Bug#689251: unblock: alpine/2.02+dfsg-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hello, dear release team, Please unblock package alpine. I'd like to ask you for a freeze exception for a few fixes to alpine. Some might say they are cosmetic fixes, but I want to try to convince you that they matter to alpine users. The -2 release adds two patches to fix two bugs. Attached, please find the debdiff against testing. #631758 -- Broken usage tracking Right now, when alpine launches, it asks you if you if you want to be tracked as a user of alpine. If you say yes, it then emails a nonexistent server and you get a bounce message. This is not really suitable for release. Discussion with upstream is still ongoing as to the right fix. For now: Fix: Add a patch that removes the phone-home code. #414264 -- If you use mbox format, you receive a scary warning about data corruption Right now, when alpine reads an mbox folder on Debian, it tells you the permissions are wrong. However, the permission are right, according to policy. The warning comes from alpine's ability to use 'mlock' to lock the mbox file as needed. Fix: Add one dependency for alpine: mlock I am but a humble maintainer, asking for changes past the freeze. I'm uploading to unstable now, and attaching the debdiff. Again, sorry about the late handling of these issues. Thank you. unblock alpine/2.02+dfsg-2 -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.4-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru alpine-2.02+dfsg/debian/changelog alpine-2.02+dfsg/debian/changelog --- alpine-2.02+dfsg/debian/changelog 2012-09-08 08:07:59.0 -0700 +++ alpine-2.02+dfsg/debian/changelog 2012-09-30 11:56:54.0 -0700 @@ -1,3 +1,17 @@ +alpine (2.02+dfsg-2) unstable; urgency=low + + * Adding patch from Geoffrey Thomas to disable broken phone- +home functionality. (Thank you!) (Closes: #631758) + * Adding dependency on mlock so that alpine no longer warns +the user about permissions on /var/spool/mail (or /var/mail). +(In theory, this new dependency is only required if you are using +an mbox file, but since reading system mail is within the core +functionality of alpine, it seems sensible that alpine should do that +without warnings out of the box.) (Closes: #414264) + * ACKing NMU by Johnathan McCrohan. Thank you! + + -- Asheesh Laroia ashe...@asheesh.org Sun, 26 Aug 2012 13:23:07 -0700 + alpine (2.02+dfsg-1.1) unstable; urgency=low * Non-maintainer upload. diff -Nru alpine-2.02+dfsg/debian/control alpine-2.02+dfsg/debian/control --- alpine-2.02+dfsg/debian/control 2012-07-02 16:45:53.0 -0700 +++ alpine-2.02+dfsg/debian/control 2012-08-29 08:31:10.0 -0700 @@ -14,7 +14,7 @@ Package: alpine Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends} +Depends: mlock, ${shlibs:Depends}, ${misc:Depends} Recommends: alpine-doc Suggests: aspell, mail-transport-agent | exim4 Conflicts: pine diff -Nru alpine-2.02+dfsg/debian/patches/80_remove_phone_home.patch alpine-2.02+dfsg/debian/patches/80_remove_phone_home.patch --- alpine-2.02+dfsg/debian/patches/80_remove_phone_home.patch 1969-12-31 16:00:00.0 -0800 +++ alpine-2.02+dfsg/debian/patches/80_remove_phone_home.patch 2012-09-30 11:14:06.0 -0700 @@ -0,0 +1,349 @@ +From 01674610679e4af4a6c6d890659573133609cec5 Mon Sep 17 00:00:00 2001 +From: Geoffrey Thomas geo...@ldpreload.com +Date: Sun, 13 Nov 2011 22:12:38 -0500 +Subject: [PATCH] Remove phone_home code (that sends usage counts to UW) + +Presumably the usage counts did nothing to encourage UW to keep developing +pine. :-( Also, in any case, the address bounces... + +Signed-off-by: Geoffrey Thomas geo...@ldpreload.com +--- + alpine/mailview.c | 10 - + alpine/newuser.c | 26 +++ + alpine/send.c | 60 - + alpine/send.h |1 - + pith/filter.c |2 -- + pith/pine.hlp | 38 - + pith/send.c | 42 - + pith/send.h |2 -- + pith/state.h |1 - + 9 files changed, 3 insertions(+), 179 deletions(-) + +diff --git a/alpine/mailview.c b/alpine/mailview.c +index a7eb839..783e965 100644 +--- a/alpine/mailview.c b/alpine/mailview.c +@@ -177,7 +177,6 @@ struct view_write_s { + int url_local_nntp(char *); + int url_local_news(char *); + int url_local_file(char *); +-int url_local_phone_home(char *); + static int print_to_printer(SCROLL_S *); + int search_text(int, long, int, char **, Pos *, int *); + void update_scroll_titlebar(long, int); +@@ -1697,7 +1696,6 @@ struct view_write_s { + {news:;, 5
Bug#685961: pu: package alpine/2.00+dfsg-6+squeeze1
On Wed, 29 Aug 2012, Adam D. Barratt wrote: I assume from reading through the bug report that the issue does not affect the version of alpine currently in wheezy / sid? If so, please add an appropriate fixed version to make this clear. It doesn't look like this happened yet? Just did; sorry about the delay. I've prepared a minimal package update that adds the patch that fixes the issue. I've tested that it builds fine in a stable pbuilder; before uploading, I have tested it on a machine running stable, where it works fine. Assuming my comment above about the issue not affecting wheezy and sid is correct, please feel free to go ahead with the upload, having updated the bug report as above. I checked the source of 2.02 myself to confirm that the bug is fixed there so have flagged the package for acceptance; thanks. Thank you! Sorry to make you do that check. -- Asheesh. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.deb.2.00.1208291124460.2...@rose.makesad.us
Bug#685961: pu: package alpine/2.00+dfsg-6+squeeze1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: pu Hi stable release team, (This is my first stable proposed update, so if I get a process item wrong, please pardon me and help me correct it. Thanks!) Bug #653238 describes a crasher bug, possibly a security vulnerability, in alpine. The security team has indicated on the bug that they're not going to open a Debian Security Advisory for the alpine bug, and indicate, You/the maintainer may choose to fix it in (old)stable through a point update, or leave it at this. I choose to update stable through a point update. I've prepared a minimal package update that adds the patch that fixes the issue. I've tested that it builds fine in a stable pbuilder; before uploading, I have tested it on a machine running stable, where it works fine. I wanted to get your approval to upload the package to stable. As a footnote: I believe the process on my end is: * Get y'all's approval * Upload the package using dput ftp-master alpine_2.00+dfsg-6+squeeze1.dsc (with a binary package, as usual in Debian) * Watch it flow through into squeeze-updates with no further effort from me If I have some of that wrong, then let me know. I've read the documentation and believe I understand, but want to be careful to not mess anything up. Thanks! -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.4-trunk-amd64 (SMP w/4 CPU cores) diff -u alpine-2.00+dfsg/debian/changelog alpine-2.00+dfsg/debian/changelog --- alpine-2.00+dfsg/debian/changelog +++ alpine-2.00+dfsg/debian/changelog @@ -1,3 +1,10 @@ +alpine (2.00+dfsg-6+squeeze1) squeeze; urgency=low + + * Fix a crash in the embedded copy of UW-IMAP, CVE-2008-5514. +(Closes: #653238) + + -- Asheesh Laroia ashe...@asheesh.org Sun, 26 Aug 2012 16:58:01 -0700 + alpine (2.00+dfsg-6) unstable; urgency=low * Add diversion for pico and remove conflict with nano. diff -u alpine-2.00+dfsg/debian/patches/series alpine-2.00+dfsg/debian/patches/series --- alpine-2.00+dfsg/debian/patches/series +++ alpine-2.00+dfsg/debian/patches/series @@ -9,0 +10 @@ +60_fix_embedded_uw_imap.patch only in patch2: unchanged: --- alpine-2.00+dfsg.orig/debian/patches/60_fix_embedded_uw_imap.patch +++ alpine-2.00+dfsg/debian/patches/60_fix_embedded_uw_imap.patch @@ -0,0 +1,21 @@ +diff -urN alpine-2.00/imap/src/c-client/rfc822.c alpine-2.00.fixed/imap/src/c-client/rfc822.c +--- alpine-2.00/imap/src/c-client/rfc822.c 2008-06-04 11:46:10.0 -0700 alpine-2.00.fixed/imap/src/c-client/rfc822.c 2012-08-26 17:12:39.678307877 -0700 +@@ -1351,6 +1351,7 @@ + + static long rfc822_output_char (RFC822BUFFER *buf,int c) + { ++ if ((buf-cur == buf-end) !rfc822_output_flush (buf)) return NIL; + *buf-cur++ = c; /* add character, soutr buffer if full */ + return (buf-cur == buf-end) ? rfc822_output_flush (buf) : LONGT; + } +@@ -1374,7 +1375,8 @@ + len -= i; + } + /* soutr buffer now if full */ +-if (len !rfc822_output_flush (buf)) return NIL; ++if ((len || (buf-cur == buf-end)) !rfc822_output_flush (buf)) ++ return NIL; + } + return LONGT; + }
Bug#680407: unblock: liblicense/0.8.1-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Dear release time, I kindly request an unblock for package liblicense. This 0.8.1-3 (and its predecessor, 0.8.1-2) was prepared before the freeze, and is only delayed because of a delay in its sponsorship since a co-maintainer is not a DD. The changelog for 0.8.1-2 and 0.8.1-3: diff -Nru liblicense-0.8.1/debian/changelog liblicense-0.8.1/debian/changelog --- liblicense-0.8.1/debian/changelog 2012-03-03 09:24:24.0 -0600 +++ liblicense-0.8.1/debian/changelog 2012-06-25 20:23:04.0 -0600 @@ -1,3 +1,31 @@ +liblicense (0.8.1-3) unstable; urgency=low + + * Adding a Replaces / Breaks line to liblicense-dev's control, since +we moved the .a static libs from the liblicense package to -dev. +Thanks, Andreas! (Closes: #673803) + * Adding a development symbolic link. + + -- Paul Tagliamonte paul...@debian.org Mon, 21 May 2012 16:24:59 -0400 + +liblicense (0.8.1-2) unstable; urgency=low + + * Acknowledge NMU. (Closes: #662015) + * Drop NMU diff, rewrite rules to use dh9, and overrides where needed. +- By using the short-style rules, we restore build-arch sanity. + (Closes: #655003) +- Bumped b-d on debhelper up to 9 + * Add patch against modules/io/gsf.c, rename the clone function to +gsf_clone. (Closes: #669451) + * Move -cli to utils from libs. (Closes: #663074) + * Build for all versions of Python (Closes: #662012) + * Remove brace-expansion. +- Move the .a files into the -dev package + * update to debian/liblicense3.dirs. + * Dropped the lintian overrides, since the issues were resolved upstream. + * Update to policy 3.9.3. No further changes. + + -- Paul Tagliamonte paul...@ubuntu.com Tue, 08 May 2012 16:47:21 -0400 The rest of the debdiff follows: diff -Nru liblicense-0.8.1/debian/compat liblicense-0.8.1/debian/compat --- liblicense-0.8.1/debian/compat 2012-03-03 08:21:31.0 -0600 +++ liblicense-0.8.1/debian/compat 2012-05-21 14:24:07.0 -0600 @@ -1 +1 @@ -5 +9 diff -Nru liblicense-0.8.1/debian/control liblicense-0.8.1/debian/control --- liblicense-0.8.1/debian/control 2012-03-03 08:21:31.0 -0600 +++ liblicense-0.8.1/debian/control 2012-06-25 20:13:16.0 -0600 @@ -2,10 +2,10 @@ Section: libs Priority: extra Maintainer: Asheesh Laroia ashe...@asheesh.org -Uploaders: Paul Tagliamonte paul...@ubuntu.com -Standards-Version: 3.9.2 +Uploaders: Paul Tagliamonte paul...@debian.org +Standards-Version: 3.9.3 X-Python-Version: = 2.5 -Build-Depends: debhelper (= 5.0.38), dh-autoreconf, libcurl4-gnutls-dev, +Build-Depends: debhelper (= 9.20120115~), dh-autoreconf, libcurl4-gnutls-dev, libvorbis-dev, libtag1-dev, libflac-dev, libraptor-dev, libexempi-dev, libid3-3.8.3-dev, libgsf-1-dev, python-all-dev (= 2.5), libglib2.0-dev, xsltproc, docbook-xsl, libtool, libexpat-dev @@ -16,6 +16,8 @@ Package: liblicense-dev Section: libdevel Architecture: any +Replaces: liblicense3 ( 0.8.1-3) +Breaks: liblicense3 ( 0.8.1-3) Depends: liblicense3 (= ${binary:Version}), ${misc:Depends} Description: Development headers for the liblicense package An implementation of the Creative Commons metadata standards for saving @@ -51,6 +53,7 @@ - license properties, as described by ccREL Package: liblicense-cli +Section: utils Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Description: Command line interface for license metadata diff -Nru liblicense-0.8.1/debian/liblicense3.dirs liblicense-0.8.1/debian/liblicense3.dirs --- liblicense-0.8.1/debian/liblicense3.dirs2012-03-03 08:21:31.0 -0600 +++ liblicense-0.8.1/debian/liblicense3.dirs2012-05-21 14:24:07.0 -0600 @@ -1,3 +1,3 @@ usr/lib -usr/lib/liblicense/0.8/io -usr/lib/liblicense/0.8/config +usr/lib/liblicense/0.8.1/io +usr/lib/liblicense/0.8.1/config diff -Nru liblicense-0.8.1/debian/liblicense3.install liblicense-0.8.1/debian/liblicense3.install --- liblicense-0.8.1/debian/liblicense3.install 2012-03-03 08:21:31.0 -0600 +++ liblicense-0.8.1/debian/liblicense3.install 2012-05-21 14:24:07.0 -0600 @@ -1,2 +1,2 @@ usr/lib/liblicense.so.* -usr/lib/liblicense/*/*/*.{so,a} +usr/lib/liblicense/*/*/*.so diff -Nru liblicense-0.8.1/debian/liblicense3.lintian-overrides liblicense-0.8.1/debian/liblicense3.lintian-overrides --- liblicense-0.8.1/debian/liblicense3.lintian-overrides 2012-03-03 08:32:59.0 -0600 +++ liblicense-0.8.1/debian/liblicense3.lintian-overrides 1969-12-31 18:00:00.0 -0600 @@ -1,4 +0,0 @@ -liblicense3 binary: extra-license-file -# This is actually a F-P. This was fixed in Lintian it's self -# with revision `8543ed2db3e1efd74d4f2fd8126d9570dbe33d73'. -# (VCS Commit diff: http://anonscm.debian.org/gitweb/?p=lintian/lintian.git;a=commit;h=8543ed2db3e1efd74d4f2fd8126d9570dbe33d73 ) diff -Nru liblicense-0.8.1/debian/liblicense-cli.lintian-overrides liblicense-0.8.1/debian
Re: Requesting freeze exception for alpine
On Wed, 4 Jul 2012, Philipp Kern wrote: On Mon, Jul 02, 2012 at 08:49:42PM -0400, Asheesh Laroia wrote: I'd like to request an exception for alpine 2.02+dfsg-1 to enter testing. I'd actually prefer to create a 2.02+dfsg-2 that fixes a security bug, if that's okay: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=653238 I've unblocked 2.02+dfsg-1 for now and set it to 10 days (due to the hardening change, in case that has side-effects). Feel free to upload -2 and send another unblock bug report (those are actually prefered because they're easier to track). We cannot actually unblock packages before they're in the archive. If it's not critical (given how long that report is open already) you could also wait until the current version migrated. Thank you, Philipp, for the unblock, and the helpful information! -- Asheesh. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.deb.2.00.1207050151450.32...@rose.makesad.us
Re: Bug#503712: the gs-common problem
On Tue, 23 Dec 2008, Thomas Viehmann wrote: Niko Tyni wrote: On Tue, Dec 23, 2008 at 02:15:22PM +0100, Thomas Viehmann wrote: immediately after I sent the last mail, Sune Vuorela pointed me to apache2's fix for #390823: They simply remove the problematic maintainer script. The question then is where to do this in so it is reliably done before stuff happens. In one of the perl packages (because the upgrade of perl triggers this) is probably too ugly, maybe the configure script of ghostscript? I think it's too late to do it inside ghostscript, it would have to go in perl-modules. Maybe configure script is badly worded: It's most blatant abuse, but I'd just stick it into a /var/lib/dpkg/info/ghostscript.config unless there are apt-get-lookalikes that don't call that at the beginning of an upgrade. If the user produces the bad situation with dpkg by himself, well, who cares. I think this is the best strategy. Better to hack related packages. An alternative is to to add gs-common being added to apt's 01autoremove, but I think that the /var/lib/dpkg/info/ghostscript.config change is a better choice; it limits the number of source packages affected. I left some more notes on the bug, but this is the crux of it. -- Asheesh. -- You never know how many friends you have until you rent a house on the beach. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
diffstat
I just did a diffstat on the two libwebkit-1.0-1 source packages in question. $ debdiff webkit_1.0.1-4.dsc webkit_1.0.2~pre.svn37878-1.dsc | diffstat [...] 3832 files changed, 193186 insertions(+), 1006263 deletions(-) Egad, that's a lot of differences. I have a feeling that the libwebkit currently in sid and lenny is pretty broken, from the looks of this bug. Dear Debian-Releasers, Is there any way that this library can be permitted to enter testing with all these changes? Perhaps the webkit maintainers can offer an explanation for all these changes, but with the changes so numerous, I imagine that would be difficult. If not, and the Debian Releasers insist that this can't flow into Lenny without that explanation, I believe the maintainers have three choices: * Find the fix for this issue and backport it on top of 1.0.1-4 * Remove libwebkit-1.0-1 from lenny * Simply allow lenny to release with 1.0.1-4 that is this broken. The last one is a real option, as I understand things, and one could offer a newer libwebkit e.g. in backports once Lenny ships. Dear maintainers, what is your plan? At least if you say Choice 3 we'll stop bothering you. Removing libwebkit-1.0-1 from lenny is also somewhat reasonable, if somewhat tragic. Finding the patch and backporting it is best, but it's an open question as to if that's worth doing. -- Asheesh. -- You have had a long-term stimulation relative to business. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
jack-audio-connection-kit: Uploading new version to fix alpha FTBFS
(freee - see below) Dear debian-release, jack-audio-connection-kit has a FTBFS bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508114 Fixing this bug and allowing the resulting jack-audio-connection-kit to flow into Lenny would close this Lenny RC bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500540 - you can see at http://buildd.debian.org/pkg.cgi?pkg=kdebase that kdebase is ready to be installed into testing if only there is a libjack-dev that meets the desired criteria. I have prepared an NMU (attached as debdiff.patch against -1; also .dsc at http://mentors.debian.net/debian/pool/main/j/jack-audio-connection-kit/jack-audio-connection-kit_0.115.6-1.1.dsc ). Either the maintainer of jack-a-c-k should upload it, or someone should do the NMU. Dear Free Ekanayaka (CC:d), My initial NMU post to the bug didn't take into account that you use dpatch. I have written a fresh patch (attached) in NMU format that addresses that issue. It's an NMU format so I could write a changelog entry to describe the patch. It also creates a debian/patches file for the compile fix for this bug. Since you were the most recent uploader of jack-a-c-k, would you upload a new jack-a-c-k containing the patch in my NMU this? Feel free to just change the name on it and upload it yourself as -2. If not, is it okay if I do an NMU? Thanks all! -- Asheesh. -- The abuse of greatness is when it disjoins remorse from power. -- William Shakespeare, Julius Caesar -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: jack-audio-connection-kit: Uploading new version to fix alpha FTBFS
On Sun, 14 Dec 2008, Asheesh Laroia wrote: attached as debdiff.patch against -1 Actually attached this time. Pardon the noise! -- Asheesh. -- Don't plan any hasty moves. You'll be evicted soon anyway.diff -urN jack-audio-connection-kit-0.115.6-1/debian/changelog jack-audio-connection-kit-0.115.6-1.1/debian/changelog --- jack-audio-connection-kit-0.115.6-1/debian/changelog 2008-12-14 19:41:31.0 -0800 +++ jack-audio-connection-kit-0.115.6-1.1/debian/changelog 2008-12-14 19:46:33.0 -0800 @@ -1,3 +1,13 @@ +jack-audio-connection-kit (0.115.6-1.1) unstable; urgency=low + + * Non-maintainer upload. + * 11_fix_varargs_to_fix_ftbfs_on_alpha.patch: Add patch to fix alpha +build failure by using var args correctly (earlier versions of Jack +improperly passed the va_list around). The issue is fixed in upstream +svn r3205. (Closes: #508114) + + -- Asheesh Laroia ashe...@asheesh.org Sun, 14 Dec 2008 12:09:16 -0800 + jack-audio-connection-kit (0.115.6-1) unstable; urgency=low * New Upstream Version diff -urN jack-audio-connection-kit-0.115.6-1/debian/patches/11_fix_varargs_to_fix_ftbfs_on_alpha.patch jack-audio-connection-kit-0.115.6-1.1/debian/patches/11_fix_varargs_to_fix_ftbfs_on_alpha.patch --- jack-audio-connection-kit-0.115.6-1/debian/patches/11_fix_varargs_to_fix_ftbfs_on_alpha.patch 1969-12-31 16:00:00.0 -0800 +++ jack-audio-connection-kit-0.115.6-1.1/debian/patches/11_fix_varargs_to_fix_ftbfs_on_alpha.patch 2008-12-14 19:46:34.0 -0800 @@ -0,0 +1,28 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 11_fix_varargs_to_fix_ftbfs_on_alpha.patch.dpatch by ashe...@asheesh.org +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +...@dpatch@ +diff -urNad jack-audio-connection-kit-0.115.6~/libjack/client.c jack-audio-connection-kit-0.115.6/libjack/client.c +--- jack-audio-connection-kit-0.115.6~/libjack/client.c 2008-11-23 06:27:20.0 -0800 jack-audio-connection-kit-0.115.6/libjack/client.c 2008-12-14 18:47:32.0 -0800 +@@ -969,7 +969,7 @@ + } + + /* parse variable arguments */ +- if (ap) ++ if (options (JackServerName | JackLoadName | JackLoadInit)) + jack_varargs_parse(options, ap, va); + else + jack_varargs_init(va); +@@ -1117,7 +1117,7 @@ + jack_options_t options = JackUseExactName; + if (getenv(JACK_START_SERVER) == NULL) + options |= JackNoStartServer; +- return jack_client_open_aux (client_name, options, NULL, NULL); ++ return jack_client_open (client_name, options, NULL); + } + + char *
Unblock suggestion: kdebase
Howdy folks, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500540 is an RC bug in kdebase that is present in Lenny but not in sid. The upload from 2-3 weeks ago of -6 fixes it. I'm explicitly CC:ing the uploader of -6. The debdiff is fairly simple, and attached. The changelog reports that this fixes two bugs: the bug CC:d and the non-RC 505316. The debdiff and the changelog indicate a series file added, but both make it clear that the series file does not change the actual patch system. This RC bug is still in Lenny, even though -6 fixes it in sid. It seems to me that kdebase should be unblocked, and -6 be allowed to flow into testing. I'm not the maintainer or debian-release, so my word is by no means gospel. I'm also CC:ing my AM so he knows what I'm up to. If debian-release *really* would prefer a 4:3.5.9.dfsg.1-5+lenny1 that only fixes the RC and removes the other two changes, I can work on preparing it. It doesn't seem a productive use of time but I leave that decision to debian-release. -- Asheesh. -- They spell it da Vinci and pronounce it da Vinchy. Foreigners always spell better than they pronounce. -- Mark Twain -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Unblock suggestion: libggi
Howdy Debian Releasers, I was examining the remaining Lenny RC bugs and found http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504875 via http://bts.turmzimmer.net/details.php?bydist=bothsortby=packagesfullcomment=on . This is an RC bug against libggi2-dev (in src:libggi). This issue is fixed in unstable, and the fix is a tiny patch, and the -3 release that is in sid corrects only that RC bug and the maintainer's email address. I believe that it should get unblocked and go into Lenny. I'm probably not authorized to formally request it, since I'm neither the maintainer nor the Release Team. (I'm CC:ing my AM so he knows what I'm up to.) -- Asheesh. -- You will be surprised by a loud noise. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Unblock suggestion: m2crypto
Howdy again Debian Releasers, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508124 is indicated as a lenny+sid RC bug. This is a duplicate of #484364 (by the time you see this, I will have merged them). python-m2crypto 0.18.2-1 has a critical bug that it is missing an import. The attached debdiff fixes this and one other housekeeping issue. As it is a tiny patch, and it fixes a release-critical bug, I believe it is appropriate to be allowed to flow into Lenny. I'm explicitly CC:ing the maintainer of python-m2crypto and my AM, so they both clearly know what I'm up to. As always with my unblock suggestions, I'm not the maintainer nor Debian-Release, so this is just a suggestion. But I do think it is the right course of action. -- Asheesh. -- Knock, knock! Who's there? Sam and Janet. Sam and Janet who? Sam and Janet Evening... diff -u m2crypto-0.18.2/M2Crypto.egg-info/SOURCES.txt m2crypto-0.18.2/M2Crypto.egg-info/SOURCES.txt --- m2crypto-0.18.2/M2Crypto.egg-info/SOURCES.txt +++ m2crypto-0.18.2/M2Crypto.egg-info/SOURCES.txt @@ -48 +48 @@ -SWIG/_m2crypto.i +SWIG/_m2crypto.i \ No newline at end of file diff -u m2crypto-0.18.2/M2Crypto.egg-info/PKG-INFO m2crypto-0.18.2/M2Crypto.egg-info/PKG-INFO --- m2crypto-0.18.2/M2Crypto.egg-info/PKG-INFO +++ m2crypto-0.18.2/M2Crypto.egg-info/PKG-INFO @@ -1,6 +1,6 @@ Metadata-Version: 1.0 Name: M2Crypto -Version: 0.17 +Version: 0.18.2 Summary: M2Crypto: A Python crypto and SSL toolkit Home-page: http://wiki.osafoundation.org/bin/view/Projects/MeTooCrypto Author: Heikki Toivonen diff -u m2crypto-0.18.2/debian/changelog m2crypto-0.18.2/debian/changelog --- m2crypto-0.18.2/debian/changelog +++ m2crypto-0.18.2/debian/changelog @@ -1,3 +1,10 @@ +m2crypto (0.18.2-2) unstable; urgency=low + + * Added import inspect to M2Crypto/m2urllib2.py +(Closes: #493314, #484364, 477799) + + -- Dima Barsky d...@debian.org Fri, 15 Aug 2008 22:04:14 +0100 + m2crypto (0.18.2-1) unstable; urgency=low * New upstream release (Closes: #440837) diff -u m2crypto-0.18.2/debian/control m2crypto-0.18.2/debian/control --- m2crypto-0.18.2/debian/control +++ m2crypto-0.18.2/debian/control @@ -3,7 +3,7 @@ Priority: optional Maintainer: Dima Barsky d...@debian.org Build-Depends: debhelper (= 5.0.37.2), python-all-dev (= 2.3.5-11), python-support (= 0.4), libssl-dev (= 0.9.7), swig (= 1.3.24), python-setuptools (=0.6c5-3) -Standards-Version: 3.7.2 +Standards-Version: 3.8.0 Package: python-m2crypto Architecture: any only in patch2: unchanged: --- m2crypto-0.18.2.orig/M2Crypto/m2urllib2.py +++ m2crypto-0.18.2/M2Crypto/m2urllib2.py @@ -13,6 +13,7 @@ from urllib2 import * import urlparse +import inspect import SSL import httpslib
Re: Unblock suggestion: m2crypto
On Thu, 11 Dec 2008, Asheesh Laroia wrote: python-m2crypto 0.18.2-1 has a critical bug that it is missing an import. The attached debdiff fixes this and one other housekeeping issue. As it is a tiny patch, and it fixes a release-critical bug, I believe it is appropriate to be allowed to flow into Lenny. I was not clear in the original mail, excuse the noise: 0.18.2-2 in sid fixes the issue, and it is that package that I believe should flow into Lenny. -- Asheesh. -- Clothes make the man. Naked people have little or no influence on society. -- Mark Twain -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Please allow liblicense 0.8-1 into testing
On Thu, 21 Aug 2008, Marc 'HE' Brockschmidt wrote: Asheesh Laroia [EMAIL PROTECTED] writes: liblicense 0.8-1 is a new ABI from upstream (who happens to be me). It also fixes a serious bug, #493293 , that makes it fail to read some licenses and in the same files makes its write meaningless nonsense instead of a proper piece of license metadata. Is there any reason not to simply remove this lib from lenny, seeing that it has no r-deps? The changes are pretty complex due to the fact that 0.7.1 never made it to testing. I'd prefer to be able to ship liblicense-cli with lenny, which does depend on liblicense3 (in 0.8-1). But I'm okay with removing it from lenny outright. -- Asheesh. -- Goodbye, cool world. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Please allow liblicense 0.8-1 into testing
liblicense 0.8-1 is a new ABI from upstream (who happens to be me). It also fixes a serious bug, #493293 , that makes it fail to read some licenses and in the same files makes its write meaningless nonsense instead of a proper piece of license metadata. Version 0.8-1, already in unstable, fixes this. It does introduce a new ABI bump, liblicense3, which is necessary for fixing this. There are no dependenices on liblicense2 or liblicense3 right now in the archive except those provided in the same source package, liblicense. (Please keep me CC:d; I'm not on debian-release.) -- Asheesh. -- Seize the day, put no trust in the morrow! -- Quintus Horatius Flaccus (Horace) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]