Bug#812363: wheezy-pu: package giflib/4.1.6-10+deb7u1
On Sun, Jan 24, 2016 at 07:27:47PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Fri, 2016-01-22 at 19:50 +0100, Guido Günther wrote: > > I'd like to fix CVE-2015-7555 via wheezy-pu since the bug is fixed in > > Squeeze LTS and we try to not introduce new security issues when people > > upgrade (the Debian security team marked this CVE as no-dsa). > > Please go ahead, with "wheezy" in the changelog rather than > "oldstable-security". Uploaded now. Thanks! -- Guido
Bug#812362: jessie-pu: package giflib/4.1.6-11+deb8u1
On Sun, Jan 24, 2016 at 07:28:39PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Fri, 2016-01-22 at 19:49 +0100, Guido Günther wrote: > > I'd like to fix CVE-2015-7555 via jessie-pu since the bug is fixed in > > Squeeze LTS and we try to not introduce new security issues when people > > upgrade (the Debian security team marked this CVE as no-dsa). > > Please go ahead. Uploaded. Thanks a lot! -- Guido
Processed: Re: Bug#812554: RM: googlecl/0.9.13-2 -- ROM; broken due to API deprecation
Processing control commands: > reassign -1 ftp.debian.org Bug #812554 [release.debian.org] RM: googlecl/0.9.13-2 -- ROM; broken due to API deprecation Bug reassigned from package 'release.debian.org' to 'ftp.debian.org'. Ignoring request to alter found versions of bug #812554 to the same values previously set Ignoring request to alter fixed versions of bug #812554 to the same values previously set -- 812554: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812554 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#812554: RM: googlecl/0.9.13-2 -- ROM; broken due to API deprecation
Control: reassign -1 ftp.debian.org On Sun, 2016-01-24 at 23:54 +, Luke Faraone wrote: > Google has stopped supporting the GData APIs and the authentication mechanism > used in googlecl. Upstream has declared that they do not intend to update it, > and in any case such an update would be a massive rewrite of a large portion > of > the project. > > Please also remove from oldstable as well. googlecl isn't in oldstable, nor any other suite managed by the Release Team: googlecl | 0.9.9-1 | oldoldstable| source, all googlecl | 0.9.13-2 | stable-kfreebsd | source, all Regards, Adam
Bug#810568: transition: openexr
On 24.01.2016 17:36, Mathieu Malaterre wrote: > On Thu, Jan 21, 2016 at 11:00 AM, Matteo F. Vescovi wrote: > >> * libvigraimpex_1.10.0+dfsg-11 => FTBFS > > Well this is an issue within the python test: > > AttributeError: 'numpy.ndarray' object has no attribute 'axistags' > > This looks like something changed in numpy recently... Hi Mathieu, yes the failure described above is #811370, which is going to be fixed shortly. The new upstream tarball brings up another test suite failure, interestingly something goes wrong with EXR: Running test_impex cd /<>/obj/test/impex && ./run_test_impex.sh TIFFOpen: intentionalFailure/foo.tiff: No such file or directory. Entering test suite ImageImportExportTestSuite Failure in PositionTest::testEXRPosition() Unexpected Contract exception: Precondition violation! exportImage(): file format does not support requested number of bands (color channels) (/<>/include/vigra/impex.hxx:548) 1 of 76 tests failed in test suite ImageImportExportTestSuite Leaving test suite ImageImportExportTestSuite Would be interesting to know if that problem vanishes with a more recent openEXR. I'll file a new bug on this when the new package is in. This test is made failsafe for now, thus the package should build o.k. Cheers, DS -- 4096R/DF5182C8 46CB 1CA8 9EA3 B743 7676 1DB9 15E0 9AF4 DF51 82C8 LPI certified Linux admin (LPI000329859 64mz6f7kt4) http://www.danielstender.com/blog/
Bug#812554: RM: googlecl/0.9.13-2 -- ROM; broken due to API deprecation
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Google has stopped supporting the GData APIs and the authentication mechanism used in googlecl. Upstream has declared that they do not intend to update it, and in any case such an update would be a massive rewrite of a large portion of the project. Please also remove from oldstable as well. -- System Information: Debian Release: jessie/sid APT prefers wily-updates APT policy: (500, 'wily-updates'), (500, 'wily-security'), (500, 'wily') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.2.0-25-generic (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
NEW changes in stable-new
Processing changes file: user-mode-linux_3.16-1um-0.1+b2_amd64.changes ACCEPT Processing changes file: user-mode-linux_3.16-1um-0.1+b2_i386.changes ACCEPT
Processed: Re: Bug#812500: jessie-pu/nmu: package user-mode-linux/3.16-1um-0.1+b2
Processing control commands: > tags -1 + pending Bug #812500 [release.debian.org] jessie-pu/nmu: package user-mode-linux/3.16-1um-0.1+b2 Added tag(s) pending. -- 812500: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812500 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#812500: jessie-pu/nmu: package user-mode-linux/3.16-1um-0.1+b2
Control: tags -1 + pending
On Sun, 2016-01-24 at 16:55 +0100, Julien Cristau wrote:
> Control: tag -1 confirmed
>
> On Sun, Jan 24, 2016 at 14:45:25 +0100, Ansgar Burchardt wrote:
[...]
> > As user-mode-linux was suggested for removal in #-devel, I was
> > reminded that the package in stable probably should be rebuilt against
> > the current version of the linux sources.
> >
> > u-m-l 3.16-1um-0.1+b1 has
> >
> > Built-Using: linux (= 3.16.7-ckt7-1)
> >
> > but the current version of the Linux kernel in stable is
> > 3.16.7-ckt20-1+deb8u2. I guess this means u-m-l misses several
> > security updates.
> >
> jcristau@wuiet:~$ wb nmu 2 user-mode-linux . amd64 i386 . jessie . -m
> 'Rebuild against linux 3.16.7-ckt20-1+deb8u3'
Flagged for acceptance, after checking the result of "debdiff
-m /usr/lib/uml/modules/3.16.7-ckt{7,20}/ --controlfiles=ALL" for
sanity.
Regards,
Adam
Bug#812536: nmu: suitesparse transition
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu X-Debbugs-Cc: pkg-julia-de...@lists.alioth.debian.org Dear Release Team, Please schedule binNMUs for the ongoing suitesparse transition (https://release.debian.org/transitions/html/auto-suitesparse.html). Since this is a small transition, involving only a couple of leaf packages, I did not request a transition slot (hopefully this is ok) nmu ceres-solver_1.11.0~dfsg0-2 dolfin_1.6.0-1 julia_0.4.3-1 . ANY . unstable . -m "Rebuild against suitesparse 1:4.4.6-1." Cheers, -- .''`.Sébastien Villemot : :' :Debian Developer `. `' http://sebastien.villemot.name `- GPG Key: 4096R/381A7594 signature.asc Description: PGP signature
Processed: Re: Bug#812363: wheezy-pu: package giflib/4.1.6-10+deb7u1
Processing control commands: > tags -1 + confirmed Bug #812363 [release.debian.org] wheezy-pu: package giflib/4.1.6-10+deb7u1 Added tag(s) confirmed. -- 812363: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812363 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#812363: wheezy-pu: package giflib/4.1.6-10+deb7u1
Control: tags -1 + confirmed On Fri, 2016-01-22 at 19:50 +0100, Guido Günther wrote: > I'd like to fix CVE-2015-7555 via wheezy-pu since the bug is fixed in > Squeeze LTS and we try to not introduce new security issues when people > upgrade (the Debian security team marked this CVE as no-dsa). Please go ahead, with "wheezy" in the changelog rather than "oldstable-security". Regards, Adam
Processed: Re: Bug#812362: jessie-pu: package giflib/4.1.6-11+deb8u1
Processing control commands: > tags -1 + confirmed Bug #812362 [release.debian.org] jessie-pu: package giflib/4.1.6-11+deb8u1 Added tag(s) confirmed. -- 812362: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812362 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#812362: jessie-pu: package giflib/4.1.6-11+deb8u1
Control: tags -1 + confirmed On Fri, 2016-01-22 at 19:49 +0100, Guido Günther wrote: > I'd like to fix CVE-2015-7555 via jessie-pu since the bug is fixed in > Squeeze LTS and we try to not introduce new security issues when people > upgrade (the Debian security team marked this CVE as no-dsa). Please go ahead. Regards, Adam
Processed: Re: libvigraimpex: FTBFS in sid: test suite failure due to pynum 1.10
Processing control commands: > block 650601 by -1 Bug #650601 [release.debian.org] transition: libpng 1.6 650601 was blocked by: 641889 809949 810197 662443 810201 662476 636998 809941 650567 809879 809955 809898 809873 810176 809960 809883 810202 809948 742569 810175 809938 809951 809942 809887 809957 809871 809959 809945 810183 810174 649798 809937 662523 810171 809906 810167 809886 809881 809863 809893 650581 649552 810181 641892 662421 809870 742559 649547 810173 809892 741891 809868 809943 662522 662566 810204 649546 809864 662381 809908 810168 810203 810207 810166 635946 809953 662334 810182 809882 809950 809958 809880 648126 662530 809884 662314 810209 810191 809907 635704 662492 810192 662556 648131 662473 650571 809861 810177 809894 809944 662407 809935 742560 662411 810170 809891 810165 810187 662437 809869 743391 810185 809910 809889 809859 809866 650484 809878 662554 809911 809909 809952 810188 809946 809836 810194 809867 650483 810172 810189 809833 810186 809954 649971 810200 809888 662465 638812 649557 809956 662444 810205 635945 809961 809896 809874 809939 810195 636004 809865 809933 809872 662416 809835 810193 650563 662550 809899 809862 810095 809897 650489 810169 809890 809904 662273 648129 742655 809936 810196 741901 810190 809860 642265 810178 809962 809885 810180 809940 810179 809921 810208 809934 809905 809913 809947 810001 809895 810206 741894 650601 was blocking: 649556 649973 Added blocking bug(s) of 650601: 811370 -- 650601: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650601 811370: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811370 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#810568: transition: openexr
On Thu, Jan 21, 2016 at 11:00 AM, Matteo F. Vescovi wrote: > Hi! > > On 2016-01-21 at 09:56 (CET), Emilio Pozuelo Monfort wrote: >> Do rdeps build fine against the new versions of the libraries? > > FTR, better this time (based on rebuilds made last night): > > * aqsis_1.8.2-2 => FTBFS patch is at #812519 > * blender_2.74+dfsg0-5 => FTBFS > * darktable_2.0.0-1 => OK > * exactimage_0.9.1-10 => OK > * exrtools_0.4-1.2 => OK > * freeimage_3.17.0+ds1-1 => FTBFS looks good to me: http://debomatic-amd64.debian.net/distribution#experimental/freeimage/3.17.0+ds1-1/buildlog I cannot reproduce the issue over here > * gegl_0.3.4-1 => OK > * gmic_1.6.8-3 => FTBFS looks good to me: http://debomatic-amd64.debian.net/distribution#experimental/gmic/1.6.8-3/buildlog > * gst-plugins-bad1.0_1.6.2-1 => OK > * hugin_2015.0.0+dfsg-1 => OK > * imagemagick_8:6.8.9.9-7 => OK > * k3d_0.8.0.5-1 => OK > * kde-runtime_4:15.08.3-1 => OK > * kimageformats_5.16.0-1 => OK > * libvigraimpex_1.10.0+dfsg-11 => FTBFS Well this is an issue within the python test: AttributeError: 'numpy.ndarray' object has no attribute 'axistags' This looks like something changed in numpy recently... > * luminance-hdr_2.4.0-8 => OK > * mia_2.2.7-3 => OK > * nvidia-texture-tools_2.0.8-1+dfsg-8 => OK > * opencv_2.4.9.1+dfsg-1.2 => OK > * openexr-viewers_1.0.1-6 => OK > * openimageio_1.5.23~dfsg0-1 => OK > * openvdb_3.1.0-2 => OK > * pfstools_2.0.4-5 => OK > * povray_1:3.7.0.0-8 => OK > * synfig_1.0.2-1 => OK > * vips_8.2.1-1 => OK > * pink-pony_1.4.1-1 => OK > > Blender is non-problem, since I'll upload the experimental version to > unstable/sid contextually to ilmbase/openexr and it's building fine > against them. > > Cheers. > > -- > Matteo F. Vescovi || Debian Developer > GnuPG KeyID: 4096R/0x8062398983B2CF7A
Bug#811425: jessie-pu: package initramfs-tools/0.120+deb8u1
Hi Julien,
On Sun, Jan 24, 2016 at 05:01:20PM +0100, Julien Cristau wrote:
> On Thu, Jan 21, 2016 at 16:46:11 +0100, Salvatore Bonaccorso wrote:
>
> > Hi Ben, hi SRM,
> >
> > On Mon, Jan 18, 2016 at 07:55:27PM +, Ben Hutchings wrote:
> > > Package: release.debian.org
> > > Severity: normal
> > > Tags: jessie patch
> > > User: release.debian@packages.debian.org
> > > Usertags: pu
> > >
> > > There are a number of important bugs in jessie's version of
> > > initramfs-tools that are now fixed in unstable, and that have
> > > quite simple and low-risk fixes. See the debdiff below.
> >
> > Would it be possible to as well include the fix for #782641 here? The
> > issue was introduced due to the fix for #750360. We are affected by
> > this on a diskless setup with Jessie clients when mounting /usr in the
> > initramfs.
> >
> > Instead of using test, just check the return value from
> > nfs_mount_root_impl instead.
> >
> Please show the actual patch that would be applied.
Attached is the needed patch.
Ben, do you want me to prepare an update debdiff with that patch as
well applied, or can you do that for the stable release managers to
review?
The underlying problem: if the rootfs and /usr are different
filesystems, it requires /usr/bin/test to test if the rootfs can be
mounted successfully and will not succeed. This unfortunately was
introduced while fixing #750360:
https://anonscm.debian.org/cgit/kernel/initramfs-tools.git/commit/?id=7bc24f829f301dd978325716a19890b182c88f2a
The patch (allready applied back to the version in unstable) just used
the return value of nfs_mount_root_impl to check if the rootfs mount
is successfull.
Regards,
Salvatore
>From f78c9a9c960c6c30aaa07cd3c3ae9ff04a0bd8d5 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso
Date: Fri, 6 Nov 2015 14:12:44 +0100
Subject: [PATCH] scripts/nfs: Check return value from nfs_mount_root_impl
Check if mount of rootfs was successful. This avoids doing a file test
within the mount.
Closes: #782641
Signed-off-by: Ben Hutchings
---
scripts/nfs | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/scripts/nfs b/scripts/nfs
index 1c29850..359bd46 100644
--- a/scripts/nfs
+++ b/scripts/nfs
@@ -90,12 +90,14 @@ nfs_mount_root()
# loop until nfsmount succeeds
nfs_mount_root_impl
+ ret=$?
nfs_retry_count=0
while [ ${nfs_retry_count} -lt ${delay} ] \
- && ! chroot "${rootmnt}" test -x "${init}" ; do
+ && [ $ret -ne 0 ] ; do
[ "$quiet" != "y" ] && log_begin_msg "Retrying nfs mount"
/bin/sleep 1
nfs_mount_root_impl
+ ret=$?
nfs_retry_count=$(( ${nfs_retry_count} + 1 ))
[ "$quiet" != "y" ] && log_end_msg
done
--
2.7.0
Bug#811425: jessie-pu: package initramfs-tools/0.120+deb8u1
On Sun, 2016-01-24 at 17:01 +0100, Julien Cristau wrote: > On Thu, Jan 21, 2016 at 16:46:11 +0100, Salvatore Bonaccorso wrote: > > > Hi Ben, hi SRM, > > > > On Mon, Jan 18, 2016 at 07:55:27PM +, Ben Hutchings wrote: > > > Package: release.debian.org > > > Severity: normal > > > Tags: jessie patch > > > User: release.debian@packages.debian.org > > > Usertags: pu > > > > > > There are a number of important bugs in jessie's version of > > > initramfs-tools that are now fixed in unstable, and that have > > > quite simple and low-risk fixes. See the debdiff below. > > > > Would it be possible to as well include the fix for #782641 here? > > The > > issue was introduced due to the fix for #750360. We are affected by > > this on a diskless setup with Jessie clients when mounting /usr in > > the > > initramfs. > > > > Instead of using test, just check the return value from > > nfs_mount_root_impl instead. > > > Please show the actual patch that would be applied. It's this commit: https://anonscm.debian.org/cgit/kernel/initramfs-tools.git/commit/?h=v0.121&id=f78c9a9c960c6c30aaa07cd3c3ae9ff04a0bd8d5 Ben. -- Ben Hutchings Time is nature's way of making sure that everything doesn't happen at once. signature.asc Description: This is a digitally signed message part
Bug#811425: jessie-pu: package initramfs-tools/0.120+deb8u1
On Thu, Jan 21, 2016 at 16:46:11 +0100, Salvatore Bonaccorso wrote: > Hi Ben, hi SRM, > > On Mon, Jan 18, 2016 at 07:55:27PM +, Ben Hutchings wrote: > > Package: release.debian.org > > Severity: normal > > Tags: jessie patch > > User: release.debian@packages.debian.org > > Usertags: pu > > > > There are a number of important bugs in jessie's version of > > initramfs-tools that are now fixed in unstable, and that have > > quite simple and low-risk fixes. See the debdiff below. > > Would it be possible to as well include the fix for #782641 here? The > issue was introduced due to the fix for #750360. We are affected by > this on a diskless setup with Jessie clients when mounting /usr in the > initramfs. > > Instead of using test, just check the return value from > nfs_mount_root_impl instead. > Please show the actual patch that would be applied. Thanks, Julien
Processed: Re: Bug#812500: jessie-pu/nmu: package user-mode-linux/3.16-1um-0.1+b2
Processing control commands: > tag -1 confirmed Bug #812500 [release.debian.org] jessie-pu/nmu: package user-mode-linux/3.16-1um-0.1+b2 Added tag(s) confirmed. -- 812500: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812500 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#812500: jessie-pu/nmu: package user-mode-linux/3.16-1um-0.1+b2
Control: tag -1 confirmed On Sun, Jan 24, 2016 at 14:45:25 +0100, Ansgar Burchardt wrote: > Package: release.debian.org > Severity: normal > Tags: jessie > User: release.debian@packages.debian.org > Usertags: pu > > As user-mode-linux was suggested for removal in #-devel, I was > reminded that the package in stable probably should be rebuilt against > the current version of the linux sources. > > u-m-l 3.16-1um-0.1+b1 has > > Built-Using: linux (= 3.16.7-ckt7-1) > > but the current version of the Linux kernel in stable is > 3.16.7-ckt20-1+deb8u2. I guess this means u-m-l misses several > security updates. > jcristau@wuiet:~$ wb nmu 2 user-mode-linux . amd64 i386 . jessie . -m 'Rebuild against linux 3.16.7-ckt20-1+deb8u3' Cheers, Julien
Bug#812500: jessie-pu/nmu: package user-mode-linux/3.16-1um-0.1+b2
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu As user-mode-linux was suggested for removal in #-devel, I was reminded that the package in stable probably should be rebuilt against the current version of the linux sources. u-m-l 3.16-1um-0.1+b1 has Built-Using: linux (= 3.16.7-ckt7-1) but the current version of the Linux kernel in stable is 3.16.7-ckt20-1+deb8u2. I guess this means u-m-l misses several security updates. Ansgar
