Re: non-free license: requires to obey US export regulation even, when not in the US
On Thu, Mar 28, 2013 at 02:17:18PM +0100, Michael Stapelberg wrote: ... > Can we just ignore this bug for wheezy? To me, the licensing intention > seems very clear. Can it be closed even? I don't think this bug applies at all. -- mattia :wq! -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130329235224.ga24...@kamineko.org
Bug#704215: marked as done (unblock: resiprocate - built against newer boost-dev)
Your message dated Fri, 29 Mar 2013 21:23:54 + with message-id and subject line Re: Bug#704215: unblock: resiprocate - built against newer boost-dev has caused the Debian Bug report #704215, regarding unblock: resiprocate - built against newer boost-dev to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 704215: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704215 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal I've found that one of the binaries, resiprocate-turn-server, needs to be built again with the latest gcc and boost-dev or it fails to run The root cause appears to be this issue: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654425 and the bug report concerning the impact on my package is: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704213 Please confirm if I should do the upload with a new version number (1.8.5-4), or if there is some other way to force it to be rebuilt for the existing version? If I upload a new version, there will be no changes except a changelog entry. --- End Message --- --- Begin Message --- user release.debian@packages.debian.org usertags 704215 unblock thanks On 29.03.2013 14:22, Daniel Pocock wrote: Package: release.debian.org Severity: normal Please either use reportbug or add the relevant usertags yourself. I've found that one of the binaries, resiprocate-turn-server, needs to be built again with the latest gcc and boost-dev or it fails to run [..] Please confirm if I should do the upload with a new version number (1.8.5-4), or if there is some other way to force it to be rebuilt for the existing version? If I upload a new version, there will be no changes except a changelog entry. As several people have pointed out already, there are several "if"s in the above paragraph which were overtaken by the fact that you uploaded in any case. For future reference, the more appropriate solution would have been a binNMU on whichever architecture your misbuilt upload was made from. As it is, it's too late for that in unstable at least. Your upload has already either built or started building on all architectures, so I've unblocked it. Regards, Adam--- End Message ---
Bug#704215: unblock: resiprocate - built against newer boost-dev
On 29.03.2013 20:40, Daniel Pocock wrote: On 29/03/13 20:37, Julien Cristau wrote: On Fri, Mar 29, 2013 at 18:38:26 +0100, Daniel Pocock wrote: Axel, I'm sorry for the misunderstanding, I didn't realise that a positive confirmation was always needed to upload to unstable. Due to the holiday weekend, I won't be spending a lot of time at my desk and did the upload proactively so that the issue can be fixed and not hold up the release. Don't worry, there's 0 chance of resiprocate holding up the release. [...] There are obviously many people out their in IT who keep their knowledge, bug fixes, etc to themselves and see it as a way of making a living. I've always had the impression that Debian strives to be the opposite of that, bringing people solutions openly, and that is all I've tried to do here when I discovered a problem today (on a public holiday too incidentally) and provided a detailed analysis, identification of the root cause and comments on how other packages may be impacted. Interesting an insight as that was, I'm not entirely sure what it had to do with Julien's mail. Regards, Adam (also somewhere it's a public holiday and on the end of a somewhat flaky 3G connection but not convinced either of them are relevant to the fact that I'm doing stuff) -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/edc74d41b97133f7b906ce2cf4764...@mail.adsl.funky-badger.org
Bug#704218: marked as done (unblock: bind9/1:9.8.4.dfsg.P1-6+nmu1)
Your message dated Fri, 29 Mar 2013 21:06:05 +
with message-id <801064e176e913c1aa7c284829953...@mail.adsl.funky-badger.org>
and subject line Re: Bug#704218: unblock: bind9/1:9.8.4.dfsg.P1-6+nmu1
has caused the Debian Bug report #704218,
regarding unblock: bind9/1:9.8.4.dfsg.P1-6+nmu1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
704218: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704218
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hi Release Team
Please unblock package bind9
Michael Gilbert uploaded bind9/1:9.8.4.dfsg.P1-6+nmu1 with fixes for
two CVEs:
bind9 (1:9.8.4.dfsg.P1-6+nmu1) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix cve-2012-5689: issue in nameservers using DNS64 to perform a
lookup for a record with an A record overwrite rule in a Response Policy
Zone (closes: #699145).
* Fix cve-2013-2266: issues in regular expression handling (closes: #704174).
could these changes be unblocked for wheezy? Attached is the produced
debdiff against current version in testing.
unblock bind9/1:9.8.4.dfsg.P1-6+nmu1
Thanks in advance and regards,
Salvatore
Base version: bind9_1:9.8.4.dfsg.P1-6 from testing
Target version: bind9_1:9.8.4.dfsg.P1-6+nmu1 from unstable
No hints in place.
Excuses:
bind9 (1:9.8.4.dfsg.P1-6 to 1:9.8.4.dfsg.P1-6+nmu1)
Maintainer: LaMont Jones
Too young, only 0 of 2 days old
Not touching package due to block request by freeze (contact debian-release if update is needed)
Updating bind9 fixes old bugs: #704174
Not considered
bin/named/query.c | 28
config.h.in |3 ---
configure |2 +-
configure.in |2 +-
debian/changelog | 10 ++
5 files changed, 40 insertions(+), 5 deletions(-)
diff -u bind9-9.8.4.dfsg.P1/configure.in bind9-9.8.4.dfsg.P1/configure.in
--- bind9-9.8.4.dfsg.P1/configure.in
+++ bind9-9.8.4.dfsg.P1/configure.in
@@ -298,7 +298,7 @@
AC_HEADER_STDC
-AC_CHECK_HEADERS(fcntl.h regex.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,,
+AC_CHECK_HEADERS(fcntl.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,,
[$ac_includes_default
#ifdef HAVE_SYS_PARAM_H
# include
diff -u bind9-9.8.4.dfsg.P1/config.h.in bind9-9.8.4.dfsg.P1/config.h.in
--- bind9-9.8.4.dfsg.P1/config.h.in
+++ bind9-9.8.4.dfsg.P1/config.h.in
@@ -289,9 +289,6 @@
/* Define if your OpenSSL version supports GOST. */
#undef HAVE_OPENSSL_GOST
-/* Define to 1 if you have the header file. */
-#undef HAVE_REGEX_H
-
/* Define to 1 if you have the `setegid' function. */
#undef HAVE_SETEGID
diff -u bind9-9.8.4.dfsg.P1/configure bind9-9.8.4.dfsg.P1/configure
--- bind9-9.8.4.dfsg.P1/configure
+++ bind9-9.8.4.dfsg.P1/configure
@@ -12862,7 +12862,7 @@
fi
-for ac_header in fcntl.h regex.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h
+for ac_header in fcntl.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h
do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
diff -u bind9-9.8.4.dfsg.P1/bin/named/query.c bind9-9.8.4.dfsg.P1/bin/named/query.c
--- bind9-9.8.4.dfsg.P1/bin/named/query.c
+++ bind9-9.8.4.dfsg.P1/bin/named/query.c
@@ -6136,6 +6136,7 @@
client->attributes &= ~(NS_CLIENTATTR_WANTDNSSEC |
DNS_MESSAGEFLAG_AD);
query_putrdataset(client, &sigrdataset);
+ rpz_st->q.is_zone = is_zone;
is_zone = ISC_TRUE;
rpz_log_rewrite(client, ISC_FALSE, rpz_st->m.policy,
rpz_st->m.type, zone, rpz_st->p_name);
@@ -6513,6 +6514,15 @@
rdataset = NULL;
sigrdataset = NULL;
type = qtype = dns_rdatatype_a;
+ rpz_st = client->query.rpz_st;
+ if (rpz_st != NULL) {
+/*
+ * Arrange for RPZ rewriting of any A records.
+ */
+if ((rpz_st->state & DNS_RPZ_REWRITTEN) != 0)
+ is_zone = rpz_st->q.is_zone;
+rpz_st_clear(client);
+ }
dns64 = ISC_TRUE;
goto db_find;
}
@@ -6771,6 +6781,15 @@
sigrdataset = NULL;
fname = NULL;
type = qtype = dns_rdatatype_a;
+ rpz_st = client->query.rpz_st;
+ if (rpz_st != NULL) {
+/*
+ * Arrange for RPZ rewriting of any A records.
+ */
+if ((rpz_st->state & DNS_RPZ_REWRITTEN) != 0)
+ is_zone = rpz_st->q.is_zone;
+rpz_st_clear(client);
+ }
dns64 = ISC
Bug#704227: unblock: freebsd-utils/9.0+ds1-11
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Dear Release Team, Please consider unblocking freebsd-utils/9.0+ds1-11 Due to a bug in their initscripts, some kfreebsd-* NFS-related daemons would try to start more than once, which I think violates policy, but seemed to have no ill effects. A related issue with the 'stop' action caused sleeps of 30 seconds, for each of these daemons, upon shutdown/reboot/package upgrade. This also meant a KILL signal was used instead of something more appropriate. This is not a regression introduced by freebsd-utils/9.0+ds1-10, but now having three daemons with this problem on a typical NFS server (nfsd, rpc.statd, rpc.lockd) makes it more noticeable and annoying. The fix for this was trivial, is represented in the attached debdiff, and has been tested on real systems. The udebs are unchanged. Thank you, Regards, -- Steven Chamberlain ste...@pyro.eu.org diff -Nru freebsd-utils-9.0+ds1/debian/changelog freebsd-utils-9.0+ds1/debian/changelog --- freebsd-utils-9.0+ds1/debian/changelog 2013-03-18 10:58:29.0 + +++ freebsd-utils-9.0+ds1/debian/changelog 2013-03-27 14:56:47.0 + @@ -1,3 +1,13 @@ +freebsd-utils (9.0+ds1-11) unstable; urgency=low + + * Don't use --pidfile when starting/stopping daemons that don't create one: +- Prevents trying to start nfsd, rpc.lockd, rpc.statd more than once + (Closes: #700245) +- Fixes a 30-second delay as each service is stopped (Closes: #700249) + * Stop nfsd with the correct signal USR1, since it ignores TERM + + -- Steven Chamberlain Wed, 27 Mar 2013 13:16:03 + + freebsd-utils (9.0+ds1-10) unstable; urgency=low * Import patch by Steven Chamberlain to make rpc.lockd start without diff -Nru freebsd-utils-9.0+ds1/debian/freebsd-nfs-common.rpc.lockd.init freebsd-utils-9.0+ds1/debian/freebsd-nfs-common.rpc.lockd.init --- freebsd-utils-9.0+ds1/debian/freebsd-nfs-common.rpc.lockd.init 2013-03-18 10:32:55.0 + +++ freebsd-utils-9.0+ds1/debian/freebsd-nfs-common.rpc.lockd.init 2013-03-27 14:19:55.0 + @@ -38,9 +38,9 @@ # 0 if daemon has been started # 1 if daemon was already running # 2 if daemon could not be started - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + start-stop-daemon --start --quiet --exec $DAEMON --test > /dev/null \ || return 1 - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ + start-stop-daemon --start --quiet --exec $DAEMON -- \ $DAEMON_ARGS \ || return 2 # Add code here, if necessary, that waits for the process to be ready @@ -58,7 +58,7 @@ # 1 if daemon was already stopped # 2 if daemon could not be stopped # other if a failure occurred - start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --name $NAME RETVAL="$?" [ "$RETVAL" = 2 ] && return 2 # Wait for children to finish too if this is a daemon that forks diff -Nru freebsd-utils-9.0+ds1/debian/freebsd-nfs-common.rpc.statd.init freebsd-utils-9.0+ds1/debian/freebsd-nfs-common.rpc.statd.init --- freebsd-utils-9.0+ds1/debian/freebsd-nfs-common.rpc.statd.init 2013-03-18 10:32:55.0 + +++ freebsd-utils-9.0+ds1/debian/freebsd-nfs-common.rpc.statd.init 2013-03-27 14:19:55.0 + @@ -40,9 +40,9 @@ # 0 if daemon has been started # 1 if daemon was already running # 2 if daemon could not be started - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + start-stop-daemon --start --quiet --exec $DAEMON --test > /dev/null \ || return 1 - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ + start-stop-daemon --start --quiet --exec $DAEMON -- \ $DAEMON_ARGS \ || return 2 # Add code here, if necessary, that waits for the process to be ready @@ -60,7 +60,7 @@ # 1 if daemon was already stopped # 2 if daemon could not be stopped # other if a failure occurred - start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --name $NAME RETVAL="$?" [ "$RETVAL" = 2 ] && return 2 # Wait for children to finish too if this is a daemon that forks diff -Nru freebsd-utils-9.0+ds1/debian/freebsd-nfs-server.nfsd.init freebsd-utils-9.0+ds1/debian/freebsd-nfs-server.nfsd.init --- freebsd-utils-9.0+ds1/debian/freebsd-nfs-server.nfsd.init 2013-03-18 10:32:55.0 + +++ freebsd-utils-9.0+ds1/debian/freebsd-nfs-server.nfsd.init 2013-03-27 14:19:55.
Bug#704218: unblock: bind9/1:9.8.4.dfsg.P1-6+nmu1
On Fri, Mar 29, 2013 at 16:38:57 -0400, Michael Gilbert wrote: > On Fri, Mar 29, 2013 at 4:08 PM, Adam D. Barratt wrote: > > > Control: tags -1 + moreinfo > > > > > > On 29.03.2013 15:01, Salvatore Bonaccorso wrote: > > > >> bind9 (1:9.8.4.dfsg.P1-6+nmu1) unstable; urgency=high > >> . > >>* Non-maintainer upload by the Security Team. > >>* Fix cve-2012-5689: issue in nameservers using DNS64 to perform a > >> lookup for a record with an A record overwrite rule in a Response > >> Policy > >> Zone (closes: #699145). > >> > > > > fwiw, this issue isn't marked as RC currently. The bug log notes that > > there wasn't a production quality patch available and instead the plan was > > to document how to avoid the issue, which Moritz seemed happy with. What > > changed? > > > A production-ready patch. > Not in the bug log there wasn't. > > * Fix cve-2013-2266: issues in regular expression handling > >> (closes: #704174). > >> > > > > and that one appears to have been NMUed around four hours after it was > > filed, which I'm not overjoyed about. > > > > You're aware that this is easily exploited in the wild already? > You're aware that you're not the bind9 maintainer, and so you don't get to NMU without talking to him first? Cheers, Julien signature.asc Description: Digital signature
Bug#704218: unblock: bind9/1:9.8.4.dfsg.P1-6+nmu1
On Fri, Mar 29, 2013 at 4:08 PM, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > > On 29.03.2013 15:01, Salvatore Bonaccorso wrote: > >> bind9 (1:9.8.4.dfsg.P1-6+nmu1) unstable; urgency=high >> . >>* Non-maintainer upload by the Security Team. >>* Fix cve-2012-5689: issue in nameservers using DNS64 to perform a >> lookup for a record with an A record overwrite rule in a Response >> Policy >> Zone (closes: #699145). >> > > fwiw, this issue isn't marked as RC currently. The bug log notes that > there wasn't a production quality patch available and instead the plan was > to document how to avoid the issue, which Moritz seemed happy with. What > changed? A production-ready patch. > * Fix cve-2013-2266: issues in regular expression handling >> (closes: #704174). >> > > and that one appears to have been NMUed around four hours after it was > filed, which I'm not overjoyed about. > You're aware that this is easily exploited in the wild already? Best wishes, Mike
Bug#704215: unblock: resiprocate - built against newer boost-dev
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 29/03/13 20:37, Julien Cristau wrote: > On Fri, Mar 29, 2013 at 18:38:26 +0100, Daniel Pocock wrote: > >> Axel, I'm sorry for the misunderstanding, I didn't realise that >> a positive confirmation was always needed to upload to unstable. >> Due to the holiday weekend, I won't be spending a lot of time at >> my desk and did the upload proactively so that the issue can be >> fixed and not hold up the release. >> > Don't worry, there's 0 chance of resiprocate holding up the > release. > These issues don't even impact my own use of the packages, I only share them in the hope that the wider user base will benefit from it. There are obviously many people out their in IT who keep their knowledge, bug fixes, etc to themselves and see it as a way of making a living. I've always had the impression that Debian strives to be the opposite of that, bringing people solutions openly, and that is all I've tried to do here when I discovered a problem today (on a public holiday too incidentally) and provided a detailed analysis, identification of the root cause and comments on how other packages may be impacted. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCAAGBQJRVfwuAAoJEOm1uwJp1aqDcWMP/1ZuiCVwUYbTkctEIcV8sn1D M7J7oNzcvTW2Sg25wnGMV9JadTR5cvRHRmAEI5r8Zt2hCSSuNZbRmPqyw80AYMU5 JgOIfVOKw7IIq2FTVpHt4EnBpZE+1C6jqfDJlsxSAatYv1Hi9ONF3kra7gyhK4wg FgDAbeP5Q5peO1hJ+OUrG/qp7KZR5BHX6JlYRHtJgQYxeUH2U1DuYbsdu2mCJZZf Yn4XGyhkw1wvGO1OE6apMae9Q2JhKOCLLMDw1TBINJTbPLfvqY2FBbYbHq65JF8u yQ/SBoIJ+izCvj2eWqd97ssarVCwECGXvu03ToAsf/qVGjOapiyrHJcgeYctrkVx OlPqlA2cKYFHWW3LKkP6YhhC92iGqzOttoOy5A7UIvtHnBEc6e3pqUCneeTfY5mS uMDY9LkQku6kq6PW8oCxpb+3nKLJu/OOfBl42aW9C4Yi/rjtMSn/i2oy/d41u6ua AgLyZEXHw8kNf5zhbsp3bk/6UTLIMwEKUyDGvFaeXoFTF/tkoIC87d/1+EmnfekN cumg4sa3EM9iBjIG6e4B5i++Cfwcj9tHP65sMh2IWmTK3xTrZuWrMtpYFhR9VFja 6jhwQeyrMXRiETzeQw/GMtYeFWFjo37aowErJ4eDUGQzQjwSbzGe8Pg4XZoFsEDO 8kLQhQ7ja7PGedOXooP9 =QDw0 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5155fc2e.4060...@pocock.com.au
Bug#695201: Bug#704222: release.debian.org: Request for wheezy-ignore tag: bug #693577 (libfso-glib: not properly built from source)
On Fri, Mar 29, 2013 at 07:40:17PM +, Adam D. Barratt wrote: > It was already requested in #695201, where Julien raised some > concerns. OK. Thanks for merging. On Wed, Dec 5, 2012 at 10:02:57PM +0800, Paul Wise wrote: >> What's causing the ABI change? Is it due to using a different >> fso-specs version than the one which was used to generate current >> libfso-glib? > Correct. > > > That would mean that we're not only not building from source, > > but we're also not actually shipping the source anywhere, and I > > don't think that should be ignored. > Hmm, ok. I see the following resolutions: 1. uploading an older fso-specs version to sid, which should avoid the API change. Let fso-specs migrate to wheezy and ignore the bug in libfso-glib. 2. uploading an older fso-specs version to sid, which should avoid the API change. Then fix the libfso-glib package. Then both should be able to migrate to testing. 3. use the new API, and binNMU all packages depending on it. 4. ignore everything for wheezy 5. remove the FSO/SHR stack from testing (libfso-glib is a reverse dependency for almost all components) Option 1 doesn't make much sense, since fixing the bug in libfso-glib should be easy with a matching fso-specs. I guess it's too late in the release process for option 3. Personally I would prefer solution 4. It's not like there is no source at all - upstream delivers libfso-glib with the pregenerated code. Previously this kind of code had been written by hand without the xml abstraction anyway. Option 5 is also a possibility. The FSO/SHR stack is not that popular. According to popcon there are 10 users. -- Sebastian signature.asc Description: Digital signature
Processed: Re: Bug#704218: unblock: bind9/1:9.8.4.dfsg.P1-6+nmu1
Processing control commands: > tags -1 + moreinfo Bug #704218 [release.debian.org] unblock: bind9/1:9.8.4.dfsg.P1-6+nmu1 Added tag(s) moreinfo. -- 704218: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704218 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b704218.136458773710830.transcr...@bugs.debian.org
Bug#704218: unblock: bind9/1:9.8.4.dfsg.P1-6+nmu1
Control: tags -1 + moreinfo On 29.03.2013 15:01, Salvatore Bonaccorso wrote: bind9 (1:9.8.4.dfsg.P1-6+nmu1) unstable; urgency=high . * Non-maintainer upload by the Security Team. * Fix cve-2012-5689: issue in nameservers using DNS64 to perform a lookup for a record with an A record overwrite rule in a Response Policy Zone (closes: #699145). fwiw, this issue isn't marked as RC currently. The bug log notes that there wasn't a production quality patch available and instead the plan was to document how to avoid the issue, which Moritz seemed happy with. What changed? * Fix cve-2013-2266: issues in regular expression handling (closes: #704174). and that one appears to have been NMUed around four hours after it was filed, which I'm not overjoyed about. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/b84bea2fe53dd8f17476d8b38956b...@mail.adsl.funky-badger.org
Processed: Re: Bug#704222: release.debian.org: Request for wheezy-ignore tag: bug #693577 (libfso-glib: not properly built from source)
Processing control commands: > forcemerge 695201 -1 Bug #695201 [release.debian.org] wheezy-ignore tag for RC bug #693577 in libfso-glib Bug #704222 [release.debian.org] release.debian.org: Request for wheezy-ignore tag: bug #693577 (libfso-glib: not properly built from source) Merged 695201 704222 -- 695201: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695201 704222: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704222 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b704222.136458602530116.transcr...@bugs.debian.org
Bug#704222: release.debian.org: Request for wheezy-ignore tag: bug #693577 (libfso-glib: not properly built from source)
Control: forcemerge 695201 -1 On 29.03.2013 18:27, Sebastian Reichel wrote: Fixing #693577 in wheezy requires either a transition or a reupload of fso-specs in an older version (which is my fault :(). I suggest to add a wheezy-ignore tag to bug #693577. I also think this is a serious bug, but IMHO it's acceptable to use upstream's pregenerated source code for wheezy. P.S.: Sorry for the late request. I thought it had already been done. It was already requested in #695201, where Julien raised some concerns. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/51e061af5adc5599b3130fb5c7ce3...@mail.adsl.funky-badger.org
Bug#704215: unblock: resiprocate - built against newer boost-dev
On Fri, Mar 29, 2013 at 18:38:26 +0100, Daniel Pocock wrote: > Axel, I'm sorry for the misunderstanding, I didn't realise that a > positive confirmation was always needed to upload to unstable. Due to > the holiday weekend, I won't be spending a lot of time at my desk and > did the upload proactively so that the issue can be fixed and not hold > up the release. > Don't worry, there's 0 chance of resiprocate holding up the release. Cheers, Julien signature.asc Description: Digital signature
Bug#704215: unblock: resiprocate - built against newer boost-dev
On 29.03.2013 17:38, Daniel Pocock wrote: On 29/03/13 17:56, Axel Beckert wrote: Daniel Pocock wrote: Please confirm if I should do the upload with a new version number (1.8.5-4), You seem to have uploaded that already, but I haven't seen any confirmation on debian-release for that. Despite... [...] Axel, I'm sorry for the misunderstanding, I didn't realise that a positive confirmation was always needed to upload to unstable. Due to the holiday weekend, I won't be spending a lot of time at my desk and did the upload proactively so that the issue can be fixed and not hold up the release. Whilst in general confirmation would indeed not be required, I'm struggling to find a way of interpreting "please confirm if I should do the upload" that means anything other than you were waiting for confirmation before proceeding. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e687ffbec731009173af6400fb187...@mail.adsl.funky-badger.org
Bug#704222: release.debian.org: Request for wheezy-ignore tag: bug #693577 (libfso-glib: not properly built from source)
Package: release.debian.org Severity: normal Hi, Fixing #693577 in wheezy requires either a transition or a reupload of fso-specs in an older version (which is my fault :(). I suggest to add a wheezy-ignore tag to bug #693577. I also think this is a serious bug, but IMHO it's acceptable to use upstream's pregenerated source code for wheezy. P.S.: Sorry for the late request. I thought it had already been done. -- Sebastian -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130329182730.861.77018.reportbug@earth.universe
Bug#704215: unblock: resiprocate - built against newer boost-dev
Hi Daniel, Daniel Pocock wrote: > On 29/03/13 17:56, Axel Beckert wrote: > > Daniel Pocock wrote: > >> Please confirm if I should do the upload with a new version number > >> (1.8.5-4), > > > > You seem to have uploaded that already, but I haven't seen any > > confirmation on debian-release for that. Despite... > > > >> or if there is some other way to force it to be rebuilt for > >> the existing version? > > > > ... there is a very common way to do such rebuilds called "Binary NMU" > > or binnmu for short. Why didn't you wait for the confirmation you > > requested? > > Axel, I'm sorry for the misunderstanding, I didn't realise that a > positive confirmation was always needed to upload to unstable. There isn't (unless you don't want to block the possibility for your package to propagate from unstable to testing during the freeze) and I didn't claim that. You asked "if there is some other way to force it to be rebuilt the existing version?" -- for me, this implies that you will wait for an answer before continuing to upload. So why bother asking if you upload anyway without waiting for answers? Regards, Axel -- ,''`. | Axel Beckert , http://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE `-| 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130329175650.gl28...@sym.noone.org
Bug#704215: unblock: resiprocate - built against newer boost-dev
On 29/03/13 17:56, Axel Beckert wrote: > Hi, > > Daniel Pocock wrote: >> Please confirm if I should do the upload with a new version number >> (1.8.5-4), > > You seem to have uploaded that already, but I haven't seen any > confirmation on debian-release for that. Despite... > >> or if there is some other way to force it to be rebuilt for >> the existing version? > > ... there is a very common way to do such rebuilds called "Binary NMU" > or binnmu for short. Why didn't you wait for the confirmation you > requested? Axel, I'm sorry for the misunderstanding, I didn't realise that a positive confirmation was always needed to upload to unstable. Due to the holiday weekend, I won't be spending a lot of time at my desk and did the upload proactively so that the issue can be fixed and not hold up the release. I believe the binNMU would also be suitable in this case, as there is no change to the source or packaging artifacts. I'm quite happy for the release team to prefer a binNMU for 1.8.5-3 and not unblock 1.8.5-4. On 29/03/13 17:37, Evgeni Golov wrote: > On 03/29/2013 03:22 PM, Daniel Pocock wrote: >> I've found that one of the binaries, resiprocate-turn-server, needs to >> be built again with the latest gcc and boost-dev or it fails to run > > Why was/is this not handled by a binNMU? Are there other packages > (theoretically) affected? As for the impact on other packages: I would say there is a definite possibility that packages would have this bug if the following conditions exist: a) package compiled with gcc 4.7 b) libboost-dev < 1.46 was present on the build machine at the time of compile The problem would only be observed in a binary when it first tries to use a thread. - reTurnServer starts a thread at startup, so the problem is noticed immediately. Binaries that only start threads some time later may not stop so obviously. - reTurnServer has a catch-block that catches exceptions and logs an error. Binaries that don't have such a catch block may appear to just stop mysteriously without any immediate clues about the problem. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5155d192.6070...@pocock.com.au
Bug#704215: unblock: resiprocate - built against newer boost-dev
Hi, Daniel Pocock wrote: > Please confirm if I should do the upload with a new version number > (1.8.5-4), You seem to have uploaded that already, but I haven't seen any confirmation on debian-release for that. Despite... > or if there is some other way to force it to be rebuilt for > the existing version? ... there is a very common way to do such rebuilds called "Binary NMU" or binnmu for short. Why didn't you wait for the confirmation you requested? Regards, Axel -- ,''`. | Axel Beckert , http://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE `-| 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130329165611.gk28...@sym.noone.org
Bug#704215: unblock: resiprocate - built against newer boost-dev
On 03/29/2013 03:22 PM, Daniel Pocock wrote: > I've found that one of the binaries, resiprocate-turn-server, needs to > be built again with the latest gcc and boost-dev or it fails to run Why was/is this not handled by a binNMU? Are there other packages (theoretically) affected? -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5155c335.9070...@debian.org
Bug#703581: marked as done (unblock: e2fsprogs/1.42.5-1.1)
Your message dated Fri, 29 Mar 2013 15:31:22 + with message-id <20130329153122.gc12...@ernie.home.powdarrmonkey.net> and subject line Re: Bug#703581: unblock: e2fsprogs/1.42.5-1.1 has caused the Debian Bug report #703581, regarding unblock: e2fsprogs/1.42.5-1.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 703581: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703581 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Please unblock package e2fsprogs Closes #698879 This is also a request for udeb-unblock from the installer team. unblock e2fsprogs/1.42.5-1.1 - -- System Information: Debian Release: wheezy/sid APT prefers raring-updates APT policy: (500, 'raring-updates'), (500, 'raring-security'), (500, 'raring'), (100, 'raring-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.8.0-13-generic (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJRSm0SAAoJEIh7YGGLPBauB6MP/iTl4ulKrqAnn9Xr2TPtudd/ Rt12pCLUcJ3KReyE/DHjIKAeiq41IYcr2nZ7087eRuT+EFZGtTWYxHv4U3CX89bT zNWdX2UqUMKQR6xwc/3+BXKbTJOswcjQxnF0qb/8TJbQkhREub5ts7G2dx2SDqWZ x2ke/DOO6lbslO6G/N1+RUYY7fHgpwpQCm0RZF8t17b1xTVVUhhs/awwt1wzoaKi oDAdtU4TidO3FdlYQxBAqAqqT+Jcoj2jzxTmEV4tDeRptowd42PIKmKAyXk3ippA 2o3FgVQNVZ81sMQEN1MDpxhi302YSfyym0x8rS/DTqayIuT1PoQfJ5MzvVI0nukJ x3UGbJhIQokJVMoeFH7sEzftqTJIrAPlVNv7t9OGycYYNlCp1Gn6FO7tmYknWDye 1z91djudgLYcnUHpSU9hh1T8zBTQgavq9E4/oPs4LQlTr64+wamgQLpCVd27LSm3 B4KqylEEHzKB+3KuPcbz9SxfCAGyKnHN0KQKN+R9AgMThdDrv6E7drz8Yy0qMwdB JBpHhXhzAXYwr05LZs6mgmmwjSysIJyFhG2MMs3mCqEo8zsCbwp50uviAKnx4e8F +MOPOZi4AwMN0VGTcYZ4X6svuZt60ugcxozDY7gJ1zOGdpxd3mq5OtVpx6MLE/xy IDNQ6WycVIMro+mgBMTe =DClc -END PGP SIGNATURE- diff -Nru e2fsprogs-1.42.5/debian/changelog e2fsprogs-1.42.5/debian/changelog --- e2fsprogs-1.42.5/debian/changelog 2012-07-30 01:01:45.0 +0100 +++ e2fsprogs-1.42.5/debian/changelog 2013-03-21 00:07:18.0 + @@ -1,3 +1,12 @@ +e2fsprogs (1.42.5-1.1) unstable; urgency=low + + * Non-maintainer upload. + * e2fsck-static, e2fsprogs: let preinst remove a symbolic link in +/usr/share/doc, that should have been replaced with a directory since +1.39+1.40-WIP-2006.10.02+dfsg-1. (Closes: #698879). + + -- Nicolas Boulenguez Fri, 22 Feb 2013 23:14:59 +0100 + e2fsprogs (1.42.5-1) unstable; urgency=low * New upstream version diff -Nru e2fsprogs-1.42.5/debian/e2fsck-static.preinst e2fsprogs-1.42.5/debian/e2fsck-static.preinst --- e2fsprogs-1.42.5/debian/e2fsck-static.preinst 1970-01-01 01:00:00.0 +0100 +++ e2fsprogs-1.42.5/debian/e2fsck-static.preinst 2013-03-21 00:07:18.0 + @@ -0,0 +1,19 @@ +#!/bin/sh + +# Abort on error. +set -e + +PKG=e2fsck-static +DOCLNK=/usr/share/doc/$PKG +if test "$1" = upgrade \ +-a -L $DOCLNK +then +rm $DOCLNK +fi + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff -Nru e2fsprogs-1.42.5/debian/e2fsprogs.preinst e2fsprogs-1.42.5/debian/e2fsprogs.preinst --- e2fsprogs-1.42.5/debian/e2fsprogs.preinst 1970-01-01 01:00:00.0 +0100 +++ e2fsprogs-1.42.5/debian/e2fsprogs.preinst 2013-03-21 00:07:18.0 + @@ -0,0 +1,19 @@ +#!/bin/sh + +# Abort on error. +set -e + +PKG=e2fsprogs +DOCLNK=/usr/share/doc/$PKG +if test "$1" = upgrade \ +-a -L $DOCLNK +then +rm $DOCLNK +fi + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- End Message --- --- Begin Message --- On Thu, Mar 28, 2013 at 09:58:36AM +0100, Cyril Brulebois wrote: > Jonathan Wiltshire (24/03/2013): > > Indeed; tagging and CCing accordingly. > > Should be safe as far as the udeb is concerned, please go ahead. Thanks, unblocked. -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 i have six years of solaris sysadmin experience, from 8->10. i am well qualified to say it is made from bonghits layered on top of bonghits signature.asc Description: Digital signature --- End Message ---
Bug#704215: debdiff
No changes to code, just a rebuild on a machine with latest wheezy boost headers Here is the full debdiff: $ debdiff resiprocate_1.8.5-3.dsc resiprocate_1.8.5-4.dsc diff -Nru resiprocate-1.8.5/debian/changelog resiprocate-1.8.5/debian/changelog --- resiprocate-1.8.5/debian/changelog 2013-03-21 20:31:23.0 +0100 +++ resiprocate-1.8.5/debian/changelog 2013-03-29 16:17:37.0 +0100 @@ -1,3 +1,9 @@ +resiprocate (1.8.5-4) unstable; urgency=low + + * rebuild with latest boost headers (Closes: #704213) + + -- Daniel Pocock Fri, 29 Mar 2013 15:15:27 + + resiprocate (1.8.5-3) unstable; urgency=low * log an error if TLS mappings file missing (Closes: #703644) -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5155b322.5020...@pocock.com.au
Bug#704218: unblock: bind9/1:9.8.4.dfsg.P1-6+nmu1
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hi Release Team
Please unblock package bind9
Michael Gilbert uploaded bind9/1:9.8.4.dfsg.P1-6+nmu1 with fixes for
two CVEs:
bind9 (1:9.8.4.dfsg.P1-6+nmu1) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix cve-2012-5689: issue in nameservers using DNS64 to perform a
lookup for a record with an A record overwrite rule in a Response Policy
Zone (closes: #699145).
* Fix cve-2013-2266: issues in regular expression handling (closes: #704174).
could these changes be unblocked for wheezy? Attached is the produced
debdiff against current version in testing.
unblock bind9/1:9.8.4.dfsg.P1-6+nmu1
Thanks in advance and regards,
Salvatore
Base version: bind9_1:9.8.4.dfsg.P1-6 from testing
Target version: bind9_1:9.8.4.dfsg.P1-6+nmu1 from unstable
No hints in place.
Excuses:
bind9 (1:9.8.4.dfsg.P1-6 to 1:9.8.4.dfsg.P1-6+nmu1)
Maintainer: LaMont Jones
Too young, only 0 of 2 days old
Not touching package due to block request by freeze (contact debian-release if update is needed)
Updating bind9 fixes old bugs: #704174
Not considered
bin/named/query.c | 28
config.h.in |3 ---
configure |2 +-
configure.in |2 +-
debian/changelog | 10 ++
5 files changed, 40 insertions(+), 5 deletions(-)
diff -u bind9-9.8.4.dfsg.P1/configure.in bind9-9.8.4.dfsg.P1/configure.in
--- bind9-9.8.4.dfsg.P1/configure.in
+++ bind9-9.8.4.dfsg.P1/configure.in
@@ -298,7 +298,7 @@
AC_HEADER_STDC
-AC_CHECK_HEADERS(fcntl.h regex.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,,
+AC_CHECK_HEADERS(fcntl.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,,
[$ac_includes_default
#ifdef HAVE_SYS_PARAM_H
# include
diff -u bind9-9.8.4.dfsg.P1/config.h.in bind9-9.8.4.dfsg.P1/config.h.in
--- bind9-9.8.4.dfsg.P1/config.h.in
+++ bind9-9.8.4.dfsg.P1/config.h.in
@@ -289,9 +289,6 @@
/* Define if your OpenSSL version supports GOST. */
#undef HAVE_OPENSSL_GOST
-/* Define to 1 if you have the header file. */
-#undef HAVE_REGEX_H
-
/* Define to 1 if you have the `setegid' function. */
#undef HAVE_SETEGID
diff -u bind9-9.8.4.dfsg.P1/configure bind9-9.8.4.dfsg.P1/configure
--- bind9-9.8.4.dfsg.P1/configure
+++ bind9-9.8.4.dfsg.P1/configure
@@ -12862,7 +12862,7 @@
fi
-for ac_header in fcntl.h regex.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h
+for ac_header in fcntl.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h
do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
diff -u bind9-9.8.4.dfsg.P1/bin/named/query.c bind9-9.8.4.dfsg.P1/bin/named/query.c
--- bind9-9.8.4.dfsg.P1/bin/named/query.c
+++ bind9-9.8.4.dfsg.P1/bin/named/query.c
@@ -6136,6 +6136,7 @@
client->attributes &= ~(NS_CLIENTATTR_WANTDNSSEC |
DNS_MESSAGEFLAG_AD);
query_putrdataset(client, &sigrdataset);
+ rpz_st->q.is_zone = is_zone;
is_zone = ISC_TRUE;
rpz_log_rewrite(client, ISC_FALSE, rpz_st->m.policy,
rpz_st->m.type, zone, rpz_st->p_name);
@@ -6513,6 +6514,15 @@
rdataset = NULL;
sigrdataset = NULL;
type = qtype = dns_rdatatype_a;
+ rpz_st = client->query.rpz_st;
+ if (rpz_st != NULL) {
+/*
+ * Arrange for RPZ rewriting of any A records.
+ */
+if ((rpz_st->state & DNS_RPZ_REWRITTEN) != 0)
+ is_zone = rpz_st->q.is_zone;
+rpz_st_clear(client);
+ }
dns64 = ISC_TRUE;
goto db_find;
}
@@ -6771,6 +6781,15 @@
sigrdataset = NULL;
fname = NULL;
type = qtype = dns_rdatatype_a;
+ rpz_st = client->query.rpz_st;
+ if (rpz_st != NULL) {
+/*
+ * Arrange for RPZ rewriting of any A records.
+ */
+if ((rpz_st->state & DNS_RPZ_REWRITTEN) != 0)
+ is_zone = rpz_st->q.is_zone;
+rpz_st_clear(client);
+ }
dns64 = ISC_TRUE;
goto db_find;
}
@@ -7271,6 +7290,15 @@
rdataset = NULL;
sigrdataset = NULL;
type = qtype = dns_rdatatype_a;
+ rpz_st = client->query.rpz_st;
+ if (rpz_st != NULL) {
+/*
+ * Arrange for RPZ rewriting of any A records.
+ */
+if ((rpz_st->state & DNS_RPZ_REWRITTEN) != 0)
+ is_zone = rpz_st->q.is_zone;
+rpz_st_clear(client);
+ }
dns64_exclude = dns64 = ISC_TRUE;
goto db_find;
}
diff -u bind9-9.8.4.dfsg.P1/debian/changelog bind9-9.8.4.dfsg.P1/debian/changelog
--- bind9-9.8.4.dfsg.P1/debian/changelog
+++ bind9-9.8.4.dfsg.P1/debian/changelog
@@ -1,3 +1,13 @@
+bind9 (1:9.8.4.dfsg.P1-6+nmu1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fix cve-2012-5689: issue in nameservers using DNS64 to perform a
+lookup for a record with an A record overwrite rule in a Response Po
Bug#704215: unblock: resiprocate - built against newer boost-dev
Package: release.debian.org Severity: normal I've found that one of the binaries, resiprocate-turn-server, needs to be built again with the latest gcc and boost-dev or it fails to run The root cause appears to be this issue: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654425 and the bug report concerning the impact on my package is: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704213 Please confirm if I should do the upload with a new version number (1.8.5-4), or if there is some other way to force it to be rebuilt for the existing version? If I upload a new version, there will be no changes except a changelog entry. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5155a3b5.7020...@pocock.com.au
Bug#704143: marked as done (unblock: olsrd/0.6.2-2.1)
Your message dated Fri, 29 Mar 2013 13:07:32 +
with message-id <8dfd10cb04831c72b61f1f8e199f9...@mail.adsl.funky-badger.org>
and subject line Re: Bug#704143: unblock: olsrd/0.6.2-2.1
has caused the Debian Bug report #704143,
regarding unblock: olsrd/0.6.2-2.1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
704143: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704143
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: patch
User: release.debian@packages.debian.org
Usertags: unblock
Hi,
both olsrd 0.6.2-2 (testing) and 0.6.3-5 (unstable) suffer from
corrupted data on amd64 platforms [1].
I have performed NMUs both for testing-proposed-updates and unstable
and would like to have the version for t-p-u unblocked.
Attaching debdiff.
Adrian
unblock olsrd/0.6.2-2.1
> [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704025
-- System Information:
Debian Release: 7.0
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.8-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru olsrd-0.6.2/debian/changelog olsrd-0.6.2/debian/changelog
--- olsrd-0.6.2/debian/changelog 2012-02-19 16:18:18.0 +0100
+++ olsrd-0.6.2/debian/changelog 2013-03-28 04:31:12.0 +0100
@@ -1,3 +1,11 @@
+olsrd (0.6.2-2.1) testing-proposed-updates; urgency=low
+
+ * Non-maintainer upload.
+ * Include upstream patch to fix stack corruption in
+net output (Closes: #704025).
+
+ -- John Paul Adrian Glaubitz Thu, 28 Mar 2013 04:29:10 +0100
+
olsrd (0.6.2-2) unstable; urgency=low
* debian/control: Build-Depends: debhelper (>= 9) (Closes: #658330)
diff -Nru olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch
--- olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch 1970-01-01 01:00:00.0 +0100
+++ olsrd-0.6.2/debian/patches/300-fix-stack-corruption-in-net-output.patch 2013-03-28 04:27:03.0 +0100
@@ -0,0 +1,57 @@
+From f4d250ad4fad5fcfe5b5feaac3f3e121adef3fba Mon Sep 17 00:00:00 2001
+From: Jo-Philipp Wich
+Date: Fri, 22 Jun 2012 03:17:59 +0200
+Subject: [PATCH] olsrd: fix stack corruption in net_output()
+
+The net_output() function indirectly uses the stack variables dst and dst6
+outside of the scope they're declared in, this might leads to olsr_sendto()
+being called with a corrupted destination sockaddr_in.
+
+This failure condition can be observed in the log, olsrd will continuosly
+print "sendto(v4): Invalid Argument" or a similar message. On ARM it has been
+reported to result in "Unsupported Address Family".
+
+This bug became apparant on a custon OpenWrt x86_64 uClibc target using the
+Linaro GCC 4.7-2012.04 compiler, it has been reported for an unspecified ARM
+target as well.
+
+The offending code seems to be unchanged since 2008 and it does not cause
+issues on 32bit systems and/or with older (Linaro) GCC versions, but the
+compiler used in our tests seems to perform more aggressive optimizations
+leading to a stack corruption.
+---
+ src/net_olsr.c |4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/net_olsr.c b/src/net_olsr.c
+index 7d85f4f..66e103d 100644
+--- a/src/net_olsr.c
b/src/net_olsr.c
+@@ -336,6 +336,8 @@ net_output(struct interface *ifp)
+ {
+ struct sockaddr_in *sin = NULL;
+ struct sockaddr_in6 *sin6 = NULL;
++ struct sockaddr_in dst;
++ struct sockaddr_in6 dst6;
+ struct ptf *tmp_ptf_list;
+ union olsr_packet *outmsg;
+ int retval;
+@@ -354,7 +356,6 @@ net_output(struct interface *ifp)
+ outmsg->v4.olsr_packlen = htons(ifp->netbuf.pending);
+
+ if (olsr_cnf->ip_version == AF_INET) {
+-struct sockaddr_in dst;
+ /* IP version 4 */
+ sin = (struct sockaddr_in *)&ifp->int_broadaddr;
+
+@@ -365,7 +366,6 @@ net_output(struct interface *ifp)
+ if (sin->sin_port == 0)
+ sin->sin_port = htons(olsr_cnf->olsrport);
+ } else {
+-struct sockaddr_in6 dst6;
+ /* IP version 6 */
+ sin6 = (struct sockaddr_in6 *)&ifp->int6_multaddr;
+ /* Copy sin */
+--
+1.7.9.5
+
diff -Nru olsrd-0.6.2/debian/patches/series olsrd-0.6.2/debian/patches/series
--- olsrd-0.6.2/debian/patches/series 2012-02-19 16:07:42.0 +0100
+++ olsrd-0.6.2/debian/patches/series 2013-03-28 04:27:57.0 +0100
@@ -6,3 +6,4
Bug#702796: marked as done (unblock haskell-authenticate/1.2.1.1-2 haskell-yesod-auth/1.0.2.1-2)
Your message dated Fri, 29 Mar 2013 11:38:01 + with message-id and subject line Re: Bug#702796: unblock: haskell-certificate et. al. has caused the Debian Bug report #702796, regarding unblock haskell-authenticate/1.2.1.1-2 haskell-yesod-auth/1.0.2.1-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 702796: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702796 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is trying to get #701593 into testing. Not all arches have built everything yet, but I guess I can get the unblock on the way. The main fixes that we want to get into testing are these: unblock haskell-tls-extra/0.4.6.1-2 unblock haskell-certificate/1.2.3-2 To migrate, this will also pull some binNMUed reverse dependencies, including (but probably more): libghc-http-conduit-dev libghc-tls-dev libghc-warp-tls-dev Unfortunately, there was a version hiccup that required changes to debian/control for some of the rebuilds. I’m not yet sure which of these will have to go in to allow the above transition, but I’m sure that waiting britney’s output will be easier than manually finding the minimal set. At least http-conduit will need this, so please also unblock haskell-http-conduit/1.4.1.6-3 The attached debdiff is represenative for all these version-hiccup-fixing uploads. The packages that had the hiccup (haskell-persistent, haskell-blaze-builder-conduit) do not need to migrate. Greetings, Joachim - -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable'), (101, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.5-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlE9/ZgACgkQ9ijrk0dDIGwGwQCdFQkh3TOPpIuxq+ru5FV/I6jl zsYAmwSu1JYfL4+ZDxBPvTQ2WBDzCrR1 =noRR -END PGP SIGNATURE- diff -Nru haskell-http-conduit-1.4.1.6/debian/changelog haskell-http-conduit-1.4.1.6/debian/changelog --- haskell-http-conduit-1.4.1.6/debian/changelog 2012-05-19 17:40:51.0 +0200 +++ haskell-http-conduit-1.4.1.6/debian/changelog 2013-03-11 16:48:11.0 +0100 @@ -1,3 +1,16 @@ +haskell-http-conduit (1.4.1.6-3) unstable; urgency=low + + * Allow both strange and normal version in libghc-blaze-builder-conduit-dev +dependency + + -- Joachim Breitner Mon, 11 Mar 2013 16:48:11 +0100 + +haskell-http-conduit (1.4.1.6-2) unstable; urgency=low + + * Allow strange version in libghc-blaze-builder-conduit-dev dependency + + -- Joachim Breitner Sun, 10 Mar 2013 22:00:03 +0100 + haskell-http-conduit (1.4.1.6-1) unstable; urgency=low * New upstream version. diff -Nru haskell-http-conduit-1.4.1.6/debian/control haskell-http-conduit-1.4.1.6/debian/control --- haskell-http-conduit-1.4.1.6/debian/control 2012-05-19 17:40:57.0 +0200 +++ haskell-http-conduit-1.4.1.6/debian/control 2013-03-11 16:47:48.0 +0100 @@ -24,7 +24,8 @@ , libghc-blaze-builder-dev (<< 0.4) , libghc-blaze-builder-prof , libghc-blaze-builder-conduit-dev (>> 0.4) - , libghc-blaze-builder-conduit-dev (<< 0.5) + , libghc-blaze-builder-conduit-dev (<< 0.5) | libghc-blaze-builder-conduit-dev (>> 0.5.0.1.is.really.0.4), + , libghc-blaze-builder-conduit-dev (<< 0.5.0.1.is.really.0.5) , libghc-blaze-builder-conduit-prof , libghc-case-insensitive-dev (>> 0.2) , libghc-case-insensitive-prof diff -Nru haskell-tls-extra-0.4.6.1/debian/changelog haskell-tls-extra-0.4.6.1/debian/changelog --- haskell-tls-extra-0.4.6.1/debian/changelog 2013-01-20 23:26:26.0 +0100 +++ haskell-tls-extra-0.4.6.1/debian/changelog 2013-03-10 22:04:56.0 +0100 @@ -1,3 +1,14 @@ +haskell-tls-extra (0.4.6.1-2) unstable; urgency=low + + * Fix regression introduced with the last commit, by adding compatibility +with a corresponding change in haskell-certificate (Bug #700284), patch +provided by Joey Hess. Closes: #701593. +Also Closes: #702151, as the removal should no longer be necessary. + * Stop pretending this has a different version, as we need to rebuild stuff +anyways. + + -- Joachim Breitner Sun, 10 Mar 2013 22:04:56 +0100 + haskell-tls-extra (0.4.6.1-1) unstable; urgency=low * New upstream release, aimed for wheezy. diff -Nru haskell-tls-extra-0.4.6.1/debian/control haskell-tls-extra-0
Bug#702796: unblock: haskell-certificate et. al.
Hi, Am Freitag, den 29.03.2013, 11:31 + schrieb Adam D. Barratt: > haskell-certificate migrated in this morning's britney run, great! Thanks to all involved. > along with > a bunch of other packages including haskell-warp-tls but /not/ > haskell-warp due to the active unblock being for -2. Do we still need to > migrate haskell-warp -3? No. Greetings, Joachim -- Joachim "nomeata" Breitner Debian Developer nome...@debian.org | ICQ# 74513189 | GPG-Keyid: 4743206C JID: nome...@joachim-breitner.de | http://people.debian.org/~nomeata signature.asc Description: This is a digitally signed message part
Bug#702796: unblock: haskell-certificate et. al.
On 28.03.2013 21:55, Joachim Breitner wrote: Am Mittwoch, den 27.03.2013, 23:13 +0100 schrieb Joachim Breitner: The missing builds are due to some not yet debugged interaction between the test suite and the buildd environment. The test suit fails unreliably with “send: resource vanished (Broken pipe)”. Probably network related. On some arches where this happened, a give back has helped, e.g. on s390x: https://buildd.debian.org/status/logs.php?pkg=haskell-warp&ver=1.2.1.1-2%2Bb2&arch=s390x But with mips and amd64, I have had no luck with just giving it back yet. Tried it again right now. nah, this does not work. Disabled the test suite in unstable. Please unblock haskell-warp/1.2.1.1-3 haskell-certificate migrated in this morning's britney run, along with a bunch of other packages including haskell-warp-tls but /not/ haskell-warp due to the active unblock being for -2. Do we still need to migrate haskell-warp -3? Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/7c1794f7194b9e654516e2af29533...@mail.adsl.funky-badger.org
Re: nbd freeze exception?
Hi Julien, On 12-03-13 10:39, Wouter Verhelst wrote: > On Wed, Mar 06, 2013 at 06:55:42PM +0100, Julien Cristau wrote: >> On Wed, Mar 6, 2013 at 13:58:24 +0100, Wouter Verhelst wrote: >> >>> What are my chances of that being allowed in? >>> >> For r0 I would say it's too late. It should still be possible to >> include fixes in a subsequent point release. > > Hrm. > > Some of these are things that I do think should be part of r0. > > How about this, then: > > - No new upstream release (I knew that was a long shot, but hey, I had > to try) > - I do upload a package with the following patches: > - #685610 (important bug, failure of name-based exports when not used > as root filesystem; patch in the BTS) > - > http://nbd.git.sourceforge.net/git/gitweb.cgi?p=nbd/nbd;a=commitdiff;h=a0c3244429ea367defc0867cea8b2f351581c9d5 > (make nbd-server not go berserk upon receipt of a 'list exports' > packet; fixes a remote DoS; not RC because it's disabled by default, > but bad enough that it shouldn't be in the release) > - > http://nbd.git.sourceforge.net/git/gitweb.cgi?p=nbd/nbd;a=commitdiff;h=9c8f822c023732ca9871358e2d324257e0290707 > (or equivalent; there is still some discussion on that patch. Fixes > a false positive for a "request out of range" error that triggers on > 32-bit machines only) I've never received an answer to this. Meanwhile, I've done two uploads (because I forgot to fix the 'list exports' thing in the first upload, so I had to do another) with hardly anything more than the above. I'd appreciate it if you could look at the upload and possibly approve it, although I of course concede that it's your prerogative to reject the upload for testing, if you think it prudent. Thanks, -- Copyshops should do vouchers. So that next time some bureaucracy requires you to mail a form in triplicate, you can mail it just once, add a voucher, and save on postage. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/515541a4.6030...@debian.org
