Bug#857119: unblock: wireshark/2.2.5+g440fd4d-2

[Bálint Réczey]

Control: tags -1 -moreinfo

2017-03-09 9:27 GMT+01:00 Emilio Pozuelo Monfort :
> Control: tags -1 confirmed moreninfo
>
> On 08/03/17 09:52, Balint Reczey wrote:
>> Package: release.debian.org
>> Severity: normal
>> User: release.debian@packages.debian.org
>> Usertags: unblock
>> Tags: patch
>>
>> Dear Release Team,
>>
>> I have prepared wireshark 2.2.5+g440fd4d-1 in experimental which fixes
>> 9 vulnerabilities and other bugs which are not listed here, just on
>> the release notes link.
>>
>> Changes:
>>  wireshark (2.2.5+g440fd4d-1) experimental; urgency=medium
>>  .
>>* New upstream release
>>  - release notes:
>>https://www.wireshark.org/docs/relnotes/wireshark-2.2.5.html
>>  - security fixes:
>>- The STANAG 4607 file parser could go into an infinite loop
>>  (CVE-2017-6014)
>>- The NetScaler file parser could go into an infinite loop
>>  (CVE-2017-6467)
>>- The NetScaler file parser could crash (CVE-2017-6468)
>>- The LDSS dissector could crash (CVE-2017-6469)
>>- The IAX2 dissector could go into an infinite loop
>>  (CVE-2017-6470)
>>- The WSP dissector could go into an infinite loop (CVE-2017-6471)
>>- The RTMTP dissector could go into an infinite loop
>>  (CVE-2017-6472)
>>- The K12 file parser could crash (CVE-2017-6473)
>>- The NetScaler file parser could go into an infinite loop
>>  (CVE-2017-6474)
>>* Update symbols file for libwireshark8
>>
>> I believe wireshark point releases very rarely cause regressions due
>> to the heavy testing performed upstream and I think it would be safe
>> to upload this point release to unstable and let it migrate to
>> testing.
>>
>> If you wouldn't like to accept the full point release to Stretch I
>> will happily backport the security fixes to 2.2.4 and upload that to
>> unstable.
>
> Please go ahead with 2.2.5, and remove the moreinfo tag once it is accepted 
> and
> built on all release architectures.

Accepted and built.

Cheers,
Balint

Processed: Re: Bug#857119: unblock: wireshark/2.2.5+g440fd4d-2

[Debian Bug Tracking System]

Processing control commands:

> tags -1 -moreinfo
Bug #857119 [release.debian.org] unblock: wireshark/2.2.5+g440fd4d-2
Removed tag(s) moreinfo.

-- 
857119: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857119
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#857334: unblock: onioncat/0.2.2+svn569-2

[intrigeri]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package onioncat, that fixes one RC bug (#857262)
and adds another missing dependency (no bug report).

unblock onioncat/0.2.2+svn569-2
diff -Nru onioncat-0.2.2+svn569/debian/changelog 
onioncat-0.2.2+svn569/debian/changelog
--- onioncat-0.2.2+svn569/debian/changelog  2016-01-24 18:36:57.0 
+0100
+++ onioncat-0.2.2+svn569/debian/changelog  2017-03-09 19:44:16.0 
+0100
@@ -1,3 +1,12 @@
+onioncat (0.2.2+svn569-2) unstable; urgency=medium
+
+  * Add missing dependency on net-tools: OnionCat hard-codes
+ifconfig usage (Closes: #857262).
+  * Add missing dependency on lsb-base (>= 3.0-6): the onioncat
+initscript sources the /lib/lsb/init-functions utility functions.
+
+ -- intrigeri   Thu, 09 Mar 2017 18:44:16 +
+
 onioncat (0.2.2+svn569-1) unstable; urgency=medium
 
   [ Ximin Luo ]
diff -Nru onioncat-0.2.2+svn569/debian/control 
onioncat-0.2.2+svn569/debian/control
--- onioncat-0.2.2+svn569/debian/control2016-01-24 18:36:57.0 
+0100
+++ onioncat-0.2.2+svn569/debian/control2017-03-09 19:44:16.0 
+0100
@@ -16,7 +16,9 @@
 Architecture: any
 Depends: ${shlibs:Depends},
  ${misc:Depends},
- adduser
+ adduser,
+ lsb-base (>= 3.0-6),
+ net-tools
 Recommends: tor
 Description: IP-Transparent Tor hidden service connector
  OnionCat creates a transparent IP layer on top of Tor hidden

Bug#856539: updating sitesummary in stable+oldtable due to regression introduced with apache update (Re: Bug#856539: jessie-pu: package sitesummary/0.1.17+deb8u2)

[Sébastien Delafond]

On Mar/10, Petter Reinholdtsen wrote:
> The debdiff for jessie is in bts already.

I meant a debdiff specifically targetting jessie-security. Please change
jessie to jessie-security, set severity to high, and upload to
security-master (no source-only upload).

Cheers,

--Seb

Bug#856539: updating sitesummary in stable+oldtable due to regression introduced with apache update (Re: Bug#856539: jessie-pu: package sitesummary/0.1.17+deb8u2)

[Petter Reinholdtsen]

[Sébastien Delafond]
> Sure, we can do that. Send us a debdiff and we can take it from there.

The debdiff for jessie is in bts already.  Here is the equivalent diff
for wheezy.  The code change is the same, only the changelog version is
different.

diff --git a/debian/changelog b/debian/changelog
index f8e2c48..f8df229 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+sitesummary (0.1.8+deb7u2) UNRELEASED; urgency=medium
+
+  [ Wolfgang Schweer ]
+  * Adjust sitesummary-upload to use CRLF (\r\n) line endings to be compliant
+with apache 2.4.25 security fixes for HTTP requests. (Closes: #852623).
+
+ -- Wolfgang Schweer   Fri, 27 Jan 2017 15:49:50 +0100
+
 sitesummary (0.1.8+deb7u1) wheezy; urgency=low
 
   * No change upload targeted at wheezy-proposed-update for the upcoming 7.2
diff --git a/sitesummary-upload b/sitesummary-upload
index 050aefa..28c19d6 100755
--- a/sitesummary-upload
+++ b/sitesummary-upload
@@ -78,15 +78,13 @@ $form .= "$ORS";
 my $formlen = length($form);
 
 #Send data
-print $remote <<"EOF";
-POST $submiturl HTTP/1.1
-User-Agent: sitesummary-upload
-Host: $host
-content-type: multipart/form-data; boundary=$boundary
-content-length: $formlen
-
-$form
-EOF
+print $remote "POST $submiturl HTTP/1.1\r\n";
+print $remote "User-Agent: sitesummary-upload\r\n";
+print $remote "Host: $host\r\n";
+print $remote "Content-Type: multipart/form-data; boundary=$boundary\r\n";
+print $remote "Content-Length: $formlen\r\n";
+print $remote "\r\n";
+print $remote "$form";
 
 #Get answer
 my($answer)="";
-- 
Happy hacking
Petter Reinholdtsen

Bug#855345: jessie-pu: package systemd/215-17+deb8u7

[Michael Biebl]

Am 17.02.2017 um 00:29 schrieb Michael Biebl:
> Package: release.debian.org
> Severity: normal
> Tags: jessie
> User: release.debian@packages.debian.org
> Usertags: pu
> 
> Hi,
> 
> I'd like to make a stable upload for systemd, fixing two bugs.

Since I filed the pu request, two more issues came up which I'd like to
fix as well

An assert in PID1 that could be triggered by masking an automount unit
(#856035) and an assert in PID1 that could be triggered by removing a
service file during daemon-reload (#856985). The latter is rather easily
reproducible by installing and removing systemd-cron.

Those are backports of fixes which have landed in unstable.

The full changelog:

systemd (215-17+deb8u7) stable; urgency=medium

  * bus: Fix bus_print_property() to use "int" for booleans.
This fixes the problem that on big endian architectures, like mips or
powerpc, boolean properties that were retrieved via via sd-bus were
always set to 0 (no). (Closes: #774430)
  * systemctl: Add is-enabled support for SysV init scripts.
The update-rc.d utility does not provide is-enabled, so implement it
ourselves in systemctl using the same logic as systemd-sysv-install from
Stretch. (Closes: #809405)
  * core: If the start command vanishes during runtime don't hit an assert.
This can happen when the configuration is changed and reloaded while we
are executing a service. Let's not hit an assert in this case.
(Closes: #856985)
  * automount: If an automount unit is masked, don't react to activation
anymore.
Otherwise we'll hit an assert sooner or later. (Closes: #856035)

 -- Michael Biebl   Fri, 10 Mar 2017 06:02:49 +0100

The debdiff is attached.

For individual commits see
https://anonscm.debian.org/cgit/pkg-systemd/systemd.git/log/?h=jessie


Regards,
Michael
-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
diff --git a/debian/changelog b/debian/changelog
index ffceb7d..be7e3b3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,23 @@
+systemd (215-17+deb8u7) stable; urgency=medium
+
+  * bus: Fix bus_print_property() to use "int" for booleans.
+This fixes the problem that on big endian architectures, like mips or
+powerpc, boolean properties that were retrieved via via sd-bus were
+always set to 0 (no). (Closes: #774430)
+  * systemctl: Add is-enabled support for SysV init scripts.
+The update-rc.d utility does not provide is-enabled, so implement it
+ourselves in systemctl using the same logic as systemd-sysv-install from
+Stretch. (Closes: #809405)
+  * core: If the start command vanishes during runtime don't hit an assert.
+This can happen when the configuration is changed and reloaded while we
+are executing a service. Let's not hit an assert in this case.
+(Closes: #856985)
+  * automount: If an automount unit is masked, don't react to activation
+anymore.
+Otherwise we'll hit an assert sooner or later. (Closes: #856035)
+
+ -- Michael Biebl   Fri, 10 Mar 2017 06:02:49 +0100
+
 systemd (215-17+deb8u6) stable; urgency=medium
 
   [ Michael Biebl ]
diff --git 
a/debian/patches/automount-if-an-automount-unit-is-masked-don-t-react-to-a.patch
 
b/debian/patches/automount-if-an-automount-unit-is-masked-don-t-react-to-a.patch
new file mode 100644
index 000..d9adc19
--- /dev/null
+++ 
b/debian/patches/automount-if-an-automount-unit-is-masked-don-t-react-to-a.patch
@@ -0,0 +1,134 @@
+From: Lennart Poettering 
+Date: Wed, 1 Mar 2017 04:03:48 +0100
+Subject: automount: if an automount unit is masked,
+ don't react to activation anymore (#5445)
+
+Otherwise we'll hit an assert sooner or later.
+
+This requires us to initialize ->where even if we come back in "masked"
+mode, as otherwise we don't know how to operate on the automount and
+detach it.
+
+Fixes: #5441
+(backported from commit e350ca3f1ecb6672b74cd25d09ef23c7b309aa5a)
+---
+ src/core/automount.c | 67 +++-
+ 1 file changed, 45 insertions(+), 22 deletions(-)
+
+diff --git a/src/core/automount.c b/src/core/automount.c
+index 73a8ce1..4392635 100644
+--- a/src/core/automount.c
 b/src/core/automount.c
+@@ -87,17 +87,19 @@ static void unmount_autofs(Automount *a) {
+ if (a->pipe_fd < 0)
+ return;
+ 
+-automount_send_ready(a, -EHOSTDOWN);
+ 
+ a->pipe_event_source = sd_event_source_unref(a->pipe_event_source);
+ a->pipe_fd = safe_close(a->pipe_fd);
+ 
+-/* If we reload/reexecute things we keep the mount point
+- * around */
+-if (a->where &&
+-(UNIT(a)->manager->exit_code != MANAGER_RELOAD &&
+- UNIT(a)->manager->exit_code != MANAGER_REEXECUTE))
+-repeat_unmount(a->where);
++/* If we reload/reexecute things we keep the mount point around */
++if 

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: radare2_0.9.6-3.1+deb8u1_armel.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: radare2_0.9.6-3.1+deb8u1_armhf.changes
  ACCEPT

Bug#857258: unblock: ifupdown2/1.0~git20170308-1

[Julien Fortin]

Hi Niels,

No worries, I understand the new issues raised by my last changes.
I will make the appropriate fixes and submit again.

Thanks for your help.
Julien.

On Fri, Mar 10, 2017 at 12:44 AM, Niels Thykier  wrote:

> Control: tags -1 moreinfo
>
> Julien Fortin:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: unblock
> >
> > Please unblock package ifupdown2
> >
> > Hi,
> >
> > This release fixes a bug due to a localized string in a grep filter.
> >
> > Following up on the comments received during last unblock request. I've
> added
> > the LC_ALL directive to the pre,post inst and postrm files.
> >
>
> Hi,
>
> Sorry, this is unfortunately not what I expected and I suspect you
> misunderstood my intention/request.
>
>
>   * I had envisioned $(LC_ALL=C.UTF-8 dpkg-divert ...), which would
> only overwrite the language exactly for the dpkg-divert
> command/pipeline.
>   * The proposed change fails to export the variable, so it is not going
> to work except when LC_ALL is already exported (which is not the
> case on all systems)
>   * Also, overriding LC_ALL in the entire script completely overrules
> the users locale preventing other messages in the users native
> language.
>
> Apologies for the misunderstanding and having to ask you for a third
> attempt.
>
> Thanks,
> ~Niels
>
>

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: radare2_0.9.6-3.1+deb8u1_arm64.changes
  ACCEPT
Processing changes file: radare2_0.9.6-3.1+deb8u1_i386.changes
  ACCEPT
Processing changes file: radare2_0.9.6-3.1+deb8u1_mips.changes
  ACCEPT
Processing changes file: radare2_0.9.6-3.1+deb8u1_mipsel.changes
  ACCEPT
Processing changes file: radare2_0.9.6-3.1+deb8u1_powerpc.changes
  ACCEPT
Processing changes file: radare2_0.9.6-3.1+deb8u1_ppc64el.changes
  ACCEPT
Processing changes file: radare2_0.9.6-3.1+deb8u1_s390x.changes
  ACCEPT

Bug#857323: unblock: translate-toolkit/2.0.0-1

[Stuart Prescott]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear Release Team,

Please unblock package translate-toolkit.

We have been tracking the beta releases and release candidates of this
package over the past 6ish months so that we could deliver a version in
stretch that had Python 3 support. Stretch currently includes rc3 of
translate-toolkit and the diff to the final released version is minimal;
some additional tests, a couple of small bug fixes and documentation updates.

The package has a pretty good test-suite which is happily passing on
ci.debian.net.

A source debdiff attached and summarised below if that helps:

 debian/changelog|6 
 docs/conf.py|2 
 docs/developers/releasing.rst   |4 
 docs/releases/2.0.0.rst |  256 
 docs/releases/index.rst |1 
 tests/cli/data/test_po2txt/one.po   |   13 +
 tests/cli/data/test_po2txt/out.txt  |7 
 tests/cli/data/test_po2txt_threshold/one.po |   13 +
 tests/cli/data/test_pofilter_manpage/stdout.txt |2 
 tests/cli/test_po2txt.sh|6 
 tests/cli/test_po2txt_threshold.sh  |7 
 translate/__version__.py|6 
 translate/convert/convert.py|   15 -
 translate/storage/mozilla_lang.py   |   14 -
 translate/storage/test_mozilla_lang.py  |   39 +++
 15 files changed, 374 insertions(+), 17 deletions(-)


unblock translate-toolkit/2.0.0-1


Thanks for considering,

Stuart on behalf of the Debian l10n developers team
diff -Nru translate-toolkit-2.0.0~rc3/debian/changelog translate-toolkit-2.0.0/debian/changelog
--- translate-toolkit-2.0.0~rc3/debian/changelog	2017-01-25 13:31:22.0 +1100
+++ translate-toolkit-2.0.0/debian/changelog	2017-02-26 23:39:30.0 +1100
@@ -1,3 +1,9 @@
+translate-toolkit (2.0.0-1) unstable; urgency=medium
+
+  * New upstream release.
+
+ -- Stuart Prescott   Sun, 26 Feb 2017 23:39:30 +1100
+
 translate-toolkit (2.0.0~rc3-1) unstable; urgency=medium
 
   * New upstream release candidate.
diff -Nru translate-toolkit-2.0.0~rc3/docs/conf.py translate-toolkit-2.0.0/docs/conf.py
--- translate-toolkit-2.0.0~rc3/docs/conf.py	2017-01-24 05:25:31.0 +1100
+++ translate-toolkit-2.0.0/docs/conf.py	2017-01-28 06:51:52.0 +1100
@@ -67,7 +67,7 @@
 # The short X.Y version.
 version = '2.0.0'
 # The full version, including alpha/beta/rc tags.
-release = '2.0.0rc3'
+release = '2.0.0'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
diff -Nru translate-toolkit-2.0.0~rc3/docs/developers/releasing.rst translate-toolkit-2.0.0/docs/developers/releasing.rst
--- translate-toolkit-2.0.0~rc3/docs/developers/releasing.rst	2017-01-24 05:25:31.0 +1100
+++ translate-toolkit-2.0.0/docs/developers/releasing.rst	2017-01-28 06:51:52.0 +1100
@@ -136,7 +136,7 @@
 .. code-block:: console
 
 $ mkvirtualenv build-ttk-release
-(build-ttk-release)$ pip install --upgrade pip
+(build-ttk-release)$ pip install --upgrade setuptools pip
 (build-ttk-release)$ pip install -r requirements/dev.txt
 (build-ttk-release)$ make build
 (build-ttk-release)$ deactivate
@@ -159,7 +159,7 @@
 .. code-block:: console
 
 $ mkvirtualenv test-ttk-release
-(test-ttk-release)$ pip install --upgrade pip
+(test-ttk-release)$ pip install --upgrade setuptools pip
 (test-ttk-release)$ pip install dist/translate-toolkit-$version.tar.bz2
 
 
diff -Nru translate-toolkit-2.0.0~rc3/docs/releases/2.0.0.rst translate-toolkit-2.0.0/docs/releases/2.0.0.rst
--- translate-toolkit-2.0.0~rc3/docs/releases/2.0.0.rst	1970-01-01 10:00:00.0 +1000
+++ translate-toolkit-2.0.0/docs/releases/2.0.0.rst	2017-01-28 06:51:52.0 +1100
@@ -0,0 +1,256 @@
+Translate Toolkit 2.0.0
+***
+
+*Released on 27 January 2017*
+
+This release contains many improvements and bug fixes. While it contains many
+general improvements, it also specifically contains needed changes and
+optimizations for the upcoming `Pootle `_
+2.8.0 and `Virtaal `_ releases.
+
+
+2.0.0 vs 2.0.0rc3
+=
+
+- :doc:`po2txt ` works correctly again when ``--threshold``
+  option is passed (:issue:`3499`)
+- Minor fixes for Mozilla .lang format
+- Minor Python 3 fix
+
+
+Major changes
+=
+
+- Python 3 compatibility thanks to Claude Paroz
+- Dropped support for Python 2.6
+- Support for new l20n format
+- Translate Toolkit can now easily be installed on Windows
+- Changes in storage API to expose a more standardized API
+
+
+Detailed changes
+
+
+Python 3 support
+
+
+- Translate Toolkit went through a 

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: apache2_2.4.10-10+deb8u8_amd64.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u8_arm64.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u8_armel.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u8_armhf.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u8_i386.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u8_mips.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u8_mipsel.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u8_powerpc.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u8_ppc64el.changes
  ACCEPT
Processing changes file: apache2_2.4.10-10+deb8u8_s390x.changes
  ACCEPT
Processing changes file: bind9_9.9.5.dfsg-9+deb8u10_i386.changes
  ACCEPT
Processing changes file: bind9_9.9.5.dfsg-9+deb8u10_amd64.changes
  ACCEPT
Processing changes file: bind9_9.9.5.dfsg-9+deb8u10_arm64.changes
  ACCEPT
Processing changes file: bind9_9.9.5.dfsg-9+deb8u10_armel.changes
  ACCEPT
Processing changes file: bind9_9.9.5.dfsg-9+deb8u10_armhf.changes
  ACCEPT
Processing changes file: bind9_9.9.5.dfsg-9+deb8u10_mips.changes
  ACCEPT
Processing changes file: bind9_9.9.5.dfsg-9+deb8u10_mipsel.changes
  ACCEPT
Processing changes file: bind9_9.9.5.dfsg-9+deb8u10_powerpc.changes
  ACCEPT
Processing changes file: bind9_9.9.5.dfsg-9+deb8u10_ppc64el.changes
  ACCEPT
Processing changes file: bind9_9.9.5.dfsg-9+deb8u10_s390x.changes
  ACCEPT
Processing changes file: imagemagick_6.8.9.9-5+deb8u7_amd64.changes
  ACCEPT
Processing changes file: imagemagick_6.8.9.9-5+deb8u7_arm64.changes
  ACCEPT
Processing changes file: imagemagick_6.8.9.9-5+deb8u7_armel.changes
  ACCEPT
Processing changes file: imagemagick_6.8.9.9-5+deb8u7_armhf.changes
  ACCEPT
Processing changes file: imagemagick_6.8.9.9-5+deb8u7_i386.changes
  ACCEPT
Processing changes file: imagemagick_6.8.9.9-5+deb8u7_mips.changes
  ACCEPT
Processing changes file: imagemagick_6.8.9.9-5+deb8u7_mipsel.changes
  ACCEPT
Processing changes file: imagemagick_6.8.9.9-5+deb8u7_powerpc.changes
  ACCEPT
Processing changes file: imagemagick_6.8.9.9-5+deb8u7_ppc64el.changes
  ACCEPT
Processing changes file: imagemagick_6.8.9.9-5+deb8u7_s390x.changes
  ACCEPT
Processing changes file: libquicktime_1.2.4-7+deb8u1_amd64.changes
  ACCEPT
Processing changes file: libquicktime_1.2.4-7+deb8u1_arm64.changes
  ACCEPT
Processing changes file: libquicktime_1.2.4-7+deb8u1_armel.changes
  ACCEPT
Processing changes file: libquicktime_1.2.4-7+deb8u1_armhf.changes
  ACCEPT
Processing changes file: libquicktime_1.2.4-7+deb8u1_i386.changes
  ACCEPT
Processing changes file: libquicktime_1.2.4-7+deb8u1_mips.changes
  ACCEPT
Processing changes file: libquicktime_1.2.4-7+deb8u1_mipsel.changes
  ACCEPT
Processing changes file: libquicktime_1.2.4-7+deb8u1_powerpc.changes
  ACCEPT
Processing changes file: libquicktime_1.2.4-7+deb8u1_ppc64el.changes
  ACCEPT
Processing changes file: libquicktime_1.2.4-7+deb8u1_s390x.changes
  ACCEPT
Processing changes file: linux_3.16.39-1+deb8u2_multi.changes
  ACCEPT
Processing changes file: linux_3.16.39-1+deb8u2_amd64.changes
  ACCEPT
Processing changes file: linux_3.16.39-1+deb8u2_arm64.changes
  ACCEPT
Processing changes file: linux_3.16.39-1+deb8u2_armel.changes
  ACCEPT
Processing changes file: linux_3.16.39-1+deb8u2_armhf.changes
  ACCEPT
Processing changes file: linux_3.16.39-1+deb8u2_i386.changes
  ACCEPT
Processing changes file: linux_3.16.39-1+deb8u2_mips.changes
  ACCEPT
Processing changes file: linux_3.16.39-1+deb8u2_mipsel.changes
  ACCEPT
Processing changes file: linux_3.16.39-1+deb8u2_powerpc.changes
  ACCEPT
Processing changes file: linux_3.16.39-1+deb8u2_ppc64el.changes
  ACCEPT
Processing changes file: linux_3.16.39-1+deb8u2_s390x.changes
  ACCEPT
Processing changes file: munin_2.0.25-1+deb8u2_multi.changes
  ACCEPT
Processing changes file: munin_2.0.25-1+deb8u3_allonly.changes
  ACCEPT
Processing changes file: mupdf_1.5-1+deb8u2_amd64.changes
  ACCEPT
Processing changes file: mupdf_1.5-1+deb8u2_arm64.changes
  ACCEPT
Processing changes file: mupdf_1.5-1+deb8u2_armel.changes
  ACCEPT
Processing changes file: mupdf_1.5-1+deb8u2_armhf.changes
  ACCEPT
Processing changes file: mupdf_1.5-1+deb8u2_i386.changes
  ACCEPT
Processing changes file: mupdf_1.5-1+deb8u2_mips.changes
  ACCEPT
Processing changes file: mupdf_1.5-1+deb8u2_mipsel.changes
  ACCEPT
Processing changes file: mupdf_1.5-1+deb8u2_powerpc.changes
  ACCEPT
Processing changes file: mupdf_1.5-1+deb8u2_ppc64el.changes
  ACCEPT
Processing changes file: mupdf_1.5-1+deb8u2_s390x.changes
  ACCEPT
Processing changes file: radare2_0.9.6-3.1+deb8u1_amd64.changes
  ACCEPT
Processing changes file: ruby-zip_1.1.6-1+deb8u1_allonly.changes
  ACCEPT
Processing changes file: ruby-zip_1.1.6-1+deb8u1_amd64.changes
  ACCEPT
Processing changes file: ruby-zip_1.1.6-1+deb8u1_arm64.changes
  ACCEPT
Processing changes file: ruby-zip_1.1.6-1+deb8u1_armel.changes
  ACCEPT
Processing 

Bug#856627: jessie-pu: package libdatetime-timezone-perl/1:1.75-2+2017a

[gregor herrmann]

On Thu, 09 Mar 2017 19:13:32 +, Adam D. Barratt wrote:

> On Fri, 2017-03-03 at 01:10 +0100, gregor herrmann wrote:
> > I've prepared an update for libdatetime-timezone-perl in jessie,
> > adding a patch to update to Olson DB 2017a.
> Please go ahead.

Thank you; uploaded.


Cheers,
gregor

-- 
 .''`.  https://info.comodo.priv.at/ - Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe
   `-   NP: B.B. King and Eric Clapton


signature.asc
Description: Digital Signature

Bug#857314: unblock: sass-elisp/3.0.15-4.1

[Sean Whitton]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package sass-elisp

The NMU fixes upgrading from Jessie.

Thanks.

unblock sass-elisp/3.0.15-4.1

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: i386 (i686)

Kernel: Linux 4.9.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- 
Sean Whitton
diff -Nru sass-elisp-3.0.15/debian/changelog sass-elisp-3.0.15/debian/changelog
--- sass-elisp-3.0.15/debian/changelog	2014-01-31 08:33:43.0 -0700
+++ sass-elisp-3.0.15/debian/changelog	2017-03-04 08:55:25.0 -0700
@@ -1,3 +1,11 @@
+sass-elisp (3.0.15-4.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Patch sass-elisp.emacsen-install to ensure that haml-elisp is in the
+load path during byte-compilation of sass-elisp (Closes: #856681).
+
+ -- Sean Whitton   Sat, 04 Mar 2017 08:55:25 -0700
+
 sass-elisp (3.0.15-4) unstable; urgency=low
 
   * auto-mode-alisp pattern should ends with "\\"
diff -Nru sass-elisp-3.0.15/debian/sass-elisp.emacsen-install sass-elisp-3.0.15/debian/sass-elisp.emacsen-install
--- sass-elisp-3.0.15/debian/sass-elisp.emacsen-install	2014-01-31 08:33:43.0 -0700
+++ sass-elisp-3.0.15/debian/sass-elisp.emacsen-install	2017-03-04 08:55:25.0 -0700
@@ -31,6 +31,7 @@
   cd /usr/share/${FLAVOR}/site-lisp/sass-elisp
   cat < path.el
 (setq load-path (cons "." load-path) byte-compile-warnings nil)
+(add-to-list 'load-path "/usr/share/emacs/site-lisp/haml-elisp")
 EOF
   FLAVORTEST=`echo $FLAVOR | cut -c-6`
   if [ ${FLAVORTEST} = xemacs ] ; then


signature.asc
Description: PGP signature

Re: Bug#857257: Re: Supporting configuration file changes between versions in unstable/testing

[Philip Hands]

Andreas Beckmann  writes:

> On 2017-03-09 18:00, Ian Jackson wrote:
>> To be fair to Pirate, Andreas Beckmann suggested #856606 that if
>> Pirate disagreed with Andreas, Pirate should go to the TC.
>
> The disagreement between Pirate and me is not about the RC-ness of
> #856606, but more about the general requirement of working upgrade
> paths.

Looking at the bug, I see that the issue involves this bit of code:

  export $(cat /etc/gitlab/gitlab-debian.conf)

(and other variations thereof) used in the maintainer scripts, and
suggested in the README as something for the user to run.

It strikes me as rather fragile, and likely to misbehave in surprising
ways -- e.g. if one comments out a line in the file with '# ' then the
setting will still get set.

Is it not possible to patch the code of the package to contain the
default paths internally, so that it is not essential to populate the
environment before running things?

Failing that, how about setting the defaults and exporting them in a
wrapper script, which could also source the config file (in the more
normal way) before then invoking rake (or whatever), and then using that
in place of running rake etc. directly?

Either of these should mean that one could have an empty/missing config
file under /etc, or include comments in the config file, and still have
things work properly.

I suspect that much of the tangled code for handling the config files
would drop away if you did this, which ought to also ensure that this
bug would disappear.

Cheers, Phil.
-- 
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,GERMANY


signature.asc
Description: PGP signature

Processed: Re: Bug#856832: jessie-pu: package webissues-server/0.8.5-3+deb8u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + confirmed
Bug #856832 [release.debian.org] jessie-pu: package 
webissues-server/0.8.5-3+deb8u1
Added tag(s) confirmed.

-- 
856832: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856832
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#856832: jessie-pu: package webissues-server/0.8.5-3+deb8u1

[Adam D. Barratt]

Control: tags -1 + confirmed

On Sun, 2017-03-05 at 11:10 +0100, Andreas Beckmann wrote:
> I'd like to update webissues-server in jessie to fix its unconditional
> usage of ucf during postrm purge. This is the last package triggering
> this bug after piuparts (upgrade) tests. Like ndoutils, the package
> has been removed from unstable, therefore it can be fixed in stable
> only.

Please go ahead.

Regards,

Adam

Bug#856539: updating sitesummary in stable+oldtable due to regression introduced with apache update (Re: Bug#856539: jessie-pu: package sitesummary/0.1.17+deb8u2)

[Sébastien Delafond]

On Mar/09, Holger Levsen wrote:
> Dear security team,
> 
> On Thu, Mar 09, 2017 at 07:20:40PM +, Adam D. Barratt wrote:
> > On Thu, 2017-03-02 at 09:50 +, Holger Levsen wrote:
> > > On Thu, Mar 02, 2017 at 09:12:34AM +0100, Petter Reinholdtsen wrote:
> > > > Usertags: pu
> > > > 
> > > > The sitesummary package in stable is affected by one RC bug causing all
> > > > clients to fail to submit data to the collector, and thus breaking the
> > > > service SiteSummary is supposed to provide (collect data about
> > > > machines).  The problem is triggered by the recent update of Apache.
> > > [...]
> > > > I would like to update the stable version of sitesummary to fix this
> > > > bug.  It affect Debian Edu, but also all other users of SiteSummary in
> > > > Jessie.  Are you OK with me uploading a package with this change?  How
> > > > quickly is it possible to get this change into Jessie?
> > > 
> > > (this would normally take severeal weeks or months, until the next jessie
> > > point release will happen, which AFAIK is not yet planned. IOW: date is 
> > > unknown.)
> > >  
> > > as this regression was introduced by DSA-3796, wouldnt it be appropriate 
> > > to
> > > update sitesummary via jessie-security as well?
> > 
> > Have either of you asked the Security Team about that?
> 
> no, we haven't yet.
> 
> So, #852623 is about sitesummary being broken due to the fix for CVE-2016-8743
> and while #852623 has been fixed in sid and stretch, we would also like to fix
> #852623 in sitesummary in jessie and stable.
> 
> So at first, we thought to go via proposed-updates, but as you can see Adam
> suggested to go via stable-security (and LTS I supose) - what do you think?
> 
> Going via security would be much nicer as this would fix this in the real
> world much sooner…!

Sure, we can do that. Send us a debdiff and we can take it from there.

Cheers,

--Seb


signature.asc
Description: PGP signature

Bug#856665: jessie-pu: package commons-daemon/1.0.15-6

[Adam D. Barratt]

Control: tags -1 + confirmed

On Fri, 2017-03-03 at 17:07 -0300, Breno Leitao wrote:
> Hi Adam,
> 
> On Fri, Mar 03, 2017 at 05:41:51PM +, Adam D. Barratt wrote:
> > On 2017-03-03 17:29, Breno Leitao wrote:
> > >Package jsvc (commons-daemon) contains a patch enabling ppc64el on
> > >version 1.0.15-6 (currently on Jessie), but it does not work. A new
> > >patch required to add functional support for commons-daemon on ppc64el.
> > >
> > >This patch is already commited on upstream as in Stretch.
> > >
> > >You can find more information about this bug at #856560.
> > >
> > >Let me know if I can update a fixed package in stable.
> > 
> > We'd need to see a source debdiff for the proposed (and tested) package
> > first, please.
> 
> Sure. This is the debdiff I have. I tested it and it solves the problem
> on ppc64el, and it does not seem cause any regression on amd64.

+  * This package is broken on Jessie, showing "Cannot find any VM in Java
+Home". Fixing it. (Closes: #856560)

That sounds a little overly verbose, personally - it's reasonably
obvious that the package is broken in some way and you're fixing it,
otherwise the update wouldn't exist in the first place.

In any case, please update the changelog to mention the fact that the
fix is specifically related to ppc64el, and feel free to upload.

Regards,

Adam

Processed: Re: Bug#856665: jessie-pu: package commons-daemon/1.0.15-6

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + confirmed
Bug #856665 [release.debian.org] jessie-pu: package commons-daemon/1.0.15-6
Added tag(s) confirmed.

-- 
856665: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856665
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#856240: jessie-pu: package elog/2.9.2+2014.05.11git44800a7-2+deb8u1

[Adam D. Barratt]

Control: tags -1 + confirmed

On Sun, 2017-02-26 at 21:38 +0100, Roger Kalt wrote:
> Update closes bug https://bugs.debian.org/851909 which allows no login except
> admin user.

On the assumption that the revised patch has been carefully tested for
regressions, please go ahead.

Regards,

Adam

Processed: Re: Bug#856240: jessie-pu: package elog/2.9.2+2014.05.11git44800a7-2+deb8u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + confirmed
Bug #856240 [release.debian.org] jessie-pu: package 
elog/2.9.2+2014.05.11git44800a7-2+deb8u1
Added tag(s) confirmed.

-- 
856240: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856240
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#856539: updating sitesummary in stable+oldtable due to regression introduced with apache update (Re: Bug#856539: jessie-pu: package sitesummary/0.1.17+deb8u2)

[Holger Levsen]

Dear security team,

On Thu, Mar 09, 2017 at 07:20:40PM +, Adam D. Barratt wrote:
> On Thu, 2017-03-02 at 09:50 +, Holger Levsen wrote:
> > On Thu, Mar 02, 2017 at 09:12:34AM +0100, Petter Reinholdtsen wrote:
> > > Usertags: pu
> > > 
> > > The sitesummary package in stable is affected by one RC bug causing all
> > > clients to fail to submit data to the collector, and thus breaking the
> > > service SiteSummary is supposed to provide (collect data about
> > > machines).  The problem is triggered by the recent update of Apache.
> > [...]
> > > I would like to update the stable version of sitesummary to fix this
> > > bug.  It affect Debian Edu, but also all other users of SiteSummary in
> > > Jessie.  Are you OK with me uploading a package with this change?  How
> > > quickly is it possible to get this change into Jessie?
> > 
> > (this would normally take severeal weeks or months, until the next jessie
> > point release will happen, which AFAIK is not yet planned. IOW: date is 
> > unknown.)
> >  
> > as this regression was introduced by DSA-3796, wouldnt it be appropriate to
> > update sitesummary via jessie-security as well?
> 
> Have either of you asked the Security Team about that?

no, we haven't yet.

So, #852623 is about sitesummary being broken due to the fix for CVE-2016-8743
and while #852623 has been fixed in sid and stretch, we would also like to fix
#852623 in sitesummary in jessie and stable.

So at first, we thought to go via proposed-updates, but as you can see Adam
suggested to go via stable-security (and LTS I supose) - what do you think?

Going via security would be much nicer as this would fix this in the real
world much sooner…!


-- 
cheers,
Holger


signature.asc
Description: Digital signature

Bug#857307: unblock: musl/1.1.16-3

[Reiner Herrmann]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package musl

1.1.16-3 includes a fix for applications crashing on startup on ppc64(el)
(#857078).
Attached is the debdiff.

Thanks in advance!

Kind regards,
  Reiner

unblock musl/1.1.16-3
diff -Nru musl-1.1.16/debian/changelog musl-1.1.16/debian/changelog
--- musl-1.1.16/debian/changelog2017-01-22 18:18:26.0 +0100
+++ musl-1.1.16/debian/changelog2017-03-09 19:19:31.0 +0100
@@ -1,3 +1,10 @@
+musl (1.1.16-3) unstable; urgency=medium
+
+  * Import upstream fix for PPC64 crash.
+Thanks to Breno Leitao for investigating. (Closes: #857078)
+
+ -- Reiner Herrmann   Thu, 09 Mar 2017 19:19:31 +0100
+
 musl (1.1.16-2) unstable; urgency=medium
 
   [ Breno Leitao ]
diff -Nru musl-1.1.16/debian/patches/ppc64-crash.patch 
musl-1.1.16/debian/patches/ppc64-crash.patch
--- musl-1.1.16/debian/patches/ppc64-crash.patch1970-01-01 
01:00:00.0 +0100
+++ musl-1.1.16/debian/patches/ppc64-crash.patch2017-03-09 
19:10:03.0 +0100
@@ -0,0 +1,29 @@
+From: Rich Felker 
+Subject: fix ld-behavior-dependent crash in ppc64 ldso startup
+Origin: upstream, 
http://git.musl-libc.org/cgit/musl/commit/?id=fc85fb38605a8bf341c367b8ab0d36edab2bdbfc
+Bug: http://www.openwall.com/lists/musl/2017/03/07/2
+Bug-Debian: https://bugs.debian.org/857078
+
+the 32-bit pc-relative address for stage 2 of dynamic linker entry was
+wrongly loaded with a zero-extending load instead of sign-extending
+load, resulting in an invalid jump if the offset happened to be
+negative, which depends on the linker's ordering of text sections.
+---
+ arch/powerpc64/reloc.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/powerpc64/reloc.h b/arch/powerpc64/reloc.h
+index e1bad00..faf70ac 100644
+--- a/arch/powerpc64/reloc.h
 b/arch/powerpc64/reloc.h
+@@ -27,6 +27,6 @@
+   "   bl 1f \n" \
+   "   .long " #sym "-. \n" \
+   "1: mflr %1 \n" \
+-  "   lwz %0, 0(%1) \n" \
++  "   lwa %0, 0(%1) \n" \
+   "   add %0, %0, %1 \n" \
+   : "=r"(*(fp)), "=r"((long){0}) : : "memory", "lr" )
+-- 
+cgit v0.11.2
+
diff -Nru musl-1.1.16/debian/patches/series musl-1.1.16/debian/patches/series
--- musl-1.1.16/debian/patches/series   2017-01-22 17:54:16.0 +0100
+++ musl-1.1.16/debian/patches/series   2017-03-09 19:08:03.0 +0100
@@ -1,2 +1,3 @@
 arm-object_arch.patch
 dpkg-gcc-specs.diff
+ppc64-crash.patch

Bug#856539: jessie-pu: package sitesummary/0.1.17+deb8u2

[Adam D. Barratt]

On Thu, 2017-03-02 at 09:50 +, Holger Levsen wrote:
> On Thu, Mar 02, 2017 at 09:12:34AM +0100, Petter Reinholdtsen wrote:
> > Usertags: pu
> > 
> > The sitesummary package in stable is affected by one RC bug causing all
> > clients to fail to submit data to the collector, and thus breaking the
> > service SiteSummary is supposed to provide (collect data about
> > machines).  The problem is triggered by the recent update of Apache.
> [...]
> > I would like to update the stable version of sitesummary to fix this
> > bug.  It affect Debian Edu, but also all other users of SiteSummary in
> > Jessie.  Are you OK with me uploading a package with this change?  How
> > quickly is it possible to get this change into Jessie?
> 
> (this would normally take severeal weeks or months, until the next jessie
> point release will happen, which AFAIK is not yet planned. IOW: date is 
> unknown.)
>  
> as this regression was introduced by DSA-3796, wouldnt it be appropriate to
> update sitesummary via jessie-security as well?

Have either of you asked the Security Team about that?

Regards,

Adam

Processed: Re: Bug#857041: jessie-pu: package vim/2:7.4.488-7+deb8u3

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + confirmed
Bug #857041 [release.debian.org] jessie-pu: package vim/2:7.4.488-7+deb8u3
Added tag(s) confirmed.

-- 
857041: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857041
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#857041: jessie-pu: package vim/2:7.4.488-7+deb8u3

[Adam D. Barratt]

Control: tags -1 + confirmed

On Tue, 2017-03-07 at 08:02 -0500, James McCoy wrote:
> This upload would fix two no-dsa CVEs (CVE-2017-6349, CVE-2017-6350) for
> Vim.  Debdiff attached.

Please go ahead.

Regards,

Adam

Processed: Re: Bug#856627: jessie-pu: package libdatetime-timezone-perl/1:1.75-2+2017a

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + confirmed
Bug #856627 [release.debian.org] jessie-pu: package 
libdatetime-timezone-perl/1:1.75-2+2017a
Added tag(s) confirmed.

-- 
856627: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856627
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#856627: jessie-pu: package libdatetime-timezone-perl/1:1.75-2+2017a

[Adam D. Barratt]

Control: tags -1 + confirmed

On Fri, 2017-03-03 at 01:10 +0100, gregor herrmann wrote:
> I've prepared an update for libdatetime-timezone-perl in jessie,
> adding a patch to update to Olson DB 2017a.
> 
> As usual, the patch only touches the perl data files; and in this
> case also t/15catalog.t (taken from upstream, including the mistake
> in the text output [0] :)) because this test needs to learn about a new
> timezone in Chile.
> 
> The changes in this tzdata release are:
> - Mongolia: no longer observes DST, starting on 2017-03-24
> - Chile has added a new zone America/Punta_Arenas, starting on 2017-05-13

Please go ahead.

Regards,

Adam

Re: Bug#857257: Re: Supporting configuration file changes between versions in unstable/testing

[Andreas Beckmann]

On 2017-03-09 18:00, Ian Jackson wrote:
> To be fair to Pirate, Andreas Beckmann suggested #856606 that if
> Pirate disagreed with Andreas, Pirate should go to the TC.

The disagreement between Pirate and me is not about the RC-ness of
#856606, but more about the general requirement of working upgrade paths.

This is my understanding of Pirate's point:

  "Package P hasn't been part of any stable release so far, therefore
   upgrades from earlier package versions don't have to be supported.
   So not having a working upgrade path from version 1.2-3 in testing
   to version 1.2-5 unstable is not a bug."

I didn't find anything in the policy about upgrade requirements ...
but I think there is a general agreement that direct upgrades must work
(and only skipping over stable releases is not supported).


Andreas

Processed: Re: Bug#857258: unblock: ifupdown2/1.0~git20170308-1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 moreinfo
Bug #857258 [release.debian.org] unblock: ifupdown2/1.0~git20170308-1
Added tag(s) moreinfo.

-- 
857258: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857258
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#857258: unblock: ifupdown2/1.0~git20170308-1

[Niels Thykier]

Control: tags -1 moreinfo

Julien Fortin:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package ifupdown2
> 
> Hi,
> 
> This release fixes a bug due to a localized string in a grep filter.
> 
> Following up on the comments received during last unblock request. I've added
> the LC_ALL directive to the pre,post inst and postrm files.
> 

Hi,

Sorry, this is unfortunately not what I expected and I suspect you
misunderstood my intention/request.


  * I had envisioned $(LC_ALL=C.UTF-8 dpkg-divert ...), which would
only overwrite the language exactly for the dpkg-divert
command/pipeline.
  * The proposed change fails to export the variable, so it is not going
to work except when LC_ALL is already exported (which is not the
case on all systems)
  * Also, overriding LC_ALL in the entire script completely overrules
the users locale preventing other messages in the users native
language.

Apologies for the misunderstanding and having to ask you for a third
attempt.

Thanks,
~Niels

Bug#857292: unblock: hugin/2016.2.0+dfsg-1

[Andreas Metzler]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package hugin, this fixes two issues:
* #822062, #855505: When a custom temp directory was sent in the
  preferences the hugin assistant failed when aligning pictures.
* Bumped version number. The tarball is *binary* *identical* with rc2.

thanks, cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
diff -Nru hugin-2016.2.0~rc2+dfsg/debian/changelog hugin-2016.2.0+dfsg/debian/changelog
--- hugin-2016.2.0~rc2+dfsg/debian/changelog	2016-09-11 13:40:11.0 +0200
+++ hugin-2016.2.0+dfsg/debian/changelog	2017-02-26 08:23:23.0 +0100
@@ -1,3 +1,14 @@
+hugin (2016.2.0+dfsg-1) unstable; urgency=medium
+
+  * rc2 released as 2016.2.0.
+  * Fix assissant align error with custom temporary directory
+50_67c64f0ca1c4_Fixes_a_type_of_format_string.diff
+  error.
+51_401823447b21_Fixes_running_assistant_with_user_defined_temp_directory.diff
+Closes: #822062, #855505
+
+ -- Andreas Metzler   Sun, 26 Feb 2017 08:23:23 +0100
+
 hugin (2016.2.0~rc2+dfsg-2) unstable; urgency=medium
 
   * Upload to unstable.
diff -Nru hugin-2016.2.0~rc2+dfsg/debian/patches/50_67c64f0ca1c4_Fixes_a_type_of_format_string.diff hugin-2016.2.0+dfsg/debian/patches/50_67c64f0ca1c4_Fixes_a_type_of_format_string.diff
--- hugin-2016.2.0~rc2+dfsg/debian/patches/50_67c64f0ca1c4_Fixes_a_type_of_format_string.diff	1970-01-01 01:00:00.0 +0100
+++ hugin-2016.2.0+dfsg/debian/patches/50_67c64f0ca1c4_Fixes_a_type_of_format_string.diff	2016-12-18 15:05:14.0 +0100
@@ -0,0 +1,20 @@
+# HG changeset patch
+# User tmodes
+# Date 1474121697 -7200
+#  Sat Sep 17 16:14:57 2016 +0200
+# Node ID 67c64f0ca1c45c991efa7b11e457cc5bc2c945c0
+# Parent  91b78c0c991f60744d71c9a4bd434c46cba4b444
+Fixes a type of format string
+
+diff -r 91b78c0c991f -r 67c64f0ca1c4 src/hugin1/hugin/MainFrame.cpp
+--- a/src/hugin1/hugin/MainFrame.cpp	Sat Sep 17 16:14:24 2016 +0200
 b/src/hugin1/hugin/MainFrame.cpp	Sat Sep 17 16:14:57 2016 +0200
+@@ -2162,7 +2162,7 @@
+ unsigned i2 = *(comps[1].begin());
+ ShowCtrlPointEditor( i1, i2);
+ // display message box with 
+-wxMessageBox(wxString::Format(_("Warning %d unconnected image groups found:"), comps.size()) + Components2Str(comps) + wxT("\n")
++wxMessageBox(wxString::Format(_("Warning %d unconnected image groups found:"), static_cast(comps.size())) + Components2Str(comps) + wxT("\n")
+ + _("Please create control points between unconnected images using the Control Points tab in the panorama editor.\n\nAfter adding the points, press the \"Align\" button again"),_("Error"), wxOK , mainWin);
+ return;
+ };
diff -Nru hugin-2016.2.0~rc2+dfsg/debian/patches/51_401823447b21_Fixes_running_assistant_with_user_defined_temp_directory.diff hugin-2016.2.0+dfsg/debian/patches/51_401823447b21_Fixes_running_assistant_with_user_defined_temp_directory.diff
--- hugin-2016.2.0~rc2+dfsg/debian/patches/51_401823447b21_Fixes_running_assistant_with_user_defined_temp_directory.diff	1970-01-01 01:00:00.0 +0100
+++ hugin-2016.2.0+dfsg/debian/patches/51_401823447b21_Fixes_running_assistant_with_user_defined_temp_directory.diff	2017-02-26 08:05:34.0 +0100
@@ -0,0 +1,20 @@
+# HG changeset patch
+# User tmodes
+# Date 1488046377 -3600
+#  Sat Feb 25 19:12:57 2017 +0100
+# Node ID 401823447b218b6d4778664fb6496deea6b03936
+# Parent  0fec458e26560958d657d14fd9a7a99b7f5c6c10
+Fixes running assistant with user defined temp directory [1666030]
+
+--- a/src/hugin1/base_wx/MyExternalCmdExecDialog.cpp
 b/src/hugin1/base_wx/MyExternalCmdExecDialog.cpp
+@@ -255,6 +255,9 @@ int MyExecPanel::ExecQueue(HuginQueue::C
+ #if wxCHECK_VERSION(3,0,0)
+ wxConfigBase* config = wxConfigBase::Get();
+ const long threads = config->Read(wxT("/output/NumberOfThreads"), 0l);
++// read all current environment variables
++wxGetEnvMap(_executeEnv.env);
++// now modify some variables before passing them to wxExecute
+ if (threads > 0)
+ {
+ wxString s;
diff -Nru hugin-2016.2.0~rc2+dfsg/debian/patches/series hugin-2016.2.0+dfsg/debian/patches/series
--- hugin-2016.2.0~rc2+dfsg/debian/patches/series	2016-07-16 07:03:27.0 +0200
+++ hugin-2016.2.0+dfsg/debian/patches/series	2017-02-26 08:00:14.0 +0100
@@ -1 +1,3 @@
 43_fallbackhelp.patch
+50_67c64f0ca1c4_Fixes_a_type_of_format_string.diff
+51_401823447b21_Fixes_running_assistant_with_user_defined_temp_directory.diff


signature.asc
Description: PGP signature

Bug#857257: Re: Supporting configuration file changes between versions in unstable/testing

[Ian Jackson]

Adam D. Barratt writes ("Bug#857257: Re: Supporting configuration file changes 
between versions in unstable/testing"):
> On 2017-03-09 9:41, Pirate Praveen wrote:
> > I request CTTE to declare this bug as not RC.
> 
> That's not something that the Technical Committee has a remit to do.
> 
> The determination as to whether a bug is release-critical is delegated 
> to the Release Team. So far as I can tell you haven't approached them to 
> discuss this, so you can't be asking the TC to override a decision by a 
> delegate either, as there hasn't explicitly been one.

To be fair to Pirate, Andreas Beckmann suggested #856606 that if
Pirate disagreed with Andreas, Pirate should go to the TC.

I don't think any of the Release Team have been asked yet.

Sadly, there isn't a "reportbug release.debian.org" category for
"please determine RCness of #".  So I am just emailing
debian-release@l.d.o on this mail.


To debian-release:

The question is whether #856606 is RC.

I think you will find the best summary of the arguments in this
message:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856606#37

Ian.

Re: Various unblock-udebs

[Cyril Brulebois]

Emilio Pozuelo Monfort  (2017-03-05):
> On 05/03/17 11:40, Cyril Brulebois wrote:
> > Emilio Pozuelo Monfort  (2017-03-05):
> >> # big debdiff, but the important stuff is in pango/, the rest are 
> >> autogenerated
> >> # docs and the windows build bits moving from build/win32/ to win32/
> >> # 20170301
> >> unblock pango1.0/1.40.4-1
> >> # : Confirm with d-i RM
> >> #unblock-udeb pango1.0/1.40.4-1
> > 
> > I'd like to give it a few test runs first. Will try to get that done
> > before monday.
> 
> Sure thing. BTW there's no rush in getting this into testing, so if
> that takes a bit longer that's alright.

ACK, I've taken some time accordingly.

Automated tests show it looks good for French & Japanese installations
with netboot/gtk/mini.iso, so no objections from me.


KiBi.


signature.asc
Description: Digital signature

Bug#857269: unblock: pybind11/2.0.1-3

[Ghislain Antony Vaillant]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package pybind11

The current packaging of pybind11 available in Stretch suffers an
important deficiency which was brought to me after the freeze dealine.

The -dev package does not ship its corresponding CMake packaging
configuration (#854502), which is a critical component to facilitate
the use of this library by external CMake projects.

I have rectified the problem in subsequent updates in unstable (2.0.1-2,
2.0.1-3). Please consider applying the debdiff between 2.0.1-1 and
2.0.1-3 attached below.

Cheers,
Ghis

unblock pybind11/2.0.1-3

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru pybind11-2.0.1/debian/changelog pybind11-2.0.1/debian/changelog
--- pybind11-2.0.1/debian/changelog 2017-01-07 17:36:51.0 +
+++ pybind11-2.0.1/debian/changelog 2017-02-26 20:43:11.0 +
@@ -1,3 +1,19 @@
+pybind11 (2.0.1-3) unstable; urgency=medium
+
+  * Run autopkgtests for all supported Python versions
+
+ -- Ghislain Antony Vaillant   Sat, 25 Feb 2017 12:11:08 
+
+
+pybind11 (2.0.1-2) unstable; urgency=medium
+
+  * Fix missing CMake package configuration in -dev package
+- New patch 0002-Arch-indep-CMake-package-configuration.patch
+- Install the missing CMake package configuration
+- Use CMake to build the autopkgtest example tests
+Thanks to Jason Rhinelander for reporting (Closes: #854502)
+
+ -- Ghislain Antony Vaillant   Thu, 23 Feb 2017 13:16:46 
+
+
 pybind11 (2.0.1-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru pybind11-2.0.1/debian/.git-dpm pybind11-2.0.1/debian/.git-dpm
--- pybind11-2.0.1/debian/.git-dpm  2017-01-07 17:36:51.0 +
+++ pybind11-2.0.1/debian/.git-dpm  2017-02-26 20:43:11.0 +
@@ -1,6 +1,6 @@
 # see git-dpm(1) from git-dpm package
-c2010fb61826c45bdd0ee6f36c17d7bf84d8daaf
-c2010fb61826c45bdd0ee6f36c17d7bf84d8daaf
+c91e0ad75aa42ff3252b14c90a9b77c2309a76be
+c91e0ad75aa42ff3252b14c90a9b77c2309a76be
 72d57df80676e2965c20128f76f00d4ae6fd696d
 72d57df80676e2965c20128f76f00d4ae6fd696d
 pybind11_2.0.1.orig.tar.gz
diff -Nru 
pybind11-2.0.1/debian/patches/0002-Arch-indep-CMake-package-configuration.patch 
pybind11-2.0.1/debian/patches/0002-Arch-indep-CMake-package-configuration.patch
--- 
pybind11-2.0.1/debian/patches/0002-Arch-indep-CMake-package-configuration.patch 
1970-01-01 01:00:00.0 +0100
+++ 
pybind11-2.0.1/debian/patches/0002-Arch-indep-CMake-package-configuration.patch 
2017-02-26 20:43:11.0 +
@@ -0,0 +1,26 @@
+From c91e0ad75aa42ff3252b14c90a9b77c2309a76be Mon Sep 17 00:00:00 2001
+From: Ghislain Antony Vaillant 
+Date: Tue, 7 Feb 2017 20:08:59 +
+Subject: Arch-indep CMake package configuration
+
+---
+ CMakeLists.txt | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 341f845..4757ea4 100644
+--- a/CMakeLists.txt
 b/CMakeLists.txt
+@@ -117,9 +117,12 @@ if (PYBIND11_INSTALL)
+   configure_package_config_file(tools/${PROJECT_NAME}Config.cmake.in
+ 
"${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Config.cmake"
+ INSTALL_DESTINATION 
${PYBIND11_CMAKECONFIG_INSTALL_DIR})
++  set(_PYBIND11_CMAKE_SIZEOF_VOID_P ${CMAKE_SIZEOF_VOID_P})
++  unset(CMAKE_SIZEOF_VOID_P)
+   
write_basic_package_version_file(${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}ConfigVersion.cmake
+VERSION ${${PROJECT_NAME}_VERSION}
+COMPATIBILITY AnyNewerVersion)
++  set(CMAKE_SIZEOF_VOID_P ${_PYBIND11_CMAKE_SIZEOF_VOID_P})
+   install(FILES ${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Config.cmake
+ ${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}ConfigVersion.cmake
+ tools/FindPythonLibsNew.cmake
diff -Nru pybind11-2.0.1/debian/patches/series 
pybind11-2.0.1/debian/patches/series
--- pybind11-2.0.1/debian/patches/series2017-01-07 17:36:51.0 
+
+++ pybind11-2.0.1/debian/patches/series2017-02-26 20:43:11.0 
+
@@ -1 +1,2 @@
 0001-Use-system-include-path.patch
+0002-Arch-indep-CMake-package-configuration.patch
diff -Nru pybind11-2.0.1/debian/pybind11-dev.install 
pybind11-2.0.1/debian/pybind11-dev.install
--- pybind11-2.0.1/debian/pybind11-dev.install  2017-01-07 17:36:51.0 
+
+++ pybind11-2.0.1/debian/pybind11-dev.install  2017-02-26 20:43:11.0 
+
@@ -1 +1,2 @@
-include/* usr/include
+usr/include
+usr/share/cmake usr/lib
diff -Nru 

Bug#857266: unblock: bottleneck/1.2.0-6

[Ghislain Antony Vaillant]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package bottleneck

The last upload of src:bottleneck which migrated to Stretch (1.2.0-4)
suffers regressions (including a segfault) with the latest release of
Numpy (1.12.x).

These were found later after the freeze deadline when I started
packaging src:python-xarray. Its test suite reveiled the regressions,
which were not caught by the upstream one. The regressions have now been
fixed after iterating with both upstream and Numpy.

I have cherry-picked the relevant fixes onto the packaging in unstable
(1.2.0-5, 1.2.0-6). Please consider applying the debdiff between 1.2.0-4
and 1.2.0-6 attached below.

Cheers,
Ghis

unblock bottleneck/1.2.0-6

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru bottleneck-1.2.0/debian/changelog bottleneck-1.2.0/debian/changelog
--- bottleneck-1.2.0/debian/changelog   2017-01-25 12:24:12.0 +
+++ bottleneck-1.2.0/debian/changelog   2017-02-26 13:58:26.0 +
@@ -1,3 +1,22 @@
+bottleneck (1.2.0-6) unstable; urgency=medium
+
+  * Cherry-pick upstream fix for segfaults happening while running the tests.
+New patch 0003-Fix-segfault-caused-by-bad-refcount.patch (Closes: #856141)
+  * Run autopkgtests for all supported Python versions
+
+ -- Ghislain Antony Vaillant   Sun, 26 Feb 2017 13:58:26 
+
+
+bottleneck (1.2.0-5) unstable; urgency=medium
+
+  [ Ghislain Antony Vaillant ]
+  * Cherry-pick upstream fix for Numpy 1.12
+- New patch 0002-Fix-issue-with-relaxed-strides.patch
+
+  [ Pietro Battiston ]
+  * Added Ghislain Antony Vaillant as Uploader
+
+ -- Pietro Battiston   Tue, 31 Jan 2017 13:49:00 +0100
+
 bottleneck (1.2.0-4) unstable; urgency=medium
 
   [ Ghislain Antony Vaillant ]
diff -Nru bottleneck-1.2.0/debian/control bottleneck-1.2.0/debian/control
--- bottleneck-1.2.0/debian/control 2017-01-19 20:30:29.0 +
+++ bottleneck-1.2.0/debian/control 2017-02-07 07:39:59.0 +
@@ -1,5 +1,6 @@
 Source: bottleneck
 Maintainer: Pietro Battiston 
+Uploaders: Ghislain Antony Vaillant 
 Section: python
 Priority: optional
 Build-Depends: dh-python, python-setuptools (>= 0.6b3), python3-setuptools,
diff -Nru 
bottleneck-1.2.0/debian/patches/0002-Fix-issue-with-relaxed-strides.patch 
bottleneck-1.2.0/debian/patches/0002-Fix-issue-with-relaxed-strides.patch
--- bottleneck-1.2.0/debian/patches/0002-Fix-issue-with-relaxed-strides.patch   
1970-01-01 01:00:00.0 +0100
+++ bottleneck-1.2.0/debian/patches/0002-Fix-issue-with-relaxed-strides.patch   
2017-02-07 07:39:59.0 +
@@ -0,0 +1,43 @@
+From: Keith Goodman 
+Date: Sun, 29 Jan 2017 07:19:35 -0800
+Subject: Fix issue with relaxed strides
+
+---
+ bottleneck/src/iterators.h | 6 --
+ bottleneck/tests/util.py   | 1 +
+ 2 files changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/bottleneck/src/iterators.h b/bottleneck/src/iterators.h
+index 3ac68cb..5bb88d6 100644
+--- a/bottleneck/src/iterators.h
 b/bottleneck/src/iterators.h
+@@ -81,13 +81,15 @@ init_iter_all(iter *it, PyArrayObject *a, int ravel, int 
anyorder)
+ it->length = 1;
+ it->astride = 0;
+ }
+-else if (C_CONTIGUOUS(a)) {
++/* The &&! in the next two else ifs is to deal with relaxed
++ * stride checking introduced in numpy 1.12.0; see gh #161 */
++else if (C_CONTIGUOUS(a) && !F_CONTIGUOUS(a)) {
+ it->ndim_m2 = -1;
+ it->axis = ndim - 1;
+ it->length = PyArray_SIZE(a);
+ it->astride = strides[ndim - 1];
+ }
+-else if (F_CONTIGUOUS(a)) {
++else if (F_CONTIGUOUS(a) && !C_CONTIGUOUS(a)) {
+ if (anyorder || !ravel) {
+ it->ndim_m2 = -1;
+ it->length = PyArray_SIZE(a);
+diff --git a/bottleneck/tests/util.py b/bottleneck/tests/util.py
+index 7f1f2a7..15e4238 100644
+--- a/bottleneck/tests/util.py
 b/bottleneck/tests/util.py
+@@ -155,6 +155,7 @@ def array_generator(func_name, dtypes):
+ yield a.reshape(shape)
+ 
+ # non-contiguous arrays
++yield np.array([[1, 2], [3, 4]])[:, [1]]  # gh 161
+ for dtype in dtypes:
+ # 1d
+ a = np.arange(12).astype(dtype)
diff -Nru 
bottleneck-1.2.0/debian/patches/0003-Fix-segfaults-caused-by-bad-refcount.patch 
bottleneck-1.2.0/debian/patches/0003-Fix-segfaults-caused-by-bad-refcount.patch
--- 
bottleneck-1.2.0/debian/patches/0003-Fix-segfaults-caused-by-bad-refcount.patch 
1970-01-01 01:00:00.0 +0100
+++ 

Bug#857258: unblock: ifupdown2/1.0~git20170308-1

[Julien Fortin]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package ifupdown2

Hi,

This release fixes a bug due to a localized string in a grep filter.

Following up on the comments received during last unblock request. I've added
the LC_ALL directive to the pre,post inst and postrm files.

diff -Nru ifupdown2-1.0~git20170223/debian/changelog 
ifupdown2-1.0~git20170308/debian/changelog
--- ifupdown2-1.0~git20170223/debian/changelog  2017-02-23 11:24:37.0 
+0100
+++ ifupdown2-1.0~git20170308/debian/changelog  2017-03-08 18:39:02.0 
+0100
@@ -1,3 +1,15 @@
+ifupdown2 (1.0~git20170308-1) unstable; urgency=medium
+
+  * debian: add LC_ALL=C.UTF-8 directive in prestinst, postinst, postrm files
+
+ -- Julien Fortin   Wed, 08 Mar 2017 18:39:02 +0100
+
+ifupdown2 (1.0~git20170307-1) unstable; urgency=medium
+
+  * preinst: remove english word from grep filter (closes: #856970)
+
+ -- Julien Fortin   Tue, 07 Mar 2017 11:24:37 +0100
+
 ifupdown2 (1.0~git20170223-1) unstable; urgency=medium
 
   * drop the dependency to pkg_resources, hardcode version number (closes: 
#855401)
diff -Nru ifupdown2-1.0~git20170223/debian/ifupdown2.postinst 
ifupdown2-1.0~git20170308/debian/ifupdown2.postinst
--- ifupdown2-1.0~git20170223/debian/ifupdown2.postinst 2017-02-23 
11:24:37.0 +0100
+++ ifupdown2-1.0~git20170308/debian/ifupdown2.postinst 2017-03-08 
18:39:02.0 +0100
@@ -5,6 +5,8 @@
 
 set -e
 
+LC_ALL=C.UTF-8
+
 # summary of how this script can be called:
 #*  `configure' 
 #*  `abort-upgrade' 
diff -Nru ifupdown2-1.0~git20170223/debian/ifupdown2.postrm 
ifupdown2-1.0~git20170308/debian/ifupdown2.postrm
--- ifupdown2-1.0~git20170223/debian/ifupdown2.postrm   2017-02-23 
11:24:37.0 +0100
+++ ifupdown2-1.0~git20170308/debian/ifupdown2.postrm   2017-03-08 
18:39:02.0 +0100
@@ -5,6 +5,8 @@
 
 set -e
 
+LC_ALL=C.UTF-8
+
 # summary of how this script can be called:
 #*  `remove'
 #*  `purge'
diff -Nru ifupdown2-1.0~git20170223/debian/ifupdown2.preinst 
ifupdown2-1.0~git20170308/debian/ifupdown2.preinst
--- ifupdown2-1.0~git20170223/debian/ifupdown2.preinst  2017-02-23 
11:24:37.0 +0100
+++ ifupdown2-1.0~git20170308/debian/ifupdown2.preinst  2017-03-08 
18:39:02.0 +0100
@@ -2,12 +2,14 @@
 
 MYNAME="${0##*/}"
 
+LC_ALL=C.UTF-8
+
 report() { echo "${MYNAME}: $*" ; }
 report_err() { report "Error: $*" >&2 ; exit 1; }
 
 preinst_divert()
 {
-diversions=$(dpkg-divert --list | grep "$1" | grep -v 'by ifupdown2$'  | 
wc -l 2> /dev/null)
+diversions=$(dpkg-divert --list | grep "$1" | grep -v 'ifupdown2$'  | wc 
-l 2> /dev/null)
 if [ "$diversions" -gt 0 ];
 then
 report_err "existing diversion for $1"
diff -Nru ifupdown2-1.0~git20170223/sbin/ifupdown2 
ifupdown2-1.0~git20170308/sbin/ifupdown2
--- ifupdown2-1.0~git20170223/sbin/ifupdown22017-02-23 11:32:43.0 
+0100
+++ ifupdown2-1.0~git20170308/sbin/ifupdown22017-03-08 19:07:19.0 
+0100
@@ -18,7 +18,7 @@
 from ifupdown.ifupdownmain import *
 from ifupdown.utils import *
 
-IFUPDOWN2_VERSION = '1.1-cl3u9'
+IFUPDOWN2_VERSION = '20170308'
 
 lockfile="/run/network/.lock"
 configfile="/etc/network/ifupdown2/ifupdown2.conf"

unblock ifupdown2/1.0~git20170308-1

-- System Information:
Debian Release: 9.0
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Processed: Re: Processed (with 1 error): Re: Bug#857119: unblock: wireshark/2.2.5+g440fd4d-2

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 857119 moreinfo
Bug #857119 [release.debian.org] unblock: wireshark/2.2.5+g440fd4d-2
Added tag(s) moreinfo.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
857119: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857119
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed (with 1 error): Re: Bug#857119: unblock: wireshark/2.2.5+g440fd4d-2

[Debian Bug Tracking System]

Processing control commands:

> tags -1 confirmed moreninfo
Unknown tag/s: moreninfo.
Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid 
help security upstream pending sarge sarge-ignore experimental d-i confirmed 
ipv6 lfs fixed-in-experimental fixed-upstream l10n newcomer etch etch-ignore 
lenny lenny-ignore squeeze squeeze-ignore wheezy wheezy-ignore jessie 
jessie-ignore stretch stretch-ignore buster buster-ignore bullseye 
bullseye-ignore.

Bug #857119 [release.debian.org] unblock: wireshark/2.2.5+g440fd4d-2
Added tag(s) confirmed.

-- 
857119: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857119
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#857119: unblock: wireshark/2.2.5+g440fd4d-2

[Emilio Pozuelo Monfort]

Control: tags -1 confirmed moreninfo

On 08/03/17 09:52, Balint Reczey wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> Tags: patch
> 
> Dear Release Team,
> 
> I have prepared wireshark 2.2.5+g440fd4d-1 in experimental which fixes
> 9 vulnerabilities and other bugs which are not listed here, just on
> the release notes link.
> 
> Changes:
>  wireshark (2.2.5+g440fd4d-1) experimental; urgency=medium
>  .
>* New upstream release
>  - release notes:
>https://www.wireshark.org/docs/relnotes/wireshark-2.2.5.html
>  - security fixes:
>- The STANAG 4607 file parser could go into an infinite loop
>  (CVE-2017-6014)
>- The NetScaler file parser could go into an infinite loop
>  (CVE-2017-6467)
>- The NetScaler file parser could crash (CVE-2017-6468)
>- The LDSS dissector could crash (CVE-2017-6469)
>- The IAX2 dissector could go into an infinite loop
>  (CVE-2017-6470)
>- The WSP dissector could go into an infinite loop (CVE-2017-6471)
>- The RTMTP dissector could go into an infinite loop
>  (CVE-2017-6472)
>- The K12 file parser could crash (CVE-2017-6473)
>- The NetScaler file parser could go into an infinite loop
>  (CVE-2017-6474)
>* Update symbols file for libwireshark8
> 
> I believe wireshark point releases very rarely cause regressions due
> to the heavy testing performed upstream and I think it would be safe
> to upload this point release to unstable and let it migrate to
> testing.
> 
> If you wouldn't like to accept the full point release to Stretch I
> will happily backport the security fixes to 2.2.4 and upload that to
> unstable.

Please go ahead with 2.2.5, and remove the moreinfo tag once it is accepted and
built on all release architectures.

Cheers,
Emilio

Bug#857251: marked as done (unblock: acorn/4.0.4-2)

[Debian Bug Tracking System]

Your message dated Thu, 09 Mar 2017 08:24:47 +
with message-id 
and subject line unblock acorn
has caused the Debian Bug report #857251,
regarding unblock: acorn/4.0.4-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
857251: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857251
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: important
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package acorn, to fix bug #850506 ; in summary: the
4.0.4-1 package FTBFS on some computers (and not on others) ; this new
4.0.4-2 has a trivial fix. You'll find the very short debdiff in post
scriptum.

Thanks,

unblock acorn/4.0.4-2


PS: debdiff between 4.0.4-1 and 4.0.4-2:

diff -Nru acorn-4.0.4/debian/changelog acorn-4.0.4/debian/changelog
--- acorn-4.0.4/debian/changelog2017-01-11 10:42:32.0 +0100
+++ acorn-4.0.4/debian/changelog2017-03-09 07:17:56.0 +0100
@@ -1,3 +1,9 @@
+acorn (4.0.4-2) unstable; urgency=medium
+
+  * Add explicit rule to force compilation ordering (Closes: #850506)
+
+ -- Julien Puydt   Thu, 09 Mar 2017 07:17:56
+0100
+
 acorn (4.0.4-1) unstable; urgency=medium

   * New upstream release.
diff -Nru acorn-4.0.4/debian/rules acorn-4.0.4/debian/rules
--- acorn-4.0.4/debian/rules2017-01-11 10:42:32.0 +0100
+++ acorn-4.0.4/debian/rules2017-03-09 07:17:56.0 +0100
@@ -32,6 +32,8 @@
mkdir -p dist/walk
ln -s dist/index.js acorn.js

+dist/bin/acorn.js: dist/index.js
+
 %.js:
$(COMPILE_MODULES) $(subst dist, src, $@) > $@
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---