Bug#702733: marked as done (unblock: arduino-mk/0.8-5)

[Debian Bug Tracking System]

Your message dated Mon, 11 Mar 2013 09:30:26 +
with message-id ce211b8e0c01e8b487610475465c7...@hogwarts.powdarrmonkey.net
and subject line Re: Bug#702733: unblock: arduino-mk/0.8-5
has caused the Debian Bug report #702733,
regarding unblock: arduino-mk/0.8-5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
702733: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702733
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package arduino-mk

Uploads a fix for bug 699717. It was fixed in version 0.10 in experimental,
this debdiff brings it to unstable. Debdiff to follow. This will fix a problem
where users include their own libraries when using the makefile to compile and
upload to Arduino platforms.

unblock arduino-mk/0.8-5

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'unstable'), (700, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.1.0-1-486
---End Message---
---BeginMessage---

On 2013-03-10 20:53, Scott Howard wrote:

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package arduino-mk

Uploads a fix for bug 699717. It was fixed in version 0.10 in 
experimental,

this debdiff brings it to unstable. Debdiff to follow. This will fix
a problem
where users include their own libraries when using the makefile to
compile and
upload to Arduino platforms.

unblock arduino-mk/0.8-5


Unblocked, thanks.


--
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

directhex i have six years of solaris sysadmin experience, from
8-10. i am well qualified to say it is made from bonghits
layered on top of bonghits---End Message---

Bug#702771: unblock: sqlobject/0.12.4-2.2

[Neil Muller]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package sqlobject

sqlobject 0.12.4-2.2 fixes #695233, which prevents it from working
properly with the default postgres version in wheezy. Since sqlobject
is a database ORM, this is a reasonably serious regression from
squeeze, so it would be useful to have it fixed.

debdiff sqlobject_0.12.4-2.1.dsc sqlobject_0.12.4-2.2.dsc

diff -Nru sqlobject-0.12.4/debian/changelog sqlobject-0.12.4/debian/changelog
--- sqlobject-0.12.4/debian/changelog   2012-01-14 16:12:15.0 +0200
+++ sqlobject-0.12.4/debian/changelog   2013-02-11 13:03:52.0 +0200
@@ -1,3 +1,13 @@
+sqlobject (0.12.4-2.2) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fix SQLObject doesn't escape strings correctly for postgresql 9.1:
+new patch postgres_escape_0.12.4 backported from upstream (1.2.0).
+(Closes: #695233)
+
+ -- Neil Muller drnlmuller+deb...@gmail.com  Mon, 11 Feb 2013 13:03:04 +0200
+
+
 sqlobject (0.12.4-2.1) unstable; urgency=low
 
   * Non-maintainer upload.
diff -Nru sqlobject-0.12.4/debian/patches/postgres_escape_0.12.4 
sqlobject-0.12.4/debian/patches/postgres_escape_0.12.4
--- sqlobject-0.12.4/debian/patches/postgres_escape_0.12.4  1970-01-01 
02:00:00.0 +0200
+++ sqlobject-0.12.4/debian/patches/postgres_escape_0.12.4  2013-02-11 
13:02:03.0 +0200
@@ -0,0 +1,169 @@
+Description: Postgresql 9.1 changed the default value of 
standard_conforming_strings to on. SQLObject only added support for the E'' 
escape syntax in version 1.2.0 
+Origin:  upstream, Version 1.2.0
+Bug-Debian:  http://bugs.debian.org/695233
+Author:  phd
+Last-Update: 2013-02-11
+
+--- a/sqlobject/converters.py  (revision 4567)
 b/sqlobject/converters.py  (working copy)
+@@ -1,6 +1,11 @@
++from array import array
++import datetime
++from decimal import Decimal
+ import sys
+-from array import array
++import time
++from types import ClassType, InstanceType, NoneType
+ 
++
+ try:
+ import mx.DateTime.ISO
+ origISOStr = mx.DateTime.ISO.strGMT
+@@ -15,17 +20,12 @@
+ DateTimeType = None
+ DateTimeDeltaType = None
+ 
+-import time
+-import datetime
+-
+ try:
+ import Sybase
+ NumericType=Sybase.NumericType
+ except ImportError:
+ NumericType = None
+ 
+-from decimal import Decimal
+-from types import ClassType, InstanceType, NoneType
+ 
+ 
+ ## Quoting
+@@ -90,6 +90,8 @@
+ value = value.replace(', '')
+ else:
+ assert 0, Database %s unknown % db
++if db in ('postgres', 'rdbhost') and ('\\' in value):
++return E'%s' % value
+ return '%s' % value
+ 
+ registerConverter(str, StringLikeConverter)
+@@ -198,3 +200,17 @@
+ return converter(obj, db)
+ else:
+ return reprFunc(db)
++
++
++def quote_str(s, db):
++if db in ('postgres', 'rdbhost') and ('\\' in s):
++return E'%s' % s
++return '%s' % s
++
++def unquote_str(s):
++if s.upper().startswith(E') and s.endswith('):
++return s[2:-1]
++elif s.startswith(') and s.endswith('):
++return s[1:-1]
++else:
++return s
+Index: sqlobject/sqlbuilder.py
+===
+--- a/sqlobject/sqlbuilder.py  (revision 4567)
 b/sqlobject/sqlbuilder.py  (working copy)
+@@ -70,7 +70,7 @@
+ import weakref
+ 
+ import classregistry
+-from converters import sqlrepr, registerConverter
++from converters import registerConverter, sqlrepr, quote_str, unquote_str
+ 
+ 
+ class VersionError(Exception):
+@@ -896,18 +896,18 @@
+ if isinstance(s, SQLExpression):
+ values = []
+ if self.prefix:
+-values.append('%s' % self.prefix)
++values.append(quote_str(self.prefix, db))
+ s = _quote_like_special(sqlrepr(s, db), db)
+ values.append(s)
+ if self.postfix:
+-values.append('%s' % self.postfix)
++values.append(quote_str(self.postfix, db))
+ if db == mysql:
+ return CONCAT(%s) % , .join(values)
+ else:
+ return  || .join(values)
+ elif isinstance(s, basestring):
+-s = _quote_like_special(sqlrepr(s, db)[1:-1], db)
+-return '%s%s%s' % (self.prefix, s, self.postfix)
++s = _quote_like_special(unquote_str(sqlrepr(s, db)), db)
++return quote_str(%s%s%s % (self.prefix, s, self.postfix), db)
+ else:
+raise TypeError, expected str, unicode or SQLExpression, got %s 
% type(s)
+ 
+Index: sqlobject/tests/test_converters.py
+===
+--- a/sqlobject/tests/test_converters.py   (revision 4567)
 b/sqlobject/tests/test_converters.py   (working copy)
+@@ -1,9 +1,11 @@
+ import sys
+ from sqlobject.sqlbuilder import sqlrepr

Bug#698245: unblock: moodle/2.2.3.dfsg-2.6~wheezy2

[Didier 'OdyX' Raboud]

Hi Thomas, hi Release Team, hi Moodle maintainers.

Le jeudi, 28 février 2013 18.00:19, Didier 'OdyX' Raboud a écrit :
 So please just re-issue a correctly-versionned Debian package and I'll
 upload it to unstable (then we'll take a look at the package for
 testing-proposed- updates).

Given that:

a) we fail at releasing Moodle updates to unstable in a timely manner (and I
   have my share of the fault here);
b) we consequently fail at releasing Moodle security updates to wheezy in a
   timely manner (this unblock is opened for almost two months);
c) Moodle 2.2 is already not supported anymore by Moodle HQ for anything (not
   even security), according to [0];
   Furthermore on that point, as far as I can see, there is noone taking
   responsibility to handle Moodle 2.2 security on the long term (Moodle in
   Wheezy will need to be security-handled for roughly three years, yet it is
   _already_ not supported).
d) there is (in my opinion) not enough people behind the maintenance of
   Moodle-in-Debian: Thomas is a good DM, but he's mostly alone, and I'm not
   willing to get more involved.

So as much as I find that unfortunate, I think that the best solution for all 
of Moodle, Moodle-in-Debian and Debian, is to not ship Moodle 2.2 in Wheezy.

Thomasz, as you're the actual de-facto maintainer, please voice your opinion 
as I have voiced mine: the decision is in the hands of the Release Team I 
guess.

Cheers

OdyX


signature.asc
Description: This is a digitally signed message part.

Bug#698245: unblock: moodle/2.2.3.dfsg-2.6~wheezy2

[Didier 'OdyX' Raboud]

Sorry, missed my footnote:

Le lundi, 11 mars 2013 10.49:49, Didier 'OdyX' Raboud a écrit :
 c) Moodle 2.2 is already not supported anymore by Moodle HQ for anything
 (not even security), according to [0];

[0] http://docs.moodle.org/dev/Releases#Moodle_2.2

That allows me to correct what I wrote earlier: Moodle 2.2 is not yet out-
of-security support, but it will undoubtedly be from June 2013 on, which is 
still very early in the Wheezy-as-stable lifecycle.

Cheers,

OdyX


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130303.43179.o...@debian.org

Bug#698245: unblock: moodle/2.2.3.dfsg-2.6~wheezy2

[Tomasz Muras]

On 03/11/2013 10:49 AM, Didier 'OdyX' Raboud wrote:

a) we fail at releasing Moodle updates to unstable in a timely manner (and I
have my share of the fault here);
b) we consequently fail at releasing Moodle security updates to wheezy in a
timely manner (this unblock is opened for almost two months);
c) Moodle 2.2 is already not supported anymore by Moodle HQ for anything (not
even security), according to [0];
Furthermore on that point, as far as I can see, there is noone taking
responsibility to handle Moodle 2.2 security on the long term (Moodle in
Wheezy will need to be security-handled for roughly three years, yet it is
_already_ not supported).
d) there is (in my opinion) not enough people behind the maintenance of
Moodle-in-Debian: Thomas is a good DM, but he's mostly alone, and I'm not
willing to get more involved.

So as much as I find that unfortunate, I think that the best solution for all
of Moodle, Moodle-in-Debian and Debian, is to not ship Moodle 2.2 in Wheezy.

Thomasz, as you're the actual de-facto maintainer, please voice your opinion
as I have voiced mine: the decision is in the hands of the Release Team I
guess.


I have exactly the same concerns. Security fixes has been released for 
Moodle 2.2 today. I could cherry pick the patches and we could close 
this bug - not a big deal. They will probably be another security update 
for Moodle this year but that's it.


Realistically speaking there is no way I can maintain security fixes for 
non-supported (by upstream) software this size.


I have put Moodle 2.2 into Wheezy as that's the only possible upgrade 
path for Moodle (1.9 - 2.2 - 2.3+).


By not shipping 2.2 in wheezy, we will break the upgrades for any 
current users. I don't see any other option though. There are talks in 
Moodle about making LTS version (e.g. 2.6LTS) - and that's probably the 
only reasonable way to maintain a high quality package like this in Debian.


+1 for not shipping 2.2, breaking the upgrade path for this package, 
start from 2.5 (or higher) in unstable and provide Moodle LTS editions 
in Debian stable only.


Tomek


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/513daf8b.2000...@gmail.com

Bug#702783: unblock: gmpc/11.8.16-6

[Etienne Millon]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello,

I uploaded gmpc 11.8.16-6 to fix a localization patch that causes gmpc not
to appear in the menu (important bug #694547).

Please see attached debdiff to the version in testing.

Thanks and good luck for the release.

unblock gmpc/11.8.16-6

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

-- 
Etienne Millon
diff -Nru gmpc-11.8.16/debian/changelog gmpc-11.8.16/debian/changelog
--- gmpc-11.8.16/debian/changelog	2012-10-12 15:48:23.0 +0200
+++ gmpc-11.8.16/debian/changelog	2013-03-07 18:36:22.0 +0100
@@ -1,3 +1,9 @@
+gmpc (11.8.16-6) unstable; urgency=low
+
+  * Fix catalan menu entry (Closes: #694547)
+
+ -- Etienne Millon etienne.mil...@gmail.com  Thu, 07 Mar 2013 18:36:17 +0100
+
 gmpc (11.8.16-5) unstable; urgency=low
 
   * Update translations :
diff -Nru gmpc-11.8.16/debian/patches/0010-Update-translations.patch gmpc-11.8.16/debian/patches/0010-Update-translations.patch
--- gmpc-11.8.16/debian/patches/0010-Update-translations.patch	2012-09-18 14:44:32.0 +0200
+++ gmpc-11.8.16/debian/patches/0010-Update-translations.patch	2012-12-04 14:38:25.0 +0100
@@ -10,11 +10,11 @@
   - [ru] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687999
 ---
  configure.ac |2 +-
- po/ca.po | 2480 ++
+ po/ca.po | 2478 ++
  po/fr.po |  241 +++---
  po/oc.po |   18 +-
  po/ru.po |2 +-
- 5 files changed, 2629 insertions(+), 114 deletions(-)
+ 5 files changed, 2627 insertions(+), 114 deletions(-)
  create mode 100644 po/ca.po
 
 diff --git a/configure.ac b/configure.ac
@@ -32,10 +32,10 @@
  AM_GLIB_GNU_GETTEXT
 diff --git a/po/ca.po b/po/ca.po
 new file mode 100644
-index 000..03d41eb
+index 000..b99e42d
 --- /dev/null
 +++ b/po/ca.po
-@@ -0,0 +1,2480 @@
+@@ -0,0 +1,2478 @@
 +# Catalan translation for gmpc
 +# Copyright (c) 2012 Rosetta Contributors and Canonical Ltd 2012
 +# This file is distributed under the same license as the gmpc package.
@@ -65,9 +65,7 @@
 +#: ../src/browsers/gmpc-nowplaying2.c:2641
 +#: ../src/browsers/gmpc-nowplaying2.c:2645
 +msgid Gnome Music Player Client
-+msgstr 
-+Client de reproducció\n
-+de música del GNOME
++msgstr Client de reproducció de música del GNOME
 +
 +#: ../src/main.c:333
 +msgid Failed to load the configuration system.

Bug#702785: unblock: ifenslave-2.6/1.1.0-21

[Guus Sliepen]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package ifenslave-2.6

This fixes an important bug (#699445) which causes bonding to fail to work
correctly after booting in those bonding modes where a primary interface has to
be selected.

I also enabled hardening flags, which found some unsafe usages of format
strings, which have been fixed.

unblock ifenslave-2.6/1.1.0-21

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru ifenslave-2.6-1.1.0/debian/changelog ifenslave-2.6-1.1.0/debian/changelog
--- ifenslave-2.6-1.1.0/debian/changelog	2011-11-14 11:36:30.0 +0100
+++ ifenslave-2.6-1.1.0/debian/changelog	2013-02-19 14:43:55.0 +0100
@@ -1,3 +1,17 @@
+ifenslave-2.6 (1.1.0-21) unstable; urgency=low
+
+  [ Jonas Genannt ]
+  * d/pre-up: bond-primary does not apply (Closes: #699445)
+Moved setting primary into own function and call it after enslave_slaves
+
+  [ Guus Sliepen ]
+  * Explicitly mention that 3.x kernels are also supported. Closes: #697454
+  * Bump Standards-Version. 
+  * Enable hardening.
+  * Fix unsafe use of printf() and fprintf() found by the hardening flags.
+
+ -- Guus Sliepen g...@debian.org  Tue, 19 Feb 2013 14:43:29 +0100
+
 ifenslave-2.6 (1.1.0-20) unstable; urgency=low
 
   * Use dashes consistently for bonding options in README.Debian.
diff -Nru ifenslave-2.6-1.1.0/debian/control ifenslave-2.6-1.1.0/debian/control
--- ifenslave-2.6-1.1.0/debian/control	2011-05-25 18:42:29.0 +0200
+++ ifenslave-2.6-1.1.0/debian/control	2013-02-19 14:40:32.0 +0100
@@ -2,8 +2,8 @@
 Section: net
 Priority: optional
 Maintainer: Guus Sliepen g...@debian.org
-Build-Depends: debhelper ( 7.0.0)
-Standards-Version: 3.9.2
+Build-Depends: debhelper ( 7.0.0), dpkg-dev (= 1.16.1~)
+Standards-Version: 3.9.4
 
 Package: ifenslave-2.6
 Architecture: linux-any
@@ -19,4 +19,4 @@
  channel bonding or trunking techniques used in switches.
  .
  The kernel must have support for bonding devices for ifenslave to be useful.
- This package supports 2.6.x kernels and the most recent 2.4.x kernels.
+ This package supports 2.6.x and 3.x kernels and the most recent 2.4.x kernels.
diff -Nru ifenslave-2.6-1.1.0/debian/patches/fix-unsafe-use-of-printf ifenslave-2.6-1.1.0/debian/patches/fix-unsafe-use-of-printf
--- ifenslave-2.6-1.1.0/debian/patches/fix-unsafe-use-of-printf	1970-01-01 01:00:00.0 +0100
+++ ifenslave-2.6-1.1.0/debian/patches/fix-unsafe-use-of-printf	2013-02-19 14:39:05.0 +0100
@@ -0,0 +1,72 @@
+--- a/ifenslave.c
 b/ifenslave.c
+@@ -260,7 +260,7 @@
+ 		case 'V': opt_V++; exclusive++; break;
+ 
+ 		case '?':
+-			fprintf(stderr, usage_msg);
++			fputs(usage_msg, stderr);
+ 			res = 2;
+ 			goto out;
+ 		}
+@@ -268,13 +268,13 @@
+ 
+ 	/* options check */
+ 	if (exclusive  1) {
+-		fprintf(stderr, usage_msg);
++		fputs(usage_msg, stderr);
+ 		res = 2;
+ 		goto out;
+ 	}
+ 
+ 	if (opt_v || opt_V) {
+-		printf(version);
++		fputs(version, stdout);
+ 		if (opt_V) {
+ 			res = 0;
+ 			goto out;
+@@ -282,14 +282,14 @@
+ 	}
+ 
+ 	if (opt_u) {
+-		printf(usage_msg);
++		fputs(usage_msg, stdout);
+ 		res = 0;
+ 		goto out;
+ 	}
+ 
+ 	if (opt_h) {
+-		printf(usage_msg);
+-		printf(help_msg);
++		fputs(usage_msg, stdout);
++		fputs(help_msg, stdout);
+ 		res = 0;
+ 		goto out;
+ 	}
+@@ -309,7 +309,7 @@
+ 			goto out;
+ 		} else {
+ 			/* Just show usage */
+-			fprintf(stderr, usage_msg);
++			fputs(usage_msg, stderr);
+ 			res = 2;
+ 			goto out;
+ 		}
+@@ -320,7 +320,7 @@
+ 	master_ifname = *spp++;
+ 
+ 	if (master_ifname == NULL) {
+-		fprintf(stderr, usage_msg);
++		fputs(usage_msg, stderr);
+ 		res = 2;
+ 		goto out;
+ 	}
+@@ -339,7 +339,7 @@
+ 
+ 	if (slave_ifname == NULL) {
+ 		if (opt_d || opt_c) {
+-			fprintf(stderr, usage_msg);
++			fputs(usage_msg, stderr);
+ 			res = 2;
+ 			goto out;
+ 		}
diff -Nru ifenslave-2.6-1.1.0/debian/patches/series ifenslave-2.6-1.1.0/debian/patches/series
--- ifenslave-2.6-1.1.0/debian/patches/series	1970-01-01 01:00:00.0 +0100
+++ ifenslave-2.6-1.1.0/debian/patches/series	2013-02-19 14:34:20.0 +0100
@@ -0,0 +1 @@
+fix-unsafe-use-of-printf
diff -Nru ifenslave-2.6-1.1.0/debian/pre-up ifenslave-2.6-1.1.0/debian/pre-up
--- ifenslave-2.6-1.1.0/debian/pre-up	2011-11-14 11:30:07.0 +0100
+++ ifenslave-2.6-1.1.0/debian/pre-up	2013-02-19 13:04:24.0 +0100
@@ -145,21 +145,6 @@
 	# Changing lacp_rate requires $BOND_MASTER to be down.
 	sysfs_change_down lacp_rate $IF_BOND_LACP_RATE
 
-	# primary must be set after mode (because only supported in some modes) and after enslavement.
-	# The first slave in bond-primary found in current slaves becomes the primary.
-	# 

Bug#702786: unblock: inputlirc/23-1

[Guus Sliepen]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package inputlirc

This version fixes an important bug (#689037) which causes inputlirc to crash
immediately when started with two or more identical input devices specified on
the command line. This can happen inadvertently when combining manually
specified input devices with one or more filter options, it is very difficult
for a user to see what went wrong in such a case.

Note that I am also the upstream author, so I have made a new upstream version
fixing this bug, instead of just applying a Debian patch to the old version.

I have also enabled compiler hardening flags.

unblock inputlirc/23-1

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru inputlirc-19/ChangeLog inputlirc-23/ChangeLog
--- inputlirc-19/ChangeLog	2011-05-19 22:31:22.0 +0200
+++ inputlirc-23/ChangeLog	2013-02-21 16:02:21.0 +0100
@@ -1,3 +1,30 @@
+commit 95e620a7f245cca550b20c9da66fba38125b0790
+Author: Guus Sliepen g...@sliepen.org
+Date:   Thu Feb 21 15:58:18 2013 +0100
+
+Honour $CPPFLAGS and $LDFLAGS.
+
+commit 81a9275a8345c934ec0b3e6424562520a7b71cd4
+Author: Guus Sliepen g...@sliepen.org
+Date:   Tue Oct 2 13:09:35 2012 +0200
+
+Query type of input event device, and only accept those that send EV_KEY events.
+
+commit 2c683d7153ceb1ee11be497b70001d79ab62b04f
+Author: Guus Sliepen g...@sliepen.org
+Date:   Tue Oct 2 13:08:40 2012 +0200
+
+Don't add input event devices to the list that cannot be read.
+
+This fixes a crash caused by FD_SET() not liking a negative file descriptor.
+So also added a check right before FD_SET() just in case.
+
+commit 3de9078edb670481d06968935062efb2a5a46285
+Author: Guus Sliepen g...@sliepen.org
+Date:   Tue Oct 2 13:05:03 2012 +0200
+
+Send log messages to stderr when not detached.
+
 commit 4d6c054dab4d3ab80a00db69f8cce4b89bf75caa
 Author: Guus Sliepen g...@sliepen.org
 Date:   Thu May 19 21:40:04 2011 +0200
diff -Nru inputlirc-19/Makefile inputlirc-23/Makefile
--- inputlirc-19/Makefile	2011-05-19 22:31:22.0 +0200
+++ inputlirc-23/Makefile	2013-02-21 16:00:36.0 +0100
@@ -1,5 +1,5 @@
 # inputlircd -- zeroconf LIRC daemon that reads from /dev/input/event devices
-# Copyright (C) 2006  Guus Sliepen g...@sliepen.eu.org
+# Copyright (C) 2006-2013  Guus Sliepen g...@sliepen.org
 # 
 # This program is free software; you can redistribute it and/or modify it
 # under the terms of version 2 of the GNU General Public License as published
@@ -31,7 +31,7 @@
 	./gennames $  $@
 
 inputlircd: inputlircd.c /usr/include/linux/input.h names.h
-	$(CC) $(CFLAGS) -o $@ $
+	$(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ $
 
 install: install-sbin install-man
 
diff -Nru inputlirc-19/debian/changelog inputlirc-23/debian/changelog
--- inputlirc-19/debian/changelog	2013-03-11 12:31:19.0 +0100
+++ inputlirc-23/debian/changelog	2013-03-11 12:31:21.0 +0100
@@ -1,3 +1,13 @@
+inputlirc (23-1) unstable; urgency=low
+
+  * New upstream release.
+- Fixes a crash when one input device is specified more than once on the
+  command line. Closes: 689037
+  * Bump Standards-Version.
+  * Enable hardening flags.
+
+ -- Guus Sliepen g...@debian.org  Thu, 21 Feb 2013 16:17:04 +0100
+
 inputlirc (19-1) unstable; urgency=low
 
   * New upstream release.
diff -Nru inputlirc-19/debian/control inputlirc-23/debian/control
--- inputlirc-19/debian/control	2013-03-11 12:31:19.0 +0100
+++ inputlirc-23/debian/control	2013-03-11 12:31:21.0 +0100
@@ -2,8 +2,8 @@
 Section: utils
 Priority: extra
 Maintainer: Guus Sliepen g...@debian.org
-Build-Depends: debhelper ( 7)
-Standards-Version: 3.9.2
+Build-Depends: debhelper ( 7), dpkg-dev (= 1.16.1~)
+Standards-Version: 3.9.4
 
 Package: inputlirc
 Architecture: any
diff -Nru inputlirc-19/debian/rules inputlirc-23/debian/rules
--- inputlirc-19/debian/rules	2013-03-11 12:31:19.0 +0100
+++ inputlirc-23/debian/rules	2013-03-11 12:31:21.0 +0100
@@ -11,18 +11,8 @@
 # This has to be exported to make some magic below work.
 export DH_OPTIONS
 
-
-
-CFLAGS = -Wall -g
-
-ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
-	CFLAGS += -O0
-else
-	CFLAGS += -O2
-endif
-ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
-	INSTALL_PROGRAM += -s
-endif
+DPKG_EXPORT_BUILDFLAGS = 1
+include /usr/share/dpkg/buildflags.mk
 
 configure: configure-stamp
 configure-stamp:
diff -Nru inputlirc-19/inputlircd.c inputlirc-23/inputlircd.c
--- inputlirc-19/inputlircd.c	2011-05-19 22:31:22.0 +0200
+++ inputlirc-23/inputlircd.c	2013-02-21 16:00:36.0 +0100
@@ -1,6 +1,6 @@
 /*
 inputlircd -- zeroconf LIRC daemon 

Bug#702787: pre-approval: unblock: python-pyrrd/0.1.0-2

[Elena Grandi]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

I'd like to ask if the attached debdiff would be allowed in wheezy.

It fixes important bug #691230 by backporting a small patch from the
upstream repository; of course there are no other versions of the 
package in sid.

The package is team-maintained, and the Uploader has been contacted, 
but didn't answer.

Thanks in advance,

Elena Grandi
diff -u pyrrd-0.1.0/debian/changelog pyrrd-0.1.0/debian/changelog
--- pyrrd-0.1.0/debian/changelog
+++ pyrrd-0.1.0/debian/changelog
@@ -1,3 +1,11 @@
+pyrrd (0.1.0-2) UNRELEASED; urgency=low
+
+  * Team upload.
+  * Backport fix for RRD.fetch from upstream bzr revision 158
+(git commit dcd78df45c52) (Closes: #691230)
+
+ -- Elena Grandi elena.valha...@gmail.com  Mon, 18 Feb 2013 14:49:11 +0100
+
 pyrrd (0.1.0-1) unstable; urgency=low
 
   * Team upload
only in patch2:
unchanged:
--- pyrrd-0.1.0.orig/pyrrd/backend/external.py
+++ pyrrd-0.1.0/pyrrd/backend/external.py
@@ -264,7 +264,7 @@
 data += [unicode(x) for x in obj.rra]
 return (obj.filename, params + data)
 
-if function == 'update':
+elif function == 'update':
 validParams = ['template']
 params = common.buildParameters(obj, validParams)
 FIRST_VALUE = 0
@@ -277,15 +277,15 @@
 data = [data for data, nil in obj.values]
 return (obj.filename, params + data)
 
-if function == 'fetch':
+elif function == 'fetch':
 validParams = ['resolution', 'start', 'end']
 params = common.buildParameters(obj, validParams)
-return (obj.filename, obj.cf, params)
+return (obj.filename, [obj.cf] + params)
 
-if function == 'info':
+elif function == 'info':
 return (obj.filename, obj)
 
-if function == 'graph':
+elif function == 'graph':
 validParams = ['start', 'end', 'step', 'title',
 'vertical_label', 'width', 'height', 'only_graph',
 'upper_limit', 'lower_limit', 'rigid', 'alt_autoscale',

Bug#702783: marked as done (unblock: gmpc/11.8.16-6)

[Debian Bug Tracking System]

Your message dated Mon, 11 Mar 2013 13:07:15 +
with message-id e163e8d3e2676bc2d565796ba9222...@mail.adsl.funky-badger.org
and subject line Re: Bug#702783: unblock: gmpc/11.8.16-6
has caused the Debian Bug report #702783,
regarding unblock: gmpc/11.8.16-6
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
702783: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702783
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello,

I uploaded gmpc 11.8.16-6 to fix a localization patch that causes gmpc not
to appear in the menu (important bug #694547).

Please see attached debdiff to the version in testing.

Thanks and good luck for the release.

unblock gmpc/11.8.16-6

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

-- 
Etienne Millon
diff -Nru gmpc-11.8.16/debian/changelog gmpc-11.8.16/debian/changelog
--- gmpc-11.8.16/debian/changelog	2012-10-12 15:48:23.0 +0200
+++ gmpc-11.8.16/debian/changelog	2013-03-07 18:36:22.0 +0100
@@ -1,3 +1,9 @@
+gmpc (11.8.16-6) unstable; urgency=low
+
+  * Fix catalan menu entry (Closes: #694547)
+
+ -- Etienne Millon etienne.mil...@gmail.com  Thu, 07 Mar 2013 18:36:17 +0100
+
 gmpc (11.8.16-5) unstable; urgency=low
 
   * Update translations :
diff -Nru gmpc-11.8.16/debian/patches/0010-Update-translations.patch gmpc-11.8.16/debian/patches/0010-Update-translations.patch
--- gmpc-11.8.16/debian/patches/0010-Update-translations.patch	2012-09-18 14:44:32.0 +0200
+++ gmpc-11.8.16/debian/patches/0010-Update-translations.patch	2012-12-04 14:38:25.0 +0100
@@ -10,11 +10,11 @@
   - [ru] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687999
 ---
  configure.ac |2 +-
- po/ca.po | 2480 ++
+ po/ca.po | 2478 ++
  po/fr.po |  241 +++---
  po/oc.po |   18 +-
  po/ru.po |2 +-
- 5 files changed, 2629 insertions(+), 114 deletions(-)
+ 5 files changed, 2627 insertions(+), 114 deletions(-)
  create mode 100644 po/ca.po
 
 diff --git a/configure.ac b/configure.ac
@@ -32,10 +32,10 @@
  AM_GLIB_GNU_GETTEXT
 diff --git a/po/ca.po b/po/ca.po
 new file mode 100644
-index 000..03d41eb
+index 000..b99e42d
 --- /dev/null
 +++ b/po/ca.po
-@@ -0,0 +1,2480 @@
+@@ -0,0 +1,2478 @@
 +# Catalan translation for gmpc
 +# Copyright (c) 2012 Rosetta Contributors and Canonical Ltd 2012
 +# This file is distributed under the same license as the gmpc package.
@@ -65,9 +65,7 @@
 +#: ../src/browsers/gmpc-nowplaying2.c:2641
 +#: ../src/browsers/gmpc-nowplaying2.c:2645
 +msgid Gnome Music Player Client
-+msgstr 
-+Client de reproducció\n
-+de música del GNOME
++msgstr Client de reproducció de música del GNOME
 +
 +#: ../src/main.c:333
 +msgid Failed to load the configuration system.
---End Message---
---BeginMessage---

On 11.03.2013 11:24, Etienne Millon wrote:
I uploaded gmpc 11.8.16-6 to fix a localization patch that causes 
gmpc not

to appear in the menu (important bug #694547).


Unblocked.

Regards,

Adam---End Message---

Bug#702519: marked as done (unblock/pre-approval: perl and libencode-perl (memory leak in Encode::decode))

[Debian Bug Tracking System]

Your message dated Mon, 11 Mar 2013 13:13:07 +
with message-id b4634caca40e699bc27caf5fb3bdf...@mail.adsl.funky-badger.org
and subject line Re: Bug#702519: unblock/pre-approval: perl and libencode-perl 
(memory leak in Encode::decode)
has caused the Debian Bug report #702519,
regarding unblock/pre-approval: perl and libencode-perl (memory leak in 
Encode::decode)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
702519: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702519
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: p...@packages.debian.org, libencode-p...@packages.debian.org

I'd like to fix #702416 / #702444 (memory leak in Encode::decode) in
perl + libencode-perl in wheezy. It's not a regression from squeeze,
but I intend to pursue a squeeze fix in a point release later.

The wheezy side would need a tpu upload of libencode-perl and a sid
upload of perl (obviously after 5.14.2-19 has migrated.)

I'm attaching the preliminary debdiffs. The perl package needs to Break
the unfixed versions of libencode-perl, because the separate packaged
version takes precedence in @INC when installed.

So perl/5.14.2-20 can't migrate before libencode-perl 2.44-1+deb7u1
but the latter could be uploaded straight away.

Would you be OK with this?

Thanks for your work,
-- 
Niko Tyni   nt...@debian.org
diff -Nru perl-5.14.2/debian/changelog perl-5.14.2/debian/changelog
--- perl-5.14.2/debian/changelog2013-03-05 21:38:31.0 +0200
+++ perl-5.14.2/debian/changelog2013-03-07 19:08:49.0 +0200
@@ -1,3 +1,12 @@
+perl (5.14.2-20) unstable; urgency=low
+
+  * Fix an Encode memory leak that occurred in the UTF-8 encoding.
+(Closes: #702416)
++ upgrade the Broken versions of the separate libencode-perl
+  package accordingly.
+
+ -- Niko Tyni nt...@debian.org  Thu, 07 Mar 2013 19:08:47 +0200
+
 perl (5.14.2-19) unstable; urgency=high
 
   * [SECURITY] CVE-2013-1667: fix a rehashing DoS opportunity
diff -Nru perl-5.14.2/debian/control perl-5.14.2/debian/control
--- perl-5.14.2/debian/control  2013-03-05 21:38:02.0 +0200
+++ perl-5.14.2/debian/control  2013-03-07 19:02:52.0 +0200
@@ -294,7 +294,7 @@
  libthreads-perl ( 1.83),
  libthreads-shared-perl ( 1.37),
  libtime-piece-perl ( 1.20.01),
- libencode-perl ( 2.42.01),
+ libencode-perl ( 2.44-1+deb7u1),
  libdevel-dprof-perl ( 20110228.00),
  mrtg ( 2.16.3-3.1),
  libhtml-template-compiled-perl ( 0.95-1),
diff -Nru perl-5.14.2/debian/patches/fixes/encode-memleak.diff 
perl-5.14.2/debian/patches/fixes/encode-memleak.diff
--- perl-5.14.2/debian/patches/fixes/encode-memleak.diff1970-01-01 
02:00:00.0 +0200
+++ perl-5.14.2/debian/patches/fixes/encode-memleak.diff2013-03-07 
19:01:39.0 +0200
@@ -0,0 +1,64 @@
+From 89405c8ebc5bf8ae4ed6479de2bc0f311c1f6fe1 Mon Sep 17 00:00:00 2001
+From: chansen chan...@cpan.org
+Date: Sun, 3 Mar 2013 22:43:53 +0100
+Subject: Encode: Fixed a memory leak that occurred in the UTF-8 encoding.
+
+The decode and encode methods allocated a SV for the result, this SV
+is passed to the process_utf8() function which may croak() if the
+CHECK flag has FB_CROAK set.
+
+Origin: upstream, 
http://perl5.git.perl.org/perl.git/commit/5814803a8fa15d6b5fd483efdaf849a7166f9ac4
+Bug: https://github.com/dankogai/p5-encode/issues/8
+Bug-Debian: http://bugs.debian.org/702416
+Patch-Name: fixes/encode-memleak.diff
+---
+ cpan/Encode/Encode.xs |8 
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/cpan/Encode/Encode.xs b/cpan/Encode/Encode.xs
+index 723170c..4fa4ac3 100644
+--- a/cpan/Encode/Encode.xs
 b/cpan/Encode/Encode.xs
+@@ -440,7 +440,6 @@ CODE:
+ if (src == PL_sv_undef || SvROK(src)) src = sv_2mortal(newSV(0));
+ s = (U8 *) SvPV(src, slen);
+ e = (U8 *) SvEND(src);
+-dst = newSV(slen0?slen:1); /* newSV() abhors 0 -- inaba */
+ check = SvROK(check_sv) ? ENCODE_PERLQQ|ENCODE_LEAVE_SRC : SvIV(check_sv);
+ /* 
+  * PerlIO check -- we assume the object is of PerlIO if renewed
+@@ -471,6 +470,7 @@ CODE:
+ }
+ }
+ 
++dst = sv_2mortal(newSV(slen0?slen:1)); /* newSV() abhors 0 -- inaba */
+ s = process_utf8(aTHX_ dst, s, e, check_sv, 0, strict_utf8(aTHX_ obj), 
renewed);
+ 
+ /* Clear out translated part of source unless asked not to */
+@@ -482,7 +482,7 @@ CODE:
+ SvCUR_set(src, slen);
+ }
+ SvUTF8_on(dst);
+-ST(0) = sv_2mortal(dst);
++ST(0) = dst;
+

Bug#702728: marked as done (unblock: s3ql/1.11.1-3)

[Debian Bug Tracking System]

Your message dated Mon, 11 Mar 2013 13:14:51 +
with message-id 74283c580ece3c97095312604cb59...@mail.adsl.funky-badger.org
and subject line Re: Bug#702728: unblock: s3ql/1.11.1-3
has caused the Debian Bug report #702728,
regarding unblock: s3ql/1.11.1-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
702728: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702728
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

(This was already discussed on the debian-release list, I'm
 filling this bug for easier tracking)

Please allow upgrading the s3ql package s3ql from 1.11.1-2 to 1.11.2-3 via
testing-proposed-updates to fix the serious bug #701350.

The bug has already been fixed in unstable via a new upstream 
release (1.13.1-1).

The buggy code is still included in wheezy. Currently, the wheezy libc 
seems to incidentally work around the S3QL bug. However, this does
not happen with newer libc versions, so it may well be a libc bug
canceling out the S3QL bug. Therefore, with the current wheezy S3QL, any
change to wheezy's libc puts S3QL users at the risk of data loss.

I have uploaded a release for update via testing-proposed-updates to
http://mentors.debian.net/debian/pool/main/s/s3ql/s3ql_1.11.1-3.dsc 

Debdiff is attached.

Thanks!

unblock s3ql/1.11.1-3

-- System Information:
Debian Release: 7.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru s3ql-1.11.1/debian/changelog s3ql-1.11.1/debian/changelog
--- s3ql-1.11.1/debian/changelog	2012-06-05 13:35:58.0 -0700
+++ s3ql-1.11.1/debian/changelog	2013-02-24 18:52:36.0 -0800
@@ -1,3 +1,10 @@
+s3ql (1.11.1-3) testing-proposed-updates; urgency=low
+
+  * Call fflush() on FILE stream before repositioning underlying
+file descriptor. Closes: 701350.
+
+ -- Nikolaus Rath nikol...@rath.org  Sun, 24 Feb 2013 18:51:42 -0800
+
 s3ql (1.11.1-2) unstable; urgency=low
 
   * Add dependency on python-pkg-resources. Closes: 672916.
diff -Nru s3ql-1.11.1/debian/patches/deltadump_fflush.diff s3ql-1.11.1/debian/patches/deltadump_fflush.diff
--- s3ql-1.11.1/debian/patches/deltadump_fflush.diff	1969-12-31 16:00:00.0 -0800
+++ s3ql-1.11.1/debian/patches/deltadump_fflush.diff	2013-02-24 18:55:19.0 -0800
@@ -0,0 +1,29 @@
+Description: call fflush() to avoid data corruption
+Origin: upstream
+Applied-Upstream: http://code.google.com/p/s3ql/source/detail?r=e20279364896cfaa5d3c8cda29cb64c3b432a0ec
+Last-Update: 2013-02-24
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/src/s3ql/_deltadump.pyx
 b/src/s3ql/_deltadump.pyx
+@@ -28,6 +28,7 @@
+ 
+ cdef extern from 'stdio.h' nogil:
+ FILE * fdopen(int fd, const_char * mode)
++int fflush(FILE * stream)
+ int fileno(FILE * stream)
+ 
+ cdef extern from 'endian.h' nogil:
+@@ -123,6 +124,12 @@
+ 
+ cdef ssize_t off
+ 
++# Explicitly flush data that needs to be written. This is
++# important, so that we can safely reposition the fd position
++# below (which is necessary in case there is cached input data)
++if fflush(fp) != 0:
++raise OSError(errno, strerror(errno))
++
+ # Reposition FD to position of FILE*, otherwise next read from FD will miss
+ # data currently in stream buffer. It seems that call to fflush() achieves
+ # the same thing, but this does not seem to be documented so we don't rely
diff -Nru s3ql-1.11.1/debian/patches/series s3ql-1.11.1/debian/patches/series
--- s3ql-1.11.1/debian/patches/series	2012-01-23 17:39:07.0 -0800
+++ s3ql-1.11.1/debian/patches/series	2013-02-24 18:51:23.0 -0800
@@ -1 +1,2 @@
 proc_mount.diff
+deltadump_fflush.diff
---End Message---
---BeginMessage---

On 10.03.2013 19:38, Adam D. Barratt wrote:

On Sun, 2013-03-10 at 11:47 -0700, Nikolaus Rath wrote:
Please allow upgrading the s3ql package s3ql from 1.11.1-2 to 
1.11.2-3 via

testing-proposed-updates to fix the serious bug #701350.


In case there was any doubt,
MID:1362422038.19822.4.ca...@jacala.jungle.funky-badger.org meant I
was happy for the package to be uploaded.


For the record, it was uploaded and I've unblocked it; thanks.

Regards,

Adam---End Message---

Re: [Raspbian-devel] libpam-ubico and signed char on arm in debian and derivatives

[Simon Josefsson]

fre 2013-03-08 klockan 01:08 + skrev peter green:
 Even with the autohell stuff filtered out the debdiff (filtered debdiff 
 attached) 
 still looks pretty intimidating. Release team how should we play this? do you 
 want
 to unblock the version in sid or should we look into backporting the base64 
 fix to
 the version in wheezy?

I'm not the release team, but as upstream I would suggest to just
upgrade to what's in unstable -- version 2.8-2 should be stable, and has
the patch to fix this problem.

/Simon


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/1363007241.5734.2.ca...@latte.josefsson.org

Bug#702796: unblock: haskell-certificate et. al.

[Joachim Breitner]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

This is trying to get #701593 into testing. Not all arches have built
everything yet, but I guess I can get the unblock on the way.

The main fixes that we want to get into testing are these:

unblock haskell-tls-extra/0.4.6.1-2
unblock haskell-certificate/1.2.3-2

To migrate, this will also pull some binNMUed reverse dependencies,
including (but probably more):
libghc-http-conduit-dev libghc-tls-dev libghc-warp-tls-dev

Unfortunately, there was a version hiccup that required changes to
debian/control for some of the rebuilds. I’m not yet sure which of these
will have to go in to allow the above transition, but I’m sure that
waiting britney’s output will be easier than manually finding the
minimal set. At least http-conduit will need this, so please also

unblock haskell-http-conduit/1.4.1.6-3

The attached debdiff is represenative for all these
version-hiccup-fixing uploads. The packages that had the hiccup
(haskell-persistent, haskell-blaze-builder-conduit) do not need to
migrate.

Greetings,
Joachim

- -- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.5-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlE9/ZgACgkQ9ijrk0dDIGwGwQCdFQkh3TOPpIuxq+ru5FV/I6jl
zsYAmwSu1JYfL4+ZDxBPvTQ2WBDzCrR1
=noRR
-END PGP SIGNATURE-
diff -Nru haskell-http-conduit-1.4.1.6/debian/changelog haskell-http-conduit-1.4.1.6/debian/changelog
--- haskell-http-conduit-1.4.1.6/debian/changelog	2012-05-19 17:40:51.0 +0200
+++ haskell-http-conduit-1.4.1.6/debian/changelog	2013-03-11 16:48:11.0 +0100
@@ -1,3 +1,16 @@
+haskell-http-conduit (1.4.1.6-3) unstable; urgency=low
+
+  * Allow both strange and normal version in libghc-blaze-builder-conduit-dev
+dependency
+
+ -- Joachim Breitner nome...@debian.org  Mon, 11 Mar 2013 16:48:11 +0100
+
+haskell-http-conduit (1.4.1.6-2) unstable; urgency=low
+
+  * Allow strange version in libghc-blaze-builder-conduit-dev dependency 
+
+ -- Joachim Breitner nome...@debian.org  Sun, 10 Mar 2013 22:00:03 +0100
+
 haskell-http-conduit (1.4.1.6-1) unstable; urgency=low
 
   * New upstream version.
diff -Nru haskell-http-conduit-1.4.1.6/debian/control haskell-http-conduit-1.4.1.6/debian/control
--- haskell-http-conduit-1.4.1.6/debian/control	2012-05-19 17:40:57.0 +0200
+++ haskell-http-conduit-1.4.1.6/debian/control	2013-03-11 16:47:48.0 +0100
@@ -24,7 +24,8 @@
   , libghc-blaze-builder-dev ( 0.4)
   , libghc-blaze-builder-prof
   , libghc-blaze-builder-conduit-dev ( 0.4)
-  , libghc-blaze-builder-conduit-dev ( 0.5)
+  , libghc-blaze-builder-conduit-dev ( 0.5) | libghc-blaze-builder-conduit-dev ( 0.5.0.1.is.really.0.4),
+  , libghc-blaze-builder-conduit-dev ( 0.5.0.1.is.really.0.5)
   , libghc-blaze-builder-conduit-prof
   , libghc-case-insensitive-dev ( 0.2)
   , libghc-case-insensitive-prof
diff -Nru haskell-tls-extra-0.4.6.1/debian/changelog haskell-tls-extra-0.4.6.1/debian/changelog
--- haskell-tls-extra-0.4.6.1/debian/changelog	2013-01-20 23:26:26.0 +0100
+++ haskell-tls-extra-0.4.6.1/debian/changelog	2013-03-10 22:04:56.0 +0100
@@ -1,3 +1,14 @@
+haskell-tls-extra (0.4.6.1-2) unstable; urgency=low
+
+  * Fix regression introduced with the last commit, by adding compatibility
+with a corresponding change in haskell-certificate (Bug #700284), patch
+provided by Joey Hess. Closes: #701593.
+Also Closes: #702151, as the removal should no longer be necessary.
+  * Stop pretending this has a different version, as we need to rebuild stuff
+anyways.
+
+ -- Joachim Breitner nome...@debian.org  Sun, 10 Mar 2013 22:04:56 +0100
+
 haskell-tls-extra (0.4.6.1-1) unstable; urgency=low
 
   * New upstream release, aimed for wheezy.
diff -Nru haskell-tls-extra-0.4.6.1/debian/control haskell-tls-extra-0.4.6.1/debian/control
--- haskell-tls-extra-0.4.6.1/debian/control	2012-05-15 03:04:36.0 +0200
+++ haskell-tls-extra-0.4.6.1/debian/control	2013-03-10 21:09:26.0 +0100
@@ -8,7 +8,7 @@
   , haskell-devscripts (= 0.8)
   , ghc
   , ghc-prof
-  , libghc-certificate-dev ( 1.2.0)
+  , libghc-certificate-dev (= 1.2.3-2)
   , libghc-certificate-dev ( 1.3.0)
   , libghc-certificate-prof
   , libghc-crypto-api-dev ( 0.5)
diff -Nru haskell-tls-extra-0.4.6.1/debian/patches/haskell-tls-extra.patch haskell-tls-extra-0.4.6.1/debian/patches/haskell-tls-extra.patch
--- haskell-tls-extra-0.4.6.1/debian/patches/haskell-tls-extra.patch	1970-01-01 01:00:00.0 +0100
+++ haskell-tls-extra-0.4.6.1/debian/patches/haskell-tls-extra.patch	2013-03-10 21:09:08.0 +0100
@@ -0,0 +1,15 @@

Bug#702799: unblock: sks/1.1.3-2

[Christoph Martin]

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock package sks

I'd like to upload a fix for sks rc bug #699848. The bug prevents sks
from building an initial database. Included are the following minimal
fixes which do not change the functioning of sks.

+  * add Vcs tags to control file
+  * fix watch file because of upstream move
+  * add Homepage tag to control file

included is a debdiff. I would upload to testing-updates(?) as soon as
you approve.

unblock sks/1.1.3-2

Christoph


-- 

Christoph Martin, Zentrum für Datenverarbeitung, Uni-Mainz, Germany
 Instant-Messaging: Jabber: mar...@uni-mainz.de
  (Siehe http://www.zdv.uni-mainz.de/4010.php)
diff -Nru sks-1.1.3/debian/changelog sks-1.1.3/debian/changelog
--- sks-1.1.3/debian/changelog  2012-06-20 11:59:13.0 +0200
+++ sks-1.1.3/debian/changelog  2013-03-11 16:32:52.0 +0100
@@ -1,3 +1,12 @@
+sks (1.1.3-2) UNRELEASED; urgency=high
+
+  * add Vcs tags to control file
+  * fix watch file because of upstream move
+  * add Homepage tag to control file
+  * add db parameter to sksconf to fix db build deadlocks (closes: #699848)
+
+ -- Christoph Martin christoph.mar...@uni-mainz.de  Mon, 11 Mar 2013 
16:32:52 +0100
+
 sks (1.1.3-1) unstable; urgency=low
 
   * New upstream release (closes: #663757)
diff -Nru sks-1.1.3/debian/control sks-1.1.3/debian/control
--- sks-1.1.3/debian/control2012-06-20 10:41:30.0 +0200
+++ sks-1.1.3/debian/control2012-10-15 11:45:50.0 +0200
@@ -5,6 +5,8 @@
 Maintainer: Christoph Martin christoph.mar...@uni-mainz.de
 Uploaders: Fabio M. Di Nitto fabbi...@fabbione.net
 Build-Depends: ocaml (= 3.08), camlp4, libdb-dev, debhelper (= 7.0.50~), 
zlib1g-dev, libcryptokit-ocaml-dev (= 1.2-4), ocaml-nox (= 1.3-4), perl, 
perl-doc, dh-ocaml (= 0.9~)
+Vcs-Browser: http://svn.debian.org/wsvn/pkg-sks
+Vcs-Svn: svn://svn.debian.org/pkg-sks/
 
 Package: sks
 Architecture: any
@@ -19,3 +21,4 @@
  This key server implementation uses an efficient and reliable reconciliation
  algorithm to keep the database in sync with other SKS servers.  Additionally
  it can both send and receive PKS style sync emails.
+Homepage: https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Home
diff -Nru sks-1.1.3/debian/debcfg/sksconf sks-1.1.3/debian/debcfg/sksconf
--- sks-1.1.3/debian/debcfg/sksconf 2012-06-20 10:41:30.0 +0200
+++ sks-1.1.3/debian/debcfg/sksconf 2013-03-11 16:30:45.0 +0100
@@ -30,3 +30,11 @@
 
 # Runs database statistics calculation on boot (time and cpu expensive)
 #initial_stat:
+
+# bdb's db_tune program suggests a pagesize of 65536 for [K]DB/key. In practice
+# this caused page deadlocks. I found 8K (16) and 16K (32) to be better values
+pagesize:  16
+#
+# The tuner recommended 4096 (8) for the pagesize for PTree/ptree. I have had
+# very good results with 8196
+ptree_pagesize:16
diff -Nru sks-1.1.3/debian/watch sks-1.1.3/debian/watch
--- sks-1.1.3/debian/watch  2012-06-20 10:41:30.0 +0200
+++ sks-1.1.3/debian/watch  2012-10-15 11:43:59.0 +0200
@@ -1,2 +1,2 @@
 version=3
-opts=downloadurlmangle=s/\/\/code.google.com// 
http://code.google.com/p/sks-keyserver/downloads/list?can=1 
.*/sks-(\d[\d.]*)\.(?:zip|tgz|tbz2|txz|tar\.gz|tar\.bz2|tar\.xz)
+https://bitbucket.org/skskeyserver/sks-keyserver/downloads/sks-(\d[\d.]*)\.(?:zip|tgz|tbz2|txz|tar\.gz|tar\.bz2|tar\.xz)
attachment: martin.vcf

signature.asc
Description: OpenPGP digital signature

Bug#685230: unblock hylafax 3:6.0.6-4 / -5

[Joachim Wiedorn]

Hallo Giuseppe,

Giuseppe Sacco wrote on 2013-03-11 00:16:

 I checked your package diff, rebuilt the package and tested it. Then I 
 uploaded it, so hopefully it should enter unstable.

Perfectly!

 Tomorrow I will also check capi4hylafax -19. If you still need a 
 sponsor, I'll gladly upload the package.

This would be very nice. Unfortunately until now I haven't any answer
about my pre-approval of capi4hylafax ...300-19 from release team:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699171
But without the updated capi4hylafax the RC bug #661482 cannot be solved.

---
Have a nice day.

Joachim (Germany)


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130311171724.2830c...@jupiter.home

Bug#702412: pre-approval unblock: postfix

[LaMont Jones]

On Sat, Mar 09, 2013 at 05:59:32PM +, Adam D. Barratt wrote:
 A debdiff against the current wheezy package (possibly minus the .po
 changes and some of the repetitive documentation updates) would probably
 have been more useful, fwiw.

Noted for the future.

  The source and amd64 binaries are to be found at:
  deb http://people.debian.org/~lamont/postfix .
  deb-src http://people.debian.org/~lamont/postfix .
 Please go ahead; thanks.

Done


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130311162138.ga6...@mix.mmjgroup.com

Bug#698245: unblock: moodle/2.2.3.dfsg-2.6~wheezy2

[Jonathan Wiltshire]

On 2013-03-11 10:18, Tomasz Muras wrote:

On 03/11/2013 10:49 AM, Didier 'OdyX' Raboud wrote:
a) we fail at releasing Moodle updates to unstable in a timely 
manner (and I

have my share of the fault here);
b) we consequently fail at releasing Moodle security updates to 
wheezy in a

timely manner (this unblock is opened for almost two months);
c) Moodle 2.2 is already not supported anymore by Moodle HQ for 
anything (not

even security), according to [0];
Furthermore on that point, as far as I can see, there is noone 
taking
responsibility to handle Moodle 2.2 security on the long term 
(Moodle in
Wheezy will need to be security-handled for roughly three years, 
yet it is

_already_ not supported).
d) there is (in my opinion) not enough people behind the maintenance 
of
Moodle-in-Debian: Thomas is a good DM, but he's mostly alone, 
and I'm not

willing to get more involved.

So as much as I find that unfortunate, I think that the best 
solution for all
of Moodle, Moodle-in-Debian and Debian, is to not ship Moodle 2.2 in 
Wheezy.


Thomasz, as you're the actual de-facto maintainer, please voice your 
opinion
as I have voiced mine: the decision is in the hands of the Release 
Team I

guess.


I have exactly the same concerns. Security fixes has been released
for Moodle 2.2 today. I could cherry pick the patches and we could
close this bug - not a big deal. They will probably be another
security update for Moodle this year but that's it.

Realistically speaking there is no way I can maintain security fixes
for non-supported (by upstream) software this size.

I have put Moodle 2.2 into Wheezy as that's the only possible upgrade
path for Moodle (1.9 - 2.2 - 2.3+).

By not shipping 2.2 in wheezy, we will break the upgrades for any
current users. I don't see any other option though. There are talks 
in

Moodle about making LTS version (e.g. 2.6LTS) - and that's probably
the only reasonable way to maintain a high quality package like this
in Debian.


We have found this elsewhere too (e.g. mediawiki, where they are moving 
to a six-month cycle but adding LTS releases for distributions).



+1 for not shipping 2.2, breaking the upgrade path for this package,
start from 2.5 (or higher) in unstable and provide Moodle LTS 
editions

in Debian stable only.


Just to clarify before I do it: stable stays as it is; remove moodle 
from Wheezy and you will work on the basis of getting 2.5 into Jessie? 
Intermediate versions can always go into backports of course.


It is indeed unfortunate, but carrying security support on our own for 
that long does make me nervous.


Thanks,

--
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

directhex i have six years of solaris sysadmin experience, from
8-10. i am well qualified to say it is made from bonghits
layered on top of bonghits


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/998526b3196e83c07c57e7852b861...@hogwarts.powdarrmonkey.net

Re: Bug#702799: unblock: sks/1.1.3-2

[Christoph Egger]

Hi!

Christoph Martin mar...@uni-mainz.de writes:
 included is a debdiff. I would upload to testing-updates(?) as soon as
 you approve.

unstable would be the target here as the version in testing and unstable
are identical ;-) and you can upload there right away if you're
confident -release will grant the unblock (looks fine as far as I can
tell but I'm not -release)

  Christoph


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87mwu925n4@mitoraj.siccegge.de

Bug#698245: unblock: moodle/2.2.3.dfsg-2.6~wheezy2

[Tomasz Muras]

On 03/11/2013 05:22 PM, Jonathan Wiltshire wrote:

On 2013-03-11 10:18, Tomasz Muras wrote:

On 03/11/2013 10:49 AM, Didier 'OdyX' Raboud wrote:

So as much as I find that unfortunate, I think that the best solution
for all
of Moodle, Moodle-in-Debian and Debian, is to not ship Moodle 2.2 in
Wheezy.

I have exactly the same concerns. Security fixes has been released
for Moodle 2.2 today. I could cherry pick the patches and we could
close this bug - not a big deal. They will probably be another
security update for Moodle this year but that's it.

Realistically speaking there is no way I can maintain security fixes
for non-supported (by upstream) software this size.

I have put Moodle 2.2 into Wheezy as that's the only possible upgrade
path for Moodle (1.9 - 2.2 - 2.3+).

By not shipping 2.2 in wheezy, we will break the upgrades for any
current users. I don't see any other option though. There are talks in
Moodle about making LTS version (e.g. 2.6LTS) - and that's probably
the only reasonable way to maintain a high quality package like this
in Debian.


We have found this elsewhere too (e.g. mediawiki, where they are moving
to a six-month cycle but adding LTS releases for distributions).


+1 for not shipping 2.2, breaking the upgrade path for this package,
start from 2.5 (or higher) in unstable and provide Moodle LTS editions
in Debian stable only.


Just to clarify before I do it: stable stays as it is; remove moodle
from Wheezy and you will work on the basis of getting 2.5 into Jessie?
Intermediate versions can always go into backports of course.


Correct. 1.9 is still supported (it won't be for long) and can stay in 
stable.
I am thinking that I would would package 2.5 and then 2.6 in unstable 
and do not let it migrate into testing - unless LTS upstream version is 
released. Does it make sense?


One thing I'm not sure about is what will happen to current users of 
moodle package. They have 1.9 in squeeze, there will be nothing in 
wheezy but then the package will appear back in jessie - but with no 
upgrade path. The only way to get moodle back will be to drop the 
package completely (and drop DB) and re-install it. Of course we could 
provide some manual instructions to install 2.2 package and then upgrade 
to 2.4.


Tomek


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/513e17a6.6030...@gmail.com

Bug#702412: marked as done (pre-approval unblock: postfix)

[Debian Bug Tracking System]

Your message dated Mon, 11 Mar 2013 17:47:16 +
with message-id 6ec8eee430a7ace66346ea91337f8...@mail.adsl.funky-badger.org
and subject line Re: Bug#702412: pre-approval unblock: postfix
has caused the Debian Bug report #702412,
regarding pre-approval unblock: postfix
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
702412: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702412
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi Release Team,

I've been looking into Postfix RC bug #700719. In short, my proposal is to
fix the maintainer field and then unblock the package. Please see my message
in the bug log for details.

If LaMont is not currently available to make the upload to sid to fix the
maintainer field, I'll gladly NMU this.

Please let me know if you think is this a viable solution.


Cheers,
Thijs
---End Message---
---BeginMessage---

On 11.03.2013 16:21, LaMont Jones wrote:

On Sat, Mar 09, 2013 at 05:59:32PM +, Adam D. Barratt wrote:

 The source and amd64 binaries are to be found at:
 deb http://people.debian.org/~lamont/postfix .
 deb-src http://people.debian.org/~lamont/postfix .
Please go ahead; thanks.


Done


Unblocked; thanks.

Regards,

Adam---End Message---

Bug#698245: [moodle-packaging] Bug#698245: unblock: moodle/2.2.3.dfsg-2.6~wheezy2

[Hubert Chathi]

On Mon, 11 Mar 2013 18:43:02 +0100, Tomasz Muras nexor1...@gmail.com said:

 Correct. 1.9 is still supported (it won't be for long) and can stay in
 stable.  I am thinking that I would would package 2.5 and then 2.6 in
 unstable and do not let it migrate into testing - unless LTS upstream
 version is released. Does it make sense?

AFAIK, if a package is not intended to go into testing, it should be in
experimental rather than unstable.

 One thing I'm not sure about is what will happen to current users of
 moodle package. They have 1.9 in squeeze, there will be nothing in
 wheezy but then the package will appear back in jessie - but with no
 upgrade path. The only way to get moodle back will be to drop the
 package completely (and drop DB) and re-install it. Of course we could
 provide some manual instructions to install 2.2 package and then
 upgrade to 2.4.

IIRC, technically, we wouldn't need to worry about upgrades, since we
only need to do upgrades from the previous Debian release.  Of course,
that's not a very nice thing to do.  One option is to provide a 2.2 deb
package that they can download from some other repository (we could
probably dump it somewhere in Alioth).  That would probably be easier
than having to install 2.2 via a non-deb method.  And you could add a
preinst script in the 2.5 package that would abort the upgrade if the
user tries to upgrade from 1.9.

-- 
Hubert Chathi uho...@debian.org -- Jabber: hub...@uhoreg.ca
PGP/GnuPG key: 1024D/124B61FA http://www.uhoreg.ca/
Fingerprint: 96C5 012F 5F74 A5F7 1FF7  5291 AF29 C719 124B 61FA


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87ip4x4w5k@uhoreg.ca

Re: libnl3: provide static libraries severity

[Julien Cristau]

On Sun, Mar 10, 2013 at 18:39:21 +0100, Ondřej Surý wrote:

 Hi release-team,
 
 it might not be in violation of Debian policy to not provide static
 libraries, but I would still consider this as important with
 freeze-exception because it is easily fixable, does not introduce anything
 new library wise, and it prevents successful using of -dev package to link
 static binaries (which is not common, but still needed sometimes).
 
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693939
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693940
 
 So I would ask you kindly to consider allowing to fix this bug (e.g.
 freeze-exception).
 
NAK.  Wishlist bugs don't get freeze exceptions.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#698341: pu: package spatialite/3.0.0~beta20110817-3+deb7u1

[David Paleino]

On Sat, 09 Mar 2013 18:17:05 +, Adam D. Barratt wrote:

 On Sun, 2013-03-03 at 10:24 +0100, David Paleino wrote:
  On Thu, 28 Feb 2013 20:31:40 +, Adam D. Barratt wrote:
   Cool; thanks. Did you have chance to look at whether fixing the testing
   package just requires the source file split or if there were any other
   issues?
  
  The package I prepared and built for testing also required 2 other
  patches, to fix #683075. I guess that hasn't changed since then :)
 
 The debdiff included in MID:20130119194518.0c49613d@local only
 appeared to include the srsinit changes. Apologies if I simply missed
 it, but was a debdiff with the other changes also posted somewhere?

You did see it already, but I didn't include it in the patch I posted. This is
because I only made a patch for the source to be split; the actual package for
testing carries two more patches, attaching them to this mail.

The bigger patch is needed because an API change in freexl happened
unnoticed between testing and unstable.
See also your message
MID:1358594334.12995.35.ca...@jacala.jungle.funky-badger.org (Sat, 19 Jan
2013 11:18:54 +).

Sorry for the confusion, and thank you!
David

-- 
 . ''`.   Debian developer | http://wiki.debian.org/DavidPaleino
 : :'  : Linuxer #334216 --|-- http://www.hanskalabs.net/
 `. `'`  GPG: 1392B174 | http://deb.li/dapal
   `-   2BAB C625 4E66 E7B8 450A C3E1 E6AA 9017 1392 B174
From: Evgeni Golov evg...@debian.org
Subject: fix linking with libgeos
Origin: vendor, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683075#39
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683075

---
 libspatialite/configure   |4 ++--
 libspatialite/configure.ac|4 ++--
 spatialite-tools/configure|2 +-
 spatialite-tools/configure.ac |2 +-
 4 files changed, 6 insertions(+), 6 deletions(-)

--- spatialite.orig/libspatialite/configure
+++ spatialite/libspatialite/configure
@@ -16593,7 +16593,7 @@ for ac_lib in '' geos_c; do
 ac_res=none required
   else
 ac_res=-l$ac_lib
-LIBS=-l$ac_lib -lm -lgeos $ac_func_search_save_LIBS
+LIBS=-l$ac_lib $ac_func_search_save_LIBS
   fi
   if ac_fn_c_try_link $LINENO; then :
   ac_cv_search_GEOSTopologyPreserveSimplify=$ac_res
@@ -16663,7 +16663,7 @@ for ac_lib in '' geos_c; do
 ac_res=none required
   else
 ac_res=-l$ac_lib
-LIBS=-l$ac_lib -lm -lgeos $ac_func_search_save_LIBS
+LIBS=-l$ac_lib $ac_func_search_save_LIBS
   fi
   if ac_fn_c_try_link $LINENO; then :
   ac_cv_search_GEOSCoveredBy=$ac_res
--- spatialite.orig/libspatialite/configure.ac
+++ spatialite/libspatialite/configure.ac
@@ -120,7 +120,7 @@ AC_ARG_ENABLE(geos, [AS_HELP_STRING(
 if test x$enable_geos != xno; then
   OMIT_GEOS_FLAGS=
   AC_CHECK_HEADERS(geos_c.h,, [AC_MSG_ERROR([cannot find geos_c.h, bailing out])])
-  AC_SEARCH_LIBS(GEOSTopologyPreserveSimplify,geos_c,,AC_MSG_ERROR(['libgeos_c' is required but it doesn't seems to be installed on this system.]),-lm -lgeos)
+  AC_SEARCH_LIBS(GEOSTopologyPreserveSimplify,geos_c,,AC_MSG_ERROR(['libgeos_c' is required but it doesn't seems to be installed on this system.]),)
   #---
   #   --enable-geosadvanced
   #
@@ -129,7 +129,7 @@ if test x$enable_geos != xno; then
 	  [], [geosadvanced=yes])
   if test x$enable_geosadvanced != xno; then
 	  GEOSADVANCED_FLAGS=-DGEOS_ADVANCED
-	  AC_SEARCH_LIBS(GEOSCoveredBy,geos_c,,AC_MSG_ERROR([obsolete 'libgeos_c' ( v.3.3.0). please retry specifying: --disable-geosadvanced.]),-lm -lgeos)
+	  AC_SEARCH_LIBS(GEOSCoveredBy,geos_c,,AC_MSG_ERROR([obsolete 'libgeos_c' ( v.3.3.0). please retry specifying: --disable-geosadvanced.]),)
   else
 	  GEOSADVANCED_FLAGS=
   fi
--- spatialite.orig/spatialite-tools/configure
+++ spatialite/spatialite-tools/configure
@@ -16547,7 +16547,7 @@ if test ${ac_cv_lib_geos_c_GEOSTopology
   $as_echo_n (cached)  6
 else
   ac_check_lib_save_LIBS=$LIBS
-LIBS=-lgeos_c -lm -lgeos $LIBS
+LIBS=-lgeos_c $LIBS
 cat confdefs.h - _ACEOF conftest.$ac_ext
 /* end confdefs.h.  */
 
--- spatialite.orig/spatialite-tools/configure.ac
+++ spatialite/spatialite-tools/configure.ac
@@ -72,7 +72,7 @@ AC_SUBST(READLINE_LIBS)
 
 AC_CHECK_LIB(expat,XML_ParserCreate,,AC_MSG_ERROR(['expat' is required but it doesn't seems to be installed on this system.]))
 AC_CHECK_LIB(proj,pj_init_plus,,AC_MSG_ERROR(['libproj' is required but it doesn't seems to be installed on this system.]),-lm)
-AC_CHECK_LIB(geos_c,GEOSTopologyPreserveSimplify,,AC_MSG_ERROR(['libgeos_c' is required but it doesn't seems to be installed on this system.]),-lm -lgeos)
+AC_CHECK_LIB(geos_c,GEOSTopologyPreserveSimplify,,AC_MSG_ERROR(['libgeos_c' is required but it doesn't seems to be installed on this system.]),)
 
 PKG_CHECK_MODULES([LIBFREEXL], [freexl], , AC_MSG_ERROR(['libfreexl' is required but it doesn't seems to be installed on this system.]))
 LIBSPATIALITE_CFLAGS=
From: Felix Geyer fge...@debian.org
Subject: fix 

Bug#702771: marked as done (unblock: sqlobject/0.12.4-2.2)

[Debian Bug Tracking System]

Your message dated Mon, 11 Mar 2013 20:12:00 +
with message-id 1363032720.29496.6.ca...@jacala.jungle.funky-badger.org
and subject line Re: Bug#702771: unblock: sqlobject/0.12.4-2.2
has caused the Debian Bug report #702771,
regarding unblock: sqlobject/0.12.4-2.2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
702771: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702771
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package sqlobject

sqlobject 0.12.4-2.2 fixes #695233, which prevents it from working
properly with the default postgres version in wheezy. Since sqlobject
is a database ORM, this is a reasonably serious regression from
squeeze, so it would be useful to have it fixed.

debdiff sqlobject_0.12.4-2.1.dsc sqlobject_0.12.4-2.2.dsc

diff -Nru sqlobject-0.12.4/debian/changelog sqlobject-0.12.4/debian/changelog
--- sqlobject-0.12.4/debian/changelog   2012-01-14 16:12:15.0 +0200
+++ sqlobject-0.12.4/debian/changelog   2013-02-11 13:03:52.0 +0200
@@ -1,3 +1,13 @@
+sqlobject (0.12.4-2.2) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fix SQLObject doesn't escape strings correctly for postgresql 9.1:
+new patch postgres_escape_0.12.4 backported from upstream (1.2.0).
+(Closes: #695233)
+
+ -- Neil Muller drnlmuller+deb...@gmail.com  Mon, 11 Feb 2013 13:03:04 +0200
+
+
 sqlobject (0.12.4-2.1) unstable; urgency=low
 
   * Non-maintainer upload.
diff -Nru sqlobject-0.12.4/debian/patches/postgres_escape_0.12.4 
sqlobject-0.12.4/debian/patches/postgres_escape_0.12.4
--- sqlobject-0.12.4/debian/patches/postgres_escape_0.12.4  1970-01-01 
02:00:00.0 +0200
+++ sqlobject-0.12.4/debian/patches/postgres_escape_0.12.4  2013-02-11 
13:02:03.0 +0200
@@ -0,0 +1,169 @@
+Description: Postgresql 9.1 changed the default value of 
standard_conforming_strings to on. SQLObject only added support for the E'' 
escape syntax in version 1.2.0 
+Origin:  upstream, Version 1.2.0
+Bug-Debian:  http://bugs.debian.org/695233
+Author:  phd
+Last-Update: 2013-02-11
+
+--- a/sqlobject/converters.py  (revision 4567)
 b/sqlobject/converters.py  (working copy)
+@@ -1,6 +1,11 @@
++from array import array
++import datetime
++from decimal import Decimal
+ import sys
+-from array import array
++import time
++from types import ClassType, InstanceType, NoneType
+ 
++
+ try:
+ import mx.DateTime.ISO
+ origISOStr = mx.DateTime.ISO.strGMT
+@@ -15,17 +20,12 @@
+ DateTimeType = None
+ DateTimeDeltaType = None
+ 
+-import time
+-import datetime
+-
+ try:
+ import Sybase
+ NumericType=Sybase.NumericType
+ except ImportError:
+ NumericType = None
+ 
+-from decimal import Decimal
+-from types import ClassType, InstanceType, NoneType
+ 
+ 
+ ## Quoting
+@@ -90,6 +90,8 @@
+ value = value.replace(', '')
+ else:
+ assert 0, Database %s unknown % db
++if db in ('postgres', 'rdbhost') and ('\\' in value):
++return E'%s' % value
+ return '%s' % value
+ 
+ registerConverter(str, StringLikeConverter)
+@@ -198,3 +200,17 @@
+ return converter(obj, db)
+ else:
+ return reprFunc(db)
++
++
++def quote_str(s, db):
++if db in ('postgres', 'rdbhost') and ('\\' in s):
++return E'%s' % s
++return '%s' % s
++
++def unquote_str(s):
++if s.upper().startswith(E') and s.endswith('):
++return s[2:-1]
++elif s.startswith(') and s.endswith('):
++return s[1:-1]
++else:
++return s
+Index: sqlobject/sqlbuilder.py
+===
+--- a/sqlobject/sqlbuilder.py  (revision 4567)
 b/sqlobject/sqlbuilder.py  (working copy)
+@@ -70,7 +70,7 @@
+ import weakref
+ 
+ import classregistry
+-from converters import sqlrepr, registerConverter
++from converters import registerConverter, sqlrepr, quote_str, unquote_str
+ 
+ 
+ class VersionError(Exception):
+@@ -896,18 +896,18 @@
+ if isinstance(s, SQLExpression):
+ values = []
+ if self.prefix:
+-values.append('%s' % self.prefix)
++values.append(quote_str(self.prefix, db))
+ s = _quote_like_special(sqlrepr(s, db), db)
+ values.append(s)
+ if self.postfix:
+-values.append('%s' % self.postfix)
++values.append(quote_str(self.postfix, db))
+ if db == mysql:
+  

Fw: ifupdown in wheezy

[Andrew Shadura]

Hello everyone,

Forwarding the message to the list as apparently Julien doesn't have
enough time for this currently.

Since then, 0.7.40 has been uploaded to experimental. I may also
provide individual patches for the issues I mentioned below to be
reviewed, if necessary.

Begin forwarded message:

Date: Mon, 4 Mar 2013 21:47:49 +0100
From: Andrew Shadura bugzi...@tut.by
To: Julien Cristau jcris...@debian.org
Subject: ifupdown in wheezy


Hello,

First of all, let me quote the list of changes I intended to push to
wheezy originally:

  [ Andrew Shadura ]
  * Don't configure bridge interfaces as tagged VLAN interfaces
(Closes: #696642).
  * Add tryonce option to DHCP-enabled methods (Closes: #694541).
  * Implement inet6/auto for kFreeBSD, call DHCP release of ifdown
on Linux (Closes: #701884).
  * Update manual pages.

  [ Stéphane Graber ]
  * Patches for upstart support from Ubuntu:
- Start the job on runlevel [2345]. This is a no-op during a normal
  boot since the network will be started *before* runlevel is
  emitted, but is needed to restart the network after a change from
  runlevel 1 (LP: #752481).
- Don't bring 'lo' down (add it to --exclude).
- Emit deconfiguring-networking (LP: #1061639).
- Update network-interface-security job to stop when the parent job
  is stopped itself. This avoids leftover instances (LP: #1065684).
  * Set MTU of tunnel devices (LP: #1074048).
  * Actually set the new calculated value for duplicate entries
(LP: #1086517).

  [ Josselin Mouette ]
  * postinst: Do not create /etc/network/interfaces if it was removed
  manually (Closes: #695906)

I understand that probably it's not a good timing to get all of them
now to testing, but some of them are still needed, I think.

Bug #695906 was kind of fixed by NMU uploaded by Michael Gilbert. In my
opinion, that wasn't a good way of solving it, and it wasn't cool he
uploaded without some ack. from me, but okay, that happened.

Of the rest of the changes, I'd like to emphasise few I think we must
have in wheezy.

First of all, VLAN issue, #696642. As you certainly know Debian is very
often used on servers, and it's quite a common setup to have VLANs and
stuff. By not fixing this bug may have lots of people upset, as they
would need to work it around, while the fix is quite easy, tested by
the bug reporter, so I'm sure it works.

LP #1074048 bug is fixable with one-line patch:

-ip link set %iface% up
+ip link set %iface% up [[mtu %mtu%]]

So I think it's worth including. Or at least I should remove that
option from the manual page so users won't be confused.

LP #1086517 is also easily fixed:

@@ -1342,6 +1342,10 @@
return NULL;
}
 
+   if ((*var)[j].value == value) {
+   return value;
+   }
+
free((*var)[j].value);
(*var)[j].value = strdup(value);
if (!(*var)[j].value) {
@@ -2144,6 +2148,7 @@
 
currif-option[i].value[l] = '\n';
strcpy((currif-option[i].value[l + 1]), rest);
+   rest = currif-option[i].value;
}
}
}

Same here, if we don't fix it, I should fix the docs.

Speaking of upstart script fixes, we can probably live them out if you
think they're too much at this point.

Bug #701884: fixable with ~6 lines of interface definition code, the
question is if it's important enough for the release, and where should
we fix it if it is: in ifupdown or in d-i? Not sure, but the patch is
ready anyway.

DHCP -1 issue. So what do we do with it? Return behaviour from squeeze,
without -1, leave it there as it's in ~3 Ubuntu releases, add the
option? As patching DHCP client isn't acceptable at this point,
something has to be done.

P.S. All of those changes are about to be uploaded to experimental as
version 0.7.40 so at least they may be tested by users.

-- 
WBR, Andrew


-- 
WBR, Andrew


signature.asc
Description: PGP signature

Bug#698245: unblock: moodle/2.2.3.dfsg-2.6~wheezy2

[Jonathan Wiltshire]

On Mon, Mar 11, 2013 at 06:43:02PM +0100, Tomasz Muras wrote:
 On 03/11/2013 05:22 PM, Jonathan Wiltshire wrote:
 Just to clarify before I do it: stable stays as it is; remove moodle
 from Wheezy and you will work on the basis of getting 2.5 into Jessie?
 Intermediate versions can always go into backports of course.
 
On Mon, Mar 11, 2013 at 02:40:55PM -0400, Hubert Chathi wrote:
 On Mon, 11 Mar 2013 18:43:02 +0100, Tomasz Muras nexor1...@gmail.com said:
 
  Correct. 1.9 is still supported (it won't be for long) and can stay in
  stable.  I am thinking that I would would package 2.5 and then 2.6 in
  unstable and do not let it migrate into testing - unless LTS upstream
  version is released. Does it make sense?

Yes.

 AFAIK, if a package is not intended to go into testing, it should be in
 experimental rather than unstable.

Unstable is fine. Protecting unstable doesn't make any sense for a package
that isn't in testing anyway. When the freeze is lifted normal transition
will take place.

  One thing I'm not sure about is what will happen to current users of
  moodle package. They have 1.9 in squeeze, there will be nothing in
  wheezy but then the package will appear back in jessie - but with no
  upgrade path. The only way to get moodle back will be to drop the
  package completely (and drop DB) and re-install it. Of course we could
  provide some manual instructions to install 2.2 package and then
  upgrade to 2.4.
 
 IIRC, technically, we wouldn't need to worry about upgrades, since we
 only need to do upgrades from the previous Debian release.  Of course,
 that's not a very nice thing to do.  One option is to provide a 2.2 deb
 package that they can download from some other repository (we could
 probably dump it somewhere in Alioth).  That would probably be easier
 than having to install 2.2 via a non-deb method.  And you could add a
 preinst script in the 2.5 package that would abort the upgrade if the
 user tries to upgrade from 1.9.

This is why I suggest using wheezy-backports.

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

directhex i have six years of solaris sysadmin experience, from
8-10. i am well qualified to say it is made from bonghits
layered on top of bonghits


signature.asc
Description: Digital signature

Bug#698341: pu: package spatialite/3.0.0~beta20110817-3+deb7u1

[Adam D. Barratt]

Control: tags -1 + confirmed

On Mon, 2013-03-11 at 20:21 +0100, David Paleino wrote:
 On Sat, 09 Mar 2013 18:17:05 +, Adam D. Barratt wrote:
  On Sun, 2013-03-03 at 10:24 +0100, David Paleino wrote:
   The package I prepared and built for testing also required 2 other
   patches, to fix #683075. I guess that hasn't changed since then :)
  
  The debdiff included in MID:20130119194518.0c49613d@local only
  appeared to include the srsinit changes. Apologies if I simply missed
  it, but was a debdiff with the other changes also posted somewhere?
 
 You did see it already, but I didn't include it in the patch I posted. This is
 because I only made a patch for the source to be split; the actual package for
 testing carries two more patches, attaching them to this mail.
 
 The bigger patch is needed because an API change in freexl happened
 unnoticed between testing and unstable.

Thanks for the patches. Please feel free to go ahead with the tpu upload
(using the version number suggested by the subject).

Regards,

Adam


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/1363034112.29496.8.ca...@jacala.jungle.funky-badger.org

Processed: Re: Bug#698341: pu: package spatialite/3.0.0~beta20110817-3+deb7u1

[Debian Bug Tracking System]

Processing control commands:

 tags -1 + confirmed
Bug #698341 [release.debian.org] unblock:  
spatialite/3.0.0~beta20110817-3+deb7u1 (tpu approval)
Added tag(s) confirmed.

-- 
698341: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698341
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.b698341.136303412126023.transcr...@bugs.debian.org

Bug#702786: unblock: inputlirc/23-1

[Jonathan Wiltshire]

Control: tag -1 + moreinfo

On Mon, Mar 11, 2013 at 12:31:43PM +0100, Guus Sliepen wrote:
 This version fixes an important bug (#689037) which causes inputlirc to crash
 immediately when started with two or more identical input devices specified on
 the command line. This can happen inadvertently when combining manually
 specified input devices with one or more filter options, it is very difficult
 for a user to see what went wrong in such a case.
 
 Note that I am also the upstream author, so I have made a new upstream version
 fixing this bug, instead of just applying a Debian patch to the old version.

Ok...

 I have also enabled compiler hardening flags.

Most definitely not ok.


 unblock inputlirc/23-1

NACK



-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51



signature.asc
Description: Digital signature

Processed: Re: Bug#702786: unblock: inputlirc/23-1

[Debian Bug Tracking System]

Processing control commands:

 tag -1 + moreinfo
Bug #702786 [release.debian.org] unblock: inputlirc/23-1
Added tag(s) moreinfo.

-- 
702786: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702786
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.b702786.136303647712469.transcr...@bugs.debian.org

Processed: Re: Bug#702785: unblock: ifenslave-2.6/1.1.0-21

[Debian Bug Tracking System]

Processing control commands:

 tag -1 + moreinfo
Bug #702785 [release.debian.org] unblock: ifenslave-2.6/1.1.0-21
Added tag(s) moreinfo.

-- 
702785: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702785
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.b702785.136303679814961.transcr...@bugs.debian.org

Bug#702785: unblock: ifenslave-2.6/1.1.0-21

[Jonathan Wiltshire]

Control: tag -1 + moreinfo

On Mon, Mar 11, 2013 at 12:21:45PM +0100, Guus Sliepen wrote:
 This fixes an important bug (#699445) which causes bonding to fail to work
 correctly after booting in those bonding modes where a primary interface has 
 to
 be selected.

Ok...

 I also enabled hardening flags, which found some unsafe usages of format
 strings, which have been fixed.

Not ok.

 unblock ifenslave-2.6/1.1.0-21

NACK.

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51



signature.asc
Description: Digital signature

Bug#702787: pre-approval: unblock: python-pyrrd/0.1.0-2

[Jonathan Wiltshire]

On Mon, Mar 11, 2013 at 12:45:16PM +0100, Elena Grandi wrote:
 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: unblock
 
 I'd like to ask if the attached debdiff would be allowed in wheezy.
 
 It fixes important bug #691230 by backporting a small patch from the
 upstream repository; of course there are no other versions of the 
 package in sid.
 
 The package is team-maintained, and the Uploader has been contacted, 
 but didn't answer.

Looks fine to me. Please retitle this bug when it is uploaded.

Thanks,

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51



signature.asc
Description: Digital signature

Bug#702826: nmu: binutils-z80_2.22-3

[Alberto Garcia]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

Hi,

binutils recently added a fix for #688951 (CVE-2012-3509) which also
affects binutils-z80. The following binNMU will cause the fix to be
applied to binutils-z80:

nmu binutils-z80_2.22-3 . ALL . -m Rebuild against new binutils to pick up fix 
for #688951. Closes: #702407.

Thanks,

Berto

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=pt_PT, LC_CTYPE=pt_PT (charmap=UTF-8) (ignored: LC_ALL set to 
pt_PT.UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/20130311220900.30104.22369.reportbug@hermes.local

Re: Fw: ifupdown in wheezy

[Steven Chamberlain]

Hi,

On 11/03/13 20:30, Andrew Shadura wrote:
   * Implement inet6/auto for kFreeBSD, call DHCP release of ifdown
 on Linux (Closes: #701884).

Actually these are quite separate things (but they were fixed at the
same time).

 Bug #701884: fixable with ~6 lines of interface definition code, the
 question is if it's important enough for the release, and where should
 we fix it if it is: in ifupdown or in d-i? Not sure, but the patch is
 ready anyway.

The kFreeBSD part of this (bug #701884) is pretty important for us,
otherwise netcfg/1.106 and later (now working correctly) exposes a
syntax error in /e/n/i that broke even the loopback interface.

Regards,
-- 
Steven Chamberlain
ste...@pyro.eu.org


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/513e5a03.6040...@pyro.eu.org

Bug#702826: marked as done (nmu: binutils-z80_2.22-3)

[Debian Bug Tracking System]

Your message dated Mon, 11 Mar 2013 22:25:48 +
with message-id 1363040748.29496.9.ca...@jacala.jungle.funky-badger.org
and subject line Re: Bug#702826: nmu: binutils-z80_2.22-3
has caused the Debian Bug report #702826,
regarding nmu: binutils-z80_2.22-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
702826: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702826
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

Hi,

binutils recently added a fix for #688951 (CVE-2012-3509) which also
affects binutils-z80. The following binNMU will cause the fix to be
applied to binutils-z80:

nmu binutils-z80_2.22-3 . ALL . -m Rebuild against new binutils to pick up fix 
for #688951. Closes: #702407.

Thanks,

Berto

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=pt_PT, LC_CTYPE=pt_PT (charmap=UTF-8) (ignored: LC_ALL set to 
pt_PT.UTF-8)
Shell: /bin/sh linked to /bin/dash
---End Message---
---BeginMessage---
On Tue, 2013-03-12 at 00:09 +0200, Alberto Garcia wrote:
 binutils recently added a fix for #688951 (CVE-2012-3509) which also
 affects binutils-z80. The following binNMU will cause the fix to be
 applied to binutils-z80:
 
 nmu binutils-z80_2.22-3 . ALL . -m Rebuild against new binutils to pick up 
 fix for #688951. Closes: #702407.

Scheduled. Note that binNMUs can't close bugs, so you'll need to handle
that separately.

Regards,

Adam---End Message---

Advice needed: update-manager in wheezy considered dangerous

[Julian Andres Klode]

Dear release team, I report this problem as we have switched our package 
management
stack in wheezy from update-manager and other components to PackageKit. Those
old components are still in wheezy however, and especially update-manager can
be considered to be horribly dangerous: It might break systems or contain 
extreme
security issues as it has not seen someone really care about it since 2 years.

We cannot simply remove update-manager however, as there are reverse
dependencies. The most important ones appear to be:

  * upgrade-system
  * update-notifier

We could simply drop upgrade-system from testing. For update-notifier, we cannot
do this, as update-notifier-kde depends on update-notifier-common, and there are
no other notifiers for KDE AFAIK. I could however upload an empty 
update-notifier
package (for GNOME) that switches the user to the PackageKit notifier, thus
removing that reverse dependency.

Summary of the proposed solution:
1. Remove upgrade-system from testing
2. Replace update-notifier binary package with a package transitioning
   users to gnome-packagekit
3. Remove update-manager from testing or transition users to PackageKit

Please let me know what you think, and if I missed something.

PS: Yes, I know that we're late in freeze, but I feel that we should not have
that package in a stable release.

PPS: Please keep me CCed (and maybe pkg-gnome-maintainers as well)
-- 
Julian Andres Klode  - Debian Developer, Ubuntu Member

See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.


pgpGpV9dOPk96.pgp
Description: PGP signature

Re: Advice needed: update-manager in wheezy considered dangerous

[Michael Gilbert]

On Mon, Mar 11, 2013 at 7:42 PM, Julian Andres Klode  wrote:
 Dear release team, I report this problem as we have switched our package 
 management
 stack in wheezy from update-manager and other components to PackageKit. Those
 old components are still in wheezy however, and especially update-manager can
 be considered to be horribly dangerous: It might break systems or contain 
 extreme
 security issues as it has not seen someone really care about it since 2 years.

In my opinion, it is really way too late for this.  If you want to
discourage people from using update-manager in wheezy, a patch to the
release notes would be most helpful.  Otherwise, let's not waste time
on a rather disruptive change when it can wait till the start of
jessie.

Best wishes
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mps-ohh04odfe42jflyudaehwp+caeuadht9qzwb9o...@mail.gmail.com

Re: Advice needed: update-manager in wheezy considered dangerous

[Julian Andres Klode]

On Mon, Mar 11, 2013 at 07:52:24PM -0400, Michael Gilbert wrote:
 On Mon, Mar 11, 2013 at 7:42 PM, Julian Andres Klode  wrote:
  Dear release team, I report this problem as we have switched our package 
  management
  stack in wheezy from update-manager and other components to PackageKit. 
  Those
  old components are still in wheezy however, and especially update-manager 
  can
  be considered to be horribly dangerous: It might break systems or contain 
  extreme
  security issues as it has not seen someone really care about it since 2 
  years.
 
 In my opinion, it is really way too late for this.  If you want to
 discourage people from using update-manager in wheezy, a patch to the
 release notes would be most helpful.  Otherwise, let's not waste time
 on a rather disruptive change when it can wait till the start of
 jessie.

This seems like a much better idea, yes. I just hope enough people
read those.

-- 
Julian Andres Klode  - Debian Developer, Ubuntu Member

See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130312005949.ga23...@debian.org

Re: Advice needed: update-manager in wheezy considered dangerous

[Russ Allbery]

Julian Andres Klode j...@debian.org writes:
 On Mon, Mar 11, 2013 at 07:52:24PM -0400, Michael Gilbert wrote:

 In my opinion, it is really way too late for this.  If you want to
 discourage people from using update-manager in wheezy, a patch to the
 release notes would be most helpful.  Otherwise, let's not waste time
 on a rather disruptive change when it can wait till the start of
 jessie.

 This seems like a much better idea, yes. I just hope enough people
 read those.

In this particular upgrade, I think there's some possibility (depending on
whether we can track down all the odd dependency loops or not) that people
who don't read the release notes are going to get the infamous could not
perform immediate configuration error from apt.  So chances may be higher
this upgrade than many.  :)

-- 
Russ Allbery (r...@debian.org)   http://www.eyrie.org/~eagle/


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87zjy9jx7o@windlord.stanford.edu

Re: Advice needed: update-manager in wheezy considered dangerous

[Julian Andres Klode]

On Tue, Mar 12, 2013 at 01:04:25AM +0100, Julian Andres Klode wrote:
 On Mon, Mar 11, 2013 at 07:52:24PM -0400, Michael Gilbert wrote:
  On Mon, Mar 11, 2013 at 7:42 PM, Julian Andres Klode  wrote:
   Dear release team, I report this problem as we have switched our package 
   management
   stack in wheezy from update-manager and other components to PackageKit. 
   Those
   old components are still in wheezy however, and especially update-manager 
   can
   be considered to be horribly dangerous: It might break systems or contain 
   extreme
   security issues as it has not seen someone really care about it since 2 
   years.
  
  In my opinion, it is really way too late for this.  If you want to
  discourage people from using update-manager in wheezy, a patch to the
  release notes would be most helpful.  Otherwise, let's not waste time
  on a rather disruptive change when it can wait till the start of
  jessie.
 
 This seems like a much better idea, yes. I just hope enough people
 read those.

Thinking further, it might also make sense to add a warning to the
description of the update-manager packages as well; to prevent
new installations.

-- 
Julian Andres Klode  - Debian Developer, Ubuntu Member

See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130312011250.ga23...@debian.org

Re: Advice needed: update-manager in wheezy considered dangerous

[Martin-Éric Racine]

2013/3/12 Julian Andres Klode j...@debian.org:
 Dear release team, I report this problem as we have switched our package 
 management
 stack in wheezy from update-manager and other components to PackageKit. Those
 old components are still in wheezy however, and especially update-manager can
 be considered to be horribly dangerous: It might break systems or contain 
 extreme
 security issues as it has not seen someone really care about it since 2 years.

 We cannot simply remove update-manager however, as there are reverse
 dependencies. The most important ones appear to be:

   * upgrade-system
   * update-notifier

 We could simply drop upgrade-system from testing. For update-notifier, we 
 cannot
 do this, as update-notifier-kde depends on update-notifier-common, and there 
 are
 no other notifiers for KDE AFAIK. I could however upload an empty 
 update-notifier
 package (for GNOME) that switches the user to the PackageKit notifier, thus
 removing that reverse dependency.

 Summary of the proposed solution:
 1. Remove upgrade-system from testing

I really don't see the point in removing upgrade-system from Testing,
since the dependency relationship is merely a Suggests.

Martin-Éric


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CAPZXPQdVB=9wsowbwzrljimvbtfqom8pesfdyvwmyo1crp0...@mail.gmail.com