Bug#894123: RM: nvidia-graphics-modules/oldstable -- RoQA; license problem; incompatible with current kernel ABI
On 2018-03-26 17:51, Ben Hutchings wrote: > See #815060 for the license issue. from the previous jessie RM request: https://bugs.debian.org/815525 >On Mon, 22 Feb 2016 10:02:56 +0100 Julien Cristau >wrote: >> I'd rather we left (old)stable well alone. > The Linux kernel ABI in jessie was changed in January as a result of > the mitigation of the Meltdown security issue. This package would > need to be updated to build new compatible modules, but that should > not be done due to the license issue. OPU request: https://bugs.debian.org/888561 > For the same reasons, this package should also be removed from wheezy > - though I don't think that's practical no since there won't be any > further point releases. Unfortunately the non-free bits cannot be updated via LTS :-( Let's hope this changes for jessie-lts. There have been inquiries about updated nvidia-graphics-modules for (old)oldstable on the mailing list ... Andreas
Bug#893523: transition: qtbase-opensource-src
El martes, 27 de marzo de 2018 19:09:52 -03 Emilio Pozuelo Monfort escribió: > On 19/03/18 20:22, Lisandro Damián Nicanor Pérez Meyer wrote: > > In order to know what we are facing: > > > > - #893535 deepin-qt5dxcb-plugin: FTBFS with Qt 5.10.1 in experimental > > - #876934 openorienteering-mapper FTBFS: test failures ← not really > > our bug, compiles with qt 5.10.1 but tests keep failing > > - #893540 telegram-desktop maybe a bug in my chroot? I've rebuilt the rdeps successfully. The above bugs seems to have been solved, so from our side we are ready to go. I understand that the akonadi transition is currently going on, so we will need to wait for it to complete. Cheers, Lisandro. -- Gabardinas "Windows 95". Se cuelgan solas. Lisandro Damián Nicanor Pérez Meyer http://perezmeyer.com.ar/ http://perezmeyer.blogspot.com/ signature.asc Description: This is a digitally signed message part.
Bug#888531: marked as done (transition: ruby2.5)
Your message dated Tue, 3 Apr 2018 20:23:16 +0200 with message-id and subject line Re: Bug#888531: transition: ruby2.5 - binNMU round #5, and next steps has caused the Debian Bug report #888531, regarding transition: ruby2.5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 888531: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888531 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hi, I would like to start the transition to ruby2.5 in unstable. General information about Ruby transitions can be found in: https://wiki.debian.org/Teams/Ruby/InterpreterTransitions ruby2.5 has been in testing for a while. Building against ruby2.5 has been enabled in experimental, and we already did a test rebuild against it, with pretty good results: https://hackmd.io/EYBghgHA7AjFDMBaCZgE5EBYYCYAmiaEAxhjgKzFQCmAZtGHtTkA So I would like to enable building against ruby2.5 in unstable, and to effectively start the transition. Soon after we have a transition page, I will have a first round of binNMUs to request. Ben file: title = "ruby2.5"; is_affected: .depends ~ /ruby2.3 | .depends ~ /ruby2.5/ is_good: .depends ~ /ruby2.5/ is_bad: .depends ~ /ruby2.3/ & !.depends ~ /ruby2.5/ -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled signature.asc Description: PGP signature --- End Message --- --- Begin Message --- On 10/03/18 16:37, Emilio Pozuelo Monfort wrote: > On 09/03/18 15:53, Antonio Terceiro wrote: >> Hi, >> >> Please binNMU: >> >> obexftp >> ruby-bcrypt-pbkdf >> >> Now we need to discuss what to do wrt the few pending packages. >> >> weechat: #892072 [S|+| ] [src:weechat] weechat: build against ruby2.5 > > That's got a patch, and should be fixed. > >> uwsgi: #892074 [S | ] [src:uwsgi] uwsgi: FTBFS with ruby2.5 as default > > I gave a clue about this one on the bug. Easy to fix. > >> graphviz: is missing on armel, because guile-2.2-dev is missing on armel. I >> asked on #debian-buildd and Julien told me that guile-2.2-dev brings the >> buildds down. > > Yeah, this is a problem. > >> ruby-prof: I just uploaded an update that will make it build fine on s390x. > > Good. > >> ruby-pgplot: it's in contrib and has a dependency on a non-free package, >> so it can't be built on buildds. I could do binary uploads myself now, >> or ask someone who cares about it to do that, but then when it's time to >> drop ruby2.3 I would need to do that again, and I would prefer to do it >> just once. I just reported a serious bugs about this. > > Already fixed (thanks Andreas!) > >> My suggestion would be to remove weechat, uwsgi and ruby-pgplot from >> testing, remove graphviz from testing on armel, and unblock the >> transition. But, of course, this is your call. > > No, we should fix weechat and uwsgi. The only real problem is with guile-2.2 > on > armel. I'll see what can be done there. This is pretty much done (except for weechat testing migration). Let's fix any possible remaining issues in the ruby2.3-rm transition. Emilio--- End Message ---
Bug#894735: RM: simutrans/unstable [armhf] -- ROM; FTBFS
Package: ftp.debian.org Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, simutrans on armhf dont't build since more then 90 days. Please remove them from unstable. Many thanks CU Jörg -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAlrDuEQACgkQCfifPIyh 0l0tbA/+JJvg/j+byS69EpBzYidaf4i3BmjV409YCcDfk3sHa3luo37yZqh1WqB/ vYvL/Ae1vCvxxcA6t+3qXIdNrrMGUrJYvhv7v4+lMWkmHQ+o6Nns6bR0SAQqOPKw KeSEo2u39XkRTfmt5+qTQd0CHNIrOIARL2kJlz0PW/dnnWCTuuDaqz3c4Vkjtyuf DB/2L3/+jp9fqdX4RpQneCDaJCZX7FsNt6deMk9QslUFh481PSzN98EHj+1QhkUy yniMFc7ih0Hpu0yQmo23A1nO1hLlg9FLu5cjDw53PJaG11PpDqCNsX4hzrOewJgO WOTF9zyXWWvOtQuNsR+Z6d8DLagf9up8yt4wJmJtXvvye6y7FWfZLP53CQq+L5tv ZfV9ZRrYGeoYNdMnGxCg+TFhfLI6PBZhlmdRZnJvasqGs0f5iVIZ3pNMg4TgqtjJ BXwaLekuS8nj7LT0Iw/b6DpXOMUn8gArmAJ8R76QUWNqUxfoXc7MvUMyaRC8DlIa 7lnSMcgekEU4elC0TfcN2jUzLmIo03gPLUQhi2f9zJsE10fP9qHA88b1n52iDdSF wok7BrcmdeUhVje4DSXxDUXMLdwhv9AXGFxhH0p4k/hPek5QTmXcluZFVeHZoKWF 2v7zY0V/4DjwEY2krbkrxNbK7TqizGuAoG5FKHCdgYj3mYXM0tg= =r21I -END PGP SIGNATURE-
Bug#893644: stretch-pu: package leap-archive-keyring/2016.03.08
"Adam D. Barratt" writes: > Control: tags -1 + moreinfo > > On Wed, 2018-03-21 at 14:07 +0100, micah wrote: >> "Adam D. Barratt" writes: >> >> > Control: tags -1 + moreinfo >> > >> > On Tue, 2018-03-20 at 16:32 -0400, micah wrote: >> > > The leap-archive-keyring is a simple archive keyring package that >> > > contains the >> > > signing key for trusting the archive of the LEAP encryption >> > > access >> > > project. Unfortunately, the expiration date chosen for the key >> > > that >> > > is included >> > > in the package in Stretch was too low, and it has expired. >> > > >> > > The newer package that is available in testing, unstable, and >> > > backports provides >> > > a key with a sufficient length to cover the stable release cycle. >> > > >> > > I would like to propose that this package be included in the next >> > > stable release point update. >> > >> > We'd need to see a debdiff of the proposed upload, built on and >> > tested >> > against stretch, please. >> >> Sorry, I thought I had attached the debdiff, here it is: > > Ah, sorry, I meant of the source packages, not the binaries. Of course, I should have assumed that. I've attached the source debdiff to this email. > (Also, as per above - "of the proposed upload, built on and tested > against stretch". The provided debdiff is against the version that was > uploaded to unstable. Fixed. > An upload to stretch at least needs a new changelog stanza with a > different version number - most likely 2016.03.08+deb9u1, but possibly > 2017.11.24~deb9u1 if you wish to argue that all of the changes since > the current version in stretch are appropriate for a stable update.) I went with 2017.11.24~deb9u1 because indeed, the changes since the current version in stretch are appropriate for a stable update, namely: 1. Providing keys in a second location, to aid in the transition from jessie->stretch methods for how sources.list [signed-by=] method changed to allow for both paths and fingerprints 2. fix priority to be in-line with debian policy 3. add a dependency on gnupg 4. update the expirations on the keys themselves I'm only unsure if changing the Priority section is allowed in a stable point update? Thanks! Micah leap-archive-keyring-src.debdiff Description: Binary data signature.asc Description: PGP signature
Bug#894721: nmu: octave - record changed jvm path
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu octave needs a rebuild to record the changed jvm path with OpenJDK 9.
Bug#894713: stretch-pu: Pre-approval of package apache2/2.4.25-3+deb9u5
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi, I would like to do an upgrade of apache2 in stretch that upgrades the complete mod_http2 and mod_proxy_http2 modules from the versions from 2.4.25 to the versions from 2.4.33. The reason is that the fix for CVE-2018-1302 [1] is difficult to backport because it concerns a complex life-time issue of data structures, the relevant code has changed greatly between 2.4.25 and 2.4.33, and I am not familiar with the internals of mod_http2. There are other random segfaults [2] and other bugs [3] in stretch's mod_http2 that are reportedly fixed by newer mod_http2. Therefore, upgrading the whole thing seems like the best solution to me. Do you agree with this approach? The diff is not reviewable (58 files changed, 5533 insertions, 4182 deletions), but it only touches the http2 modules. I may also include a few other small bug fixes. I will prepare the updated package and send the detailed information after the pending DSA for some other issues has been released (2.4.25-3+deb9u4). Cheers, Stefan [1] http://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1302 [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873945 [3] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850947
Processed (with 2 errors): Re: Bug#894123: RM: nvidia-graphics-modules/oldstable -- RoQA; license problem; incompatible with current kernel ABI
Processing control commands: > reassign -1 release.debian.org Bug #894123 [ftp.debian.org] RM: nvidia-graphics-modules/oldstable -- RoQA; license problem; incompatible with current kernel ABI Bug reassigned from package 'ftp.debian.org' to 'release.debian.org'. Ignoring request to alter found versions of bug #894123 to the same values previously set Ignoring request to alter fixed versions of bug #894123 to the same values previously set > user release.debian@packages.debian.org Unknown command or malformed arguments to command. > usertag -1 + rm Unknown command or malformed arguments to command. > tag -1 + jessie Bug #894123 [release.debian.org] RM: nvidia-graphics-modules/oldstable -- RoQA; license problem; incompatible with current kernel ABI Added tag(s) jessie. -- 894123: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894123 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Re: Bug#894123: RM: nvidia-graphics-modules/oldstable -- RoQA; license problem; incompatible with current kernel ABI
Control: reassign -1 release.debian.org Control: user release.debian@packages.debian.org Control: usertag -1 + rm Control: tag -1 + jessie Removals from (old)*stable are handled by the release team; reassigning this bug to them. On Mon, 2018-03-26 at 16:51 +0100, Ben Hutchings wrote: > See #815060 for the license issue. > > The Linux kernel ABI in jessie was changed in January as a result of > the mitigation of the Meltdown security issue. This package would > need to be updated to build new compatible modules, but that should > not be done due to the license issue. > > For the same reasons, this package should also be removed from wheezy > - though I don't think that's practical no since there won't be any > further point releases.
Bug#893043: stretch-pu: package nss-pam-ldapd/0.9.7-2+deb9u1
Hi, On Sat, Mar 31, 2018 at 10:29:07PM +0100, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Thu, 2018-03-15 at 21:49 +0100, Salvatore Bonaccorso wrote: > > src:nss-pam-ldapd is affected in stable (and alrady fixed > > correspondigly in unstable and testing) by #890508, which under > > certian circumstances (like the ones outlined in the bug, pam stack > > configured with pam_ldap, UseDNS=yes in sshd_config, and a remote > > hostname which is longer than 64 bytes), can lead to authentication > > failure. That is just one way to trigger the issue. It would be as > > well by any rhost value which matches the problem. > > > > Please go ahead. Thank you, uploaded. Regards, Salvatore
Bug#894681: nmu: proftpd-abi-1.3.6
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Another ProFTPD ABI change: nmu proftpd-mod-autohost_0.4-1 . ANY . unstable . -m "Rebuild with proftpd-abi-1.3.6" nmu proftpd-mod-case_0.7-1 . ANY . unstable . -m "Rebuild with proftpd-abi-1.3.6" nmu proftpd-mod-clamav_0.14~rc2-1 . ANY . unstable . -m "Rebuild with proftpd-abi-1.3.6" nmu proftpd-mod-dnsbl_0.1.5-4 . ANY . unstable . -m "Rebuild with proftpd-abi-1.3.6" nmu proftpd-mod-tar_0.3.3-1 . ANY . unstable . -m "Rebuild with proftpd-abi-1.3.6"
