Bug#819758: Bug#822336: Bug#819758: Bug#822336: perl: Stable update taking patches from 5.20.3

[Dominic Hargreaves]

On Mon, May 23, 2016 at 08:31:40PM +0100, Adam D. Barratt wrote:
> Control: tags 819758 -moreinfo +confirmed
> 
> [CC += the p-u bug]
> 
> On Mon, 2016-05-23 at 11:35 +0200, gregor herrmann wrote:
> > On Mon, 23 May 2016 09:27:44 +0100, Dominic Hargreaves wrote:
> > 
> > > On Mon, May 23, 2016 at 08:33:41AM +0200, gregor herrmann wrote:
> > > > On Sun, 22 May 2016 21:40:43 +0100, Dominic Hargreaves wrote:
> > > > > Not to my knowledge. I can publish the built packages for amd64
> > > > > somewhere temporarily and see if anyone can test them before they get
> > > > > as far as stable-proposed-updates.
> > > > I can install them on two stable machines (average servers without
> > > > much perl stuff).
> > > They are now at .
> > 
> > Thanks, installed on the two servers.
> 
> Thanks to you both. I'm happy for you to go ahead with the upload;
> please let us know if you notice any issues.

Great, will do - now uploaded. A few other people installed the
test packages today so we should have some good coverage.

Thanks,
Dominic.

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: quota_4.01-8+deb8u1_arm64.changes
  ACCEPT
Processing changes file: quota_4.01-8+deb8u1_armel.changes
  ACCEPT
Processing changes file: quota_4.01-8+deb8u1_armhf.changes
  ACCEPT
Processing changes file: quota_4.01-8+deb8u1_i386.changes
  ACCEPT
Processing changes file: quota_4.01-8+deb8u1_mips.changes
  ACCEPT
Processing changes file: quota_4.01-8+deb8u1_mipsel.changes
  ACCEPT
Processing changes file: quota_4.01-8+deb8u1_powerpc.changes
  ACCEPT
Processing changes file: quota_4.01-8+deb8u1_ppc64el.changes
  ACCEPT
Processing changes file: quota_4.01-8+deb8u1_s390x.changes
  ACCEPT

Bug#820241: jessie-pu: package clamav/0.99.1+dfsg-0+deb8u1

[Sebastian Andrzej Siewior]

On 2016-05-23 19:38:27 [+0100], Adam D. Barratt wrote:
> Please go ahead.

Thanks, done.

> Regards,
> 
> Adam

Sebastian

Bug#825127: RM: mediawiki/1:1.19.20+dfsg-2.3

[Moritz Mühlenhoff]

On Mon, May 23, 2016 at 09:48:30PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo jessie
> 
> On Mon, 2016-05-23 at 22:33 +0200, Moritz Muehlenhoff wrote:
> > please remove mediawiki in the upcoming jessie point release. Security
> > support for it was limited for a year as mentioned in the release notes:
> > https://www.debian.org/releases/stable/amd64/release-notes/ch-information.en.html#mediawiki-security
> 
> Checking reverse dependencies...
> # Broken Depends:
> fusionforge: fusionforge-plugin-mediawiki
> mediawiki-math: mediawiki-extensions-math
> 
> mediawiki-math is collateral damage, but dropping fusionforge for the
> sake of a single plugin seems a little overkill. :-)

Adding Roland Mas to CC. Could you maybe drop the fusionforge-plugin-mediawiki 
binary
package for the upcoming jessie point release?

Cheers,
Moritz

Processed: Re: Bug#825127: RM: mediawiki/1:1.19.20+dfsg-2.3

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + moreinfo jessie
Bug #825127 [release.debian.org] RM: mediawiki/1:1.19.20+dfsg-2.3
Added tag(s) jessie and moreinfo.

-- 
825127: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825127
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#825127: RM: mediawiki/1:1.19.20+dfsg-2.3

[Adam D. Barratt]

Control: tags -1 + moreinfo jessie

On Mon, 2016-05-23 at 22:33 +0200, Moritz Muehlenhoff wrote:
> please remove mediawiki in the upcoming jessie point release. Security
> support for it was limited for a year as mentioned in the release notes:
> https://www.debian.org/releases/stable/amd64/release-notes/ch-information.en.html#mediawiki-security

Checking reverse dependencies...
# Broken Depends:
fusionforge: fusionforge-plugin-mediawiki
mediawiki-math: mediawiki-extensions-math

mediawiki-math is collateral damage, but dropping fusionforge for the
sake of a single plugin seems a little overkill. :-)

Regards,

Adam

Bug#818549: jessie-pu: package icedtea-web/1.5.3-1

[Moritz Mühlenhoff]

On Thu, Mar 17, 2016 at 11:06:05PM +0100, Moritz Muehlenhoff wrote:
> Package: release.debian.org
> Severity: normal
> Tags: jessie
> User: release.debian@packages.debian.org
> Usertags: pu
> 
> Hi,
> I'd like to update icedtea-web in jessie to 1.5.3 in the next
> jessie point release. This fixes two security issues (CVE-2015-5234,
> CVE-2015-5235), which are not easily backportable, so I rather made
> the update to the minor point update which fixes those (similar
> to what we do with openjdk-7 itself).
> 
> I've tested this on a jessie with various web applets I could
> find (fortunately finding these in the wild is becoming increasingly
> difficult!).
> 
> The debdiff is here: https://people.debian.org/~jmm/icedtea-web.debdiff
> (the actual change to the debian/ directory is just the changelog
> entry bump). Ubuntu has also updated to those point bugfix updates
> in USNs for a while now.

ping for the upcoming point update.

Cheers,
Moritz

Bug#825127: RM: mediawiki/1:1.19.20+dfsg-2.3

[Moritz Muehlenhoff]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm

Hi,
please remove mediawiki in the upcoming jessie point release. Security
support for it was limited for a year as mentioned in the release notes:
https://www.debian.org/releases/stable/amd64/release-notes/ch-information.en.html#mediawiki-security

Cheers,
Moritz

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: enigmail_1.8.2-4~deb8u1_multi.changes
  ACCEPT
Processing changes file: enigmail_1.8.2-4~deb8u1_arm64.changes
  ACCEPT
Processing changes file: enigmail_1.8.2-4~deb8u1_armel.changes
  ACCEPT
Processing changes file: enigmail_1.8.2-4~deb8u1_armhf.changes
  ACCEPT
Processing changes file: enigmail_1.8.2-4~deb8u1_i386.changes
  ACCEPT
Processing changes file: enigmail_1.8.2-4~deb8u1_mips.changes
  ACCEPT
Processing changes file: enigmail_1.8.2-4~deb8u1_mipsel.changes
  ACCEPT
Processing changes file: enigmail_1.8.2-4~deb8u1_powerpc.changes
  ACCEPT
Processing changes file: enigmail_1.8.2-4~deb8u1_ppc64el.changes
  ACCEPT
Processing changes file: enigmail_1.8.2-4~deb8u1_s390x.changes
  ACCEPT
Processing changes file: librsvg_2.40.5-1+deb8u2_allonly.changes
  ACCEPT
Processing changes file: librsvg_2.40.5-1+deb8u2_amd64.changes
  ACCEPT
Processing changes file: librsvg_2.40.5-1+deb8u2_arm64.changes
  ACCEPT
Processing changes file: librsvg_2.40.5-1+deb8u2_armel.changes
  ACCEPT
Processing changes file: librsvg_2.40.5-1+deb8u2_armhf.changes
  ACCEPT
Processing changes file: librsvg_2.40.5-1+deb8u2_i386.changes
  ACCEPT
Processing changes file: librsvg_2.40.5-1+deb8u2_mips.changes
  ACCEPT
Processing changes file: librsvg_2.40.5-1+deb8u2_mipsel.changes
  ACCEPT
Processing changes file: librsvg_2.40.5-1+deb8u2_powerpc.changes
  ACCEPT
Processing changes file: librsvg_2.40.5-1+deb8u2_ppc64el.changes
  ACCEPT
Processing changes file: librsvg_2.40.5-1+deb8u2_s390x.changes
  ACCEPT
Processing changes file: nlpsolver_0.9~beta1-10+deb8u1_amd64.changes
  ACCEPT
Processing changes file: quota_4.01-8+deb8u1_amd64.changes
  ACCEPT
Processing changes file: swift-plugin-s3_1.7-5+deb8u1_amd64.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u6_amd64.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u6_arm64.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u6_armel.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u6_armhf.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u6_i386.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u6_mips.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u6_mipsel.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u6_powerpc.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u6_ppc64el.changes
  ACCEPT
Processing changes file: wireshark_1.12.1+g01b65bf-4+deb8u6_s390x.changes
  ACCEPT

Bug#819758: Bug#822336: Bug#819758: Bug#822336: perl: Stable update taking patches from 5.20.3

[Adam D. Barratt]

Control: tags 819758 -moreinfo +confirmed

[CC += the p-u bug]

On Mon, 2016-05-23 at 11:35 +0200, gregor herrmann wrote:
> On Mon, 23 May 2016 09:27:44 +0100, Dominic Hargreaves wrote:
> 
> > On Mon, May 23, 2016 at 08:33:41AM +0200, gregor herrmann wrote:
> > > On Sun, 22 May 2016 21:40:43 +0100, Dominic Hargreaves wrote:
> > > > Not to my knowledge. I can publish the built packages for amd64
> > > > somewhere temporarily and see if anyone can test them before they get
> > > > as far as stable-proposed-updates.
> > > I can install them on two stable machines (average servers without
> > > much perl stuff).
> > They are now at .
> 
> Thanks, installed on the two servers.

Thanks to you both. I'm happy for you to go ahead with the upload;
please let us know if you notice any issues.

Regards,

Adam

Processed: Re: Bug#822336: Bug#819758: Bug#822336: perl: Stable update taking patches from 5.20.3

[Debian Bug Tracking System]

Processing control commands:

> tags 819758 -moreinfo +confirmed
Bug #819758 [release.debian.org] jessie-pu: package perl/5.20.2-3+deb8u5
Ignoring request to alter tags of bug #819758 to the same tags previously set
Bug #819758 [release.debian.org] jessie-pu: package perl/5.20.2-3+deb8u5
Added tag(s) confirmed.

-- 
819758: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819758
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#822336: Bug#819758: Bug#822336: perl: Stable update taking patches from 5.20.3

[Debian Bug Tracking System]

Processing control commands:

> tags 819758 -moreinfo +confirmed
Bug #819758 [release.debian.org] jessie-pu: package perl/5.20.2-3+deb8u5
Ignoring request to alter tags of bug #819758 to the same tags previously set
Bug #819758 [release.debian.org] jessie-pu: package perl/5.20.2-3+deb8u5
Ignoring request to alter tags of bug #819758 to the same tags previously set

-- 
819758: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819758
822336: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822336
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#820193: jessie-pu: package quota/4.01-8

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #820193 [release.debian.org] jessie-pu: package quota/4.01-8
Added tag(s) pending.

-- 
820193: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820193
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#820193: jessie-pu: package quota/4.01-8

[Adam D. Barratt]

Control: tags -1 + pending

On Mon, 2016-05-23 at 10:48 +0200, Michael Meskes wrote:
> > +quota (4.01-8+deb8u1) stable-proposed-updates; urgency=medium
> > 
> > "jessie" is generally preferred as the distribution name.
> 
> Ok, changed.
> 
> > With that update, and assuming that the resulting package has been
> > tested on jessie, please go ahead.
> 
> Compiled and tested on jessie. Upload on its way.

Flagged for acceptance.

Regards,

Adam

Processed: Re: Bug#819444: jessie-pu: package libreoffice-nlpsolver/0.9~beta1-10+deb8u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #819444 [release.debian.org] jessie-pu: package 
libreoffice-nlpsolver/0.9~beta1-10+deb8u1
Added tag(s) pending.

-- 
819444: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819444
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#819444: jessie-pu: package libreoffice-nlpsolver/0.9~beta1-10+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Mon, 2016-05-23 at 09:48 +0200, Rene Engelhard wrote:
> On Sun, May 22, 2016 at 07:35:34PM +0100, Adam D. Barratt wrote:
> > Control: tags -1 + confirmed
> > 
> > On Mon, 2016-03-28 at 17:07 +0200, Rene Engelhard wrote:
> > > +nlpsolver (0.9~beta1-10+deb8u1) jessie; urgency=medium
> > > +
> > > +  * add missing Depends: on libreoffice-java-common (closes: #728792) 
> > 
> > Please go ahead.
> 
> Thanks, uploaded. (Already yesterday.)

Flagged for acceptance.

Regards,

Adam

Bug#824809: nmu: libpng1.6, gdal transition in experimental

[Andreas Beckmann]

On 2016-05-20 13:34, Emilio Pozuelo Monfort wrote:
> On 20/05/16 01:36, Andreas Beckmann wrote:
>> Let's finish the libpng1.6 and gdal transitions in experimental:

> Thanks. All scheduled.

Looks like we have two more candidates:

nmu khtml_5.19.0-1 . ANY . experimental . -m "Rebuild against libpng1.6."
nmu gwenview_4:15.12.1-1 . ANY . experimental . -m "Rebuild against libpng1.6."


Andreas

Bug#820241: jessie-pu: package clamav/0.99.1+dfsg-0+deb8u1

[Adam D. Barratt]

Control: tags -1 -moeinfo +confirmed

On Thu, 2016-05-19 at 21:34 +0200, Sebastian Andrzej Siewior wrote:
> control: retitle -1 jessie-pu: package clamav/0.99.2+dfsg-0+deb8u1
> 
> On 2016-05-14 17:46:19 [+0100], Adam D. Barratt wrote:
> > In the meantime, 0.99.2 has ended up in unstable and testing; I guess
> > that's the version we now want to look at for Jessie.
> 
> New upstream is ready for Jessie. This is mostly what is sitting in
> testing + the fix from #824485 which just hit unstable. This should not
> affect stable because it is unlikely that "apt-get upgrade" upgrades
> clamav-freshclam without libclamav7. In unstable we had this recently
> because the library depended on a new library due to libjson-c2 -> c3
> transition.

Please go ahead.

Regards,

Adam

Processed (with 1 error): Re: Bug#820241: jessie-pu: package clamav/0.99.1+dfsg-0+deb8u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 -moeinfo +confirmed
Unknown tag/s: moeinfo.
Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid 
help security upstream pending sarge sarge-ignore experimental d-i confirmed 
ipv6 lfs fixed-in-experimental fixed-upstream l10n newcomer etch etch-ignore 
lenny lenny-ignore squeeze squeeze-ignore wheezy wheezy-ignore jessie 
jessie-ignore stretch stretch-ignore buster buster-ignore.

Bug #820241 [release.debian.org] jessie-pu: package clamav/0.99.2+dfsg-0+deb8u1
Requested to remove no tags; doing nothing.
Bug #820241 [release.debian.org] jessie-pu: package clamav/0.99.2+dfsg-0+deb8u1
Added tag(s) confirmed.

-- 
820241: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820241
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#825087: jessie-pu: package chrony/1.30-2+deb8u2

[Vincent Blut]

Package: release.debian.org
Tags: jessie
Followup-For: Bug #825087
User: release.debian@packages.debian.org
Usertags: pu

[forgot to attach the debdiff]

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (990, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.5.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru chrony-1.30/debian/changelog chrony-1.30/debian/changelog
--- chrony-1.30/debian/changelog	2015-09-09 20:00:38.0 +0200
+++ chrony-1.30/debian/changelog	2016-05-22 17:40:58.0 +0200
@@ -1,3 +1,16 @@
+chrony (1.30-2+deb8u2) jessie; urgency=medium
+
+  * Fix CVE-2016-1567: Restrict authentication of server/peer to specified
+key. (Closes: #812923)
+
+  * debian/postrm:
+- Remove /var/lib/chrony on purge only. (Closes: #568492)
+
+  * debian/logrotate:
+- Rework postrotate script. (Closes: #763542)
+
+ -- Vincent Blut   Sat, 21 May 2016 02:27:34 +0200
+
 chrony (1.30-2+deb8u1) jessie; urgency=medium
 
   * Build depend on libcap-dev. Without it, chronyd can’t drop root
diff -Nru chrony-1.30/debian/logrotate chrony-1.30/debian/logrotate
--- chrony-1.30/debian/logrotate	2015-09-09 19:31:39.0 +0200
+++ chrony-1.30/debian/logrotate	2016-05-22 17:40:58.0 +0200
@@ -8,10 +8,6 @@
 	sharedscripts
 	create 644
 	postrotate
-		PASSWORD=`awk '$1 ~ /^1$/ {print $2; exit}' /etc/chrony/chrony.keys`
-		cat << EOF | /usr/bin/chronyc | sed '/^200 OK$/d'
-		password $PASSWORD
-		cyclelogs
-		EOF
+		/usr/bin/chronyc -a cyclelogs > /dev/null 2>&1 || true
 	endscript
 }
diff -Nru chrony-1.30/debian/patches/14_restrict-authentication-of-server-peer-to-specified-key.patch chrony-1.30/debian/patches/14_restrict-authentication-of-server-peer-to-specified-key.patch
--- chrony-1.30/debian/patches/14_restrict-authentication-of-server-peer-to-specified-key.patch	1970-01-01 01:00:00.0 +0100
+++ chrony-1.30/debian/patches/14_restrict-authentication-of-server-peer-to-specified-key.patch	2016-05-22 19:01:52.0 +0200
@@ -0,0 +1,39 @@
+Description: ntp: restrict authentication of server/peer to specified key
+ When a server/peer was specified with a key number to enable
+ authentication with a symmetric key, packets received from the
+ server/peer were accepted if they were authenticated with any of
+ the keys contained in the key file and not just the specified key.
+
+ This allowed an attacker who knew one key of a client/peer to modify
+ packets from its servers/peers that were authenticated with other
+ keys in a man-in-the-middle (MITM) attack. For example, in a network
+ where each NTP association had a separate key and all hosts had only
+ keys they needed, a client of a server could not attack other clients
+ of the server, but it could attack the server and also attack its own
+ clients (i.e. modify packets from other servers).
+
+ To not allow the server/peer to be authenticated with other keys
+ extend the authentication test to check if the key ID in the received
+ packet is equal to the configured key number. As a consequence, it's
+ no longer possible to authenticate two peers to each other with two
+ different keys, both peers have to be configured to use the same key.
+
+ This issue was discovered by Matt Street of Cisco ASIG.
+
+Author: Miroslav Lichvar 
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812923
+Applied-Upstream: https://git.tuxfamily.org/chrony/chrony.git/commit/?h=1.31-security=df46e5ca5d70be1c0ae037f96b4b038362703832
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/ntp_core.c
 b/ntp_core.c
+@@ -1049,7 +1049,8 @@ receive_packet(NTP_Packet *message, stru
+   if (inst->do_auth) {
+ if (auth_len > 0) {
+   auth_key_id = ntohl(message->auth_keyid);
+-  test5 = check_packet_auth(message, auth_key_id, auth_len);
++  test5 = check_packet_auth(message, auth_key_id, auth_len) &&
++  auth_key_id == inst->auth_key_id;
+ } else {
+   /* If we expect authenticated info from this peer/server and the packet
+  doesn't have it, it's got to fail */
diff -Nru chrony-1.30/debian/patches/series chrony-1.30/debian/patches/series
--- chrony-1.30/debian/patches/series	2015-09-09 19:31:39.0 +0200
+++ chrony-1.30/debian/patches/series	2016-05-22 17:40:58.0 +0200
@@ -5,3 +5,4 @@
 11_protect-authenticated-symmetric-ass.patch
 12_fix-subnet-size-indivisible-by-four.patch
 13_fix-initialization-of-allocated-reply-slots.patch
+14_restrict-authentication-of-server-peer-to-specified-key.patch
diff -Nru chrony-1.30/debian/postrm chrony-1.30/debian/postrm
--- chrony-1.30/debian/postrm	2015-09-09 19:31:39.0 +0200
+++ chrony-1.30/debian/postrm	2016-05-22 17:40:58.0 +0200
@@ -23,7 +23,7 @@
 ;;
 
 

Bug#825087: jessie-pu: package chrony/1.30-2+deb8u2

[Vincent Blut]

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Hi,

Could you please accept chrony 1.30-2+deb8u2 in the next jessie point 
release? It fixes three issues of different magnitudes.

The most important one is the fix for CVE-2016-1567 though it didn’t 
warrant a DSA.

The next one might sound probably not important enough to be fixed in a 
stable point release but it has some nasty consequences. We are 
mistakenly deleting the content of /var/lib/chrony on package removal.  
This directory contains the driftfile and the measurement history for 
each time source. The former file has a particularly important role, it 
stores the gain or loss rate of the system clock relative to the RTC 
which could take some time to calculate depending of how crappy the RTC 
is so it would be definitely better if we could avoid to delete it each 
time chrony is upgraded or installed from Config-Files state.

To conclude, the last fix revises the postrotate script from the 
logrotate configuration file. It suffers from two issues, the first one 
is that it assumes the commandkey directive from chrony.conf takes ID 1, 
that’s not necessarily true!
Also, as leading tabs aren’t ignored in the heredoc, the delimiting 
identifier is passed to chronyc option causing some noise (Unrecognized 
command) in logs. To fix that issue, I could have appended a minus sign 
to “<<” but that wouldn’t have solved the other the other one, 
consequently I decided to just make use of the dedicated option provided 
by chronyc to fix both problems.

Voilà, hope that’s receivable!

Have a good day,
Vincent


-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (990, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.5.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Your "backuppc" stable upload

[Adam D. Barratt]

Hi,

I noticed that there's a "backuppc" upload in the stable-new queue, 
which you appear to have uploaded.


The changelog references #820963. The metadata for that bug indicates 
that it affects unstable but is not currently fixed there, and a quick 
check of the 3.3.1-2 source package in unstable confirms this. In this 
case the bug needs to be fixed in unstable first.


For future reference, the workflow for uploads to stable is to file a 
bug against the release.debian.org psuedo-package, attaching a proposed 
debdiff; the changes are then discussed before upload. Aside from 
requiring the fixes to be made in unstable first, we would also have 
requested that the version number 3.3.0-2+deb8u1 be used.


Regards,

Adam

Bug#815260: marked as done (transition: libpgm)

[Debian Bug Tracking System]

Your message dated Mon, 23 May 2016 13:12:17 +0200
with message-id <5742e591.5080...@debian.org>
and subject line Re: Bug#815260: transition: libpgm
has caused the Debian Bug report #815260,
regarding transition: libpgm
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
815260: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815260
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

A small transition of libpgm, its soname changed from 5.1 to 5.2 which
is already in experimental.

Affected packages are:
libxs
zeromq
zeromq3

Library packages are co-installable and can be a smooth transition.
However libxs and zeromq need sourceful uploads. The latter is not a
problem as I'm its maintainer.
The former, libxs package seems to be an abandoned one. Upstream no
longer exists, last maintainer upload[1] was in 2012 and NMUed in 2013.
The zeromq{,3} uploads will be handled by me. Of course, I can further
NMU libxs if needed or provide patch for maintainer upload.

Cheers,
Laszlo/GCS
[1] https://packages.qa.debian.org/libx/libxs/news/20120613T174733Z.htm
l
--- End Message ---
--- Begin Message ---
On 13/03/16 12:06, Emilio Pozuelo Monfort wrote:
> On 24/02/16 20:02, László Böszörményi (GCS) wrote:
>> On Wed, Feb 24, 2016 at 7:57 PM, Emilio Pozuelo Monfort
>>  wrote:
>>> On 20/02/16 14:29, Laszlo Boszormenyi (GCS) wrote:
>>> Looks like your zeromq3 upload started another transition. Not sure whether 
>>> to
>>> just binNMU the rdeps... Have you build-tested them?
>>   Yes, build tested level 2 already. The build dependency name changed
>> from libzmq3-dev to libzmq5-dev making binNMUs not an option. Already
>> contacted the maintainers, notifying what they need to do to make the
>> packages build again.
>> As I recall, two packages need other changes: ignition-transport and
>> uwsgi. Checking these soon.
> 
> Can you please file bugs with severity:serious for all the packages that 
> haven't
> been adapted yet?

This was blocked on the zeromq3 transition, which was waiting for haskell. That
just happened and this is over.

Cheers,
Emilio--- End Message ---

Bug#820193: jessie-pu: package quota/4.01-8

[Michael Meskes]

> +quota (4.01-8+deb8u1) stable-proposed-updates; urgency=medium
> 
> "jessie" is generally preferred as the distribution name.

Ok, changed.

> With that update, and assuming that the resulting package has been
> tested on jessie, please go ahead.

Compiled and tested on jessie. Upload on its way.

Thanks.

Michael
-- 
Michael Meskes
Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org)
Meskes at (Debian|Postgresql) dot Org
Jabber: michael at xmpp dot meskes dot org
VfL Borussia! Força Barça! SF 49ers! Use Debian GNU/Linux, PostgreSQL

Bug#819444: jessie-pu: package libreoffice-nlpsolver/0.9~beta1-10+deb8u1

[Rene Engelhard]

On Sun, May 22, 2016 at 07:35:34PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Mon, 2016-03-28 at 17:07 +0200, Rene Engelhard wrote:
> > +nlpsolver (0.9~beta1-10+deb8u1) jessie; urgency=medium
> > +
> > +  * add missing Depends: on libreoffice-java-common (closes: #728792) 
> 
> Please go ahead.

Thanks, uploaded. (Already yesterday.)

Regards,

Rene

Processed: Re: Bug#824526: New libode version: transition

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> retitle 824526 transition: ode
Bug #824526 [release.debian.org] New libode version: transition
Changed Bug title to 'transition: ode' from 'New libode version: transition'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
824526: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824526
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#823002: marked as done (transition: nvidia-cuda-toolkit 7.5)

[Debian Bug Tracking System]

Your message dated Mon, 23 May 2016 09:23:42 +0200
with message-id <5742affe.1080...@debian.org>
and subject line Re: Bug#823002: transition: nvidia-cuda-toolkit 7.5
has caused the Debian Bug report #823002,
regarding transition: nvidia-cuda-toolkit 7.5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
823002: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823002
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Forwarded: 
https://release.debian.org/transitions/html/auto-nvidia-cuda-toolkit.html

Hi,

the next release of nvidia-cuda-toolkit/non-free has arrived in
experimental and is ready for upload to unstable.

eztrace-contrib, hwloc-contrib and pycuda are fine and just need a
binNMU (maintainer-uploaded since this involves non-free).

starpu-contrib needs a sourceful upload to switch from gcc-4.9 to gcc-5
(the previous toolkit version didn't support gcc-5). Samuel will do this
quickly.


Andreas
--- End Message ---
--- Begin Message ---
On 02/05/16 13:46, Emilio Pozuelo Monfort wrote:
> Control: tags -1 confirmed
> 
> On 29/04/16 22:43, Andreas Beckmann wrote:
>> Package: release.debian.org
>> Severity: normal
>> User: release.debian@packages.debian.org
>> Usertags: transition
>> Forwarded: 
>> https://release.debian.org/transitions/html/auto-nvidia-cuda-toolkit.html
>>
>> Hi,
>>
>> the next release of nvidia-cuda-toolkit/non-free has arrived in
>> experimental and is ready for upload to unstable.
>>
>> eztrace-contrib, hwloc-contrib and pycuda are fine and just need a
>> binNMU (maintainer-uploaded since this involves non-free).
>>
>> starpu-contrib needs a sourceful upload to switch from gcc-4.9 to gcc-5
>> (the previous toolkit version didn't support gcc-5). Samuel will do this
>> quickly.
> 
> Ack.

This is done.

Emilio--- End Message ---

Bug#821190: marked as done (transition: lensfun 0.3.2)

[Debian Bug Tracking System]

Your message dated Mon, 23 May 2016 09:26:09 +0200
with message-id <5742b091.7000...@debian.org>
and subject line Re: Bug#821190: transition: lensfun 0.3.2
has caused the Debian Bug report #821190,
regarding transition: lensfun 0.3.2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
821190: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821190
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Hi,

I would like to ask a slot for a lenfun 0.3.2 transition.
Currently it in experimental already.

This transition changes the SONAME of the lensfun library from
liblensfun0 to liblensfun1.

The transition involves the following sources:

  darktable
  digikam
  gimplensfun
  ufraw

- darktable, digikam, and ufraw build fine with the new version

- gimplensfun 0.2.3 doesn't build with lensfun 0.3.x, and the new
  version 0.2.4 supports only lensfun >= 0.3; thus Evgeni will need
  to upload the new version once the transition starts

Ben file:

title = "lensfun";
is_affected = .depends ~ "liblensfun0" | .depends ~ "liblensfun1";
is_good = .depends ~ "liblensfun1";
is_bad = .depends ~ "liblensfun0";

Thanks,
-- 
Pino
--- End Message ---
--- Begin Message ---
On 16/04/16 17:40, Emilio Pozuelo Monfort wrote:
> Control: tags -1 confirmed
> 
> On 16/04/16 17:05, Pino Toscano wrote:
>> Package: release.debian.org
>> Severity: normal
>> User: release.debian@packages.debian.org
>> Usertags: transition
>>
>> Hi,
>>
>> I would like to ask a slot for a lenfun 0.3.2 transition.
>> Currently it in experimental already.
>>
>> This transition changes the SONAME of the lensfun library from
>> liblensfun0 to liblensfun1.
>>
>> The transition involves the following sources:
>>
>>   darktable
>>   digikam
>>   gimplensfun
>>   ufraw
>>
>> - darktable, digikam, and ufraw build fine with the new version
>>
>> - gimplensfun 0.2.3 doesn't build with lensfun 0.3.x, and the new
>>   version 0.2.4 supports only lensfun >= 0.3; thus Evgeni will need
>>   to upload the new version once the transition starts
> 
> OK. You can go ahead with this and upload to unstable.

This finished quite a while ago. Closing.

Emilio--- End Message ---

Processed: Re: Bug#820731: transition: ffmpeg

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 820731 pending
Bug #820731 [release.debian.org] transition: ffmpeg
Added tag(s) pending.
> tags 821077 pending
Bug #821077 [release.debian.org] transition: json-c
Added tag(s) pending.
> tags 821772 pending
Bug #821772 [release.debian.org] transition: hunspell
Added tag(s) pending.
> tags 822744 pending
Bug #822744 [release.debian.org] transition: gloox
Added tag(s) pending.
> tags 823034 pending
Bug #823034 [release.debian.org] transition: rrdtool
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
820731: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820731
821077: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821077
821772: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821772
822744: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822744
823034: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823034
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#823669: transition: ctemplate 2.3

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 823669 pending
Bug #823669 [release.debian.org] transition: ctemplate 2.3
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
823669: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823669
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#797074: libical2 transition now ready to start!

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 797074 + pending
Bug #797074 [release.debian.org] transition: libical2
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797074: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797074
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#818666: marked as done (transition: pypy)

[Debian Bug Tracking System]

Your message dated Mon, 23 May 2016 09:19:16 +0200
with message-id <5742aef4.2060...@debian.org>
and subject line Re: Bug#818666: transition: pypy
has caused the Debian Bug report #818666,
regarding transition: pypy
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
818666: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818666
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Hi,

looks like pypy 5.0 started a transition, the virtual package
pypy-abi-26 changed to pypy-abi-41. There are some uninstallable
rdepends now: pypy-dulwich, pypy-zmq.

Maybe it's sufficient to just binNMU them (but I didn't test this):

nmu dulwich_0.12.0-1 . ANY . -m "Rebuild against pypy 5.0"
nmu pyzmq_15.1.0-1 . ANY . -m "Rebuild against pypy 5.0"


Ben file:

title = "pypy";
is_affected = .depends ~ /pypy-abi/;
is_good = .depends ~ "pypy-abi-41";
is_bad = .depends ~ "pypy-abi-26";


Andreas
--- End Message ---
--- Begin Message ---
On 03/04/16 13:38, Jonathan Wiltshire wrote:
> Control: tag -1 confirmed
> 
> On 2016-03-19 23:54, Emilio Pozuelo Monfort wrote:
>> On 19/03/16 15:06, Andreas Beckmann wrote:
>>> looks like pypy 5.0 started a transition, the virtual package
>>> pypy-abi-26 changed to pypy-abi-41. There are some uninstallable
>>> rdepends now: pypy-dulwich, pypy-zmq.
>>>
>>> Maybe it's sufficient to just binNMU them (but I didn't test this):
>>>
>>> nmu dulwich_0.12.0-1 . ANY . -m "Rebuild against pypy 5.0"
>>> nmu pyzmq_15.1.0-1 . ANY . -m "Rebuild against pypy 5.0"
>>
>> pypy needs to build on every release architecture first...
> 
> It's now built, let's find out if things can binNMU...

That took a long time, but it's now done.

Cheers,
Emilio--- End Message ---

Processed: Re: Processed (with 1 error): Re: Bug#824960: tex-common failed to upgrade

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 824960 texlive-base
Bug #824960 [tex-common] tex-common failed to upgrade
Bug reassigned from package 'tex-common' to 'texlive-base'.
No longer marked as found in versions tex-common/6.05.
Ignoring request to alter fixed versions of bug #824960 to the same values 
previously set
> forcemerge 824835 824960
Bug #824835 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824847 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824849 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824853 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824862 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824889 {Done: Norbert Preining } [texlive-base] 
tex-common: pfmtutil fails in post-inst of tex-common
Bug #824890 {Done: Norbert Preining } [texlive-base] 
tex-common: fails to install
Bug #824914 {Done: Norbert Preining } [texlive-base] 
tex-common: fails to update
Bug #824940 {Done: Norbert Preining } [texlive-base] 
tex-common: Not upgrade packages.
Bug #824960 [texlive-base] tex-common failed to upgrade
Severity set to 'serious' from 'grave'
823335 was blocked by: 824835 824849 824847 824862 824260 824889 824940 824914 
824890 824853
823335 was not blocking any bugs.
Added blocking bug(s) of 823335: 824960
Marked Bug as done
Added indication that 824960 affects tex-common,src:tex-common
Marked as fixed in versions texlive-base/2016.20160523-1.
Marked as found in versions texlive-base/2016.20160520-1.
Bug #824890 {Done: Norbert Preining } [texlive-base] 
tex-common: fails to install
Removed indication that 824890 affects src:tex-common and tex-common
Added indication that 824890 affects tex-common,src:tex-common
Removed indication that 824835 affects tex-common and src:tex-common
Added indication that 824835 affects tex-common,src:tex-common
Removed indication that 824847 affects src:tex-common and tex-common
Added indication that 824847 affects tex-common,src:tex-common
Removed indication that 824849 affects tex-common and src:tex-common
Added indication that 824849 affects tex-common,src:tex-common
Removed indication that 824853 affects tex-common and src:tex-common
Added indication that 824853 affects tex-common,src:tex-common
Removed indication that 824862 affects tex-common and src:tex-common
Added indication that 824862 affects tex-common,src:tex-common
Removed indication that 824889 affects src:tex-common and tex-common
Added indication that 824889 affects tex-common,src:tex-common
Removed indication that 824914 affects src:tex-common and tex-common
Added indication that 824914 affects tex-common,src:tex-common
Removed indication that 824940 affects src:tex-common and tex-common
Added indication that 824940 affects tex-common,src:tex-common
Bug #824847 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824849 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824853 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824862 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824889 {Done: Norbert Preining } [texlive-base] 
tex-common: pfmtutil fails in post-inst of tex-common
Bug #824914 {Done: Norbert Preining } [texlive-base] 
tex-common: fails to update
Bug #824940 {Done: Norbert Preining } [texlive-base] 
tex-common: Not upgrade packages.
Merged 824835 824847 824849 824853 824862 824889 824890 824914 824940 824960
> close 824960
Bug #824960 {Done: Norbert Preining } [texlive-base] 
tex-common failed to upgrade
Bug #824835 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824847 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824849 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824853 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824862 {Done: Norbert Preining } [texlive-base] 
tex-common: Installation fails due to fmtutil failure
Bug #824889 {Done: Norbert Preining } [texlive-base] 
tex-common: