Bug#891277: stretch-pu: package debian-edu-config/1.929+deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi, please consider accepting the following changes to debian-edu-config into Debian stretch. + [ Wolfgang Schweer ] + * Rewrite wpad-extract tool to be independent from KDE related files. +(Closes: #29). -> Fix http proxy environment settings derived from WPAD. In Debian Edu, WPAD is used to configure browsers for internet access through a web proxy. Services that can't use WPAD directly, but rely on http_proxy, https_proxy and ftp_proxy env vars (os some such) get configured through the update-proxy-from-wpad script which relies on the currently broken wpad-extract script. + * Adjust Samba configuration. Allow joining of Windows 10 clients to the +Samba NT4-style domain. (Closes: #864663). -> Config change to support Windows 10 clients by the Debian Edu main server (aka TJENER).. + [ Mike Gabriel ] + * debian/control: Drop libproxy-tools, add libpacparser1. (as part of +fixing #29). Part of the wpad-extract rewrite. + * Chromium: Pre-configure Chromium Webbrowser system-wide to auto-detect the +http proxy settings via WPAD (plus locking the proxy settings dialog for +users). (Closes: #891262). Lock down Chromium proxy settings by providing a system wide setting. This is important to Debian Edu workstations that have chromium installed. In Debian Edu environments, it is crucial to have control over the browser's proxy settings and override them by system defaults and don't allow the user to tinker with them. Thanks a lot for taking a look at this stretch-pu, Mike (on behalf of the Debian Edu team) -- System Information: Debian Release: 9.3 APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) diff -Nru debian-edu-config-1.929/debian/changelog debian-edu-config-1.929+deb9u1/debian/changelog --- debian-edu-config-1.929/debian/changelog2017-05-31 21:21:14.0 +0200 +++ debian-edu-config-1.929+deb9u1/debian/changelog 2018-02-23 23:11:10.0 +0100 @@ -1,3 +1,20 @@ +debian-edu-config (1.929+deb9u1) stretch; urgency=medium + + [ Wolfgang Schweer ] + * Rewrite wpad-extract tool to be independent from KDE related files. +(Closes: #29). + * Adjust Samba configuration. Allow joining of Windows 10 clients to the +Samba NT4-style domain. (Closes: #864663). + + [ Mike Gabriel ] + * debian/control: Drop libproxy-tools, add libpacparser1. (as part of +fixing #29). + * Chromium: Pre-configure Chromium Webbrowser system-wide to auto-detect the +http proxy settings via WPAD (plus locking the proxy settings dialog for +users). (Closes: #891262). + + -- Mike Gabriel Fri, 23 Feb 2018 23:11:10 +0100 + debian-edu-config (1.929) unstable; urgency=medium [ Wolfgang Schweer ] diff -Nru debian-edu-config-1.929/debian/control debian-edu-config-1.929+deb9u1/debian/control --- debian-edu-config-1.929/debian/control 2017-05-31 21:21:14.0 +0200 +++ debian-edu-config-1.929+deb9u1/debian/control 2018-02-23 23:11:10.0 +0100 @@ -34,8 +34,8 @@ libio-socket-ssl-perl, libnet-ldap-perl, libnet-netmask-perl, + libpacparser1, libpam-python, - libproxy-tools, libproxy1-plugin-kconfig, libproxy1-plugin-mozjs, libproxy1-plugin-networkmanager, diff -Nru debian-edu-config-1.929/etc/chromium/policies/managed/chromium-networked-prefs debian-edu-config-1.929+deb9u1/etc/chromium/policies/managed/chromium-networked-prefs --- debian-edu-config-1.929/etc/chromium/policies/managed/chromium-networked-prefs 1970-01-01 01:00:00.0 +0100 +++ debian-edu-config-1.929+deb9u1/etc/chromium/policies/managed/chromium-networked-prefs 2018-02-23 23:11:10.0 +0100 @@ -0,0 +1,3 @@ +{ +"ProxyMode": "auto_detect", +} diff -Nru debian-edu-config-1.929/etc/samba/smb-debian-edu.conf debian-edu-config-1.929+deb9u1/etc/samba/smb-debian-edu.conf --- debian-edu-config-1.929/etc/samba/smb-debian-edu.conf 2017-05-31 21:21:14.0 +0200 +++ debian-edu-config-1.929+deb9u1/etc/samba/smb-debian-edu.conf 2018-02-23 23:11:10.0 +0100 @@ -32,6 +32,7 @@ # configure as NT4-style PDC server role = classic primary domain controller + server max protocol = NT1 acl allow execute always = true # server string/NT Description field diff -Nru debian-edu-config-1.929/Makefile debian-edu-config-1.929+deb9u1/Makefile --- debian-edu-config-1.929/Makefile2017-05-31 21:21:14.0 +0200 +++ debian-edu-config-1.929+deb9u1/Makefile 2018-02-23 23:11:10.0 +0100 @@ -92,6 +92,7
Bug#888958: stretch-pu: package flatpak/0.8.9-0+deb9u1
On Fri, 23 Feb 2018 at 18:13:20 +, Adam D. Barratt wrote: > On Wed, 2018-01-31 at 15:41 +, Simon McVittie wrote: > > Alexander Larsson has released an update to the Flatpak 0.8.x branch, > > fixing a sandbox bypass reported by Gabriel Campana of the Google > > security > > team. It also contains a couple of other backported fixes. I would > > like > > to include this in the next stretch point release; I have a tested > > build > > ready for upload. > > Please go ahead. Thanks, uploaded. smcv
NEW changes in oldstable-new
Processing changes file: postgresql-9.4_9.4.16-0+deb8u1_mipsel.changes ACCEPT
Bug#889983: stretch-pu: package glade/3.20.0-2+deb9u1
On Fri, Feb 23, 2018 at 05:36:38PM +, Adam D. Barratt wrote: > On Fri, 2018-02-09 at 18:12 +0100, Sébastien Villemot wrote: > > I prepared a p-u for glade, fixing #859324 (basically glade eats a > > lot of CPU > > as soon as a non-trivial UI is created). > > > > Please go ahead. Thanks, uploaded. -- ⢀⣴⠾⠻⢶⣦⠀ Sébastien Villemot ⣾⠁⢠⠒⠀⣿⡁ Debian Developer ⢿⡄⠘⠷⠚⠋⠀ http://sebastien.villemot.name ⠈⠳⣄ http://www.debian.org signature.asc Description: PGP signature
NEW changes in oldstable-new
Processing changes file: postgresql-9.4_9.4.16-0+deb8u1_armel.changes ACCEPT Processing changes file: postgresql-9.4_9.4.16-0+deb8u1_armhf.changes ACCEPT Processing changes file: postgresql-9.4_9.4.16-0+deb8u1_mips.changes ACCEPT
Bug#888488: stretch-pu: package w3m/0.5.3-34+deb9u1
On February 23, 2018 at 4:46PM +, adam (at adam-barratt.org.uk) wrote: >> w3m (0.5.3-34+deb9u1) stretch; urgency=medium > Please go ahead. Uploaded. Thanks, -- Tatsuya Kinoshita pgpGVBYkhSgIp.pgp Description: PGP signature
NEW changes in oldstable-new
Processing changes file: postgresql-9.4_9.4.16-0+deb8u1_powerpc.changes ACCEPT
NEW changes in stable-new
Processing changes file: postgresql-9.6_9.6.7-0+deb9u1_ppc64el.changes ACCEPT
Bug#889317: stretch-pu: package directfb/1.2.10.0-8
On 2018-02-23 17:06:10, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sat, 2018-02-03 at 16:00 +0100, Sebastian Ramacher wrote: > > I'd like to provide a fix for #878324 for the next stable point > > release. The > > issue was fixed in unstable shortly after 1.2.10.0-8 was uploaded in > > -9. That > > fix came to late for stretch (or I forgot to ask for an unblock). > > > > The debdiff is: > > > > --- a/debian/changelog > > +++ b/debian/changelog > > @@ -1,3 +1,10 @@ > > +directfb (1.2.10.0-8+deb9u1) stretch; urgency=medium > > + > > + * debian/libdirectfb-1.2-9.install: Fix architecture-based filter > > to > > +actually install drivers. (Closes: #878324) > > > > Please go ahead. Thanks, uploaded. Cheers -- Sebastian Ramacher signature.asc Description: PGP signature
NEW changes in oldstable-new
Processing changes file: postgresql-9.4_9.4.16-0+deb8u1_arm64.changes ACCEPT Processing changes file: postgresql-9.4_9.4.16-0+deb8u1_i386.changes ACCEPT Processing changes file: postgresql-9.4_9.4.16-0+deb8u1_ppc64el.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: postgresql-9.4_9.4.16-0+deb8u1_s390x.changes ACCEPT
Bug#891142: stretch-pu: package cups/2.2.1-8+
Le vendredi, 23 février 2018, 18.50:52 h CET Adam D. Barratt a écrit : > > The proposed debdiff is attached; can I upload to stretch? > > Please go ahead. Uploaded. > > Do you need another bug for Jessie ? Done; #891251. Thanks for your time! Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Processed: Re: Bug#884571: RM: torbrowser-launcher/0.1.9-1+deb8u3
Processing control commands: > tags -1 + moreinfo Bug #884571 [release.debian.org] RM: torbrowser-launcher/0.1.9-1+deb8u3 Added tag(s) moreinfo. -- 884571: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884571 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#884571: RM: torbrowser-launcher/0.1.9-1+deb8u3
Control: tags -1 + moreinfo On Sun, 2017-12-17 at 15:46 +0900, Roger Shimizu wrote: > [ CC pkg-privacy-maintainers list for the record ] > > On Sun, Dec 17, 2017 at 1:59 PM, Roger Shimizu > wrote: [...] > > So please kindly help to remove torbrowser-launcher/0.1.9-1+deb8u3. > > Thank you! > > > > [0] https://bugs.debian.org/861744 > > [1] https://wiki.debian.org/TorBrowser#Debian_8_.22Jessie.22 We can't: Checking reverse dependencies... # Broken Depends: onionshare/contrib: onionshare Dependency problem found. Regards, Adam
Bug#890470: stretch-pu: package systemd/232-25+deb9u1
Am 23.02.2018 um 19:19 schrieb Adam D. Barratt: > Thanks. Please feel free to upload. Uploaded. Regards, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#891251: jessie-pu: package cups/1.7.5-11+deb8u3
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu (Mirroring #891142 for stretch): CUPS is affected by CVE-2017-18190: remote attackers could execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. This was caused by a whitelisted "localhost.localdomain" entry. According to the Security Team it doesn't warrant a DSA, but still makes sense to be addressed on Jessie (and Stretch). It was fixed independently on wheezy already. The proposed debdiff is attached; can I upload to jessie? diff -Nru cups-1.7.5/debian/changelog cups-1.7.5/debian/changelog --- cups-1.7.5/debian/changelog 2017-07-21 14:44:00.0 +0200 +++ cups-1.7.5/debian/changelog 2018-02-23 19:34:51.0 +0100 @@ -1,3 +1,12 @@ +cups (1.7.5-11+deb8u3) jessie; urgency=low + + * CVE-2017-18190: Prevent an issue where remote attackers could execute +arbitrary IPP commands by sending POST requests to the CUPS daemon in +conjunction with DNS rebinding. This was caused by a whitelisted +"localhost.localdomain" entry. + + -- Didier Raboud Fri, 23 Feb 2018 19:34:51 +0100 + cups (1.7.5-11+deb8u2) jessie; urgency=high * Disable SSLv3 and RC4 by default to address POODLE vulnerability diff -Nru cups-1.7.5/debian/patches/CVE-2017-18190-Dont-treat-localhost.localdomain-as-replacement-for-localhost.patch cups-1.7.5/debian/patches/CVE-2017-18190-Dont-treat-localhost.localdomain-as-replacement-for-localhost.patch --- cups-1.7.5/debian/patches/CVE-2017-18190-Dont-treat-localhost.localdomain-as-replacement-for-localhost.patch 1970-01-01 01:00:00.0 +0100 +++ cups-1.7.5/debian/patches/CVE-2017-18190-Dont-treat-localhost.localdomain-as-replacement-for-localhost.patch 2018-02-23 19:34:51.0 +0100 @@ -0,0 +1,23 @@ +From afa80cb2b457bf8d64f775bed307588610476c41 Mon Sep 17 00:00:00 2001 +From: Michael R Sweet +Date: Tue, 3 Jan 2017 13:52:47 -0500 +Subject: [PATCH] Don't treat "localhost.localdomain" as an allowed replacement + for localhost, since it isn't. + +Fixes: CVE-2017-18190 +--- + scheduler/client.c | 3 --- + 1 file changed, 3 deletions(-) + +--- a/scheduler/client.c b/scheduler/client.c +@@ -4220,9 +4220,6 @@ + + return (!_cups_strcasecmp(con->clientname, "localhost") || + !_cups_strcasecmp(con->clientname, "localhost.") || +-#ifdef __linux +- !_cups_strcasecmp(con->clientname, "localhost.localdomain") || +-#endif /* __linux */ + !strcmp(con->clientname, "127.0.0.1") || + !strcmp(con->clientname, "[::1]")); + } diff -Nru cups-1.7.5/debian/patches/series cups-1.7.5/debian/patches/series --- cups-1.7.5/debian/patches/series2017-07-21 13:32:05.0 +0200 +++ cups-1.7.5/debian/patches/series2018-02-23 19:34:51.0 +0100 @@ -66,3 +66,4 @@ # po4a might not be appropriate. It also needs to be high on the patch # queue to catch all Debian-specific changes manpage-translations.patch +CVE-2017-18190-Dont-treat-localhost.localdomain-as-replacement-for-localhost.patch
Bug#889001: stretch-pu: package publicsuffix/20180125.0922-0+deb9u1
On Fri 2018-02-23 17:00:41 +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Wed, 2018-01-31 at 23:21 -0500, d...@fifthhorseman.net wrote: >> Please consider an update to publicsuffix in debian stretch. >> >> This package reflects the state of the network, and keeping it >> current >> is useful for all the packages that depend on it. > > Please go ahead. Since i filed this bug report, there are a handful of additional changes made upstream, as reflected in publicsuffix 20180218.2049-1 since 20180125.0922-1: --- a/public_suffix_list.dat +++ b/public_suffix_list.dat @@ -10891,6 +10891,7 @@ virtueeldomein.nl // Cloud66 : https://www.cloud66.com/ // Submitted by Khash Sajadi c66.me +cloud66.ws // CloudAccess.net : https://www.cloudaccess.net/ // Submitted by Pawel Panek @@ -11786,6 +11787,11 @@ git-repos.de lcube-server.de svn-repos.de +// linkyard ldt: https://www.linkyard.ch/ +// Submitted by Mario Siegenthaler +linkyard.cloud +linkyard-cloud.ch + // LiquidNet Ltd : http://www.liquidnetlimited.com/ // Submitted by Victor Velchev we.bs @@ -12136,6 +12142,10 @@ sandcats.io logoip.de logoip.com +// schokokeks.org GbR : https://schokokeks.org/ +// Submitted by Hanno Böck +schokokeks.net + // Scry Security : http://www.scrysec.com // Submitted by Shante Adam scrysec.com @@ -12316,6 +12326,10 @@ inc.hk // Submitted by Ed Moore lib.de.us +// VeryPositive SIA : http://very.lv +// Submitted by Danko Aleksejevs +2038.io + // Viprinet Europe GmbH : http://www.viprinet.com // Submitted by Simon Kissel router.management @@ -12344,6 +12358,10 @@ cistron.nl demon.nl xs4all.space +// YesCourse Pty Ltd : https://yescourse.com +// Submitted by Atul Bhouraskar +official.academy + // Yola : https://www.yola.com/ // Submitted by Stefano Rivera yolasite.com Would it be OK to retitle this bug report as: stretch-pu: package publicsuffix/20180218.2049-0+deb9u1 or should i go ahead with the 20180125.0922 upload to stretch and then immediately open another report? --dkg signature.asc Description: PGP signature
Processed: tagging 884571
Processing commands for cont...@bugs.debian.org: > tags 884571 + jessie Bug #884571 [release.debian.org] RM: torbrowser-launcher/0.1.9-1+deb8u3 Added tag(s) jessie. > thanks Stopping processing here. Please contact me if you need assistance. -- 884571: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884571 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#890470: stretch-pu: package systemd/232-25+deb9u1
Processing control commands: > tags -1 -moreinfo +confirmed Bug #890470 [release.debian.org] stretch-pu: package systemd/232-25+deb9u2 Removed tag(s) moreinfo. Bug #890470 [release.debian.org] stretch-pu: package systemd/232-25+deb9u2 Added tag(s) confirmed. -- 890470: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890470 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#890470: stretch-pu: package systemd/232-25+deb9u1
Control: tags -1 -moreinfo +confirmed On Fri, 2018-02-23 at 19:09 +0100, Michael Biebl wrote: > Hi Adam > > Am 23.02.2018 um 18:41 schrieb Adam D. Barratt: > > Control: tags -1 + moreinfo > > > > On Thu, 2018-02-15 at 01:19 +0100, Michael Biebl wrote: > > > I'd like to make a stable upload for systemd fixing a couple of > > > issues. > > > > > > An annotated changelog follows. > > > Full debdiff is attached. > > > > In fact, it wasn't. > > Indeed, sorry for that. > > > The individual patches look OK, but I'd like to see the full > > debdiff > > before confirming, please. > > Attached, this time for real... > Thanks. Please feel free to upload. Regards, Adam
Bug#887999: stretch-pu: package libhibernate-validator-java/4.3.3-1
Am 23.02.2018 um 17:44 schrieb Adam D. Barratt: > Control: tags -1 + confirmed > > On Mon, 2018-01-22 at 15:01 +0100, Markus Koschany wrote: >> I would like to fix CVE-2017-7536 in libhibernate-validator-java. The >> issue is no-dsa but still worth fixing. >> > > Please go ahead. > > Regards, > > Adam Uploaded. Thank you! Markus signature.asc Description: OpenPGP digital signature
Bug#890470: stretch-pu: package systemd/232-25+deb9u1
Hi Adam Am 23.02.2018 um 18:41 schrieb Adam D. Barratt: > Control: tags -1 + moreinfo > > On Thu, 2018-02-15 at 01:19 +0100, Michael Biebl wrote: >> I'd like to make a stable upload for systemd fixing a couple of >> issues. >> >> An annotated changelog follows. >> Full debdiff is attached. > > In fact, it wasn't. Indeed, sorry for that. > The individual patches look OK, but I'd like to see the full debdiff > before confirming, please. Attached, this time for real... Regards, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? diff --git a/debian/changelog b/debian/changelog index fe1e79f..e7b7ff1 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,19 @@ +systemd (232-25+deb9u2) stretch; urgency=medium + + * networkd: Handle MTU field in IPv6 RA (Closes: #878162) + * shared: Add a linker script so that all functions are tagged @SD_SHARED +instead of @Base. +This helps prevent symbol collisions with other programs and libraries. +In particular, because PAM modules are loaded into the process that is +creating the session, and systemd creates PAM sessions, the potential +for collisions is high. (Closes: #873708) + * resolved: Fix loop on packets with pseudo dns types. +CVE-2017-15908 (Closes: #880026) + * machinectl: Don't output "No machines." with --no-legend option +(Closes: #880158) + + -- Michael Biebl Sun, 03 Dec 2017 15:03:50 +0100 + systemd (232-25+deb9u1) stretch; urgency=medium [ Dimitri John Ledkov ] diff --git a/debian/patches/machinectl-don-t-output-No-machines.-with-no-legend-optio.patch b/debian/patches/machinectl-don-t-output-No-machines.-with-no-legend-optio.patch new file mode 100644 index 000..b8bdf66 --- /dev/null +++ b/debian/patches/machinectl-don-t-output-No-machines.-with-no-legend-optio.patch @@ -0,0 +1,65 @@ +From: =?utf-8?q?Viktar_Va=C5=AD=C4=8Dkievi=C4=8D?= +Date: Sun, 6 Nov 2016 17:19:57 +0300 +Subject: machinectl: don't output "No machines." with --no-legend option + (#4593) + +(cherry picked from commit f9b1947f9b9bcdf2b28953a40b1c537038c2a958) +--- + src/machine/machinectl.c | 30 ++ + 1 file changed, 18 insertions(+), 12 deletions(-) + +diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c +index c2ab202..5b2e18c 100644 +--- a/src/machine/machinectl.c b/src/machine/machinectl.c +@@ -325,10 +325,12 @@ static int list_machines(int argc, char *argv[], void *userdata) { + printf("-\n"); + } + +-if (arg_legend && n_machines > 0) +-printf("\n%zu machines listed.\n", n_machines); +-else +-printf("No machines.\n"); ++if (arg_legend) { ++if (n_machines > 0) ++printf("\n%zu machines listed.\n", n_machines); ++else ++printf("No machines.\n"); ++} + + out: + clean_machine_info(machines, n_machines); +@@ -458,10 +460,12 @@ static int list_images(int argc, char *argv[], void *userdata) { +(int) max_mtime, strna(format_timestamp(mtime_buf, sizeof(mtime_buf), images[j].mtime))); + } + +-if (arg_legend && n_images > 0) +-printf("\n%zu images listed.\n", n_images); +-else +-printf("No images.\n"); ++if (arg_legend) { ++if (n_images > 0) ++printf("\n%zu images listed.\n", n_images); ++else ++printf("No images.\n"); ++} + + return 0; + } +@@ -2484,10 +2488,12 @@ static int list_transfers(int argc, char *argv[], void *userdata) { +(int) max_local, transfers[j].local, +(int) max_remote, transfers[j].remote); + +-if (arg_legend && n_transfers > 0) +-printf("\n%zu transfers listed.\n", n_transfers); +-else +-printf("No transfers.\n"); ++if (arg_legend) { ++if (n_transfers > 0) ++printf("\n%zu transfers listed.\n", n_transfers); ++else ++printf("No transfers.\n"); ++} + + return 0; + } diff --git a/debian/patches/networkd-handle-MTU-field-in-IPv6-RA-4719.patch b/debian/patches/networkd-handle-MTU-field-in-IPv6-RA-4719.patch new file mode 100644 index 000..f8fc7f1 --- /dev/null +++ b/debian/patches/networkd-handle-MTU-field-in-IPv6-RA-4719.patch @@ -0,0 +1,131 @@ +From: Susant Sahani +Date: Thu, 24 Nov 2016 03:02:19 +0530 +Subject: networkd: handle MTU field in IPv6 RA (#4719) + +This patch handles the custom MTU field in IPv6 RA. + +fixes RFE #4464 + +(cherry picked from commit d6fceaf1f7ff765bdc3b135f3d3676ec689da312) +--- + src/libsystemd/sd-netlink/netlink-types.c | 27 --- + src/network/networkd-ndisc.c | 8
Bug#888788: Bug#891221: stretch's lxc fails to create sid container: iproute not found
On Fri, 2018-02-23 at 14:16 -0300, Antonio Terceiro wrote: > Control: tags 891221 + confirmed > Control: block 891221 by 888788 > > On Fri, Feb 23, 2018 at 02:12:37PM +, Santiago wrote: [...] > > Changing iproute for iproute2 in /usr/share/lxc/templates/lxc- > > debian > > solves the issue. > > Yes. > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888788 > > Stable RMs, please review the proposed update to lxc on stretch. It was acked about 15 minutes before your mail. :-) Regards, Adam
NEW changes in stable-new
Processing changes file: postgresql-9.6_9.6.7-0+deb9u1_mipsel.changes ACCEPT
Bug#888958: stretch-pu: package flatpak/0.8.9-0+deb9u1
Control: tags -1 + confirmed On Wed, 2018-01-31 at 15:41 +, Simon McVittie wrote: > Alexander Larsson has released an update to the Flatpak 0.8.x branch, > fixing a sandbox bypass reported by Gabriel Campana of the Google > security > team. It also contains a couple of other backported fixes. I would > like > to include this in the next stretch point release; I have a tested > build > ready for upload. > Please go ahead. Regards, Adam
Bug#890105: stretch-pu: package uwsgi/2.0.14+20161117-3+deb9u1
Hi Adam, On Fri, Feb 23, 2018 at 05:38:15PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sun, 2018-02-11 at 11:10 +0100, Salvatore Bonaccorso wrote: > > +uwsgi (2.0.14+20161117-3+deb9u1) stretch; urgency=medium > > + > > + * Non-maintainer upload. > > + * Stack-based buffer overflow in uwsgi_expand_path function (CVE- > > 2018-6758) > > +(Closes: #889753) > > > > Please go ahead. Thanks a lot, I have uploaded the package. Regards, Salvatore
Processed: Re: Bug#888958: stretch-pu: package flatpak/0.8.9-0+deb9u1
Processing control commands: > tags -1 + confirmed Bug #888958 [release.debian.org] stretch-pu: package flatpak/0.8.9-0+deb9u1 Added tag(s) confirmed. -- 888958: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888958 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#888239: stretch-pu: package nvidia-graphics-drivers-legacy-340xx/340.106-1~deb9u1
Control: tags -1 + confirmed On Wed, 2018-01-24 at 07:35 +0100, Andreas Beckmann wrote: > I'd like to update the 340xx legacy nvidia driver in stretch with a > new upstream version that brings spectre/meltdown mitigation fixes > and related kernel support. Security updates for the non-free drivers > have always been done via proposed-updates. > Please go ahead. Regards, Adam
Processed: Re: Bug#888909: stretch-pu: package nvidia-graphics-drivers/384.111-4~deb9u1
Processing control commands: > tags -1 + confirmed Bug #888909 [release.debian.org] stretch-pu: package nvidia-graphics-drivers/384.111-4~deb9u1 Added tag(s) confirmed. -- 888909: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888909 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#888909: stretch-pu: package nvidia-graphics-drivers/384.111-4~deb9u1
Control: tags -1 + confirmed On Wed, 2018-01-31 at 06:06 +0100, Andreas Beckmann wrote: > Followup-For: Bug #888909 > > Source debdiff attached. > Please go ahead. Regards, Adam
Processed: Re: Bug#888239: stretch-pu: package nvidia-graphics-drivers-legacy-340xx/340.106-1~deb9u1
Processing control commands: > tags -1 + confirmed Bug #888239 [release.debian.org] stretch-pu: package nvidia-graphics-drivers-legacy-340xx/340.106-1~deb9u1 Added tag(s) confirmed. -- 888239: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888239 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#887359: stretch-pu: package slic3r/1.2.9+dfsg-9~deb9u1
Control: tags -1 + confirmed On Mon, 2018-01-15 at 14:05 +0100, Andreas Beckmann wrote: > Next round for slic3r ... more searchpath fixes to find Slic3r.pm in > the > private library directory, #886125. > Since all the additional fixes from unstable looked sane and > worthwile > to have in stable, I just rebuilt the sid package, like last time. > Please go ahead. Regards, Adam
Processed: Re: Bug#887359: stretch-pu: package slic3r/1.2.9+dfsg-9~deb9u1
Processing control commands: > tags -1 + confirmed Bug #887359 [release.debian.org] stretch-pu: package slic3r/1.2.9+dfsg-9~deb9u1 Added tag(s) confirmed. -- 887359: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887359 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#887311: stretch-pu: package libperlx-assert-perl/0.904-1+deb9u1
Processing control commands: > tags -1 + confirmed Bug #887311 [release.debian.org] stretch-pu: package libperlx-assert-perl/0.904-1+deb9u1 Added tag(s) confirmed. -- 887311: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887311 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#887311: stretch-pu: package libperlx-assert-perl/0.904-1+deb9u1
Control: tags -1 + confirmed On Sun, 2018-01-14 at 21:32 +0100, Andreas Beckmann wrote: > let's add a few missing perl packages to the dependecies: #868075 > > $ debdiff libperlx-assert-perl_0.904-1_all.deb libperlx-assert- > perl_0.904-1+deb9u1_all.deb > File lists identical (after any substitutions) > > Control files: lines which differ (wdiff format) > > Depends: libdevel-strictmode-perl, libexporter-tiny-perl, > {+libkeyword-simple-perl, libdevel-declare-perl,+} perl > Please go ahead. Regards, Adam
Bug#885333: stretch-pu: package loook/0.8.4-1
Control: tags -1 + confirmed Apologies for the delay in getting back to you. On Tue, 2017-12-26 at 19:51 +0100, Mechtilde Stehmann wrote: > Hello, > > I discussed my wish also with wRAR at IRC #debian-mentors. He pointed > out to me that my versioning was wrong. > > So I correct it a new build and a new patch file which i applied. +loook (0.8.4-1+deb9u1) UNRELEASED; urgency=medium To confirm, this will want to be "stretch" for the upload. + * now it is possible to search in directories which also contains password protected files. ++ fix for bug #884582 So "Closes: #884582" then. Please go ahead. Regards, Adam
Processed: Re: Bug#885333: stretch-pu: package loook/0.8.4-1
Processing control commands: > tags -1 + confirmed Bug #885333 [release.debian.org] stretch-pu: package loook/0.8.4-1 Added tag(s) confirmed. -- 885333: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885333 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#886877: stretch-pu: package gosa-plugin-pwreset/0.99.4-1+deb9u1
Control: tags -1 + confirmed On Wed, 2018-01-10 at 21:27 +0100, Mike Gabriel wrote: > We identified a deprecated constructor call in the PHP package gosa- > plugin-pwreset. > Please go ahead. Regards, Adam
Processed: Re: Bug#886877: stretch-pu: package gosa-plugin-pwreset/0.99.4-1+deb9u1
Processing control commands: > tags -1 + confirmed Bug #886877 [release.debian.org] stretch-pu: package gosa-plugin-pwreset/0.99.4-1+deb9u1 Added tag(s) confirmed. -- 886877: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886877 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#886636: stretch-pu: package gnumail/1.2.2-1.1+deb9u1
Control: tags -1 + confirmed On Mon, 2018-01-08 at 12:16 +0200, Yavor Doganov wrote: > Please approve an update of gnumail to fix #886305. The libssl > dependency is unused: > > $ dpkg -l gnumail.app | grep ^i > ii gnumail.app1.2.2-1.1i386 Mail client for GNUstep > $ ldd -u /usr/bin/GNUMail | grep ssl > /usr/lib/i386-linux-gnu/libssl.so.1.1 > > And it makes the package undistributable because its license is GPL- > 2+ without explicit OpenSSL exception. Please go ahead; sorry for the delay. Regards, Adam
Processed: Re: Bug#886636: stretch-pu: package gnumail/1.2.2-1.1+deb9u1
Processing control commands: > tags -1 + confirmed Bug #886636 [release.debian.org] stretch-pu: package gnumail/1.2.2-1.1+deb9u1 Added tag(s) confirmed. -- 886636: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886636 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#886593: stretch-pu: package qtpass/1.1.6-1
Control: tags -1 + confirmed On Mon, 2018-01-08 at 00:17 +0100, Philip Rinn wrote: > the current version in stable has a insecure built-in password > generator. As > the built-in password generator not used in qtpass' default config, > the > security team asked me to fix it via stretch-pu. Please go ahead. Regards, Adam
Bug#890470: stretch-pu: package systemd/232-25+deb9u1
Control: tags -1 + moreinfo On Thu, 2018-02-15 at 01:19 +0100, Michael Biebl wrote: > I'd like to make a stable upload for systemd fixing a couple of > issues. > > An annotated changelog follows. > Full debdiff is attached. In fact, it wasn't. The individual patches look OK, but I'd like to see the full debdiff before confirming, please. Regards, Adam
Processed: Re: Bug#886593: stretch-pu: package qtpass/1.1.6-1
Processing control commands: > tags -1 + confirmed Bug #886593 [release.debian.org] stretch-pu: package qtpass/1.1.6-1 Added tag(s) confirmed. -- 886593: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886593 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#890470: stretch-pu: package systemd/232-25+deb9u1
Processing control commands: > tags -1 + moreinfo Bug #890470 [release.debian.org] stretch-pu: package systemd/232-25+deb9u2 Added tag(s) moreinfo. -- 890470: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890470 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#886589: stretch-pu: package mapproxy/1.9.0-3+deb9u1
Control: tags -1 + confirmed On Sun, 2018-01-07 at 22:19 +0100, Bas Couwenberg wrote: > To fix CVE-2017-1000426 an update of mapproxy for stretch has been > prepared, but the security team doesn't consider the issue severe > enough > to warrant a DSA. > Please go ahead. Regards, Adam
Processed: Re: Bug#886589: stretch-pu: package mapproxy/1.9.0-3+deb9u1
Processing control commands: > tags -1 + confirmed Bug #886589 [release.debian.org] stretch-pu: package mapproxy/1.9.0-3+deb9u1 Added tag(s) confirmed. -- 886589: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886589 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#886380: stretch-pu: package opendmarc/1.3.2-2+deb9u1
Processing control commands: > tags -1 + confirmed Bug #886380 [release.debian.org] stretch-pu: package opendmarc/1.3.2-2+deb9u1 Added tag(s) confirmed. -- 886380: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886380 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#886380: stretch-pu: package opendmarc/1.3.2-2+deb9u1
Control: tags -1 + confirmed On Thu, 2018-01-04 at 23:01 -0500, Scott Kitterman wrote: > As released, opendmarc doesn't read it's configuration file which > substantially limits the packages usefullness as > packaged/released. The > attached debdiff changes the service file so the configuration file > is > actually used and adjusts the configuration file to match the option > values > previously hard coded in the service file. > Please go ahead; sorry for the delay. Regards, Adam
Processed: Re: Bug#891142: stretch-pu: package cups/2.2.1-8+
Processing control commands: > tags -1 + confirmed Bug #891142 [release.debian.org] stretch-pu: package cups/2.2.1-8+deb9u1 Added tag(s) confirmed. -- 891142: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891142 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#891053: stretch-pu: package acme-tiny/20160801-3
Processing control commands: > tags -1 + confirmed Bug #891053 [release.debian.org] stretch-pu: package acme-tiny/20160801-3 Added tag(s) confirmed. -- 891053: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891053 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#891142: stretch-pu: package cups/2.2.1-8+
Control: tags -1 + confirmed On Thu, 2018-02-22 at 17:57 +0100, Didier 'OdyX' Raboud wrote: > CUPS is affected by CVE-2017-18190: remote attackers could execute > arbitrary > IPP commands by sending POST requests to the CUPS daemon in > conjunction with > DNS rebinding. This was caused by a whitelisted > "localhost.localdomain" entry. > > According to the Security Team it doesn't warrant a DSA, but still > makes sense > to be addressed on Stretch (and Jessie). It was fixed independently > on wheezy > already. > > The proposed debdiff is attached; can I upload to stretch? Please go ahead. > Do you need another bug for Jessie ? Yes, please. Regards, Adam
Bug#890860: stretch-pu: package ruby-redis-store/1.1.6-1
Control: tags -1 + confirmed On Mon, 2018-02-19 at 23:53 +0100, Cédric Boutillier wrote: > I have prepared a patch for Debian bug #882034 (CVE-2017-1000248) > from > by adapting the upstream patch from > > https://github.com/redis-store/redis-store/pull/290 > Please go ahead. Regards, Adam
Bug#891053: stretch-pu: package acme-tiny/20160801-3
Control: tags -1 + confirmed On Thu, 2018-02-22 at 01:57 +0100, Sebastien Badia wrote: > acme-tiny is a tiny script to issue and renew TLS certs from Let's > Encrypt > using acme protocol. > > The actual version of acme-tiny in Debian/stable (20160801-3) doesn't > works due to an hard-coded and outdated version of the subscriber > agreement. > > Please see https://bugs.debian.org/882693 +acme-tiny (20160801-3+deb9u1) stable-proposed-updates; urgency=medium Please use "stretch" as the changleog distribution here and feel free to upload with that change. > Ps: For myself, I'm not sure, source-only uploads works for p-u ? For stretch, yes. Regards, Adam
Bug#888731: stretch-pu: package virt-what/1.15-1+deb9u1
On Fri, Feb 23, 2018 at 04:53:27PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Mon, 2018-01-29 at 10:25 +0100, Guido Günther wrote: > > The update fixes problems with virt detection arch/aarch64 since > > these > > fall back to uname -m. x86 uses cpuid mostly so it went there > > undetected. > > > > +virt-what (1.15-1+deb9u1) stable-proposed-updates; urgency=medium > > "stretch", please. > > Please go ahead. Uploaded. Thanks, -- Guido
Processed: Re: Bug#890860: stretch-pu: package ruby-redis-store/1.1.6-1
Processing control commands: > tags -1 + confirmed Bug #890860 [release.debian.org] stretch-pu: package ruby-redis-store/1.1.6-1 Added tag(s) confirmed. -- 890860: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890860 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#890506: stretch-pu: package ntp/1:4.2.8p10+dfsg-3+deb9u2
Control: tags -1 + confirmed On Thu, 2018-02-15 at 12:55 +0100, Bernhard Schmidt wrote: > I'd like to update ntp in Stretch to fix Bug#887385. There have been > numerous > reports about ntpd segfaulting with the libc6 update from > stretch-proposed-updates or in sid. It does not happen on all > machines (I for > one did not see it once). > > There has been an upstream bug and an upstream patch to increase the > stack size. This patch has been part of sid/buster for some weeks now > and > one of the reporters on the bug confirmed it being fixed. > Please go ahead. Regards, Adam
Processed: Re: Bug#890506: stretch-pu: package ntp/1:4.2.8p10+dfsg-3+deb9u2
Processing control commands: > tags -1 + confirmed Bug #890506 [release.debian.org] stretch-pu: package ntp/1:4.2.8p10+dfsg-3+deb9u2 Added tag(s) confirmed. -- 890506: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890506 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#890105: stretch-pu: package uwsgi/2.0.14+20161117-3+deb9u1
Processing control commands: > tags -1 + confirmed Bug #890105 [release.debian.org] stretch-pu: package uwsgi/2.0.14+20161117-3+deb9u1 Added tag(s) confirmed. -- 890105: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890105 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#889940: stretch-pu: package miniupnpd/1.8.20140523-4.1 fix for CVE-2017-1000494
Processing control commands: > tags -1 + confirmed Bug #889940 [release.debian.org] stretch-pu: package miniupnpd/1.8.20140523-4.1 fix for CVE-2017-1000494 Added tag(s) confirmed. -- 889940: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889940 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#889940: stretch-pu: package miniupnpd/1.8.20140523-4.1 fix for CVE-2017-1000494
Control: tags -1 + confirmed On Fri, 2018-02-09 at 00:15 +0100, Thomas Goirand wrote: > I'd like to push for an update of miniupnpd in Stretch, in order to > fix > CVE-2017-1000494. The security team decided to go without a DSA. > > Attached is the debdiff for the fix. Please go ahead. > Also, please let me know if my .changes must include the > .orig.tar.gz, > if it must, I'll rebuild with --force-orig-source. I'm sorry for I > never remember when it should or not... :( > No. It's required for the first upload of that .orig to a particular archive (i.e. ftp-master or security), but not for subsequent uploads to that archive. Regards, Adam
Bug#890105: stretch-pu: package uwsgi/2.0.14+20161117-3+deb9u1
Control: tags -1 + confirmed On Sun, 2018-02-11 at 11:10 +0100, Salvatore Bonaccorso wrote: > +uwsgi (2.0.14+20161117-3+deb9u1) stretch; urgency=medium > + > + * Non-maintainer upload. > + * Stack-based buffer overflow in uwsgi_expand_path function (CVE- > 2018-6758) > +(Closes: #889753) > Please go ahead. Regards, Adam
Bug#889983: stretch-pu: package glade/3.20.0-2+deb9u1
Control: tags -1 + confirmed On Fri, 2018-02-09 at 18:12 +0100, Sébastien Villemot wrote: > I prepared a p-u for glade, fixing #859324 (basically glade eats a > lot of CPU > as soon as a non-trivial UI is created). > Please go ahead. Regards, Adam
Processed: Re: Bug#889983: stretch-pu: package glade/3.20.0-2+deb9u1
Processing control commands: > tags -1 + confirmed Bug #889983 [release.debian.org] stretch-pu: package glade/3.20.0-2+deb9u1 Added tag(s) confirmed. -- 889983: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889983 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#891221: stretch's lxc fails to create sid container: iproute not found
Processing control commands: > tags 891221 + confirmed Bug #891221 [lxc] stretch's lxc fails to create sid container: iproute not found Added tag(s) confirmed. > block 891221 by 888788 Bug #891221 [lxc] stretch's lxc fails to create sid container: iproute not found 891221 was not blocked by any bugs. 891221 was not blocking any bugs. Added blocking bug(s) of 891221: 888788 -- 888788: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888788 891221: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891221 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#888788: Bug#891221: stretch's lxc fails to create sid container: iproute not found
Control: tags 891221 + confirmed Control: block 891221 by 888788 On Fri, Feb 23, 2018 at 02:12:37PM +, Santiago wrote: > Package: lxc > Version: 1:2.0.7-2+deb9u1 > Severity: important > > Stretch's lxc fails to create a -t debian -- -r sid container, because > it doesn't find the iproute package, not longer included in unstable: > > … > I: Checking component main on http://httpredir.debian.org/debian... > E: Couldn't find these debs: iproute > Failed to download the rootfs, aborting. > Failed to download 'debian base' > failed to install debian > lxc-create: lxccontainer.c: create_run_template: 1297 container creation > template for sid failed > lxc-create: tools/lxc_create.c: main: 318 Error creating container sid > > Changing iproute for iproute2 in /usr/share/lxc/templates/lxc-debian > solves the issue. Yes. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888788 Stable RMs, please review the proposed update to lxc on stretch. signature.asc Description: PGP signature
Bug#889728: stretch-pu: package bareos/16.2.4-3+deb9u2
Control: tags -1 + confirmed On Tue, 2018-02-06 at 13:45 +0100, Felix Geyer wrote: > I'd like to fix bug #889040 in stretch: > > * Fix backups failing with "No Volume name given". > - Backport upstream commit: Don't return empty volname if volume is > on > unwanted vols list. > Please go ahead. Regards, Adam
Processed: Re: Bug#889728: stretch-pu: package bareos/16.2.4-3+deb9u2
Processing control commands: > tags -1 + confirmed Bug #889728 [release.debian.org] stretch-pu: package bareos/16.2.4-3+deb9u2 Added tag(s) confirmed. -- 889728: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889728 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#889622: stretch-pu: package fuse-zip/0.4.0-2+deb9u1
Control: tags -1 + confirmed On Mon, 2018-02-05 at 14:12 +1100, Matthew Harm Bekkema wrote: > I'd like to update fuse-zip in stretch to fix a bug which prevents it > from > writing changes back to zip files. I took upstream's patch and > applied it to the > version in stretch: https://bitbucket.org/agalanin/fuse-zip/commits/9 > b9c2f47cfe9 > Please go ahead. Regards, Adam
Processed: Re: Bug#889622: stretch-pu: package fuse-zip/0.4.0-2+deb9u1
Processing control commands: > tags -1 + confirmed Bug #889622 [release.debian.org] stretch-pu: package fuse-zip/0.4.0-2+deb9u1 Added tag(s) confirmed. -- 889622: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889622 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
NEW changes in stable-new
Processing changes file: postgresql-9.6_9.6.7-0+deb9u1_armel.changes ACCEPT Processing changes file: postgresql-9.6_9.6.7-0+deb9u1_armhf.changes ACCEPT Processing changes file: postgresql-9.6_9.6.7-0+deb9u1_mips64el.changes ACCEPT
NEW changes in stable-new
Processing changes file: postgresql-9.6_9.6.7-0+deb9u1_mips.changes ACCEPT
Bug#889317: stretch-pu: package directfb/1.2.10.0-8
Control: tags -1 + confirmed On Sat, 2018-02-03 at 16:00 +0100, Sebastian Ramacher wrote: > I'd like to provide a fix for #878324 for the next stable point > release. The > issue was fixed in unstable shortly after 1.2.10.0-8 was uploaded in > -9. That > fix came to late for stretch (or I forgot to ask for an unblock). > > The debdiff is: > > --- a/debian/changelog > +++ b/debian/changelog > @@ -1,3 +1,10 @@ > +directfb (1.2.10.0-8+deb9u1) stretch; urgency=medium > + > + * debian/libdirectfb-1.2-9.install: Fix architecture-based filter > to > +actually install drivers. (Closes: #878324) > Please go ahead. Regards, Adam
Processed: Re: Bug#889317: stretch-pu: package directfb/1.2.10.0-8
Processing control commands: > tags -1 + confirmed Bug #889317 [release.debian.org] stretch-pu: package directfb/1.2.10.0-8 Added tag(s) confirmed. -- 889317: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889317 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#889279: stretch-pu: package quota/4.03-2+b1
Control: tags -1 + confirmed On Sat, 2018-02-03 at 09:55 +0100, Michael Meskes wrote: > As reported in #888586 quotacheck may run into an endless loop > because it fails > to honor the non-interactive flag and still asks a question while > there is no > way to answer it. The proposed patch is already in Sid waiting to > migrate to > testing. > Please go ahead. Regards, Adam
Processed: Re: Bug#889279: stretch-pu: package quota/4.03-2+b1
Processing control commands: > tags -1 + confirmed Bug #889279 [release.debian.org] stretch-pu: package quota/4.03-2+b1 Added tag(s) confirmed. -- 889279: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889279 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
NEW changes in oldstable-new
Processing changes file: libav_11.12-1~deb8u1_amd64.changes ACCEPT Processing changes file: libav_11.12-1~deb8u1_arm64.changes ACCEPT Processing changes file: libav_11.12-1~deb8u1_armel.changes ACCEPT Processing changes file: libav_11.12-1~deb8u1_armhf.changes ACCEPT Processing changes file: libav_11.12-1~deb8u1_i386.changes ACCEPT Processing changes file: libav_11.12-1~deb8u1_mips.changes ACCEPT Processing changes file: libav_11.12-1~deb8u1_mipsel.changes ACCEPT Processing changes file: libav_11.12-1~deb8u1_powerpc.changes ACCEPT Processing changes file: libav_11.12-1~deb8u1_ppc64el.changes ACCEPT Processing changes file: libav_11.12-1~deb8u1_s390x.changes ACCEPT Processing changes file: postgresql-9.4_9.4.16-0+deb8u1_amd64.changes ACCEPT Processing changes file: squid3_3.4.8-6+deb8u5_multi.changes ACCEPT Processing changes file: squid3_3.4.8-6+deb8u5_amd64.changes ACCEPT Processing changes file: squid3_3.4.8-6+deb8u5_arm64.changes ACCEPT Processing changes file: squid3_3.4.8-6+deb8u5_armel.changes ACCEPT Processing changes file: squid3_3.4.8-6+deb8u5_armhf.changes ACCEPT Processing changes file: squid3_3.4.8-6+deb8u5_i386.changes ACCEPT Processing changes file: squid3_3.4.8-6+deb8u5_mips.changes ACCEPT Processing changes file: squid3_3.4.8-6+deb8u5_mipsel.changes ACCEPT Processing changes file: squid3_3.4.8-6+deb8u5_powerpc.changes ACCEPT Processing changes file: squid3_3.4.8-6+deb8u5_ppc64el.changes ACCEPT Processing changes file: squid3_3.4.8-6+deb8u5_s390x.changes ACCEPT
Processed: Re: Bug#889001: stretch-pu: package publicsuffix/20180125.0922-0+deb9u1
Processing control commands: > tags -1 + confirmed Bug #889001 [release.debian.org] stretch-pu: package publicsuffix/20180125.0922-0+deb9u1 Added tag(s) confirmed. -- 889001: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889001 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#889001: stretch-pu: package publicsuffix/20180125.0922-0+deb9u1
Control: tags -1 + confirmed On Wed, 2018-01-31 at 23:21 -0500, d...@fifthhorseman.net wrote: > Please consider an update to publicsuffix in debian stretch. > > This package reflects the state of the network, and keeping it > current > is useful for all the packages that depend on it. > Please go ahead. Regards, Adam
Bug#888783: stretch-pu: package postfix/3.1.8-0+deb9u1
Control: tags -1 + confirmed On Mon, 2018-01-29 at 16:14 -0500, Scott Kitterman wrote: > This update is intended to accomplish several improvements: [...] > As usual, the postfix upstream is very careful and thorough in micro- > release > updates and all the upstream changes are good things for our > users. I have > the proposed package in production and have not noted any issues. +postfix (3.1.8-0+deb9u1) stretch; urgency=medium + +[Scott Kitterman] + + * Rewrite debian/postfix-instance-generator to avoid use of postmulti to fix +failures when inet_interfaces != all. Closes: #882141 The indentation of the maintainer header looks strange there. Please go ahead. Regards, Adam
Processed: Re: Bug#888788: stretch-pu: package lxc/1:2.0.7-2+deb9u2
Processing control commands: > tags -1 + confirmed Bug #888788 [release.debian.org] stretch-pu: package lxc/1:2.0.7-2+deb9u2 Added tag(s) confirmed. -- 888788: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888788 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#888783: stretch-pu: package postfix/3.1.8-0+deb9u1
Processing control commands: > tags -1 + confirmed Bug #888783 [release.debian.org] stretch-pu: package postfix/3.1.8-0+deb9u1 Added tag(s) confirmed. -- 888783: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888783 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#888788: stretch-pu: package lxc/1:2.0.7-2+deb9u2
Control: tags -1 + confirmed On Mon, 2018-01-29 at 20:40 -0200, Antonio Terceiro wrote: > iproute has been a transitional package for a while, but the lxc- > debian > template was refering to it. Now that iproute has been finally > removed, > creating buster or sid containers fails. > > This update replaces iproute with iproute2. I am running it on > ci.debian.net > Please go ahead. Regards, Adam
Bug#888731: stretch-pu: package virt-what/1.15-1+deb9u1
Control: tags -1 + confirmed On Mon, 2018-01-29 at 10:25 +0100, Guido Günther wrote: > The update fixes problems with virt detection arch/aarch64 since > these > fall back to uname -m. x86 uses cpuid mostly so it went there > undetected. > +virt-what (1.15-1+deb9u1) stable-proposed-updates; urgency=medium "stretch", please. Please go ahead. Regards, Adam
Processed: Re: Bug#888731: stretch-pu: package virt-what/1.15-1+deb9u1
Processing control commands: > tags -1 + confirmed Bug #888731 [release.debian.org] stretch-pu: package virt-what/1.15-1+deb9u1 Added tag(s) confirmed. -- 888731: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888731 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#888510: stretch-pu: package xmltooling/1.6.0-4
Control: tags -1 + moreinfo On Fri, 2018-01-26 at 15:31 +0100, Ferenc Wágner wrote: > The Security Team advised that CVE-2018-0486 should be fixed by a > stable > update, because it isn't exploitable in the stretch version of the > Shibboleth stack, but software outside Debian could still be affected > by the issue. Stretch currently has version 1.6.0; upstream fixed > this > security issue in 1.6.3 (already uploaded to unstable). Since 1.6.2 > was > a revert of the most part of the changes in 1.6.1, 1.6.3 is > effectively > three code changes beyond 1.6.0: the security fix itself: [...] > Based on the above, a stable update straight to 1.6.3 does not seem > unreasonable to me, but it's your call, certainly. Backporting the > first hunk (the relevant security fix) is easy enough. On the other > hand, having version numbers reflecting the reality can be useful. Indeed, that doesn't seem entirely unreasonable. > So, what version number should I post the debdiff for? Please > include the Debian part as well, I haven't prepared stable updates > yet. 1.6.3-1~deb9u1, in this case. > Also, if you can estimate: when can we expect the next stable update, > that is, how much time have I got for this process? We can do better than that - the window for the next point release closes next weekend. Of course, if you don't make that, there'll always be the next time. Regards, Adam
Processed: Re: Bug#888510: stretch-pu: package xmltooling/1.6.0-4
Processing control commands: > tags -1 + moreinfo Bug #888510 [release.debian.org] stretch-pu: package xmltooling/1.6.0-4 Added tag(s) moreinfo. -- 888510: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888510 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#888488: stretch-pu: package w3m/0.5.3-34+deb9u1
Control: tags -1 + confirmed On Fri, 2018-01-26 at 19:14 +0900, Tatsuya Kinoshita wrote: > I'd like to update package w3m in stretch to fix multiple security > flaws, managed as no DSA, minor/unimportant. > cf. https://security-tracker.debian.org/tracker/source-package/w3m > > See this changelog and the attached debdiff. > > w3m (0.5.3-34+deb9u1) stretch; urgency=medium > > * New patch 955_tbl-indent.patch to fix stack overflow [CVE-2018- > 6196] > * New patch 956_columnpos.patch to fix null deref [CVE-2018-6197] > * New patch 957_mkdtemp.patch to fix /tmp file races [CVE-2018- > 6198] > (closes: #888097) > Please go ahead. Regards, Adam
Processed: Re: Bug#888488: stretch-pu: package w3m/0.5.3-34+deb9u1
Processing control commands: > tags -1 + confirmed Bug #888488 [release.debian.org] stretch-pu: package w3m/0.5.3-34+deb9u1 Added tag(s) confirmed. -- 888488: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888488 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#887999: stretch-pu: package libhibernate-validator-java/4.3.3-1
Control: tags -1 + confirmed On Mon, 2018-01-22 at 15:01 +0100, Markus Koschany wrote: > I would like to fix CVE-2017-7536 in libhibernate-validator-java. The > issue is no-dsa but still worth fixing. > Please go ahead. Regards, Adam
Processed: Re: Bug#887999: stretch-pu: package libhibernate-validator-java/4.3.3-1
Processing control commands: > tags -1 + confirmed Bug #887999 [release.debian.org] stretch-pu: package libhibernate-validator-java/4.3.3-1 Added tag(s) confirmed. -- 887999: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887999 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#887855: stretch-pu: package libvirt/3.0.0-4+deb9u2
Processing control commands: > tags -1 + confirmed Bug #887855 [release.debian.org] stretch-pu: package libvirt/3.0.0-4+deb9u2 Added tag(s) confirmed. -- 887855: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887855 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#887855: stretch-pu: package libvirt/3.0.0-4+deb9u2
Control: tags -1 + confirmed On Sat, 2018-01-20 at 18:46 +0100, Guido Günther wrote: > the above update addresses CVE-2018-5748 as well as a bug where disks > with cache=directsync couldn't be migrated (#883208). > +_("Migration may lead to data corruption if disks" +- " use cache != none")); ++ " use cache != none or cache != directsync")); I think that message should use "and", not "or" - all possible values are "!= none or != directsync". (Or maybe "if disks use cache != none or directsync" or something.) Please go ahead. Regards, Adam
Bug#887427: stretch-pu: package buildbot/0.8.12-3.2
Control: tags -1 + moreinfo On Tue, 2018-01-16 at 14:54 +0300, Alexander GQ Gerasiov wrote: > In Stretch we have buildbot package version 0.8.12-3.2 (abandoned by > maintainer). > Unfortunately it's unusable, because of hardcoded versioned > dependence on > sqlalchemy with version lesser than one in stretch. > > Piotr Ozarowski tried to fix this, removing dependence > from control, > but this is not enough (package builds, installs but not work at > all), see #867588 > As far as I can tell, #867588 is still not fixed in unstable - is that correct? Regards, Adam
Processed: Re: Bug#887427: stretch-pu: package buildbot/0.8.12-3.2
Processing control commands: > tags -1 + moreinfo Bug #887427 [release.debian.org] stretch-pu: package buildbot/0.8.12-3.2 Added tag(s) moreinfo. -- 887427: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887427 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
NEW changes in stable-new
Processing changes file: postgresql-9.6_9.6.7-0+deb9u1_amd64.changes ACCEPT Processing changes file: postgresql-9.6_9.6.7-0+deb9u1_arm64.changes ACCEPT Processing changes file: postgresql-9.6_9.6.7-0+deb9u1_i386.changes ACCEPT
NEW changes in stable-new
Processing changes file: postgresql-9.6_9.6.7-0+deb9u1_all.changes ACCEPT Processing changes file: postgresql-9.6_9.6.7-0+deb9u1_s390x.changes ACCEPT Processing changes file: xrdp_0.9.1-9+deb9u2_armel.changes ACCEPT Processing changes file: xrdp_0.9.1-9+deb9u2_armhf.changes ACCEPT Processing changes file: xrdp_0.9.1-9+deb9u2_mips.changes ACCEPT Processing changes file: xrdp_0.9.1-9+deb9u2_mips64el.changes ACCEPT Processing changes file: xrdp_0.9.1-9+deb9u2_mipsel.changes ACCEPT
NEW changes in stable-new
Processing changes file: cappuccino_0.5.1-6+deb9u1_all.changes ACCEPT Processing changes file: cerealizer_0.8.1-1+deb9u1_all.changes ACCEPT Processing changes file: exam_0.10.5-1+deb9u1_all.changes ACCEPT Processing changes file: xrdp_0.9.1-9+deb9u2_arm64.changes ACCEPT Processing changes file: xrdp_0.9.1-9+deb9u2_i386.changes ACCEPT Processing changes file: xrdp_0.9.1-9+deb9u2_s390x.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: exim4_4.84.2-2+deb8u5_allonly.changes ACCEPT Processing changes file: exim4_4.84.2-2+deb8u5_amd64.changes ACCEPT Processing changes file: exim4_4.84.2-2+deb8u5_arm64.changes ACCEPT Processing changes file: exim4_4.84.2-2+deb8u5_armel.changes ACCEPT Processing changes file: exim4_4.84.2-2+deb8u5_armhf.changes ACCEPT Processing changes file: exim4_4.84.2-2+deb8u5_i386.changes ACCEPT Processing changes file: exim4_4.84.2-2+deb8u5_mips.changes ACCEPT Processing changes file: exim4_4.84.2-2+deb8u5_mipsel.changes ACCEPT Processing changes file: exim4_4.84.2-2+deb8u5_powerpc.changes ACCEPT Processing changes file: exim4_4.84.2-2+deb8u5_ppc64el.changes ACCEPT Processing changes file: exim4_4.84.2-2+deb8u5_s390x.changes ACCEPT Processing changes file: gcc-4.9_4.9.2-10+deb8u1_amd64.changes ACCEPT Processing changes file: gcc-4.9_4.9.2-10+deb8u1_arm64.changes ACCEPT Processing changes file: gcc-4.9_4.9.2-10+deb8u1_armel.changes ACCEPT Processing changes file: gcc-4.9_4.9.2-10+deb8u1_armhf.changes ACCEPT Processing changes file: gcc-4.9_4.9.2-10+deb8u1_i386.changes ACCEPT Processing changes file: gcc-4.9_4.9.2-10+deb8u1_mips.changes ACCEPT Processing changes file: gcc-4.9_4.9.2-10+deb8u1_mipsel.changes ACCEPT Processing changes file: gcc-4.9_4.9.2-10+deb8u1_powerpc.changes ACCEPT Processing changes file: gcc-4.9_4.9.2-10+deb8u1_ppc64el.changes ACCEPT Processing changes file: gcc-4.9_4.9.2-10+deb8u1_s390x.changes ACCEPT Processing changes file: jackson-databind_2.4.2-2+deb8u3_amd64.changes ACCEPT Processing changes file: libreoffice_4.3.3-2+deb8u10_i386.changes ACCEPT Processing changes file: libreoffice_4.3.3-2+deb8u10_amd64.changes ACCEPT Processing changes file: libreoffice_4.3.3-2+deb8u10_arm64.changes ACCEPT Processing changes file: libreoffice_4.3.3-2+deb8u10_armel.changes ACCEPT Processing changes file: libreoffice_4.3.3-2+deb8u10_armhf.changes ACCEPT Processing changes file: libreoffice_4.3.3-2+deb8u10_mips.changes ACCEPT Processing changes file: libreoffice_4.3.3-2+deb8u10_mipsel.changes ACCEPT Processing changes file: libreoffice_4.3.3-2+deb8u10_powerpc.changes ACCEPT Processing changes file: libreoffice_4.3.3-2+deb8u10_ppc64el.changes ACCEPT Processing changes file: libreoffice_4.3.3-2+deb8u10_s390x.changes ACCEPT Processing changes file: mailman_2.1.18-2+deb8u2_amd64.changes ACCEPT Processing changes file: mailman_2.1.18-2+deb8u2_arm64.changes ACCEPT Processing changes file: mailman_2.1.18-2+deb8u2_armel.changes ACCEPT Processing changes file: mailman_2.1.18-2+deb8u2_armhf.changes ACCEPT Processing changes file: mailman_2.1.18-2+deb8u2_i386.changes ACCEPT Processing changes file: mailman_2.1.18-2+deb8u2_mips.changes ACCEPT Processing changes file: mailman_2.1.18-2+deb8u2_mipsel.changes ACCEPT Processing changes file: mailman_2.1.18-2+deb8u2_powerpc.changes ACCEPT Processing changes file: mailman_2.1.18-2+deb8u2_ppc64el.changes ACCEPT Processing changes file: mailman_2.1.18-2+deb8u2_s390x.changes ACCEPT Processing changes file: quagga_0.99.23.1-1+deb8u5_allonly.changes ACCEPT Processing changes file: quagga_0.99.23.1-1+deb8u5_amd64.changes ACCEPT Processing changes file: quagga_0.99.23.1-1+deb8u5_arm64.changes ACCEPT Processing changes file: quagga_0.99.23.1-1+deb8u5_armel.changes ACCEPT Processing changes file: quagga_0.99.23.1-1+deb8u5_armhf.changes ACCEPT Processing changes file: quagga_0.99.23.1-1+deb8u5_i386.changes ACCEPT Processing changes file: quagga_0.99.23.1-1+deb8u5_mips.changes ACCEPT Processing changes file: quagga_0.99.23.1-1+deb8u5_mipsel.changes ACCEPT Processing changes file: quagga_0.99.23.1-1+deb8u5_powerpc.changes ACCEPT Processing changes file: quagga_0.99.23.1-1+deb8u5_ppc64el.changes ACCEPT Processing changes file: quagga_0.99.23.1-1+deb8u5_s390x.changes ACCEPT Processing changes file: tomcat-native_1.1.32~repack-2+deb8u1_amd64.changes ACCEPT Processing changes file: tomcat-native_1.1.32~repack-2+deb8u1_arm64.changes ACCEPT Processing changes file: tomcat-native_1.1.32~repack-2+deb8u1_armel.changes ACCEPT Processing changes file: tomcat-native_1.1.32~repack-2+deb8u1_armhf.changes ACCEPT Processing changes file: tomcat-native_1.1.32~repack-2+deb8u1_i386.changes ACCEPT Processing changes file: tomcat-native_1.1.32~repack-2+deb8u1_mips.changes ACCEPT Processing changes file: tomcat-native_1.1.32~repack-2+deb8u1_mipsel.changes ACCEPT Processing changes file: tomcat-native_1.1.32~repack-2+deb8u1_powerpc.changes ACCEPT Processing changes file: tomcat-native_1.1.32~repack-2+deb8u1_ppc64el.changes ACCEPT Processing changes file: tomcat-native_1.1.32~repack-2+deb8u1_s390x.changes ACCEPT
Bug#890897: transition: unibilium
On Fri, Feb 23, 2018 at 10:11:42AM +0100, Emilio Pozuelo Monfort wrote: > Control: tags -1 confirmed > > On 20/02/18 13:16, James McCoy wrote: > > Package: release.debian.org > > Severity: normal > > User: release.debian@packages.debian.org > > Usertags: transition > > > > There is an upstream SONAME bump due to support for terminfo's new wide > > format. The dependency chain revolves around neovim and everything > > rebuilds and tests fine with the new unibilium. > > Go ahead. Thanks. Uploaded. -- James GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7 2D23 DFE6 91AE 331B A3DB