Bug#1036307: unblock: ufw/0.36.2-1
Package: release.debian.org This has additional information: https://alioth-lists.debian.net/pipermail/piuparts-devel/2023-May/009566.html On May 18, 2023 10:33:36 PM Jamie Strandboge wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package ufw It seems that adduser 3.133 has caused problems for a lot of packages in sid, including ufw. See: https://piuparts.debian.org/sid/fail/adduser_3.133.log https://piuparts.debian.org/sid/fail/ https://piuparts.debian.org/sid/fail/ufw_0.36.2-1.log https://piuparts.debian.org/sid/fail/... In the case of ufw, it ships a logrotate file and logrotate gets installed, which pulls in adduser, but adduser can't be removed and piuparts fails: 0m18.6s DEBUG: Starting command: ['chroot', '/srv/piuparts.debian.org/tmp/tmpwv4fmpa7', 'apt-get', 'install', '-y', 'logrotate'] 0m19.9s DUMP: Reading package lists... Building dependency tree... Reading state information... The following additional packages will be installed: adduser cron cron-daemon-common libpopt0 sensible-utils ... m20.2s ERROR: Command failed (status=1): ['chroot', '/srv/piuparts.debian.org/tmp/tmpwv4fmpa7', 'dpkg', '--purge', 'adduser', 'cron', 'cron-daemon-common', 'libpopt0:amd64', 'logrotate', 'sensible-utils'] dpkg: error processing package adduser (--purge): this is a protected package; it should not be removed ... As mentioned, there seem to be several packages in this state. ufw has shipped a logrotate file for years and this isn't new to ufw 0.36.2-1. [ Reason ] ufw did not cause adduser to be unremovable, and adduser being unremovable should not affect ufw's migration. [ Impact ] Bug fixes and translations will not be available in bookworm (I am upstream ufw and I cut 0.36.2 specifically for bookworm users). [ Tests ] Build tests (unit and functional) and autopkgtests pass. [ Risks ] Leaf package. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock ufw/0.36.2-1
Bug#1036306: unblock: ufw/0.36.2-1
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package ufw
It seems that adduser 3.133 has caused problems for a lot of packages in sid,
including ufw. See:
https://piuparts.debian.org/sid/fail/adduser_3.133.log
https://piuparts.debian.org/sid/fail/
https://piuparts.debian.org/sid/fail/ufw_0.36.2-1.log
https://piuparts.debian.org/sid/fail/...
In the case of ufw, it ships a logrotate file and logrotate gets installed,
which pulls in adduser, but adduser can't be removed and piuparts fails:
0m18.6s DEBUG: Starting command: ['chroot',
'/srv/piuparts.debian.org/tmp/tmpwv4fmpa7', 'apt-get', 'install', '-y',
'logrotate']
0m19.9s DUMP:
Reading package lists...
Building dependency tree...
Reading state information...
The following additional packages will be installed:
adduser cron cron-daemon-common libpopt0 sensible-utils
...
m20.2s ERROR: Command failed (status=1): ['chroot',
'/srv/piuparts.debian.org/tmp/tmpwv4fmpa7', 'dpkg', '--purge', 'adduser',
'cron', 'cron-daemon-common', 'libpopt0:amd64', 'logrotate', 'sensible-utils']
dpkg: error processing package adduser (--purge):
this is a protected package; it should not be removed
...
As mentioned, there seem to be several packages in this state. ufw has shipped
a logrotate file for years and this isn't new to ufw 0.36.2-1.
[ Reason ]
ufw did not cause adduser to be unremovable, and adduser being unremovable
should not affect ufw's migration.
[ Impact ]
Bug fixes and translations will not be available in bookworm (I am upstream ufw
and I cut 0.36.2 specifically for bookworm users).
[ Tests ]
Build tests (unit and functional) and autopkgtests pass.
[ Risks ]
Leaf package.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock ufw/0.36.2-1
diff -Nru ufw-0.36.1/ChangeLog ufw-0.36.2/ChangeLog
--- ufw-0.36.1/ChangeLog2021-09-18 20:29:52.0 -0500
+++ ufw-0.36.2/ChangeLog2023-05-18 08:45:35.0 -0500
@@ -1,3 +1,23 @@
+ufw (0.36.2) RELEASED; urgency=medium
+
+ * src/ufw-init-functions: set default policy after loading rules. Thanks to
+Mauricio Faria de Oliveira. (LP: #1946804)
+ * doc/ufw.8:
+- document 'insert' and 'prepend' can't be used to update comments
+ (LP: #1927737)
+ * src/backend_iptables.py: remove unreachable code (LP: #1927734)
+ * src/util.py:
+- properly parse /proc/pid/stat for WSL (LP: #2015645)
+- mitigate odd length string with unhexlify (Closes: 1034568)
+- support vrrp protocol (LP: #1996636)
+ * add locales/po/ro.po. Thanks Remus-Gabriel Chelu (Closes: 1034119)
+ * add '-h' and show help with no args (LP: #1965462)
+ * src/backend.py: add get_rules_ipv4() and get_rules_ipv6() (LP: #1951018)
+ * tests/check-requirements: update for python 3.10+
+ * tests/root: normalize 'ACCEPT {all,tcp}' and 'ACCEPT N' for newer systems
+
+ -- Jamie Strandboge Thu, 18 May 2023 08:45:30 -0500
+
ufw (0.36.1) RELEASED; urgency=medium
* snap packaging updates:
diff -Nru ufw-0.36.1/debian/changelog ufw-0.36.2/debian/changelog
--- ufw-0.36.1/debian/changelog 2022-10-15 05:54:27.0 -0500
+++ ufw-0.36.2/debian/changelog 2023-05-18 09:03:07.0 -0500
@@ -1,3 +1,30 @@
+ufw (0.36.2-1) unstable; urgency=medium
+
+ * New upstream release (LP: #1946804, LP: #1927737, LP: #1927734,
+LP: #2015645, LP: #1996636, LP: #1965462, LP: #1951018, Closes: 1034568,
+Closes: 1034119). Drop the following (included upstream):
+- 0002-fix-copyright.patch
+- 0003-python3-versions.patch
+- 0004-set-default-policy-after-load.patch
+ * Remaining changes:
+- 0001-optimize-boot.patch
+ * add new debian/po/ro.po. Thanks Remus-Gabriel Chelu (Closes: 1033758)
+ * debian/control:
+- Breaks with iptables-persistent and netfilter-persistent. When ufw is
+ installed, it is not enabled by default, so it doesn't interfere with
+ other firewall software (until it is enabled). In contrast,
+ iptables-persistent and netfilter-persistent install enabled, which
+ interferes with ufw. Add a breaks on these to avoid them being
+ co-installed with ufw (and causing problems for users).
+- use Python-Version instead of XB-Python-Version
+- remove Depends on obsolete lsb-base
+ * ufw.lintian-overrides:
+- update for breaks-without-version iptables-persistent and
+ netfilter-persistent
+- update for newer lintian
+
+ -- Jamie Strandboge Thu, 18 May 2023 14:03:07 +
+
ufw (0.36.1-4.1) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru ufw-0.36.1/debian/control ufw-0.36.2/debian/control
--- ufw-0.36.1/debian/control 2021-09-19 00:46:12.0 -0500
+++ ufw-0.36.2/debian/control 2023-05-16 09:37:21.0 -0500
@@ -13,7 +13,7 @@
po-debconf,
python3 (>= 3.2),
python3-distutils
-Standards-Version:
NEW changes in stable-new
Processing changes file: spyder_4.2.1+dfsg1-3+deb11u2_all-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: debian-security-support_11+2023.05.04_all-buildd.changes ACCEPT
Bug#1036300: Fwd: bullseye-pu: package curl/7.74.0-1.3+deb11u8
Package: release.debian.org Control: affects -1 + src:curl X-Debbugs-Cc: c...@packages.debian.org User: release.debian@packages.debian.org Usertags: pu Tags: bullseye X-Debbugs-Cc: samuel...@debian.org Severity: normal [ Reason ] * Backport upstream patches to fix 5 CVEs: - CVE-2023-27533: TELNET option IAC injection - CVE-2023-27534: SFTP path ~ resolving discrepancy - CVE-2023-27535: FTP too eager connection reuse - CVE-2023-27536: GSS delegation too eager connection re-use - CVE-2023-27538: SSH connection too eager reuse still * d/p/add_Curl_timestrcmp.patch: New patch to backport Curl_timestrcmp(), required for CVE-2023-27535. [ Impact ] None of the vulnerabilities are critical, but they have already been fixed in buster and we should do the same for bullseye. [ Tests ] curl's testsuite didn't spot any regressions. The same CVEs have also been fixed in buster already. [ Risks ] Regressions on TELNET, SFTP, FTP, GSS and SSH functionalities of curl. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] Nothing besides the CVE fixes. The patches were changed to apply cleanly on bullseye, all the changes can be seen here: https://salsa.debian.org/debian/curl/-/commit/4adf0d7c4d47610336294d39f84a8360522a5936 https://salsa.debian.org/debian/curl/-/commit/b3dedba95658cea02405af32f0652f83d87f6eac https://salsa.debian.org/debian/curl/-/commit/6909425ffa87e4c35730ecc2801ef40492239048 https://salsa.debian.org/debian/curl/-/commit/54e6a929643fe14160049ed8d1bda72dd34db9f7 https://salsa.debian.org/debian/curl/-/commit/19c382231a004b45b3096f72fb722f6df5d31902 [ Other info ] I will be working on the latest CVEs that have been published for curl but I'll push those fixes in a different upload. -- Samuel Henrique curl_7.74.0-1.3+deb11u8.debdiff Description: Binary data
Processed: Fwd: bullseye-pu: package curl/7.74.0-1.3+deb11u8
Processing control commands: > affects -1 + src:curl Bug #1036300 [release.debian.org] Fwd: bullseye-pu: package curl/7.74.0-1.3+deb11u8 Added indication that 1036300 affects src:curl -- 1036300: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036300 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036244: marked as done (unblock: noiz2sa/0.51a-13)
Your message dated Thu, 18 May 2023 22:02:53 + with message-id and subject line unblock noiz2sa has caused the Debian Bug report #1036244, regarding unblock: noiz2sa/0.51a-13 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1036244: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036244 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: a...@debian.org Please unblock package noiz2sa [ Reason ] A long time ago noiz2sa shipped a symlink from the noiz2sa-data /usr/share/doc directory to its arch-any /usr/share/doc directories to save 0.14159265359 KB of disk space. "This kind of overwriting another package's files cannot be detected by dpkg." And that's why we have to use dpkg-maintscript-helper to fix this issue. See also #1035632. [ Impact ] noiz2sa will be autoremoved. [ Tests ] piuparts agrees, it's all good now [ Risks ] A couple of nerds would be not amused to find out, that they cannot play their favorite game in Bookworm. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock noiz2sa/0.51a-13 diff -Nru noiz2sa-0.51a/debian/changelog noiz2sa-0.51a/debian/changelog --- noiz2sa-0.51a/debian/changelog 2021-11-02 14:55:01.0 +0100 +++ noiz2sa-0.51a/debian/changelog 2023-05-14 15:10:17.0 +0200 @@ -1,3 +1,10 @@ +noiz2sa (0.51a-13) unstable; urgency=medium + + * Add noiz2sa.maintscript: Handle symlink to directory conversion. +Thanks to Andreas Beckmann for the report. (Closes: #1035632) + + -- Markus Koschany Sun, 14 May 2023 15:10:17 +0200 + noiz2sa (0.51a-12) unstable; urgency=medium * d/control: Add Vcs fields. diff -Nru noiz2sa-0.51a/debian/noiz2sa.maintscript noiz2sa-0.51a/debian/noiz2sa.maintscript --- noiz2sa-0.51a/debian/noiz2sa.maintscript1970-01-01 01:00:00.0 +0100 +++ noiz2sa-0.51a/debian/noiz2sa.maintscript2023-05-14 15:10:17.0 +0200 @@ -0,0 +1 @@ +symlink_to_dir /usr/share/doc/noiz2sa noiz2sa-data 0.51a-13~ --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#1036273: marked as done (unblock: javamail/1.6.5-2)
Your message dated Thu, 18 May 2023 22:04:11 +
with message-id
and subject line unblock javamail
has caused the Debian Bug report #1036273,
regarding unblock: javamail/1.6.5-2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1036273: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036273
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Control: affects -1 + src:javamail
X-Debbugs-Cc: javam...@packages.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
Please unblock package javamail.
[ Reason ]
RC bug #1036206 (FTBFS).
[ Impact ]
auto-removal of the package.
[ Tests ]
Building the package (-1 fails, -2 succeeds).
[ Risks ]
None.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock javamail/1.6.5-2diff -Nru javamail-1.6.5/debian/changelog javamail-1.6.5/debian/changelog
--- javamail-1.6.5/debian/changelog 2020-06-24 13:44:33.0 +0200
+++ javamail-1.6.5/debian/changelog 2023-05-17 08:24:34.0 +0200
@@ -1,3 +1,11 @@
+javamail (1.6.5-2) unstable; urgency=medium
+
+ * Team upload.
+ * Fix ftbfs bug (Closes: #1036206)
+ * Update upstream homepage (Closes: #1033247)
+
+ -- Sun Min Wed, 17 May 2023 14:24:34 +0800
+
javamail (1.6.5-1) unstable; urgency=medium
* New upstream release
diff -Nru javamail-1.6.5/debian/control javamail-1.6.5/debian/control
--- javamail-1.6.5/debian/control 2020-06-24 13:35:15.0 +0200
+++ javamail-1.6.5/debian/control 2023-05-17 07:32:23.0 +0200
@@ -20,7 +20,7 @@
Standards-Version: 4.5.0
Vcs-Git: https://salsa.debian.org/java-team/javamail.git
Vcs-Browser: https://salsa.debian.org/java-team/javamail
-Homepage: http://javamail.java.net
+Homepage: https://jakartaee.github.io/mail-api
Package: libmail-java
Architecture: all
diff -Nru javamail-1.6.5/debian/maven.properties
javamail-1.6.5/debian/maven.properties
--- javamail-1.6.5/debian/maven.properties 2020-06-24 13:24:50.0
+0200
+++ javamail-1.6.5/debian/maven.properties 2023-05-17 07:14:05.0
+0200
@@ -6,3 +6,6 @@
# Set the OSGi version to compensate the disabled osgiversion plugin
mail.osgiversion=${project.version}
+
+maven.compiler.source=1.8
+maven.compiler.target=1.8
--- End Message ---
--- Begin Message ---
Unblocked.--- End Message ---
NEW changes in stable-new
Processing changes file: chromium_113.0.5672.63-1~deb11u1_source.changes ACCEPT Processing changes file: chromium_113.0.5672.63-1~deb11u1_all-buildd.changes ACCEPT Processing changes file: chromium_113.0.5672.63-1~deb11u1_amd64-buildd.changes ACCEPT Processing changes file: chromium_113.0.5672.63-1~deb11u1_arm64-buildd.changes ACCEPT Processing changes file: chromium_113.0.5672.63-1~deb11u1_armhf-buildd.changes ACCEPT Processing changes file: chromium_113.0.5672.63-1~deb11u1_i386-buildd.changes ACCEPT Processing changes file: chromium_113.0.5672.126-1~deb11u1_source.changes ACCEPT Processing changes file: chromium_113.0.5672.126-1~deb11u1_all-buildd.changes ACCEPT Processing changes file: chromium_113.0.5672.126-1~deb11u1_amd64-buildd.changes ACCEPT Processing changes file: chromium_113.0.5672.126-1~deb11u1_arm64-buildd.changes ACCEPT Processing changes file: chromium_113.0.5672.126-1~deb11u1_armhf-buildd.changes ACCEPT Processing changes file: chromium_113.0.5672.126-1~deb11u1_i386-buildd.changes ACCEPT Processing changes file: chromium_113.0.5672.126-1~deb11u1_ppc64el-buildd.changes ACCEPT Processing changes file: debian-security-support_11+2023.05.04_source.changes ACCEPT Processing changes file: libapache2-mod-auth-openidc_2.4.9.4-0+deb11u3_source.changes ACCEPT Processing changes file: libapache2-mod-auth-openidc_2.4.9.4-0+deb11u3_amd64-buildd.changes ACCEPT Processing changes file: libapache2-mod-auth-openidc_2.4.9.4-0+deb11u3_arm64-buildd.changes ACCEPT Processing changes file: libapache2-mod-auth-openidc_2.4.9.4-0+deb11u3_armel-buildd.changes ACCEPT Processing changes file: libapache2-mod-auth-openidc_2.4.9.4-0+deb11u3_armhf-buildd.changes ACCEPT Processing changes file: libapache2-mod-auth-openidc_2.4.9.4-0+deb11u3_i386-buildd.changes ACCEPT Processing changes file: libapache2-mod-auth-openidc_2.4.9.4-0+deb11u3_mips64el-buildd.changes ACCEPT Processing changes file: libapache2-mod-auth-openidc_2.4.9.4-0+deb11u3_mipsel-buildd.changes ACCEPT Processing changes file: libapache2-mod-auth-openidc_2.4.9.4-0+deb11u3_ppc64el-buildd.changes ACCEPT Processing changes file: spyder_4.2.1+dfsg1-3+deb11u2_source.changes ACCEPT
Bug#1036123: [pre-approval] unblock: libcap2/1:2.66-4
Hi Christian, On Tue, May 16, 2023 at 11:39:52AM +0200, Christian Kastner wrote: > Control: tags -1 - moreinfo > > On 2023-05-15 22:12, Sebastian Ramacher wrote: > > Please go ahead and remove the moreinfo tag once the package is > > available in unstable. > > Done (this time with the right recipients) I just realized, that apart gettin the unblock by the release team as it affects d-i as well (shipping libcap2-udeb), CC'ing Cyril here as well. Regards, Salvatore
Processed: spyder 4.2.1+dfsg1-3+deb11u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1036182 = bullseye pending Bug #1036182 [release.debian.org] bullseye-pu: package spyder/4.2.1+dfsg1-3+deb11u2 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1036182: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036182 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: debian-security-support 11+2023.05.04 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1035522 = bullseye pending Bug #1035522 [release.debian.org] bullseye-pu: package debian-security-support/1:11+2023.05.04 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1035522: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035522 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1035522: debian-security-support 11+2023.05.04 flagged for acceptance
package release.debian.org tags 1035522 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: debian-security-support Version: 11+2023.05.04 Explanation: set DEB_NEXT_VER_ID=12 as bookworm is the next release; security-support-limited: add gnupg1
Bug#1036182: spyder 4.2.1+dfsg1-3+deb11u2 flagged for acceptance
package release.debian.org tags 1036182 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: spyder Version: 4.2.1+dfsg1-3+deb11u2 Explanation: fix broken patch in previous update
Re: non-essential adduser poses problems to purging packages
On Thu, May 18, 2023, at 21:05, Johannes Schauer Marin Rodrigues wrote: > Hi, > > Quoting Nicolas Dandrimont (2023-05-18 20:51:04) >> On Thu, May 18, 2023, at 10:03, Marc Haber wrote: >> > adduser probably needs an additional hint because the new upload makes >> > piuparts fail now, as discussed yesterday. >> To work around this issue on the piuparts side, it sounds like we should make >> piuparts treat adduser as fake-essential for tests ending at bookworm or sid, >> so that we don't try to uninstall it; Andreas, what do you think? > > a more general solution would be to skip uninstallation on all packages marked > with Protected:yes or to only uninstall with --allow-remove-essential. Such a > solution would not only benefit adduser but also any future packages marked > with Protected:yes. Yeah, I thought about that, but there's value in effecting a config-only change at this late stage in the freeze, to only carve out the minimal exception needed to work around this late breakage. We can revisit a more generic code change in piuparts for Protected:yes packages in the trixie cycle. Cheers, -- Nicolas Dandrimont
Re: non-essential adduser poses problems to purging packages
Hi, Quoting Nicolas Dandrimont (2023-05-18 20:51:04) > On Thu, May 18, 2023, at 10:03, Marc Haber wrote: > > adduser probably needs an additional hint because the new upload makes > > piuparts fail now, as discussed yesterday. > To work around this issue on the piuparts side, it sounds like we should make > piuparts treat adduser as fake-essential for tests ending at bookworm or sid, > so that we don't try to uninstall it; Andreas, what do you think? a more general solution would be to skip uninstallation on all packages marked with Protected:yes or to only uninstall with --allow-remove-essential. Such a solution would not only benefit adduser but also any future packages marked with Protected:yes. Thanks! cheers, josch signature.asc Description: signature
Re: non-essential adduser poses problems to purging packages
On Thu, May 18, 2023, at 10:03, Marc Haber wrote: > On Thu, May 18, 2023 at 12:24:39AM +0200, Johannes Schauer Marin > Rodrigues wrote: >> Marc, the same offer to you for your recent adduser upload to unstable. > > Yes, please. Thanks for your work. > > adduser probably needs an additional hint because the new upload makes > piuparts fail now, as discussed yesterday. Hi, To work around this issue on the piuparts side, it sounds like we should make piuparts treat adduser as fake-essential for tests ending at bookworm or sid, so that we don't try to uninstall it; Andreas, what do you think? Thanks, -- Nicolas Dandrimont
Re: Fwd: Re: Debian 8.3 Jessie KEYEXPIRED 11645052400
Set the clock on the affected system to a date before the key was expired. Example: # faketime 2019-05-01 apt update # faketime 2019-05-01 apt upgrade and so on ... Please note that 1024-bit DSA keys are no longer considered secure. Maybe better remove the MySQL stuff and add it back later. Regards Stephan PS: This is a dirty trick. Use at your own risk. signature.asc Description: This is a digitally signed message part
Bug#1035522: bullseye-pu: package debian-security-support/1:11+2023.05.04
On Thu, 2023-05-18 at 09:22 +, Holger Levsen wrote: > On Thu, May 18, 2023 at 06:44:18AM +0100, Adam D. Barratt wrote: > > On Thu, 2023-05-18 at 00:44 +, Holger Levsen wrote: > > > debian-security-support (1:11+2023.05.04) bullseye-updates; > > > urgency=medium > > Hmmm. I didn't expect that would work, although apparently it did, > > at > > least for the package to get as far as stable-new. I'm hoping dak > > also > > dtrt for accepts of such packages, i.e. moves them to p-u as for > > any > > other stable upload. > > > > -updates isn't an upload target; packages enter it by SRM asking > > dak to > > copy them from p-u. > > ic. so I should have uploaded to bullseye-proposed-updates instead? Any upload goes to p-u first, yeah. So the target should always be simply "bullseye", by preference. dak will accept a bunch of other things, including "stable", "bullseye-proposed-updates", "proposed- updates" and, as you've demonstrated, "bullseye-updates" and DTRT, but it's cleaner and less potentially confusing if everything uses the same. The relevant section of dev-ref implies this, fwiw. I think some combination of you and I wrote it. :-) Regards, Adam
Bug#1036273: unblock: javamail/1.6.5-2
Package: release.debian.org
Control: affects -1 + src:javamail
X-Debbugs-Cc: javam...@packages.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
Please unblock package javamail.
[ Reason ]
RC bug #1036206 (FTBFS).
[ Impact ]
auto-removal of the package.
[ Tests ]
Building the package (-1 fails, -2 succeeds).
[ Risks ]
None.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock javamail/1.6.5-2diff -Nru javamail-1.6.5/debian/changelog javamail-1.6.5/debian/changelog
--- javamail-1.6.5/debian/changelog 2020-06-24 13:44:33.0 +0200
+++ javamail-1.6.5/debian/changelog 2023-05-17 08:24:34.0 +0200
@@ -1,3 +1,11 @@
+javamail (1.6.5-2) unstable; urgency=medium
+
+ * Team upload.
+ * Fix ftbfs bug (Closes: #1036206)
+ * Update upstream homepage (Closes: #1033247)
+
+ -- Sun Min Wed, 17 May 2023 14:24:34 +0800
+
javamail (1.6.5-1) unstable; urgency=medium
* New upstream release
diff -Nru javamail-1.6.5/debian/control javamail-1.6.5/debian/control
--- javamail-1.6.5/debian/control 2020-06-24 13:35:15.0 +0200
+++ javamail-1.6.5/debian/control 2023-05-17 07:32:23.0 +0200
@@ -20,7 +20,7 @@
Standards-Version: 4.5.0
Vcs-Git: https://salsa.debian.org/java-team/javamail.git
Vcs-Browser: https://salsa.debian.org/java-team/javamail
-Homepage: http://javamail.java.net
+Homepage: https://jakartaee.github.io/mail-api
Package: libmail-java
Architecture: all
diff -Nru javamail-1.6.5/debian/maven.properties
javamail-1.6.5/debian/maven.properties
--- javamail-1.6.5/debian/maven.properties 2020-06-24 13:24:50.0
+0200
+++ javamail-1.6.5/debian/maven.properties 2023-05-17 07:14:05.0
+0200
@@ -6,3 +6,6 @@
# Set the OSGi version to compensate the disabled osgiversion plugin
mail.osgiversion=${project.version}
+
+maven.compiler.source=1.8
+maven.compiler.target=1.8
Processed: unblock: javamail/1.6.5-2
Processing control commands: > affects -1 + src:javamail Bug #1036273 [release.debian.org] unblock: javamail/1.6.5-2 Added indication that 1036273 affects src:javamail -- 1036273: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036273 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1035522: bullseye-pu: package debian-security-support/1:11+2023.05.04
On Thu, May 18, 2023 at 06:44:18AM +0100, Adam D. Barratt wrote: > On Thu, 2023-05-18 at 00:44 +, Holger Levsen wrote: > > debian-security-support (1:11+2023.05.04) bullseye-updates; > > urgency=medium > Hmmm. I didn't expect that would work, although apparently it did, at > least for the package to get as far as stable-new. I'm hoping dak also > dtrt for accepts of such packages, i.e. moves them to p-u as for any > other stable upload. > > -updates isn't an upload target; packages enter it by SRM asking dak to > copy them from p-u. ic. so I should have uploaded to bullseye-proposed-updates instead? -- cheers, Holger ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org ⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C ⠈⠳⣄ People call vaccine mandates "Orwellian" even though Orwell died at 46 of tuberculosis, which is now preventable with a vaccine. signature.asc Description: PGP signature
Re: non-essential adduser poses problems to purging packages
On Thu, May 18, 2023 at 12:24:39AM +0200, Johannes Schauer Marin Rodrigues wrote: > Marc, the same offer to you for your recent adduser upload to unstable. Yes, please. Thanks for your work. adduser probably needs an additional hint because the new upload makes piuparts fail now, as discussed yesterday. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Bug#1036246: unblock: iptables-netflow/2.6-4
Hi Axel On 2023-05-18 02:52:42 +0200, Axel Beckert wrote: > Hi Sebastian, > > Axel Beckert wrote: > > Please unblock iptables-netflow/2.6-4. > > Sorry, but I saw only now that you already granted an unblock today > (well, actually yesterday in CEST as it's already past mightnight). > > I waited with the unblock request until I was able to test a full > upgrade of a production-grade server using this package to make sure > that it was properly working under production settings. (And for > multiple, work and private reasons, this wasn't possible before this > night.) > > Anyway, I've put quite some effort into testing this properly so > shortly before the release, so you might want to have a look > nevertheless. :-) > > P.S.: And thanks for also unblocking debsums recently. There I was > waiting for some more feedback from Andreas, but noticed that it > migrated to testing even before I started writing an unblock request. > :-) > > P.P.S.: Please tell me if in future I should write unblock requests > more earlier after the upload to spare the release team their own look > at it. So far my mode of operation was to only file the unblock > request if the package proved itself in unstable for a few days at > least. Those packages appeared on the list of packages with fixes for RC bugs that haven't migrated [1]. From time to time we also check those lists to see if fixes need an unblock or if there are other issues preventing them from migrating to testing. So everything's fine. You don't need to write the unblock requests earlier. If the debdiff contains more than a targeted fix, we'll wait for the unblock bug anyway. Cheers [1] UDD has various views (e.g., "Release Team view") to find those. -- Sebastian Ramacher
Re: Fwd: Re: Debian 8.3 Jessie KEYEXPIRED 11645052400
On Wed, May 17, 2023 at 06:00:40PM -0300, Alan Homobono wrote: > ERROR: The certificate of "archive.debian.org" is not trusted. > ERROR: The certificate of "archive.debian.org" has expired. > > Any other suggestions? Then your options include, but are not limited to: 1. Downloading it on another PC and transferring the file 2. Dropping the https (but you break the trust path) 3. Downloading the key manually using the fingerprint and apt-key (you take on the responsibility of verification) 4. Updating your sources to stretch anyway, and installing the debian-keyring package without verification (also breaks the trust path) This is not a user support channel, for further help with these options please see https://www.debian.org/support -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
