Bug#781431: RM: makehuman/1.0.0~alpha6-5

[Michael Gilbert]

package: release.debian.org
user: release.debian@packages.debian.org
usertags: rm
severity: normal

Please consider removing makehuman from testing.  Upstream says the
old version there is not fit for use (#781306).

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MNx_MvCkfAAL_GKP=aeyes0djn3smy2iqprwx5wja1...@mail.gmail.com

Bug#781430: unblock: tomcat7/7.0.56-3

[Miguel Landaeta]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package tomcat7.

Although RC bug #780519 (FTBFS) was fixed in 7.0.56-2, I provided a
better fix in 7.0.56-3.

I'm not changing any tomcat7 features at this late stage, this just
fixed some broken unit tests due to expired X509 certificates provided
by upstream.

You can check the attached debdiff.

Thanks.

unblock tomcat7/7.0.56-3

-- System Information:
Debian Release: 7.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.13-0.bpo.1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=UTF-8 (charmap=UTF-8) (ignored: LC_ALL set 
to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash

-- 
Miguel Landaeta, nomadium at debian.org
secure email with PGP 0x6E608B637D8967E9 available at http://miguel.cc/key.
"Faith means not wanting to know what is true." -- Nietzsche
diff -Nru tomcat7-7.0.56/debian/changelog tomcat7-7.0.56/debian/changelog
--- tomcat7-7.0.56/debian/changelog 2014-10-06 05:26:02.0 -0300
+++ tomcat7-7.0.56/debian/changelog 2015-03-28 13:52:04.0 -0300
@@ -1,3 +1,24 @@
+tomcat7 (7.0.56-3) unstable; urgency=medium
+
+  * Provide a fix for #780519 more clear/maintainable and with an approach
+similar to used one by Emmanuel to fix an issue similar in stable in
+the past.
+
+ -- Miguel Landaeta   Sat, 28 Mar 2015 13:14:04 -0300
+
+tomcat7 (7.0.56-2) unstable; urgency=medium
+
+  * Fix FTBFS error by making sure SSL unit tests use TLS protocols.
+- SSLv3 and previous protocols are not secure and deprecated
+  in JDK7.
+- Additionally, some X509 certificates provided by upstream expired
+  and were causing failures in unit tests as well, so they were
+  regenerated. (Closes: #780519).
+  * Fix FTBFS error by disabling some unit tests that depends on
+having network access.
+
+ -- Miguel Landaeta   Thu, 26 Mar 2015 00:15:03 -0300
+
 tomcat7 (7.0.56-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru tomcat7-7.0.56/debian/javaxpoms/el-api.pom 
tomcat7-7.0.56/debian/javaxpoms/el-api.pom
--- tomcat7-7.0.56/debian/javaxpoms/el-api.pom  2014-09-26 07:14:48.0 
-0300
+++ tomcat7-7.0.56/debian/javaxpoms/el-api.pom  2015-03-28 14:57:10.0 
-0300
@@ -19,7 +19,7 @@
   4.0.0
   javax.el
   el-api
-  @MAVEN.DEPLOY.VERSION@
+  2.2
   Expression language package
   http://tomcat.apache.org/
   
diff -Nru tomcat7-7.0.56/debian/javaxpoms/jsp-api.pom 
tomcat7-7.0.56/debian/javaxpoms/jsp-api.pom
--- tomcat7-7.0.56/debian/javaxpoms/jsp-api.pom 2014-09-26 07:14:48.0 
-0300
+++ tomcat7-7.0.56/debian/javaxpoms/jsp-api.pom 2015-03-28 14:57:10.0 
-0300
@@ -19,7 +19,7 @@
   4.0.0
   javax.servlet.jsp
   jsp-api
-  @MAVEN.DEPLOY.VERSION@
+  2.2
   JSP package
   http://tomcat.apache.org/
   
@@ -43,13 +43,13 @@
 
   javax.el
   el-api
-  @MAVEN.DEPLOY.VERSION@
+  2.2
   compile
 
 
   javax.servlet
   servlet-api
-  @MAVEN.DEPLOY.VERSION@
+  2.2
   compile
 
   
diff -Nru tomcat7-7.0.56/debian/javaxpoms/servlet-api.pom 
tomcat7-7.0.56/debian/javaxpoms/servlet-api.pom
--- tomcat7-7.0.56/debian/javaxpoms/servlet-api.pom 2014-09-26 
07:14:48.0 -0300
+++ tomcat7-7.0.56/debian/javaxpoms/servlet-api.pom 2015-03-28 
14:57:10.0 -0300
@@ -19,7 +19,7 @@
   4.0.0
   javax.servlet
   servlet-api
-  @MAVEN.DEPLOY.VERSION@
+  3.0
   javax.servlet package
   http://tomcat.apache.org/
   
diff -Nru tomcat7-7.0.56/debian/keystores/ca-cert.pem 
tomcat7-7.0.56/debian/keystores/ca-cert.pem
--- tomcat7-7.0.56/debian/keystores/ca-cert.pem 1969-12-31 21:00:00.0 
-0300
+++ tomcat7-7.0.56/debian/keystores/ca-cert.pem 2015-03-28 13:18:02.0 
-0300
@@ -0,0 +1,30 @@
+-BEGIN CERTIFICATE-
+MIIFNTCCAx2gAwIBAgIJAP6JFxtmg5GyMA0GCSqGSIb3DQEBCwUAMDExCzAJBgNV
+BAYTAlVTMSIwIAYDVQQDDBljYS10ZXN0LnRvbWNhdC5hcGFjaGUub3JnMB4XDTE1
+MDMyNDE5NDQ0M1oXDTI1MDMyMTE5NDQ0M1owMTELMAkGA1UEBhMCVVMxIjAgBgNV
+BAMMGWNhLXRlc3QudG9tY2F0LmFwYWNoZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQC1kmB0521enMB1HbDLHV1Scx9LIFktnb/tMTXqt9LldaA0
+cCESvgNIbSerVVzcEQNlxfKc4CkEGYN7dgMIGYYEfsnDwJKExv38zRY5M4aVk5fO
+Lq1QQhUx7btKNUeVrXDt4bwE6iwYSwWmsp/UjZe7tjRtbWqJU1j5hkLBvRNoMOPZ
+bSUV5U2BrpVjBJTFw0ynfXv8jBzRI/Ag9eP9KREpYUADp1FgIy8JDpPL7gccHaHM
+C8Eepy2mwm1cZCQmVcCMoeiDPnLirFE4tWnXRlvE+leqUlrSvFz5OaCB21vE7MjZ
+UHNDElPhVrx5UE0DFqFifP8vdFIMBm83chdIL//vLnGnaWFcOtuLEZncb7nvEnm7
+zyKhpATtkh7RiVT9dUlH9cdsVPEd4Y/4Zf+fWon3xU2jT6gaUn6NYgLzAvbfZLj5
+i7h0Zjr9doRZu6zJSeErhF2mJPiAAQQ4lzvM+ieCRNZLLSGE4WfcE9mF2cd27XJ0
++GbGEvBmcGz3Fi+8sSs06EMB+3Nxwe1Wq/bl84R61xw2rjIjyHn04yzBIlzt0wfo
+ONYBBdtE+jlo8ar7JubiOeUuZII3L+Rknr6wglWYQQUkokx6e4LgUovxbNS1EnYA
+zL0PZloETWYU5mt4xwuheE+7GtgLdKMF1RvRvwPjOBtbNNEggsali6mm/yawzQID
+AQABo1AwTjAdBgNVHQ4EFgQUdt8dWGpR4wH+PNPW622ERdtv8WkwHwYDVR0jBBgw
+FoAUdt8dWGpR4wH+PNPW622ERdtv8W

Processed (with 2 errors): Re: RM: cia-clients/stable -- ROM; cia.vc is down, tools no longer useful

[Debian Bug Tracking System]

Processing control commands:

> reassign 781286 release.debian.org
Bug #781286 [ftp.debian.org] RM: cia-clients/stable -- ROM; cia.vc is down, 
tools no longer useful
Bug reassigned from package 'ftp.debian.org' to 'release.debian.org'.
Ignoring request to alter found versions of bug #781286 to the same values 
previously set
Ignoring request to alter fixed versions of bug #781286 to the same values 
previously set
> user release.debian@packages.debian.org
Unknown command or malformed arguments to command.

> usertag 781286 rm
Unknown command or malformed arguments to command.


-- 
781286: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781286
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/handler.s.u781286.142759830931043.transcr...@bugs.debian.org

Bug#781108: marked as done (unblock: krb5/1.12.1+dfsg-19)

[Debian Bug Tracking System]

Your message dated Sat, 28 Mar 2015 22:59:17 +0100
with message-id <55172435.9070...@thykier.net>
and subject line Re: Bug#781108: unblock: krb5/1.12.1+dfsg-19
has caused the Debian Bug report #781108,
regarding unblock: krb5/1.12.1+dfsg-19
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
781108: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781108
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package krb5

The previous package failed to mark some directories as optional in the systemd 
unit files, so for example if you don't have /etc/ssl/private, then krb5-kdc 
and krb5-admin-server fail to start.


(include/attach the debdiff against the package in testing)
diff --git a/debian/changelog b/debian/changelog
index 566e140..093c3bc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+krb5 (1.12.1+dfsg-19) unstable; urgency=medium
+
+  * mark systemd unit directories as optional, Closes: #780831
+
+ -- Sam Hartman   Fri, 20 Mar 2015 16:22:33 -0400
+
 krb5 (1.12.1+dfsg-18) unstable; urgency=high
 
   * Import upstream patch for CVE-2014-5355, Closes: #778647
diff --git a/debian/krb5-admin-server.service b/debian/krb5-admin-server.service
index 8b544e2..ae742f4 100644
--- a/debian/krb5-admin-server.service
+++ b/debian/krb5-admin-server.service
@@ -6,9 +6,9 @@ Description=Kerberos 5 Admin Server
 Type=simple
 ExecStart=/usr/sbin/kadmind -nofork $DAEMON_ARGS
 EnvironmentFile=-/etc/default/krb5-admin-server
-InaccessibleDirectories=/etc/ssh /etc/ssl/private  /root
+InaccessibleDirectories=-/etc/ssh -/etc/ssl/private  /root
 ReadOnlyDirectories=/
-ReadWriteDirectories=/var/tmp /tmp /var/lib/krb5kdc /var/run /run
+ReadWriteDirectories=-/var/tmp /tmp /var/lib/krb5kdc -/var/run /run
 CapabilityBoundingSet=CAP_NET_BIND_SERVICE
 
 [Install]
diff --git a/debian/krb5-kdc.service b/debian/krb5-kdc.service
index 88aad48..5af09a5 100644
--- a/debian/krb5-kdc.service
+++ b/debian/krb5-kdc.service
@@ -8,9 +8,9 @@ PIDFile=/var/run/krb5-kdc.pid
 ExecReload=/bin/kill -HUP $MAINPID
 EnvironmentFile=-/etc/default/krb5-kdc
 ExecStart=/usr/sbin/krb5kdc -P /var/run/krb5-kdc.pid $DAEMON_ARGS
-InaccessibleDirectories=/etc/ssh /etc/ssl/private  /root
+InaccessibleDirectories=-/etc/ssh -/etc/ssl/private  /root
 ReadOnlyDirectories=/
-ReadWriteDirectories=/var/tmp /tmp /var/lib/krb5kdc /var/run /run
+ReadWriteDirectories=-/var/tmp /tmp /var/lib/krb5kdc -/var/run /run
 CapabilityBoundingSet=CAP_NET_BIND_SERVICE
 
 [Install]

unblock krb5/1.12.1+dfsg-19

-- System Information:
Debian Release: jessie/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable'), (250, 'testing'), (200, 
'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
On 2015-03-28 22:49, Sam Hartman wrote:
> Of this already seems to have migrated into testing
> 
> [...]
> 

I guess someone unblocked it without realising there was a bug for it.
Anyway, all the same.  :)

~Niels--- End Message ---

Bug#781108: unblock: krb5/1.12.1+dfsg-19

[Sam Hartman]

Of this already seems to have migrated into testing

On March 28, 2015 2:57:33 PM EDT, Niels Thykier  wrote:
>Control: tags -1 confirmed moreinfo
>
>On 2015-03-24 16:51, Sam Hartman wrote:
>> Package: release.debian.org
>> Severity: normal
>> User: release.debian@packages.debian.org
>> Usertags: unblock
>> 
>> Please unblock package krb5
>> 
>> The previous package failed to mark some directories as optional in
>the systemd unit files, so for example if you don't have
>/etc/ssl/private, then krb5-kdc and krb5-admin-server fail to start.
>> 
>> [...]
>> 
>> unblock krb5/1.12.1+dfsg-19
>> 
>> [...]
>
>Ack, please go ahead and upload this.
>
>Thank,s
>~Niels

-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Bug#781413: unblock: cdbs/0.4.130

[Jonas Smedegaard]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Please unblock package cdbs

Fixes quoting of compiler flags in perlmodule-vars.mk, causing FTBFS of
at least 20 perl libraries.

debdiff attached.

unblock cdbs/0.4.130

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJVFxXrAAoJECx8MUbBoAEhH0MQAIM8z6plqvFXHMSsw49bmWW5
ICHmsxBRZvtB1PJndDaB2gc44qCiHI4ul9Qr6MYXqBEEdcUD4kwazPJXxiQ9j2DW
x4Ncj7fE1uRkvNUA8hVWN1uETVUnij54cULqL1MAs0fq0zQvDmaF0w29aaVhALKe
gZ7Vfarb+6cgu2QnNdxsOEtReInEQbwG9W05RoYCupfa4IZFtwiLUTF6MRxbgKhy
dpqjDwY6w9Ak72xfaq7GdmCrV3PGptR1dWfxpvOEePsZmrwr6DqHO7FJy2vb9vwf
EaZra9k5BJqR1rT8In8t+rxfT4OJqYnZ8BYlt8FRxiru1xmMQXBrV9ALk2qBQz8p
9aVLcUW8NLqfhjCodWZTQxpDilylcPn+MOJ2kngL9eSgTJq1MIOq1L4ep7Bornxx
yhO3MkN/u5O15uuJTVriWizbm8E1ezqA7BP/+gEucfN5hElyydyfZqF7XWvpAMi/
cutrNzApbxhOaqpZk3Zs1bevgj44cn8k0h0VkVESII/H0KMapPi2XADI0Ma24Dxn
fI+IAMOMDTKk84VHefI7QlPiVvGfncfFLT171+BA65E0uAZRBvf20TvtsEV2srp3
d3gYAh6uXdp8X5GMFpGOba2z+eNMQER5h9kO+1nMh+dVePyJfs7FNfag5+uKwFbq
Ph7J0aANd1ggPRBmKVr+
=wJ6j
-END PGP SIGNATURE-
diff -Nru cdbs-0.4.129/1/class/perlmodule-vars.mk.in cdbs-0.4.130/1/class/perlmodule-vars.mk.in
--- cdbs-0.4.129/1/class/perlmodule-vars.mk.in	2015-03-06 03:52:06.0 +0100
+++ cdbs-0.4.130/1/class/perlmodule-vars.mk.in	2015-03-28 13:24:41.0 +0100
@@ -41,8 +41,8 @@
 		$(or $(CPPFLAGS_$(cdbs_curpkg)),$(CPPFLAGS)) \
 		$(cdbs_perl_cppflags))" \
 	LDDLFLAGS="$(strip \
-		$(or $(LDFLAGS_$(cdbs_curpkg)),$(LDFLAGS)))" \
-		$(cdbs_perl_lddlflags) \
+		$(or $(LDFLAGS_$(cdbs_curpkg)),$(LDFLAGS)) \
+		$(cdbs_perl_lddlflags))" \
 	$(DEB_MAKE_PARALLEL)
 
 # Install into first listed package by default.
diff -Nru cdbs-0.4.129/debian/changelog cdbs-0.4.130/debian/changelog
--- cdbs-0.4.129/debian/changelog	2015-03-16 14:15:07.0 +0100
+++ cdbs-0.4.130/debian/changelog	2015-03-28 15:21:30.0 +0100
@@ -1,3 +1,10 @@
+cdbs (0.4.130) unstable; urgency=medium
+
+  * Fix quoting of compiler flags in perlmodule-vars.mk.
+Closes: bug#781076. Thanks to Niko Tyni.
+
+ -- Jonas Smedegaard   Sat, 28 Mar 2015 15:20:37 +0100
+
 cdbs (0.4.129) unstable; urgency=medium
 
   * Fix quoting of compiler flags in perl-makemaker-vars.mk.

Bug#781249: unblock (pre-approval): openconnect/6.00-2

[Mike Miller]

On Sat, Mar 28, 2015 at 08:32:53 +0100, Niels Thykier wrote:
> Ack, please go ahead.

Uploaded, thanks.

-- 
mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150328202111.ga22...@xps14z.home.local

Bug#781147: marked as done (unblock: resiprocate/1.9.7-5)

[Debian Bug Tracking System]

Your message dated Sat, 28 Mar 2015 20:20:41 +0100
with message-id <5516ff09.7010...@thykier.net>
and subject line Re: Bug#781147: unblock: resiprocate/1.9.7-5
has caused the Debian Bug report #781147,
regarding unblock: resiprocate/1.9.7-5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
781147: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781147
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian@packages.debian.org
UserTags: unblock


This is a proposed upload to unstable for jessie

The main reason for this unblock request:

  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780979

and also helps resolve:

  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780980


The main reason for fixing 780979 is that the assert() can lead to a
crash of the process, as described in the bug report.

These fixes come from the master branch upstream:

https://github.com/resiprocate/resiprocate/commits/master
diff -Nru resiprocate-1.9.7/debian/changelog resiprocate-1.9.7/debian/changelog
--- resiprocate-1.9.7/debian/changelog  2014-12-10 07:28:30.0 +0100
+++ resiprocate-1.9.7/debian/changelog  2015-03-22 20:02:23.0 +0100
@@ -1,3 +1,11 @@
+resiprocate (1:1.9.7-5) unstable; urgency=medium
+
+  * Make ensureWritable more tolerant. (Closes: #780979)
+  * Stop logging errors when TLS is shut down cleanly by peer.
+(Closes: #780980)
+
+ -- Daniel Pocock   Sun, 22 Mar 2015 19:30:31 +0100
+
 resiprocate (1:1.9.7-4) unstable; urgency=medium
 
   * Use SSLv23_method instead of TLSv1_method and
diff -Nru resiprocate-1.9.7/debian/patches/0003-log-tls-clean-shutdown.patch 
resiprocate-1.9.7/debian/patches/0003-log-tls-clean-shutdown.patch
--- resiprocate-1.9.7/debian/patches/0003-log-tls-clean-shutdown.patch  
1970-01-01 01:00:00.0 +0100
+++ resiprocate-1.9.7/debian/patches/0003-log-tls-clean-shutdown.patch  
2015-03-22 19:43:14.0 +0100
@@ -0,0 +1,30 @@
+diff --git a/resip/stack/ssl/TlsConnection.cxx 
b/resip/stack/ssl/TlsConnection.cxx
+index c3537aa..fb80323 100644
+--- a/resip/stack/ssl/TlsConnection.cxx
 b/resip/stack/ssl/TlsConnection.cxx
+@@ -445,6 +445,12 @@ TlsConnection::read(char* buf, int count )
+ return 0;
+  }
+  break;
++ case SSL_ERROR_ZERO_RETURN:
++ {
++DebugLog( << "Got SSL_ERROR_ZERO_RETURN (TLS shutdown by peer)");
++return -1;
++ }
++ break;
+  default:
+  {
+ handleOpenSSLErrorQueue(bytesRead, err, "SSL_read");
+@@ -532,6 +538,12 @@ TlsConnection::write( const char* buf, int count )
+ return 0;
+  }
+  break;
++ case SSL_ERROR_ZERO_RETURN:
++ {
++DebugLog( << "Got SSL_ERROR_ZERO_RETURN (TLS shutdown by peer)");
++return -1;
++ }
++ break;
+  default:
+  {
+ handleOpenSSLErrorQueue(ret, err, "SSL_write");
diff -Nru 
resiprocate-1.9.7/debian/patches/0004-make-ensureWritable-more-tolerant.patch 
resiprocate-1.9.7/debian/patches/0004-make-ensureWritable-more-tolerant.patch
--- 
resiprocate-1.9.7/debian/patches/0004-make-ensureWritable-more-tolerant.patch   
1970-01-01 01:00:00.0 +0100
+++ 
resiprocate-1.9.7/debian/patches/0004-make-ensureWritable-more-tolerant.patch   
2015-03-22 19:43:14.0 +0100
@@ -0,0 +1,55 @@
+diff --git a/resip/stack/Connection.cxx b/resip/stack/Connection.cxx
+index 567c105..1f01ecc 100644
+--- a/resip/stack/Connection.cxx
 b/resip/stack/Connection.cxx
+@@ -88,13 +88,35 @@ Connection::performWrite()
+ {
+if(transportWrite())
+{
+-  assert(mInWritable);
+-  getConnectionManager().removeFromWritable(this);
+-  mInWritable = false;
+-  return 0; // What does this transportWrite() mean?
++  // If we get here it means:
++  // a. on a previous invocation, SSL_do_handshake wanted to write
++  // (SSL_ERROR_WANT_WRITE)
++  // b. now the handshake is complete or it wants to read
++  if(mInWritable)
++  {
++ getConnectionManager().removeFromWritable(this);
++ mInWritable = false;
++  }
++  else
++  {
++ WarningLog(<<"performWrite invoked while not in write set");
++  }
++  return 0; // Q. What does this transportWrite() mean?
++// A. It makes the TLS handshake move along after it
++//was waiting in the write set.
++   }
++
++   // If the TLS handshake returned SSL_ERROR_WANT_WRITE again
++   // then we coul

Bug#781406: pu: package tomcat7/7.0.28-4+deb7u1

[Miguel Landaeta]

On Sat, Mar 28, 2015 at 06:58:33PM +, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Sat, 2015-03-28 at 15:23 -0300, Miguel Landaeta wrote:
> > Currently, tomcat7 can't be built in wheezy as it was reported on
> > #780519.
> > 
> > So, I'm proposing this upload for stable to fix that FTBFS bug.
> 
> Please go ahead, thanks.

Thanks for the prompt answer. I just uploaded it.

-- 
Miguel Landaeta, nomadium at debian.org
secure email with PGP 0x6E608B637D8967E9 available at http://miguel.cc/key.
"Faith means not wanting to know what is true." -- Nietzsche


signature.asc
Description: Digital signature

Bug#746946: wheezy-pu: package distro-info-data/0.23~deb7u1

[Adam D. Barratt]

On Thu, 2015-01-08 at 06:19 +0200, Stefano Rivera wrote:
> Hi Adam (2015.01.06_22:11:55_+0200)
> > To summarise discussions from IRC, Julien pointed out that there are a
> > number of other places where we still refer to Wheezy as 7.0, including
> > the Release Notes and debian-installer-netboot-images. Combined with the
> > fact that this would be a change in stable, I think we should leave the
> > Wheezy package "as-is" in terms of referring to Wheezy as 7.0.
> 
> Does that apply to only Wheezy, or Jessie too?

Argh, this somehow fell through the cracks again. :-(

I'm more okay with having the change in Jessie, so let's leave that as
is.

As per my earlier message, please feel free to go ahead with an upload
of the most recently proposed changes (other than the 7.0->7).

Regards,

Adam


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/1427569794.1708.24.ca...@adam-barratt.org.uk

Bug#781305: unblock: flash-kernel/3.34

[Adam D. Barratt]

On Fri, 2015-03-27 at 10:01 +, Ian Campbell wrote:
> Please unblock package flash-kernel both deb and udeb.
> 
> flash-kernel-installer will automatically install u-boot-tools as needed, so
> installation via the installer works fine, however users who do things 
> manually
> (i.e. with debootstrap) are frequently caught out by the lack of u-boot-tools.
> Since u-boot-tools is needed on the majority of systems these days and in any
> case is quite small bump the Suggests into a Recommends.

Unblocked, CCing for a KiBiack.

Regards,

Adam


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/1427569480.1708.20.ca...@adam-barratt.org.uk

Bug#779820: marked as done (unblock (pre-approval): mate-netbook/1.8.1-4)

[Debian Bug Tracking System]

Your message dated Sat, 28 Mar 2015 19:01:03 +
with message-id <1427569263.1708.19.ca...@adam-barratt.org.uk>
and subject line Re: Bug#779820: unblock (pre-approval): mate-netbook/1.8.1-4
has caused the Debian Bug report #779820,
regarding unblock (pre-approval): mate-netbook/1.8.1-4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
779820: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779820
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please consider unblocking of planned upload of package mate-netbook.

+  [ Martin Wimpress ]
+  * debian/patches:
++ Add 0001_respect_undecorate_setting.patch. Ensure mate-maximus
+  undecorates maximized windows only when the "undecorate" dconf
+  option is set. (Closes: #778816).

Once mate-netbook is installed most applications loose their window
decorations when maximized (expected behabiour of mate-maximus inside the
mate-netbook package). In dconf there is a setting that allows one to
disable this "undecorate" behaviour (i.e. make windows behave normally
(desktop-like) again when maximized.

However, this "undecorate" option in dconf has no effect for users
attempting to disable the undecorate feature, window decorations stay
lost until mate-netbook gets uninstalled. Impossible to configure
mate-maximus on a per-user basis or with a system-wide override file.

With the provided patch in the attached .debdiff, this issue is fixed.

light+love,
Mike

unblock mate-netbook/1.8.1-4

-- System Information:
Debian Release: 8.0
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing-updates'), (500, 
'testing-proposed-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
diff -Nru mate-netbook-1.8.1/debian/changelog mate-netbook-1.8.1/debian/changelog
--- mate-netbook-1.8.1/debian/changelog	2014-12-12 10:20:48.0 +0100
+++ mate-netbook-1.8.1/debian/changelog	2015-03-05 08:38:20.0 +0100
@@ -1,3 +1,13 @@
+mate-netbook (1.8.1-4) unstable; urgency=medium
+
+  [ Martin Wimpress ]
+  * debian/patches:
++ Add 0001_respect_undecorate_setting.patch. Ensure mate-maximus
+  undecorates maximized windows only when the "undecorate" dconf
+  option is set. (Closes: #778816).
+
+ -- Mike Gabriel   Thu, 05 Mar 2015 08:35:48 +0100
+
 mate-netbook (1.8.1-3) unstable; urgency=medium
 
   * Follow-up fix for #769417: Install mate-window-picker-applet to
diff -Nru mate-netbook-1.8.1/debian/patches/0001_respect_undecorate_setting.patch mate-netbook-1.8.1/debian/patches/0001_respect_undecorate_setting.patch
--- mate-netbook-1.8.1/debian/patches/0001_respect_undecorate_setting.patch	1970-01-01 01:00:00.0 +0100
+++ mate-netbook-1.8.1/debian/patches/0001_respect_undecorate_setting.patch	2015-03-05 08:32:59.0 +0100
@@ -0,0 +1,22 @@
+From 90cfdef36b1140f7f75ada67ea0f22fe0d4d7f79 Mon Sep 17 00:00:00 2001
+From: Monsta 
+Date: Fri, 9 Jan 2015 23:40:09 +0300
+Subject: [PATCH] mate-maximus: respect "undecorate" setting, goddammit
+
+---
+ maximus/maximus-app.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/maximus/maximus-app.c b/maximus/maximus-app.c
+index ea303d9..a1c4221 100644
+--- a/maximus/maximus-app.c
 b/maximus/maximus-app.c
+@@ -380,7 +380,7 @@ on_window_opened (WnckScreen  *screen,
+ 
+   if (no_maximize || priv->no_maximize)
+   {
+-if (wnck_window_is_maximized(window))
++if (wnck_window_is_maximized(window) && priv->undecorate)
+ {
+   _window_set_decorations (window, 0);
+   gdk_flush ();
diff -Nru mate-netbook-1.8.1/debian/patches/series mate-netbook-1.8.1/debian/patches/series
--- mate-netbook-1.8.1/debian/patches/series	1970-01-01 01:00:00.0 +0100
+++ mate-netbook-1.8.1/debian/patches/series	2015-03-05 08:32:59.0 +0100
@@ -0,0 +1 @@
+0001_respect_undecorate_setting.patch
--- End Message ---
--- Begin Message ---
On Sat, 2015-03-28 at 14:35 +, Mike Gabriel wrote:
> Control: tags -1 - moreinfo
> 
> Hi Emilio,
> 
> On  Fr 06 Mär 2015 13:52:17 CET, Emilio Pozuelo Monfort wrote:
> 
> > Control: tags -1 + confirmed
> >
> > On 06/03/15 13:18, Mike Gabriel wrote:
[...]
> >> The behaviour of mate-maximus should be controllable via gsettings  
> >> and not via
> >> dpkg (installation / removal of the package).
> >
> > OK. Ba

Processed: Re: Bug#781124: unblock (pre-approval): icedtea-web/1.5-2+deb8u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 confirmed moreinfo
Bug #781124 [release.debian.org] unblock (pre-approval): 
icedtea-web/1.5-2+deb8u1
Added tag(s) confirmed and moreinfo.

-- 
781124: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781124
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/handler.s.b781124.142756920324772.transcr...@bugs.debian.org

Bug#781124: unblock (pre-approval): icedtea-web/1.5-2+deb8u1

[Niels Thykier]

Control: tags -1 confirmed moreinfo

On 2015-03-24 21:53, Gilles Filippini wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Hello Release team,
> 
> I've prepared a NMU for the icedtea-web package to fix #778631. It is
> the very same trivial fix already uploaded to unstable with release
> 1.5.2-1.1. Please see the proposed patch attached.
> 
> Thanks in advance,
> 
> _g.
> 
> 

Ack, please go ahead with this tpu upload.

~Niels


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5516fa2b.6040...@thykier.net

Bug#781406: pu: package tomcat7/7.0.28-4+deb7u1

[Adam D. Barratt]

Control: tags -1 + confirmed

On Sat, 2015-03-28 at 15:23 -0300, Miguel Landaeta wrote:
> Currently, tomcat7 can't be built in wheezy as it was reported on
> #780519.
> 
> So, I'm proposing this upload for stable to fix that FTBFS bug.

Please go ahead, thanks.

Regards,

Adam


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/1427569113.1708.18.ca...@adam-barratt.org.uk

Processed: Re: Bug#781406: pu: package tomcat7/7.0.28-4+deb7u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + confirmed
Bug #781406 [release.debian.org] pu: package tomcat7/7.0.28-4+deb7u1
Added tag(s) confirmed.

-- 
781406: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781406
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/handler.s.b781406.142756912224280.transcr...@bugs.debian.org

Processed: Re: Bug#781108: unblock: krb5/1.12.1+dfsg-19

[Debian Bug Tracking System]

Processing control commands:

> tags -1 confirmed moreinfo
Bug #781108 [release.debian.org] unblock: krb5/1.12.1+dfsg-19
Added tag(s) confirmed and moreinfo.

-- 
781108: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781108
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/handler.s.b781108.142756906624044.transcr...@bugs.debian.org

Bug#781108: unblock: krb5/1.12.1+dfsg-19

[Niels Thykier]

Control: tags -1 confirmed moreinfo

On 2015-03-24 16:51, Sam Hartman wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package krb5
> 
> The previous package failed to mark some directories as optional in the 
> systemd unit files, so for example if you don't have /etc/ssl/private, then 
> krb5-kdc and krb5-admin-server fail to start.
> 
> [...]
> 
> unblock krb5/1.12.1+dfsg-19
> 
> [...]

Ack, please go ahead and upload this.

Thank,s
~Niels


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5516f99d.9080...@thykier.net

Bug#781082: marked as done (unblock: needrestart/1.2-8)

[Debian Bug Tracking System]

Your message dated Sat, 28 Mar 2015 19:51:28 +0100
with message-id <5516f830.8010...@thykier.net>
and subject line Re: Bug#781082: unblock: needrestart/1.2-8
has caused the Debian Bug report #781082,
regarding unblock: needrestart/1.2-8
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
781082: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781082
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package needrestart

It fixes a regression if needrestart is invoked in noninteractive mode.

diff -Naur '--exclude=.svn' 1.2-7/debian/changelog 1.2-8/debian/changelog
--- 1.2-7/debian/changelog  2014-12-18 21:53:53.165140592 +0100
+++ 1.2-8/debian/changelog  2015-03-24 10:27:26.043543580 +0100
@@ -1,3 +1,11 @@
+needrestart (1.2-8) unstable; urgency=low
+
+  * Add patch 16-fix-progressbar-regression to improve detection if invoked
+noninteractive and prevent debconf tried to be used in such cases. The
+reload action is set to list only if it was inter-active.
+
+ -- Patrick Matthäi   Tue, 24 Mar 2015 10:24:33 +0100
+
 needrestart (1.2-7) unstable; urgency=low

   * Add missing second patch 15-fix-progressbar-non-interactive to fix #768124.
diff -Naur '--exclude=.svn' 
1.2-7/debian/patches/16-fix-progressbar-regression.diff 
1.2-8/debian/patches/16-fix-progressbar-regression.diff
--- 1.2-7/debian/patches/16-fix-progressbar-regression.diff 1970-01-01 
01:00:00.0 +0100
+++ 1.2-8/debian/patches/16-fix-progressbar-regression.diff 2015-03-24 
10:27:26.063543578 +0100
@@ -0,0 +1,55 @@
+# Improve detection if invoked noninteractive and prevent debconf tried to be
+# used in such cases. The reload action is set to list only if it was inter-
+# active.
+# Related: #768124
+
+---
+ needrestart| 4 +++-
+ perl/lib/NeedRestart/UI.pm | 2 +-
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/needrestart b/needrestart
+index a1c43d9..a31a8bc 100755
+--- a/needrestart
 b/needrestart
+@@ -39,6 +39,7 @@ $Getopt::Std::STANDARD_HELP_VERSION++;
+
+ my $LOGPREF = '[main]';
+ my $is_systemd = -d qq(/run/systemd/system);
++my $is_tty = (-t *STDERR || -t *STDOUT || -t *STDIN);
+
+ sub HELP_MESSAGE {
+ print new(1) : needrestart_ui($nrconf{verbose}, 
($is_tty ? $nrconf{ui} : 'NeedRestart::UI::stdio')));
+ die "Error: no UI class available!\n" unless(defined($ui));
+
+ # enable/disable checks
+diff --git a/perl/lib/NeedRestart/UI.pm b/perl/lib/NeedRestart/UI.pm
+index 08004f9..d7e8e77 100644
+--- a/perl/lib/NeedRestart/UI.pm
 b/perl/lib/NeedRestart/UI.pm
+@@ -42,7 +42,7 @@ sub progress_prep($$$) {
+ my $self = shift;
+ my ($max, $out) = @_;
+
+-unless($self->{debug} || !exists($ENV{COLUMNS}) || !exists($ENV{LINES})) {
++unless($self->{debug} || !(-t *STDERR)) {
+   # restore terminal if required (debconf)
+   unless(-t *STDIN) {
+   open($self->{fhin}, '<&', \*STDIN) || die "Can't dup stdin: $!\n";
+--
+2.1.4
+
diff -Naur '--exclude=.svn' 1.2-7/debian/patches/series 
1.2-8/debian/patches/series
--- 1.2-7/debian/patches/series 2014-12-18 21:53:53.169140561 +0100
+++ 1.2-8/debian/patches/series 2015-03-24 10:27:26.063543578 +0100
@@ -13,3 +13,4 @@
 13-falsepos-aio-fix.diff
 14-wpa_supplicant-override.diff
 15-fix-progressbar-non-interactive.diff
+16-fix-progressbar-regression.diff


unblock needrestart/1.2-8

-- System Information:
Debian Release: 7.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
On 2015-03-24 10:30, Patrick Matthäi wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package needrestart
> 
> It fixes a regression if needrestart is invoked in noninteractive mode.
> 
> [...]
> 
> unblock needrestart/1.2-8
> 
> [...]

Unblocked, thanks.

~Niels--- End Message ---

Bug#781038: marked as done (unblock: caja/1.8.2-3)

[Debian Bug Tracking System]

Your message dated Sat, 28 Mar 2015 19:49:28 +0100
with message-id <5516f7b8.1010...@thykier.net>
and subject line Re: Bug#781038: unblock: caja/1.8.2-3
has caused the Debian Bug report #781038,
regarding unblock: caja/1.8.2-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
781038: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781038
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package caja

+  * debian/control:
++ Add to R (caja): gvfs-backends. (Closes: #776689).

-> Already partially pre-approved by Niels if it comes with some critical fix.

+  * debian/patches:
++ Add 0003_fix-crash-in-places-sidebar.patch. Fix crash caja crashing after
+  USB drive eject if any bookmarks are present. (Closes: #780731).

-> Fixes a confirmed crash as decribed in #780731.

As #780731 fixes a segfault of caja which will be encoutered by several
users, I presume, I have already uploaded the package.

unblock caja/1.8.2-3

-- System Information:
Debian Release: 8.0
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing-updates'), (500, 
'testing-proposed-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
diff -Nru caja-1.8.2/debian/changelog caja-1.8.2/debian/changelog
--- caja-1.8.2/debian/changelog	2015-01-21 16:28:43.0 +0100
+++ caja-1.8.2/debian/changelog	2015-03-23 18:19:22.0 +0100
@@ -1,3 +1,13 @@
+caja (1.8.2-3) unstable; urgency=medium
+
+  * debian/control:
++ Add to R (caja): gvfs-backends. (Closes: #776689).
+  * debian/patches:
++ Add 0003_fix-crash-in-places-sidebar.patch. Fix crash caja crashing after
+  USB drive eject if any bookmarks are present. (Closes: #780731).
+
+ -- Mike Gabriel   Mon, 23 Mar 2015 18:18:43 +0100
+
 caja (1.8.2-2) unstable; urgency=medium
 
   * debian/patches:
diff -Nru caja-1.8.2/debian/control caja-1.8.2/debian/control
--- caja-1.8.2/debian/control	2015-01-21 16:28:40.0 +0100
+++ caja-1.8.2/debian/control	2015-03-10 19:01:33.0 +0100
@@ -54,6 +54,7 @@
  gvfs,
  libcaja-extension1 (= ${binary:Version}),
  caja-common (= ${source:Version}),
+Recommends: gvfs-backends,
 Suggests: gstreamer0.10-tools,
   meld,
   engrampa
diff -Nru caja-1.8.2/debian/patches/0003_fix-crash-in-places-sidebar.patch caja-1.8.2/debian/patches/0003_fix-crash-in-places-sidebar.patch
--- caja-1.8.2/debian/patches/0003_fix-crash-in-places-sidebar.patch	1970-01-01 01:00:00.0 +0100
+++ caja-1.8.2/debian/patches/0003_fix-crash-in-places-sidebar.patch	2015-03-23 18:17:00.0 +0100
@@ -0,0 +1,36 @@
+From 0de3e198db38b4e819159d958148bb386430d4dc Mon Sep 17 00:00:00 2001
+From: Monsta 
+Date: Wed, 18 Mar 2015 16:10:04 +0300
+Subject: [PATCH] places-sidebar: fix crash
+
+taken from upstream commits:
+https://git.gnome.org/browse/nautilus/commit/?id=cda2c75df4b95a481e8b774081ec1240d47fa45f
+https://git.gnome.org/browse/nautilus/commit/?id=4764a856c7a6e5a84d4067e7b105c09a93ffdbe4
+---
+ src/caja-places-sidebar.c | 6 --
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/caja-places-sidebar.c b/src/caja-places-sidebar.c
+index 0e1ce9c..f797497 100644
+--- a/src/caja-places-sidebar.c
 b/src/caja-places-sidebar.c
+@@ -1455,7 +1455,7 @@ reorder_bookmarks (CajaPlacesSidebar *sidebar,
+ /* Get the selected path */
+ 
+ if (!get_selected_iter (sidebar, &iter))
+-g_assert_not_reached ();
++return;
+ 
+ gtk_tree_model_get (GTK_TREE_MODEL (sidebar->filter_model), &iter,
+ PLACES_SIDEBAR_COLUMN_ROW_TYPE, &type,
+@@ -1520,7 +1520,9 @@ drag_data_received_callback (GtkWidget *widget,
+ }
+ 
+ /* Compute position */
+-compute_drop_position (tree_view, x, y, &tree_path, &tree_pos, sidebar);
++success = compute_drop_position (tree_view, x, y, &tree_path, &tree_pos, sidebar);
++if (!success)
++goto out;
+ 
+ success = FALSE;
+ 
diff -Nru caja-1.8.2/debian/patches/series caja-1.8.2/debian/patches/series
--- caja-1.8.2/debian/patches/series	2015-01-21 15:25:27.0 +0100
+++ caja-1.8.2/debian/patches/series	2015-03-23 18:17:16.0 +0100
@@ -1,2 +1,3 @@
 0001_fix-desktop-icon-size.patch
 0002_dont-start-desktop-outside-of-MATE-sessions.patch
+000

Bug#781021: marked as done (jessie-pu: package cvxopt/1.1.4-1.2+deb8u1)

[Debian Bug Tracking System]

Your message dated Sat, 28 Mar 2015 19:45:59 +0100
with message-id <5516f6e7.2070...@thykier.net>
and subject line Re: Bug#781021: jessie-pu: package cvxopt/1.1.4-1.2+deb8u1
has caused the Debian Bug report #781021,
regarding jessie-pu: package cvxopt/1.1.4-1.2+deb8u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
781021: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781021
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: pu
Tags: jessie
Severity: normal

Hello

cvxopt fails to import glpk, with error "undefined symbol" (#780251).
This is due to libglpk0 to libglpk36 ABI change.

There already is a patch in jessie: An emulation of the functions that
disappeared. However, the patch was not linked!

The proposed diff fixes the link, and fixes a #if typo.

I believe it's suitable for future Jessie release point, but not in 8.0
because of the freeze. However, the fix is also in sid, and would you
like to have it sooner, it would be possible to:
unblock cvxopt/1.1.4-1.3

Thank you.


-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (990, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

-- 
Nirgal
diff -Nru cvxopt-1.1.4/debian/changelog cvxopt-1.1.4/debian/changelog
--- cvxopt-1.1.4/debian/changelog	2013-12-06 17:38:32.0 +0100
+++ cvxopt-1.1.4/debian/changelog	2015-03-23 12:02:20.0 +0100
@@ -1,3 +1,11 @@
+cvxopt (1.1.4-1.2+deb8u1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix glpk-4.49.diff: Link the lpx emulation file, fix the #if activation
+test. This fixes "undefined symbol: lpx_create_prob" bugs. (Closes: #780251)
+
+ -- Jean-Michel Nirgal Vourgère   Wed, 11 Mar 2015 23:00:40 +0100
+
 cvxopt (1.1.4-1.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru cvxopt-1.1.4/debian/patches/glpk-4.49.diff cvxopt-1.1.4/debian/patches/glpk-4.49.diff
--- cvxopt-1.1.4/debian/patches/glpk-4.49.diff	2013-12-06 17:39:16.0 +0100
+++ cvxopt-1.1.4/debian/patches/glpk-4.49.diff	2015-03-14 21:15:54.0 +0100
@@ -3,13 +3,16 @@
  patch adds compatibility routines that were provided by the upstream author of
  GLPK.
 Author: Sébastien Villemot 
+Author: Jean-Michel Nirgal Vourgère 
 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714368
-Forwarded: no
-Last-Update: 2013-08-15
+Forwarded: not-needed
+Last-Update: 2015-03-11
 ---
 This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
 a/src/C/glpk.c
-+++ b/src/C/glpk.c
+Index: cvxopt-1.1.4/src/C/glpk.c
+===
+--- cvxopt-1.1.4.orig/src/C/glpk.c
 cvxopt-1.1.4/src/C/glpk.c
 @@ -20,7 +20,7 @@
  
  #include "cvxopt.h"
@@ -19,8 +22,10 @@
  
  PyDoc_STRVAR(glpk__doc__,
  "Interface to the simplex and mixed integer LP algorithms in GLPK.\n\n"
+Index: cvxopt-1.1.4/src/C/lpx.c
+===
 --- /dev/null
-+++ b/src/C/lpx.c
 cvxopt-1.1.4/src/C/lpx.c
 @@ -0,0 +1,1516 @@
 +/* lpx.c (old GLPK API) */
 +
@@ -35,12 +40,12 @@
 +*  Please note that you may mix calls to old and new GLPK API routines
 +*  (except calls to glp_create_prob and glp_delete_prob). */
 +
-+#if (GLP_VERSION_MAJOR == 4 && GLP_MINOR_VERSION >= 49) || GLP_VERSION_MAJOR > 4
-+
 +#include 
 +#include 
 +#include "lpx.h"
 +
++#if (GLP_MAJOR_VERSION == 4 && GLP_MINOR_VERSION >= 49) || GLP_MAJOR_VERSION > 4
++
 +#define xassert glp_assert
 +#define xerror  glp_error
 +
@@ -1538,8 +1543,10 @@
 +
 +/* eof */
 +
+Index: cvxopt-1.1.4/src/C/lpx.h
+===
 --- /dev/null
-+++ b/src/C/lpx.h
 cvxopt-1.1.4/src/C/lpx.h
 @@ -0,0 +1,568 @@
 +/* lpx.h (old GLPK API) */
 +
@@ -2109,3 +2116,16 @@
 +
 +#endif
 +/* eof */
+Index: cvxopt-1.1.4/src/setup.py
+===
+--- cvxopt-1.1.4.orig/src/setup.py
 cvxopt-1.1.4/src/setup.py
+@@ -63,7 +63,7 @@ if BUILD_GLPK:
+ glpk = Extension('glpk', libraries = ['glpk'],
+ include_dirs = [ GLPK_INC_DIR ],
+ library_dirs = [ GLPK_LIB_DIR ],
+-sources = ['C/glpk.c'] )
++sources = ['C/glpk.c', 'C/lpx.c'] )
+ extmods += [glpk];
+ 
+ if BUILD_DSDP:


signature.asc
Description: OpenPGP digital signature

Bug#781163: unblock (pre-approved): util-linux/2.25.2-5.1

[Niels Thykier]

On 2015-03-26 07:54, Kirill Smelkov wrote:
> [...]
> 
> Hi Niels.
> 
> Thanks for replying and yes, I do need some kind of sponsorship/help
> with upload as I do not have upload rights (I'm not a Debian developer
> nor Debian member - currently just a person from outside).
> 
> I would be glad if you, or someone else, "sponsor" me with this upload,
> and this way I'll also start to slowly becoming a bit more involved with
> Debian which I was thinking about for a long time, but had no occasion
> to start.
> 
> Thanks again,
> Kirill
> 
> 

Hi Kirill,

Ok, you probably want to file an "RFS" bug against
"sponsorship-requests"[1] (and maybe also ask on #debian-mentors if you
use IRC) if you have not already done so.

Thanks,
~Niels

[1]
https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=sponsorship-requests;dist=unstable


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5516f5e4.7050...@thykier.net

Bug#781010: marked as done (unblock: simpleid/0.8.1-14)

[Debian Bug Tracking System]

Your message dated Sat, 28 Mar 2015 19:42:42 +0100
with message-id <5516f622.8090...@thykier.net>
and subject line Re: Bug#781010: unblock: simpleid/0.8.1-14
has caused the Debian Bug report #781010,
regarding unblock: simpleid/0.8.1-14
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
781010: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781010
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian@packages.debian.org
UserTags: unblock


I'm proposing to update the simpleid package using the patch contained
in this bug:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718483

Direct link to the patch:

https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=15;filename=718483.diff;att=1;bug=718483


I would also propose a couple of other small fixes,

- uploader email address s/pocock.com.au/pocock.pro

- home page URL http://www.simpleid.org


Please let me know if all of the above is likely to be accepted at this
stage in the freeze and if so I will build a package and send a debdiff
for approval.
--- End Message ---
--- Begin Message ---
On 2015-03-25 22:25, Daniel Pocock wrote:
> Control: tags -1 -moreinfo
> 
> On 25/03/15 20:52, Niels Thykier wrote:
>> Control: tags -1 confirmed moreinfo
>>
>> On 2015-03-24 17:31, Daniel Pocock wrote:
>>> Control: tags -1 -moreinfo
>>>
>>> [...]
>>>
>>>
>>> Attached - please tell me if I should upload 0.8.1-14 to unstable
>>>
>>>
>>
>> Ack, please upload it to unstable and let us remove the moreinfo tag
>> once it has been accepted.
>>
> 
> Uploaded and accepted
> 
> 

Unblocked, thanks.

~Niels--- End Message ---

Bug#781233: unblock: parted/3.2-7

[Niels Thykier]

Control: tags -1 d-i

On 2015-03-26 11:21, Colin Watson wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package parted; this fixes a crash when trying to resize
> fat16 filesystems.  CCing debian-boot since this would need a d-i ack
> too.
> 

Ack from here, just needs a d-i from here.  (Quoting in full for KiBi's
convenience)

Thanks,
~Niels

> diff -Nru parted-3.2/debian/.git-dpm parted-3.2/debian/.git-dpm
> --- parted-3.2/debian/.git-dpm2014-09-19 15:41:38.0 +0100
> +++ parted-3.2/debian/.git-dpm2014-11-06 12:21:49.0 +
> @@ -1,6 +1,6 @@
>  # see git-dpm(1) from git-dpm package
> -5e4e122454ac8ecf5b5fc006c0b03f0e8adc6c7c
> -5e4e122454ac8ecf5b5fc006c0b03f0e8adc6c7c
> +bdfd201a2f5b8090c7ba1208fe5531d0dceecf49
> +bdfd201a2f5b8090c7ba1208fe5531d0dceecf49
>  a3803540db7f12359a111d6449159b91032c253f
>  a3803540db7f12359a111d6449159b91032c253f
>  parted_3.2.orig.tar.xz
> diff -Nru parted-3.2/debian/changelog parted-3.2/debian/changelog
> --- parted-3.2/debian/changelog   2014-09-19 15:44:41.0 +0100
> +++ parted-3.2/debian/changelog   2015-03-19 10:58:59.0 +
> @@ -1,3 +1,15 @@
> +parted (3.2-7) unstable; urgency=medium
> +
> +  [ Phillip Susi ]
> +  * Cherry pick upstream patch to fix a crash when resizing fat16
> +(LP: #1342255).
> +
> +  [ Colin Watson ]
> +  * Drop libparted2's alternative Suggests on nparted, which has not been in
> +Debian for a decade or so.
> +
> + -- Colin Watson   Thu, 19 Mar 2015 10:58:55 +
> +
>  parted (3.2-6) unstable; urgency=medium
>  
>[ Steven Chamberlain ]
> diff -Nru parted-3.2/debian/control parted-3.2/debian/control
> --- parted-3.2/debian/control 2014-09-19 15:38:08.0 +0100
> +++ parted-3.2/debian/control 2015-03-19 10:52:48.0 +
> @@ -68,7 +68,7 @@
>  Section: libs
>  Pre-Depends: ${misc:Pre-Depends}
>  Depends: ${shlibs:Depends}, ${misc:Depends}
> -Suggests: parted | nparted, libparted-dev, libparted-i18n (= 
> ${source:Version})
> +Suggests: parted, libparted-dev, libparted-i18n (= ${source:Version})
>  Conflicts: parted (<< 1.4.13+14pre1), libparted1 (<< 2.2)
>  Replaces: libparted0 (<< 2.2-4), libparted1 (<< 2.2), libparted1.4 (<< 
> 1.4.24-2)
>  Provides: libparted
> diff -Nru parted-3.2/debian/patches/fat16-resize-crash.patch 
> parted-3.2/debian/patches/fat16-resize-crash.patch
> --- parted-3.2/debian/patches/fat16-resize-crash.patch1970-01-01 
> 01:00:00.0 +0100
> +++ parted-3.2/debian/patches/fat16-resize-crash.patch2014-11-06 
> 12:21:49.0 +
> @@ -0,0 +1,56 @@
> +From bdfd201a2f5b8090c7ba1208fe5531d0dceecf49 Mon Sep 17 00:00:00 2001
> +From: Mike Fleetwood 
> +Date: Sun, 28 Sep 2014 16:15:48 +0100
> +Subject: lib-fs-resize: Prevent crash resizing FAT16 file systems
> +
> +Resizing FAT16 file system crashes in libparted/fs/r/fat/resize.c
> +create_resize_context() because it was dereferencing NULL pointer
> +fs_info->info_sector to copy the info_sector.
> +
> +Only FAT32 file systems have info_sector populated by fat_open() ->
> +fat_info_sector_read().  FAT12 and FAT16 file systems don't have an
> +info_sector so pointer fs_info->info_sector remains assigned NULL from
> +fat_alloc().  When resizing a FAT file system create_resize_context()
> +was always dereferencing fs_info->info_sector to memory copy the
> +info_sector, hence it crashed for FAT12 and FAT16.
> +
> +Make create_resize_context() only copy the info_sector for FAT32 file
> +systems.
> +
> +Reported by Christian Hesse in
> +https://bugzilla.gnome.org/show_bug.cgi?id=735669
> +
> +Origin: upstream, 
> http://git.savannah.gnu.org/cgit/parted.git/commit/?id=1e9e770f4bc7f3d80e09ecd1df58575fad064163
> +Bug: https://bugzilla.gnome.org/show_bug.cgi?id=735669
> +Last-Update: 2014-11-06
> +
> +Patch-Name: fat16-resize-crash.patch
> +---
> + libparted/fs/r/fat/resize.c | 12 +---
> + 1 file changed, 9 insertions(+), 3 deletions(-)
> +
> +diff --git a/libparted/fs/r/fat/resize.c b/libparted/fs/r/fat/resize.c
> +index 919acf0..bfe60a0 100644
> +--- a/libparted/fs/r/fat/resize.c
>  b/libparted/fs/r/fat/resize.c
> +@@ -668,11 +668,17 @@ create_resize_context (PedFileSystem* fs, const 
> PedGeometry* new_geom)
> + 
> + /* preserve boot code, etc. */
> + new_fs_info->boot_sector = ped_malloc (new_geom->dev->sector_size);
> +-new_fs_info->info_sector = ped_malloc (new_geom->dev->sector_size);
> + memcpy (new_fs_info->boot_sector, fs_info->boot_sector,
> + new_geom->dev->sector_size);
> +-memcpy (new_fs_info->info_sector, fs_info->info_sector,
> +-new_geom->dev->sector_size);
> ++new_fs_info->info_sector = NULL;
> ++if (fs_info->fat_type == FAT_TYPE_FAT32)
> ++{
> ++PED_ASSERT (fs_info->info_sector != NULL);
> ++new_fs_info->info_sector =
> ++ped_malloc (new_geom->dev->sector_size);
> ++

Processed: Re: Bug#781233: unblock: parted/3.2-7

[Debian Bug Tracking System]

Processing control commands:

> tags -1 d-i
Bug #781233 [release.debian.org] unblock: parted/3.2-7
Added tag(s) d-i.

-- 
781233: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781233
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/handler.s.b781233.142756785717530.transcr...@bugs.debian.org

Bug#781406: pu: package tomcat7/7.0.28-4+deb7u1

[Miguel Landaeta]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: pu
Tags: wheezy

Hi,

Currently, tomcat7 can't be built in wheezy as it was reported on
#780519.

So, I'm proposing this upload for stable to fix that FTBFS bug.
You can review the proposed changes in the attached debdiff.

This doesn't change any feature in tomcat7, it just fixes some broken
unit tests.

Cheers,


-- System Information:
Debian Release: 7.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.13-0.bpo.1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=UTF-8 (charmap=UTF-8) (ignored: LC_ALL set 
to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash

-- 
Miguel Landaeta, nomadium at debian.org
secure email with PGP 0x6E608B637D8967E9 available at http://miguel.cc/key.
"Faith means not wanting to know what is true." -- Nietzsche
diff -Nru tomcat7-7.0.28/debian/changelog tomcat7-7.0.28/debian/changelog
--- tomcat7-7.0.28/debian/changelog 2014-03-10 07:29:58.0 -0300
+++ tomcat7-7.0.28/debian/changelog 2015-03-28 14:50:20.0 -0300
@@ -1,3 +1,15 @@
+tomcat7 (7.0.28-4+deb7u2) stable; urgency=medium
+
+  * Team upload.
+  * Fix FTBFS error by making sure SSL unit tests use TLS protocols.
+- SSLv3 and previous protocols are not secure and deprecated
+  in JDK7.
+- Additionally, some X509 certificates provided by upstream expired
+  and were causing failures in unit tests as well, so they were
+  regenerated. (Closes: #780519).
+
+ -- Miguel Landaeta   Thu, 26 Mar 2015 20:18:56 -0300
+
 tomcat7 (7.0.28-4+deb7u1) wheezy-security; urgency=high
 
   * Team upload.
diff -Nru tomcat7-7.0.28/debian/keystores/ca-cert.pem 
tomcat7-7.0.28/debian/keystores/ca-cert.pem
--- tomcat7-7.0.28/debian/keystores/ca-cert.pem 1969-12-31 21:00:00.0 
-0300
+++ tomcat7-7.0.28/debian/keystores/ca-cert.pem 2015-03-28 13:18:02.0 
-0300
@@ -0,0 +1,30 @@
+-BEGIN CERTIFICATE-
+MIIFNTCCAx2gAwIBAgIJAP6JFxtmg5GyMA0GCSqGSIb3DQEBCwUAMDExCzAJBgNV
+BAYTAlVTMSIwIAYDVQQDDBljYS10ZXN0LnRvbWNhdC5hcGFjaGUub3JnMB4XDTE1
+MDMyNDE5NDQ0M1oXDTI1MDMyMTE5NDQ0M1owMTELMAkGA1UEBhMCVVMxIjAgBgNV
+BAMMGWNhLXRlc3QudG9tY2F0LmFwYWNoZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQC1kmB0521enMB1HbDLHV1Scx9LIFktnb/tMTXqt9LldaA0
+cCESvgNIbSerVVzcEQNlxfKc4CkEGYN7dgMIGYYEfsnDwJKExv38zRY5M4aVk5fO
+Lq1QQhUx7btKNUeVrXDt4bwE6iwYSwWmsp/UjZe7tjRtbWqJU1j5hkLBvRNoMOPZ
+bSUV5U2BrpVjBJTFw0ynfXv8jBzRI/Ag9eP9KREpYUADp1FgIy8JDpPL7gccHaHM
+C8Eepy2mwm1cZCQmVcCMoeiDPnLirFE4tWnXRlvE+leqUlrSvFz5OaCB21vE7MjZ
+UHNDElPhVrx5UE0DFqFifP8vdFIMBm83chdIL//vLnGnaWFcOtuLEZncb7nvEnm7
+zyKhpATtkh7RiVT9dUlH9cdsVPEd4Y/4Zf+fWon3xU2jT6gaUn6NYgLzAvbfZLj5
+i7h0Zjr9doRZu6zJSeErhF2mJPiAAQQ4lzvM+ieCRNZLLSGE4WfcE9mF2cd27XJ0
++GbGEvBmcGz3Fi+8sSs06EMB+3Nxwe1Wq/bl84R61xw2rjIjyHn04yzBIlzt0wfo
+ONYBBdtE+jlo8ar7JubiOeUuZII3L+Rknr6wglWYQQUkokx6e4LgUovxbNS1EnYA
+zL0PZloETWYU5mt4xwuheE+7GtgLdKMF1RvRvwPjOBtbNNEggsali6mm/yawzQID
+AQABo1AwTjAdBgNVHQ4EFgQUdt8dWGpR4wH+PNPW622ERdtv8WkwHwYDVR0jBBgw
+FoAUdt8dWGpR4wH+PNPW622ERdtv8WkwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
+AQsFAAOCAgEAHFBhfOCnaKfsv+qwTBUh18EmX+jFa2Oz5TRBV8N7FJQVFFB6+73v
+8NVgWBksGXkdUfi1zYCDqc/9BVHxdMDKUt/IuUcFZhHcI1B2Lfn5M85YU79Uq3DY
+kJCj2+Og64lgB2E6Claq883mJYSwM7Cvt1ZNvMzHHBSl2IsllT1mGaCoioOnvkSj
+0cKt3OSv6CeyNzSLzfABDLTShMHBsuIW/Idsf7n3zHfNzu33gWe4/dsXPdPu4w+Y
+yZBoXmFIzb7ft+hZpBGPVwRS3VTtWgQcqc7b6dlwJvnZMTsX9wG2q/lA/FKbr4ih
+/M4mrcyCRe4o7HVZHxEydP3kmuGybvC67FL7RtghYE1XPnpohPv7pSHZwcIrkWHe
+OMvn5zk/m9iqwjFI1YvZS09phckSevS5d5LPX0L1XlA4uEXWq5eKkTRqrtCqlkf/
+4PgT3ekYchnC5xHISG54AIbA49GcMw+GM5cc+u8a505BDp7c9ZEYWOeVFg3QNucu
+gVCDW8wdn60toHyUUr+kL435QlVaSM6xh1b1TC5yEeGEPNfMMruxSO/Me6CbEyUL
+CEE8uhmGkKgaB9+T0fFy0woRO+4gG6Rw7J7q3SUibyXII8kABLyUfKc6o3MubTWs
+jUW8qHfiKtJO+1Q6Yn0R6C0/YPG7eMqb3p6tYk7YUFQBxk/8NTElgaM=
+-END CERTIFICATE-
diff -Nru tomcat7-7.0.28/debian/keystores/ca-key.pem 
tomcat7-7.0.28/debian/keystores/ca-key.pem
--- tomcat7-7.0.28/debian/keystores/ca-key.pem  1969-12-31 21:00:00.0 
-0300
+++ tomcat7-7.0.28/debian/keystores/ca-key.pem  2015-03-28 13:18:02.0 
-0300
@@ -0,0 +1,51 @@
+-BEGIN RSA PRIVATE KEY-
+MIIJJwIBAAKCAgEAtZJgdOdtXpzAdR2wyx1dUnMfSyBZLZ2/7TE16rfS5XWgNHAh
+Er4DSG0nq1Vc3BEDZcXynOApBBmDe3YDCBmGBH7Jw8CShMb9/M0WOTOGlZOXzi6t
+UEIVMe27SjVHla1w7eG8BOosGEsFprKf1I2Xu7Y0bW1qiVNY+YZCwb0TaDDj2W0l
+FeVNga6VYwSUxcNMp317/Iwc0SPwIPXj/SkRKWFAA6dRYCMvCQ6Ty+4HHB2hzAvB
+HqctpsJtXGQkJlXAjKHogz5y4qxROLVp10ZbxPpXqlJa0rxc+TmggdtbxOzI2VBz
+QxJT4Va8eVBNAxahYnz/L3RSDAZvN3IXSC//7y5xp2lhXDrbixGZ3G+57xJ5u88i
+oaQE7ZIe0YlU/XVJR/XHbFTxHeGP+GX/n1qJ98VNo0+oGlJ+jWIC8wL232S4+Yu4
+dGY6/XaEWbusyUnhK4RdpiT4gAEEOJc7zPongkTWSy0hhOFn3BPZhdnHdu1ydPhm
+xhLwZnBs9xYvvLErNOhDAftzccHtVqv25fOEetccNq4yI8h59OMswSJc7dMH6DjW
+AQXbRPo5aPGq+ybm4jnlLmSCNy/kZJ6+sIJVmEEFJKJMenuC4FKL8WzUtRJ2AMy9
+D2ZaBE1mFOZreMcLoXhPuxrYC3SjBdUb0b8D4zgbWzTRIILGpYuppv8msM0CAwEA
+AQKCAgA5eMOfPUGZGPSyHVvAbuMDHf1hwjN4BN6jLVhrmxPeHYVA

Re: Perl updates for jessie

[Niels Thykier]

On 2015-03-28 17:53, Dominic Hargreaves wrote:
> [...]
> 

Hi,

> I see that those packages have already been unblocked; thanks!
> 

You are welcome. :)

> I have pushed some more changes to add Breaks for some more packages
> (that weren't fixed when I prepared the previous upload). Also pushed
> is a change fixing #781120 (or at least making it as painless as we
> realistically can by improving the diagnostics).
> 

Sounds good. :)

> There is one more regression bug that we would like to get fixed for
> jessie (#779357) but there is no good patch available yet; so I think
> it's best if we upload now. Would you be happy to accept the changes
> currently in git for jessie?
> 
> http://anonscm.debian.org/cgit/perl/perl.git/log/
> 
> Cheers,
> Dominic.
> 

Agreed, lets not wait for #779357.  The changes at a8e1635[1] looks good
to me; please go ahead with those.

Thanks,
~Niels

[1]
http://anonscm.debian.org/cgit/perl/perl.git/commit/?id=a8e1635c155cdd290aaf5c0eebb10992ecb2caa9



-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5516e951.5020...@thykier.net

Bug#781403: ftp.debian.org: Please enable jessie-updates imports

[Adam D. Barratt]

Package: ftp.debian.org
X-Debbugs-CC: debian-release@lists.debian.org

Hi,

Please enable imports for the jessie-updates suite.

A public SSH key can be found
at /srv/release.debian.org/sets/ssh/jessie-updates_trigger_key.pub on
franck and I've created /srv/release.debian.org/sets/jessie-updates/

Thanks,

Adam


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/1427563243.1708.17.ca...@adam-barratt.org.uk

Perl updates for jessie

[Dominic Hargreaves]

On Fri, Feb 27, 2015 at 08:27:55PM +, Dominic Hargreaves wrote:
> On Mon, Feb 23, 2015 at 10:58:54PM +0100, Niels Thykier wrote:
> > On 2015-02-16 21:45, Dominic Hargreaves wrote:
> > > [...]
> > > Hi release team,
> > > 
> > > See
> > > 
> > > 
> > > 
> > > where I have summarised some possibly-relevant fixes from the latest 
> > > stable release of perl. Many of them are regressions from what we have
> > > in wheezy.
> > > 
> > > By themselves none of them are release critical but there is quite a
> > > bundle of changes. Do you think there is any point in trying to get these
> > > into Jessie before release? I think there'd be an argument for them
> > > going in in a point release if not.
> > > 
> > > It'd probably be safest to actually import 5.20.2 rather than cherry pick
> > > all the right patches from that long list. I realise that this falls
> > > some way outside the current freeze policy, so feel free to tell me to
> > > go away :)
> > > 
> > > Note: there's one bug currently filed at RC to consider fixing in 
> > > perl: #777556.
> > > 
> > > Cheers,
> > > Dominic.
> > > 
> > > 
> > 
> > I do feel it is not quite in the spirit of the freeze-policy.  Though
> > having reviewed the concrete upstream changes, commit-by-commit, I would
> > be willing to accept those (upstream) changes for Jessie.
> > 
> > That said, my approval assumes there will be no changes on the debian
> > side (beyond dropping patches applied upstream and a changelog entry).
> > If there are other changes to debian/, they will need to be approved
> > separately.
> 
> Hi Niels,
> 
> Thanks. I've now uploaded 5.20.2-1, which includes changes related to
> other RC bugs as well as the new upstream release. I've filed a binNMU
> bug for the packages that need rebuilding as a result.
> 
> I'll ping this thread again when all packages related to perl 5.20.2
> and #777597 are ready to be unblocked.

I see that those packages have already been unblocked; thanks!

I have pushed some more changes to add Breaks for some more packages
(that weren't fixed when I prepared the previous upload). Also pushed
is a change fixing #781120 (or at least making it as painless as we
realistically can by improving the diagnostics).

There is one more regression bug that we would like to get fixed for
jessie (#779357) but there is no good patch available yet; so I think
it's best if we upload now. Would you be happy to accept the changes
currently in git for jessie?

http://anonscm.debian.org/cgit/perl/perl.git/log/

Cheers,
Dominic.


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150328165342.gp7...@urchin.earth.li

Processed: Re: Bug#779820: unblock (pre-approval): mate-netbook/1.8.1-4

[Debian Bug Tracking System]

Processing control commands:

> tags -1 - moreinfo
Bug #779820 [release.debian.org] unblock (pre-approval): mate-netbook/1.8.1-4
Removed tag(s) moreinfo.

-- 
779820: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779820
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/handler.s.b779820.142755330930472.transcr...@bugs.debian.org

Bug#779820: unblock (pre-approval): mate-netbook/1.8.1-4

[Mike Gabriel]

Control: tags -1 - moreinfo

Hi Emilio,

On  Fr 06 Mär 2015 13:52:17 CET, Emilio Pozuelo Monfort wrote:


Control: tags -1 + confirmed

On 06/03/15 13:18, Mike Gabriel wrote:

Hi Emilio,

On  Fr 06 Mär 2015 12:12:36 CET, Emilio Pozuelo Monfort wrote:


Control: tags -1 moreinfo

On 05/03/15 08:52, Mike Gabriel wrote:

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please consider unblocking of planned upload of package mate-netbook.

+  [ Martin Wimpress ]
+  * debian/patches:
++ Add 0001_respect_undecorate_setting.patch. Ensure mate-maximus
+  undecorates maximized windows only when the "undecorate" dconf
+  option is set. (Closes: #778816).

Once mate-netbook is installed most applications loose their window
decorations when maximized (expected behabiour of mate-maximus inside the
mate-netbook package). In dconf there is a setting that allows one to
disable this "undecorate" behaviour (i.e. make windows behave normally
(desktop-like) again when maximized.

However, this "undecorate" option in dconf has no effect for users
attempting to disable the undecorate feature, window decorations stay
lost until mate-netbook gets uninstalled. Impossible to configure
mate-maximus on a per-user basis or with a system-wide override file.

With the provided patch in the attached .debdiff, this issue is fixed.


While the patch is minimal, the bug is only of normal severity,  
and we are at
the point where only (or mostly) RC bug fixes go through. So I'm  
unsure about

letting this through. Can you argue why this is actually more important, or
why we should make an exception for it?

Emilio


Basically, I submitted this issue out of two reasons:

  o in a private communication with Niels about open MATE issues he
"encouraged" me to file the unblock request for the above  
mentioned issue

(I hope I got him right concerning that).
  o once mate-netbook is installed, it is not possible to disable
mate-maximus's functionality, although there are switches for it
(namely: the undecorate switch in dconf). mate-netbook also ships
another applet (mate-window-picker-applet), if people want to have that,
but not mate-maximus they face a problem...

The behaviour of mate-maximus should be controllable via gsettings  
and not via

dpkg (installation / removal of the package).


OK. Based on that and the fact that the patch is trivial, and the  
issue seems important enough that I'd approve it for a pu in stable,  
I'm going to ack it now. Please upload it and remove the moreinfo  
tag when the package is accepted.


Regards,
Emilio


I missed this mail. Sorry. Uploaded (+accepted in unstable) just now.

Mike
--

mike gabriel aka sunweaver (Debian Developer)
fon: +49 (1520) 1976 148

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: sunwea...@debian.org, http://sunweavers.net



pgpcloREzCmqw.pgp
Description: Digitale PGP-Signatur

Bug#781395: unblock (pre-approval): mate-control-center/1.8.3+dfsg1-2

[Mike Gabriel]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please consider unblocking planned upload of package mate-control-center.

+  * debian/patches (i18n fixes):
++ Add 0003_fix-i18n-category-names.patch. Fix i18n names of Settings /
+  System sub-categories in MATE control center window. (Closes: #780580).
++ Add 0004_fix-set-preferred-apps-in-some-locales.patch. Fix missing 
preferred
+  applications launcher for Russion and Ukranian locale in common tasks
+  section. (Closes: #781303).
++ Add 2002_fix-common-tasks-section-for-German-locale.patch. Fix 
translation
+  of items in the "Common Tasks" section of MATE's control center.

-> Fix several i18n issues in the MATE control center main window.

+  * debian/patches (functionality fixes):
++ Add 0005_fix-desktop-item-launching.patch. In libslab: do not reap child
+  when launching desktop items. (Closes: #781247).

-> Don't double fork applications launched via .desktop file. Fixes .desktop 
launching
containing pkexec calls in certain situations.

+  * debian/control:
++ Switch to versioned D (mate-control-center): mate-desktop (>= 
1.8.1+dfsg1-3).
+  (required by new patch 0005_fix-desktop-item-launching.patch).

-> This updated package revisions requires mate-desktop 1.8.1+dfsg1-3 to
be accepted for jessie, as well.

light+love,
Mike

unblock mate-control-center/1.8.3+dfsg1-2

-- System Information:
Debian Release: 8.0
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing-updates'), (500, 
'testing-proposed-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
diff -Nru mate-control-center-1.8.3+dfsg1/debian/changelog mate-control-center-1.8.3+dfsg1/debian/changelog
--- mate-control-center-1.8.3+dfsg1/debian/changelog	2014-10-22 23:05:07.0 +0200
+++ mate-control-center-1.8.3+dfsg1/debian/changelog	2015-03-28 15:17:04.0 +0100
@@ -1,3 +1,22 @@
+mate-control-center (1.8.3+dfsg1-2) unstable; urgency=medium
+
+  * debian/patches (i18n fixes):
++ Add 0003_fix-i18n-category-names.patch. Fix i18n names of Settings /
+  System sub-categories in MATE control center window. (Closes: #780580).
++ Add 0004_fix-set-preferred-apps-in-some-locales.patch. Fix missing preferred
+  applications launcher for Russion and Ukranian locale in common tasks
+  section. (Closes: #781303).
++ Add 2002_fix-common-tasks-section-for-German-locale.patch. Fix translation
+  of items in the "Common Tasks" section of MATE's control center.
+  * debian/patches (functionality fixes):
++ Add 0005_fix-desktop-item-launching.patch. In libslab: do not reap child
+  when launching desktop items. (Closes: #781247).
+  * debian/control:
++ Switch to versioned D (mate-control-center): mate-desktop (>= 1.8.1+dfsg1-3).
+  (required by new patch 0005_fix-desktop-item-launching.patch).
+
+ -- Mike Gabriel   Sat, 28 Mar 2015 15:16:54 +0100
+
 mate-control-center (1.8.3+dfsg1-1) unstable; urgency=medium
 
   [ Vangelis Mouhtsis ]
diff -Nru mate-control-center-1.8.3+dfsg1/debian/control mate-control-center-1.8.3+dfsg1/debian/control
--- mate-control-center-1.8.3+dfsg1/debian/control	2014-10-06 23:57:54.0 +0200
+++ mate-control-center-1.8.3+dfsg1/debian/control	2015-03-28 14:29:50.0 +0100
@@ -57,7 +57,7 @@
  caja-common (>= 1.8.0),
  mate-settings-daemon,
  mate-menus,
- mate-desktop,
+ mate-desktop (>= 1.8.1+dfsg1-3),
  mate-icon-theme,
  desktop-file-utils,
  gsettings-desktop-schemas,
diff -Nru mate-control-center-1.8.3+dfsg1/debian/patches/0003_fix-i18n-category-names.patch mate-control-center-1.8.3+dfsg1/debian/patches/0003_fix-i18n-category-names.patch
--- mate-control-center-1.8.3+dfsg1/debian/patches/0003_fix-i18n-category-names.patch	1970-01-01 01:00:00.0 +0100
+++ mate-control-center-1.8.3+dfsg1/debian/patches/0003_fix-i18n-category-names.patch	2015-03-28 14:22:05.0 +0100
@@ -0,0 +1,52 @@
+From 5ebc88406f51fe36bfb03319f1d4fb5edb55 Mon Sep 17 00:00:00 2001
+From: rezso 
+Date: Sun, 25 Jan 2015 17:13:08 +0100
+Subject: [PATCH] Use MATE's own .directory files in matecc
+
+First: Personal.directory, InternetAndNetwork.directory, Hardware.directory and System.directory shipped by gnome-menus, which is causes an unwanted gnome-menus dependency.
+Second: because of different gettext domains, the translations are unused.
+---
+ shell/matecc.menu | 8 
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/shell/matecc.menu b/shell/matecc.menu
+index b0beba5..a99fdf7 100644
+--- a/shell/matecc.menu
 b/shell/matecc.menu
+@@ -46,7 +46,7 @@
+   
+   
+ Personal
+-Personal.directory
++mate-person

Bug#781392: unblock (pre-approval): mate-desktop/1.8.1+dfsg1-3

[Mike Gabriel]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please consider unblocking planned upload of package mate-desktop.

+  * debian/patches:
++ Add 0001_fix-pkexec-calls-in-desktop-launcher.patch. In
+  mate-desktop-item.c: Add a child watch if "do not reap child" flag is 
set.
+  This avoids double forking with desktop files that have "exec pkexec ..."
+  inside. (Closes: #781246).

-> Applications launched via pkexec via a .desktop file in MATE double
fork, which let's the pkexec call fail in some situations.

light+love,
Mike

unblock mate-desktop/1.8.1+dfsg1-3

-- System Information:
Debian Release: 8.0
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing-updates'), (500, 
'testing-proposed-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
diff -Nru mate-desktop-1.8.1+dfsg1/debian/changelog mate-desktop-1.8.1+dfsg1/debian/changelog
--- mate-desktop-1.8.1+dfsg1/debian/changelog	2014-10-25 23:38:01.0 +0200
+++ mate-desktop-1.8.1+dfsg1/debian/changelog	2015-03-28 14:54:56.0 +0100
@@ -1,3 +1,14 @@
+mate-desktop (1.8.1+dfsg1-3) unstable; urgency=medium
+
+  [ Mike Gabriel ]
+  * debian/patches:
++ Add 0001_fix-pkexec-calls-in-desktop-launcher.patch. In
+  mate-desktop-item.c: Add a child watch if "do not reap child" flag is set.
+  This avoids double forking with desktop files that have "exec pkexec ..."
+  inside. (Closes: #781246).
+
+ -- Mike Gabriel   Sat, 28 Mar 2015 14:53:31 +0100
+
 mate-desktop (1.8.1+dfsg1-2) unstable; urgency=medium
 
   [ Vangelis Mouhtsis ]
diff -Nru mate-desktop-1.8.1+dfsg1/debian/patches/0001_fix-pkexec-calls-in-desktop-launcher.patch mate-desktop-1.8.1+dfsg1/debian/patches/0001_fix-pkexec-calls-in-desktop-launcher.patch
--- mate-desktop-1.8.1+dfsg1/debian/patches/0001_fix-pkexec-calls-in-desktop-launcher.patch	1970-01-01 01:00:00.0 +0100
+++ mate-desktop-1.8.1+dfsg1/debian/patches/0001_fix-pkexec-calls-in-desktop-launcher.patch	2015-03-28 14:41:53.0 +0100
@@ -0,0 +1,64 @@
+From 1a779ce4a20e578e6e73789dbc75876838f2e012 Mon Sep 17 00:00:00 2001
+From: Monsta 
+Date: Wed, 25 Mar 2015 15:21:34 +0300
+Subject: [PATCH] mate-desktop-item: add a child watch if "do not reap child"
+ flag set
+
+similar to https://git.gnome.org/browse/gnome-panel/commit/?id=76acc5b
+
+avoids double forking with desktop files that have "exec pkexec ..."
+inside.
+---
+ libmate-desktop/mate-desktop-item.c | 17 -
+ 1 file changed, 16 insertions(+), 1 deletion(-)
+
+diff --git a/libmate-desktop/mate-desktop-item.c b/libmate-desktop/mate-desktop-item.c
+index eb004d9..c0ee1da 100644
+--- a/libmate-desktop/mate-desktop-item.c
 b/libmate-desktop/mate-desktop-item.c
+@@ -1721,6 +1721,17 @@ make_environment_for_screen (GdkScreen  *screen,
+ 	return retval;
+ }
+ 
++static void
++dummy_child_watch (GPid pid,
++		   gint status,
++		   gpointer user_data)
++{
++	/* Nothing, this is just to ensure we don't double fork
++	 * and break pkexec:
++	 * https://bugzilla.gnome.org/show_bug.cgi?id=675789
++	 */
++}
++
+ static int
+ ditem_execute (const MateDesktopItem *item,
+ 	   const char *exec,
+@@ -1749,6 +1760,7 @@ ditem_execute (const MateDesktopItem *item,
+ 	char *new_exec, *uris, *temp;
+ 	char *exec_locale;
+ 	int launched = 0;
++	GPid pid;
+ #ifdef HAVE_STARTUP_NOTIFICATION
+ 	GdkDisplay *gdkdisplay;
+ 	SnLauncherContext *sn_context;
+@@ -1957,14 +1969,17 @@ ditem_execute (const MateDesktopItem *item,
+   (do_not_reap_child ? G_SPAWN_DO_NOT_REAP_CHILD : 0) | G_SPAWN_SEARCH_PATH /* flags */,
+   NULL, /* child_setup_func */
+   NULL, /* child_setup_func_data */
+-  &ret /* child_pid */,
++  (do_not_reap_child ? &pid : NULL) /* child_pid */,
+   error)) {
+ 			/* The error was set for us,
+ 			 * we just can't launch this thingie */
+ 			ret = -1;
+ 			g_strfreev (real_argv);
+ 			break;
++		} else if (do_not_reap_child) {
++			g_child_watch_add (pid, dummy_child_watch, NULL);
+ 		}
++
+ 		launched ++;
+ 
+ 		g_strfreev (real_argv);
+
diff -Nru mate-desktop-1.8.1+dfsg1/debian/patches/series mate-desktop-1.8.1+dfsg1/debian/patches/series
--- mate-desktop-1.8.1+dfsg1/debian/patches/series	2014-05-21 09:35:05.0 +0200
+++ mate-desktop-1.8.1+dfsg1/debian/patches/series	2015-03-28 14:41:53.0 +0100
@@ -1 +1,2 @@
+0001_fix-pkexec-calls-in-desktop-launcher.patch
 2001_omit-gfdl-licensed-user-guide.patch

Bug#781386: unblock: webkitgtk/2.4.8-2

[Alberto Garcia]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package webkitgtk

This package contains two patches:

   * debian/patches/g-closure-unref.diff:

 Fixes a case of use-after-free.

 http://bugs.debian.org/780444

   * debian/patches/fix-cloop.patch:

 Fixes the LLInt part of the JavaScript interpreter that makes
 webkitgtk unusable on powerpc.

 This patch has been recommended by the RedHat maintainer.

 http://bugs.debian.org/771841

unblock webkitgtk/2.4.8-2

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru webkitgtk-2.4.8/debian/changelog webkitgtk-2.4.8/debian/changelog
--- webkitgtk-2.4.8/debian/changelog	2015-01-17 14:19:53.0 +0200
+++ webkitgtk-2.4.8/debian/changelog	2015-03-26 23:49:46.0 +0200
@@ -1,3 +1,13 @@
+webkitgtk (2.4.8-2) unstable; urgency=medium
+
+  * debian/patches/g-closure-unref.diff:
++ Fix use-after-free warning when loading page into WebView
+ (Closes: #780444).
+  * debian/patches/fix-cloop.patch:
++ Fix crash on powerpc (Closes: #771841).
+
+ -- Alberto Garcia   Thu, 26 Mar 2015 23:49:21 +0200
+
 webkitgtk (2.4.8-1) unstable; urgency=medium
 
   * New upstream release, which includes some of the patches already
diff -Nru webkitgtk-2.4.8/debian/patches/fix-cloop.patch webkitgtk-2.4.8/debian/patches/fix-cloop.patch
--- webkitgtk-2.4.8/debian/patches/fix-cloop.patch	1970-01-01 02:00:00.0 +0200
+++ webkitgtk-2.4.8/debian/patches/fix-cloop.patch	2015-03-26 23:49:46.0 +0200
@@ -0,0 +1,240 @@
+From: Tomas Popela 
+Subject: Fix crash on powerpc
+Bug-Debian: https://bugs.debian.org/771841
+Origin: http://pkgs.fedoraproject.org/cgit/webkitgtk3.git/tree/
+Index: webkitgtk/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
+===
+--- webkitgtk.orig/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
 webkitgtk/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
+@@ -2002,7 +2002,7 @@ _llint_op_next_pname:
+ loadi 20[PC], t2
+ loadi PayloadOffset[cfr, t2, 8], t2
+ loadp JSPropertyNameIterator::m_jsStrings[t2], t3
+-loadi [t3, t0, 8], t3
++loadi PayloadOffset[t3, t0, 8], t3
+ addi 1, t0
+ storei t0, PayloadOffset[cfr, t1, 8]
+ loadi 4[PC], t1
+Index: webkitgtk/Source/JavaScriptCore/llint/LowLevelInterpreter.asm
+===
+--- webkitgtk.orig/Source/JavaScriptCore/llint/LowLevelInterpreter.asm
 webkitgtk/Source/JavaScriptCore/llint/LowLevelInterpreter.asm
+@@ -299,13 +299,13 @@ macro assertNotConstant(index)
+ end
+ 
+ macro functionForCallCodeBlockGetter(targetRegister)
+-loadp Callee[cfr], targetRegister
++loadp Callee + PayloadOffset[cfr], targetRegister
+ loadp JSFunction::m_executable[targetRegister], targetRegister
+ loadp FunctionExecutable::m_codeBlockForCall[targetRegister], targetRegister
+ end
+ 
+ macro functionForConstructCodeBlockGetter(targetRegister)
+-loadp Callee[cfr], targetRegister
++loadp Callee + PayloadOffset[cfr], targetRegister
+ loadp JSFunction::m_executable[targetRegister], targetRegister
+ loadp FunctionExecutable::m_codeBlockForConstruct[targetRegister], targetRegister
+ end
+Index: webkitgtk/Source/JavaScriptCore/interpreter/ProtoCallFrame.h
+===
+--- webkitgtk.orig/Source/JavaScriptCore/interpreter/ProtoCallFrame.h
 webkitgtk/Source/JavaScriptCore/interpreter/ProtoCallFrame.h
+@@ -36,7 +36,7 @@ struct ProtoCallFrame {
+ Register calleeValue;
+ Register argCountAndCodeOriginValue;
+ Register thisArg;
+-size_t paddedArgCount;
++uint32_t paddedArgCount;
+ JSValue *args;
+ 
+ void init(CodeBlock*, JSScope*, JSObject*, JSValue, int, JSValue* otherArgs = 0);
+@@ -53,7 +53,7 @@ struct ProtoCallFrame {
+ int argumentCountIncludingThis() const { return argCountAndCodeOriginValue.payload(); }
+ int argumentCount() const { return argumentCountIncludingThis() - 1; }
+ void setArgumentCountIncludingThis(int count) { argCountAndCodeOriginValue.payload() = count; }
+-void setPaddedArgsCount(size_t argCount) { paddedArgCount = argCount; }
++void setPaddedArgsCount(uint32_t argCount) { paddedArgCount = argCount; }
+ 
+ void clearCurrentVPC() { argCountAndCodeOriginValue.tag() = 0; }
+ 
+Index: webkitgtk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp
+===
+--- webkitgtk.orig/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp
 webkitgtk/Source/JavaScriptCore

Bug#781378: marked as done (unblock: src:shibboleth-sp2/2.5.3+dfsg-2)

[Debian Bug Tracking System]

Your message dated Sat, 28 Mar 2015 11:50:59 +0100
with message-id <55168793.1030...@thykier.net>
and subject line Re: Bug#781378: unblock: src:shibboleth-sp2/2.5.3+dfsg-2
has caused the Debian Bug report #781378,
regarding unblock: src:shibboleth-sp2/2.5.3+dfsg-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
781378: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781378
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package src:shibboleth-sp2

This package (which I'm sponsoring on behalf of Ferenc Wagner),
backports the upstream fix for CVE-2015-2684 to 2.5.3. I have just
sponsored a similar upload to wheezy-security, so a DSA should be
coming out about that shortly.

The upstream fix is viewable here:
http://svn.shibboleth.net/view/cpp-sp?view=revision&revision=3894

I attach the debdiff, which you will see just incorporates that
upstream fix.

I built this in a jessie sbuild chroot.

Thanks,

Matthew

unblock src:shibboleth-sp2/2.5.3+dfsg-2

-- System Information:
Debian Release: 7.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru shibboleth-sp2-2.5.3+dfsg/debian/changelog shibboleth-sp2-2.5.3+dfsg/debian/changelog
--- shibboleth-sp2-2.5.3+dfsg/debian/changelog	2014-04-01 05:01:56.0 +0100
+++ shibboleth-sp2-2.5.3+dfsg/debian/changelog	2015-03-24 15:03:24.0 +
@@ -1,3 +1,11 @@
+shibboleth-sp2 (2.5.3+dfsg-2) unstable; urgency=high
+
+  * Incorporate security fix from V2.5.4 for CVE-2015-2684: authenticated
+denial of service vulnerability that results in a crash on certain
+kinds of malformed SAML messages.
+
+ -- Ferenc Wagner   Tue, 24 Mar 2015 08:55:06 +0100
+
 shibboleth-sp2 (2.5.3+dfsg-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru shibboleth-sp2-2.5.3+dfsg/debian/patches/0007-Security-fix-from-V2.5.4-for-CVE-2015-2684.patch shibboleth-sp2-2.5.3+dfsg/debian/patches/0007-Security-fix-from-V2.5.4-for-CVE-2015-2684.patch
--- shibboleth-sp2-2.5.3+dfsg/debian/patches/0007-Security-fix-from-V2.5.4-for-CVE-2015-2684.patch	1970-01-01 01:00:00.0 +0100
+++ shibboleth-sp2-2.5.3+dfsg/debian/patches/0007-Security-fix-from-V2.5.4-for-CVE-2015-2684.patch	2015-03-24 15:04:02.0 +
@@ -0,0 +1,56 @@
+From: =?utf-8?q?Ferenc_W=C3=A1gner?= 
+Date: Tue, 17 Mar 2015 15:09:39 +0100
+Subject: Security fix from V2.5.4 for CVE-2015-2684
+
+Shibboleth SP software crashes on malformed input messages
+===
+The SP software includes an authenticated denial of service
+vulnerability that results in a crash on certain kinds of malformed
+SAML messages. The vulnerability is only triggered when special
+conditions are met and after a message or assertion signature
+has been verified, so exploitation requires a message produced
+under a trusted key, limiting the impact.
+
+URL for the full Security Advisory:
+https://shibboleth.net/community/advisories/secadv_20150319.txt
+---
+ shibsp/handler/impl/SAML2Consumer.cpp  |4 
+ shibsp/impl/StorageServiceSessionCache.cpp |3 ++-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/shibsp/handler/impl/SAML2Consumer.cpp b/shibsp/handler/impl/SAML2Consumer.cpp
+index ec62384..be2397c 100644
+--- a/shibsp/handler/impl/SAML2Consumer.cpp
 b/shibsp/handler/impl/SAML2Consumer.cpp
+@@ -44,6 +44,7 @@
+ # include 
+ # include 
+ # include 
++# include 
+ using namespace opensaml::saml2;
+ using namespace opensaml::saml2p;
+ using namespace opensaml::saml2md;
+@@ -312,6 +313,9 @@ void SAML2Consumer::implementProtocol(
+ if (!decrypted->getSignature() && requireSignedAssertions.first && requireSignedAssertions.second)
+ throw SecurityPolicyException("The incoming assertion was unsigned, violating local security policy.");
+ 
++// Run the schema validators against the assertion, since it was hidden by encryption.
++SchemaValidators.validate(decrypted.get());
++
+ // We clear the security flag, so we can tell whether the token was secured on its own.
+ policy.setAuthenticated(false);
+ policy.reset(true);
+diff --git a/shibsp/impl/StorageServiceSessionCache.cpp b/shibsp/impl/StorageServiceSessionCache.cp

Bug#781378: unblock: src:shibboleth-sp2/2.5.3+dfsg-2

[Matthew Vernon]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package src:shibboleth-sp2

This package (which I'm sponsoring on behalf of Ferenc Wagner),
backports the upstream fix for CVE-2015-2684 to 2.5.3. I have just
sponsored a similar upload to wheezy-security, so a DSA should be
coming out about that shortly.

The upstream fix is viewable here:
http://svn.shibboleth.net/view/cpp-sp?view=revision&revision=3894

I attach the debdiff, which you will see just incorporates that
upstream fix.

I built this in a jessie sbuild chroot.

Thanks,

Matthew

unblock src:shibboleth-sp2/2.5.3+dfsg-2

-- System Information:
Debian Release: 7.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru shibboleth-sp2-2.5.3+dfsg/debian/changelog shibboleth-sp2-2.5.3+dfsg/debian/changelog
--- shibboleth-sp2-2.5.3+dfsg/debian/changelog	2014-04-01 05:01:56.0 +0100
+++ shibboleth-sp2-2.5.3+dfsg/debian/changelog	2015-03-24 15:03:24.0 +
@@ -1,3 +1,11 @@
+shibboleth-sp2 (2.5.3+dfsg-2) unstable; urgency=high
+
+  * Incorporate security fix from V2.5.4 for CVE-2015-2684: authenticated
+denial of service vulnerability that results in a crash on certain
+kinds of malformed SAML messages.
+
+ -- Ferenc Wagner   Tue, 24 Mar 2015 08:55:06 +0100
+
 shibboleth-sp2 (2.5.3+dfsg-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru shibboleth-sp2-2.5.3+dfsg/debian/patches/0007-Security-fix-from-V2.5.4-for-CVE-2015-2684.patch shibboleth-sp2-2.5.3+dfsg/debian/patches/0007-Security-fix-from-V2.5.4-for-CVE-2015-2684.patch
--- shibboleth-sp2-2.5.3+dfsg/debian/patches/0007-Security-fix-from-V2.5.4-for-CVE-2015-2684.patch	1970-01-01 01:00:00.0 +0100
+++ shibboleth-sp2-2.5.3+dfsg/debian/patches/0007-Security-fix-from-V2.5.4-for-CVE-2015-2684.patch	2015-03-24 15:04:02.0 +
@@ -0,0 +1,56 @@
+From: =?utf-8?q?Ferenc_W=C3=A1gner?= 
+Date: Tue, 17 Mar 2015 15:09:39 +0100
+Subject: Security fix from V2.5.4 for CVE-2015-2684
+
+Shibboleth SP software crashes on malformed input messages
+===
+The SP software includes an authenticated denial of service
+vulnerability that results in a crash on certain kinds of malformed
+SAML messages. The vulnerability is only triggered when special
+conditions are met and after a message or assertion signature
+has been verified, so exploitation requires a message produced
+under a trusted key, limiting the impact.
+
+URL for the full Security Advisory:
+https://shibboleth.net/community/advisories/secadv_20150319.txt
+---
+ shibsp/handler/impl/SAML2Consumer.cpp  |4 
+ shibsp/impl/StorageServiceSessionCache.cpp |3 ++-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/shibsp/handler/impl/SAML2Consumer.cpp b/shibsp/handler/impl/SAML2Consumer.cpp
+index ec62384..be2397c 100644
+--- a/shibsp/handler/impl/SAML2Consumer.cpp
 b/shibsp/handler/impl/SAML2Consumer.cpp
+@@ -44,6 +44,7 @@
+ # include 
+ # include 
+ # include 
++# include 
+ using namespace opensaml::saml2;
+ using namespace opensaml::saml2p;
+ using namespace opensaml::saml2md;
+@@ -312,6 +313,9 @@ void SAML2Consumer::implementProtocol(
+ if (!decrypted->getSignature() && requireSignedAssertions.first && requireSignedAssertions.second)
+ throw SecurityPolicyException("The incoming assertion was unsigned, violating local security policy.");
+ 
++// Run the schema validators against the assertion, since it was hidden by encryption.
++SchemaValidators.validate(decrypted.get());
++
+ // We clear the security flag, so we can tell whether the token was secured on its own.
+ policy.setAuthenticated(false);
+ policy.reset(true);
+diff --git a/shibsp/impl/StorageServiceSessionCache.cpp b/shibsp/impl/StorageServiceSessionCache.cpp
+index 9e5d48d..b816624 100644
+--- a/shibsp/impl/StorageServiceSessionCache.cpp
 b/shibsp/impl/StorageServiceSessionCache.cpp
+@@ -1233,7 +1233,8 @@ void SSCache::insert(
+ throw FatalProfileException("Attempted to create a session with a duplicate key.");
+ 
+ // Store the reverse mapping for logout.
+-if (nameid && m_reverseIndex && (m_excludedNames.size() == 0 || m_excludedNames.count(nameid->getName()) == 0)) {
++if (name.get() && *name.get() && m_reverseIndex
++&& (m_excludedNames.size() == 0 || m_excludedNames.count(nameid->getName()) == 0)) {
+ try {
+ insert(key.get(), expires, name.get(), index.get());
+ }
diff -Nru shibboleth-sp2-2.5.3+dfsg/debian/patches/series shibboleth-sp2-2.5.3+dfsg/debian/patches/series
--- shibboleth-sp2-2.5.3+dfsg/debian/patches/series	2014-0

Bug#780900: unblock: ecryptfs-utils/103-4

[GCS]

Control: tags -1 -moreinfo
Control: retitle -1 unblock: ecryptfs-utils/103-5

On Sun, Mar 22, 2015 at 10:55 AM, Niels Thykier  wrote:
> Thanks for reporting this.  Unfortunately, I do have a concern with one
> of the changes.
>
>  * The function "static int read_v1_wrapped_passphrase_file":
>- The documentation says it will return negatively on failure, but
>  AFAICT it will unconditionally return 0.
>- I guess the last line should have been "return rc" rather than
>  "return 0".
 You are right. This is fixed upstream and backported.
Debdiff between the versions of testing and unstable attached.

Cheers,
Laszlo/GCS
diff -Nru ecryptfs-utils-103/debian/changelog ecryptfs-utils-103/debian/changelog
--- ecryptfs-utils-103/debian/changelog	2013-09-18 08:49:47.0 +
+++ ecryptfs-utils-103/debian/changelog	2015-03-28 06:22:00.0 +
@@ -1,3 +1,15 @@
+ecryptfs-utils (103-5) unstable; urgency=medium
+
+  * Backport fix for upstream mistake in CVE-2014-9687.
+
+ -- Laszlo Boszormenyi (GCS)   Sat, 28 Mar 2015 06:16:10 +
+
+ecryptfs-utils (103-4) unstable; urgency=high
+
+  * Backport upstream fix for CVE-2014-9687 (closes: #780385).
+
+ -- Laszlo Boszormenyi (GCS)   Fri, 20 Mar 2015 21:08:39 +
+
 ecryptfs-utils (103-3) unstable; urgency=low
 
   * New maintainer (closes: #723595).
diff -Nru ecryptfs-utils-103/debian/patches/CVE-2014-9687.patch ecryptfs-utils-103/debian/patches/CVE-2014-9687.patch
--- ecryptfs-utils-103/debian/patches/CVE-2014-9687.patch	1970-01-01 00:00:00.0 +
+++ ecryptfs-utils-103/debian/patches/CVE-2014-9687.patch	2015-03-28 00:46:46.0 +
@@ -0,0 +1,1074 @@
+Subject: Salt the wrapping passphrase
+ Modify ecryptfs_wrap_passphrase() to randomly generate an 8 byte salt to be
+ used with the wrapping passphrase.
+ .
+ The salt is stored in the wrapped-passphrase file. To accomodate the randomly
+ generated salt, a new wrapped-passphrase file format is introduced. It is
+ referred to as "version 2".
+ .
+ The ability to read the version 1 wrapped-passphrase file format is retained.
+ However, ecryptfs_wrap_passphrase() is modified to only create version 2
+ wrapped-passphrase files.
+ .
+ The pam_ecryptfs module is modified to transparently migrate from version 1 to
+ version 2 files when the user successfully logs in with their login password.
+Author: Tyler Hicks 
+Forwarded: https://code.launchpad.net/~tyhicks/ecryptfs/v2-wrapped-passphrase-files/+merge/249908
+
+---
+ src/include/ecryptfs.h |4 
+ src/libecryptfs/key_management.c   |  516 +++--
+ src/pam_ecryptfs/pam_ecryptfs.c|   32 +
+ tests/userspace/Makefile.am|   15 
+ tests/userspace/tests.rc   |2 
+ tests/userspace/v1-to-v2-wrapped-passphrase.sh |   63 ++
+ tests/userspace/v1-to-v2-wrapped-passphrase/test.c |  189 +++
+ tests/userspace/v1-to-v2-wrapped-passphrase/wp01   |1 
+ tests/userspace/v1-to-v2-wrapped-passphrase/wp02   |1 
+ tests/userspace/v1-to-v2-wrapped-passphrase/wp03   |1 
+ tests/userspace/v1-to-v2-wrapped-passphrase/wp04   |1 
+ tests/userspace/v1-to-v2-wrapped-passphrase/wp05   |1 
+ tests/userspace/wrap-unwrap.sh |7 
+ 13 files changed, 776 insertions(+), 57 deletions(-)
+
+Index: ecryptfs-utils-104/src/include/ecryptfs.h
+===
+--- ecryptfs-utils-104.orig/src/include/ecryptfs.h	2015-02-19 14:22:42.278097623 -0600
 ecryptfs-utils-104/src/include/ecryptfs.h	2015-02-19 14:22:42.266097681 -0600
+@@ -515,10 +515,12 @@ int ecryptfs_read_salt_hex_from_rc(char
+ int ecryptfs_check_sig(char *auth_tok_sig, char *sig_cache_filename,
+ 		   int *flags);
+ int ecryptfs_append_sig(char *auth_tok_sig, char *sig_cache_filename);
++int __ecryptfs_detect_wrapped_passphrase_file_version(const char *filename,
++		  uint8_t *version);
+ int ecryptfs_wrap_passphrase_file(char *dest, char *wrapping_passphrase,
+  			 char *wrapping_salt, char *src);
+ int ecryptfs_wrap_passphrase(char *filename, char *wrapping_passphrase,
+-			 char *wrapping_salt, char *decrypted_passphrase);
++			 char *unused, char *decrypted_passphrase);
+ int ecryptfs_unwrap_passphrase(char *decrypted_passphrase, char *filename,
+ 			   char *wrapping_passphrase, char *wrapping_salt);
+ int ecryptfs_insert_wrapped_passphrase_into_keyring(
+Index: ecryptfs-utils-104/src/libecryptfs/key_management.c
+===
+--- ecryptfs-utils-104.orig/src/libecryptfs/key_management.c	2015-02-19 14:22:42.278097623 -0600
 ecryptfs-utils-104/src/libecryptfs/key_management.c	2015-02-19 14:22:44.470087236 -0600
+@@ -38,6 +38,7 @@
+ #include 
+ #include 
+ #include 
++#include 
+ #include "../include/ecryptfs.h"
+ 
+ #ifndef ENOKEY
+@@ -242,6 +243,163 @@ out:
+ 	return rc;
+ }
+ 
++/**
++ * A 

Processed: Re: Bug#780900: unblock: ecryptfs-utils/103-4

[Debian Bug Tracking System]

Processing control commands:

> tags -1 -moreinfo
Bug #780900 [release.debian.org] unblock: ecryptfs-utils/103-4
Removed tag(s) moreinfo.
> retitle -1 unblock: ecryptfs-utils/103-5
Bug #780900 [release.debian.org] unblock: ecryptfs-utils/103-4
Changed Bug title to 'unblock: ecryptfs-utils/103-5' from 'unblock: 
ecryptfs-utils/103-4'

-- 
780900: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780900
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/handler.s.b780900.142753706729656.transcr...@bugs.debian.org

Bug#781314: marked as done (unblock: fasttree/2.1.7-2)

[Debian Bug Tracking System]

Your message dated Sat, 28 Mar 2015 08:35:02 +0100
with message-id <551659a6.1040...@thykier.net>
and subject line Re: Bug#781314: unblock: fasttree/2.1.7-2
has caused the Debian Bug report #781314,
regarding unblock: fasttree/2.1.7-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
781314: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781314
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package fasttree

The patch fixes bug #781259 which rendered the package unusable.

Debdiff is attached.

unblock fasttree/2.1.7-2

-- System Information:
Debian Release: 7.8
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru fasttree-2.1.7/debian/changelog fasttree-2.1.7/debian/changelog
--- fasttree-2.1.7/debian/changelog	2013-05-06 20:40:37.0 +0200
+++ fasttree-2.1.7/debian/changelog	2015-03-27 11:53:35.0 +0100
@@ -1,3 +1,14 @@
+fasttree (2.1.7-2) unstable; urgency=low
+
+  * Team upload
+  * Modify/add patches to use double precision and increase branch
+length precision. This is absolutely crucial to prevent flawed datas
+analysis as described e.g. in
+http://darlinglab.org/blog/2015/03/23/not-so-fast-fasttree.html
+Closes: #781259
+
+ -- Roland Fehrenbacher   Tue, 24 Mar 2015 18:37:23 +
+
 fasttree (2.1.7-1) unstable; urgency=low
 
   * New upstream version
diff -Nru fasttree-2.1.7/debian/patches/increase-branch-length-precision.patch fasttree-2.1.7/debian/patches/increase-branch-length-precision.patch
--- fasttree-2.1.7/debian/patches/increase-branch-length-precision.patch	1970-01-01 01:00:00.0 +0100
+++ fasttree-2.1.7/debian/patches/increase-branch-length-precision.patch	2015-03-26 17:22:50.0 +0100
@@ -0,0 +1,65 @@
+From 66d0f73b44065272ddefc71870156d35aad4df64 Mon Sep 17 00:00:00 2001
+From: Roland Fehrenbacher 
+Date: Tue, 24 Mar 2015 18:21:03 +
+Subject: [PATCH] Use double precision and increase branch length precision
+
+This is absolutely crucial to prevent flawed data analysis as
+described e.g. in
+http://darlinglab.org/blog/2015/03/23/not-so-fast-fasttree.html
+---
+ fasttree.c | 19 ++-
+ 1 file changed, 14 insertions(+), 5 deletions(-)
+
+diff --git a/fasttree.c b/fasttree.c
+index 12862e2..a8426ab 100644
+--- a/fasttree.c
 b/fasttree.c
+@@ -1,4 +1,10 @@
+ /*
++ * 2014/12/11 - Modifications to raise the precision of branch length
++ *  estimation. This should accompany setting USE_DOUBLE.
++ *  Search tolerances have been decreased to 1e-9 from 
++ *  their original 1e-4.
++ *
++ * 
+  * FastTree -- inferring approximately-maximum-likelihood trees for large
+  * multiple sequence alignments.
+  *
+@@ -852,10 +858,13 @@ const double Log2 = 0.693147180559945;
+were increased to prevent numerical problems in rare cases.
+If compiled with -DUSE_DOUBLE then these minimums could be decreased.
+ */
+-const double MLMinBranchLengthTolerance = 1.0e-4; /* absolute tolerance for optimizing branch lengths */
++const double MLMinBranchLengthTolerance = 1.0e-9; /* absolute tolerance for optimizing branch lengths */
+ const double MLFTolBranchLength = 0.001; /* fractional tolerance for optimizing branch lengths */
+-const double MLMinBranchLength = 5.0e-4;
+-const double MLMinRelBranchLength = 2.5e-4; /* minimum of rate * length */
++const double MLMinBranchLength = 5.0e-9;
++const double MLMinRelBranchLength = 2.5e-9; /* minimum of rate * length */
++
++const double fPostTotalTolerance = 1.0e-20; /* mzd 2015/01/06, added as original assertion is violated when 
++	   MLMMinBranchLengthTolerance is decreased to 1e-9. */
+ 
+ int mlAccuracy = 1;		/* Rounds of optimization of branch lengths; 1 means do 2nd round only if close */
+ double closeLogLkLimit = 5.0;	/* If partial optimization of an NNI looks like it would decrease the log likelihood
+@@ -4962,7 +4971,7 @@ profile_t *PosteriorProfile(profile_t *p1, profile_t *p2,
+   double fPostTot = 0;
+   for (j = 0; j < 4; j++)
+ 	fPostTot += fPost[j];
+-  assert(fPostTot > 1e-10);
++  assert(fPostTot > fPostTotalTolerance);
+   double fPostInv = 1.0/fPostTot;
+ #if 0 /* SSE3 is slower */
+   vector_multiply_by(fPost, fPostInv, 4);
+@@ -5025,7 +5034,7 @@ profile_t *Pos

Bug#781249: unblock (pre-approval): openconnect/6.00-2

[Niels Thykier]

Control: tags -1 confirmed moreinfo

On 2015-03-26 14:44, Mike Miller wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Dear Release Team,
> 
> I would like to upload openconnect 6.00-2 for jessie, via unstable,
> which applies a minimally invasive upstream patch to fix #781240. This
> bug makes 6.00-1 currently in jessie unusable for certain classes of
> users. It's currently marked severity important, but I think it could be
> considered borderline serious.
> 
> The debdiff for the proposed upload is included inline below. Please
> consider allowing this into jessie.
> 
> Thanks for all your hard work,
> 

Ack, please go ahead.

Thanks,
~Niels


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/55165925.4000...@thykier.net

Processed: Re: Bug#781249: unblock (pre-approval): openconnect/6.00-2

[Debian Bug Tracking System]

Processing control commands:

> tags -1 confirmed moreinfo
Bug #781249 [release.debian.org] unblock (pre-approval): openconnect/6.00-2
Added tag(s) confirmed and moreinfo.

-- 
781249: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781249
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/handler.s.b781249.142752798314211.transcr...@bugs.debian.org

Re: Fwd: Cap'n Proto security advisory / Debian

[Vincent Bernat]

 ❦ 28 mars 2015 08:20 +0100, Niels Thykier  :

> Are there any news on the upload?

Sorry, it somehow slipped my mind. I am uploading right now.
-- 
If you laid all of our laws end to end, there would be no end.
-- Mark Twain


signature.asc
Description: PGP signature

Re: Fwd: Cap'n Proto security advisory / Debian

[Niels Thykier]

On 2015-03-19 04:39, Tom Lee wrote:
> Thanks Vincent, new changeset looks like this (I swear I forget those DEP-3
> headers every time):
> 
> https://github.com/thomaslee/capnproto-debian/compare/debian/0.4.1-2...maint-0.4.1
> 
> And updated package is up:
> 
> https://mentors.debian.net/package/capnproto
> 
> The unnecessary changes were rebased out of existence too. Thanks and
> please do let me know if anything else looks amiss.
> 
> Cheers,
> Tom
> 
> 
> [...]

Hi Tom,

Are there any news on the upload?

Given capnproto is a non-key package, leaving the RC bugs unattended for
an extended period of time will cause the package to be auto-removed[1].
 At that point, we will end up shipping Jessie without capnproto.

Thanks,
~Niels

[1] https://tracker.debian.org/pkg/capnproto

See the "action needed" part.



-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/55165644.7050...@thykier.net