Bug#1033612: unblock: cinnamon-settings-daemon/5.6.2-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: cinnamon-settings-dae...@packages.debian.org, fantonifa...@tiscali.it Control: affects -1 + src:cinnamon-settings-daemon Please unblock package cinnamon-settings-daemon 5.6.2-1 include a new bugfix release with 2 fixes: - xsettings: Round the Xft.dpi setting to an integer - power: Fix free order I also added replace of libfontconfig1-dev build-dep. with libfontconfig-dev, libfontconfig1-dev is a transition metapackage from bullseye so should don't be a risk FWIK. No regression found or reported, I think is good to have in bookworm. [ Risks ] I consider the risk of regression very small [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] unblock cinnamon-settings-daemon/5.6.2-1 diff --git a/debian/changelog b/debian/changelog index 170bcc6..f843ec7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +cinnamon-settings-daemon (5.6.2-1) unstable; urgency=medium + + * New upstream bugfix version 5.6.2 + * Replace libfontconfig1-dev build-dep. with libfontconfig-dev + + -- Fabio Fantoni Sun, 19 Mar 2023 22:29:11 +0100 + cinnamon-settings-daemon (5.6.1-1) unstable; urgency=medium [ Debian Janitor ] diff --git a/debian/control b/debian/control index a8ec4c0..1ca4a36 100644 --- a/debian/control +++ b/debian/control @@ -18,7 +18,7 @@ Build-Depends: libcinnamon-desktop-dev (>= 5.6.1~), libcolord-dev, libcups2-dev, - libfontconfig1-dev, + libfontconfig-dev, libglib2.0-dev, libgnomekbd-dev, libgtk-3-dev, diff --git a/meson.build b/meson.build index ab48440..108d7e5 100644 --- a/meson.build +++ b/meson.build @@ -1,4 +1,4 @@ -project('cinnamon-settings-daemon', 'c', version: '5.6.1', meson_version: '>= 0.47') +project('cinnamon-settings-daemon', 'c', version: '5.6.2', meson_version: '>= 0.47') gnome = import('gnome') i18n = import('i18n') diff --git a/plugins/power/gpm-idletime.c b/plugins/power/gpm-idletime.c index 1a41a14..aaadb89 100644 --- a/plugins/power/gpm-idletime.c +++ b/plugins/power/gpm-idletime.c @@ -349,8 +349,8 @@ gpm_idletime_alarm_free (GpmIdletime *idletime, alarm_item->xalarm); } g_object_unref (alarm_item->idletime); -g_free (alarm_item); g_ptr_array_remove (idletime->priv->array, alarm_item); +g_free (alarm_item); return TRUE; } diff --git a/plugins/xsettings/csd-xsettings-manager.c b/plugins/xsettings/csd-xsettings-manager.c index 30bbbed..07ab142 100644 --- a/plugins/xsettings/csd-xsettings-manager.c +++ b/plugins/xsettings/csd-xsettings-manager.c @@ -761,8 +761,8 @@ xft_settings_set_xresources (CinnamonSettingsXftSettings *settings) g_debug("xft_settings_set_xresources: orig res '%s'", add_string->str); -update_property (add_string, "Xft.dpi", -g_ascii_dtostr (dpibuf, sizeof (dpibuf), (double) settings->scaled_dpi / 1024.0)); +g_snprintf (dpibuf, sizeof (dpibuf), "%d", (int) (settings->scaled_dpi / 1024.0 + 0.5)); +update_property (add_string, "Xft.dpi", dpibuf); update_property (add_string, "Xft.antialias", settings->antialias ? "1" : "0"); update_property (add_string, "Xft.hinting",
Bug#1033614: unblock: zfs-linux/2.1.9-3
Package: release.debian.org Severity: normal User:release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc:pkg-zfsonlinux-de...@alioth-lists.debian.net Please unblock the package zfs-linux/2.1.9-3. [ Reason ] zfs-linux has autopkgtest but it never passed on armel (because the kernel header detection logic), even though this is marked as "Not a regression" auto-migration is blocked. See https://ci.debian.net/packages/z/zfs-linux/testing/armel/ Changes included are targeted small fixes based on upstream 2.1.10-staging branch, which is intended for releasing the next stable minor release. Most importantly, there is a change fixing https://github.com/openzfs/zfs/issues/14599 which we have in the previous 2.1.9-2 that would affect some users from booting the system. [ Impact ] The user won't notice any difference except some bugs have been fixed. [ Tests ] Manually installed the binaries and verified that things work as expected. [ Risks ] Changes are minimal. I can't think of any negative side effects. Because some of the new patches are added to series file in the middle, it results in quite some noise in the debdiff (some old patches are shown as removed). To help reviewing the patches, the commit itself can be found on salsa: https://salsa.debian.org/zfsonlinux-team/zfs/-/commit/a02ecc74c240e64ead560091ae68f2252b072adf New patches are: * 0002-System-wide-speculative-prefetch-limit.patch include/sys/arc_impl.h | 1 + module/zfs/dmu_zfetch.c | 29 - 2 files changed, 25 insertions(+), 5 deletions(-) * 0003-Add-missing-increment-to-dsl_deadlist_move_bpobj.patch module/zfs/dsl_deadlist.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) * 0008-initramfs-fix-zpool-get-argument-order.patch contrib/initramfs/scripts/zfs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) * 0011-Fix-for-mountpoint-legacy.patch contrib/initramfs/scripts/zfs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) * 0012-QAT-Fix-uninitialized-seed-in-QAT-compression.patch module/os/linux/zfs/qat_compress.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock zfs-linux/2.1.9-3 zfs-linux_2.1.9-3.debdiff Description: Binary data
Bug#1033612: marked as done (unblock: cinnamon-settings-daemon/5.6.2-1)
Your message dated Tue, 28 Mar 2023 18:15:41 + with message-id and subject line unblock cinnamon-settings-daemon has caused the Debian Bug report #1033612, regarding unblock: cinnamon-settings-daemon/5.6.2-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033612: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033612 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: cinnamon-settings-dae...@packages.debian.org, fantonifa...@tiscali.it Control: affects -1 + src:cinnamon-settings-daemon Please unblock package cinnamon-settings-daemon 5.6.2-1 include a new bugfix release with 2 fixes: - xsettings: Round the Xft.dpi setting to an integer - power: Fix free order I also added replace of libfontconfig1-dev build-dep. with libfontconfig-dev, libfontconfig1-dev is a transition metapackage from bullseye so should don't be a risk FWIK. No regression found or reported, I think is good to have in bookworm. [ Risks ] I consider the risk of regression very small [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] unblock cinnamon-settings-daemon/5.6.2-1 diff --git a/debian/changelog b/debian/changelog index 170bcc6..f843ec7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +cinnamon-settings-daemon (5.6.2-1) unstable; urgency=medium + + * New upstream bugfix version 5.6.2 + * Replace libfontconfig1-dev build-dep. with libfontconfig-dev + + -- Fabio Fantoni Sun, 19 Mar 2023 22:29:11 +0100 + cinnamon-settings-daemon (5.6.1-1) unstable; urgency=medium [ Debian Janitor ] diff --git a/debian/control b/debian/control index a8ec4c0..1ca4a36 100644 --- a/debian/control +++ b/debian/control @@ -18,7 +18,7 @@ Build-Depends: libcinnamon-desktop-dev (>= 5.6.1~), libcolord-dev, libcups2-dev, - libfontconfig1-dev, + libfontconfig-dev, libglib2.0-dev, libgnomekbd-dev, libgtk-3-dev, diff --git a/meson.build b/meson.build index ab48440..108d7e5 100644 --- a/meson.build +++ b/meson.build @@ -1,4 +1,4 @@ -project('cinnamon-settings-daemon', 'c', version: '5.6.1', meson_version: '>= 0.47') +project('cinnamon-settings-daemon', 'c', version: '5.6.2', meson_version: '>= 0.47') gnome = import('gnome') i18n = import('i18n') diff --git a/plugins/power/gpm-idletime.c b/plugins/power/gpm-idletime.c index 1a41a14..aaadb89 100644 --- a/plugins/power/gpm-idletime.c +++ b/plugins/power/gpm-idletime.c @@ -349,8 +349,8 @@ gpm_idletime_alarm_free (GpmIdletime *idletime, alarm_item->xalarm); } g_object_unref (alarm_item->idletime); -g_free (alarm_item); g_ptr_array_remove (idletime->priv->array, alarm_item); +g_free (alarm_item); return TRUE; } diff --git a/plugins/xsettings/csd-xsettings-manager.c b/plugins/xsettings/csd-xsettings-manager.c index 30bbbed..07ab142 100644 --- a/plugins/xsettings/csd-xsettings-manager.c +++ b/plugins/xsettings/csd-xsettings-manager.c @@ -761,8 +761,8 @@ xft_settings_set_xresources (CinnamonSettingsXftSettings *settings) g_debug("xft_settings_set_xresources: orig res '%s'", add_string->str); -update_property (add_string, "Xft.dpi", -g_ascii_dtostr (dpibuf, sizeof (dpibuf), (double) settings->scaled_dpi / 1024.0)); +g_snprintf (dpibuf, sizeof (dpibuf), "%d", (int) (settings->scaled_dpi / 1024.0 + 0.5)); +update_property (add_string, "Xft.dpi", dpibuf); update_property (add_string, "Xft.antialias", settings->antialias ? "1" : "0"); update_property (add_string, "Xft.hinting", --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#1033006: marked as done (unblock: openvpn/2.6.1-1 (preapproval))
Your message dated Tue, 28 Mar 2023 18:18:46 + with message-id and subject line unblock openvpn has caused the Debian Bug report #1033006, regarding unblock: openvpn/2.6.1-1 (preapproval) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033006: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033006 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please give permission to upload OpenVPN 2.6.1-1 to unstable and let it migrate to testing (currently in experimental as 2.6.1-1~exp1 [ Reason ] Upstream has released the first minor release in the 2.6.x series. It is primarily a bugfix release but has one new security feature. https://github.com/OpenVPN/openvpn/blob/v2.6.1/Changes.rst | Dynamic TLS Crypt When both peers are OpenVPN 2.6.1+, OpenVPN will dynamically | create a tls-crypt key that is used for renegotiation. This ensure that only | the previously authenticated peer can do trigger renegotiation and complete | renegotiations. I am afraid that this might be CVE material down the road and would be more invasive to backport during a stable release than adding it now. There is another release slated for next week that will overhaul the kernel interface to the optional DCO (data channel offload) kernel module. I have asked upstream to make 2.6.2 as small as possible compared to 2.6.1, so we can review 2.6.2 and the new DCO module in time. There have been no changes in the debian/ packaging [ Impact ] Missing out on this release would make us miss all the small bugfixes and make reviewing the DCO change a lot harder. [ Tests ] Upstream has a very thorough patch review process and CI pipeline 2.6.1-1~exp1 (but compiled on bullseye) has been running on my employers eduVPN server serving thousands of university students. [ Risks ] The code change is not trivial but managable https://github.com/OpenVPN/openvpn/compare/v2.6.0...v2.6.1 about half of the changes affect only Windows or FreeBSD I'm not smart enough to understand anything about the one new feature, but it has been extensively documented and tested by upstream https://github.com/OpenVPN/openvpn/commit/202a934fc32673ef865b5cbcb23ad6057ceb2e0b [ Checklist ] [x] all changes are documented in the d/changelog [ ] I reviewed all changes and I approve them [ ] attach debdiff against the package in testing I've omitted the debdiff because there have not been any changes apart from the new upstream version, which is a lot more readable as a list of commits on github than with a plain debdiff If you want me to attach a debdiff feel free to tell me. [ Other info ] The upcoming DCO change will involve a new version of src:openvpn and a new version of src:openvpn-dco-dkms. The list of changes on the kernel side is already visible on https://github.com/OpenVPN/ovpn-dco/commits/master . In the past we managed to break DCO on above mentioned really heavily loaded OpenVPN server within a few hours. The new version is a major overhaul and more in-line with code upstreamable in Linux, and did survive torture tests. I know this is kind of late, but I think it would be better to include it as well as soon as it is released because - we cannot support the old deprecated module - openvpn uses DCO (of the right version) automatically and will transparently fall-back to non-DCO mode if the module is not found (or the wrong version) - it has not been in Bullseye previously, so if we see that DCO is too unstable with the new version we can just drop it before the release unblock openvpn/2.6.1-1 --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#1033536: marked as done (unblock: inn2/2.7.1~20230306-1)
Your message dated Tue, 28 Mar 2023 18:17:44 + with message-id and subject line unblock inn2 has caused the Debian Bug report #1033536, regarding unblock: inn2/2.7.1~20230306-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1033536: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033536 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: i...@packages.debian.org Control: affects -1 + src:inn2 Please unblock package inn2 I have here a newer snapshot of the inn2 stable 2.7 branch, with various cleanups and minor bug fixes. I am aiming to ship in bookworm the final release, which is almost ready. The package has been used in production on one of my own servers for 3 weeks. I am attaching a git diff with only the documentation changes omitted. unblock inn2/2.7.1~20230306-1 -- ciao, Marco diff --git a/Makefile.global.in b/Makefile.global.in index fd86cbbe0..8a185ed39 100644 --- a/Makefile.global.in +++ b/Makefile.global.in @@ -201,8 +201,8 @@ SHELL = @SHELL@ UNCOMPRESS = @UNCOMPRESS@ YACC = @YACC@ -FIXCONFIG = $(SHELL) $(top)/support/fixconfig -FIXSCRIPT = $(SHELL) $(top)/support/fixscript +FIXCONFIG = $(top)/support/fixconfig +FIXSCRIPT = $(top)/support/fixscript PERLWHOAMI = $(PERL) -e 'print scalar getpwuid($$>), "\n"' WHOAMI = (whoami || /usr/ucb/whoami || $(PERLWHOAMI)) 2> /dev/null diff --git a/backends/Makefile b/backends/Makefile index bd50ff218..ac71bea03 100644 --- a/backends/Makefile +++ b/backends/Makefile @@ -72,7 +72,7 @@ LINKDEPS = $(LIBLDDEPS) $(LDFLAGS) -o $@ INNLIBS = $(LIBINN) $(LIBS) STORELIBS = $(BOTH) $(STORAGE_LIBS) $(LIBS) -FIX = $(FIXSCRIPT) +FIX = $(SHELL) $(FIXSCRIPT) $(FIXSCRIPT): @echo Run configure before running make. See INSTALL for details. @@ -95,15 +95,15 @@ shrinkfile: shrinkfile.o $(LIBINN) ; $(LINK) shrinkfile.o $(INNLIBS) buffchan: buffchan.o $(LIBINN) $(LINK) buffchan.o $(LIBINN) $(LIBS) -actmerge: actmerge.in $(FIX) ; $(FIX) actmerge.in -actsyncd: actsyncd.in $(FIX) ; $(FIX) actsyncd.in -mod-active: mod-active.in$(FIX) ; $(FIX) mod-active.in -news2mail: news2mail.in $(FIX) ; $(FIX) news2mail.in -nntpsend: nntpsend.in $(FIX) ; $(FIX) nntpsend.in -send-ihave: send-ihave.in$(FIX) ; $(FIX) send-ihave.in -send-uucp: send-uucp.in $(FIX) ; $(FIX) send-uucp.in -sendinpaths: sendinpaths.in $(FIX) ; $(FIX) sendinpaths.in -sendxbatches: sendxbatches.in $(FIX) ; $(FIX) sendxbatches.in +actmerge: actmerge.in $(FIXSCRIPT) ; $(FIX) actmerge.in +actsyncd: actsyncd.in $(FIXSCRIPT) ; $(FIX) actsyncd.in +mod-active: mod-active.in$(FIXSCRIPT) ; $(FIX) mod-active.in +news2mail: news2mail.in $(FIXSCRIPT) ; $(FIX) news2mail.in +nntpsend: nntpsend.in $(FIXSCRIPT) ; $(FIX) nntpsend.in +send-ihave: send-ihave.in$(FIXSCRIPT) ; $(FIX) send-ihave.in +send-uucp: send-uucp.in $(FIXSCRIPT) ; $(FIX) send-uucp.in +sendinpaths: sendinpaths.in $(FIXSCRIPT) ; $(FIX) sendinpaths.in +sendxbatches: sendxbatches.in $(FIXSCRIPT) ; $(FIX) sendxbatches.in $(LIBINN): ; (cd ../lib ; $(MAKE)) $(LIBSTORAGE): ; (cd ../storage ; $(MAKE) library) diff --git a/configure.ac b/configure.ac index 204ff4aac..943058de9 100644 --- a/configure.ac +++ b/configure.ac @@ -362,8 +364,11 @@ dnl (available since podlators 5.00). This options permits disabling dnl heuristics only intended for Perl documentation, because they prevent dnl some patterns like C<@@NCM> (in perl-nocem man page) from being converted dnl as expected. -AS_IF([`AS_ECHO(["=head1 test"]) | pod2text --guesswork=none > /dev/null`], -[POD2TEXT_OPTION="--guesswork=none"]) +AC_MSG_CHECKING([if pod2text supports --guesswork]) +AS_IF([`AS_ECHO(["=head1 test"]) | pod2text --guesswork=none > /dev/null 2>&1`], +[POD2TEXT_OPTION="--guesswork=none" + AC_MSG_RESULT([yes])], +[AC_MSG_RESULT([no])]) AC_SUBST(POD2TEXT_OPTION) dnl Checks for programs. @@ -572,6 +577,12 @@ AS_IF([test x"$inn_cv_lib_bdb_ndbm" != xyes], AC_SUBST([DBM_LIBS])]) AC_SUBST([DBM_CPPFLAGS]) +dnl If SQLite is found, check the presence of its Perl DBI driver. +AS_IF([test x"$inn_use_SQLITE3" = xtrue], +[INN_PERL_CHECK_MODULE([DBD::SQLite], [], +[inn_perl_mod_warn="$inn_perl_mod_warn DBD::SQLite" + inn_perl_mod_warn="$inn_perl_mod_warn (for ovsqlite-util)"])]) + dnl If configuring with large file support, determine the right flags to dnl use based on the platform. if test x"$inn_enable_largefiles" = xyes
Bug#1033492: unblock: php8.2/8.2.4-1 ????
Hi Paul, On Sun, Mar 26, 2023 at 01:40:10PM +0200, Paul Gevers wrote: > Hi Ondřej, > > On 26-03-2023 08:36, Ondřej Surý wrote: > > just a quick reply - PHP already has a security (and if I remember > > correctly release) team exception from the last time. So, we already had > > this talk about upstream policies. > > I *suspect* the same, but because of the shear amount of work ongoing for > the release team at the moment, I hope people can help point to the relevant > information instead of us needing to find it. > > It can obviously wait a couple of days, we're not *that* close to releasing > yet. if this helps on the decision: We would, similarly as done for bullseye already, want to follow the upstream releases until supported by upstream and then switch to cherry-pick security fixes only on top. Ondrej can give a more detailed input, so please wait for his reply. Regards, Salvatore
Re: Situation for redis for bookworm?
Hi Paul, On Sun, Mar 26, 2023 at 02:25:21PM +0200, Paul Gevers wrote: > Hi Salvatore, > > On 26-03-2023 13:57, Salvatore Bonaccorso wrote: > > redis is on the radar for that, recent uploads for unstable did fix > > some (arguably no-dsa) CVEs. Redis is though not able to migrate to > > testing. Can you have a look and if the testing regressions are fase > > positives or to be ignore fill a unblock request for the release team? > > Chris already did in bug 1030600, e.g. > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030600#30. I see redis > had another upload, which apparently doesn't trigger the autopkgtest failure > in python-fakeredis. Apologies that I did not notice. > Might be worth unblocking this version of redis if all upstream uploads can > be justified. The new version does not have any further regressions, as per https://qa.debian.org/excuses.php?package=redis . So I think that would be welcome to resolve all the CVEs still affecting bookworm. Chris, what is your take on it? Regards, Salvatore
Processed: unblock: python-scrapy/2.8.0-2
Processing control commands: > affects -1 + src:python-scrapy Bug #1033620 [release.debian.org] unblock: python-scrapy/2.8.0-2 Added indication that 1033620 affects src:python-scrapy -- 1033620: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033620 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033620: unblock: python-scrapy/2.8.0-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: python-scr...@packages.debian.org Control: affects -1 + src:python-scrapy Please unblock package python-scrapy. It fixes an RC bug (#1033425) by removing mitmproxy from B-D, as the tests that use it don't work with the mitmproxy version currently in testing/sid (the problem is known by the upstream but not fixed there). The software itself doesn't use mitmproxy so this is a test-only problem. unblock python-scrapy/2.8.0-2 diff -Nru python-scrapy-2.8.0/debian/changelog python-scrapy-2.8.0/debian/changelog --- python-scrapy-2.8.0/debian/changelog2023-02-02 13:43:11.0 +0400 +++ python-scrapy-2.8.0/debian/changelog2023-03-26 17:57:50.0 +0400 @@ -1,3 +1,10 @@ +python-scrapy (2.8.0-2) unstable; urgency=medium + + * Remove B-D: mitmproxy as tests break with the new version of it (Closes: +#1033425). + + -- Andrey Rakhmatullin Sun, 26 Mar 2023 17:57:50 +0400 + python-scrapy (2.8.0-1) unstable; urgency=medium * New upstream version. diff -Nru python-scrapy-2.8.0/debian/control python-scrapy-2.8.0/debian/control --- python-scrapy-2.8.0/debian/control 2023-02-02 13:43:11.0 +0400 +++ python-scrapy-2.8.0/debian/control 2023-03-26 17:57:50.0 +0400 @@ -11,7 +11,8 @@ python3-all, Build-Depends-Indep: libjs-jquery , - mitmproxy , +# mitmproxy > 8 breaks the tests, https://github.com/scrapy/scrapy/issues/5454 +# mitmproxy , python3-botocore , python3-itemadapter , python3-itemloaders ,
Re: Situation for redis for bookworm?
Dear all, > The new version does not have any further regressions, as per > https://qa.debian.org/excuses.php?package=redis. So I think that > would be welcome to resolve all the CVEs still affecting bookworm. > > Chris, what is your take on it? Sorry for the delay in replying; some other things ate all my bandwidth for considered thought in the last week or so. To cut a long story short: yes, I agree that the ideal solution is to unblock 5:7.0.10-1 (ie. the version currently in unstable) for bookworm and release bookworm with that. My gut feeling is that the 7.0.x branch will receive upstream-blessed patches for security fixes for a little while. This would hopefully make future DSAs relatively straightforward. (I doubt it will receive specific updates for the entirety of the bookworm release, alas, but that's out of our control). Either way, it makes sense to release with the latest version of the 7.0.x branch. Salvatore, do you wish to request an unblock here (ie. of 5:7.0.10-1 in sid to override 5:7.0.7-1 in bookworm) or shall I? (Would it have more weight if you did it?) Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `-
Inquiry about Debian Rootfs Construction
Dear, I hope this message finds you well. I am writing to inquire about the construction of Debian Rootfs. I was wondering if you could kindly provide some information on how your team constructs this system, and whether the method of construction has been open-sourced. As a member of the development community, I am always seeking out new and improved ways to construct high-quality and reliable systems that align with my project's goals. I believe that the Debian Rootfs has many valuable features that could be beneficial to my project's success. If the construction method of Debian Rootfs has been open-sourced, I would appreciate it if you could provide me with the link, so I can take a closer look. Additionally, I would like to confirm if your team allows others to use the method of construction freely, without any license restrictions or other constraints. Thank you very much for your time, and I look forward to your response. Best regards, Chunxin