Bug#699148: unblock: celery/2.5.3-2

[Christoph Egger]

Hi!

Michael Fladischer mich...@fladi.at writes:
 On 2013-02-28 21:27, Adam D. Barratt wrote:
 Any news on an upload?

 2.5.3-3 is prepared in SVN but paravoid (my sponsor on celery) seems
 to be busy.

Uploaded

Christoph


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87ppzjler1@mitoraj.siccegge.de

Bug#700798: unblock: live-tools/3.0.18-1

[Daniel Baumann]

retitle 700798 live-tools/3.0.19-1
tag 700798 - moreinfo
thanks

see live-tools 3.0.19-1.

-- 
Address:Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email:  daniel.baum...@progress-technologies.net
Internet:   http://people.progress-technologies.net/~daniel.baumann/


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/51306d7c.9040...@progress-technologies.net

Processed: Re: unblock: live-tools/3.0.18-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 retitle 700798 live-tools/3.0.19-1
Bug #700798 [release.debian.org] unblock: live-tools/3.0.18-1
Changed Bug title to 'live-tools/3.0.19-1' from 'unblock: live-tools/3.0.18-1'
 tag 700798 - moreinfo
Bug #700798 [release.debian.org] live-tools/3.0.19-1
Removed tag(s) moreinfo.
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
700798: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700798
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.136212825421763.transcr...@bugs.debian.org

Bug#699148: unblock: celery/2.5.3-2

[Faidon Liambotis]

On Fri, Mar 01, 2013 at 12:13:06AM -0800, Christoph Egger wrote:
 Michael Fladischer mich...@fladi.at writes:
  On 2013-02-28 21:27, Adam D. Barratt wrote:
  Any news on an upload?
 
  2.5.3-3 is prepared in SVN but paravoid (my sponsor on celery) seems
  to be busy.
 
 Uploaded

JFYI,
r23622 | fladi-guest | 2013-03-01 07:46:25 + (Fri, 01 Mar 2013) | 2 lines

i.e. 40 minutes ago, after I sent a mail to Michael :) But thanks for
handling that, appreciated.

Regards,
Faidon


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130301082950.ga24...@dewey.void.home

Processed: debian-live

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 Block 701967 by 700798
Bug #701967 [debian-live] 7.0~rc1 release
701967 was not blocked by any bugs.
701967 was not blocking any bugs.
Added blocking bug(s) of 701967: 700798
 Block 701967 by 700797
Bug #701967 [debian-live] 7.0~rc1 release
701967 was blocked by: 700798
701967 was not blocking any bugs.
Added blocking bug(s) of 701967: 700797
 Block 701967 by 700798
Bug #701967 [debian-live] 7.0~rc1 release
701967 was blocked by: 700798 700797
701967 was not blocking any bugs.
Ignoring request to alter blocking bugs of bug #701967 to the same blocks 
previously set
 Block 701967 by 700800
Bug #701967 [debian-live] 7.0~rc1 release
701967 was blocked by: 700798 700797
701967 was not blocking any bugs.
Added blocking bug(s) of 701967: 700800
 Block 701967 by 701969
Bug #701967 [debian-live] 7.0~rc1 release
701967 was blocked by: 700798 700797 700800
701967 was not blocking any bugs.
Added blocking bug(s) of 701967: 701969
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
701967: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701967
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.136212900327950.transcr...@bugs.debian.org

Processed: debian-live

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 Block 701967 by 700796
Bug #701967 [debian-live] 7.0~rc1 release
701967 was blocked by: 700798 700797 700800 701969
701967 was not blocking any bugs.
Added blocking bug(s) of 701967: 700796
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
701967: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701967
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.136212952032237.transcr...@bugs.debian.org

Bug#685230: unblock hylafax 3:6.0.6-4

[Giuseppe Sacco]

Il giorno ven, 01/03/2013 alle 08.00 +0100, Joachim Wiedorn ha scritto:
[...]
 The next step is creating hylafax 6.0.6-5 as mentioned by Ivo De Decker.
 Should I already prepare these updated package of hylafax now?

I have been waiting for capi4hylafax being accepted, but now I think
I'll package and upload hylafax 6.0.6-5 with only wheezy changes during
this week end.

The diff I'll use is almost what Ivo suggested in
http://lists.debian.org/debian-release/2012/12/msg00886.html

Bye,
Giuseppe


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/1362131097.3536.10.camel@server-000

Bug#701978: unblock: kmess/2.0.6.1-3

[José Manuel Santamaría Lema]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello, 

could you please unblock the kmess package? the latest -3 upload 
contains a fix for the bug #697918 deconnection each minute:
http://bugs.debian.org/697918


Thank you.
diff -Nru kmess-2.0.6.1/debian/changelog kmess-2.0.6.1/debian/changelog
--- kmess-2.0.6.1/debian/changelog	2011-11-09 15:32:03.0 +0100
+++ kmess-2.0.6.1/debian/changelog	2013-01-17 22:35:08.0 +0100
@@ -1,3 +1,9 @@
+kmess (2.0.6.1-3) unstable; urgency=low
+
+  * Add use_ssl_v3.diff, avoids disconnections each minute. (Closes: #697918)
+
+ -- José Manuel Santamaría Lema panfa...@gmail.com  Thu, 17 Jan 2013 22:34:48 +0100
+
 kmess (2.0.6.1-2) unstable; urgency=high
 
   * Add follow-location-redirects.diff, this makes KMess usable with the latest
diff -Nru kmess-2.0.6.1/debian/patches/series kmess-2.0.6.1/debian/patches/series
--- kmess-2.0.6.1/debian/patches/series	2011-11-09 14:44:13.0 +0100
+++ kmess-2.0.6.1/debian/patches/series	2013-01-16 22:06:38.0 +0100
@@ -1 +1,2 @@
 follow-location-redirects.diff
+use_ssl_v3.diff
diff -Nru kmess-2.0.6.1/debian/patches/use_ssl_v3.diff kmess-2.0.6.1/debian/patches/use_ssl_v3.diff
--- kmess-2.0.6.1/debian/patches/use_ssl_v3.diff	1970-01-01 01:00:00.0 +0100
+++ kmess-2.0.6.1/debian/patches/use_ssl_v3.diff	2013-01-17 22:30:33.0 +0100
@@ -0,0 +1,34 @@
+Author: José Manuel Santamaría Lema panfa...@gmail.com
+Description: This patch forces KMess to use SSLv3.
+ This patch is needed because with recent versions of openssl kmess disconnects
+ and connects again each minute: http://bugs.debian.org/697918
+ Downgrading openssl to an older version solves the problem, however, this isn't
+ probably a bug in openssl but in the MSN servers, see:
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=666012#31
+ .
+ For the record, emesene had the same problem and their upstream developers
+ solved the problem doing the same, just using SSLv3.
+Forwarded: yes, but upstream isn't maintaining the program anymore
+Bug-Debian: http://bugs.debian.org/697918
+Last-Update: 2013-01-17
+--- a/src/network/soap/httpsoapconnection.cpp
 b/src/network/soap/httpsoapconnection.cpp
+@@ -31,6 +31,7 @@
+ #include QNetworkRequest
+ #include QNetworkReply
+ #include QSslError
++#include QSslConfiguration
+ 
+ #include KLocale
+ 
+@@ -353,6 +354,10 @@ void HttpSoapConnection::sendNextRequest
+ request.setRawHeader( SOAPAction, quotedAction.toLatin1() );
+   }
+ 
++  QSslConfiguration ssl_config = request.sslConfiguration();
++  ssl_config.setProtocol(QSsl::SslV3);
++  request.setSslConfiguration(ssl_config);
++
+   http_-post( request, contents );
+ 
+   // Start the response timer


signature.asc
Description: This is a digitally signed message part.

Bug#701981: unblock: soprano/2.7.6+dfsg.1-3

[José Manuel Santamaría Lema]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello, 

could you please unblock the soprano package? the latest upload workarounds a 
problem which makes the default installation of virtuoso as standalone server 
hang.

To reproduce the problem you can just do:
apt-get install virtuoso-opensource-6.1
while using kde; without the fix the virtuoso postinst script will hang.

Thank you.
diff -Nru soprano-2.7.6+dfsg.1/debian/changelog soprano-2.7.6+dfsg.1/debian/changelog
--- soprano-2.7.6+dfsg.1/debian/changelog	2012-11-27 22:34:30.0 +0100
+++ soprano-2.7.6+dfsg.1/debian/changelog	2013-02-05 11:38:21.0 +0100
@@ -1,3 +1,11 @@
+soprano (2.7.6+dfsg.1-3) unstable; urgency=low
+
+  * Team upload.
+  * Add dont_use_virtuoso_default_port.diff, prevents hangs when installing or
+running virtuoso as a standalone server.
+
+ -- José Manuel Santamaría Lema panfa...@gmail.com  Tue, 05 Feb 2013 11:38:17 +0100
+
 soprano (2.7.6+dfsg.1-2) unstable; urgency=low
 
   * Team upload.
diff -Nru soprano-2.7.6+dfsg.1/debian/patches/dont_use_virtuoso_default_port.diff soprano-2.7.6+dfsg.1/debian/patches/dont_use_virtuoso_default_port.diff
--- soprano-2.7.6+dfsg.1/debian/patches/dont_use_virtuoso_default_port.diff	1970-01-01 01:00:00.0 +0100
+++ soprano-2.7.6+dfsg.1/debian/patches/dont_use_virtuoso_default_port.diff	2013-02-05 16:01:00.0 +0100
@@ -0,0 +1,33 @@
+Author: José Manuel Santamaría Lema panfa...@gmail.com
+Forwarded: https://projects.kde.org/projects/kdesupport/soprano/repository/revisions/3482b5fe
+Description: If possible, don't use the default virtuso port ()
+ Soprano launches a Virtuoso server using an unix socket (/tmp/virt_ where
+  is the tcp port specified in the configuration file). It tries first with
+ the /tmp/virt_ port if it's availaible, and if it's not, keeps trying with
+ above ports one by one until it finds an usuable /tmp/virt_. Starting with
+  is a very unfortunate choice, because if you start other virtuoso server
+ configured to use the same port (note that  is the default), then it would
+ fail to start. It should fail and return, but currently it hangs.
+ .
+ When installing virtuoso-opensource-6.1, the postinst script will try to start
+ Virtuoso using the default  port in order to change the admin password. So
+ the problem is the following: since the unix socket /tmp/virt_ is
+ (probably) already being used by the Virtuoso instance started by Soprano, the
+ Virtuoso instance started by the postinst script would hang (as explained in
+ the paragraph above), breaking the installation.
+--- a/backends/virtuoso/virtuosocontroller.cpp
 b/backends/virtuoso/virtuosocontroller.cpp
+@@ -56,11 +56,11 @@ namespace {
+ // }
+ #ifdef Q_OS_WIN
+ static QMutex portNumberMutex;
+-static quint16 p = ;
++static quint16 p = 1113;
+ QMutexLocker l(portNumberMutex);
+ return p++;
+ #else
+-int p = ;
++int p = 1113;
+ while ( QFile::exists( QString( /tmp/virt_%1 ).arg( p ) ) ) {
+ ++p;
+ }
diff -Nru soprano-2.7.6+dfsg.1/debian/patches/series soprano-2.7.6+dfsg.1/debian/patches/series
--- soprano-2.7.6+dfsg.1/debian/patches/series	2012-11-25 15:06:51.0 +0100
+++ soprano-2.7.6+dfsg.1/debian/patches/series	2012-12-27 15:32:27.0 +0100
@@ -1,3 +1,4 @@
+dont_use_virtuoso_default_port.diff
 x11_not_required.diff
 disable_usr_lib_install_rpath.diff
 doxyfile_generate_tagfile.diff


signature.asc
Description: This is a digitally signed message part.

Bug#685230: unblock hylafax 3:6.0.6-4

[Julien Cristau]

On Fri, Mar  1, 2013 at 08:00:27 +0100, Joachim Wiedorn wrote:

 Hello Julien,
 
 Julien Cristau wrote on 2013-02-28 22:11:
 
  This version 3:6.0.6-5 should be uploaded to unstable.
 
  is there an ETA for that new upload?
 
 At first we need an updated version of capi4hylafax to solve one half
 of the problems between hylafax and capi4hylafax. This new version is 
 already on mentors.d.o ready for wheezy:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697733
 
 And I have asked the release team for pre-approval:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699171
 
Thanks, I'll try and have a look at that soon.

 The next step is creating hylafax 6.0.6-5 as mentioned by Ivo De Decker.
 Should I already prepare these updated package of hylafax now?
 
If possible, yes.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#699148: unblock: celery/2.5.3-2

[Julien Cristau]

On Sat, Feb  9, 2013 at 10:35:50 +0100, Julien Cristau wrote:

 On Sat, Feb  9, 2013 at 08:17:44 +0100, Michael Fladischer wrote:
 
  Julien Cristau, 02/08/2013 10:48 PM:
   I guess that should be fine then, but your postrm doesn't seem to
   delete any logfiles?
  
  I'll add this to postrm prior to deleting the user. A `rm -rf
  /var/log/celery` should be fine I guess.
  
 Sounds good.
 
Why is that in the if deluser exists block?

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#699148: unblock: celery/2.5.3-2

[Michael Fladischer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 2013-03-01 11:33, Julien Cristau wrote:
 Why is that in the if deluser exists block?

Because without deluser the user/group would not be removed. So I
decided to only remove the logfiles if the user/group are gone, so to
to generate a scenario where files with uid/gid are on the system with
no username/group assigned.
- -- 
Michael Fladischer
Fladi.at
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlEwhdYACgkQeJ3z1zFMUGa/ogCggqHvgDI0YSx7iCtoPznllvU2
aBkAniHExyfNiNnG3Zc0n1/v3nWQV+tH
=e8v5
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/513085d6.2040...@fladi.at

Bug#699148: unblock: celery/2.5.3-2

[Julien Cristau]

On Fri, Mar  1, 2013 at 11:41:26 +0100, Michael Fladischer wrote:

 On 2013-03-01 11:33, Julien Cristau wrote:
  Why is that in the if deluser exists block?
 
 Because without deluser the user/group would not be removed. So I
 decided to only remove the logfiles if the user/group are gone, so to
 to generate a scenario where files with uid/gid are on the system with
 no username/group assigned.

Removing log files on purge unconditionally doesn't generate such a
scenario, so I'm not sure I understand what you're saying.

Cheers,
Julien


signature.asc
Description: Digital signature

Processed: retitle to celery-2.5.3-3

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 retitle 699148 unblock: celery/2.5.3-3
Bug #699148 [release.debian.org] unblock: celery/2.5.3-2
Changed Bug title to 'unblock: celery/2.5.3-3' from 'unblock: celery/2.5.3-2'
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
699148: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699148
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.136213513211278.transcr...@bugs.debian.org

Bug#699148: unblock: celery/2.5.3-2

[Michael Fladischer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 2013-03-01 11:43, Julien Cristau wrote:
 Removing log files on purge unconditionally doesn't generate such
 a scenario, so I'm not sure I understand what you're saying.

My understanding was that it has to be insured that when a user is
removed, I need to make sure that no files that are owned by this user
are to be left on the filesystem.
I know what you mean, that I could remove the logfiles directory no
matter what happens to the user/group. I can do this in celery-2.5.3-4
if you deem this a better way to handle it.

Cheers,
- -- 
Michael Fladischer
Fladi.at
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlEwim0ACgkQeJ3z1zFMUGYULwCePbyUaboFiuTQC1oIII94Sp3i
v8kAn3dD9wDiw3Cajy1FAopU2O6V5aPQ
=3urk
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/51308a6d.8080...@fladi.at

Bug#701981: unblock: soprano/2.7.6+dfsg.1-3

[Adam D. Barratt]

Control: tags -1 + moreinfo

On 01.03.2013 10:20, José Manuel Santamaría Lema wrote:

could you please unblock the soprano package? the latest upload
workarounds a
problem which makes the default installation of virtuoso as
standalone server
hang.


Unfortunately we can't do that as things are:

$ grep-excuses soprano
soprano (2.7.6+dfsg.1-2 to 2.7.6+dfsg.1-3)
[...]
Depends: soprano redland (not considered)

The new redland package doesn't look suitable for an unblock, so either 
the dependency from soprano needs to be loosened (if appropriate), or 
this will need an update via t-p-u.


Regards,

Adam


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/03615e3092c72fae2b9d6d7f93652...@mail.adsl.funky-badger.org

Processed: Re: Bug#701981: unblock: soprano/2.7.6+dfsg.1-3

[Debian Bug Tracking System]

Processing control commands:

 tags -1 + moreinfo
Bug #701981 [release.debian.org] unblock: soprano/2.7.6+dfsg.1-3
Added tag(s) moreinfo.

-- 
701981: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701981
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.b701981.136213574816904.transcr...@bugs.debian.org

Bug#699148: unblock: celery/2.5.3-2

[Julien Cristau]

On Fri, Mar  1, 2013 at 12:01:01 +0100, Michael Fladischer wrote:

 On 2013-03-01 11:43, Julien Cristau wrote:
  Removing log files on purge unconditionally doesn't generate such
  a scenario, so I'm not sure I understand what you're saying.
 
 My understanding was that it has to be insured that when a user is
 removed, I need to make sure that no files that are owned by this user
 are to be left on the filesystem.

Correct.  Better keep the user around than leave unowned files on disk.

 I know what you mean, that I could remove the logfiles directory no
 matter what happens to the user/group. I can do this in celery-2.5.3-4
 if you deem this a better way to handle it.
 
I do.

Thanks,
Julien


signature.asc
Description: Digital signature

Bug#701978: marked as done (unblock: kmess/2.0.6.1-3)

[Debian Bug Tracking System]

Your message dated Fri, 01 Mar 2013 11:05:01 +
with message-id b91b0c0ba42de2fbd5fdedbc267fb...@mail.adsl.funky-badger.org
and subject line Re: Bug#701978: unblock: kmess/2.0.6.1-3
has caused the Debian Bug report #701978,
regarding unblock: kmess/2.0.6.1-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
701978: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701978
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello, 

could you please unblock the kmess package? the latest -3 upload 
contains a fix for the bug #697918 deconnection each minute:
http://bugs.debian.org/697918


Thank you.
diff -Nru kmess-2.0.6.1/debian/changelog kmess-2.0.6.1/debian/changelog
--- kmess-2.0.6.1/debian/changelog	2011-11-09 15:32:03.0 +0100
+++ kmess-2.0.6.1/debian/changelog	2013-01-17 22:35:08.0 +0100
@@ -1,3 +1,9 @@
+kmess (2.0.6.1-3) unstable; urgency=low
+
+  * Add use_ssl_v3.diff, avoids disconnections each minute. (Closes: #697918)
+
+ -- José Manuel Santamaría Lema panfa...@gmail.com  Thu, 17 Jan 2013 22:34:48 +0100
+
 kmess (2.0.6.1-2) unstable; urgency=high
 
   * Add follow-location-redirects.diff, this makes KMess usable with the latest
diff -Nru kmess-2.0.6.1/debian/patches/series kmess-2.0.6.1/debian/patches/series
--- kmess-2.0.6.1/debian/patches/series	2011-11-09 14:44:13.0 +0100
+++ kmess-2.0.6.1/debian/patches/series	2013-01-16 22:06:38.0 +0100
@@ -1 +1,2 @@
 follow-location-redirects.diff
+use_ssl_v3.diff
diff -Nru kmess-2.0.6.1/debian/patches/use_ssl_v3.diff kmess-2.0.6.1/debian/patches/use_ssl_v3.diff
--- kmess-2.0.6.1/debian/patches/use_ssl_v3.diff	1970-01-01 01:00:00.0 +0100
+++ kmess-2.0.6.1/debian/patches/use_ssl_v3.diff	2013-01-17 22:30:33.0 +0100
@@ -0,0 +1,34 @@
+Author: José Manuel Santamaría Lema panfa...@gmail.com
+Description: This patch forces KMess to use SSLv3.
+ This patch is needed because with recent versions of openssl kmess disconnects
+ and connects again each minute: http://bugs.debian.org/697918
+ Downgrading openssl to an older version solves the problem, however, this isn't
+ probably a bug in openssl but in the MSN servers, see:
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=666012#31
+ .
+ For the record, emesene had the same problem and their upstream developers
+ solved the problem doing the same, just using SSLv3.
+Forwarded: yes, but upstream isn't maintaining the program anymore
+Bug-Debian: http://bugs.debian.org/697918
+Last-Update: 2013-01-17
+--- a/src/network/soap/httpsoapconnection.cpp
 b/src/network/soap/httpsoapconnection.cpp
+@@ -31,6 +31,7 @@
+ #include QNetworkRequest
+ #include QNetworkReply
+ #include QSslError
++#include QSslConfiguration
+ 
+ #include KLocale
+ 
+@@ -353,6 +354,10 @@ void HttpSoapConnection::sendNextRequest
+ request.setRawHeader( SOAPAction, quotedAction.toLatin1() );
+   }
+ 
++  QSslConfiguration ssl_config = request.sslConfiguration();
++  ssl_config.setProtocol(QSsl::SslV3);
++  request.setSslConfiguration(ssl_config);
++
+   http_-post( request, contents );
+ 
+   // Start the response timer


signature.asc
Description: This is a digitally signed message part.
---End Message---
---BeginMessage---

On 01.03.2013 10:12, José Manuel Santamaría Lema wrote:

could you please unblock the kmess package? the latest -3 upload
contains a fix for the bug #697918 deconnection each minute:
http://bugs.debian.org/697918


Unblocked.

Regards,

Adam---End Message---

Bug#701178: preapproval unblock: dspam/dspam/3.10.1+dfsg-9

[Julien Cristau]

Actually...

On Thu, Feb 28, 2013 at 22:49:21 +0100, Thomas Preud'homme wrote:

 diff -Nru 
 dspam-3.10.1+dfsg/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff
  
 dspam-3.10.1+dfsg/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff
 --- 
 dspam-3.10.1+dfsg/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff
  1970-01-01 01:00:00.0 +0100
 +++ 
 dspam-3.10.1+dfsg/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff
  2013-02-28 21:34:52.0 +0100
 @@ -0,0 +1,55 @@
 +Description: Fix recipient corruption when releasing a message from 
 quarantine
 +
 +When releasing mail from quarantine, dspam corrupts the FROM part in the
 +SMTP/LMTP handshake.
 +
 +Author: Allan Ievers aimail-dspam_us...@rearden.com
 +Origin: vendor
 +Bug-Debian: http://bugs.debian.org/698136
 +Forwarded: ste...@bajic.ch
 +Last-Update: 2013-02-28
 +
 +diff --git a/src/dspam.c b/src/dspam.c
 +index 26266c9..68e1165 100644
 +--- a/src/dspam.c
  b/src/dspam.c
 +@@ -498,8 +498,9 @@ process_message (
 + ATX-train_pristine = 1;
 + }
 + 
 +-/* Change also the mail recipient */
 +-ATX-recipient = CTX-username;
 ++/* Change also the mail recipient. ATX-recipient either points to
 ++ * recipient[] or mailbox[] in process_users, hence the size of 256 */
 ++strlcpy(ATX-recipient, CTX-username, 256);
 + 
 +   }
 + }
 +@@ -1621,6 +1622,7 @@ int process_users(AGENT_CTX *ATX, buffer *message) {
 + char filename[MAX_FILENAME_LENGTH];
 + int optin, optout;
 + char *username = NULL;
 ++char recipient[256];
 + 
 + /* If ServerParameters specifies a --user, there will only be one
 +  * instance on the stack, but possible multiple recipients. So we
 +@@ -1659,7 +1661,7 @@ int process_users(AGENT_CTX *ATX, buffer *message) {
 + username = node_nt-ptr;
 + 
 + if (node_rcpt) {
 +-  ATX-recipient = node_rcpt-ptr;
 ++  strlcpy(recipient, node_rcpt-ptr, sizeof(recipient));
 +   node_rcpt = c_nt_next (ATX-recipients, c_rcpt);
 + } else {
 + 
 +@@ -1667,8 +1669,9 @@ int process_users(AGENT_CTX *ATX, buffer *message) {
 +   if (have_rcpts)
 + break;
 + 
 +-  ATX-recipient = node_nt-ptr;
 ++  strlcpy(recipient, node_nt-ptr, sizeof(recipient));
 + }
 ++ATX-recipient = recipient;
 + 
 +   /* If support for +detail is enabled, save full mailbox name for
 +  delivery and strip detail for processing */

Seems like ATX-recipient now points somewhere on the stack, and thus in
la-la-land at the end of the loop in process_users.  Is there any
guarantee it's not reused after that?  The scoping is kind of
non-obvious...

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#700798: marked as done (live-tools/3.0.19-1)

[Debian Bug Tracking System]

Your message dated Fri, 01 Mar 2013 13:05:56 +
with message-id 8767bfc502b52c237c5a102441c30...@mail.adsl.funky-badger.org
and subject line Re: Bug#700798: unblock: live-tools/3.0.18-1
has caused the Debian Bug report #700798,
regarding live-tools/3.0.19-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
700798: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700798
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package live-tools

The version in wheezy had some issues (see #685752 which this request
supercedes and I will now close) with upgradability that, while not
typical use cases (live-tools would normally only be installed on a live
system and subsequently not upgraded) were nevertheless show-stoppers
for the wheezy release.  Those issues have have since been resolved. We
consider this release to be the only supportable version for the
lifetime of wheezy.

I have attached a cleaned up diff which lists at the top the specific
cleanups performed to make review easier.

unblock live-tools/3.0.18-1

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.7-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
This is a diff 3.0.3-1..3.0.18-1:
  * without manpage translation changes
  * with filenames adjusted to account for file renames providing a minimal diff

diff -Naurp live-tools.orig/bin/live-persistence live-tools/bin/live-persistence
--- live-tools.orig/bin/live-persistence	1970-01-01 01:00:00.0 +0100
+++ live-tools/bin/live-persistence	2013-02-15 10:42:34.619868805 +0100
@@ -0,0 +1,482 @@
+#!/bin/sh
+
+## live-tools(7) - System Support Scripts
+##
+## This program comes with ABSOLUTELY NO WARRANTY; for details see COPYING.
+## This is free software, and you are welcome to redistribute it
+## under certain conditions; see COPYING for details.
+
+
+set -e
+
+# We're gonna mess with stderr's file descriptor below, so we save a
+# reference to it in fd 3 if we want to print to stderr
+exec 32
+
+error ()
+{
+	echo error: ${@} 3
+	exit 1
+}
+
+# Exit if user is unprivileged
+if [ $(id -u) -ne 0 ]
+then
+	echo E: need root privileges 3
+
+	exit 1
+fi
+
+# Exit if live-boot is not installed
+if [ ! -e /lib/live/boot ]
+then
+	echo E: live-boot not installed 3
+
+	exit 1
+fi
+
+# import Cmdline_old()
+. /lib/live/boot/9990-cmdline-old || error 'Could not source /lib/live/boot/9990-cmdline-old'
+
+# Set variable names needed by get_custom_mounts() etc.,
+# and now initialized by live-boot in a file that we certainly
+# don't want to source.
+persistence_list=persistence.conf
+old_persistence_list=live-persistence.conf
+custom_overlay_label=persistence
+export persistence_list old_persistence_list custom_overlay_label
+
+# This will import the following functions and variables used below:
+#   activate_custom_mounts()
+#   get_custom_mounts()
+#   open_luks_device()
+#   probe_for_gpt_name()
+#   removable_dev()
+#   removable_usb_dev()
+#   storage_devices()
+#   where_is_mounted()
+. /lib/live/boot/9990-misc-helpers.sh || error 'Could not source /lib/live/boot/9990-misc-helpers.sh'
+
+usage ()
+{
+	echo Usage: live-persistence [OPTION]... list [LABEL]...
+List (on stdout) all partitions with names among LABEL(s) that are compatible
+with live-boot's overlay persistence, and that are adhering to live-boot's
+persistence filters (e.g. persistence-media). If no LABEL is given the default
+in live-boot is used ('${custom_overlay_label}').
+   or: live-persistence [OPTION]... activate VOLUME...
+Activates persistence on the given VOLUME(s) (specified via block device).
+Successes and failures are written to stdout. There are no checks for whether
+the given volumes adhere to live-boot's options.
+   or: live-persistence [OPTION]... close VOLUME...
+Deactivates persistence on the given VOLUME(s) (specified via block device).
+
+Note: The 'activate' and 'stop' actions only support partition-backed volumes
+(e.g. /dev/sda2), not file-backed persistent volumes.
+
+Kernel command-line options are parsed just like in live-boot and have the same
+effect (see live-boot(7) for more information).
+
+Most options correspond to the persistence-* options of live-boot, and will
+override the corresponging options parsed from the kernel command-line.
+
+General 

Bug#699109: unblock (pre-approval): initramfs-tools-tcos/0.89.91

[Julien Cristau]

On Mon, Jan 28, 2013 at 09:22:35 +, Manuel A. Fernandez Montecelo wrote:

 2013/1/27 Julien Cristau jcris...@debian.org:
  On Sun, Jan 27, 2013 at 17:42:48 +, Manuel A. Fernandez Montecelo wrote:
 
  Could Release Team please say if the changes proposed in #694870 to
  fix an RC bug are OK to go?
 
  Please include an actual diff in this bug instead of a pointer to
  $somewhere_else.
 
 Attached.
 
 According to the discussion in that bug report, the patch does need to
 be so big to fix three separate issues, and without the fixes it seems
 that the software will not be functional.
 
I'm not overly happy with this patch.  The multiarch fixes just
hardcode two paths in an arch:all package with no apparent x86
dependency.  And the /etc/console-setup stuff looks like it'd break if
two files match the glob.  I'm more tempted by a removal at this point
to be honest.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#701996: unblock: openconnect/3.20-4

[Mike Miller]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear Release Team,

Please unblock package openconnect, version 3.20-4 already in unstable.
This version fixes bug #700805, possible memory leak introduced by
previous version. This fix was requested for wheezy [1]. The debdiff is
included below. Thank you.

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700806#22


diffstat for openconnect-3.20 openconnect-3.20

 changelog |7 ++
 patches/03_fix-abuse-of-realloc.patch |   97 ++
 patches/series|1 
 3 files changed, 105 insertions(+)

diff -Nru openconnect-3.20/debian/changelog openconnect-3.20/debian/changelog
--- openconnect-3.20/debian/changelog   2013-02-17 12:25:52.0 -0500
+++ openconnect-3.20/debian/changelog   2013-02-28 23:42:35.0 -0500
@@ -1,3 +1,10 @@
+openconnect (3.20-4) unstable; urgency=low
+
+  * debian/patches/03_fix-abuse-of-realloc.patch: Backport patch from upstream
+to fix possible memory leaks on realloc. (Closes: #700805)
+
+ -- Mike Miller mtmil...@ieee.org  Thu, 28 Feb 2013 23:42:31 -0500
+
 openconnect (3.20-3) unstable; urgency=low
 
   * debian/patches/02_CVE-2012-6128.patch: Backport patch from upstream to fix
diff -Nru openconnect-3.20/debian/patches/03_fix-abuse-of-realloc.patch 
openconnect-3.20/debian/patches/03_fix-abuse-of-realloc.patch
--- openconnect-3.20/debian/patches/03_fix-abuse-of-realloc.patch   
1969-12-31 19:00:00.0 -0500
+++ openconnect-3.20/debian/patches/03_fix-abuse-of-realloc.patch   
2013-02-28 19:28:20.0 -0500
@@ -0,0 +1,97 @@
+Origin: upstream, 
http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/8dad4f3ad009e45bbd1ba21f1bd03d3f7639deab
+From: David Woodhouse david.woodho...@intel.com
+Subject: Fix abuse of realloc() causing memory leaks
+
+Implement a helper which actually *does* free the original pointer on
+allocation failure, as I evidently always expected it to.
+
+http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700805
+
+Reported by: Niels Thykier ni...@thykier.net
+Signed-off-by: David Woodhouse david.woodho...@intel.com
+---
+ auth.c |4 ++--
+ compat.c   |2 +-
+ http.c |8 
+ openconnect-internal.h |8 
+ 4 files changed, 15 insertions(+), 7 deletions(-)
+
+--- a/auth.c
 b/auth.c
+@@ -140,8 +140,8 @@ static int parse_auth_choice(struct open
+   continue;
+ 
+   opt-nr_choices++;
+-  opt = realloc(opt, sizeof(*opt) +
+- opt-nr_choices * sizeof(*choice));
++  realloc_inplace(opt, sizeof(*opt) +
++  opt-nr_choices * sizeof(*choice));
+   if (!opt)
+   return -ENOMEM;
+ 
+--- a/compat.c
 b/compat.c
+@@ -131,7 +131,7 @@ ssize_t openconnect__getline(char **line
+   break;
+ 
+   *n *= 2;
+-  *lineptr = realloc(*lineptr, *n);
++  realloc_inplace(*lineptr, *n);
+   if (!*lineptr)
+   return -1;
+   }
+--- a/http.c
 b/http.c
+@@ -97,7 +97,7 @@ static void buf_append(struct oc_text_bu
+   break;
+   }
+ 
+-  buf-data = realloc(buf-data, new_buf_len);
++  realloc_inplace(buf-data, new_buf_len);
+   if (!buf-data) {
+   buf-error = -ENOMEM;
+   break;
+@@ -354,7 +354,7 @@ static int process_http_response(struct
+   lastchunk = 1;
+   goto skip;
+   }
+-  body = realloc(body, done + chunklen + 1);
++  realloc_inplace(body, done + chunklen + 1);
+   if (!body)
+   return -ENOMEM;
+   while (chunklen) {
+@@ -394,7 +394,7 @@ static int process_http_response(struct
+ 
+   /* HTTP 1.0 response. Just eat all we can in 16KiB chunks */
+   while (1) {
+-  body = realloc(body, done + 16384);
++  realloc_inplace(body, done + 16384);
+   if (!body)
+   return -ENOMEM;
+   i = openconnect_SSL_read(vpninfo, body + done, 16384);
+@@ -407,7 +407,7 @@ static int process_http_response(struct
+   return i;
+   } else {
+   /* Connection closed. Reduce allocation to just 
what we need */
+-  body = realloc(body, done + 1);
++  realloc_inplace(body, done + 1);
+   if (!body)
+   return 

Bug#701997: unblock: iptables/1.4.14-3.1 (tpu)

[Julien Cristau]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi,

I've prepared an iptables NMU for tpu.  Source and binary (for
iptables.deb) debdiff follow.  It would probably make sense to binNMU
iproute and xtables-addons-common once this is in.

Cheers,
Julien

diff -Nru iptables-1.4.14/debian/changelog iptables-1.4.14/debian/changelog
--- iptables-1.4.14/debian/changelog2012-07-28 18:04:24.0 +0200
+++ iptables-1.4.14/debian/changelog2013-03-01 14:50:46.0 +0100
@@ -1,3 +1,16 @@
+iptables (1.4.14-3.1) wheezy; urgency=low
+
+  [ Jonathan Nieder ]
+  * Non-maintainer upload.
+  * Add Breaks against iproute and xtables-addons-common versions
+that relied on libxtables4. Closes: #691180
+
+  [ Julien Cristau ]
+  * Have iptables provide libxtables7, and tell dh_makeshlibs to include that
+in generated dependencies.
+
+ -- Julien Cristau jcris...@debian.org  Fri, 01 Mar 2013 14:50:39 +0100
+
 iptables (1.4.14-3) unstable; urgency=low
 
   * Fixes iptables comment output error reported by Christoph Anton
diff -Nru iptables-1.4.14/debian/control iptables-1.4.14/debian/control
--- iptables-1.4.14/debian/control  2011-12-31 19:51:31.0 +0100
+++ iptables-1.4.14/debian/control  2013-03-01 14:47:00.0 +0100
@@ -9,6 +9,8 @@
 Package: iptables
 Architecture: any
 Depends: ${misc:Depends}, ${shlibs:Depends}
+Provides: libxtables7
+Breaks: iproute ( 20120521-3), xtables-addons-common ( 1.42-2)
 Description: administration tools for packet filtering and NAT
  These are the user-space administration tools for the Linux
  kernel's netfilter and iptables. netfilter and iptables provide
diff -Nru iptables-1.4.14/debian/rules iptables-1.4.14/debian/rules
--- iptables-1.4.14/debian/rules2012-04-22 15:49:25.0 +0200
+++ iptables-1.4.14/debian/rules2013-03-01 14:49:33.0 +0100
@@ -13,6 +13,9 @@
 binary: binary-arch binary-indep
 binary-arch binary-indep: install
 
+override_dh_makeshlibs:
+   dh_makeshlibs -V'iptables, libxtables7'
+
 override_dh_shlibdeps:
dh_shlibdeps $(_shlibdeps)
 

File lists identical (after any substitutions)

Control files: lines which differ (wdiff format)

{+Breaks: iproute ( 20120521-3), xtables-addons-common ( 1.42-2)+}
Installed-Size: [-1336-] {+1396+}
{+Provides: libxtables7+}
Version: [-1.4.14-3-] {+1.4.14-3.1+}

No differences were encountered between the postinst files

No differences were encountered between the postrm files

Shlibs files: lines which differ (wdiff format)
---
[-libip4tc 0 iptables-]libip6tc 0 [-iptables-]
[-libipq 0 iptables-]
[-libiptc 0 iptables-] {+iptables, libxtables7+}
libxtables 7 [-iptables-] {+iptables, libxtables7+}
{+libiptc 0 iptables, libxtables7+}
{+libip4tc 0 iptables, libxtables7+}
{+libipq 0 iptables, libxtables7+}


signature.asc
Description: Digital signature

Bug#702001: unblock: opendnssec/1:1.3.9-5

[Ondřej Surý]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package opendnssec

Hi,

I have split the doxygen generated documentation to separate package
named opendnssec-doc, which is arch-indep, so it doesn't get built on
buildds.  This is a workaround for failing doxygen on kfreebsd-i386
(#701832), e.g. you can set it wheezy-ignore.  This has also the
advantage that the size of binary packages has dropped by one
magnitude, since the doxygen documentation is 52M unpacked.  I should
have noticed this earlier :(.

This debian release also fixes a small problem when configure didn't
know about pkill from procps and thus some reload commands didn't work
properly (#701703).  While not critical, this is an annoying bug with
very small fix.

Debdiff attached.

$ diffstat opendnssec_1.3.9-5.debdiff
 changelog   |   12 
 control |   24 
 libhsm-bin.install  |1 -
 opendnssec-auditor.install  |1 -
 opendnssec-doc.dirs |4 
 opendnssec-doc.install  |4 
 opendnssec-enforcer.install |1 -
 opendnssec-signer.install   |1 -
 rules   |   12 +++-
 9 files changed, 47 insertions(+), 13 deletions(-)

unblock opendnssec/1:1.3.9-5

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru opendnssec-1.3.9/debian/changelog opendnssec-1.3.9/debian/changelog
--- opendnssec-1.3.9/debian/changelog	2013-01-15 10:30:29.0 +0100
+++ opendnssec-1.3.9/debian/changelog	2013-03-01 15:37:48.0 +0100
@@ -1,3 +1,15 @@
+opendnssec (1:1.3.9-5) unstable; urgency=low
+
+  * Add procps to build dependencies, so ods-ksmutil can HUP enforcer
+(Closes: #701703)
+  * Create arch:all new opendnssec-doc package and move the doxygen
+documentation there
+  * Split dh_auto_build to arch and indep, so doxygen documentation is
+built only once
+  * Run dh_installdoc on opendnssec-doc too, so it gets it's own copyright
+
+ -- Ondřej Surý ond...@debian.org  Fri, 01 Mar 2013 14:52:33 +0100
+
 opendnssec (1:1.3.9-4) unstable; urgency=low
 
   * Move the information about dropping the foreign key to README.Debian
diff -Nru opendnssec-1.3.9/debian/control opendnssec-1.3.9/debian/control
--- opendnssec-1.3.9/debian/control	2013-01-15 10:30:29.0 +0100
+++ opendnssec-1.3.9/debian/control	2013-03-01 15:37:48.0 +0100
@@ -24,9 +24,10 @@
 	   libldns-dev (= 1.6.12~),
 	   libcunit1-dev,
 	   opensc,
-	   rdoc,
-	   graphviz,
-	   doxygen
+	   procps
+Build-Depends-Indep: rdoc,
+	   	 graphviz,
+	   	 doxygen
 Standards-Version: 3.9.2
 Homepage: http://www.opendnssec.org/
 Vcs-Browser: http://git.debian.org/?p=pkg-nlnetlabs/opendnssec.git
@@ -75,6 +76,7 @@
 Depends: ${misc:Depends},
 	 opendnssec-enforcer-sqlite3 | opendnssec-enforcer,
 	 opendnssec-signer,
+	 opendnssec-doc,
 	 libhsm-bin
 Recommends: opendnssec-auditor
 Suggests: softhsm
@@ -86,11 +88,25 @@
  .
  This meta-package depends on the standard distribution of OpenDNSSEC.
 
+Package: opendnssec-doc
+Section: misc
+Architecture: all
+Depends: ${misc:Depends}
+Suggests: opendnssec, softhsm
+Description: documentation for OpenDNSSEC suite
+ OpenDNSSEC is a complete DNSSEC zone signing system which is very
+ easy to use with stability and security in mind.  There are a lot of
+ details in signing zone files with DNSSEC and OpenDNSSEC covers most
+ of it.
+ .
+ This package contains doxygen documentation for OpenDNSSEC.
+
 Package: opendnssec-enforcer
 Section: admin
 Architecture: all
 Depends: ${misc:Depends},
-	 opendnssec-enforcer-backend
+	 opendnssec-enforcer-backend,
+	 procps
 Recommends: opendnssec-signer, opendnssec-auditor
 Suggests: opendnssec, softhsm
 Description: tool to prepare DNSSEC keys (common package)
diff -Nru opendnssec-1.3.9/debian/libhsm-bin.install opendnssec-1.3.9/debian/libhsm-bin.install
--- opendnssec-1.3.9/debian/libhsm-bin.install	2013-01-15 10:30:29.0 +0100
+++ opendnssec-1.3.9/debian/libhsm-bin.install	2013-03-01 15:37:48.0 +0100
@@ -1,3 +1,2 @@
 usr/bin/ods-hsm*
 usr/share/man/man1/ods-hsm*
-build-sqlite3/libhsm/doxygen-doc/html /usr/share/doc/libhsm-bin/
diff -Nru opendnssec-1.3.9/debian/opendnssec-auditor.install opendnssec-1.3.9/debian/opendnssec-auditor.install
--- opendnssec-1.3.9/debian/opendnssec-auditor.install	2013-01-15 10:30:29.0 +0100
+++ opendnssec-1.3.9/debian/opendnssec-auditor.install	2013-03-01 15:37:48.0 +0100
@@ -4,4 +4,3 @@
 usr/lib/opendnssec/kasp_auditor/
 usr/share/man/man1/ods-auditor.1
 usr/share/man/man1/ods-kaspcheck.1
-build-sqlite3/auditor/doc/* /usr/share/doc/opendnssec-auditor/html/
diff -Nru 

Bug#701178: preapproval unblock: dspam/dspam/3.10.1+dfsg-9

[Thomas Preud'homme]

Le vendredi 1 mars 2013 14:00:07, Julien Cristau a écrit :
 Actually...
 

 
 Seems like ATX-recipient now points somewhere on the stack, and thus in
 la-la-land at the end of the loop in process_users.  Is there any
 guarantee it's not reused after that?  The scoping is kind of
 non-obvious...

Indeed, it's not obvious. So ATX-recipient points to one of 3 buffers:

* args[1024] in deliver_message()
* recipient[256] in the main while loop of process_users()
* mailbox[256] in process_users()

I've checked all the place where recipient is used (grep -ERIn recipient | 
grep ^src) and it's used only in 5 functions:

client_connect(), deliver_socket(), process_message(), deliver_message() and 
process_users().

deliver_socket(), process_message and deliver_message() are called directly or 
indirectly by process_users().

client_connect() can be called by deliver_socket() (and thus indirectly by 
process_users()) but also by the main() of dspam.c or the main() of dspamc.c 
in which case recipient is not set and should be NULL.

So when recipient points to recipient[256] or mailbox[256] there is no problem 
as the buffer is still in the scope.

For args[1024], I'm not 100% sure because that would require to follow all the 
use of ATX but looking at the code of deliver_message it's used to do some 
temporary transformation on the text which is used later in the function.

Hence ATX-recipient always points to a valid buffer (not overwritten on the 
stack by returing and then calling another function). Attached are my notes in 
case you want to take a look.

 
 Cheers,
 Julien

Best regards,

Thomas
client_connect()   src/client.c:318:if (ATX-recipient  
ATX-recipient[0]) {
client_connect()   src/client.c:319:  char *domain = strchr(ATX-recipient, 
'@');
client_connect()   src/client.c:322:char 
lcdomain[strlen(ATX-recipient)];
deliver_socket()   src/client.c:844:  snprintf(buf, sizeof(buf), RCPT 
TO:%s, (ATX-recipient) ? ATX-recipient : );
process_message()  src/dspam.c:503:strlcpy(ATX-recipient, 
CTX-username, 256);
deliver_message()  src/dspam.c:925:strlcpy(args, ATX-recipient, 
sizeof(args));
deliver_message()  src/dspam.c:937:arg=index(ATX-recipient, '@');
deliver_message()  src/dspam.c:940:ATX-recipient=args;
deliver_message()  src/dspam.c:998:  if (ATX-recipient)
deliver_message()  src/dspam.c:999:strlcpy(a, ATX-recipient, 
sizeof(a));
process_users()src/dspam.c:1625:char recipient[256];
process_users()src/dspam.c:1664:  strlcpy(recipient, node_rcpt-ptr, 
sizeof(recipient));
process_users()src/dspam.c:1672:  strlcpy(recipient, node_nt-ptr, 
sizeof(recipient));
process_users()src/dspam.c:1674:ATX-recipient = recipient;
process_users()src/dspam.c:1684:  ATX-recipient = mailbox;


*** in src/daemon.c ***

process_connection() calls:
  process_users()


*** in src/dspamc.c ***

main() calls:
  client_process()


*** in src/client.c ***

client_process() calls:
  client_connect()

deliver_socket() calls:
  client_connect()


*** in src/dspam.c ***

main() calls (in src/dspam.c):
  process_users()
  client_process()

process_users() calls:
  process_message() 4 times
  deliver_message() 5 times

send_notice() calls:
  deliver_message()

deliver_message() calls:
  deliver_socket()

src/dspam.c:503 in process_users
src/dspam.c:940 in deliver_message
src/dspam.c:1674 in process_users
src/dspam.c:1684 in process_users

signature.asc
Description: This is a digitally signed message part.

Bug#701178: marked as done (preapproval unblock: dspam/dspam/3.10.1+dfsg-9)

[Debian Bug Tracking System]

Your message dated Fri, 1 Mar 2013 16:11:08 +0100
with message-id 20130301151108.gh5...@radis.cristau.org
and subject line Re: Bug#701178: preapproval unblock: dspam/dspam/3.10.1+dfsg-9
has caused the Debian Bug report #701178,
regarding preapproval unblock: dspam/dspam/3.10.1+dfsg-9
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
701178: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701178
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package dspam

[Sorry Jonathan for the duplicate]

Current dspam is affected by a corruption of message headers when
releasing from quarantine. This has for effect that mails are lost when
releasing from quarantine. A patch has been commited upstream but there
is some concern about buffer overflow. Hence, although the patch was
initially backported in sid, it was subsequently removed. See [1] for
the previous discussion.

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698701#32

Today I've been working on a patch to solve the problem without security
concern. The patch is not pretty, I know it, but it should do its job.

The patch makes sure recipient points to an area of size at least 256
bytes. It wasn't always the case initially. The list of place where
recipient pointer is set is:

% egrep -RIn recipient[^s]*= src 
src/dspam.c:503:ATX-recipient = CTX-username;
src/dspam.c:948:ATX-recipient=args;
src/dspam.c:1675:  ATX-recipient = node_rcpt-ptr;
src/dspam.c:1683:  ATX-recipient = node_nt-ptr;
src/dspam.c:1694:  ATX-recipient = mailbox;

mailbox and args are of respective size 256 and 1024 bytes.
node_rcpt-ptr and node_nt-ptr on the other hand are exactly the size
of the string. They are allocated when calling nt_add (which call
nt_node_create).

Thus, the approach is to copy node_rcpt-ptr and node_nt-ptr into an
array of size 256 as well and this size can be used to limit the strlcpy
when copying CTX-username to ATX-recipient. I don't like to hardcode
the size but didn't find anything better for now. I'll forward upstream
and let him find a long term solution.

See attached debdiff for details.

Would you agree for an upload of this new package to tpu with sufficient
testing in unstable before?

unblock dspam/dspam/3.10.1+dfsg-9

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'stable-updates'), (500, 'testing'), 
(500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru dspam-3.10.2+dfsg/debian/changelog dspam-3.10.2+dfsg/debian/changelog
--- dspam-3.10.2+dfsg/debian/changelog	2013-02-11 14:55:20.0 +0100
+++ dspam-3.10.2+dfsg/debian/changelog	2013-02-22 11:54:57.0 +0100
@@ -1,3 +1,10 @@
+dspam (3.10.2+dfsg-7) unstable; urgency=low
+
+  * Add a new version of the patch fixing recipient corruption when releasing
+a message from quarantine (Closes: #698136).
+
+ -- Thomas Preud'homme robo...@debian.org  Fri, 22 Feb 2013 11:28:17 +0100
+
 dspam (3.10.2+dfsg-6) unstable; urgency=low
 
   * Drop patch fixing recipient corruption when releasing a message from
diff -Nru dspam-3.10.2+dfsg/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff dspam-3.10.2+dfsg/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff
--- dspam-3.10.2+dfsg/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff	1970-01-01 01:00:00.0 +0100
+++ dspam-3.10.2+dfsg/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff	2013-02-22 11:54:57.0 +0100
@@ -0,0 +1,53 @@
+Description: Fix recipient corruption when releasing a message from quarantine
+
+When releasing mail from quarantine, dspam corrupts the FROM part in the
+SMTP/LMTP handshake.
+
+Author: Allan Ievers aimail-dspam_us...@rearden.com
+Origin: vendor
+Bug-Debian: http://bugs.debian.org/698136
+Forwarded: no
+Last-Update: 2013-01-14
+
+--- a/src/dspam.c
 b/src/dspam.c
+@@ -499,8 +499,9 @@ process_message (
+ ATX-train_pristine = 1;
+ }
+ 
+-/* Change also the mail recipient */
+-ATX-recipient = CTX-username;
++/* Change also the mail recipient. ATX-recipient either points to
++	 * recipient[] or mailbox[] in 

Bug#701997: unblock: iptables/1.4.14-3.1 (tpu)

[Adam D. Barratt]

Control: tags -1 + confirmed

On 01.03.2013 14:02, Julien Cristau wrote:

I've prepared an iptables NMU for tpu.  Source and binary (for
iptables.deb) debdiff follow.


Please go ahead; thanks.


It would probably make sense to binNMU
iproute and xtables-addons-common once this is in.


Ack. iproute's currently in sync so will need a +b2 in sid first 
(unless I'm missing something on a Friday afternoon).


Regards,

Adam


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/1cfe1e734238687f17814ac99b66c...@mail.adsl.funky-badger.org

Processed: Re: Bug#701997: unblock: iptables/1.4.14-3.1 (tpu)

[Debian Bug Tracking System]

Processing control commands:

 tags -1 + confirmed
Bug #701997 [release.debian.org] unblock: iptables/1.4.14-3.1 (tpu)
Added tag(s) confirmed.

-- 
701997: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701997
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.b701997.13621541415690.transcr...@bugs.debian.org

Bug#701997: marked as done (unblock: iptables/1.4.14-3.1 (tpu))

[Debian Bug Tracking System]

Your message dated Fri, 01 Mar 2013 16:51:19 +
with message-id 1328150074604f053e610af020222...@mail.adsl.funky-badger.org
and subject line Re: Bug#701997: unblock: iptables/1.4.14-3.1 (tpu)
has caused the Debian Bug report #701997,
regarding unblock: iptables/1.4.14-3.1 (tpu)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
701997: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701997
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi,

I've prepared an iptables NMU for tpu.  Source and binary (for
iptables.deb) debdiff follow.  It would probably make sense to binNMU
iproute and xtables-addons-common once this is in.

Cheers,
Julien

diff -Nru iptables-1.4.14/debian/changelog iptables-1.4.14/debian/changelog
--- iptables-1.4.14/debian/changelog2012-07-28 18:04:24.0 +0200
+++ iptables-1.4.14/debian/changelog2013-03-01 14:50:46.0 +0100
@@ -1,3 +1,16 @@
+iptables (1.4.14-3.1) wheezy; urgency=low
+
+  [ Jonathan Nieder ]
+  * Non-maintainer upload.
+  * Add Breaks against iproute and xtables-addons-common versions
+that relied on libxtables4. Closes: #691180
+
+  [ Julien Cristau ]
+  * Have iptables provide libxtables7, and tell dh_makeshlibs to include that
+in generated dependencies.
+
+ -- Julien Cristau jcris...@debian.org  Fri, 01 Mar 2013 14:50:39 +0100
+
 iptables (1.4.14-3) unstable; urgency=low
 
   * Fixes iptables comment output error reported by Christoph Anton
diff -Nru iptables-1.4.14/debian/control iptables-1.4.14/debian/control
--- iptables-1.4.14/debian/control  2011-12-31 19:51:31.0 +0100
+++ iptables-1.4.14/debian/control  2013-03-01 14:47:00.0 +0100
@@ -9,6 +9,8 @@
 Package: iptables
 Architecture: any
 Depends: ${misc:Depends}, ${shlibs:Depends}
+Provides: libxtables7
+Breaks: iproute ( 20120521-3), xtables-addons-common ( 1.42-2)
 Description: administration tools for packet filtering and NAT
  These are the user-space administration tools for the Linux
  kernel's netfilter and iptables. netfilter and iptables provide
diff -Nru iptables-1.4.14/debian/rules iptables-1.4.14/debian/rules
--- iptables-1.4.14/debian/rules2012-04-22 15:49:25.0 +0200
+++ iptables-1.4.14/debian/rules2013-03-01 14:49:33.0 +0100
@@ -13,6 +13,9 @@
 binary: binary-arch binary-indep
 binary-arch binary-indep: install
 
+override_dh_makeshlibs:
+   dh_makeshlibs -V'iptables, libxtables7'
+
 override_dh_shlibdeps:
dh_shlibdeps $(_shlibdeps)
 

File lists identical (after any substitutions)

Control files: lines which differ (wdiff format)

{+Breaks: iproute ( 20120521-3), xtables-addons-common ( 1.42-2)+}
Installed-Size: [-1336-] {+1396+}
{+Provides: libxtables7+}
Version: [-1.4.14-3-] {+1.4.14-3.1+}

No differences were encountered between the postinst files

No differences were encountered between the postrm files

Shlibs files: lines which differ (wdiff format)
---
[-libip4tc 0 iptables-]libip6tc 0 [-iptables-]
[-libipq 0 iptables-]
[-libiptc 0 iptables-] {+iptables, libxtables7+}
libxtables 7 [-iptables-] {+iptables, libxtables7+}
{+libiptc 0 iptables, libxtables7+}
{+libip4tc 0 iptables, libxtables7+}
{+libipq 0 iptables, libxtables7+}


signature.asc
Description: Digital signature
---End Message---
---BeginMessage---

On 01.03.2013 16:08, Adam D. Barratt wrote:

On 01.03.2013 14:02, Julien Cristau wrote:

I've prepared an iptables NMU for tpu.  Source and binary (for
iptables.deb) debdiff follow.


Please go ahead; thanks.


and unblocked.


It would probably make sense to binNMU
iproute and xtables-addons-common once this is in.


Ack. iproute's currently in sync so will need a +b2 in sid first
(unless I'm missing something on a Friday afternoon).


Scheduled iproute +b2 in sid. I'll look at the tpu binNMUs later.

Regards,

Adam---End Message---

Bug#702012: unblock: nova/2012.1.1-14

[Moritz Muehlenhoff]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock nova 2012.1.1-14. It fixes CVE-2013-0335

Cheers,
Moritz

unblock nova/2012.1.1-14

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/20130301165322.5726.75771.reportbug@pisco.westfalen.local

Bug#702013: unblock: chromium-browser/25.0.1364.97-1

[Moritz Muehlenhoff]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock chromium-browser 25.0.1364.97-1. It fixes many security issues
and will be updated to the current upstream release during Wheezy release cycle
as well.

Cheers,
Moritz

unblock chromium-browser/25.0.1364.97-1

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/20130301165610.6103.69641.reportbug@pisco.westfalen.local

Dropping owncloud from Wheezy?

[Moritz Mühlenhoff]

I'm skeptical that owncloud should be shipped in Wheezy. It has
frequent security issues and the initial maintainers appear to 
be inactive, all updates after October have been NMUs...



-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/slrnkj1n9j.5o3@inutil.org

Bug#702012: unblock: nova/2012.1.1-14

[Salvatore Bonaccorso]

Hi Release Team

On Fri, Mar 01, 2013 at 05:53:22PM +0100, Moritz Muehlenhoff wrote:
 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: unblock
 
 Please unblock nova 2012.1.1-14. It fixes CVE-2013-0335

Only a small addition to this: the -14 also included a patch rename
due to a confusion in CVE asignments, thus the a bit bigger debdiff.

CVE-2013-0280_Information-leak-and-Denial-of-Service-using-XML-entities.patch

was renamed to

CVE-2013-1664_CVE-2013-1665_Information-leak-and-Denial-of-Service-using-XML-entities.patch

(and changelogs updated accordingly by the maintainer Thomas). See
#700949[1].

 [1]: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700949#20

Regards,
Salvatore


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130301170748.GA21708@elende

Bug#702012: marked as done (unblock: nova/2012.1.1-14)

[Debian Bug Tracking System]

Your message dated Fri, 1 Mar 2013 18:09:28 +0100
with message-id 20130301170928.gi5...@radis.cristau.org
and subject line Re: Bug#702012: unblock: nova/2012.1.1-14
has caused the Debian Bug report #702012,
regarding unblock: nova/2012.1.1-14
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
702012: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702012
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock nova 2012.1.1-14. It fixes CVE-2013-0335

Cheers,
Moritz

unblock nova/2012.1.1-14

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
---End Message---
---BeginMessage---
On Fri, Mar  1, 2013 at 17:53:22 +0100, Moritz Muehlenhoff wrote:

 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: unblock
 
 Please unblock nova 2012.1.1-14. It fixes CVE-2013-0335
 
Done.

Cheers,
Julien


signature.asc
Description: Digital signature
---End Message---

Bug#702013: marked as done (unblock: chromium-browser/25.0.1364.97-1)

[Debian Bug Tracking System]

Your message dated Fri, 1 Mar 2013 18:09:58 +0100
with message-id 20130301170958.gj5...@radis.cristau.org
and subject line Re: Bug#702013: unblock: chromium-browser/25.0.1364.97-1
has caused the Debian Bug report #702013,
regarding unblock: chromium-browser/25.0.1364.97-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
702013: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702013
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock chromium-browser 25.0.1364.97-1. It fixes many security issues
and will be updated to the current upstream release during Wheezy release cycle
as well.

Cheers,
Moritz

unblock chromium-browser/25.0.1364.97-1

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
---End Message---
---BeginMessage---
On Fri, Mar  1, 2013 at 17:56:10 +0100, Moritz Muehlenhoff wrote:

 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: unblock
 
 Please unblock chromium-browser 25.0.1364.97-1. It fixes many security issues
 and will be updated to the current upstream release during Wheezy release 
 cycle
 as well.
 
Done.

Cheers,
Julien


signature.asc
Description: Digital signature
---End Message---

Processed (with 5 errors): Re: Bug#701708: unblock: im-config/0.21

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 tags 701708 - moreinfo
Bug #701708 [release.debian.org] unblock: im-config/0.21
Removed tag(s) moreinfo.
 thanks,
Unknown command or malformed arguments to command.
 I forgot to upload... sorry.
Unknown command or malformed arguments to command.
 NOW im-config_0.21_amd64.changes ACCEPTED into unstable
Unknown command or malformed arguments to command.
 On Wed, Feb 27, 2013 at 01:15:45PM +, Adam D. Barratt wrote:
Unknown command or malformed arguments to command.
  Control: tags -1 + moreinfo
Unknown command or malformed arguments to command.
Too many unknown commands, stopping here.

Please contact me if you need assistance.
-- 
701708: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701708
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.136216090626279.transcr...@bugs.debian.org

Bug#701708: unblock: im-config/0.21

[Osamu Aoki]

tags 701708 - moreinfo
thanks,

I forgot to upload... sorry.

NOW im-config_0.21_amd64.changes ACCEPTED into unstable

On Wed, Feb 27, 2013 at 01:15:45PM +, Adam D. Barratt wrote:
 Control: tags -1 + moreinfo
 
 On 26.02.2013 14:26, Osamu Aoki wrote:
 im-config (0.21) unstable; urgency=low
 
   * Disable im-switch hook script if im-switch package is removed
 and im-config is installed.  Closes: #701224
 
  -- Osamu Aoki os...@debian.org  Tue, 26 Feb 2013 23:04:39 +0900
 
 This appears not to be in the archive?

Yes.


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130301180119.GB5229@goofy.localdomain

Bug#701708: marked as done (unblock: im-config/0.21)

[Debian Bug Tracking System]

Your message dated Fri, 01 Mar 2013 18:56:51 +
with message-id 1362164211.11072.2.ca...@jacala.jungle.funky-badger.org
and subject line Re: Bug#701708: unblock: im-config/0.21
has caused the Debian Bug report #701708,
regarding unblock: im-config/0.21
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
701708: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701708
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package im-config

Thank you for approving testing migration of im-switch 1.23 before my
unblock request.  This unblock request of im-config is addressing the
same serious bug as #701181.  I have raised severity of this #701224 bud
to serious, too.
   http://bugs.debian.org/701181 (im-switch)
   http://bugs.debian.org/701224 (im-config)

This bug fix is basically backporting of Ubuntu bug fix.  Kudos to
Ubuntu developer Gunnar Hjalmarsson .
   Ubuntu bug https://launchpad.net/bugs/1101836

im-config (0.21) unstable; urgency=low

  * Disable im-switch hook script if im-switch package is removed
and im-config is installed.  Closes: #701224

 -- Osamu Aoki os...@debian.org  Tue, 26 Feb 2013 23:04:39 +0900

This modification should not have negative side effects even if user
wish to go back to im-switch after installing im-config.  (Of course, we
wncourage people to migrate to im-config.)

debdiff attached.

unblock im-config/0.21

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (10, 'unstable'), (9, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.7-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru im-config-0.20/debian/changelog im-config-0.21/debian/changelog
--- im-config-0.20/debian/changelog	2012-12-15 11:25:30.0 +0900
+++ im-config-0.21/debian/changelog	2013-02-26 23:04:45.0 +0900
@@ -1,3 +1,10 @@
+im-config (0.21) unstable; urgency=low
+
+  * Disable im-switch hook script if im-switch package is removed
+and im-config is installed.  Closes: #701224
+
+ -- Osamu Aoki os...@debian.org  Tue, 26 Feb 2013 23:04:39 +0900
+
 im-config (0.20) unstable; urgency=low
 
   * Fix regression on uim for #683950 caused by the 0.19~pre1 fixing
diff -Nru im-config-0.20/debian/postinst im-config-0.21/debian/postinst
--- im-config-0.20/debian/postinst	2012-11-27 23:15:17.0 +0900
+++ im-config-0.21/debian/postinst	2013-02-26 23:13:00.0 +0900
@@ -7,6 +7,7 @@
 # version just before wheezy release
 # acb685ae9264be3fc1800f98a70b12bb  80im-switch 1.14
 # 044a2f13aa8382902dc8f47dc7da7064  80im-switch 1.16 (oldstable) - 1.22 (unstable)
+# 5b34831bb3c203ced71b7efb6da4609e  80im-switch 1.23 (testing/unstable)
 
 # 4045a8eeb0e9226cdd9f8a121ccf4c04  80im-config_launch 0.3 (stable initial)
 # 8a4829f935b5561ca6e61bec6eb3893f  80im-config_launch 0.3+squeeze1 (stable), 0.4
@@ -16,15 +17,19 @@
 case $1 in
 configure)
 IM_SWITCH_HOOK=/etc/X11/Xsession.d/80im-switch
+IM_SWITCH_DISABLE_CODE='[ -x /usr/bin/im-switch ] || return 0'
 if [ -f $IM_SWITCH_HOOK ]; then
 IM_SWITCH_HOOK_MD5SUM=$(md5sum  $IM_SWITCH_HOOK|cut -d ' ' -f 1)
 case $IM_SWITCH_HOOK_MD5SUM in
-acb685ae9264be3fc1800f98a70b12bb|044a2f13aa8382902dc8f47dc7da7064)
+acb685ae9264be3fc1800f98a70b12bb|044a2f13aa8382902dc8f47dc7da7064|5b34831bb3c203ced71b7efb6da4609e)
 rm -f $IM_SWITCH_HOOK
 ;;
 
 *)
-echo ERROR: Unknown hook file exists: $IM_SWITCH_HOOK. 2
+if [ $( head -1 $IM_SWITCH_HOOK ) != $IM_SWITCH_DISABLE_CODE ];then
+echo Migrating from im-switch to im-config. Disabling: $IM_SWITCH_HOOK. 2
+sed -i 1 i $IM_SWITCH_DISABLE_CODE $IM_SWITCH_HOOK
+fi
 ;;
 esac
 fi
---End Message---
---BeginMessage---
On Sat, 2013-03-02 at 03:01 +0900, Osamu Aoki wrote:
 I forgot to upload... sorry.
 
 NOW im-config_0.21_amd64.changes ACCEPTED into unstable

Unblocked.

Regards,

Adam---End Message---

Re: Dropping owncloud from Wheezy?

[David Prévot]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi,

Le 01/03/2013 12:54, Moritz Mühlenhoff a écrit :
 I'm skeptical that owncloud should be shipped in Wheezy. It has
 frequent security issues and the initial maintainers appear to 
 be inactive, all updates after October have been NMUs...

Including owncloud maintainers to the loop in hope this wake up call
from the security team could lead to some visible activity, or if
previous NMUers would be happy to join the team, if such a team could be
set up, or whatever positive sign in that regard.

Regards

David

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJRMP24AAoJELgqIXr9/gnyHQ8QAKLYzLPgJnNWkPU1Z+nvXu79
DZyWd+3FgE+LdCw0TNoisEPF929k8vSDjPX5cKBi1JIA4tjH/y+eSgZrOceM9Tsu
2pvqS3NXVbUb5bbepfuTPAaeMdDrCoZgPeVDeMrrcyDjCQfGdZ4Eb9eqFr8F6yKB
ZfBW4i8dc067d1nr5KUfiW/A6R0evrXGhwC7btTSKjErwsLZQhRifagqbmuDeMwK
fQ751xEo7FX6RXCzkuUuMQmHf5+SsOdHjjMKh5P62OJKao+UqejYTxFk6jCoTOOJ
LR9IFXiGMps9+dqPROjeYEZwJXBPXXOtMyNapgXng+6H22UWXe7UPY1bKm5hZZWq
iZ9HNuIdjRN8xnt4/xG2clotLg7QWUk0qaHDjf5+7EiXfXDa9PpaZlshv93gVfKW
xMjysqsJP8K5sP5+9Ul8GMApEf9fdpqQ7xURE1T4MCTdQN59q+7QDAizWpTEtL/1
RFoevU0WVNO7883th/lr1Tga1o37sC5jaXS7Wn3bTXZ3OPlnR/x2x6fjmwrcU7Xv
Hr8bwwSVkneApBebeUasCbkBFhDZeNmHD2NaP3QXdLvqTtNFfeSJRcJVIMk5JPev
MDwVhAgaBrrA7w0W8LqZlXz9tVGfCpSZYScEGxM4qsgWlxhsrUAFJeOl0TMpt0zW
cERKI8ucHqc1mMF4pOfj
=nKXY
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/5130fdb9.2070...@debian.org

Bug#700796: unblock: live-boot/3.0.1-1

[Adam D. Barratt]

Control: tags -1 + moreinfo

On Sun, 2013-02-17 at 12:09 -0400, Ben Armstrong wrote:
 Please unblock package live-boot
 
 The version in wheezy was at alpha stage of development. We have, at
 long last, a final release which is the only supportable version for the
 lifetime of wheezy.

+live-boot (3.0~b1-1) unstable; urgency=low
[...]
+  [ Daniel Baumann ]
+  * Removing live-new-uuid, a rewritten one goes to live-tools.

That would be the script which just got removed from live-tools and is
now in neither package? Is that an issue?

+   case ${LIVE_DEBUG} in
+   true)
+   ;;
+
+   *)
+   return 0
+   ;;
+   esac

I assume this is in the name of consistency, but wouldn't

  if [ ${LIVE_DEBUG} != true ]
  then
return 0
  fi

be simpler?

--- live-boot.orig/scripts/boot/FIXME   1970-01-01 01:00:00.0 +0100
+++ live-boot/scripts/boot/FIXME2013-02-15 09:38:12.509340516 +0100
[...]
+Unfortunately, from a developers point of view, we could no

s/no/t/

Regards,

Adam


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/1362167158.11072.13.ca...@jacala.jungle.funky-badger.org

Processed: Re: Bug#700796: unblock: live-boot/3.0.1-1

[Debian Bug Tracking System]

Processing control commands:

 tags -1 + moreinfo
Bug #700796 [release.debian.org] unblock: live-boot/3.0.1-1
Added tag(s) moreinfo.

-- 
700796: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700796
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.b700796.13621671679541.transcr...@bugs.debian.org

Bug#700797: marked as done (unblock: live-config/3.0.21-1)

[Daniel Baumann]

On 03/01/2013 08:24 PM, Debian Bug Tracking System wrote:
 is there particular logic behind the changes

case is faster.

-- 
Address:Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email:  daniel.baum...@progress-technologies.net
Internet:   http://people.progress-technologies.net/~daniel.baumann/


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/5131061a.8040...@progress-technologies.net

Bug#700796: unblock: live-boot/3.0.1-1

[Daniel Baumann]

On 03/01/2013 08:45 PM, Adam D. Barratt wrote:
 That would be the script which just got removed from live-tools and is
 now in neither package? Is that an issue?

no.

-- 
Address:Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email:  daniel.baum...@progress-technologies.net
Internet:   http://people.progress-technologies.net/~daniel.baumann/


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/51310696.9040...@progress-technologies.net

Re: [Pkg-owncloud-maintainers] Dropping owncloud from Wheezy?

[Thomas Müller]

Am Freitag, dem 01.03.2013 um 20:12 schrieb David Prévot:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA256
 
 Hi,
 
 Le 01/03/2013 12:54, Moritz Mühlenhoff a écrit :
  I'm skeptical that owncloud should be shipped in Wheezy. It has
  frequent security issues and the initial maintainers appear to 
  be inactive, all updates after October have been NMUs...
 
 Including owncloud maintainers to the loop in hope this wake up call
 from the security team could lead to some visible activity, or if
 previous NMUers would be happy to join the team, if such a team could be
 set up, or whatever positive sign in that regard.


Talking to you with the hat of an ownCloud core developer on my head:
We will release OC5 in 2-3 weeks which will lead to 3 stable version to be 
maintained:
4.0.x, 4.5.x and 5.0.x which is a tough job. I would not be surprised if 4.0.x 
will be 
dropped within 2013 and then maintenance will be a pure nightmare.

Talking to you with the hat of an almost inactive package maintainer:
Sorry for the inactivity - sometimes it's simply too much!
Any other debain devs and maintainers are welcome to join our team and keep the 
package alive!
Paul and myself spend many nighty in April 2012 to get ownCloud into Wheezy 
before the freeze.
It really would be sad to see it being dropped! :-(

Take care,

Tom
 
 Regards
 
 David
 
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQIcBAEBCAAGBQJRMP24AAoJELgqIXr9/gnyHQ8QAKLYzLPgJnNWkPU1Z+nvXu79
 DZyWd+3FgE+LdCw0TNoisEPF929k8vSDjPX5cKBi1JIA4tjH/y+eSgZrOceM9Tsu
 2pvqS3NXVbUb5bbepfuTPAaeMdDrCoZgPeVDeMrrcyDjCQfGdZ4Eb9eqFr8F6yKB
 ZfBW4i8dc067d1nr5KUfiW/A6R0evrXGhwC7btTSKjErwsLZQhRifagqbmuDeMwK
 fQ751xEo7FX6RXCzkuUuMQmHf5+SsOdHjjMKh5P62OJKao+UqejYTxFk6jCoTOOJ
 LR9IFXiGMps9+dqPROjeYEZwJXBPXXOtMyNapgXng+6H22UWXe7UPY1bKm5hZZWq
 iZ9HNuIdjRN8xnt4/xG2clotLg7QWUk0qaHDjf5+7EiXfXDa9PpaZlshv93gVfKW
 xMjysqsJP8K5sP5+9Ul8GMApEf9fdpqQ7xURE1T4MCTdQN59q+7QDAizWpTEtL/1
 RFoevU0WVNO7883th/lr1Tga1o37sC5jaXS7Wn3bTXZ3OPlnR/x2x6fjmwrcU7Xv
 Hr8bwwSVkneApBebeUasCbkBFhDZeNmHD2NaP3QXdLvqTtNFfeSJRcJVIMk5JPev
 MDwVhAgaBrrA7w0W8LqZlXz9tVGfCpSZYScEGxM4qsgWlxhsrUAFJeOl0TMpt0zW
 cERKI8ucHqc1mMF4pOfj
 =nKXY
 -END PGP SIGNATURE-
 
 ___
 Pkg-owncloud-maintainers mailing list
 pkg-owncloud-maintain...@lists.alioth.debian.org
 http://lists.alioth.debian.org/mailman/listinfo/pkg-owncloud-maintainers


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/1362168372.51310a3460...@office.tmit.eu

Re: Fixing lucky 13 CVE-2013-0169 in gnutls28

[Julien Cristau]

On Sat, Feb 23, 2013 at 18:37:12 +0100, Andreas Metzler wrote:

 Find attached a proposed patch to build both guile-gnutls and
 gnutls-bin from gnutls26 instead of gnutls28 for wheezy. Would this be
 acceptable for an unstable upload targeted for testing? Afterwards
 gnutls28 could be pulled from wheezy.
 
Is there a particular reason we need to ship guile-gnutls?  It appears
to have 0 reverse dependency...

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#702034: RM: pbundler/0.0.4

[Christian Hofstaedtler]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm

Please remove pbundler/0.0.4 from testing, as upstream development
is likely to produce new versions that will be completely incompatible
with this early version. I think it's better to not ship this at this
time.

Thank you,
  -ch

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/20130301230612.29163.10376.report...@percival.namespace.at

Bug#702034: marked as done (RM: pbundler/0.0.4)

[Debian Bug Tracking System]

Your message dated Fri, 01 Mar 2013 23:17:22 +
with message-id 1362179842.11072.22.ca...@jacala.jungle.funky-badger.org
and subject line Re: Bug#702034: RM: pbundler/0.0.4
has caused the Debian Bug report #702034,
regarding RM: pbundler/0.0.4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
702034: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702034
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm

Please remove pbundler/0.0.4 from testing, as upstream development
is likely to produce new versions that will be completely incompatible
with this early version. I think it's better to not ship this at this
time.

Thank you,
  -ch

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
---End Message---
---BeginMessage---
On Sat, 2013-03-02 at 00:06 +0100, Christian Hofstaedtler wrote:
 Please remove pbundler/0.0.4 from testing, as upstream development
 is likely to produce new versions that will be completely incompatible
 with this early version. I think it's better to not ship this at this
 time.

Removal hint added.

Regards,

Adam---End Message---

Re: Dropping owncloud from Wheezy?

[Michael Gilbert]

On Fri, Mar 1, 2013 at 11:54 AM, Moritz Mühlenhoff wrote:
 I'm skeptical that owncloud should be shipped in Wheezy. It has
 frequent security issues and the initial maintainers appear to
 be inactive, all updates after October have been NMUs...

I agree.  Let's remove it until its demonstrably supportable security-wise.

Best wishes,
Mike


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mplhoiwh7p4rlttnbncz95xrs2ny_uhcjnugvciypd...@mail.gmail.com

Bug#702043: unblock: ntop/3:4.99.3+ndpi5517+dfsg3-1

[Ludovico Cavedon]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package ntop

The new version fixes 3 RC bugs:
- #700442: remove the code handling IP fragments. It was buggy and
  causing a security risk.
- #695424: removes an old incompatible license text
- #695422: disables openssl via compile-time flag (incompatible with
  the GPL libgdbm)

unblock ntop/3:4.99.3+ndpi5517+dfsg3-1

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru ntop-4.99.3+ndpi5517+dfsg2/debian/changelog 
ntop-4.99.3+ndpi5517+dfsg3/debian/changelog
--- ntop-4.99.3+ndpi5517+dfsg2/debian/changelog 2013-02-18 05:07:43.0 
-0800
+++ ntop-4.99.3+ndpi5517+dfsg3/debian/changelog 2013-02-28 23:30:23.0 
-0800
@@ -1,3 +1,12 @@
+ntop (3:4.99.3+ndpi5517+dfsg3-1) unstable; urgency=high
+
+  * Repackage source removing stale license notice from protocls.c
+(Closes: #695424).
+  * Remove IP fragment handling code (Closes: #700442).
+  * Disable OpenSSL (thanks to Giovanni Rapagnani, Closes: #695422).
+
+ -- Ludovico Cavedon cave...@debian.org  Thu, 28 Feb 2013 23:23:02 -0800
+
 ntop (3:4.99.3+ndpi5517+dfsg2-1) unstable; urgency=medium
 
   * Repackage upstream source replacing non-DFSG countmin code with the GPL
diff -Nru ntop-4.99.3+ndpi5517+dfsg2/debian/copyright 
ntop-4.99.3+ndpi5517+dfsg3/debian/copyright
--- ntop-4.99.3+ndpi5517+dfsg2/debian/copyright 2013-02-18 05:07:43.0 
-0800
+++ ntop-4.99.3+ndpi5517+dfsg3/debian/copyright 2013-02-28 23:30:23.0 
-0800
@@ -37,26 +37,6 @@
1991-1999, Free Software Foundation, Inc.
 License: GPL-2+
 
-Files: protocols.c
-Copyright: 2003-2010, Luca Deri d...@ntop.org
-   1994-1996, The Regents of the University of California
-License: GPL-2+ and BSD-4-clause
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that: (1) source code distributions
- retain the above copyright notice and this paragraph in its entirety, (2)
- distributions including binary code include the above copyright notice and
- this paragraph in its entirety in the documentation or other materials
- provided with the distribution, and (3) all advertising materials mentioning
- features or use of this software display the following acknowledgement:
- ``This product includes software developed by the University of California,
- Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
- the University nor the names of its contributors may be used to endorse
- or promote products derived from this software without specific prior
- written permission.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
- WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
-
 Files: countmin.h countmin.c prng.h prng.c
 Copyright: 2003-2004, 2010, 2012, G. Cormode
 License: GPL-2+
diff -Nru ntop-4.99.3+ndpi5517+dfsg2/debian/get-orig-source.sh 
ntop-4.99.3+ndpi5517+dfsg3/debian/get-orig-source.sh
--- ntop-4.99.3+ndpi5517+dfsg2/debian/get-orig-source.sh2013-02-18 
05:07:43.0 -0800
+++ ntop-4.99.3+ndpi5517+dfsg3/debian/get-orig-source.sh2013-02-28 
23:30:23.0 -0800
@@ -39,6 +39,13 @@
 wq
 EOF
 
+# remove old and incorrect license statement from protocols.c
+ed ntop-$UPSTREAM_DIR/protocols.c  /dev/null EOF
+/The Regents of the University of California.  All rights reserved.
+?/\*?,/\*\//d
+wq
+EOF
+
 mv ntop-$UPSTREAM_DIR ntop-$DEB_SOURCE_VERSION
 
 cd ntop-$DEB_SOURCE_VERSION
diff -Nru 
ntop-4.99.3+ndpi5517+dfsg2/debian/patches/remove-fragment-handling.patch 
ntop-4.99.3+ndpi5517+dfsg3/debian/patches/remove-fragment-handling.patch
--- ntop-4.99.3+ndpi5517+dfsg2/debian/patches/remove-fragment-handling.patch
1969-12-31 16:00:00.0 -0800
+++ ntop-4.99.3+ndpi5517+dfsg3/debian/patches/remove-fragment-handling.patch
2013-02-28 23:30:23.0 -0800
@@ -0,0 +1,473 @@
+Description: Remove IP fragment handling code
+Author: Ludovico Cavedon cave...@debian.org
+Origin: https://svn.ntop.org/svn/ntop/trunk/ntop, commit:5629
+Bug-Debian: http://bugs.debian.org/700442
+
+Index: ntop/initialize.c
+===
+--- ntop.orig/initialize.c 2012-11-30 00:34:29.909618091 -0800
 ntop/initialize.c  2013-02-24 23:10:11.543717767 -0800
+@@ -356,8 +356,6 @@
+   myGlobals.device[i].sessions = (IPSession**)calloc(sizeof(IPSession*), 
MAX_TOT_NUM_SESSIONS);
+ } else
+   myGlobals.device[i].sessions = NULL;
+-
+-myGlobals.device[i].fragmentList = NULL;
+   }
+ 
+   myGlobals.hashCollisionsLookup = 0;
+Index: ntop/ip.c