0.2-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 689344: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689344 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package gnugk It fixes CVE-2012-3534. unblock gnugk/2:3.0.2-3 -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash --- End Message --- --- Begin Message --- On Mon, 2012-10-01 at 19:56 +0200, Moritz Muehlenhoff wrote: > Please unblock package gnugk > > It fixes CVE-2012-3534. Really this time. :-) Unblocked. Regards, Adam--- End Message ---
Re: Bug#687916: unblock: zabbix/1:2.0.2+dfsg-4
Dmitry Smirnov schrieb: > --nextPart3575724.xime2j9Qld > Content-Type: Text/Plain; > charset="windows-1251" > Content-Transfer-Encoding: quoted-printable > > On Sun, 30 Sep 2012 06:07:18 Julien Cristau wrote: >> At this point my preference would go towards removing zabbix from >> wheezy. The new version was uploaded too late for the freeze, and if >> nobody's fixing 1.8 then there's no point shipping that. > > It is true that 1.8 have problems that we already fixed in 2.0. > So it comes down to the question is 2.0 good enough to replace 1.8. > > Removing Zabbix 1.8 feels like punishing for my poor timing.=20 > (Personally I have a pretty good excuse for it). > > Yes 2.0 was uploaded late, but it is done well. > Now it is 45 days without new bugs. > > I don't want to see Zabbix removed and this won't help our relationships=20 > with upstream. > > I was not involved to 1.8 maintenance and therefore it is a bit challenging= >=20 > for me to get into it quick enough. > Looking after both versions is more difficult but I'll see what I can do. > > Meanwhile I'd like to discuss pros and cons of replacing 1.8 with 2.0 pleas= > e. For stable-security backporting security issues wasn't feasible due to a lack of continued upstream support for 1.8.x and invasive/complex changes. This shouldn't happen again. If there's no commitment from upstream to support a long term branch it should rather be removed from testing. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/slrnk6jmub.5ur@inutil.org
Bug#689345: unblock: moodle/2.2.3.dfsg-2.3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package moodle It fixes multiple security issues. unblock moodle/2.2.3.dfsg-2.3 -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121001175704.5578.6760.reportbug@pisco.westfalen.local
Bug#689344: unblock: gnugk/2:3.0.2-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package gnugk It fixes CVE-2012-3534. unblock gnugk/2:3.0.2-3 -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121001175623.5511.16334.reportbug@pisco.westfalen.local
Bug#689204: unblock: apt-listbugs/0.1.8
On Mon, 01 Oct 2012 10:36:01 +0200 Niels Thykier wrote: [...] > Unblocked, thanks. Thanks to you for processing my request so promptly! Rest assured that this is very appreciated. Bye. -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG key, see the transition document! . Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE pgpfuktqOvFTT.pgp Description: PGP signature
Bug#689251: marked as done (unblock: alpine/2.02+dfsg-2)
Your message dated Mon, 01 Oct 2012 18:39:29 +0200
with message-id <5069c741.7020...@dogguy.org>
and subject line Re: Bug#689251: unblock: alpine/2.02+dfsg-2
has caused the Debian Bug report #689251,
regarding unblock: alpine/2.02+dfsg-2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
689251: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689251
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hello, dear release team,
Please unblock package alpine.
I'd like to ask you for a freeze exception for a few fixes to alpine.
Some might say they are "cosmetic" fixes, but I want to try to convince
you that they matter to alpine users.
The -2 release adds two patches to fix two bugs. Attached, please find
the debdiff against testing.
#631758 -- Broken usage tracking
Right now, when alpine launches, it asks you if you if you want to be
tracked as a user of alpine. If you say yes, it then emails a
nonexistent server and you get a bounce message.
This is not really suitable for release.
Discussion with upstream is still ongoing as to the right fix. For now:
Fix: Add a patch that removes the phone-home code.
#414264 -- If you use mbox format, you receive a scary warning about data
corruption
Right now, when alpine reads an mbox folder on Debian, it tells you the
permissions are wrong. However, the permission are right, according to
policy. The warning comes from alpine's ability to use 'mlock' to lock
the mbox file as needed.
Fix: Add one dependency for alpine: mlock
I am but a humble maintainer, asking for changes past the freeze. I'm
uploading to unstable now, and attaching the debdiff. Again, sorry
about the late handling of these issues.
Thank you.
unblock alpine/2.02+dfsg-2
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.4-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru alpine-2.02+dfsg/debian/changelog alpine-2.02+dfsg/debian/changelog
--- alpine-2.02+dfsg/debian/changelog 2012-09-08 08:07:59.0 -0700
+++ alpine-2.02+dfsg/debian/changelog 2012-09-30 11:56:54.0 -0700
@@ -1,3 +1,17 @@
+alpine (2.02+dfsg-2) unstable; urgency=low
+
+ * Adding patch from Geoffrey Thomas to disable broken phone-
+home functionality. (Thank you!) (Closes: #631758)
+ * Adding dependency on mlock so that alpine no longer warns
+the user about permissions on /var/spool/mail (or /var/mail).
+(In theory, this new dependency is only required if you are using
+an mbox file, but since reading system mail is within the core
+functionality of alpine, it seems sensible that alpine should do that
+without warnings out of the box.) (Closes: #414264)
+ * ACKing NMU by Johnathan McCrohan. Thank you!
+
+ -- Asheesh Laroia Sun, 26 Aug 2012 13:23:07 -0700
+
alpine (2.02+dfsg-1.1) unstable; urgency=low
* Non-maintainer upload.
diff -Nru alpine-2.02+dfsg/debian/control alpine-2.02+dfsg/debian/control
--- alpine-2.02+dfsg/debian/control 2012-07-02 16:45:53.0 -0700
+++ alpine-2.02+dfsg/debian/control 2012-08-29 08:31:10.0 -0700
@@ -14,7 +14,7 @@
Package: alpine
Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}
+Depends: mlock, ${shlibs:Depends}, ${misc:Depends}
Recommends: alpine-doc
Suggests: aspell, mail-transport-agent | exim4
Conflicts: pine
diff -Nru alpine-2.02+dfsg/debian/patches/80_remove_phone_home.patch alpine-2.02+dfsg/debian/patches/80_remove_phone_home.patch
--- alpine-2.02+dfsg/debian/patches/80_remove_phone_home.patch 1969-12-31 16:00:00.0 -0800
+++ alpine-2.02+dfsg/debian/patches/80_remove_phone_home.patch 2012-09-30 11:14:06.0 -0700
@@ -0,0 +1,349 @@
+From 01674610679e4af4a6c6d890659573133609cec5 Mon Sep 17 00:00:00 2001
+From: Geoffrey Thomas
+Date: Sun, 13 Nov 2011 22:12:38 -0500
+Subject: [PATCH] Remove phone_home code (that sends usage counts to UW)
+
+Presumably the usage counts did nothing to encourage UW to keep developing
+pine. :-( Also, in any case, the address bounces...
+
+Signed-off-by: Geoffrey Thomas
+---
+ alpine/mailview.c | 10 -
+ alpine/newuser.c | 26 +++
+ alpine/send.c | 60 -
+ alpine/send.h |1 -
+ pith/filter.c |2 --
+ pith
Bug#688576: marked as done (unblock: software-center/5.1.2debian2.1)
Your message dated Mon, 01 Oct 2012 18:42:29 +0200 with message-id <5069c7f5.7040...@dogguy.org> and subject line Re: Bug#688576: unblock: software-center/5.1.2debian2.1 has caused the Debian Bug report #688576, regarding unblock: software-center/5.1.2debian2.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 688576: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688576 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Please unblock package software-center Fix RC bug 671768 for debdiff see above bug. unblock software-center/5.1.2debian2.1 - -- System Information: Debian Release: wheezy/sid APT prefers quantal-updates APT policy: (500, 'quantal-updates'), (500, 'quantal-security'), (500, 'quantal'), (100, 'quantal-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.6.0-030600rc4-generic (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCAAGBQJQX2+BAAoJEIh7YGGLPBaurvsP+wdChG4UziOLaN8pxqdAEzIv rIspqINSdvE3C2YHlsP24Aq4l/iCGKl2SduhBsMlxEFj2w1teSMUvF8C145NYaRa QJ6qQPd2Rr0PeGf/ClGq1NSCrgy5Y4mdlsVp79fb5pOfuDQds6BsWZanVT9nwB+Z FtNbp+cNCwAjYTOS3wHO8TP7IhK2W0wUe8DhPcOES3NBzle8KgWOi/BAgxQH/6Km JintFoa72tKEpzipw+BX/TyXDsELAGCLLrWrSVtPbxL12WnI3bScpmkoLhhShxMe 28hxLgq35NxmawLcpHuFMYxO1UMgb5U019Jzq+GZLXFiXx0Jqahhh+K5RBeM0Arj lCGaM6arq6f3QPWq/+jduOkxac1/MTE9MvoqKWpjsEPMJ/ENe/c5f4j5YmlkJ06S Acahey1LIJyBmizwFf7FArT1Jd/MWzx5GvLbXlhH0xGt3twbpg7w0wPlmiJrxQMs 8UIuNBi8b6/3bBzhLZL0GDtIrua33owJTBsqYS2QHO8wSWnSLxn4f578QEjJ30HD Io/Er3Wlh8FXKg2ufPfhBxVIIeOnu/5KtFQ4kECvR6pGLvHtPOlCoyefpPWiHUyi BrLR4ecwNKr4QYXmu/CyKJCwWsuhxI8ZWRzZs3b5JbBPqFdZxWDyrXthHqEVqDGA aD8uy5D75cMbGmMZhvO8 =ZGq6 -END PGP SIGNATURE- --- End Message --- --- Begin Message --- On 23/09/2012 22:22, Dmitrijs Ledkovs wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Please unblock package software-center Fix RC bug 671768 I've unblocked software-center/5.1.2debian3, which is basically the same but uploaded by the maintainer w/o the new build-dep on quilt and having the changes merged. Regards, -- Mehdi Dogguy مهدي الدڤي--- End Message ---
Bug#688485: marked as done (unblock: syslinux-themes-debian/12-1.1)
On 10/01/2012 05:19 PM, Mehdi Dogguy wrote: I don't quite understand why syslinux-themes-debian should have heavy changes because of live-build. first, because live-build expects the theme packages to be structured in a certain way. syslinux-themes-debian has not been updated yet to reflect these changes in live-build. second, because just switching the splash screen is not enough for making the wheezy theme work well for the new artwork. Do you intend to do heavy changes in syslinux as well? syslinux does not create live-specific syslinux configuration files based on the theme package like live-build does. -- Address:Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern Email: daniel.baum...@progress-technologies.net Internet: http://people.progress-technologies.net/~daniel.baumann/ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5069b7ce.1020...@progress-technologies.net
Bug#688485: marked as done (unblock: syslinux-themes-debian/12-1.1)
Hi, On 01/10/2012 16:00, Debian Bug Tracking System wrote: it's rather pointless to unblock syslinux-themes-debian at the moment, it needs heavy changes to be updated for live-build until the end of the week anyway. I don't quite understand why syslinux-themes-debian should have heavy changes because of live-build. (I tend to think that it should be the opposite but icbw). Can you elaborate please? Do you intend to do heavy changes in syslinux as well? Regards, -- Mehdi Dogguy مهدي الدڤي -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5069b47e.7020...@dogguy.org
Bug#689316: unblock: prosody/0.8.2-4
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package prosody
This version fixes #681667 : Broken initscript (won't stop prosody)
The debdiff is pretty trivial: the init script starts prosody using
the Lua interpreter called lua5.1, but the passes --name lua to start-stop-
daemon. This is fixed in 0.8.2-4.
diff -Nru prosody-0.8.2/debian/prosody.init prosody-0.8.2/debian/prosody.init
--- prosody-0.8.2/debian/prosody.init 2011-03-02 11:51:28.0 +0100
+++ prosody-0.8.2/debian/prosody.init 2012-09-27 17:59:31.0 +0200
@@ -25,7 +25,7 @@
mkdir -p `dirname $PIDFILE`
chown prosody:adm `dirname $PIDFILE`
if start-stop-daemon --start --quiet --pidfile "$PIDFILE" \
- --chuid "$USER" --oknodo --user "$USER" --name lua \
+ --chuid "$USER" --oknodo --user "$USER" --name lua5.1 \
--startas "$DAEMON";
then
return 0
@@ -36,7 +36,7 @@
stop_prosody () {
if start-stop-daemon --stop --quiet --retry 30 \
- --oknodo --pidfile "$PIDFILE" --user "$USER" --name lua;
+ --oknodo --pidfile "$PIDFILE" --user "$USER" --name lua5.1;
then
return 0
else
@@ -46,7 +46,7 @@
signal_prosody () {
if start-stop-daemon --stop --quiet --pidfile "$PIDFILE" \
- --user "$USER" --name lua --oknodo --signal $1;
+ --user "$USER" --name lua5.1 --oknodo --signal $1;
then
return 0
else
unblock prosody/0.8.2-4
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/2012100114.15539.19225.reportbug@localhost.localdomain
Bug#688485: marked as done (unblock: syslinux-themes-debian/12-1.1)
Your message dated Mon, 01 Oct 2012 15:57:24 +0200 with message-id <5069a144.2010...@progress-technologies.net> and subject line Re: unblock: syslinux-themes-debian/12-1.1 has caused the Debian Bug report #688485, regarding unblock: syslinux-themes-debian/12-1.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 688485: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688485 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package syslinux-themes-debian Updating this fixes bugs #688272 and #681426, as well as finishes (so far as we know) the transition for packages which copy the theme in their own packaging. unblock syslinux-themes-debian/12-1.1 The diff is attached from 12-1, but binary files are not represented. Special thanks to Mika Pflüger, who did most of the work here. Thanks, Paul -- .''`. Paul Tagliamonte : :' : Proud Debian Developer `. `'` 4096R / 8F04 9AD8 2C92 066C 7352 D28A 7B58 5B30 807C 2A87 `- http://people.debian.org/~paultag --- syslinux-themes-debian-12/debian/changelog 2012-09-20 06:38:47.0 -0400 +++ syslinux-themes-debian-12/debian/changelog 2012-09-22 23:21:58.0 -0400 @@ -1,3 +1,12 @@ +syslinux-themes-debian (12-1.1) unstable; urgency=low + + * Non-maintainer upload. + * Fix the artwork to match the official Wheezy theme. We're no longer using +spacefun. A big thank-you to Mika Pflüger, who provided the images +(Closes: #688272). + + -- Paul Tagliamonte Sat, 22 Sep 2012 23:17:43 -0400 + syslinux-themes-debian (12-1) unstable; urgency=low * Updating paths in debian-wheezy theme for wheezy (Closes: #681426). diff -Nru syslinux-themes-debian-12/debian/source/include-binaries syslinux-themes-debian-12/debian/source/include-binaries --- syslinux-themes-debian-12/debian/source/include-binaries1969-12-31 19:00:00.0 -0500 +++ syslinux-themes-debian-12/debian/source/include-binaries2012-09-22 23:20:43.0 -0400 @@ -0,0 +1,3 @@ +themes/debian-wheezy/syslinux-live/splash.png +themes/debian-wheezy/isolinux-live/splash.png +themes/debian-wheezy/extlinux/splash.png Binary files /tmp/p3YW9Zrbyu/syslinux-themes-debian-12/themes/debian-wheezy/extlinux/splash.png and /tmp/40GzNj9qJG/syslinux-themes-debian-12/themes/debian-wheezy/extlinux/splash.png differ Binary files /tmp/p3YW9Zrbyu/syslinux-themes-debian-12/themes/debian-wheezy/isolinux-live/splash.png and /tmp/40GzNj9qJG/syslinux-themes-debian-12/themes/debian-wheezy/isolinux-live/splash.png differ Binary files /tmp/p3YW9Zrbyu/syslinux-themes-debian-12/themes/debian-wheezy/syslinux-live/splash.png and /tmp/40GzNj9qJG/syslinux-themes-debian-12/themes/debian-wheezy/syslinux-live/splash.png differ signature.asc Description: Digital signature --- End Message --- --- Begin Message --- it's rather pointless to unblock syslinux-themes-debian at the moment, it needs heavy changes to be updated for live-build until the end of the week anyway. i'll reopen once that's done. -- Address:Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern Email: daniel.baum...@progress-technologies.net Internet: http://people.progress-technologies.net/~daniel.baumann/--- End Message ---
Bug#689218: unblock: mathematica-fonts/16
Hi David, On Sun, 30 Sep 2012 09:08:30 -0400, David Prévot wrote: > Please unblock package mathematica-fonts, it fixes an important issue > via unstable (#686260: allow for translation of all user-visible > messages), with a review of all descriptions, update most existing > translations (including the eight aiming for being complete in Wheezy) > and add a new one. > > The attach debdiff spares you the POT and PO files. Thanks for your help. In fact, it's difficult for me to write a clear and concise bug report as you wrote. Best regards,2012-10-1(Mon) -- Debian Developer - much more I18N of Debian Atsuhito Kohda Department of Math., Univ. of Tokushima -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121001.211407.244704139.ko...@pm.tokushima-u.ac.jp
Re: Bug#689154: unblock: gnunet/0.9.3-4
Hi, On Samstag, 29. September 2012, Bertrand Marc wrote: > Would you consider to give gnunet 0.9.3-4 a freeze exception ? > > This version is not yet uploaded to unstable, my sponsor is waiting for > your approval. fwiw, the diff looks good to me, but as there as some not 100% straightforwards bits in it, I'd too like to see the release teams ack before uploading. cheers, Holger -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201210011330.54202.hol...@layer-acht.org
Why tagged moreinfo? (WAS: Re: Processed: tagging 683323)
On Sat, Sep 15, 2012 at 06:36:03PM +, Debian Bug Tracking System wrote: > Processing commands for cont...@bugs.debian.org: > > > tags 683323 + moreinfo > Bug #683323 [release.debian.org] unblock: python-apt/0.8.7 > Bug #684450 [release.debian.org] unblock: python-apt/0.8.7 > Added tag(s) moreinfo. > Added tag(s) moreinfo. Why did you add moreinfo? There were no unanswered questions. Mehdi requested a debdiff for 0.8.4.1, Michael provided it. We'd like to continue somehow. -- Julian Andres Klode - Debian Developer, Ubuntu Member See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/. pgp353rxY7IMw.pgp Description: PGP signature
Bug#688966: Comments regarding midgard2-core_10.05.7.1-2_i386.changes
Hi! > this is a quick update on what's going on with your package in NEW. > > We're holding it due to a library transition which would affect some > reverse > dependencies. As Wheezy is frozen, Release Team asked us to refrain from > processing packages which introduce unplanned transitions, as this could > delay > the Wheezy release even further. I do not think we introduce some huge change which might trigger reverese dependencies. The only one package which depends on libmidgard2 is php5-midgard2. For other languages correct gir packages are required, but those do not depend on strict names so much. php5-midgard had one (invalid) bug reported which has been fixed elsewhere. Midgard2 is (propably) the only one open source orm with content repository facilities, and php5-midgard provides well known and tested language bindings. 10.05 generation of Midgard is LTS and should be (IMO) included in debian stable, as new upstream generation has just been started. That would allow users to rely on LTS version in stable repositories, and new releases in unstable/testing. Piotras -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAFPMTbEzThVs=u+p6Dbzh6=pfr2ytpyjubqpzi+letzjnav...@mail.gmail.com
Bug#688966: Review midgard2-core package
Hi! >> Please review midgard2-core for inclusion in squeeze. > > I'm assuming you mean wheezy? Of course wheezy :) >> Package contains only one RC bug: >> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677795 > > and hopefully "fixes one RC bug" :-) It's worth mentioning that lintian (-i -I -E --pedantic) reports nothing. Piotras -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cafpmtbhh3ssozgqky+qrkoa7lxd9jxgyqkg_vqp1shxscyu...@mail.gmail.com
Re: Bug#689117: unblock: meta-gnome3/1:3.4+3
On 01/10/2012 10:11, Gergely Nagy wrote: Olivier Bonvalet writes: Also, since ads are often the main funding source of a website, I think blocking ads is a «politic» choice which can't be the default behavior. You are right, this is a political choice. I don’t think Debian should endorse the web being run by advertisements when there are technical solutions. The default behavior should be to display the website as it is. Then if a user choose to don't display ads then it's fine, he also accept the fact that the website can disable access to some of it contents. If that argument would be followed, we'd need flash, java and who knows what else enabled in the default browser. I don't think that would be smart or even desirable. It's what we do by recommanding browser-plugin-gnash in the gnome package no ? flashplugin-nonfree is not installed by default, only because of licence problems, not because "flash is evil". Quite a number of ads need flash anyway, and those that do not, usually raise privacy concerns - so we either allow ads and hurt the privacy of our users, or we protect their privacy by default at the cost of not displaying ads. Then we should also disable Google safe-browsing, and enable Tor on default setup ? The "Do-Not-Track" feature should already "protect" their privacy, right ? I don't know about you, but I'd go with the second anyday. I totally agree that we should help users to protect their privacy. But I don't agree on the fact that Debian decide to transparently cut access to part of the web, without any notification. Of course each user can disable that, but I really think user should decide to enable that himself. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/506963d6.6000...@daevel.fr
Bug#689137: unblock: minbif/1:1.0.5+git20120508-2.1
Hi David, thanks a lot for the NMU and the associated unblock request, while I was away :) Cheers, --Seb On Sep/29, David Prévot wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Please unblock package minbif > > It fixes a serious mess of the “directory replaced by symlink”-kind. > > unblock minbif/1:1.0.5+git20120508-2.1 > > Thanks in advance, regards. > > David > > -- System Information: > Debian Release: wheezy/sid > APT prefers unstable > APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, > 'experimental') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 3.5-trunk-amd64 (SMP w/1 CPU core) > Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > diff -Nru minbif-1.0.5+git20120508/debian/changelog > minbif-1.0.5+git20120508/debian/changelog > --- minbif-1.0.5+git20120508/debian/changelog 2012-08-19 06:39:44.0 > -0400 > +++ minbif-1.0.5+git20120508/debian/changelog 2012-09-26 15:46:19.0 > -0400 > @@ -1,3 +1,11 @@ > +minbif (1:1.0.5+git20120508-2.1) unstable; urgency=low > + > + * Non-maintainer upload. > + * debian/minbif.postinst: Fix directory to symlink upgrade in postinst. > +(Closes: #687660) > + > + -- David Prévot Wed, 26 Sep 2012 15:46:12 -0400 > + > minbif (1:1.0.5+git20120508-2) unstable; urgency=low > >* Re-enable caca so user icons can be displayed; it should not have been > diff -Nru minbif-1.0.5+git20120508/debian/minbif.postinst > minbif-1.0.5+git20120508/debian/minbif.postinst > --- minbif-1.0.5+git20120508/debian/minbif.postinst 1969-12-31 > 20:00:00.0 -0400 > +++ minbif-1.0.5+git20120508/debian/minbif.postinst 2012-09-26 > 15:43:15.0 -0400 > @@ -0,0 +1,14 @@ > +#!/bin/sh > +set -e > + > +# Replace documentation directory with symlink > +docdir="/usr/share/doc/minbif" > +if [ -d $docdir ] && [ ! -L $docdir ]; then > +if rmdir $docdir 2>/dev/null; then > +ln -sf minbif-common $docdir > +fi > +fi > + > +#DEBHELPER# > + > +exit 0 -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121001084116.gc2...@frisco.mine.nu
Bug#689204: marked as done (unblock: apt-listbugs/0.1.8)
Your message dated Mon, 01 Oct 2012 10:36:01 +0200 with message-id <506955f1.3070...@thykier.net> and subject line Re: Bug#689204: unblock: apt-listbugs/0.1.8 has caused the Debian Bug report #689204, regarding unblock: apt-listbugs/0.1.8 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 689204: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689204 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package apt-listbugs As can be seen with the following command on the git repository: $ git diff apt-listbugs/0.1.7..apt-listbugs/0.1.8 | filterdiff \ --exclude='*.po' --exclude='*.pot' the only non-l10n changes from version 0.1.7 are: * i18n fixes and enhancements * English improvements and clarifications in translatable strings and in the documentation (discussed on the debian-l10n-english mailing list) * a dependency adjustment, done to drop a transitional package (libgettext-ruby1.8 replaced by ruby-gettext) I am attaching the output of the above command. Please also take a look at the git repository, in case you want to review the changes organized in commits: http://anonscm.debian.org/gitweb/?p=apt-listbugs/apt-listbugs.git;a=shortlog Thanks for your time! unblock apt-listbugs/0.1.8 -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (800, 'testing'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash apt-listbugs_017_018.diff.gz Description: GNU Zip compressed data --- End Message --- --- Begin Message --- On 2012-09-30 12:40, Francesco Poli (wintermute) wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Please unblock package apt-listbugs > > As can be seen with the following command on the git repository: > > $ git diff apt-listbugs/0.1.7..apt-listbugs/0.1.8 | filterdiff \ > --exclude='*.po' --exclude='*.pot' > > the only non-l10n changes from version 0.1.7 are: > > * i18n fixes and enhancements > * English improvements and clarifications in translatable strings > and in the documentation (discussed on the debian-l10n-english > mailing list) > * a dependency adjustment, done to drop a transitional package > (libgettext-ruby1.8 replaced by ruby-gettext) > > I am attaching the output of the above command. > > Please also take a look at the git repository, in case you want to > review the changes organized in commits: > http://anonscm.debian.org/gitweb/?p=apt-listbugs/apt-listbugs.git;a=shortlog > > Thanks for your time! > > > [...] Unblocked, thanks. ~Niels--- End Message ---
Bug#689292: marked as done (unblock: tinyproxy/1.8.3-3 (security issue))
Your message dated Mon, 01 Oct 2012 10:26:09 +0200 with message-id <506953a1.9050...@thykier.net> and subject line Re: Bug#689292: unblock: tinyproxy/1.8.3-3 (security issue) has caused the Debian Bug report #689292, regarding unblock: tinyproxy/1.8.3-3 (security issue) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 689292: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689292 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, Please unblock package tinyproxy. It fixes a denial of service. unblock tinyproxy/1.8.3-3 Thanks, Thijs --- End Message --- --- Begin Message --- On 2012-10-01 09:39, Thijs Kinkhorst wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Hi, > > Please unblock package tinyproxy. It fixes a denial of service. > > unblock tinyproxy/1.8.3-3 > > > Thanks, > Thijs > > Unblocked, thanks. ~Niels--- End Message ---
Bug#689218: marked as done (unblock: mathematica-fonts/16)
Your message dated Mon, 01 Oct 2012 10:28:23 +0200 with message-id <50695427.7040...@thykier.net> and subject line Re: Bug#689218: unblock: mathematica-fonts/16 has caused the Debian Bug report #689218, regarding unblock: mathematica-fonts/16 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 689218: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689218 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package mathematica-fonts, it fixes an important issue via unstable (#686260: allow for translation of all user-visible messages), with a review of all descriptions, update most existing translations (including the eight aiming for being complete in Wheezy) and add a new one. The attach debdiff spares you the POT and PO files. unblock mathematica-fonts/16 Thanks in advance, regards. David P.-S.: This issue is identical to #688876, but filed a separate bug as requested. -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.5-trunk-amd64 (SMP w/1 CPU core) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru --exclude po mathematica-fonts-14/debian/changelog mathematica-fonts-16/debian/changelog --- mathematica-fonts-14/debian/changelog 2012-07-13 00:51:15.0 -0400 +++ mathematica-fonts-16/debian/changelog 2012-09-29 19:58:00.0 -0400 @@ -1,3 +1,34 @@ +mathematica-fonts (16) unstable; urgency=low + + * Updated Debconf translations. Thanks to Javier. +Spanish, Javier Fernández-Sanguino Peña. (Closes: #688923) + + -- Atsuhito KOHDA Sun, 30 Sep 2012 08:48:14 +0900 + +mathematica-fonts (15) unstable; urgency=low + + * This version was completely owing to the contribution of David Prévot +. Thanks to David. + * Review templates and package description by the debian-l10n-english team. +(Closes: #686260) + + [ Debconf translations ] + * Czech, Martin Šín. (Closes: #687260) + * Russian, Yuri Kozlov. (Closes: #687318) + * Portuguese, Américo Monteiro. (Closes: #687499) + * Polish, Michał Kułach. (Closes: #687552) + * Italian, Beatrice Torracca. (Closes: #687762) + * Danish, Joe Hansen. (Closes: #687832) + * German, Martin Eberhard Schauer. (Closes: #688035) + * French, David Prévot. (Closes: #688152) + * Arabic, Ossama M. Khayat. + * Japanese, victory. + * Vietnamese, Nguyễn Vũ Hưng. + * Swedish, Martin Bagge. (Closes: #688418) + * Spanish, Rafael Ernesto Rivas. + + -- Atsuhito KOHDA Fri, 07 Sep 2012 17:59:30 -0400 + mathematica-fonts (14) unstable; urgency=low * Fixed packaging: create directories for the fonts with debian/dirs diff -Nru --exclude po mathematica-fonts-14/debian/control mathematica-fonts-16/debian/control --- mathematica-fonts-14/debian/control 2009-12-28 06:36:28.0 -0400 +++ mathematica-fonts-16/debian/control 2012-09-24 20:22:53.0 -0400 @@ -12,13 +12,13 @@ Provides: ttf-mathematica4.1 Conflicts: ttf-mathematica4.1 (<< 9) Replaces: ttf-mathematica4.1 (<< 9) -Description: Installer of Mathematica fonts - This package downloads Mathematica fonts through an internet - and installs them, because the license prohibits distribution of - the fonts. NOTE the fonts might be removed from a web site so it - might happen that you failed to download the fonts. +Description: installer for Mathematica fonts + This package downloads Mathematica fonts from http://support.wolfram.com/ + and installs them, because the license prohibits their distribution. + Please note that it may fail if the web site no longer offers them for + download. . - This package will install only AFM, TTF and Type1 at present. + This package will currently only install AFM, TTF, and Type1 fonts. Package: ttf-mathematica4.1 Architecture: all diff -Nru --exclude po mathematica-fonts-14/debian/templates mathematica-fonts-16/debian/templates --- mathematica-fonts-14/debian/templates 2009-06-23 18:44:44.0 -0400 +++ mathematica-fonts-16/debian/templates 2012-09-24 20:22:53.0 -0400 @@ -1,11 +1,20 @@ +# These templates have been reviewed by the debian-l10n-english +# team +# +# If modifications/additions/rewording are needed, please ask +# debian-l10n-engl...@lists.debian.org for advice. +# +# Even minor modifications require translation updates and such +# changes should be co
Re: Bug#689117: unblock: meta-gnome3/1:3.4+3
Olivier Bonvalet writes: >>> Also, since ads are often the main funding source of a website, I >>> think blocking ads is a «politic» choice which can't be the default >>> behavior. >> >> You are right, this is a political choice. I don’t think Debian should >> endorse the web being run by advertisements when there are technical >> solutions. >> > > The default behavior should be to display the website as it is. Then > if a user choose to don't display ads then it's fine, he also accept > the fact that the website can disable access to some of it contents. If that argument would be followed, we'd need flash, java and who knows what else enabled in the default browser. I don't think that would be smart or even desirable. Quite a number of ads need flash anyway, and those that do not, usually raise privacy concerns - so we either allow ads and hurt the privacy of our users, or we protect their privacy by default at the cost of not displaying ads. I don't know about you, but I'd go with the second anyday. -- |8] -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87391yy5ly.fsf@algernon.balabit
Bug#685230: unblock hylafax 3:6.0.6-4
On Mon, Oct 1, 2012 at 09:39:50 +0200, Giuseppe Sacco wrote: > Hi Julien, > could you please explain why you would remove hylafax from wheezy (I am > probably missing something here)? Isn't the package currently in testing > good enough? All RC bugs have been already solved. If you think it is > compulsory to fix these bugs on the wheezy version, than I may prepare > an upload as suggested by Cyril. > The BTS thinks #661482 and #682824 are RC bugs affecting the version in testing. Cheers, Julien -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121001082345.gb5...@coloquinte.cristau.org
Bug#685230: unblock hylafax 3:6.0.6-4
Hi Julien, could you please explain why you would remove hylafax from wheezy (I am probably missing something here)? Isn't the package currently in testing good enough? All RC bugs have been already solved. If you think it is compulsory to fix these bugs on the wheezy version, than I may prepare an upload as suggested by Cyril. Bye, Giuseppe -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1349077190.20698.6.camel@scarafaggio
Bug#689292: unblock: tinyproxy/1.8.3-3 (security issue)
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, Please unblock package tinyproxy. It fixes a denial of service. unblock tinyproxy/1.8.3-3 Thanks, Thijs -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121001073932.4172.31338.report...@incagijs.uvt.nl
Bug#689289: unblock: keystone/2012.1.1-9 (CVE-2012-445{6,7}, +policy RC fixes)
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Dear Release Team,
I have applied upstream patches for CVE-2012-445{6,7} (yes, yet another
CVE in keystone...), and fixed bad handling of /etc/keystone/keystone.conf.
The later modifications have already been investigated by Julien, and I
believe they are into shape now.
If the release team prefers that I first undo keystone.conf changes so
that only the CVE fixes can migrate first, then the keystone.conf handling
gets the standard 10 days testing, that can be done too. I have no problem
doing this in 2 steps, to give more testing time for the keystone.conf
handling. But I believe it should be ok now.
The debdiff is attached. It's unfortunately not so small.
Thanks for your time working on the Wheezy release,
Please unblock keystone/2012.1.1-9,
Cheers,
Thomas Goirand (zigo)
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru keystone-2012.1.1/debian/changelog keystone-2012.1.1/debian/changelog
--- keystone-2012.1.1/debian/changelog 2012-09-12 16:33:13.0 +
+++ keystone-2012.1.1/debian/changelog 2012-10-01 06:51:43.0 +
@@ -1,3 +1,28 @@
+keystone (2012.1.1-9) unstable; urgency=high
+
+ * Fixes sometimes failing keystone.postrm (db_get in some conditions can
+ return false), and fixed non-consistant indenting.
+ * Uses /usr/share/keystone/keystone.conf instead of /usr/share/doc/keystone
+ /keystone.conf.sample for temporary storing the conf file (this was a policy
+ violation, as the doc folder should never be required).
+ * Fixes CVE-2012-4457: fails to raise Unauthorized user error for disabled,
+ CVE-2012-4456: fails to validate tokens in Admin API (Closes: #689210).
+
+ -- Thomas Goirand Mon, 01 Oct 2012 05:52:23 +
+
+keystone (2012.1.1-8) unstable; urgency=low
+
+ * Fixes parsing of the SQL connection in keystone.config.
+
+ -- Thomas Goirand Sun, 30 Sep 2012 01:48:50 +
+
+keystone (2012.1.1-7) unstable; urgency=low
+
+ * Fixes band handling (eg: policy violation) of keystone.conf which was
+ conffiles, but changed in the posinst (Closes: #687311).
+
+ -- Thomas Goirand Wed, 12 Sep 2012 17:09:47 +
+
keystone (2012.1.1-6) unstable; urgency=high
* CVE-2012-4413: Revoking a role does not affect existing tokens
diff -Nru keystone-2012.1.1/debian/keystone.config keystone-2012.1.1/debian/keystone.config
--- keystone-2012.1.1/debian/keystone.config 2012-09-12 16:33:13.0 +
+++ keystone-2012.1.1/debian/keystone.config 2012-10-01 06:51:43.0 +
@@ -1,19 +1,79 @@
#!/bin/sh
+
set -e
. /usr/share/debconf/confmodule
+### Reading of values in the keystone config file ###
+### and setting default for dbconfig-common accordingly ###
+KEY_CONF=/etc/keystone/keystone.conf
+
+if [ -e "${KEY_CONF}" ] ; then
+ KEY_CONF_AUTH_TOKEN=`grep -E "^([ \t])*admin_token([ \t])*=([ \t])*" ${KEY_CONF} | awk '{print $3}'`
+ if [ -n "${KEY_CONF_AUTH_TOKEN}" ] ; then
+ db_set keystone/auth-token ${KEY_CONF_AUTH_TOKEN}
+ fi
+fi
db_input low keystone/auth-token || true
db_input low keystone/configure_db || true
db_go
+
db_get keystone/configure_db
-if [ "$RET" = "true" ]; then
-if [ -f /usr/share/dbconfig-common/dpkg/config ];
-then
- dbc_dbtypes="sqlite3, mysql, pgsql"
- db_authmethod_user="password"
- dbc_basepath="/var/lib/keystone"
+if [ "$RET" = "true" ] && [ -e "${KEY_CONF}" ] && [ -f /usr/share/dbconfig-common/dpkg/config ] ; then
. /usr/share/dbconfig-common/dpkg/config
+ KEY_CONF_DB_CON_INFO=`grep -E "^([ \t])*connection([ \t])*=([ \t])*" ${KEY_CONF} | awk '{print $3}'`
+ KEY_CONF_DB_TYPE=`echo ${KEY_CONF_DB_CON_INFO} | cut -d":" -f1`
+ # If we have an undefined SQL type, we go back to a more sane default (eg: SQLite)
+ if [ "${KEY_CONF_DB_TYPE}" != "sqlite" ] && [ "${KEY_CONF_DB_TYPE}" != "mysql" ] && [ "${KEY_CONF_DB_TYPE}" != "pgsql" ] ; then
+ KEY_CONF_DB_CON_INFO="sqlite:///var/lib/keystone/keystone.sqlite"
+ KEY_CONF_DB_TYPE="sqlite"
+ fi
+ if [ "${KEY_CONF_DB_TYPE}" = "sqlite" ] ; then
+ # This is the invalid default in the etc/keystone.conf in the source package
+ if [ "${KEY_CONF_DB_CON_INFO}" = "sqlite:///keystone.db" ] ; then
+ KEY_CONF_DB_CON_INFO="sqlite:///var/lib/keystone/keystone.sqlite"
+ fi
+
+ KEY_CONF_DB_PATH=`echo "${KEY_CONF_DB_CON_INFO}" | awk '{print substr($0,11)}'`
+ if [ -z "${KEY_CONF_DB_PATH}" ] ; then
+ KEY_CONF_DB_PATH=/var/lib/keystone/keystone.sqlite
+ fi
+ dbc_basepath=`dirname "${KEY_CONF_DB_PATH}"`
+ dbc_dbname=`basename "${KEY_CONF_DB_PATH}"`
+ dbc_dbtypes="sqlite3, mysql, pgsql"
+ else
+ # Later, the postinst does: mysql://$dbc_dbuser:$dbc_dbpass@${dbc_dbserver:-localhost}$dbport/$d
