Bug#1036152: unblock: groovy/2.4.21-8
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: gro...@packages.debian.org Control: affects -1 + src:groovy Dear Release Team, Please consider an unblock for package groovy. [ Reason ] Andreas Beckmann discovered a missing dependency on libjsp-api-java, reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035850. libjsp-api-java was a transitive dependency of libservlet3.1-java, but not of libservlet-api-java, so this missing dependency was introduced earlier in the bookworm cycle in 2.4.21-3 [1]. [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020429 [ Impact ] The missing dependency impacts groovy-servlet [2], which probably isn't widely used (although I have not no data to substantiate that claim). The libservlet3.1-java transitional package is still present in bookworm, so a user would have to remove libjsp-api-java during an upgrade to cause the breakage, but with fewer reverse-dependencies present in the release, it's conceivable that it could happen. A new install that used groovy-servlet would also be broken. [2] https://groovy-lang.org/servlet.html [ Tests ] The updated package passes piuparts. [ Risks ] There are no code changes. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] The debdiff includes differences in the groovy-doc package that are due to changes in the javadoc toolchain since upload of 2.4.21-7. I rebuilt 2.4.21-7 against bookworm to verify that the same debdiff is present due to the rebuild, not due to the added dependency on libjsp-api-java. That debdiff is also attached for reference. Thank you for your consideration. If it's too late for the freeze, this can be addressed in bookworm-pu. Thank you, tony unblock groovy/2.4.21-8 diff -Nru groovy-2.4.21/debian/changelog groovy-2.4.21/debian/changelog --- groovy-2.4.21/debian/changelog 2022-10-16 21:02:21.0 -0700 +++ groovy-2.4.21/debian/changelog 2023-05-14 20:41:50.0 -0700 @@ -1,3 +1,10 @@ +groovy (2.4.21-8) unstable; urgency=medium + + * Team upload. + * Add dependency on libjsp-api-java (Closes: #1035850) + + -- tony mancill Sun, 14 May 2023 20:41:50 -0700 + groovy (2.4.21-7) unstable; urgency=medium * Team upload. diff -Nru groovy-2.4.21/debian/control groovy-2.4.21/debian/control --- groovy-2.4.21/debian/control2022-10-16 21:02:21.0 -0700 +++ groovy-2.4.21/debian/control2023-05-14 20:41:50.0 -0700 @@ -51,6 +51,7 @@ libcommons-logging-java, libjansi-java, libjline2-java, + libjsp-api-java, libqdox-java, libservlet-api-java, libxstream-java, [The following lists of changes regard files as different if they have different names, permissions or owners.] Files in second .changes but not in first - -rw-r--r-- root/root /usr/share/doc/groovy/api/legal/ASSEMBLY_EXCEPTION -rw-r--r-- root/root /usr/share/doc/groovy/api/legal/jquery.md -rw-r--r-- root/root /usr/share/doc/groovy/api/legal/jqueryUI.md -rw-r--r-- root/root /usr/share/doc/groovy/api/module-search-index.js -rw-r--r-- root/root /usr/share/doc/groovy/api/script-dir/jquery-3.6.0.min.js -rw-r--r-- root/root /usr/share/doc/groovy/api/script-dir/jquery-ui.min.css -rw-r--r-- root/root /usr/share/doc/groovy/api/script-dir/jquery-ui.min.js -rw-r--r-- root/root /usr/share/doc/groovy/api/tag-search-index.js Files in first .changes but not in second - -rw-r--r-- root/root /usr/share/doc/groovy/api/allclasses.html -rw-r--r-- root/root /usr/share/doc/groovy/api/jquery/external/jquery/jquery.js -rw-r--r-- root/root /usr/share/doc/groovy/api/jquery/jquery-3.6.0.min.js -rw-r--r-- root/root /usr/share/doc/groovy/api/jquery/jquery-ui.min.css -rw-r--r-- root/root /usr/share/doc/groovy/api/jquery/jquery-ui.min.js -rw-r--r-- root/root /usr/share/doc/groovy/api/jquery/jszip-utils/dist/jszip-utils-ie.js -rw-r--r-- root/root /usr/share/doc/groovy/api/jquery/jszip-utils/dist/jszip-utils-ie.min.js -rw-r--r-- root/root /usr/share/doc/groovy/api/jquery/jszip-utils/dist/jszip-utils.js -rw-r--r-- root/root /usr/share/doc/groovy/api/jquery/jszip-utils/dist/jszip-utils.min.js -rw-r--r-- root/root /usr/share/doc/groovy/api/jquery/jszip/dist/jszip.js -rw-r--r-- root/root /usr/share/doc/groovy/api/jquery/jszip/dist/jszip.min.js -rw-r--r-- root/root /usr/share/doc/groovy/api/member-search-index.zip -rw-r--r-- root/root /usr/share/doc/groovy/api/package-search-index.zip -rw-r--r-- root/root /usr/share/doc/groovy/api/type-search-index.zip Control files of package groovy: lines which differ (wdiff format) -- Depends: antlr, default-jre-headless (>= 2:1.7) | java7-runtime-headless, ivy,
Processed: tagging 1036123
Processing commands for cont...@bugs.debian.org: > tags 1036123 - moreinfo Bug #1036123 [release.debian.org] [pre-approval] unblock: libcap2/1:2.66-4 Removed tag(s) moreinfo. > thanks Stopping processing here. Please contact me if you need assistance. -- 1036123: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036123 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: unblock: groovy/2.4.21-8
Processing control commands: > affects -1 + src:groovy Bug #1036152 [release.debian.org] unblock: groovy/2.4.21-8 Added indication that 1036152 affects src:groovy -- 1036152: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036152 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
NEW changes in stable-new
Processing changes file: systemd_247.3-7+deb11u3_mips64el-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: systemd_247.3-7+deb11u3_mipsel-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: systemd_247.3-7+deb11u3_arm64-buildd.changes ACCEPT Processing changes file: systemd_247.3-7+deb11u3_armel-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: sgt-puzzles_20191231.79a5378-3+deb11u1_amd64-buildd.changes ACCEPT Processing changes file: sgt-puzzles_20191231.79a5378-3+deb11u1_arm64-buildd.changes ACCEPT Processing changes file: sgt-puzzles_20191231.79a5378-3+deb11u1_armel-buildd.changes ACCEPT Processing changes file: sgt-puzzles_20191231.79a5378-3+deb11u1_armhf-buildd.changes ACCEPT Processing changes file: sgt-puzzles_20191231.79a5378-3+deb11u1_i386-buildd.changes ACCEPT Processing changes file: sgt-puzzles_20191231.79a5378-3+deb11u1_mips64el-buildd.changes ACCEPT Processing changes file: sgt-puzzles_20191231.79a5378-3+deb11u1_mipsel-buildd.changes ACCEPT Processing changes file: sgt-puzzles_20191231.79a5378-3+deb11u1_ppc64el-buildd.changes ACCEPT Processing changes file: systemd_247.3-7+deb11u3_amd64-buildd.changes ACCEPT Processing changes file: systemd_247.3-7+deb11u3_armhf-buildd.changes ACCEPT Processing changes file: systemd_247.3-7+deb11u3_ppc64el-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: sgt-puzzles_20191231.79a5378-3+deb11u1_s390x-buildd.changes ACCEPT Processing changes file: systemd_247.3-7+deb11u3_i386-buildd.changes ACCEPT Processing changes file: systemd_247.3-7+deb11u3_s390x-buildd.changes ACCEPT
Bug#1036146: RM: wfmath/bullseye -- ROM; unstable upstream, unsuitable for Debian
Package: release.debian.org User: release.debian@packages.debian.org Usertags: rm Severity: normal As explained by upstream [1], the entire WorldForge project is constantly changing and does not anticipate a stable software release in the foreseeable future. The end-user binaries, the server cyphesis-cpp and the client ember, were never part of bullseye due to this instability and the age of the previous stable release. As the Debian maintainer for all of the WorldForge packages, I feel it is best to also remove the supporting libraries which are not used in any other projects. Keeping them in bullseye has no value and adds a possible cyber attack vector. Therefore, I am filing bugs to remove all remaining libraries and components that support WorldForge. Please let me know if you have any questions. Thanks! -Olek [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950926#49 OpenPGP_signature Description: OpenPGP digital signature
Bug#1036145: RM: varconf/bullseye -- ROM; unstable upstream, unsuitable for Debian
Package: release.debian.org User: release.debian@packages.debian.org Usertags: rm Severity: normal As explained by upstream [1], the entire WorldForge project is constantly changing and does not anticipate a stable software release in the foreseeable future. The end-user binaries, the server cyphesis-cpp and the client ember, were never part of bullseye due to this instability and the age of the previous stable release. As the Debian maintainer for all of the WorldForge packages, I feel it is best to also remove the supporting libraries which are not used in any other projects. Keeping them in bullseye has no value and adds a possible cyber attack vector. Therefore, I am filing bugs to remove all remaining libraries and components that support WorldForge. Please let me know if you have any questions. Thanks! -Olek [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950926#49 OpenPGP_signature Description: OpenPGP digital signature
Bug#1036143: RM: mercator/bullseye -- ROM; unstable upstream, unsuitable for Debian
Package: release.debian.org User: release.debian@packages.debian.org Usertags: rm Severity: normal As explained by upstream [1], the entire WorldForge project is constantly changing and does not anticipate a stable software release in the foreseeable future. The end-user binaries, the server cyphesis-cpp and the client ember, were never part of bullseye due to this instability and the age of the previous stable release. As the Debian maintainer for all of the WorldForge packages, I feel it is best to also remove the supporting libraries which are not used in any other projects. Keeping them in bullseye has no value and adds a possible cyber attack vector. Therefore, I am filing bugs to remove all remaining libraries and components that support WorldForge. Please let me know if you have any questions. Thanks! -Olek [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950926#49 OpenPGP_signature Description: OpenPGP digital signature
Bug#1036144: RM: skstream/bullseye -- ROM; unstable upstream, unsuitable for Debian
Package: release.debian.org User: release.debian@packages.debian.org Usertags: rm Severity: normal As explained by upstream [1], the entire WorldForge project is constantly changing and does not anticipate a stable software release in the foreseeable future. The end-user binaries, the server cyphesis-cpp and the client ember, were never part of bullseye due to this instability and the age of the previous stable release. As the Debian maintainer for all of the WorldForge packages, I feel it is best to also remove the supporting libraries which are not used in any other projects. Keeping them in bullseye has no value and adds a possible cyber attack vector. Therefore, I am filing bugs to remove all remaining libraries and components that support WorldForge. Please let me know if you have any questions. Thanks! -Olek [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950926#49 OpenPGP_signature Description: OpenPGP digital signature
Bug#1036142: RM: libwfut/bullseye -- ROM; unstable upstream, unsuitable for Debian
Package: release.debian.org User: release.debian@packages.debian.org Usertags: rm Severity: normal As explained by upstream [1], the entire WorldForge project is constantly changing and does not anticipate a stable software release in the foreseeable future. The end-user binaries, the server cyphesis-cpp and the client ember, were never part of bullseye due to this instability and the age of the previous stable release. As the Debian maintainer for all of the WorldForge packages, I feel it is best to also remove the supporting libraries which are not used in any other projects. Keeping them in bullseye has no value and adds a possible cyber attack vector. Therefore, I am filing bugs to remove all remaining libraries and components that support WorldForge. Please let me know if you have any questions. Thanks! -Olek [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950926#49 OpenPGP_signature Description: OpenPGP digital signature
Bug#1036141: RM: eris/bullseye -- ROM; unstable upstream, unsuitable for Debian
Package: release.debian.org User: release.debian@packages.debian.org Usertags: rm Severity: normal As explained by upstream [1], the entire WorldForge project is constantly changing and does not anticipate a stable software release in the foreseeable future. The end-user binaries, the server cyphesis-cpp and the client ember, were never part of bullseye due to this instability and the age of the previous stable release. As the Debian maintainer for all of the WorldForge packages, I feel it is best to also remove the supporting libraries which are not used in any other projects. Keeping them in bullseye has no value and adds a possible cyber attack vector. Therefore, I am filing bugs to remove all remaining libraries and components that support WorldForge. Please let me know if you have any questions. Thanks! -Olek [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950926#49 OpenPGP_signature Description: OpenPGP digital signature
Bug#1036140: RM: ember-media/bullseye -- ROM; unstable upstream, unsuitable for Debian
Package: release.debian.org User: release.debian@packages.debian.org Usertags: rm Severity: normal As explained by upstream [1], the entire WorldForge project is constantly changing and does not anticipate a stable software release in the foreseeable future. The end-user binaries, the server cyphesis-cpp and the client ember, were never part of bullseye due to this instability and the age of the previous stable release. As the Debian maintainer for all of the WorldForge packages, I feel it is best to also remove the supporting libraries which are not used in any other projects. Keeping them in bullseye has no value and adds a possible cyber attack vector. Therefore, I am filing bugs to remove all remaining libraries and components that support WorldForge. Please let me know if you have any questions. Thanks! -Olek [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950926#49 OpenPGP_signature Description: OpenPGP digital signature
Bug#1036139: RM: atlas-cpp/bullseye -- ROM; unstable upstream, unsuitable for Debian
Package: release.debian.org User: release.debian@packages.debian.org Usertags: rm Severity: normal As explained by upstream [1], the entire WorldForge project is constantly changing and does not anticipate a stable software release in the foreseeable future. The end-user binaries, the server cyphesis-cpp and the client ember, were never part of bullseye due to this instability and the age of the previous stable release. As the Debian maintainer for all of the WorldForge packages, I feel it is best to also remove the supporting libraries which are not used in any other projects. Keeping them in bullseye has no value and adds a possible cyber attack vector. Therefore, I am filing bugs to remove all remaining libraries and components that support WorldForge. Please let me know if you have any questions. Thanks! -Olek [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950926#49 OpenPGP_signature Description: OpenPGP digital signature
Bug#1036135: unblock: dkimpy/1.1.4-1
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package dkimpy
[ Reason ]
This is a very targetted bug fix release which will reduce cases where
tracebacks ocurr due to a programming error as well as addressing a
minor exception classification error. This will both improve things for
bookworm users at (and slightly before) release and save the overhead of
a stable update.
[ Impact ]
Tracebacks when there are DNS errors which may negative affect mail
delivery for mail servers which use dkimpy as part of their MTA.
[ Tests ]
The package has an extensive automated test suite, which is run by the
package's autopkgtest, but it does not test DNS resolver integration
(because it overrides the DNS related code to avoid needing internet
acces to run tests). I did, however, manually test these changes with a
temporarily customized version of the test suite that used real DNS.
Some of the changes were also tested by the (non-Debian) original bug
reporter.
[ Risks ]
Risks are nil. This is well tested and in the event I screwed it up
somehow, it's stunningly unlikely that anything which worked before
would break. Code is pretty trivial too.
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
[ Other info ]
The package is currently 4 of 20 days old. It won't get to 20 by the
Full Freeze date. Either an unblock or adjusting age days will address
the issue since it's not a key package and has a passing non-trivial
autopkgtest.
unblock dkimpy/1.1.4-1
Scott K
diff -Nru dkimpy-1.1.3/ChangeLog dkimpy-1.1.4/ChangeLog
--- dkimpy-1.1.3/ChangeLog 2023-04-30 10:11:53.0 -0400
+++ dkimpy-1.1.4/ChangeLog 2023-05-12 01:17:52.0 -0400
@@ -1,3 +1,9 @@
+2023-05-12 Version 1.1.4
+ - Treat dns.resolver.NoNameservers like NXDOMAIN (not an error) (Thanks to
+ David for the patch and the report)
+ - Confine errors from dnspython to dnsplug and use dkim errors, since
+ dkim.__init__.py doesn't import dns and needs dkim errors (LP: #2018646)
+
2023-04-30 Version 1.1.3
- Catch nacl.exceptions.ValueError and raise KeyFormatError, similar to how
RSA key errors are treated (LP: #2018021)
diff -Nru dkimpy-1.1.3/debian/changelog dkimpy-1.1.4/debian/changelog
--- dkimpy-1.1.3/debian/changelog 2023-04-30 10:27:20.0 -0400
+++ dkimpy-1.1.4/debian/changelog 2023-05-12 08:41:24.0 -0400
@@ -1,3 +1,9 @@
+dkimpy (1.1.4-1) unstable; urgency=medium
+
+ * New upstream release
+
+ -- Scott Kitterman Fri, 12 May 2023 08:41:24 -0400
+
dkimpy (1.1.3-1) unstable; urgency=medium
* New upstream release
diff -Nru dkimpy-1.1.3/dkim/dnsplug.py dkimpy-1.1.4/dkim/dnsplug.py
--- dkimpy-1.1.3/dkim/dnsplug.py2020-08-08 16:55:43.0 -0400
+++ dkimpy-1.1.4/dkim/dnsplug.py2023-05-12 01:07:38.0 -0400
@@ -27,12 +27,18 @@
def get_txt_dnspython(name, timeout=5):
"""Return a TXT record associated with a DNS name."""
+import dkim
try:
a = dns.resolver.query(name, dns.rdatatype.TXT,raise_on_no_answer=False,
lifetime=timeout)
for r in a.response.answer:
if r.rdtype == dns.rdatatype.TXT:
return b"".join(list(r.items)[0].strings)
except dns.resolver.NXDOMAIN: pass
+except dns.resolver.NoNameservers: pass
+except dns.resolver.NoResolverConfiguration as e:
+raise dkim.DnsTimeoutError('dns.resolver.NoResolverConfiguration:
{0}'.format(e))
+except dns.exception.Timeout as e:
+raise dkim.DnsTimeoutError('dns.exception.Timeout: {0}'.format(e))
return None
diff -Nru dkimpy-1.1.3/dkim/__init__.py dkimpy-1.1.4/dkim/__init__.py
--- dkimpy-1.1.3/dkim/__init__.py 2023-04-30 10:11:53.0 -0400
+++ dkimpy-1.1.4/dkim/__init__.py 2023-05-12 01:08:45.0 -0400
@@ -802,7 +802,7 @@
except binascii.Error as e:
self.logger.error('KeyFormatError: {0}'.format(e))
return False
-except dns.exception.Timeout as e:
+except DnsTimeoutError as e:
self.logger.error('DnsTimeoutError: Domain: {0} Selector: {1} Error
message: {2}'.format(
sig[b'd'], sig[b's'], e))
return False
diff -Nru dkimpy-1.1.3/dkimpy.egg-info/PKG-INFO
dkimpy-1.1.4/dkimpy.egg-info/PKG-INFO
--- dkimpy-1.1.3/dkimpy.egg-info/PKG-INFO 2023-04-30 10:12:18.0
-0400
+++ dkimpy-1.1.4/dkimpy.egg-info/PKG-INFO 2023-05-12 01:18:26.0
-0400
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: dkimpy
-Version: 1.1.3
+Version: 1.1.4
Summary: DKIM (DomainKeys Identified Mail), ARC (Authenticated Receive Chain),
and TLSRPT (TLS Report) email signing and verification
Home-page: https://launchpad.net/dkimpy
Author: Scott Kitterman
@@ -21,7 +21,7 @@
# VERSION
-This is dkimpy 1.1.3.
+This is dkimpy 1.1.4.
Bug#1036133: unblock: marco/1.26.1-3
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package marco
Various issues have been fixed in 1.26.1-3:
+ * Revert "debian/control: Drop B-D: libxpresent-dev." introduced with
+marco 1.26.0-2.
+The underlying cause of the problem (see Launchpad issue #1960621) has
+long been solved in X.org's present extension. (This really closes:
+#1034605).
-> This fixes screen tearing if default compositor is on.
+ -- Mike Gabriel Wed, 26 Apr 2023 07:46:12 +0200
+
+marco (1.26.1-2) unstable; urgency=medium
+
+ * debian/patches:
++ Add patches 0001, 0002 and 0003. Fixes marco crashing when run in an X2Go
+ session. (Closes: #1034677).
-> This fixes launching MATE desktop sessions via X2Go. Without the above
named patches marco will crash when run inside an X2Go remote desktop
session.
+ * debian/{marco-common.install,20_marco-debian.gschema.override}:
++ Disable compositing manager in marco, hides dark border around windows in
+ X2Go. (Closes: #982879). This also works around screen tearing in MATE
+ desktop when installing MATE in Debian with default settings. (Closes:
+ #1034605).
-> When run in X2Go (where the underlying Xserver lacks the composite
extension) all windows will have a thick black border. As marco is not bright
enough
to differentiate between a local Xsession and a remote Xsession the best
workaround
is disabling the Compositor by default in marco's gsettings.
[ Reason ]
MATE desktop is an ideal environment for remote desktop (such as X2Go).
This should stay supported in Debian 12 (as it used to be in Debian 10
and 11).
[ Impact ]
Big improvement for Debian's X2Go users.
[ Tests ]
Manually.
[ Risks ]
For MATE users on local desktop, upgrading to marco 1.26.1-3 will disable
the Compositor. It can be re-enabled via the MATE control center.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
[ Other info ]
None.
unblock marco/1.26.1-3
diff -Nru marco-1.26.1/debian/20_marco-debian.gschema.override
marco-1.26.1/debian/20_marco-debian.gschema.override
--- marco-1.26.1/debian/20_marco-debian.gschema.override1970-01-01
01:00:00.0 +0100
+++ marco-1.26.1/debian/20_marco-debian.gschema.override2023-04-25
16:04:32.0 +0200
@@ -0,0 +1,2 @@
+[org.mate.Marco.general]
+compositing-manager=false
diff -Nru marco-1.26.1/debian/changelog marco-1.26.1/debian/changelog
--- marco-1.26.1/debian/changelog 2022-11-13 21:28:36.0 +0100
+++ marco-1.26.1/debian/changelog 2023-04-26 07:46:12.0 +0200
@@ -1,3 +1,26 @@
+marco (1.26.1-3) unstable; urgency=medium
+
+ * Revert "debian/control: Drop B-D: libxpresent-dev." introduced with
+marco 1.26.0-2.
+The underlying cause of the problem (see Launchpad issue #1960621) has
+long been solved in X.org's present extension. (This really closes:
+#1034605).
+
+ -- Mike Gabriel Wed, 26 Apr 2023 07:46:12 +0200
+
+marco (1.26.1-2) unstable; urgency=medium
+
+ * debian/patches:
++ Add patches 0001, 0002 and 0003. Fixes marco crashing when run in an X2Go
+ session. (Closes: #1034677).
+ * debian/{marco-common.install,20_marco-debian.gschema.override}:
++ Disable compositing manager in marco, hides dark border around windows in
+ X2Go. (Closes: #982879). This also works around screen tearing in MATE
+ desktop when installing MATE in Debian with default settings. (Closes:
+ #1034605).
+
+ -- Mike Gabriel Tue, 25 Apr 2023 15:49:34 +0200
+
marco (1.26.1-1) unstable; urgency=medium
* New upstream release.
diff -Nru marco-1.26.1/debian/control marco-1.26.1/debian/control
--- marco-1.26.1/debian/control 2022-11-13 21:13:14.0 +0100
+++ marco-1.26.1/debian/control 2023-04-26 07:46:04.0 +0200
@@ -25,6 +25,7 @@
libxext-dev,
libxfixes-dev,
libxinerama-dev,
+ libxpresent-dev,
libxrandr-dev,
libxrender-dev,
libxres-dev,
diff -Nru marco-1.26.1/debian/marco-common.install
marco-1.26.1/debian/marco-common.install
--- marco-1.26.1/debian/marco-common.install2016-02-07 12:15:35.0
+0100
+++ marco-1.26.1/debian/marco-common.install2023-04-25 16:05:14.0
+0200
@@ -5,3 +5,4 @@
usr/share/mate-control-center/
usr/share/mate/
usr/share/themes/
+debian/20_marco-debian.gschema.override usr/share/glib-2.0/schemas/
diff -Nru
marco-1.26.1/debian/patches/0001_test-retval-from-XResQueryClientIds.patch
marco-1.26.1/debian/patches/0001_test-retval-from-XResQueryClientIds.patch
--- marco-1.26.1/debian/patches/0001_test-retval-from-XResQueryClientIds.patch
1970-01-01 01:00:00.0 +0100
+++ marco-1.26.1/debian/patches/0001_test-retval-from-XResQueryClientIds.patch
2023-04-25 15:33:20.0 +0200
@@
Bug#1036130: unblock: x2goserver/4.1.0.3-7
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package x2goserver Various fixes have been uploaded since x2goserver 4.1.0.3-5, now available as 4.1.0.3-7: + * debian/x2goserver-*.postrm: ++ Ignore failures from deluser/delgroup. (Closes: #1034758). -> Issue reported by the piuparts maintainers. (RC bug). + * debian/po: ++ Add pt_BR.po. Thanks to Adriano Rafael Gomes. (Closes: #972453). ++ Add es.po. Thanks to Camaleón. (Closes: #987341). ++ Add tr.po. Thanks to Atila KOÇ. (Closes: #1032883). -> debconf translation updates + * debian/patches: ++ Add 0002-x2goserver-xsession-Port-OPTIONS-variable-and-has_op.patch. Make + X2Go Server's Xsession startup process compatible with recent Xsession + scripts. (Closes: #1033533). -> X.org maintainers introduce an OPTIONS variable and a has_option function in the main Xsession script. As x2goserver(-common) ships its own Xsession script, the adaption is needed to be compatible with Xsession script consumers (i.e. packages that drop shell snippets into /etc/X11/Xsession.d/). This also silence various error messages that get written to ~/.xsession-x2go.errors + * debian/x2goserver-xsession.lintian-overrides: ++ Drop file. Only override 'package-contains-broken-symlink' not known + anymore today and also nothing like it gets triggered in lintian. -> lintian cleanup. + * debian/copyright: ++ Amend various inconsistencies. Thanks, lintian. Update copyright + attribution for debian/ folder. -> d/copyright cleanup. [ Reason ] Fix one RC bug (#1034758), update debconf localizations, fix compatibility with Xsession.d scripts. [ Impact ] Virtually none. [ Tests ] Runtime test. [ Risks ] Only X2Go users should be affected by this change. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] none unblock x2goserver/4.1.0.3-7 diff -Nru x2goserver-4.1.0.3/debian/changelog x2goserver-4.1.0.3/debian/changelog --- x2goserver-4.1.0.3/debian/changelog 2019-11-11 20:37:58.0 +0100 +++ x2goserver-4.1.0.3/debian/changelog 2023-05-08 16:25:39.0 +0200 @@ -1,3 +1,29 @@ +x2goserver (4.1.0.3-7) unstable; urgency=medium + + * debian/x2goserver-*.postrm: ++ Ignore failures from deluser/delgroup. (Closes: #1034758). + + -- Mike Gabriel Mon, 08 May 2023 16:25:39 +0200 + +x2goserver (4.1.0.3-6) unstable; urgency=medium + + * debian/po: ++ Add pt_BR.po. Thanks to Adriano Rafael Gomes. (Closes: #972453). ++ Add es.po. Thanks to Camaleón. (Closes: #987341). ++ Add tr.po. Thanks to Atila KOÇ. (Closes: #1032883). + * debian/patches: ++ Add 0002-x2goserver-xsession-Port-OPTIONS-variable-and-has_op.patch. Make + X2Go Server's Xsession startup process compatible with recent Xsession + scripts. (Closes: #1033533). + * debian/x2goserver-xsession.lintian-overrides: ++ Drop file. Only override 'package-contains-broken-symlink' not known + anymore today and also nothing like it gets triggered in lintian. + * debian/copyright: ++ Amend various inconsistencies. Thanks, lintian. Update copyright + attribution for debian/ folder. + + -- Mike Gabriel Sun, 26 Mar 2023 23:19:51 +0200 + x2goserver (4.1.0.3-5) unstable; urgency=medium [ Mike Gabriel ] diff -Nru x2goserver-4.1.0.3/debian/copyright x2goserver-4.1.0.3/debian/copyright --- x2goserver-4.1.0.3/debian/copyright 2019-11-11 20:16:14.0 +0100 +++ x2goserver-4.1.0.3/debian/copyright 2023-03-26 23:45:21.0 +0200 @@ -7,9 +7,7 @@ X2Go/Log.pm X2Go/Server/Agent.pm X2Go/Server/Agent/NX.pm - X2Go/Server/DB.pm X2Go/Server/DB/PostgreSQL.pm - X2Go_in_progress_do_not_use/Server/DB/MySQL.pm X2Go/Server/DB/SQLite3.pm libx2go-server-db-perl/lib/libx2go-server-db-sqlite3-wrapper.pl x2goserver-extensions/share/x2gofeature.d/x2goserver-extensions.features @@ -104,10 +102,6 @@ File header of Makefile.docupload says GPL-3+, but... https://code.x2go.org/gitweb?p=x2goserver.git;a=commit;h=7e450338623d9a221968fcb841c4bf795c59 -Files: x2goserver-x2goagent/share/x2go/x2gofeature.d/x2goserver-x2goagent.features -Copyright: 2015, Mike Gabriel -License: GPL-2+ - Files: X2Go/Server.pm X2Go/Utils.pm Copyright: 2007-2018, Heinz-Markus Graesing @@ -239,7 +233,6 @@ x2goserver/man/man8/x2golistdesktops.8 x2goserver/man/man8/x2golistmounts.8 x2goserver/man/man8/x2golistsessions.8 - x2goserver/man/man8/x2golistshadowsessions.8 x2goserver/man/man8/x2golistsessions_root.8 x2goserver/man/man8/x2golistshadowsessions.8 x2goserver/man/man8/x2gomountdirs.8 @@ -263,8 +256,8 @@ Files: debian/* Copyright: 2005-2015, Oleksandr Shneyder - 2010-2015, Mike Gabriel 2010-2015, Reinhard Tartler + 2010-2023, Mike Gabriel License: GPL-2+ License: GPL-2+ diff -Nru
NEW changes in stable-new
Processing changes file: sgt-puzzles_20191231.79a5378-3+deb11u1_source.changes ACCEPT Processing changes file: systemd_247.3-7+deb11u3_source.changes ACCEPT
Bug#1036014: marked as done (unblock: amazon-ec2-utils/2.0.1-2)
Your message dated Mon, 15 May 2023 20:42:19 + with message-id and subject line unblock amazon-ec2-utils has caused the Debian Bug report #1036014, regarding unblock: amazon-ec2-utils/2.0.1-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1036014: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036014 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: debian-cl...@lists.debian.org Dear Release Team, As one of the owners of udev, and having an agreement with the maintainer of amazon-ec2-utils, I'd like the following bug fixed in Bookworm: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035667 amazon-ec2-utils used to take over a file from udev, and this has been fixed in the latest upload to unstable. For maintainability and supportability reasons, we the systemd/udev maintainers prefer that files from the udev package are not diverted. This is the only such case distro-wide. The change is very straightforward and restricted to the maintainer scripts and the install file. Debdiff attached. Thank you! -- Kind regards, Luca Boccassi diff -Nru amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.install amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.install --- amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.install 2022-12-23 22:15:25.0 + +++ amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.install 2023-05-13 01:11:47.0 +0100 @@ -1,4 +1,4 @@ ebsnvme-id /usr/sbin/ ec2-metadata /usr/bin/ ec2nvme-nsid /lib/udev/ -60-cdrom_id.rules 70-ec2-nvme-devices.rules /lib/udev/rules.d/ +70-ec2-nvme-devices.rules /lib/udev/rules.d/ diff -Nru amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.postinst amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.postinst --- amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.postinst 1970-01-01 01:00:00.0 +0100 +++ amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.postinst 2023-05-13 01:11:47.0 +0100 @@ -0,0 +1,15 @@ +#!/bin/sh + +set -e + +if [ "configure" = "$1" ]; then + # TODO: can be dropped in Trixie + diverter=$(dpkg-divert --listpackage /lib/udev/rules.d/60-cdrom_id.rules) + if [ "$diverter" = "amazon-ec2-utils" ]; then + dpkg-divert --package amazon-ec2-utils --remove --rename \ + --divert /lib/udev/rules.d/60-cdrom_id.rules.disabled \ + /lib/udev/rules.d/60-cdrom_id.rules + fi +fi + +#DEBHELPER# diff -Nru amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.postrm amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.postrm --- amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.postrm 2022-12-23 22:01:44.0 + +++ amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.postrm 1970-01-01 01:00:00.0 +0100 @@ -1,11 +0,0 @@ -#!/bin/sh - -set -e - -if [ remove = "$1" -o abort-install = "$1" -o disappear = "$1" ]; then - dpkg-divert --package amazon-ec2-utils --remove --rename \ - --divert /lib/udev/rules.d/60-cdrom_id.rules.disabled \ - /lib/udev/rules.d/60-cdrom_id.rules -fi - -#DEBHELPER# diff -Nru amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.preinst amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.preinst --- amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.preinst 2022-12-23 22:01:44.0 + +++ amazon-ec2-utils-2.0.1/debian/amazon-ec2-utils.preinst 1970-01-01 01:00:00.0 +0100 @@ -1,9 +0,0 @@ -#!/bin/sh - -set -e - -dpkg-divert --package amazon-ec2-utils --add --rename \ - --divert /lib/udev/rules.d/60-cdrom_id.rules.disabled \ - /lib/udev/rules.d/60-cdrom_id.rules - -#DEBHELPER# diff -Nru amazon-ec2-utils-2.0.1/debian/changelog amazon-ec2-utils-2.0.1/debian/changelog --- amazon-ec2-utils-2.0.1/debian/changelog 2022-12-23 22:17:54.0 + +++ amazon-ec2-utils-2.0.1/debian/changelog 2023-05-13 01:11:47.0 +0100 @@ -1,3 +1,10 @@ +amazon-ec2-utils (2.0.1-2) unstable; urgency=medium + + [ Luca Boccassi ] + * Remove diversion of udev rule 60-cdrom_id.rules (Closes: #1035667) + + -- Noah Meyerhans Fri, 12 May 2023 17:11:47 -0700 + amazon-ec2-utils (2.0.1-1) unstable; urgency=medium * New upstream release signature.asc Description: This is a digitally signed message part --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#1036027: marked as done (unblock: kitty/0.26.5-5)
Your message dated Mon, 15 May 2023 20:35:19 + with message-id and subject line unblock kitty has caused the Debian Bug report #1036027, regarding unblock: kitty/0.26.5-5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1036027: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036027 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: ki...@packages.debian.org Control: affects -1 + src:kitty Please unblock package kitty [ Reason ] Kitty registers itself as a handler for various MIME types (via kitty-open.desktop), but some of those (e.g., application/x-sh) are unexpectedly executed instead of viewed. This upload removes the installation of the desktop file, instead providing it as an example. README.Debian is updated to explain how to enable the functionality as well as warning about the implications. [ Impact ] Untrusted files may be executed rather than viewed (e.g., trying to view a shell script attached to an email). [ Tests ] n/a [ Risks ] Trivial change in a leaf package. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock kitty/0.26.5-5 --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Processed: systemd 247.3-7+deb11u3 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1035304 = bullseye pending Bug #1035304 [release.debian.org] bullseye-pu: package systemd/247.3-7+deb11u3 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1035304: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035304 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1035304: systemd 247.3-7+deb11u3 flagged for acceptance
package release.debian.org tags 1035304 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: systemd Version: 247.3-7+deb11u3 Explanation: udev: fix creating /dev/serial/by-id/ symlinks for USB devices; fix memory leak on daemon-reload
Bug#1036017: marked as done (unblock: lemonldap-ng/2.16.1+ds-2)
Your message dated Mon, 15 May 2023 20:27:23 +
with message-id
and subject line unblock lemonldap-ng
has caused the Debian Bug report #1036017,
regarding unblock: lemonldap-ng/2.16.1+ds-2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1036017: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036017
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: lemonldap...@packages.debian.org
Control: affects -1 + src:lemonldap-ng
Please unblock package lemonldap-ng
[ Reason ]
The change introduced in version 2.16.1 breaks the "viewer" (a secondary
component of lemonldap-ng which permits to give a read-only view to the
configuration.
Also there is a little security issue in OpenID-Connect dur to an
incorrect regexp.
[ Impact ]
- Regression in viewer
- Little security issue
[ Risks ]
No risk here:
* the fix-OP-acr-parsing.patch is trivial
* the fix-viewer-endpoint.patch is just a partial revert
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
Cheers,
Yadd
unblock lemonldap-ng/2.16.1+ds-2
diff --git a/debian/changelog b/debian/changelog
index 5799391bf..8de0d083f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+lemonldap-ng (2.16.1+ds-2) unstable; urgency=medium
+
+ * Fix incorrect parsing of OP-provided acr
+ * Fix regression introduced in 2.16.1 that render viewer unusable
+
+ -- Yadd Fri, 12 May 2023 21:10:49 +0400
+
lemonldap-ng (2.16.1+ds-1) unstable; urgency=medium
* Update debian/clean: clean sphynx lock
diff --git a/debian/patches/fix-OP-acr-parsing.patch
b/debian/patches/fix-OP-acr-parsing.patch
new file mode 100644
index 0..92ba116f4
--- /dev/null
+++ b/debian/patches/fix-OP-acr-parsing.patch
@@ -0,0 +1,41 @@
+Description: fix incorrect parsing of OP-provided acr
+ Bug description:
+ .
+ * Configure Auth::OIDC with an OP that always returns acr: 1 in the ID token
+ * Set oidcOPMetaDataOptionsAcrValues to loa-1
+ ACR value 1 is accepted despite not being part of the list ['loa-1']
+ .
+ The problem is in this regexp:
+ .
+ unless ( $acr_values =~ /\b$acr\b/i ) {
+ .
+ because \b matches too many things (in the example: it matches -)
+Author: Maxime Besson
+Origin: upstream, commit: 3691978f
+Bug: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2875
+Forwarded: not-needed
+Applied-Upstream: 2.16.2, commit: 3691978f
+Reviewed-By: Yadd
+Last-Update: 2023-05-09
+
+--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm
b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm
+@@ -803,7 +803,7 @@
+ $self->logger->error("ACR was not returned by OP $op");
+ return 0;
+ }
+-unless ( $acr_values =~ /\b$acr\b/i ) {
++unless ( grep { $_ eq $acr } split( /[\s,]+/, $acr_values ) ) {
+ $self->logger->error(
+ "ACR $acr not listed in request ACR values ($acr_values)");
+ return 0;
+--- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t
b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t
+@@ -492,6 +492,7 @@
+ oidcOPMetaDataOptionsCheckJWTSignature => 1,
+ oidcOPMetaDataOptionsJWKSTimeout => 0,
+ oidcOPMetaDataOptionsClientSecret => "rpsecret",
++oidcOPMetaDataOptionsAcrValues => "loa-32
customacr-1",
+ oidcOPMetaDataOptionsScope => "openid profile email",
+ oidcOPMetaDataOptionsStoreIDToken => 0,
+ oidcOPMetaDataOptionsMaxAge => 30,
diff --git a/debian/patches/fix-viewer-endpoint.patch
b/debian/patches/fix-viewer-endpoint.patch
new file mode 100644
index 0..9aaf6c59f
--- /dev/null
+++ b/debian/patches/fix-viewer-endpoint.patch
@@ -0,0 +1,46 @@
+Description: fix viewer endpoint
+ Regression introduced in 2.16.1
+Author: Maxime Besson
+Origin: upstream, commit:c330347f
+Bug: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2909
+Forwarded: not-needed
+Applied-Upstream: 2.16.2, commit:c330347f
+Reviewed-By: Yadd
+Last-Update: 2023-05-09
+
+--- a/doc/sources/admin/viewer.rst
b/doc/sources/admin/viewer.rst
+@@ -39,11 +39,11 @@
+ In Manager: \* Declare a Virtual Host : manager.example.com \* Set an
+ access rule for each enabled
Bug#1036040: marked as done (unblock: qemu/1:7.2+dfsg-7)
Your message dated Mon, 15 May 2023 20:26:48 +
with message-id
and subject line unblock qemu
has caused the Debian Bug report #1036040,
regarding unblock: qemu/1:7.2+dfsg-7
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1036040: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036040
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: q...@packages.debian.org, pkg-qemu-de...@lists.alioth.debian.org
Control: affects -1 + src:qemu
Please unblock package qemu
This is an easy one.
[ Reason ]
This release contains a fix for a trivial packaging bug, --
a forgotten Depends during package split. See the changelog
entry for more details.
[ Risks ]
There's no risks. The fix just works (tm).
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
(even in such a trivial case, I managed to forget to format the Closes:
line properly, This does not affect the package thogh)
unblock qemu/1:7.2+dfsg-7
diff -Nru qemu-7.2+dfsg/debian/changelog qemu-7.2+dfsg/debian/changelog
--- qemu-7.2+dfsg/debian/changelog 2023-04-29 13:02:55.0 +0300
+++ qemu-7.2+dfsg/debian/changelog 2023-05-14 11:29:12.0 +0300
@@ -1,3 +1,24 @@
+qemu (1:7.2+dfsg-7) unstable; urgency=medium
+
+ * d/control: qemu-system-xen: add ipxe-qemu dependency (#1035676)
+
+When installing qemu-system-xen on a new system, the boot roms are
+not installed. Unfortunately this means HVM Xen DomUs can not be used
+at all, because the boot roms are hard requiriment for qemu since 2014,
+it fails to start without the boot roms even if (network) booting is
+not requested.
+
+Before bookworm, when qemu-system-xen was part of regular
+qemu-system-x86 package, the dependency on ipxe-qemu was coming from
+that package. But when splitting qemu-system-xen out of it, we forgot
+that the boot roms are hard dependency now. This makes qemu-system-xen
+unusable on a new install until ipxe-qemu is installed too.
+
+An alternative would be to revert upstream commit 178e785fb
+(from 2014) to make rom loading failure a non-fatal error.
+
+ -- Michael Tokarev Sun, 14 May 2023 11:29:12 +0300
+
qemu (1:7.2+dfsg-6) unstable; urgency=medium
[ Michael Tokarev ]
diff -Nru qemu-7.2+dfsg/debian/control qemu-7.2+dfsg/debian/control
--- qemu-7.2+dfsg/debian/control2023-04-29 12:31:07.0 +0300
+++ qemu-7.2+dfsg/debian/control2023-05-11 17:28:22.0 +0300
@@ -400,7 +400,7 @@
Multi-Arch: no
# do we really need qemu-system-data? keymaps only?
Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-data (>>
${source:Upstream-Version}~),
- seabios
+ seabios, ipxe-qemu
Recommends: qemu-utils,
ovmf,
Description: QEMU full system emulation (Xen helper package)
diff -Nru qemu-7.2+dfsg/debian/control-in qemu-7.2+dfsg/debian/control-in
--- qemu-7.2+dfsg/debian/control-in 2023-04-29 12:05:13.0 +0300
+++ qemu-7.2+dfsg/debian/control-in 2023-05-07 21:55:26.0 +0300
@@ -412,7 +412,7 @@
Multi-Arch: no
# do we really need qemu-system-data? keymaps only?
Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-data (>>
${source:Upstream-Version}~),
- seabios
+ seabios, ipxe-qemu
Recommends: qemu-utils,
ovmf,
:ubuntu:# For the transition from the former qemu-system-x86-xen name
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---
Bug#1036059: marked as done (unblock: resteasy3.0/3.0.26-6)
Your message dated Mon, 15 May 2023 20:24:18 + with message-id and subject line unblock resteasy3.0 has caused the Debian Bug report #1036059, regarding unblock: resteasy3.0/3.0.26-6 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1036059: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036059 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: resteasy...@packages.debian.org Control: affects -1 + src:resteasy3.0 Please unblock package resteasy3.0 This update drops the dependency on libtomcat9-java which won't be part of Bookworm (#1033366) Thank you, Emmanuel Bourg unblock resteasy3.0/3.0.26-6 diff --git a/debian/changelog b/debian/changelog index 68db1eab6..148149f7d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +resteasy3.0 (3.0.26-6) unstable; urgency=medium + + * Team upload. + * Depend on libservlet-api-java and libel-api-java instead of libtomcat9-java +(Closes: #1033366) + + -- Emmanuel Bourg Sun, 14 May 2023 19:12:25 +0200 + resteasy3.0 (3.0.26-5) unstable; urgency=medium * patches: Replace javax/activation with jakarta/activation, fixes noise diff --git a/debian/control b/debian/control index bd18212da..47fdea4fd 100644 --- a/debian/control +++ b/debian/control @@ -10,6 +10,7 @@ Build-Depends-Indep: javahelper, junit4, libcommons-io-java, + libel-api-java, libgeronimo-annotation-1.3-spec-java, libhttpclient-java, libjackson2-core-java, @@ -22,8 +23,8 @@ Build-Depends-Indep: libjboss-logging-java, libjboss-logging-tools-java, libmaven-install-plugin-java, - libslf4j-java, - libtomcat9-java, + libservlet-api-java, + libslf4j-java Standards-Version: 4.5.1 Vcs-Git: https://salsa.debian.org/java-team/resteasy.git Vcs-Browser: https://salsa.debian.org/java-team/resteasy diff --git a/debian/libresteasy3.0-java.classpath b/debian/libresteasy3.0-java.classpath index 2dfc0599a..89a972771 100644 --- a/debian/libresteasy3.0-java.classpath +++ b/debian/libresteasy3.0-java.classpath @@ -1,2 +1,2 @@ -usr/share/java/resteasy-jaxrs.jar /usr/share/java/slf4j-api.jar /usr/share/java/httpclient.jar /usr/share/java/commons-io.jar /usr/share/java/geronimo-annotation-1.3-spec.jar /usr/share/java/tomcat9-el-api.jar /usr/share/java/jakarta-activation.jar +usr/share/java/resteasy-jaxrs.jar /usr/share/java/slf4j-api.jar /usr/share/java/httpclient.jar /usr/share/java/commons-io.jar /usr/share/java/geronimo-annotation-1.3-spec.jar /usr/share/java/jakarta-activation.jar usr/share/java/resteasy-jackson2-provider.jar /usr/share/java/jackson-core.jar /usr/share/java/jackson-databind.jar /usr/share/java/jackson-jaxrs-base.jar /usr/share/java/jackson-jaxrs-json-provider.jar /usr/share/java/jackson-module-jaxb-annotations.jar diff --git a/debian/maven.rules b/debian/maven.rules index 30c686e5e..51bec29df 100644 --- a/debian/maven.rules +++ b/debian/maven.rules @@ -12,7 +12,7 @@ org.yaml snakeyaml * s/.*/1.x/ * * com.sun.istack istack-commons-runtime * s/debian/2.17/ * * s/jboss/javassist/ javassist * s/.*/debian/ * * s/org.jboss.spec.javax.annotation/org.apache.geronimo.specs/ s/jboss-annotations-api_1.2_spec/geronimo-annotation_1.3_spec/ * s/.*/debian/ * * -s/org.jboss.spec.javax.servlet/org.apache.tomcat/ s/jboss-servlet-api_3.1_spec/tomcat-servlet-api/ * s/.*/9.x/ * * -s/org.jboss.spec.javax.el/org.apache.tomcat/ s/jboss-el-api_3.0_spec/tomcat-el-api/ * s/.*/9.x/ * * +s/org.jboss.spec.javax.servlet/javax.servlet/ s/jboss-servlet-api_3.1_spec/javax.servlet-api/ * s/.*/debian/ * * +s/org.jboss.spec.javax.el/javax.el/ s/jboss-el-api_3.0_spec/javax.el-api/ * s/.*/debian/ * * s/org.jboss.spec.javax.ws.rs/javax.ws.rs/ s/jboss-jaxrs-api_2.0_spec/javax.ws.rs-api/ * s/.*/debian/ * * s/javax.activation/jakarta.activation/ s/activation/jakarta.activation-api/ * s/.*/debian/ * * --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#1036037: marked as done (unblock: emacs/1:28.2+1-15)
Your message dated Mon, 15 May 2023 20:26:02 + with message-id and subject line unblock emacs has caused the Debian Bug report #1036037, regarding unblock: emacs/1:28.2+1-15 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1036037: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036037 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: em...@packages.debian.org Control: affects -1 + src:emacs Please unblock package emacs The only changes are two bug fixes, one for a file conflict with bullseye emacs-bin-common and one for a conflict with older elpa-cider: https://bugs.debian.org/1034941 https://bugs.debian.org/1035781 diff -Nru emacs-28.2+1/debian/changelog emacs-28.2+1/debian/changelog --- emacs-28.2+1/debian/changelog 2023-04-01 22:38:56.0 -0500 +++ emacs-28.2+1/debian/changelog 2023-05-13 15:17:27.0 -0500 @@ -1,3 +1,16 @@ +emacs (1:28.2+1-15) unstable; urgency=medium + + * emacs-common: add breaks/replaces emacs-bin-common (<< 1:28) since the +emacs.service file moved from emacs-bin-common to emacs-common. +Thanks to Helmut Grohne for reporting the problem and Andreas Beckmann +for providing and testing the fix. (Closes: 1034941) + + * emacs-common: add breaks elpa-cider (<< 0.19.0+dfsg-4~). Thanks to +Andreas Beckmann for reporting the problem and providing and testing +the fix. (Closes: 1035781) + + -- Rob Browning Sat, 13 May 2023 15:17:27 -0500 + emacs (1:28.2+1-14) unstable; urgency=medium * Fix gnus nnml crash on some invalid headers. Add diff -Nru emacs-28.2+1/debian/control emacs-28.2+1/debian/control --- emacs-28.2+1/debian/control 2023-03-31 13:22:31.0 -0500 +++ emacs-28.2+1/debian/control 2023-05-13 14:31:35.0 -0500 @@ -142,7 +142,9 @@ apel (<< 10.8+0.20120427-4), edb (<< 1.32), egg (<< 4.2.0-2), + elpa-cider (<< 0.19.0+dfsg-4~), emacs (<< 1:25), + emacs-bin-common (<< 1:28), emacs-gtk (<< 1:25), emacs-lucid (<< 1:25), emacs-nox (<< 1:25), @@ -159,7 +161,9 @@ emacs24-nox, emacs25, emacs25-lucid, - emacs25-nox, + emacs25-nox +Replaces: + emacs-bin-common (<< 1:28) Description: GNU Emacs editor's shared, architecture independent infrastructure GNU Emacs is the extensible self-documenting text editor. This package contains the architecture independent infrastructure Thanks -- Rob Browning rlb @defaultvalue.org and @debian.org GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4 --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#1036060: unblock libfinance-quote-perl
On Mon, 15 May 2023 20:17:40 +, Sebastian Ramacher wrote: > Unblocked. Thank you! Cheers, gregor -- .''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe `- signature.asc Description: Digital Signature
Bug#1036099: marked as done (unblock: liblxqt/1.2.0-7)
Your message dated Mon, 15 May 2023 20:16:36 +
with message-id
and subject line unblock liblxqt
has caused the Debian Bug report #1036099,
regarding unblock: liblxqt/1.2.0-7
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1036099: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036099
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: libl...@packages.debian.org
Control: affects -1 + src:liblxqt
Please unblock package liblxqt
[ Reason ]
Fix RC bug https://bugs.debian.org/1034943 due to missing
Breaks/Replaces.
[ Impact ]
This bug prevent user from upgrading LXQt desktop from Bullseye to
Bookworm.
[ Tests ]
Manual test to upgrade liblxqt from 0.16.0-1 to 1.2.0-7.
[ Risks ]
[ Checklist ]
[v] all changes are documented in the d/changelog
[v] I reviewed all changes and I approve them
[v] attach debdiff against the package in testing
[ Other info ]
unblock liblxqt/1.2.0-7
--
ChangZhuo Chen (陳昌倬) czchen@{czchen,debian}.org
https://czchen.org/
Key fingerprint = BA04 346D C2E1 FE63 C790 8793 CC65 B0CD EC27 5D5B
diff -Nru liblxqt-1.2.0/debian/changelog liblxqt-1.2.0/debian/changelog
--- liblxqt-1.2.0/debian/changelog 2023-04-27 13:10:28.0 +0800
+++ liblxqt-1.2.0/debian/changelog 2023-05-13 17:41:17.0 +0800
@@ -1,3 +1,10 @@
+liblxqt (1.2.0-7) unstable; urgency=medium
+
+ * liblxqt1-dev: sufficient Breaks and Replaces declarations.
+Thanks Helmut Grohne . (Closes:#1034943)
+
+ -- Andrew Lee (李健秋) Sat, 13 May 2023 11:41:17 +0200
+
liblxqt (1.2.0-6) unstable; urgency=medium
* Add missing Breaks/Replaces (Closes: #1034894)
diff -Nru liblxqt-1.2.0/debian/control liblxqt-1.2.0/debian/control
--- liblxqt-1.2.0/debian/control2023-04-27 13:10:28.0 +0800
+++ liblxqt-1.2.0/debian/control2023-05-13 17:41:17.0 +0800
@@ -51,6 +51,8 @@
libqt5xdgiconloader-dev (>= 3.10.0~),
lxqt-build-tools (>= 0.12.0~),
${misc:Depends}
+Breaks: liblxqt0 (<< 0.99)
+Replaces: liblxqt0 (<< 0.99)
Description: Shared libraries for LXQt desktop environment (dev)
LXQt is an advanced, easy-to-use, and fast desktop environment based on Qt
technologies. It has been tailored for users who value simplicity, speed, and
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---
Bug#1036060: marked as done (unblock: libfinance-quote-perl/1.54-3)
Your message dated Mon, 15 May 2023 20:17:40 +
with message-id
and subject line unblock libfinance-quote-perl
has caused the Debian Bug report #1036060,
regarding unblock: libfinance-quote-perl/1.54-3
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1036060: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036060
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: libfinance-quote-p...@packages.debian.org
Control: affects -1 + src:libfinance-quote-perl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I've uploaded libfinance-quote-perl/1.54-3 to unstable, targetting
bookworm.
In comparison to -2, the upload contains 4 patches from upstream Git
commits/PRs. While this sounds a bit scary at this stage of the
freeze, all changes are minimal and fix issues.
I'm attaching a full debdiff but in practice the code changes are as
follows (the rest is documentation, patch metadata, a skipped online
test, …):
1) debian/patches/GH263_URL_MorningstarJP.patch: 1 URL changed:
- --- a/lib/Finance/Quote/MorningstarJP.pm
+++ b/lib/Finance/Quote/MorningstarJP.pm
@@ -32,7 +32,7 @@
# NAV information (basis price)
$MORNINGSTAR_JP_URL =
- - ('https://www.morningstar.co.jp/FundData/DownloadStdYmd.do?fnc=');
+ ('https://www.wealthadvisor.co.jp/FundData/DownloadStdYmd.do?fnc=');
sub methods { return ( morningstarjp => \ ); }
sub labels { return ( morningstarjp => [qw/symbol date nav/] ); }
2) debian/patches/GH262_Regex_FTfunds.patch: 1 regexp changed:
- --- a/lib/Finance/Quote/FTfunds.pm
+++ b/lib/Finance/Quote/FTfunds.pm
@@ -182,7 +182,7 @@
my $currency;
my $price;
if ($webdoc->content =~
- - m[Price
[(]([A-Z]{3})[)]([\.\,0-9]*)] )
+ m[]*>Price
[(]([A-Z]{3})[)]([\.\,0-9]*)] )
{
$currency = $1;
$price= $2;
3) debian/patches/GH267_TRV_AlphaVantage.patch: 1 entry added to a
hash table:
- --- a/lib/Finance/Quote/AlphaVantage.pm
+++ b/lib/Finance/Quote/AlphaVantage.pm
@@ -58,6 +58,7 @@
'.SA' => "BRL",# Brazil Sao Paolo
'.BR' => "EUR",# Belgium Brussels
'.TO' => "CAD",# Canada Toronto
+'.TRV' => "CAD",# CanadaToronto Venture
'.V' => "CAD",# Toronto Venture
'.TRT' => "CAD",# CanadaToronto
'.SN' => "CLP",# ChileSantiago
4) debian/patches/GH268_URL_YahooJSON.patch: 1 URL changed:
- --- a/lib/Finance/Quote/YahooJSON.pm
+++ b/lib/Finance/Quote/YahooJSON.pm
@@ -35,7 +35,7 @@
our $VERSION = '1.54'; # VERSION
- -my $YIND_URL_HEAD =
'https://query1.finance.yahoo.com/v7/finance/quote?symbols=';
+my $YIND_URL_HEAD =
'https://query1.finance.yahoo.com/v6/finance/quote?symbols=';
my $YIND_URL_TAIL = '';
sub methods {
(This is Debian bug #1035690)
All these changes are also in the new 1.55 upstream release which
I've chosen not to take as it also contains other/more code changes.
Having these changes in bookworm would help users to have working
stock quote modules, and as the changes are minimal there should be
no risk for regressions.
unblock libfinance-quote-perl/1.54-3
age-days 5 libfinance-quote-perl/1.54-3
Thanks in advance,
gregor
-BEGIN PGP SIGNATURE-
iQKTBAEBCgB9FiEE0eExbpOnYKgQTYX6uzpoAYZJqgYFAmRhJ9RfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEQx
RTEzMTZFOTNBNzYwQTgxMDREODVGQUJCM0E2ODAxODY0OUFBMDYACgkQuzpoAYZJ
qgauYg/+IpHCLWKfRn18h5jiQruWhQkosM3n8cPaXVqiCbm2V1o/I4DC5Rx6xK4W
uZ/255jydt1DI771a4p2zlgl/svKIXCBCqsk9c3aUzpCrkeAVghOW6OGqD9X2P+Q
o8W1ADpEbG/gI6kGHn7Yj5x428L6PtG/t0rUTEKnEEUznPnLFufszFkr1/aifwbr
bbX1sjSxcdNQjtaiMVRusK7CD8sfqgRaDSZJC7iN9NjIbMnYEo/3UYiSDpBnXC6/
QP/VZrAdrbfsmWCahJtcZ/ZlvpKN1rmQI6fnaTIFFGewQmyj2uMAnVa1bLSm2lI0
6yo5oc33TDfxCR0nnJOr4jE3ruB1sYenIoUilNxLtglCRCJZhoZCQP6IPq2wCTe3
U18L4dH0lAppXGx7MHq2bnEXTV5JB6pcz0EBDe66iupmotQrgOwoNRVOt8A6GMah
2+MCWGSTub2Z0RAFQWv/HTdSZWhsjq+TgMNoxOcxGjXBUdgBAl+JkrfxeZ3e2RLd
oY42kFhTIimDKnyHOe9CdA2Zp/PvISnHdafiMoeHBrnZfMmvG3dttqcxDxn9GPAL
wievCeyj27th12taQN5/Rg5qPU07cr3yiFE9v8ccSsKPcQzmT27nx+qFEYALcYxn
fXlgcIMsRuWaIfc1okSgus7Q8QhxAQk3Ep2vZrPQ5cuoOC91so4=
=apkh
-END PGP SIGNATURE-
diff -Nru libfinance-quote-perl-1.54/debian/changelog
libfinance-quote-perl-1.54/debian/changelog
--- libfinance-quote-perl-1.54/debian/changelog 2023-02-05 14:24:34.0
+0100
+++
Bug#1036108: marked as done (unblock: srpc/0.9.8-1.1)
Your message dated Mon, 15 May 2023 20:15:08 +
with message-id
and subject line unblock srpc
has caused the Debian Bug report #1036108,
regarding unblock: srpc/0.9.8-1.1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1036108: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036108
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Control: affects -1 + src:srpc
X-Debbugs-Cc: s...@packages.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
Please unblock package srpc.
[ Reason ]
Missing dependency: #1035456
[ Impact ]
auto-removal from bookworm.
[ Tests ]
dangling symlink /usr/lib/x86_64-linux-gnu/libsrpc.so (e.g. for amd64)
[ Risks ]
None.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock srpc/0.9.8-1.1diff -Nru srpc-0.9.8/debian/changelog srpc-0.9.8/debian/changelog
--- srpc-0.9.8/debian/changelog 2023-03-01 15:41:10.0 +0100
+++ srpc-0.9.8/debian/changelog 2023-05-12 19:39:47.0 +0200
@@ -1,3 +1,10 @@
+srpc (0.9.8-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload
+ * libsrpc-dev: Add missing Depends (Closes: #1035456)
+
+ -- Bastian Germann Fri, 12 May 2023 19:39:47 +0200
+
srpc (0.9.8-1) unstable; urgency=low
* Updated to new version (0.9.8)
diff -Nru srpc-0.9.8/debian/control srpc-0.9.8/debian/control
--- srpc-0.9.8/debian/control 2023-03-01 15:41:10.0 +0100
+++ srpc-0.9.8/debian/control 2023-05-12 19:38:49.0 +0200
@@ -33,7 +33,10 @@
Multi-Arch: same
Breaks: libsrpc (<< 0.9.7-1)
Replaces: libsrpc (<< 0.9.7-1)
-Depends: libsrpc-bin (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Depends:
+ libsrpc0 (= ${binary:Version}),
+ libsrpc-bin (= ${binary:Version}),
+ ${misc:Depends}, ${shlibs:Depends}
Description: Sogou RPC Library (SRPC)
SRPC is an enterprise-level RPC framework widely used by Tencent, Sogou and
many small and medium-sized companies. It handles hundreds of millions of
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---
Bug#1036093: marked as done (unblock: pokerth/1.1.2-2)
Your message dated Mon, 15 May 2023 20:15:55 +
with message-id
and subject line unblock pokerth
has caused the Debian Bug report #1036093,
regarding unblock: pokerth/1.1.2-2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1036093: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036093
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: a...@debian.org
Please unblock package pokerth
[ Reason ]
pokerth depends on gsfonts-x11 which has been replaced by
fonts-urw-base35. Some fonts names changed and symlinks pointing to
the old fonts no longer worked as expected. (#1020237) However after
looking into this issue, I discovered that those fonts are no longer
required. They were intended as a fallback solution but upstream
removed them years ago. There is also still DejaVuSans-Bold.ttf which
should suffice as well. Since it made no difference, I simply removed the
dependency on gsfonts-x11.
[ Impact ]
pokerth in testing would be shipped with dangling symlinks.
[ Tests ]
The game looks identical with or without those fonts.
[ Risks ]
None, since gsfonts-x11 is just obsolete
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock pokerth/1.1.2-2
diff -Nru pokerth-1.1.2/debian/changelog pokerth-1.1.2/debian/changelog
--- pokerth-1.1.2/debian/changelog 2020-12-19 19:37:17.0 +0100
+++ pokerth-1.1.2/debian/changelog 2023-05-15 00:44:03.0 +0200
@@ -1,3 +1,14 @@
+pokerth (1.1.2-2) unstable; urgency=medium
+
+ * Team upload.
+ * No longer depend on gsfonts-x11 which is replaced by fonts-urw-base35.
+We don't need these fonts because we still have DejaVuSans which is the
+better alternative. (Closes: #1020237)
+ * Remove the symlinks to gsfonts-x11 fonts.
+ * Rename VeraBd.ttf symlink to DejaVuSans-Bold.ttf.
+
+ -- Markus Koschany Mon, 15 May 2023 00:44:03 +0200
+
pokerth (1.1.2-1.1) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru pokerth-1.1.2/debian/control pokerth-1.1.2/debian/control
--- pokerth-1.1.2/debian/control2020-12-19 19:33:12.0 +0100
+++ pokerth-1.1.2/debian/control2023-05-15 00:44:03.0 +0200
@@ -65,7 +65,6 @@
Architecture: all
Depends:
fonts-dejavu-core,
- gsfonts-x11,
${misc:Depends}
Description: Texas hold'em game - common data files
pokerth is a free implementation of the Texas hold'em poker game which is
diff -Nru pokerth-1.1.2/debian/pokerth-data.links
pokerth-1.1.2/debian/pokerth-data.links
--- pokerth-1.1.2/debian/pokerth-data.links 2018-10-02 15:35:20.0
+0200
+++ pokerth-1.1.2/debian/pokerth-data.links 2023-05-15 00:44:03.0
+0200
@@ -1,3 +1 @@
-/usr/share/fonts/X11/Type1/c059013l.pfb
/usr/share/games/pokerth/fonts/c059013l.pfb
-/usr/share/fonts/X11/Type1/n019003l.pfb
/usr/share/games/pokerth/fonts/n019003l.pfb
-/usr/share/fonts/truetype/dejavu/DejaVuSans-Bold.ttf
/usr/share/games/pokerth/fonts/VeraBd.ttf
+/usr/share/fonts/truetype/dejavu/DejaVuSans-Bold.ttf
/usr/share/games/pokerth/fonts/DejaVuSans-Bold.ttf
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---
Processed: sgt-puzzles 20191231.79a5378-3+deb11u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1035311 = bullseye pending Bug #1035311 [release.debian.org] bullseye-pu: package sgt-puzzles/20191231.79a5378-3+deb11u1 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1035311: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035311 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#1036123: [pre-approval] unblock: libcap2/1:2.66-4
Processing control commands: > tags -1 moreinfo confirmed Bug #1036123 [release.debian.org] [pre-approval] unblock: libcap2/1:2.66-4 Added tag(s) moreinfo and confirmed. -- 1036123: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036123 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036123: [pre-approval] unblock: libcap2/1:2.66-4
Control: tags -1 moreinfo confirmed On 2023-05-15 21:48:55 +0200, Christian Kastner wrote: > (re-sent, this time to the right recipients. Apologies, it's been a long > day) > > On 2023-05-15 21:15, Salvatore Bonaccorso wrote: > >> +libcap2 (1:2.66-4) unstable; urgency=medium > >> + > >> + * Apply upstream patches for CVE-2023-2602, CVE-2023-2603 > >> + > >> + -- Christian Kastner Mon, 15 May 2023 20:34:57 +0200 > > > > We had I guess a small overlap in bugreporting, can you as well > > include bug closer for #1036114 in your upload? > > Thanks for catching this, Salvatore. > > Updated debdiff attached. Please go ahead and remove the moreinfo tag once the package is available in unstable. Cheers -- Sebastian Ramacher
Bug#1035311: sgt-puzzles 20191231.79a5378-3+deb11u1 flagged for acceptance
package release.debian.org tags 1035311 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: sgt-puzzles Version: 20191231.79a5378-3+deb11u1 Explanation: fix various security issues in game loading [CVE-2023-24283 CVE-2023-24284 CVE-2023-24285 CVE-2023-24287 CVE-2023-24288 CVE-2023-24291]
Re: Bug#1036123: [pre-approval] unblock: libcap2/1:2.66-4
On 2023-05-15 21:15, Salvatore Bonaccorso wrote:
>> +libcap2 (1:2.66-4) unstable; urgency=medium
>> +
>> + * Apply upstream patches for CVE-2023-2602, CVE-2023-2603
>> +
>> + -- Christian Kastner Mon, 15 May 2023 20:34:57 +0200
>
> We had I guess a small overlap in bugreporting, can you as well
> include bug closer for #1036114 in your upload?
Thanks for catching this, Salvatore.
Updated debdiff attached.
Best,
Christiandiff -Nru libcap2-2.66/debian/changelog libcap2-2.66/debian/changelog
--- libcap2-2.66/debian/changelog 2022-12-21 21:19:49.0 +0100
+++ libcap2-2.66/debian/changelog 2023-05-15 20:34:57.0 +0200
@@ -1,3 +1,10 @@
+libcap2 (1:2.66-4) unstable; urgency=medium
+
+ * Apply upstream patches for CVE-2023-2602, CVE-2023-2603
+(Closes: #1036114)
+
+ -- Christian Kastner Mon, 15 May 2023 20:34:57 +0200
+
libcap2 (1:2.66-3) unstable; urgency=medium
* Add gcc to autopkgtest for upstream tests.
diff -Nru
libcap2-2.66/debian/patches/Correct-the-check-of-pthread_create-s-return-value.patch
libcap2-2.66/debian/patches/Correct-the-check-of-pthread_create-s-return-value.patch
---
libcap2-2.66/debian/patches/Correct-the-check-of-pthread_create-s-return-value.patch
1970-01-01 01:00:00.0 +0100
+++
libcap2-2.66/debian/patches/Correct-the-check-of-pthread_create-s-return-value.patch
2023-05-15 20:34:57.0 +0200
@@ -0,0 +1,39 @@
+From: "Andrew G. Morgan"
+Date: Wed, 3 May 2023 19:18:36 -0700
+Subject: Correct the check of pthread_create()'s return value.
+
+This function returns a positive number (errno) on error, so the code
+wasn't previously freeing some memory in this situation.
+
+Discussion:
+
+ https://stackoverflow.com/a/3581020/14760867
+
+Credit for finding this bug in libpsx goes to David Gstir of
+X41 D-Sec GmbH (https://x41-dsec.de/) who performed a security
+audit of the libcap source code in April of 2023. The audit
+was sponsored by the Open Source Technology Improvement Fund
+(https://ostif.org/).
+
+Audit ref: LCAP-CR-23-01 (CVE-2023-2602)
+
+Signed-off-by: Andrew G. Morgan
+
+Origin: upstream,
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=bc6b36682f188020ee4770fae1d41bde5b2c97bb
+---
+ psx/psx.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/psx/psx.c b/psx/psx.c
+index d9c0485..65eb2aa 100644
+--- a/psx/psx.c
b/psx/psx.c
+@@ -516,7 +516,7 @@ int __wrap_pthread_create(pthread_t *thread, const
pthread_attr_t *attr,
+ pthread_sigmask(SIG_BLOCK, , NULL);
+
+ int ret = __real_pthread_create(thread, attr, _psx_start_fn, starter);
+-if (ret == -1) {
++if (ret > 0) {
+ psx_new_state(_PSX_CREATE, _PSX_IDLE);
+ memset(starter, 0, sizeof(*starter));
+ free(starter);
diff -Nru
libcap2-2.66/debian/patches/Large-strings-can-confuse-libcap-s-internal-strdup-code.patch
libcap2-2.66/debian/patches/Large-strings-can-confuse-libcap-s-internal-strdup-code.patch
---
libcap2-2.66/debian/patches/Large-strings-can-confuse-libcap-s-internal-strdup-code.patch
1970-01-01 01:00:00.0 +0100
+++
libcap2-2.66/debian/patches/Large-strings-can-confuse-libcap-s-internal-strdup-code.patch
2023-05-15 20:34:57.0 +0200
@@ -0,0 +1,53 @@
+From: "Andrew G. Morgan"
+Date: Wed, 3 May 2023 19:44:22 -0700
+Subject: Large strings can confuse libcap's internal strdup code.
+
+Avoid something subtle with really long strings: 1073741823 should
+be enough for anybody. This is an improved fix over something attempted
+in libcap-2.55 to address some static analysis findings.
+
+Reviewing the library, cap_proc_root() and cap_launcher_set_chroot()
+are the only two calls where the library is potentially exposed to a
+user controlled string input.
+
+Credit for finding this bug in libcap goes to Richard Weinberger of
+X41 D-Sec GmbH (https://x41-dsec.de/) who performed a security audit
+of the libcap source code in April of 2023. The audit was sponsored
+by the Open Source Technology Improvement Fund (https://ostif.org/).
+
+Audit ref: LCAP-CR-23-02 (CVE-2023-2603)
+
+Signed-off-by: Andrew G. Morgan
+
+Origin: upstream,
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=422bec25ae4a1ab03fd4d6f728695ed279173b18
+---
+ libcap/cap_alloc.c | 12 +++-
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/libcap/cap_alloc.c b/libcap/cap_alloc.c
+index c826e7a..25f9981 100644
+--- a/libcap/cap_alloc.c
b/libcap/cap_alloc.c
+@@ -105,15 +105,17 @@ char *_libcap_strdup(const char *old)
+ errno = EINVAL;
+ return NULL;
+ }
+-len = strlen(old) + 1 + 2*sizeof(__u32);
+-if (len < sizeof(struct _cap_alloc_s)) {
+- len = sizeof(struct _cap_alloc_s);
+-}
+-if ((len & 0x) != len) {
++
++len = strlen(old);
++if ((len & 0x3fff) != len) {
+ _cap_debug("len is too long for libcap to manage");
+ errno = EINVAL;
+ return NULL;
+ }
++len += 1 +
Bug#1036123: [pre-approval] unblock: libcap2/1:2.66-4
(re-sent, this time to the right recipients. Apologies, it's been a long
day)
On 2023-05-15 21:15, Salvatore Bonaccorso wrote:
>> +libcap2 (1:2.66-4) unstable; urgency=medium
>> +
>> + * Apply upstream patches for CVE-2023-2602, CVE-2023-2603
>> +
>> + -- Christian Kastner Mon, 15 May 2023 20:34:57 +0200
>
> We had I guess a small overlap in bugreporting, can you as well
> include bug closer for #1036114 in your upload?
Thanks for catching this, Salvatore.
Updated debdiff attached.
Best,
Christian
diff -Nru libcap2-2.66/debian/changelog libcap2-2.66/debian/changelog
--- libcap2-2.66/debian/changelog 2022-12-21 21:19:49.0 +0100
+++ libcap2-2.66/debian/changelog 2023-05-15 20:34:57.0 +0200
@@ -1,3 +1,10 @@
+libcap2 (1:2.66-4) unstable; urgency=medium
+
+ * Apply upstream patches for CVE-2023-2602, CVE-2023-2603
+(Closes: #1036114)
+
+ -- Christian Kastner Mon, 15 May 2023 20:34:57 +0200
+
libcap2 (1:2.66-3) unstable; urgency=medium
* Add gcc to autopkgtest for upstream tests.
diff -Nru
libcap2-2.66/debian/patches/Correct-the-check-of-pthread_create-s-return-value.patch
libcap2-2.66/debian/patches/Correct-the-check-of-pthread_create-s-return-value.patch
---
libcap2-2.66/debian/patches/Correct-the-check-of-pthread_create-s-return-value.patch
1970-01-01 01:00:00.0 +0100
+++
libcap2-2.66/debian/patches/Correct-the-check-of-pthread_create-s-return-value.patch
2023-05-15 20:34:57.0 +0200
@@ -0,0 +1,39 @@
+From: "Andrew G. Morgan"
+Date: Wed, 3 May 2023 19:18:36 -0700
+Subject: Correct the check of pthread_create()'s return value.
+
+This function returns a positive number (errno) on error, so the code
+wasn't previously freeing some memory in this situation.
+
+Discussion:
+
+ https://stackoverflow.com/a/3581020/14760867
+
+Credit for finding this bug in libpsx goes to David Gstir of
+X41 D-Sec GmbH (https://x41-dsec.de/) who performed a security
+audit of the libcap source code in April of 2023. The audit
+was sponsored by the Open Source Technology Improvement Fund
+(https://ostif.org/).
+
+Audit ref: LCAP-CR-23-01 (CVE-2023-2602)
+
+Signed-off-by: Andrew G. Morgan
+
+Origin: upstream,
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=bc6b36682f188020ee4770fae1d41bde5b2c97bb
+---
+ psx/psx.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/psx/psx.c b/psx/psx.c
+index d9c0485..65eb2aa 100644
+--- a/psx/psx.c
b/psx/psx.c
+@@ -516,7 +516,7 @@ int __wrap_pthread_create(pthread_t *thread, const
pthread_attr_t *attr,
+ pthread_sigmask(SIG_BLOCK, , NULL);
+
+ int ret = __real_pthread_create(thread, attr, _psx_start_fn, starter);
+-if (ret == -1) {
++if (ret > 0) {
+ psx_new_state(_PSX_CREATE, _PSX_IDLE);
+ memset(starter, 0, sizeof(*starter));
+ free(starter);
diff -Nru
libcap2-2.66/debian/patches/Large-strings-can-confuse-libcap-s-internal-strdup-code.patch
libcap2-2.66/debian/patches/Large-strings-can-confuse-libcap-s-internal-strdup-code.patch
---
libcap2-2.66/debian/patches/Large-strings-can-confuse-libcap-s-internal-strdup-code.patch
1970-01-01 01:00:00.0 +0100
+++
libcap2-2.66/debian/patches/Large-strings-can-confuse-libcap-s-internal-strdup-code.patch
2023-05-15 20:34:57.0 +0200
@@ -0,0 +1,53 @@
+From: "Andrew G. Morgan"
+Date: Wed, 3 May 2023 19:44:22 -0700
+Subject: Large strings can confuse libcap's internal strdup code.
+
+Avoid something subtle with really long strings: 1073741823 should
+be enough for anybody. This is an improved fix over something attempted
+in libcap-2.55 to address some static analysis findings.
+
+Reviewing the library, cap_proc_root() and cap_launcher_set_chroot()
+are the only two calls where the library is potentially exposed to a
+user controlled string input.
+
+Credit for finding this bug in libcap goes to Richard Weinberger of
+X41 D-Sec GmbH (https://x41-dsec.de/) who performed a security audit
+of the libcap source code in April of 2023. The audit was sponsored
+by the Open Source Technology Improvement Fund (https://ostif.org/).
+
+Audit ref: LCAP-CR-23-02 (CVE-2023-2603)
+
+Signed-off-by: Andrew G. Morgan
+
+Origin: upstream,
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=422bec25ae4a1ab03fd4d6f728695ed279173b18
+---
+ libcap/cap_alloc.c | 12 +++-
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/libcap/cap_alloc.c b/libcap/cap_alloc.c
+index c826e7a..25f9981 100644
+--- a/libcap/cap_alloc.c
b/libcap/cap_alloc.c
+@@ -105,15 +105,17 @@ char *_libcap_strdup(const char *old)
+ errno = EINVAL;
+ return NULL;
+ }
+-len = strlen(old) + 1 + 2*sizeof(__u32);
+-if (len < sizeof(struct _cap_alloc_s)) {
+- len = sizeof(struct _cap_alloc_s);
+-}
+-if ((len & 0x) != len) {
++
++len = strlen(old);
++if ((len & 0x3fff) != len) {
+ _cap_debug("len is too long for libcap to manage");
+
NEW changes in stable-new
Processing changes file: thunderbird_102.11.0-1~deb11u1_source.changes ACCEPT Processing changes file: thunderbird_102.11.0-1~deb11u1_all-buildd.changes ACCEPT Processing changes file: thunderbird_102.11.0-1~deb11u1_amd64-buildd.changes ACCEPT Processing changes file: thunderbird_102.11.0-1~deb11u1_arm64-buildd.changes ACCEPT Processing changes file: thunderbird_102.11.0-1~deb11u1_i386-buildd.changes ACCEPT Processing changes file: thunderbird_102.11.0-1~deb11u1_ppc64el-buildd.changes ACCEPT Processing changes file: thunderbird_102.11.0-1~deb11u1_s390x-buildd.changes ACCEPT
Processed: Re: Bug#1035757: unblock: org-mode/9.5.2+dfsh-5
Processing control commands: > tag -1 moreinfo Bug #1035757 [release.debian.org] unblock: org-mode/9.5.2+dfsh-5 Added tag(s) moreinfo. -- 1035757: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035757 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1035757: unblock: org-mode/9.5.2+dfsh-5
Control: tag -1 moreinfo Hi, On 10-05-2023 17:21, Sean Whitton wrote: We don't have a real plan for the future, aside from trying to keep these packages up-to-date. It would be good to have a script that we could run right after uploading new versions of Emacs, that would find addons that are now behind. So, we'd like it to be one-off, but due to limited manpower on the team, I can't pretend that it couldn't happen again. Ultimately I think that the correct fix is for Emacs to learn to load the version of the package that has the highest version number. So, I think this is, at bottom, an upstream limitation. But I might be wrong about that. IIRC other ecosystems (like ruby) have the main package also (versioned) Provides these add-ons, such that when packages Depend on it, the main package can provide it without needing the add-on. That way, you could prevent shipping the package in a stable release when it's behind and have a newer version if it's available. Has such a scheme been considered? If yes, what's the drawback? We haven't considered it. It would be a case of writing a script to generate the required Provides values from the Emacs source. Hmm, OK. Can you please share the debdiff? Unless I see very weird things, I'll approve it. Paul OpenPGP_signature Description: OpenPGP digital signature
Bug#1036123: [pre-approval] unblock: libcap2/1:2.66-4
HI Christian, N.B. not part of the release team. On Mon, May 15, 2023 at 09:00:30PM +0200, Christian Kastner wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > X-Debbugs-Cc: libc...@packages.debian.org > Control: affects -1 + src:libcap2 > > Please unblock package libcap2 > > This fixes two minor CVEs for which the fix was published today. The fix > consists of cherry-picking two small patches from upstream. > > I'm erring on the side of caution here and asking for pre-approval, as > the issues this fixes were considered to be minor and I'm not sure > whether "CVE" by itself automatically satisfies the threshold for direct > upload. > > [ Reason ] > Fix for two security issues. > > [ Impact ] > Without this release, users will be left vulnerable to two minor issues. > > [ Tests ] > All upstream tests passed, including those requiring root (tested within > a VM). > > [ Risks ] > Little to none. The two patches are trivial. > > [ Checklist ] > [X] all changes are documented in the d/changelog > [X] I reviewed all changes and I approve them > [X] attach debdiff against the package in testing > > unblock libcap2/1:2.66-4 > diff -Nru libcap2-2.66/debian/changelog libcap2-2.66/debian/changelog > --- libcap2-2.66/debian/changelog 2022-12-21 21:19:49.0 +0100 > +++ libcap2-2.66/debian/changelog 2023-05-15 20:34:57.0 +0200 > @@ -1,3 +1,9 @@ > +libcap2 (1:2.66-4) unstable; urgency=medium > + > + * Apply upstream patches for CVE-2023-2602, CVE-2023-2603 > + > + -- Christian Kastner Mon, 15 May 2023 20:34:57 +0200 We had I guess a small overlap in bugreporting, can you as well include bug closer for #1036114 in your upload? Regards, Salvatore
Bug#1035843: unblock: jed/0.99.20~pre.178+dfsg-4
Control: tags -1 moreinfo On 10-05-2023 07:33, Rafael Laboissière wrote: The version in unstable fixes the RC bug #1035839. I introduced a regression in the d/jed-common.preinst script when I tried to fix Bug#1035780. And a new RC bug against the version in unstable got filed today. Please remove the moreinfo tag once that bug has been triaged and/or fixed. Paul OpenPGP_signature Description: OpenPGP digital signature
Processed: Re: Bug#1035843: unblock: jed/0.99.20~pre.178+dfsg-4
Processing control commands: > tags -1 moreinfo Bug #1035843 [release.debian.org] unblock: jed/0.99.20~pre.178+dfsg-4 Added tag(s) moreinfo. -- 1035843: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035843 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1035804: marked as done (unblock: jackd2/1.9.21~dfsg-3)
Your message dated Mon, 15 May 2023 21:06:35 +0200
with message-id
and subject line Re: Bug#1035804: unblock: jackd2/1.9.21~dfsg-3
has caused the Debian Bug report #1035804,
regarding unblock: jackd2/1.9.21~dfsg-3
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1035804: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035804
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package jackd2
[ Reason ]
A regression (missing man pages) was discovered late in the freeze (30
April, Bug #1035308). The same day Vagrant submitted some
reproducibility fixes for man page generation, and one of these
patches also fixes #1035308. I just happened to notice, as a
Multimedia Team member.
[ Impact ]
Without these changes, there are no man pages for jackd (and
associated programs) which is a regression from bullseye. Given that
the generation of man pages needs to be reintroduced, it is best to do
it correctly and reproducibly; this is why I believe Vagrant's full
patch series is appropriate.
[ Tests ]
Man pages automatically build on buildd and reprobuild hosts now.
[ Risks ]
None. The changes affect man page generation, which is currently
inactive in bookworm.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock jackd2/1.9.21~dfsg-3
diff -Nru jackd2-1.9.21~dfsg/debian/changelog
jackd2-1.9.21~dfsg/debian/changelog
--- jackd2-1.9.21~dfsg/debian/changelog 2023-01-17 15:34:44.0 -0500
+++ jackd2-1.9.21~dfsg/debian/changelog 2023-05-04 15:29:39.0 -0400
@@ -1,3 +1,23 @@
+jackd2 (1.9.21~dfsg-3) unstable; urgency=medium
+
+ * Team upload.
+ * Import Vagrant Cascadian's reproducible builds patches:
+- Add 0001-man-fill_template-Use-numeric-year-month-date-for-ma.patch.
+ Without this patch, manpages may contain a locale-translated month name,
+ as well as a different date based on the build environment timezone.
+ (Closes: #1035331).
+- Add 0002-man-fill_template-Use-UTC-date-to-avoid-differences-.patch.
+ This patch solves variance in generated man page date stamps introduced
+ when man pages generated in different timezones are compared to each
+ other.
+- Add 0003-man-fill_template-Use-POSIX-compatible-comparison.patch. When
+ built in an environment where /bin/sh -> bash, all of these manpages are
+ built and included in the package. When /bin/sh -> dash, the manpages
+ that users depend on are absent from bin:jackd2.
+ (Closes: #1035329, #1035308).
+
+ -- Nicholas D Steeves Thu, 04 May 2023 15:29:39 -0400
+
jackd2 (1.9.21~dfsg-2) unstable; urgency=medium
* Team upload
diff -Nru
jackd2-1.9.21~dfsg/debian/patches/0001-man-fill_template-Use-numeric-year-month-date-for-ma.patch
jackd2-1.9.21~dfsg/debian/patches/0001-man-fill_template-Use-numeric-year-month-date-for-ma.patch
---
jackd2-1.9.21~dfsg/debian/patches/0001-man-fill_template-Use-numeric-year-month-date-for-ma.patch
1969-12-31 19:00:00.0 -0500
+++
jackd2-1.9.21~dfsg/debian/patches/0001-man-fill_template-Use-numeric-year-month-date-for-ma.patch
2023-05-04 15:29:39.0 -0400
@@ -0,0 +1,30 @@
+From 5fe932e274c720b68aff40125f1069fde1490935 Mon Sep 17 00:00:00 2001
+From: Vagrant Cascadian
+Date: Sun, 30 Apr 2023 15:44:21 -0700
+Subject: man/fill_template: Use numeric year-month-date for manpage.
+
+The month may be rendered for the locale of the build environment.
+
+https://reproducible-builds.org/docs/locales/
+---
+ man/fill_template | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/man/fill_template b/man/fill_template
+index 368cb1b..d1df18d 100644
+--- a/man/fill_template
b/man/fill_template
+@@ -4,8 +4,8 @@ d=""
+
+ if [ "$2" == "True" ]; then
+ for i in *.0 ; do
+-sed -e "s/!VERSION!/${1}/g" -e "s/!DATE!/`date $d '+%B %Y'`/g" < ${i} >
${i%%0}1
++sed -e "s/!VERSION!/${1}/g" -e "s/!DATE!/`date $d '+%Y-%m-%d'`/g" < ${i}
> ${i%%0}1
+ done
+ else
+- sed -e "s/!VERSION!/${1}/g" -e "s/!DATE!/`date $d '+%B %Y'`/g" < jackd.0 >
jackd.1
++ sed -e "s/!VERSION!/${1}/g" -e "s/!DATE!/`date $d '+%Y-%m-%d'`/g" < jackd.0
> jackd.1
+ fi
+--
+2.39.2
+
diff -Nru
jackd2-1.9.21~dfsg/debian/patches/0002-man-fill_template-Use-UTC-date-to-avoid-differences-.patch
Bug#1036123: [pre-approval] unblock: libcap2/1:2.66-4
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: libc...@packages.debian.org
Control: affects -1 + src:libcap2
Please unblock package libcap2
This fixes two minor CVEs for which the fix was published today. The fix
consists of cherry-picking two small patches from upstream.
I'm erring on the side of caution here and asking for pre-approval, as
the issues this fixes were considered to be minor and I'm not sure
whether "CVE" by itself automatically satisfies the threshold for direct
upload.
[ Reason ]
Fix for two security issues.
[ Impact ]
Without this release, users will be left vulnerable to two minor issues.
[ Tests ]
All upstream tests passed, including those requiring root (tested within
a VM).
[ Risks ]
Little to none. The two patches are trivial.
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
unblock libcap2/1:2.66-4diff -Nru libcap2-2.66/debian/changelog libcap2-2.66/debian/changelog
--- libcap2-2.66/debian/changelog 2022-12-21 21:19:49.0 +0100
+++ libcap2-2.66/debian/changelog 2023-05-15 20:34:57.0 +0200
@@ -1,3 +1,9 @@
+libcap2 (1:2.66-4) unstable; urgency=medium
+
+ * Apply upstream patches for CVE-2023-2602, CVE-2023-2603
+
+ -- Christian Kastner Mon, 15 May 2023 20:34:57 +0200
+
libcap2 (1:2.66-3) unstable; urgency=medium
* Add gcc to autopkgtest for upstream tests.
diff -Nru
libcap2-2.66/debian/patches/Correct-the-check-of-pthread_create-s-return-value.patch
libcap2-2.66/debian/patches/Correct-the-check-of-pthread_create-s-return-value.patch
---
libcap2-2.66/debian/patches/Correct-the-check-of-pthread_create-s-return-value.patch
1970-01-01 01:00:00.0 +0100
+++
libcap2-2.66/debian/patches/Correct-the-check-of-pthread_create-s-return-value.patch
2023-05-15 20:34:57.0 +0200
@@ -0,0 +1,39 @@
+From: "Andrew G. Morgan"
+Date: Wed, 3 May 2023 19:18:36 -0700
+Subject: Correct the check of pthread_create()'s return value.
+
+This function returns a positive number (errno) on error, so the code
+wasn't previously freeing some memory in this situation.
+
+Discussion:
+
+ https://stackoverflow.com/a/3581020/14760867
+
+Credit for finding this bug in libpsx goes to David Gstir of
+X41 D-Sec GmbH (https://x41-dsec.de/) who performed a security
+audit of the libcap source code in April of 2023. The audit
+was sponsored by the Open Source Technology Improvement Fund
+(https://ostif.org/).
+
+Audit ref: LCAP-CR-23-01 (CVE-2023-2602)
+
+Signed-off-by: Andrew G. Morgan
+
+Origin: upstream,
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=bc6b36682f188020ee4770fae1d41bde5b2c97bb
+---
+ psx/psx.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/psx/psx.c b/psx/psx.c
+index d9c0485..65eb2aa 100644
+--- a/psx/psx.c
b/psx/psx.c
+@@ -516,7 +516,7 @@ int __wrap_pthread_create(pthread_t *thread, const
pthread_attr_t *attr,
+ pthread_sigmask(SIG_BLOCK, , NULL);
+
+ int ret = __real_pthread_create(thread, attr, _psx_start_fn, starter);
+-if (ret == -1) {
++if (ret > 0) {
+ psx_new_state(_PSX_CREATE, _PSX_IDLE);
+ memset(starter, 0, sizeof(*starter));
+ free(starter);
diff -Nru
libcap2-2.66/debian/patches/Large-strings-can-confuse-libcap-s-internal-strdup-code.patch
libcap2-2.66/debian/patches/Large-strings-can-confuse-libcap-s-internal-strdup-code.patch
---
libcap2-2.66/debian/patches/Large-strings-can-confuse-libcap-s-internal-strdup-code.patch
1970-01-01 01:00:00.0 +0100
+++
libcap2-2.66/debian/patches/Large-strings-can-confuse-libcap-s-internal-strdup-code.patch
2023-05-15 20:34:57.0 +0200
@@ -0,0 +1,53 @@
+From: "Andrew G. Morgan"
+Date: Wed, 3 May 2023 19:44:22 -0700
+Subject: Large strings can confuse libcap's internal strdup code.
+
+Avoid something subtle with really long strings: 1073741823 should
+be enough for anybody. This is an improved fix over something attempted
+in libcap-2.55 to address some static analysis findings.
+
+Reviewing the library, cap_proc_root() and cap_launcher_set_chroot()
+are the only two calls where the library is potentially exposed to a
+user controlled string input.
+
+Credit for finding this bug in libcap goes to Richard Weinberger of
+X41 D-Sec GmbH (https://x41-dsec.de/) who performed a security audit
+of the libcap source code in April of 2023. The audit was sponsored
+by the Open Source Technology Improvement Fund (https://ostif.org/).
+
+Audit ref: LCAP-CR-23-02 (CVE-2023-2603)
+
+Signed-off-by: Andrew G. Morgan
+
+Origin: upstream,
https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=422bec25ae4a1ab03fd4d6f728695ed279173b18
+---
+ libcap/cap_alloc.c | 12 +++-
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/libcap/cap_alloc.c b/libcap/cap_alloc.c
+index
Processed: [pre-approval] unblock: libcap2/1:2.66-4
Processing control commands: > affects -1 + src:libcap2 Bug #1036123 [release.debian.org] [pre-approval] unblock: libcap2/1:2.66-4 Added indication that 1036123 affects src:libcap2 -- 1036123: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036123 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1035746: marked as done (Unblock: libswe)
Your message dated Mon, 15 May 2023 20:56:25 +0200
with message-id <5772e17d-5878-01f2-fc08-72546b349...@debian.org>
and subject line Re: Bug#1035746: Unblock: libswe
has caused the Debian Bug report #1035746,
regarding Unblock: libswe
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1035746: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035746
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
X-Debbugs-Cc: jald...@debian.org, s...@astrorigin.com
Hello,
I am requesting a review and unblock for package 'libswe' [1].
The new version fixes the following bug: #1034930 [2].
A file was moved from one package to another, and some information
(Breaks+Replaces) in the d/control file was missing...
You can find the related source debdiff in attachment.
Thanks for attention.
[1] https://tracker.debian.org/pkg/libswe
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034930
diff -Nru libswe-2.10.03/debian/changelog libswe-2.10.03/debian/changelog
--- libswe-2.10.03/debian/changelog 2023-02-06 07:19:48.0 +0100
+++ libswe-2.10.03/debian/changelog 2023-04-30 19:01:56.0 +0200
@@ -1,3 +1,11 @@
+libswe (2.10.03-3) unstable; urgency=medium
+
+ * Apply multi-arch hints: swetest drop Multi-Arch: same
+ * Remove gitignore file, use .git/info/exclude instead
+ * Add Replaces+Breaks to swetest (closes: #1034930)
+
+ -- Stanislas Marquis Sun, 30 Apr 2023 19:01:56 +0200
+
libswe (2.10.03-2) unstable; urgency=medium
* Acknowledge NMU by Paul Gevers
diff -Nru libswe-2.10.03/debian/control libswe-2.10.03/debian/control
--- libswe-2.10.03/debian/control 2022-12-19 09:42:23.0 +0100
+++ libswe-2.10.03/debian/control 2023-04-30 19:01:56.0 +0200
@@ -81,11 +81,14 @@
Package: swetest
Section: misc
Architecture: any
-Multi-Arch: same
Depends:
libswe2.0 (>= ${binary:Version}),
${shlibs
:Depends},
${misc:Depends},
+Replaces:
+ libswe-dev (<< 2.10.03),
+Breaks:
+ libswe-dev (<< 2.10.03),
Suggests:
libswe-doc (= ${binary:Version}),
swe-data (>= 4.0-2022),
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Hi,
On 08-05-2023 18:06, Stanislas Marquis wrote:
I am requesting a review and unblock for package 'libswe' [1].
This happened and the package migrated.
Paul
OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---
Bug#1034060: marked as done (unblock: aide/0.18.2-1)
Your message dated Mon, 15 May 2023 20:47:27 +0200 with message-id <7f37c236-62fd-74fc-47f5-3cf7927e1...@debian.org> and subject line Re: Bug#1034060: unblock: aide/0.18.2-1 has caused the Debian Bug report #1034060, regarding unblock: aide/0.18.2-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1034060: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034060 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: a...@packages.debian.org Control: affects -1 + src:aide This is a pre-upload request for guidance regarding aide 0.18.2. upstream released a new version that fixes a number of locking issues, each of which possible a release-critical bug. Debian does not have reports of these bugs since aide is seldomly used on unstable/testing machines, but they have shown up during testing on upstream side and are fixed now. All downstream dependencies of aide are either in-package or Recommends/Suggests, so breaking other packages unlikely. I am attaching the upstream diff between 0.18.1 and 0.18.2, pulled apart to the respective commits, 273 lines length including commit messages, comments and the noise caused by the release. The aide package has autopkgtests. I reviewed the changes and approve them. Please indicate whether you would be ok with going with the upstream release via unstable to bookworm. A debdiff of the actual package will be delivered for approval before upload once you have indicated that you would consider approval. Thanks in advance. Greetings Marc --- End Message --- --- Begin Message --- On 15-05-2023 18:18, Bastian Germann wrote: The package has migrated, so this request can be closed. As Bastian said... Paul OpenPGP_signature Description: OpenPGP digital signature --- End Message ---
Bug#1036119: unblock: meep-mpi-default/1.25.0-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package meep-mpi-default
[ Reason ]
There was a Conflict: missing for the python3-meep-mpi-default package.
[ Impact ]
The user gets an error message when trying to switch from meep-mpi-default
to for example meep-openmpi.
[ Tests ]
none
[ Risks ]
There is no code change but only a change in the Debian metadata.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock meep-mpi-default/1.25.0-2
diff -Nru meep-mpi-default-1.25.0/debian/changelog
meep-mpi-default-1.25.0/debian/changelog
--- meep-mpi-default-1.25.0/debian/changelog2022-12-07 08:49:17.0
+0100
+++ meep-mpi-default-1.25.0/debian/changelog2023-05-09 22:49:17.0
+0200
@@ -1,9 +1,9 @@
-meep-mpi-default (1.25.0-1) unstable; urgency=medium
+meep-mpi-default (1.25.0-2) unstable; urgency=medium
- * New upstream release.
- * debian/watch: update github watch file
+ * debian/control: also add Conflicts: for python3 packages
+(Closes: #1034954)
- -- Thorsten Alteholz Wed, 07 Dec 2022 08:49:17 +0100
+ -- Thorsten Alteholz Tue, 09 May 2023 22:49:17 +0200
meep-mpi-default (1.24.0-1) unstable; urgency=medium
diff -Nru meep-mpi-default-1.25.0/debian/control
meep-mpi-default-1.25.0/debian/control
--- meep-mpi-default-1.25.0/debian/control 2022-12-07 08:49:17.0
+0100
+++ meep-mpi-default-1.25.0/debian/control 2023-05-09 22:49:17.0
+0200
@@ -197,6 +197,7 @@
, ${shlibs:Depends}
, python3-numpy
, python3
+Conflicts: python3-meep-openmpi, python3-meep
Description: software package for FDTD simulation with Python
Meep is a free and open-source software package for electromagnetics
simulation via the finite-difference time-domain (FDTD) method.
Bug#1036117: unblock: meep/1.25.0-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package meep
[ Reason ]
There was a Conflict: missing for the python3-meep package.
[ Impact ]
The user gets an error message when trying to switch from meep to for
example meep-openmpi.
[ Tests ]
none
[ Risks ]
There is no code change but only a change in the Debian metadata.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock meep/1.25.0-2
diff -Nru meep-1.25.0/debian/changelog meep-1.25.0/debian/changelog
--- meep-1.25.0/debian/changelog2022-12-07 00:04:02.0 +0100
+++ meep-1.25.0/debian/changelog2023-05-09 22:49:17.0 +0200
@@ -1,3 +1,10 @@
+meep (1.25.0-2) unstable; urgency=medium
+
+ * debian/control: also add Conflicts: for python3 packages
+(Closes: #1034988)
+
+ -- Thorsten Alteholz Tue, 09 May 2023 22:49:17 +0200
+
meep (1.25.0-1) unstable; urgency=medium
* New upstream release.
diff -Nru meep-1.25.0/debian/control meep-1.25.0/debian/control
--- meep-1.25.0/debian/control 2022-12-07 00:04:02.0 +0100
+++ meep-1.25.0/debian/control 2023-05-09 22:49:17.0 +0200
@@ -203,6 +203,7 @@
, ${shlibs:Depends}
, python3-numpy
, python3
+Conflicts: python3-meep-openmpi, python3-meep-mpi-default
Description: software package for FDTD simulation with Python
Meep is a free and open-source software package for electromagnetics
simulation via the finite-difference time-domain (FDTD) method.
Bug#1036118: unblock: libahp-gt/1.6.1-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package libahp-gt
[ Reason ]
There was a missing dependency to the library package within the -dev
package.
[ Impact ]
There might be a broken symlink on the users system.
[ Tests ]
none
[ Risks ]
There is no code change but only a change in the Debian metadata.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock libahp-gt/1.6.1-2
diff -Nru libahp-gt-1.6.1/debian/changelog libahp-gt-1.6.1/debian/changelog
--- libahp-gt-1.6.1/debian/changelog2023-01-21 12:35:04.0 +0100
+++ libahp-gt-1.6.1/debian/changelog2023-05-08 22:35:04.0 +0200
@@ -1,3 +1,10 @@
+libahp-gt (1.6.1-2) unstable; urgency=medium
+
+ * debian/control: add correct dependencies
+(Closes. #1035448
+
+ -- Thorsten Alteholz Mon, 08 May 2023 22:35:04 +0200
+
libahp-gt (1.6.1-1) unstable; urgency=medium
* New upstream release
diff -Nru libahp-gt-1.6.1/debian/control libahp-gt-1.6.1/debian/control
--- libahp-gt-1.6.1/debian/control 2023-01-21 12:34:45.0 +0100
+++ libahp-gt-1.6.1/debian/control 2023-05-08 22:35:04.0 +0200
@@ -25,7 +25,8 @@
Section: libdevel
Architecture: any
Multi-Arch: same
-Depends: ${shlibs:Depends}, ${misc:Depends},
+Depends: ${shlibs:Depends}, ${misc:Depends}
+ , libahp-gt1 (= ${binary:Version})
Pre-Depends: ${misc:Pre-Depends}
Description: AHP GT telescope mount controllers programming - development files
This package contains a library to program the AHP GT telescope mount
Bug#1036116: unblock: meep-openmpi/1.25.0-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package meep-openmpi
[ Reason ]
There was a Conflict: missing for the python3-meep-openmpi package.
[ Impact ]
The user gets an error message when trying to switch from meep-openmpi to
for example meep-mpi-default.
[ Tests ]
none
[ Risks ]
There is no code change but only a change in the Debian metadata.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock meep-openmpi/1.25.0-2
diff -Nru meep-openmpi-1.25.0/debian/changelog
meep-openmpi-1.25.0/debian/changelog
--- meep-openmpi-1.25.0/debian/changelog2022-12-07 08:45:00.0
+0100
+++ meep-openmpi-1.25.0/debian/changelog2023-05-09 22:49:17.0
+0200
@@ -1,3 +1,10 @@
+meep-openmpi (1.25.0-2) unstable; urgency=medium
+
+ * debian/control: also add Conflicts: for python3 packages
+(Closes: #1035003)
+
+ -- Thorsten Alteholz Tue, 09 May 2023 22:49:17 +0200
+
meep-openmpi (1.25.0-1) unstable; urgency=medium
* New upstream release.
diff -Nru meep-openmpi-1.25.0/debian/control meep-openmpi-1.25.0/debian/control
--- meep-openmpi-1.25.0/debian/control 2022-12-07 08:45:00.0 +0100
+++ meep-openmpi-1.25.0/debian/control 2023-05-09 22:49:17.0 +0200
@@ -199,6 +199,7 @@
, ${shlibs:Depends}
, python3-numpy
, python3
+Conflicts: python3-meep-mpi-default, python3-meep
Description: software package for FDTD simulation with Python
Meep is a free and open-source software package for electromagnetics
simulation via the finite-difference time-domain (FDTD) method.
Processed: Re: Bug#1034060: unblock: aide/0.18.2-1
Processing control commands: > tags -1 - moreinfo Bug #1034060 [release.debian.org] unblock: aide/0.18.2-1 Removed tag(s) moreinfo. -- 1034060: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034060 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1034060: unblock: aide/0.18.2-1
Control: tags -1 - moreinfo The package has migrated, so this request can be closed.
Bug#1036108: unblock: srpc/0.9.8-1.1
Package: release.debian.org
Control: affects -1 + src:srpc
X-Debbugs-Cc: s...@packages.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
Please unblock package srpc.
[ Reason ]
Missing dependency: #1035456
[ Impact ]
auto-removal from bookworm.
[ Tests ]
dangling symlink /usr/lib/x86_64-linux-gnu/libsrpc.so (e.g. for amd64)
[ Risks ]
None.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock srpc/0.9.8-1.1diff -Nru srpc-0.9.8/debian/changelog srpc-0.9.8/debian/changelog
--- srpc-0.9.8/debian/changelog 2023-03-01 15:41:10.0 +0100
+++ srpc-0.9.8/debian/changelog 2023-05-12 19:39:47.0 +0200
@@ -1,3 +1,10 @@
+srpc (0.9.8-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload
+ * libsrpc-dev: Add missing Depends (Closes: #1035456)
+
+ -- Bastian Germann Fri, 12 May 2023 19:39:47 +0200
+
srpc (0.9.8-1) unstable; urgency=low
* Updated to new version (0.9.8)
diff -Nru srpc-0.9.8/debian/control srpc-0.9.8/debian/control
--- srpc-0.9.8/debian/control 2023-03-01 15:41:10.0 +0100
+++ srpc-0.9.8/debian/control 2023-05-12 19:38:49.0 +0200
@@ -33,7 +33,10 @@
Multi-Arch: same
Breaks: libsrpc (<< 0.9.7-1)
Replaces: libsrpc (<< 0.9.7-1)
-Depends: libsrpc-bin (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Depends:
+ libsrpc0 (= ${binary:Version}),
+ libsrpc-bin (= ${binary:Version}),
+ ${misc:Depends}, ${shlibs:Depends}
Description: Sogou RPC Library (SRPC)
SRPC is an enterprise-level RPC framework widely used by Tencent, Sogou and
many small and medium-sized companies. It handles hundreds of millions of
Processed: unblock: srpc/0.9.8-1.1
Processing control commands: > affects -1 + src:srpc Bug #1036108 [release.debian.org] unblock: srpc/0.9.8-1.1 Added indication that 1036108 affects src:srpc -- 1036108: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036108 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1033571: marked as done (unblock: keyman/16.0.139-4)
Your message dated Mon, 15 May 2023 17:52:48 +0200
with message-id <52e6e339-1300-4f34-56af-1a45aa5c8...@sil.org>
and subject line Re: unblock: keyman/16.0.139-4
has caused the Debian Bug report #1033571,
regarding unblock: keyman/16.0.139-4
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1033571: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033571
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User:release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc:debian-input-met...@lists.debian.org,e...@sil.org
Please unblock package keyman.
[ Reason ]
While keyman has autopkgtests and so would qualify for automatic migration, the
tests are skipped on s390x.
The reason is that Keyman doesn't yet support big endian architecture and so
can't run on s390x (even though it's
possible to build it on that platform it won't work). See upstream
bughttps://github.com/keymanapp/keyman/issues/5111.
Included are only small changes: one is a small fix in the postinst script, the
other is an update of a timestamp in a
locale. It also excludes s390x from building since that makes more sense than
building an unusable library.
Another reason why I'd like to get this version approved is that it brings the
version in Debian on par with the upstream
version which simplifies user help requests.
[ Impact ]
The user won't notice any difference, but it would be helpful for the support
team if the users would use the same version
that is used on the other platforms.
[ Tests ]
Manually installed the binaries and verified that things work as expected.
[ Risks ]
Changes are minimal. I can't think of any negative side effects.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock keyman/16.0.139-4
diff -Nru keyman-16.0.138/core/VERSION.md keyman-16.0.139/core/VERSION.md
--- keyman-16.0.138/core/VERSION.md 2023-02-01 04:55:31.0 +0100
+++ keyman-16.0.139/core/VERSION.md 2023-03-16 08:24:24.0 +0100
@@ -1 +1 @@
-16.0.138
\ No newline at end of file
+16.0.139
\ No newline at end of file
diff -Nru keyman-16.0.138/crowdin.yml keyman-16.0.139/crowdin.yml
--- keyman-16.0.138/crowdin.yml 2023-01-31 19:04:42.0 +0100
+++ keyman-16.0.139/crowdin.yml 2023-03-16 08:22:51.0 +0100
@@ -59,6 +59,7 @@
locale:
de: de
fr: fr
+kn: kn
- source: /windows/src/desktop/setup/locale/en/strings.xml
dest: /windows/setup/strings.xml
@@ -68,6 +69,7 @@
locale:
de: de
fr: fr
+kn: kn
# iOS files
diff -Nru keyman-16.0.138/debian/changelog keyman-16.0.139/debian/changelog
--- keyman-16.0.138/debian/changelog2023-02-11 18:39:13.0 +0100
+++ keyman-16.0.139/debian/changelog2023-03-24 16:05:07.0 +0100
@@ -1,3 +1,29 @@
+keyman (16.0.139-4) unstable; urgency=medium
+
+ * debian/tests: Revert previous change and ignore s390x from autopkgtests
+
+ -- Eberhard Beilharz Fri, 24 Mar 2023 16:05:07 +0100
+
+keyman (16.0.139-3) unstable; urgency=medium
+
+ * debian/tests: Run autopkgtests on s390x but immediately return
+
+ -- Eberhard Beilharz Wed, 22 Mar 2023 19:25:02 +0100
+
+keyman (16.0.139-2) unstable; urgency=medium
+
+ * Don't build on s390x because Keyman doesn't work on big-endian
architectures
+(upstream bug https://github.com/keymanapp/keyman/issues/5111)
+
+ -- Eberhard Beilharz Mon, 20 Mar 2023 19:54:44 +0100
+
+keyman (16.0.139-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Re-release to Debian
+
+ -- Eberhard Beilharz Thu, 16 Mar 2023 08:59:04 +0100
+
keyman (16.0.138-4) unstable; urgency=medium
* Team upload
diff -Nru keyman-16.0.138/debian/control keyman-16.0.139/debian/control
--- keyman-16.0.138/debian/control 2023-02-09 12:17:16.0 +0100
+++ keyman-16.0.139/debian/control 2023-03-20 20:02:09.0 +0100
@@ -105,7 +105,7 @@
information about Keyman keyboard packages.
Package: libkmnkbp-dev
-Architecture: any
+Architecture: amd64 arm64 armel armhf i386 mipsel mips64el ppc64el riscv64
Section: libdevel
Depends:
libkmnkbp0-0 (= ${binary:Version}),
@@ -129,7 +129,7 @@
This package contains development headers and libraries.
Package: libkmnkbp0-0
-Architecture: any
+Architecture: amd64 arm64 armel armhf i386 mipsel mips64el ppc64el riscv64
Section: libs
Pre-Depends:
${misc:Pre-Depends},
@@ -155,7 +155,7 @@
and applies rules from
Bug#1035674: pre-approval: unblock: puppetserver/7.9.5-2
Le 2023-05-14 à 15 h 19, Paul Gevers a écrit : Hi, On 11-05-2023 17:36, Jérôme Charaoui wrote: Uploaded to unstable. Thanks! and unblocked and aged. Thanks! Paul PS: while not a regression, the autopkgtest fails on armel. Have you checked why that is? Yes, I've looked and its failing to automatically generate its PKI at startup for some reason. I suspect the bug is somewhere deep down in JRuby but I haven't had the cycles to track it down. It's probably related to some of the 32-bit stuff that was failing in JRuby's autopkgtests, some of which was fixed in 9.4. So my plan currently is to fix it in sid at some point by upgrading to JRuby 9.4 and puppetserver 8. -- Jérôme
Bug#1033811: closed by Graham Inggs (Re: Bug#1033811: unblock: mariadb/1:10.11.2-2)
To summarize, the request is to revert these bugfixes: * Upgrades from MySQL 5.7 to MariaDB 10.11 (MDEV-30483) (Closes: #866751) * Add patch to fix cross-compilation failure on uca-dump (Closes: #1029165) * Limit check of running mysqld/mariadbd to system users (Closes: #1032047) * Fix man pages syntax issues (Closes: #1032861) * Fix spelling in MariaDB and components (Closes: #1032860) I made this into a MR at https://salsa.debian.org/mariadb-team/mariadb-server/-/merge_requests/45 and it is now pending feedback from other contributors. Note also related https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036081 about new upstream maintenance release 10.11.3 and request for decision if it can be included in Bookworm.
Processed (with 1 error): block 1035364
Processing commands for cont...@bugs.debian.org: > block 1035364 by 1036106 Bug #1035364 [lttng-modules-dkms] lttng-modules-dkms: fails to build module on bullseye for Linux 5.10.0-22-amd64 1035364 was blocked by: 1035464 1035364 was not blocking any bugs. Added blocking bug(s) of 1035364: 1036106 > bye Unknown command or malformed arguments to command. > End of message, stopping processing here. Please contact me if you need assistance. -- 1035364: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035364 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036106: unblock: lttng-modules/2.13.9-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: lttng-modu...@packages.debian.org Control: affects -1 + src:lttng-modules Please unblock package lttng-modules The 2.13.9 release currently in testing contains fixes to build against the current 5.10.0-22 kernel in stable, keeping the current 2.13.8 release might result in a failed upgrade from bulllseye to bookworm. [ Reason ] The latest 5.10.0 kernel in stable results in a build failure with 2.13.8. [ Impact ] Potential failed upgrade to bookworm. [ Tests ] Manually tested with 5.10.0-22 and 6.1.0-5. [ Risks ] Low, this is a not widely used package and the changes between 2.13.8 and 2.13.9 are very targeted. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock lttng-modules/2.13.9-1 diff -Nru lttng-modules-2.13.8/ChangeLog lttng-modules-2.13.9/ChangeLog --- lttng-modules-2.13.8/ChangeLog 2023-01-13 16:08:06.0 -0500 +++ lttng-modules-2.13.9/ChangeLog 2023-03-03 10:39:24.0 -0500 @@ -1,3 +1,9 @@ +2023-03-03 (Canadian Bacon Day) LTTng modules 2.13.9 + * fix: jbd2: use the correct print format (v5.4.229) + * fix: jbd2 upper bound for v5.10.163 + * fix: jbd2: use the correct print format (v5.10.163) + * fix: btrfs: move accessor helpers into accessors.h (v6.2) + 2023-01-13 (National Sticker Day) LTTng modules 2.13.8 * fix: jbd2: use the correct print format * Fix: in_x32_syscall was introduced in v4.7.0 diff -Nru lttng-modules-2.13.8/debian/changelog lttng-modules-2.13.9/debian/changelog --- lttng-modules-2.13.8/debian/changelog 2023-01-16 11:47:18.0 -0500 +++ lttng-modules-2.13.9/debian/changelog 2023-03-07 14:12:32.0 -0500 @@ -1,3 +1,10 @@ +lttng-modules (2.13.9-1) unstable; urgency=medium + + * [2f1b62b] New upstream version 2.13.9 +- Bugfix release, adds support for v6.2 and multiple stable kernels. + + -- Michael Jeanson Tue, 07 Mar 2023 14:12:32 -0500 + lttng-modules (2.13.8-1) unstable; urgency=medium * [813bc03] New upstream version 2.13.8 diff -Nru lttng-modules-2.13.8/include/instrumentation/events/btrfs.h lttng-modules-2.13.9/include/instrumentation/events/btrfs.h --- lttng-modules-2.13.8/include/instrumentation/events/btrfs.h 2023-01-13 16:08:06.0 -0500 +++ lttng-modules-2.13.9/include/instrumentation/events/btrfs.h 2023-03-03 10:39:24.0 -0500 @@ -9,6 +9,10 @@ #include #include +#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(6,2,0)) +#include <../fs/btrfs/accessors.h> +#endif + #ifndef _TRACE_BTRFS_DEF_ #define _TRACE_BTRFS_DEF_ struct btrfs_root; diff -Nru lttng-modules-2.13.8/include/instrumentation/events/jbd2.h lttng-modules-2.13.9/include/instrumentation/events/jbd2.h --- lttng-modules-2.13.8/include/instrumentation/events/jbd2.h 2023-01-13 16:08:06.0 -0500 +++ lttng-modules-2.13.9/include/instrumentation/events/jbd2.h 2023-03-03 10:39:24.0 -0500 @@ -28,6 +28,8 @@ ) #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(6,2,0) \ + || LTTNG_KERNEL_RANGE(5,4,229, 5,5,0) \ + || LTTNG_KERNEL_RANGE(5,10,163, 5,11,0) \ || LTTNG_KERNEL_RANGE(5,15,87, 5,16,0) \ || LTTNG_KERNEL_RANGE(6,0,18, 6,1,0) \ || LTTNG_KERNEL_RANGE(6,1,4, 6,2,0)) @@ -96,6 +98,8 @@ #endif #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(6,2,0) \ + || LTTNG_KERNEL_RANGE(5,4,229, 5,5,0) \ + || LTTNG_KERNEL_RANGE(5,10,163, 5,11,0) \ || LTTNG_KERNEL_RANGE(5,15,87, 5,16,0) \ || LTTNG_KERNEL_RANGE(6,0,18, 6,1,0) \ || LTTNG_KERNEL_RANGE(6,1,4, 6,2,0)) @@ -138,6 +142,8 @@ ) #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(6,2,0) \ + || LTTNG_KERNEL_RANGE(5,4,229, 5,5,0) \ + || LTTNG_KERNEL_RANGE(5,10,163, 5,11,0) \ || LTTNG_KERNEL_RANGE(5,15,87, 5,16,0) \ || LTTNG_KERNEL_RANGE(6,0,18, 6,1,0) \ || LTTNG_KERNEL_RANGE(6,1,4, 6,2,0)) diff -Nru lttng-modules-2.13.8/include/lttng/tracer.h lttng-modules-2.13.9/include/lttng/tracer.h --- lttng-modules-2.13.8/include/lttng/tracer.h 2023-01-13 16:08:06.0 -0500 +++ lttng-modules-2.13.9/include/lttng/tracer.h 2023-03-03 10:39:24.0 -0500 @@ -28,7 +28,7 @@ #define LTTNG_MODULES_MAJOR_VERSION 2 #define LTTNG_MODULES_MINOR_VERSION 13 -#define LTTNG_MODULES_PATCHLEVEL_VERSION 8 +#define LTTNG_MODULES_PATCHLEVEL_VERSION 9 #define LTTNG_MODULES_EXTRAVERSION "" #define LTTNG_VERSION_NAME "Nordicité"
Processed: unblock: lttng-modules/2.13.9-1
Processing control commands: > affects -1 + src:lttng-modules Bug #1036106 [release.debian.org] unblock: lttng-modules/2.13.9-1 Added indication that 1036106 affects src:lttng-modules -- 1036106: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036106 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036099: unblock: liblxqt/1.2.0-7
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: libl...@packages.debian.org
Control: affects -1 + src:liblxqt
Please unblock package liblxqt
[ Reason ]
Fix RC bug https://bugs.debian.org/1034943 due to missing
Breaks/Replaces.
[ Impact ]
This bug prevent user from upgrading LXQt desktop from Bullseye to
Bookworm.
[ Tests ]
Manual test to upgrade liblxqt from 0.16.0-1 to 1.2.0-7.
[ Risks ]
[ Checklist ]
[v] all changes are documented in the d/changelog
[v] I reviewed all changes and I approve them
[v] attach debdiff against the package in testing
[ Other info ]
unblock liblxqt/1.2.0-7
--
ChangZhuo Chen (陳昌倬) czchen@{czchen,debian}.org
https://czchen.org/
Key fingerprint = BA04 346D C2E1 FE63 C790 8793 CC65 B0CD EC27 5D5B
diff -Nru liblxqt-1.2.0/debian/changelog liblxqt-1.2.0/debian/changelog
--- liblxqt-1.2.0/debian/changelog 2023-04-27 13:10:28.0 +0800
+++ liblxqt-1.2.0/debian/changelog 2023-05-13 17:41:17.0 +0800
@@ -1,3 +1,10 @@
+liblxqt (1.2.0-7) unstable; urgency=medium
+
+ * liblxqt1-dev: sufficient Breaks and Replaces declarations.
+Thanks Helmut Grohne . (Closes:#1034943)
+
+ -- Andrew Lee (李健秋) Sat, 13 May 2023 11:41:17 +0200
+
liblxqt (1.2.0-6) unstable; urgency=medium
* Add missing Breaks/Replaces (Closes: #1034894)
diff -Nru liblxqt-1.2.0/debian/control liblxqt-1.2.0/debian/control
--- liblxqt-1.2.0/debian/control2023-04-27 13:10:28.0 +0800
+++ liblxqt-1.2.0/debian/control2023-05-13 17:41:17.0 +0800
@@ -51,6 +51,8 @@
libqt5xdgiconloader-dev (>= 3.10.0~),
lxqt-build-tools (>= 0.12.0~),
${misc:Depends}
+Breaks: liblxqt0 (<< 0.99)
+Replaces: liblxqt0 (<< 0.99)
Description: Shared libraries for LXQt desktop environment (dev)
LXQt is an advanced, easy-to-use, and fast desktop environment based on Qt
technologies. It has been tailored for users who value simplicity, speed, and
signature.asc
Description: PGP signature
Processed: unblock: liblxqt/1.2.0-7
Processing control commands: > affects -1 + src:liblxqt Bug #1036099 [release.debian.org] unblock: liblxqt/1.2.0-7 Added indication that 1036099 affects src:liblxqt -- 1036099: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036099 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036093: unblock: pokerth/1.1.2-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: a...@debian.org
Please unblock package pokerth
[ Reason ]
pokerth depends on gsfonts-x11 which has been replaced by
fonts-urw-base35. Some fonts names changed and symlinks pointing to
the old fonts no longer worked as expected. (#1020237) However after
looking into this issue, I discovered that those fonts are no longer
required. They were intended as a fallback solution but upstream
removed them years ago. There is also still DejaVuSans-Bold.ttf which
should suffice as well. Since it made no difference, I simply removed the
dependency on gsfonts-x11.
[ Impact ]
pokerth in testing would be shipped with dangling symlinks.
[ Tests ]
The game looks identical with or without those fonts.
[ Risks ]
None, since gsfonts-x11 is just obsolete
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock pokerth/1.1.2-2
diff -Nru pokerth-1.1.2/debian/changelog pokerth-1.1.2/debian/changelog
--- pokerth-1.1.2/debian/changelog 2020-12-19 19:37:17.0 +0100
+++ pokerth-1.1.2/debian/changelog 2023-05-15 00:44:03.0 +0200
@@ -1,3 +1,14 @@
+pokerth (1.1.2-2) unstable; urgency=medium
+
+ * Team upload.
+ * No longer depend on gsfonts-x11 which is replaced by fonts-urw-base35.
+We don't need these fonts because we still have DejaVuSans which is the
+better alternative. (Closes: #1020237)
+ * Remove the symlinks to gsfonts-x11 fonts.
+ * Rename VeraBd.ttf symlink to DejaVuSans-Bold.ttf.
+
+ -- Markus Koschany Mon, 15 May 2023 00:44:03 +0200
+
pokerth (1.1.2-1.1) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru pokerth-1.1.2/debian/control pokerth-1.1.2/debian/control
--- pokerth-1.1.2/debian/control2020-12-19 19:33:12.0 +0100
+++ pokerth-1.1.2/debian/control2023-05-15 00:44:03.0 +0200
@@ -65,7 +65,6 @@
Architecture: all
Depends:
fonts-dejavu-core,
- gsfonts-x11,
${misc:Depends}
Description: Texas hold'em game - common data files
pokerth is a free implementation of the Texas hold'em poker game which is
diff -Nru pokerth-1.1.2/debian/pokerth-data.links
pokerth-1.1.2/debian/pokerth-data.links
--- pokerth-1.1.2/debian/pokerth-data.links 2018-10-02 15:35:20.0
+0200
+++ pokerth-1.1.2/debian/pokerth-data.links 2023-05-15 00:44:03.0
+0200
@@ -1,3 +1 @@
-/usr/share/fonts/X11/Type1/c059013l.pfb
/usr/share/games/pokerth/fonts/c059013l.pfb
-/usr/share/fonts/X11/Type1/n019003l.pfb
/usr/share/games/pokerth/fonts/n019003l.pfb
-/usr/share/fonts/truetype/dejavu/DejaVuSans-Bold.ttf
/usr/share/games/pokerth/fonts/VeraBd.ttf
+/usr/share/fonts/truetype/dejavu/DejaVuSans-Bold.ttf
/usr/share/games/pokerth/fonts/DejaVuSans-Bold.ttf
Bug#1036089: unblock: python-os-brick/6.1.0-3 python-glance-store/4.1.0-4 nova/2:26.1.0-4 cinder/2:21.1.0-3 (CVE-2023-2088)
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: python-os-br...@packages.debian.org Control: affects -1 + src:python-os-brick Dear release team, Please unblock package python-os-brick, python-glance-store, cinder and nova. [ Reason ] When using the LVM / iSCSI backend of Cinder, under some circonstances, it may be possible for a user to access the data of a volume from another user. Glance, Cinder and Nova are affected, through the common library python-os-brick (that is the glue between them). The change is adding a "force_disconnect" in the Cinder API, and checking that users are allowed to destroy volume exports. [ Impact ] See CVE-2023-2088 (that I'm copy/pasting here...): **Accidental case:** If there is a problem with network connectivity during a normal detach operation, OpenStack may fail to clean the situation up properly. Instead of force-detaching the compute node device, Nova ignores the error, assuming the instance has already been deleted. Due to this incomplete operation OpenStack may end up selecting the wrong multipath device when connecting another volume to an instance. **Intentional case:** A regular user can create an instance with a volume, and then delete the volume attachment directly in Cinder, which neglects to notify Nova. The compute node SCSI plumbing (over iSCSI/FC) will continue trying to connect to the original host/port/LUN, not knowing the attachment has been deleted. If a subsequent volume attachment re-uses the host/port/LUN for a different instance and volume, the original instance will gain access to it once the SCSI plumbing reconnects. [ Tests ] Unit tests are run during package build, and with autopkgtest. Upstream runs an extensive set of functional tests. [ Risks ] Considering the amount of testing in OpenStack, the risks are always mitigated, and it should be safe from regressions. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] Note that I've added a diff of the 4 packages in a tarball attached to this message. Please also note that I did a mistake in the python-os-brick, using the wrong CVE number (ie: CVE-2023-30861 instead of CVE-2023-2088). If you think I should re-upload to fix only that, please let me know. Cheers, Thomas Goirand (zigo) unblock python-os-brick/6.1.0-3 python-glance-store/4.1.0-4 nova/2:26.1.0-4 cinder/2:21.1.0-3 all-diff.tar.gz Description: application/gzip
Processed: unblock: python-os-brick/6.1.0-3 python-glance-store/4.1.0-4 nova/2:26.1.0-4 cinder/2:21.1.0-3 (CVE-2023-2088)
Processing control commands: > affects -1 + src:python-os-brick Bug #1036089 [release.debian.org] unblock: python-os-brick/6.1.0-3 python-glance-store/4.1.0-4 nova/2:26.1.0-4 cinder/2:21.1.0-3 (CVE-2023-2088) Added indication that 1036089 affects src:python-os-brick -- 1036089: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036089 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036084: [pre-approval] unblock: android-platform-tools-base/2.2.2-5
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: android-platform-tools-b...@packages.debian.org
Control: affects -1 + src:android-platform-tools-base
Hi,
The kotlin package is threatened to be removed due the RC bug (#1034982).
I tracked down the link between kotlin and android-libnativehelper to
the adb package which is a dependency of libandroid-ddms-java.
I'd like to suggest downgrading the dependency on adb to recommended
if #1034982 isn't fixed in time for the Bookworm release. Kotlin
doesn't use adb and shouldn't be tied to its fate.
unblock android-platform-tools-base/2.2.2-5
diff --git a/debian/changelog b/debian/changelog
index 175b081e..ba88018b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+android-platform-tools-base (2.2.2-5) UNRELEASED; urgency=medium
+
+ * Team upload.
+ * Downgraded the libandroid-ddms-java dependency on adb to recommended
+
+ -- Emmanuel Bourg Mon, 15 May 2023 09:08:26 +0200
+
android-platform-tools-base (2.2.2-4) unstable; urgency=medium
* Team upload.
diff --git a/debian/control b/debian/control
index 76cb3945..5a0bcbdd 100644
--- a/debian/control
+++ b/debian/control
@@ -170,10 +170,10 @@ Description: Library to parse and download the Android SDK
Package: libandroid-ddms-java
Architecture: all
-Depends: adb,
- libandroid-tools-common-java,
+Depends: libandroid-tools-common-java,
libkxml2-java,
${misc:Depends}
+Recommends: adb
Description: Communicate with devices through adb - Core library
Dalvik Debug Monitor Server (DDMS) provides port-forwarding services, screen
capture on the device, thread and heap information on the device, logcat,
Processed: [pre-approval] unblock: android-platform-tools-base/2.2.2-5
Processing control commands: > affects -1 + src:android-platform-tools-base Bug #1036084 [release.debian.org] [pre-approval] unblock: android-platform-tools-base/2.2.2-5 Added indication that 1036084 affects src:android-platform-tools-base -- 1036084: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036084 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036083: bullseye-pu: package galera-4 26.4.14-0+deb11u1
Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu I propose that the latest version of Galera 4 be included in the upcoming stable release update of Debian (in August or September?). Package ready at https://salsa.debian.org/mariadb-team/galera-4/-/commits/bullseye Current changelog: galera-4 (26.4.14-0+deb11u1) bullseye; urgency=medium * New upstream release 26.4.14. Includes multiple bug fixes, see https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.14.txt * For previous release details see https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.13.txt and https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.12.txt - Arbitrator daemon garbd now has parameters -w, --workdir and WORK_DIR in garb.conf which can be used to set the working directory for garbd process, which helps to fix long standing issue from 2015 (https://github.com/codership/galera/issues/313). -- Otto Kekäläinen Sat, 15 Apr 2023 12:22:52 -0700 Debdiff attached. Created with commands: git diff --stat debian/26.4.11-0+deb11u1..bullseye | xz > debian-26.4.14-0+deb11u1.debdiff.stat.xz git diff debian/26.4.11-0+deb11u1..bullseye | xz > debian-26.4.14-0+deb11u1.debdiff.xz Commit history for easy review visible at https://salsa.debian.org/mariadb-team/galera-4/-/commits/bullseye Quality control: - Bullseye specific CI passed at https://salsa.debian.org/mariadb-team/galera-4/-/pipelines/520097
