Bug#833433: jessie-pu: package flashplugin-nonfree/1:3.6.1+deb8u1
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu Hi stable release managers team, I prepared a package of flashplugin-nonfree for jessie to delete the old get-upstream-version.pl from the local cache. See #833413. Otherwise jessie users keep using an old insecure Adobe Flash Player version (or need to delete get-upstream-version.pl from cache manually). See attached debdiff. Permission to upload? -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) diff -Nru flashplugin-nonfree-3.6.1/debian/changelog flashplugin-nonfree-3.6.1+deb8u1/debian/changelog --- flashplugin-nonfree-3.6.1/debian/changelog 2014-12-21 10:03:31.0 +0100 +++ flashplugin-nonfree-3.6.1+deb8u1/debian/changelog 2016-08-04 11:01:28.0 +0200 @@ -1,3 +1,10 @@ +flashplugin-nonfree (1:3.6.1+deb8u1) jessie; urgency=medium + + * update-flashplugin-nonfree: Delete old get-upstream-version.pl from cache. +Closes: #833413. + + -- Bart Martens Thu, 04 Aug 2016 10:59:38 +0200 + flashplugin-nonfree (1:3.6.1) unstable; urgency=medium * debian/control: Pre-Depends: ca-certificates. Closes: #773633. diff -Nru flashplugin-nonfree-3.6.1/update-flashplugin-nonfree flashplugin-nonfree-3.6.1+deb8u1/update-flashplugin-nonfree --- flashplugin-nonfree-3.6.1/update-flashplugin-nonfree 2014-09-15 17:33:57.0 +0200 +++ flashplugin-nonfree-3.6.1+deb8u1/update-flashplugin-nonfree 2016-08-04 11:04:15.0 +0200 @@ -183,6 +183,15 @@ if [ -f $cachedir/get-upstream-version.pl ] then + if [ "`stat --format=%y $cachedir/get-upstream-version.pl`" \< "2016-08-04 09:35" ] + then + [ "$verbose" != "yes" ] || echo "deleting old $cachedir/get-upstream-version.pl" + rm $cachedir/get-upstream-version.pl + fi + fi + + if [ -f $cachedir/get-upstream-version.pl ] + then cp $cachedir/get-upstream-version.pl . upstream=`perl get-upstream-version.pl $arch_wget 2> /dev/null` || true
Bug#833433: jessie-pu: package flashplugin-nonfree/1:3.6.1+deb8u1
Control: tag -1 - moreinfo On Fri, Aug 05, 2016 at 03:19:59PM +0200, Julien Cristau wrote: > Control: tag -1 moreinfo > > On Thu, Aug 4, 2016 at 11:38:34 +0200, Bart Martens wrote: > > > + if [ "`stat --format=%y $cachedir/get-upstream-version.pl`" \< > > "2016-08-04 09:35" ] > > Not sure about using string comparison for comparing dates. And is stat > --format=%y's output stable across locales etc? Yes, see function human_time in src/stat.c in coreutils. > Wouldn't stat --format=%Y and test -lt make this easier? That would be, in my opinion, less readable. Regards, Bart Martens
Bug#833433: jessie-pu: package flashplugin-nonfree/1:3.6.1+deb8u1
Control: tag -1 - moreinfo On Fri, Aug 05, 2016 at 11:02:40PM +0200, Julien Cristau wrote: > Control: tag -1 moreinfo > > The current code is not a guarantee for the future. The function is > named "human_time". That makes it IMO wrong to use in a script. It's > also not stable across timezones. Using %Y now, see attached debdiff. Permission to upload? Regards, Bart Martens diff -Nru flashplugin-nonfree-3.6.1/debian/changelog flashplugin-nonfree-3.6.1+deb8u1/debian/changelog --- flashplugin-nonfree-3.6.1/debian/changelog 2014-12-21 10:03:31.0 +0100 +++ flashplugin-nonfree-3.6.1+deb8u1/debian/changelog 2016-08-04 11:01:28.0 +0200 @@ -1,3 +1,10 @@ +flashplugin-nonfree (1:3.6.1+deb8u1) jessie; urgency=medium + + * update-flashplugin-nonfree: Delete old get-upstream-version.pl from cache. + Closes: #833413. + + -- Bart Martens Thu, 04 Aug 2016 10:59:38 +0200 + flashplugin-nonfree (1:3.6.1) unstable; urgency=medium * debian/control: Pre-Depends: ca-certificates. Closes: #773633. diff -Nru flashplugin-nonfree-3.6.1/update-flashplugin-nonfree flashplugin-nonfree-3.6.1+deb8u1/update-flashplugin-nonfree --- flashplugin-nonfree-3.6.1/update-flashplugin-nonfree2014-09-15 17:33:57.0 +0200 +++ flashplugin-nonfree-3.6.1+deb8u1/update-flashplugin-nonfree 2016-08-06 07:09:30.0 +0200 @@ -183,6 +183,15 @@ if [ -f $cachedir/get-upstream-version.pl ] then + if [ "`stat --format=%Y $cachedir/get-upstream-version.pl`" -lt "1470296100" ] # 2016-08-04 09:35:00.0 +0200 + then + [ "$verbose" != "yes" ] || echo "deleting old $cachedir/get-upstream-version.pl" + rm $cachedir/get-upstream-version.pl + fi + fi + + if [ -f $cachedir/get-upstream-version.pl ] + then cp $cachedir/get-upstream-version.pl . upstream=`perl get-upstream-version.pl $arch_wget 2> /dev/null` || true
Bug#833433: jessie-pu: package flashplugin-nonfree/1:3.6.1+deb8u1
On Sat, Sep 10, 2016 at 04:59:29PM +0100, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sat, 2016-08-06 at 05:20 +0000, Bart Martens wrote: > > Control: tag -1 - moreinfo > > > > On Fri, Aug 05, 2016 at 11:02:40PM +0200, Julien Cristau wrote: > > > Control: tag -1 moreinfo > > > > > > The current code is not a guarantee for the future. The function is > > > named "human_time". That makes it IMO wrong to use in a script. It's > > > also not stable across timezones. > > > > Using %Y now, see attached debdiff. Permission to upload? > > Sorry for the delay. > > Please go ahead, bearing in mind that the window for 8.6 closes this > weekend. Apology accepted. I uploaded for stable just now. Can I do a similar upload for oldstable? I have at least one user asking for this. Regards, Bart Martens
Bug#773636: unblock: flashplugin-nonfree/1:3.6.1
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock flashplugin-nonfree 1:3.6.1 to fix bug 773633 in jessie. Output
of debdiff attached. The only change is that ca-certificates is moved from
Depends to Pre-Depends. The effect is illustrated on bug 773633.
diff -Nru flashplugin-nonfree-3.6/debian/changelog
flashplugin-nonfree-3.6.1/debian/changelog
--- flashplugin-nonfree-3.6/debian/changelog2014-09-15 18:30:41.0
+0200
+++ flashplugin-nonfree-3.6.1/debian/changelog 2014-12-21 10:03:31.0
+0100
@@ -1,3 +1,9 @@
+flashplugin-nonfree (1:3.6.1) unstable; urgency=medium
+
+ * debian/control: Pre-Depends: ca-certificates. Closes: #773633.
+
+ -- Bart Martens Sun, 21 Dec 2014 10:02:23 +0100
+
flashplugin-nonfree (1:3.6) unstable; urgency=medium
* debian/control: Depends: ca-certificates. Closes: #760638.
diff -Nru flashplugin-nonfree-3.6/debian/control
flashplugin-nonfree-3.6.1/debian/control
--- flashplugin-nonfree-3.6/debian/control 2014-09-15 19:04:40.0
+0200
+++ flashplugin-nonfree-3.6.1/debian/control2014-12-21 10:03:54.0
+0100
@@ -8,7 +8,8 @@
Package: flashplugin-nonfree
Architecture: i386 amd64
-Depends: debconf | debconf-2.0, wget, gnupg, libatk1.0-0, libcairo2,
libfontconfig1, libfreetype6, libgcc1, libglib2.0-0, libgtk2.0-0 (>= 2.14),
libnspr4, libnss3, libpango1.0-0, libstdc++6, libx11-6, libxext6, libxt6,
libcurl3-gnutls, binutils, ${misc:Depends}, ${shlibs:Depends}, ca-certificates
+Depends: debconf | debconf-2.0, wget, gnupg, libatk1.0-0, libcairo2,
libfontconfig1, libfreetype6, libgcc1, libglib2.0-0, libgtk2.0-0 (>= 2.14),
libnspr4, libnss3, libpango1.0-0, libstdc++6, libx11-6, libxext6, libxt6,
libcurl3-gnutls, binutils, ${misc:Depends}, ${shlibs:Depends}
+Pre-Depends: ca-certificates
Suggests: iceweasel, konqueror-nsplugins, ttf-mscorefonts-installer,
fonts-dejavu, ttf-xfree86-nonfree, flashplugin-nonfree-extrasound [i386], hal
Conflicts: flashplugin (<< 6), xfs (<< 1:1.0.1-5), flashplayer-mozilla,
libflash-mozplugin
Replaces: flashplugin (<< 6)
Bug#773638: unblock: pepperflashplugin-nonfree/1.8.1
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock pepperflashplugin-nonfree 1.8.1 to fix bug 773629 in jessie.
Output
of debdiff attached. The only change is that ca-certificates is moved from
Depends to Pre-Depends. The effect is illustrated on bug 773629.
diff -Nru pepperflashplugin-nonfree-1.8/debian/changelog
pepperflashplugin-nonfree-1.8.1/debian/changelog
--- pepperflashplugin-nonfree-1.8/debian/changelog 2014-10-22
08:29:52.0 +0200
+++ pepperflashplugin-nonfree-1.8.1/debian/changelog2014-12-21
11:38:47.0 +0100
@@ -1,3 +1,9 @@
+pepperflashplugin-nonfree (1.8.1) unstable; urgency=medium
+
+ * debian/control: Pre-Depends: ca-certificates. Closes: #773629.
+
+ -- Bart Martens Sun, 21 Dec 2014 11:37:47 +0100
+
pepperflashplugin-nonfree (1.8) unstable; urgency=medium
* Removed support for /etc/chromium/default. Closes: #760388.
diff -Nru pepperflashplugin-nonfree-1.8/debian/control
pepperflashplugin-nonfree-1.8.1/debian/control
--- pepperflashplugin-nonfree-1.8/debian/control2014-10-22
08:31:48.0 +0200
+++ pepperflashplugin-nonfree-1.8.1/debian/control 2014-12-21
11:40:47.0 +0100
@@ -8,7 +8,8 @@
Package: pepperflashplugin-nonfree
Architecture: i386 amd64
-Depends: debconf | debconf-2.0, wget, gnupg, libatk1.0-0, libcairo2,
libfontconfig1, libfreetype6, libgcc1, libglib2.0-0, libgtk2.0-0 (>= 2.14),
libnspr4, libnss3, libpango-1.0-0 | libpango1.0-0, libstdc++6, libx11-6,
libxext6, libxt6, libcurl3-gnutls, binutils, ${misc:Depends},
${shlibs:Depends}, ca-certificates
+Depends: debconf | debconf-2.0, wget, gnupg, libatk1.0-0, libcairo2,
libfontconfig1, libfreetype6, libgcc1, libglib2.0-0, libgtk2.0-0 (>= 2.14),
libnspr4, libnss3, libpango-1.0-0 | libpango1.0-0, libstdc++6, libx11-6,
libxext6, libxt6, libcurl3-gnutls, binutils, ${misc:Depends}, ${shlibs:Depends}
+Pre-Depends: ca-certificates
Suggests: chromium, ttf-mscorefonts-installer, ttf-dejavu,
ttf-xfree86-nonfree, hal
Conflicts: libflash-mozplugin, chromium (<< 37.0.2062.120-4)
Description: Pepper Flash Player - browser plugin
Bug#689825: unblock: pymongo/2.2-2
On Wed, Oct 10, 2012 at 11:59:35PM +0100, Federico Ceratto wrote: > Hi Bart, thanks for your answer. > > > I have reopened bug 689283, because the bug is not fully solved in 2.2-3. > > So I > > suggest debian-release to wait with the unblock for now. > > Hello Bart, thanks for your help. > You mentioned that the bug 689283 is not fully solved, could you tell > me in what way? Yes : http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=14;bug=689283 Regards, Bart Martens -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121011044320.ga5...@master.debian.org
Re: RC-ness of incomplete copyright files
On Sat, Oct 13, 2012 at 08:21:19PM -0400, Michael Gilbert wrote: > Hi, > > Jakub Wilk has been filing a lot of RC bugs on packages with > incomplete copyright files. Some examples: > http://bugs.debian.org/690394 > http://bugs.debian.org/690371 > http://bugs.debian.org/690370 > > Now, these are mostly easy fixes and of course in the end completeness > is useful, but with so many packages embedding so much code from > various sources, I think in the end we're going to find most of the > archive affected. So, I'm wondering if the release team's opinion > concurs with serious severity, or if these can be downgraded to > important to avoid further delaying wheezy? I don't speak for the Release Team, but with my DD hat on I think the bugs should keep severity "serious" and I hope that the Release Team won't tag the bugs wheezy-ignore. The bugs are not so difficult to fix, so I don't see much additional delay for wheezy. Actually I appreciate Jakub Wilk's effort of filing these bugs. Regards, Bart Martens -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121014054324.gb...@master.debian.org
atoppatch: "grossly outdated"
Upstream writes on http://www.atoptool.nl/downloadpatch.php : | These kernel patches are obsolete and will not be maintained any more for | future kernel versions. Maybe this package should be removed from wheezy ? Regards, Bart Martens -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121118230849.ga31...@master.debian.org
Re: Please unblock rkward
On Fri, Nov 23, 2012 at 11:52:09PM +0100, Laszlo Kajan wrote: > Dear Release Team! > > rkward has an RC bug because of a copyright issue [2] #689982. This is fixed > in unstable, but with an upgrade to a new upstream. I suppose because of the > this upgrade, the version in unstable that fixes the bug can not migrate to > wheezy. Is that so? > > I have patched d/copyright in wheezy, and resolved the RC bug. > > => May I upload my fix to testing-proposed-updates? I attach the debdiff. > => This would be an NMU, so should the version be 0.5.7-2.1wheezy1 or > 0.5.7-2wheezy1 (present newest in wheezy is 0.5.7-2)? > > [2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689982 Duplicate effort, see bug 692879. Regards, Bart Martens -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121124063422.gb9...@master.debian.org
Bug#695954: unblock: flashplugin-nonfree/1:3.2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock flashplugin-nonfree 1:3.2. It fixes two security bugs. Debdiff attached. diff -ruN ../orig/flashplugin-nonfree-2.8.2/debian/changelog ./debian/changelog --- ../orig/flashplugin-nonfree-2.8.2/debian/changelog 2010-09-17 21:04:37.0 +0200 +++ ./debian/changelog 2012-12-14 19:05:13.0 +0100 @@ -1,3 +1,11 @@ +flashplugin-nonfree (1:2.8.2+squeeze1) stable; urgency=low + + * update-flashplugin-nonfree: Added use of "gpg --verify" to notice files +without signature. Thanks to Ansgar Burchardt for reporting the security +issue (via private e-mail on 13 Dec 2012). + + -- Bart Martens Fri, 14 Dec 2012 19:03:40 +0100 + flashplugin-nonfree (1:2.8.2) unstable; urgency=low * Removed "64 bit player temporarily not supported". Closes: #586273. diff -ruN ../orig/flashplugin-nonfree-2.8.2/update-flashplugin-nonfree ./update-flashplugin-nonfree --- ../orig/flashplugin-nonfree-2.8.2/update-flashplugin-nonfree 2010-09-17 20:42:15.0 +0200 +++ ./update-flashplugin-nonfree 2012-12-14 19:06:17.0 +0100 @@ -164,6 +164,8 @@ gpg -q --homedir "." --import /usr/lib/flashplugin-nonfree/pubkey.asc > /dev/null 2>&1 \ || die_hard_with_a_cleanup "gpg failed to import /usr/lib/flashplugin-nonfree/pubkey.asc" [ "$verbose" != "yes" ] || echo "verifying PGP $downloadfile ..." + gpg -q --homedir "." --verify $downloadfile 2> /dev/null \ + || die_hard_with_a_cleanup "gpg rejected signature of $downloadurl" gpg -q --homedir "." < $downloadfile > checksums.txt 2> /dev/null \ || die_hard_with_a_cleanup "gpg rejected signature of $downloadurl"
Bug#695954: unblock: flashplugin-nonfree/1:3.2
I attached the wrong diff. I'm now attaching the right one. Regards, Bart Martens diff -Nru flashplugin-nonfree-3.1/debian/changelog flashplugin-nonfree-3.2/debian/changelog --- flashplugin-nonfree-3.1/debian/changelog 2012-09-15 14:50:34.0 +0200 +++ flashplugin-nonfree-3.2/debian/changelog 2012-12-13 22:07:41.0 +0100 @@ -1,3 +1,16 @@ +flashplugin-nonfree (1:3.2) unstable; urgency=low + + * update-flashplugin-nonfree: Added use of "gpg --verify" to notice files +without signature. Thanks to Ansgar Burchardt for reporting the security +issue (via private e-mail on 13 Dec 2012). + * get-upstream-version.pl: Added validation of link to flash. +Thanks to Henrik Ahlgren for reporting the security issue (on +debian-security on 12 Dec 2012). + * debian/postinst: Added removal of cached get-upstream-version.pl so that a +fresh copy is downloaded. + + -- Bart Martens Thu, 13 Dec 2012 17:45:13 + + flashplugin-nonfree (1:3.1) unstable; urgency=low * get-upstream-version.pl: Added error handling with "failed to read $url". diff -Nru flashplugin-nonfree-3.1/debian/postinst flashplugin-nonfree-3.2/debian/postinst --- flashplugin-nonfree-3.1/debian/postinst 2010-06-17 18:54:42.0 +0200 +++ flashplugin-nonfree-3.2/debian/postinst 2012-12-13 19:07:59.0 +0100 @@ -4,6 +4,7 @@ case "$1" in configure) + rm -f /var/cache/flashplugin-nonfree/get-upstream-version.pl update-flashplugin-nonfree --install --fast || true ;; diff -Nru flashplugin-nonfree-3.1/get-upstream-version.pl flashplugin-nonfree-3.2/get-upstream-version.pl --- flashplugin-nonfree-3.1/get-upstream-version.pl 2012-09-15 14:39:21.0 +0200 +++ flashplugin-nonfree-3.2/get-upstream-version.pl 2012-12-13 18:46:50.0 +0100 @@ -50,6 +50,7 @@ my $link_to_flash = $1; $link_to_flash =~ s,^/,,; +die "link to flash contains invalid characters: $link_to_flash" if( $link_to_flash !~ m%^[a-zA-Z0-9/=?]+$% ); $url = "http://www.adobe.com/$link_to_flash";; $page = read_page( $ARGV[0], $url ); diff -Nru flashplugin-nonfree-3.1/update-flashplugin-nonfree flashplugin-nonfree-3.2/update-flashplugin-nonfree --- flashplugin-nonfree-3.1/update-flashplugin-nonfree 2012-09-15 14:28:52.0 +0200 +++ flashplugin-nonfree-3.2/update-flashplugin-nonfree 2012-12-13 18:25:48.0 +0100 @@ -194,6 +194,8 @@ wget $wgetoptions $downloadurl \ || die_hard_with_a_cleanup "wget failed to download $downloadurl" + gpg -q --homedir "." --verify get-upstream-version.pl.gz.pgp 2> /dev/null \ + || die_hard_with_a_cleanup "gpg rejected signature of get-upstream-version.pl.gz.pgp" gpg -q --homedir "." < get-upstream-version.pl.gz.pgp > get-upstream-version.pl.gz 2> /dev/null \ || die_hard_with_a_cleanup "gpg rejected signature of get-upstream-version.pl.gz.pgp" @@ -239,6 +241,8 @@ wget $wgetoptions $downloadurl \ || die_hard_with_a_cleanup "wget failed to download $downloadurl" [ "$verbose" != "yes" ] || echo "verifying PGP $downloadfile ..." + gpg -q --homedir "." --verify $downloadfile 2> /dev/null \ +|| die_hard_with_a_cleanup "gpg rejected signature of $downloadurl" gpg -q --homedir "." < $downloadfile > checksums.txt 2> /dev/null \ || die_hard_with_a_cleanup "gpg rejected signature of $downloadurl"
Bug#695956: pu: package flashplugin-nonfree/1:2.8.2+squeeze1
Package: release.debian.org User: release.debian@packages.debian.org Usertags: pu Tags: squeeze Please consider updating flashplugin-nonfree in squeeze for fixing a security bug. Diff attached. A prepared package is here : http://people.debian.org/~bartm/flashplugin-nonfree/stable/ diff -ruN ../orig/flashplugin-nonfree-2.8.2/debian/changelog ./debian/changelog --- ../orig/flashplugin-nonfree-2.8.2/debian/changelog 2010-09-17 21:04:37.0 +0200 +++ ./debian/changelog 2012-12-14 19:05:13.0 +0100 @@ -1,3 +1,11 @@ +flashplugin-nonfree (1:2.8.2+squeeze1) stable; urgency=low + + * update-flashplugin-nonfree: Added use of "gpg --verify" to notice files +without signature. Thanks to Ansgar Burchardt for reporting the security +issue (via private e-mail on 13 Dec 2012). + + -- Bart Martens Fri, 14 Dec 2012 19:03:40 +0100 + flashplugin-nonfree (1:2.8.2) unstable; urgency=low * Removed "64 bit player temporarily not supported". Closes: #586273. diff -ruN ../orig/flashplugin-nonfree-2.8.2/update-flashplugin-nonfree ./update-flashplugin-nonfree --- ../orig/flashplugin-nonfree-2.8.2/update-flashplugin-nonfree 2010-09-17 20:42:15.0 +0200 +++ ./update-flashplugin-nonfree 2012-12-14 19:06:17.0 +0100 @@ -164,6 +164,8 @@ gpg -q --homedir "." --import /usr/lib/flashplugin-nonfree/pubkey.asc > /dev/null 2>&1 \ || die_hard_with_a_cleanup "gpg failed to import /usr/lib/flashplugin-nonfree/pubkey.asc" [ "$verbose" != "yes" ] || echo "verifying PGP $downloadfile ..." + gpg -q --homedir "." --verify $downloadfile 2> /dev/null \ + || die_hard_with_a_cleanup "gpg rejected signature of $downloadurl" gpg -q --homedir "." < $downloadfile > checksums.txt 2> /dev/null \ || die_hard_with_a_cleanup "gpg rejected signature of $downloadurl"
please unblock glade-3 3.6.7-2.1
Hi, Please unblock glade-3 3.6.7-2.1. * Non-maintainer upload. * debian/patches/03_gmodule.patch: Added. Closes: #669485. Patch by Andreas Henriksson . Debdiff attached. (The list of uploaders is kept up-to-date automatically.) Regards, Bart Martens diff -Nru glade-3-3.6.7/debian/changelog glade-3-3.6.7/debian/changelog --- glade-3-3.6.7/debian/changelog 2011-07-27 01:35:24.0 + +++ glade-3-3.6.7/debian/changelog 2012-07-29 08:04:06.0 + @@ -1,3 +1,11 @@ +glade-3 (3.6.7-2.1) unstable; urgency=low + + * Non-maintainer upload. + * debian/patches/03_gmodule.patch: Added. Closes: #669485. +Patch by Andreas Henriksson . + + -- Bart Martens Sun, 29 Jul 2012 08:02:50 + + glade-3 (3.6.7-2) unstable; urgency=low * Switch to dpkg source format 3.0 (quilt). diff -Nru glade-3-3.6.7/debian/control glade-3-3.6.7/debian/control --- glade-3-3.6.7/debian/control 2011-07-27 02:15:40.0 + +++ glade-3-3.6.7/debian/control 2012-07-29 08:34:47.0 + @@ -7,7 +7,7 @@ Section: gnome Priority: optional Maintainer: Debian GNOME Maintainers -Uploaders: Deng Xiyue , Josselin Mouette , Loic Minier , Michael Biebl , Sebastian Dröge +Uploaders: Deng Xiyue , Josselin Mouette , Loic Minier , Michael Biebl Vcs-Browser: http://svn.debian.org/viewsvn/pkg-gnome/desktop/unstable/glade-3 Vcs-Svn: svn://svn.debian.org/svn/pkg-gnome/desktop/unstable/glade-3 Build-Depends: cdbs (>= 0.4.41), diff -Nru glade-3-3.6.7/debian/patches/03_gmodule.patch glade-3-3.6.7/debian/patches/03_gmodule.patch --- glade-3-3.6.7/debian/patches/03_gmodule.patch 1970-01-01 00:00:00.0 + +++ glade-3-3.6.7/debian/patches/03_gmodule.patch 2012-07-29 08:04:18.0 + @@ -0,0 +1,15 @@ +Description: add gmodule-2.0 to GTK_LIBS + Fixes build failure reported in http://bugs.debian.org/669485 +Author: Andreas Henriksson + +--- glade-3-3.6.7.orig/configure.ac glade-3-3.6.7/configure.ac +@@ -116,7 +116,7 @@ GTK_DOC_CHECK(1.9) + dnl + dnl Check for gtk+ + dnl +-PKG_CHECK_MODULES(GTK, [gtk+-2.0 >= 2.14.0 gthread-2.0 libxml-2.0 >= 2.4.0]) ++PKG_CHECK_MODULES(GTK, [gtk+-2.0 >= 2.14.0 gthread-2.0 libxml-2.0 >= 2.4.0 gmodule-2.0]) + AC_SUBST(GTK_LIBS) + AC_SUBST(GTK_CFLAGS) + diff -Nru glade-3-3.6.7/debian/patches/series glade-3-3.6.7/debian/patches/series --- glade-3-3.6.7/debian/patches/series 2011-07-27 01:08:29.0 + +++ glade-3-3.6.7/debian/patches/series 2012-07-29 08:04:51.0 + @@ -1,3 +1,4 @@ 01_gladeui-types.patch 02_link_gtk-doc_scanner.patch +03_gmodule.patch 99_ltmain_as-needed.patch
please unblock abe 1.1+dfsg-1
Hi, Please unblock abe 1.1+dfsg-1. The changes : | abe (1.1+dfsg-1) unstable; urgency=low | |* Repackaged upstream tarball to remove libraries for Win32 in binary form | without source code. Closes: #685150. | | -- Bart Martens Fri, 17 Aug 2012 17:28:04 + Debdiff attached. Regards, Bart Martens Binary files /tmp/t3ALrlYTYV/abe-1.1/SDL.dll and /tmp/6rpKLGCuXg/abe-1.1+dfsg/SDL.dll differ Binary files /tmp/t3ALrlYTYV/abe-1.1/SDL_mixer.dll and /tmp/6rpKLGCuXg/abe-1.1+dfsg/SDL_mixer.dll differ diff -Nru abe-1.1/debian/changelog abe-1.1+dfsg/debian/changelog --- abe-1.1/debian/changelog 2012-08-17 17:48:02.0 + +++ abe-1.1+dfsg/debian/changelog 2012-08-17 17:48:04.0 + @@ -1,3 +1,10 @@ +abe (1.1+dfsg-1) unstable; urgency=low + + * Repackaged upstream tarball to remove libraries for Win32 in binary form +without source code. Closes: #685150. + + -- Bart Martens Fri, 17 Aug 2012 17:28:04 + + abe (1.1-4) unstable; urgency=low * debian/patches/06_hardening-format-security.diff: Closes: #643343. diff -Nru abe-1.1/debian/copyright abe-1.1+dfsg/debian/copyright --- abe-1.1/debian/copyright 2012-08-17 17:48:02.0 + +++ abe-1.1+dfsg/debian/copyright 2012-08-17 17:48:04.0 + @@ -5,6 +5,20 @@ http://abe.sourceforge.net/ +How the file abe_1.1+dfsg.orig.tar.gz was created : + +md5sum abe_1.1.orig.tar.gz abe-1.1.tar.gz +5537920e1746708e1a631d84d3500f5c abe_1.1.orig.tar.gz +5537920e1746708e1a631d84d3500f5c abe-1.1.tar.gz +tar xzf abe_1.1.orig.tar.gz +rm abe-1.1/SDL.dll +rm abe-1.1/SDL_mixer.dll +mv abe-1.1 abe-1.1.orig +tar cf abe_1.1+dfsg.orig.tar abe-1.1.orig +gzip -9 abe_1.1+dfsg.orig.tar +md5sum abe_1.1+dfsg.orig.tar.gz +0dbea531d34b078af0529f297df3eb6f abe_1.1+dfsg.orig.tar.gz + Upstream authors: Gabor Torok @@ -37,5 +51,5 @@ Public License can be found in `/usr/share/common-licenses/GPL'. The Debian packaging is -Copyright (C) 2007-2008, Bart Martens +Copyright (C) 2007-2012, Bart Martens and is licensed under the GPL, see above.
Bug#689262: unblock: xchat/2.8.8-7
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
Hello,
Please unblock xchat 2.8.8-7. It fixes "grave" bug 147832 about loss of data
when the disk is full. Debdiff attached. It's basically ten times the same
approach like I did for bug 463072.
Regards,
Bart Martens
diff -Nru xchat-2.8.8/debian/changelog xchat-2.8.8/debian/changelog
--- xchat-2.8.8/debian/changelog 2012-06-13 18:07:56.0 +
+++ xchat-2.8.8/debian/changelog 2012-09-30 15:19:00.0 +
@@ -1,3 +1,20 @@
+xchat (2.8.8-7) unstable; urgency=low
+
+ * The "Just Married" release.
+ * debian/patches/56_save_servlist.patch: Added. Closes: #147832.
+Added more similar patches :
+debian/patches/57_save_url.patch
+debian/patches/58_save_notify.patch
+debian/patches/59_save_colors.patch
+debian/patches/60_save_chanlist.patch
+debian/patches/61_save_editlist.patch
+debian/patches/62_save_chanopt.patch
+debian/patches/63_save_keybindings.patch
+debian/patches/64_save_pevents.patch
+debian/patches/65_save_sound.patch
+
+ -- Bart Martens Sun, 30 Sep 2012 08:57:19 +
+
xchat (2.8.8-6) unstable; urgency=high
* The "Euro 2012" release.
diff -Nru xchat-2.8.8/debian/patches/56_save_servlist.patch xchat-2.8.8/debian/patches/56_save_servlist.patch
--- xchat-2.8.8/debian/patches/56_save_servlist.patch 1970-01-01 00:00:00.0 +
+++ xchat-2.8.8/debian/patches/56_save_servlist.patch 2012-09-30 15:21:39.0 +
@@ -0,0 +1,129 @@
+Write to temporary file and then rename.
+Same approach like I did for bug 463072.
+Fixes loss of data when disk is full.
+Closes: #147832.
+
+Index: xchat-2.8.8/src/common/servlist.c
+===
+--- xchat-2.8.8.orig/src/common/servlist.c 2012-09-30 12:23:53.0 +
xchat-2.8.8/src/common/servlist.c 2012-09-30 12:23:55.0 +
+@@ -1072,6 +1072,7 @@
+ servlist_save (void)
+ {
+ FILE *fp;
++ int nb;
+ char buf[256];
+ ircnet *net;
+ ircserver *serv;
+@@ -1080,12 +1081,12 @@
+ #ifndef WIN32
+ int first = FALSE;
+
+- snprintf (buf, sizeof (buf), "%s/servlist_.conf", get_xdir_fs ());
++ snprintf (buf, sizeof (buf), "%s/servlist_.conf.bug147832", get_xdir_fs ());
+ if (access (buf, F_OK) != 0)
+ first = TRUE;
+ #endif
+
+- fp = xchat_fopen_file ("servlist_.conf", "w", 0);
++ fp = xchat_fopen_file ("servlist_.conf.bug147832", "w", 0);
+ if (!fp)
+ return FALSE;
+
+@@ -1093,32 +1094,32 @@
+ if (first)
+ chmod (buf, 0600);
+ #endif
+- fprintf (fp, "v="PACKAGE_VERSION"\n\n");
++ nb = fprintf (fp, "v="PACKAGE_VERSION"\n\n");
+
+ list = network_list;
+ while (list)
+ {
+ net = list->data;
+
+- fprintf (fp, "N=%s\n", net->name);
++ if( nb > 0 ) nb = fprintf (fp, "N=%s\n", net->name);
+ if (net->nick)
+- fprintf (fp, "I=%s\n", net->nick);
++ if( nb > 0 ) nb = fprintf (fp, "I=%s\n", net->nick);
+ if (net->nick2)
+- fprintf (fp, "i=%s\n", net->nick2);
++ if( nb > 0 ) nb = fprintf (fp, "i=%s\n", net->nick2);
+ if (net->user)
+- fprintf (fp, "U=%s\n", net->user);
++ if( nb > 0 ) nb = fprintf (fp, "U=%s\n", net->user);
+ if (net->real)
+- fprintf (fp, "R=%s\n", net->real);
++ if( nb > 0 ) nb = fprintf (fp, "R=%s\n", net->real);
+ if (net->pass)
+- fprintf (fp, "P=%s\n", net->pass);
++ if( nb > 0 ) nb = fprintf (fp, "P=%s\n", net->pass);
+ if (net->autojoin)
+- fprintf (fp, "J=%s\n", net->autojoin);
++ if( nb > 0 ) nb = fprintf (fp, "J=%s\n", net->autojoin);
+ if (net->nickserv)
+- fprintf (fp, "B=%s\n", net->nickserv);
++ if( nb > 0 ) nb = fprintf (fp, "B=%s\n", net->nickserv);
+ if (net->encoding && strcasecmp (net->encoding, "System") &&
+ strcasecmp (net->encoding, "System default"))
+ {
+- fprintf (fp, "E=%s\n", net->encoding);
++ if( nb > 0 ) nb = fprintf (fp, "E=%s\n", net->encoding);
+ if (!servlist_check_encoding (net->encoding))
+ {
+ snprintf (buf, sizeof (buf), _("Warning: \"%s\" character set is unknown. No conversion will be applied for network %s."),
+@@ -1128,28 +1129,44 @@
+ }
+
+ if (net->command)
+- token_foreach (net->command, '\n', servlist_write_ccmd, fp);
++ if( nb > 0 )
++if( token_foreach (net->command, '\n', servlist_write_ccmd, fp) != TRUE )
++ nb = -1;
+
+- fprintf (fp, "F=%d\nD=%d\n", net->flags, net->selected);
++ if( nb > 0 ) nb = fprintf (fp, "F=%d\nD=%d
Bug#689825: unblock: pymongo/2.2-2
Hi Federico, On Sat, Oct 06, 2012 at 07:48:17PM +0100, Federico Ceratto wrote: > Please unblock package pymongo > > Version 2.2-2 is affected by bug #689283 and #688040 > Version 2.2-3, currently in Unstable, fixes those two bugs (and has no other > changes) > > Thanks! You probably meant to ask an unblock for 2.2-3, not 2.2-2. I have reopened bug 689283, because the bug is not fully solved in 2.2-3. So I suggest debian-release to wait with the unblock for now. Regards, Bart Martens -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121007083852.gb21...@master.debian.org
request for removal of flashplugin-nonfree 1:2.8.2+squeeze1 from oldstable
Hello, Please remove flashplugin-nonfree 1:2.8.2+squeeze1 from oldstable. I agreed with the security team to not provide a fix for bug 752277 and request the removal of the package from oldstable instead. Regards, Bart Martens -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140624175852.ga19...@master.debian.org
Bug#761667: wheezy-pu: package flashplugin-nonfree/1:3.2+wheezy1
Package: release.debian.org Severity: normal Tags: wheezy User: release.debian@packages.debian.org Usertags: pu Is the attached patch OK for an update in stable ? It's a security fix, but the security team doesn't do security updates for section contrib. See #752277 for all details. Regards, Bart Martens diff -ruN orig/flashplugin-nonfree-3.2/debian/changelog flashplugin-nonfree-3.2+wheezy1/debian/changelog --- orig/flashplugin-nonfree-3.2/debian/changelog 2012-12-13 22:07:41.0 +0100 +++ flashplugin-nonfree-3.2+wheezy1/debian/changelog 2014-06-22 19:53:42.0 +0200 @@ -1,3 +1,12 @@ +flashplugin-nonfree (1:3.2+wheezy1) stable; urgency=high + + * Fixes the security bug reported by Jakub Wilk on 22 Jun 2014 09:16:18 +0200 +on #752277 : ++ pubkey.asc: Replaced with the public key of a new keypair. ++ update-flashplugin-nonfree: Download files signed with new key. + + -- Bart Martens Sun, 22 Jun 2014 19:35:06 +0200 + flashplugin-nonfree (1:3.2) unstable; urgency=low * update-flashplugin-nonfree: Added use of "gpg --verify" to notice files diff -ruN orig/flashplugin-nonfree-3.2/pubkey.asc flashplugin-nonfree-3.2+wheezy1/pubkey.asc --- orig/flashplugin-nonfree-3.2/pubkey.asc 2009-09-09 19:21:28.0 +0200 +++ flashplugin-nonfree-3.2+wheezy1/pubkey.asc 2014-06-22 19:52:35.0 +0200 @@ -1,64 +1,30 @@ -BEGIN PGP PUBLIC KEY BLOCK- -Version: GnuPG v1.4.9 (GNU/Linux) +Version: GnuPG v1.4.12 (GNU/Linux) -mQINBEo15F8BEADBmwCZvYr2DQf8/azmolFw0jW0l2LjXcmIbHIWd9AFDhPmcy5c -Kk5zKQtXDtQVJVtqAo52vklqidp4jr75ss/Ns1UTqbtY4mjaKATHShedvijDBoj3 -9QYry6L/rMMZvXi8L86GpBepXNmRiTyE/Jl6K0hQpj7MBEAjLLhgpSOaNWrLm9Tb -5dNifX0MlCqnfe1YdbYA3GkY+OfAJpUPZhs76kHXb3ufqhVpNw9E6vaoxkyyChza -Nfwfu1plnNuobcImEBWf3xSErfFV6Nr5cxYE/+HvZ4er/v2zMjFpPXGWECx3ZD1W -Zd2pIJwu7Rl2EVVmR13qrEgBwfmly2LgGfTWFNTd8dmeVIfk1kJJYnCnYf8UIwYp -fVrMco91DxUflUs+N8uSjkWN4de6TI8OxCmZdyqyghgxBxziVuqTU/m2g0Y751n5 -hnJMrGAown0AimTkIYR2S8vBfteQHCHuxktKKfw1ax/cs6nSWfsLvxVSYS8D4z44 -R1dSt00XZRPt5DYCw0jr64iFcpIY2R4qqFOwCYxqBRxnDlRj6PfIQJEgm2zCg0D2 -lYYdXzeh1ho7Zx9k7eY2XJlZlO4OW+16ua2rF6IaFfeHQcLwWnTOeTc6uWLH2Z8u -WQyQjtnB0Nfhn43HsOHxPFry++iR2UVa/d5iGchd7u/3/2D62RhPATSC7wARAQAB -tB1CYXJ0IE1hcnRlbnMgPGJhcnRtQGtuYXJzLmJlPokCOgQTAQgAJAIbAwULCQgH -AwUVCgkICwUWAgMBAAIeAQIXgAUCSjXlsQIZAQAKCRAzVfTWO1ghzFe4EACHrCve -I2dOPEnuNpUufH6n294TWItc7yBdInh5uKLuV9OnLZMh5S4DhZhTH/MEmhYFaJ2p -mBDUUYj9Qn2K5meC0TVlgr3ikQPQNgkVOSrGdC5DYVr/LgRd1h20peniwr/8Cmmw -+oVA4oQ7UdviiJZaUbtZe1ntFbZqWJz9pVuVIAAusMkCUCg4YY+9BrftCS+k8Zb8 -k+loMWSiWF7ALkNn6dlPk36JSwSboHijkmS3080/zyV6PS9VYxlyMR5Sw1z8czxm -75Qs52CQErCIlQB+4pgVPWOE6IufbOCDfv2CQ8IqYeHK30cah1ws1TuDm7QxERwv -NoDgaJEXbMpSVQzU8qCucnLz2IAJEz6KCeMW+Cv2NSe7c6ayoh8XX1wvWGaT7gnQ -nA3ALotdyg64rWUUmrp81TyYWvGNTxlNuN9Am46MO0n2f4KdtaLw6cpdSwbcA4AP -wT/k2Ob37MSZcaI2Cz5caSnsvqoiSYLTWYXf+fmCwgi60cS6WRDxCzgpBLh1Q0Ay -zfA+Lt7MioAY2JkzTalSvFG7FzckqQ/I+4PCdE3tkljMsh98q8C2Lwa7SFkk9s9L -nAjrIGqdKoqE006JJ65/WcLOtaPKFqoqWrwCQREpUGuOT/wAtntq7U0yu9DFKWYm -n0WXmlI8oSBgPxu7KMOM+5lRjEB0UgKrzm3KCLQfQmFydCBNYXJ0ZW5zIDxiYXJ0 -bUBkZWJpYW4ub3JnPokCNwQTAQgAIQIbAwULCQgHAwUVCgkICwUWAgMBAAIeAQIX -gAUCSjXlrQAKCRAzVfTWO1ghzCGqD/9ReABDWD/GU9wr1t66cAHzNPGErdm0Ml9j -NK1x0jDJduNAOVYnW9dSf5tfQMLCNB8CtveYMgTJAoi3lQR8VMf9rd9vBxQwe2/N -vo+1lg35CD3kneZvnlI3ZFFh5XAYikk3p9fQNdDAOZsDiLkCHdG9643ELqst5BVh -O8mUaPuPJoHwKcM540saeAsSiQXvicw9O96JUUlbDB9SEP7HGGWKpuWlIYxWE4qY -2RimVUkTcH73Gn+yN+9HSPuHn2SG1racsuqOgyPPac9KOcGA6pYUYqr7ZV/Qurd8 -DZ29tWTWp6rAYm9gqDwqa3UxIm4lqtbmnbLdKksyAbXd6jZNYI0kiZTWbYazotFu -FmK8Jj2dY36qeTJYdTnxLqS9/OFzY8Co8xdKnw9xwG7F9G8atvEn3FlElREZceiG -zyZ77Oh932mvLuETBTibABTTZZMP1mxYqIx2TcIj2Lple9RnCPVerY4wgIWWPyl5 -5LZWYJ93+Q7L7L0AcV6yrOftONPCePYCHPRj+ebSEX7Se0p3yWamuanPuNkTEGnt -VSk1FoyNqw2BJjpMDMpvHTmKupioG5i6rUM9+R/gFyn68wJcxzNM2YPXmQIulnJM -hx0oydAuiQk6/ONvFhfMfXsjZixuryhXg69Pm/VjdBSQwz6kSmh56le8NrtelStM -tUOEPA10BrkCDQRKNeZBARAA25Vs4gdy6qwnzjywxQaYjUZMAGXrV0TU69CpB3m1 -rgXy+REUd8wTWPZ6wX/OGVN4I0+pAxeEeocCXdqE9vfLQUwI5d1OrseA72tDme56 -SHigsfSQfYkQ8pDFmkHOjbtzaEAp7HsyqRnPb6iX3BZC23AecNxOFguCHld32Nfi -4UImma4ZAqzn7pq3hjzrsc5A2s3F2YZj+eJ1Gbcb+phs4jm0RTnS5nJpf+UW/60S -jt0nx9ZjzrYCiJyDjZCjW8Mb7Tyc4Qhbz2acH9URk/6KnUE7cdFXaDTIEXdhCGkT -sFV2XoOyIKkqIOdiaVhBF8YJ5kvJsYN1abW1IZaAiGOH0HFhI1OGpbhvWPmqq9+b -yOJNHpDtfdgoG2x+CFwxoys0JvgtdrZAgdS+Zdmaqrx3sJbY7iHfNSMbkjKV5a3M -1ZY/83dyH/J2d0q5Fc/bpuBFmJO1P++gXryY3Q+dGCoc4Y0A3/8jeuTeECscoNpK -o55+LQSH/qXrBUrQhKInOyxt8zYr43tLthNcESLgjkyUtD3mYHgiK39isvj3a1Lj -o6QHUq1kA5esE3XI9v/8PyVcbaUGNoqSAN8NjtvktNOnj4ZY9efJxlVjcr0sPRqy -WyEXP1P/gKUsJ9e8XgMOZhx1x+z7f09CPCWOgGpjaQoHrHUcb6kJpLDFdeFKdKPO -SNUAEQEAAYkCHwQYAQgACQUCSjXmQQIbDAAKCRAzVfTWO1ghzEZOEACgQo6Ao4N5 -wmchQplYItp6vKl0+4YvDohtsLvaFvnoFuQGAe06f62ZPi2VN2Xg9EaDWv2nyjN7 -F4+yVeowW0c2+mpjvkZdZOTtaImUIHKScTu/JzzeNLTm64LhcgSdOCVnqxuB8bq8 -m5GONyFX1YV5tl9BJ8x2kPnx5lA32Dx/An2ct630R2+/TEHcwncDtx2LtpHHvcQk -i9ChF69cHeRRQz0se/5yGLnrcNZaH5z0cBBP91jCwlwFjxZoTqp6Ps8nUkpYH2zL -fNRguq2UomtCCOPG0Ab1mw5hV1IxJlazxg0H7UYf58x0
Bug#761667: wheezy-pu: package flashplugin-nonfree/1:3.2+wheezy1
Hi Jonathan, On Wed, Sep 17, 2014 at 06:13:33PM +0100, Jonathan Wiltshire wrote: > This wasn't in your original request. What's its purpose? Its purpose is to fix #760638, as mentioned in the changelog. https://release.debian.org/proposed-updates/stable_diffs/flashplugin-nonfree_3.2+wheezy1.debdiff Regards, Bart Martens -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140917174948.ga31...@master.debian.org
request for exception to policy 10.7.3
Hi debian-release, Bug 760388 still happens with pepperflashplugin-nonfree 1.7 depending on which version of chromium is used. With older versions of chromium, pepperflashplugin-nonfree still updates /etc/chromium/default (violation of policy 10.7.3). With newer versions of chromium, pepperflashplugin-nonfree adds a file in /etc/chromium.d/ instead (no violation of policy 10.7.3). So I now have two options : 1. Modify pepperflashplugin-nonfree to never violate policy 10.7.3, and close bug 760388. As a consequence, pepperflashplugin-nonfree becomes useless for users of an older version of chromium. I'm afraid that this will lead to quite some complaints, given the somewhat high popcon : https://qa.debian.org/popcon.php?package=pepperflashplugin-nonfree 2. Keep pepperflashplugin-nonfree as it is now (1.7), tolerating that it still violates policy 10.7.3 for old versions of chromium, and close bug 760388 because it won't violate policy 10.7.3 for new versions of chromium, so somewhat bending policy on this. As a consequence, pepperflashplugin-nonfree remains useful for users of older and newer chromium versions. OK for you to follow option 2 ? Regards, Bart Martens -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141011054454.gb10...@master.debian.org
Re: request for exception to policy 10.7.3
On Sat, Oct 11, 2014 at 10:01:39AM +0200, Niels Thykier wrote: > On 2014-10-11 07:44, Bart Martens wrote: > > Hi debian-release, > > > > Bug 760388 still happens with pepperflashplugin-nonfree 1.7 depending on > > which > > version of chromium is used. [...] > > I am guessing you are needing a chromium (>= 37.0.2062.120-4) for > avoiding the issue? It is true that the relevant change in chromium is in chromium 37.0.2062.120-4. > > > So I now have two options : > > > > [...] > > > > OK for you to follow option 2 ? > > > > Regards, > > > > Bart Martens > > > > > > Can we solve this by adding such a dependency on the newer chromium That would be somewhat wrong, because pepperflashplugin-nonfree could be useful with browsers other than chromium, which is why chromium is currently in "Suggests", not in "Depends". > and then fixing #760388 for Jessie? Depending on how one looks at this, pepperflashplugin-nonfree 1.7 is already fixed for Jessie. > Beyond chromium needing to migrate, is this solution missing something? No, nothing else is needed. I see now two alternative approaches : 1. Modify pepperflashplugin-nonfree to never violate policy 10.7.3, and close bug 760388. As a consequence, pepperflashplugin-nonfree becomes useless for users of an older version of chromium. I can make that explicit by adding "Conflicts: chromium (< 37.0.2062.120-4)". 2. Keep pepperflashplugin-nonfree as it is now (1.7), tolerating that it still violates policy 10.7.3 for old versions of chromium, and close bug 760388 because it won't violate policy 10.7.3 for new versions of chromium, so somewhat bending policy on this. As a consequence, pepperflashplugin-nonfree remains useful for users of older and newer chromium versions. I guess you prefer approach 1 ? Regards, Bart Martens -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141012080256.gb10...@master.debian.org
Re: Bug#456133: qiv imlib
On Fri, 2009-04-17 at 10:09 +0200, Adeodato Simó wrote: > + Bart Martens (Mon, 13 Apr 2009 11:20:05 +0200): > > > At this point, the most recent upstream version of qiv still needs the > > old imlib. > > > Where to go from here ? Possible options: > > > 1. Barry is working with upstream to get qiv updated to no longer need > > the old imlib. Let's appreciate Barry's efforts by giving Barry some > > more time to finish this effort. > > > 2. We could replace qiv by pqiv, which is a program that more or less > > behaves like qiv. > > > 3. Removal from Debian, although popcon reveals that there are still > > quite some users. > > I suggest somebody packages pqiv, we let it migrate to testing, and then > we remove imlib11 and qiv from testing once icewm has stopped using it. > > I don’t mind that we leave qiv around in unstable for users who may not > be happy with pqiv, and to “wait and see” if upstream moves and ends up > upgrading to imlib2. But if Squeeze comes and this has not happened, we > should remove qiv from unstable as well I think. > > Bart, thanks for the pointer to pqiv: would you be up to packaging it? > I’m a qiv user myself, and after compiling it here, it seems to fill the > niche gracefully. If not, I’ll file a RFP. > > Thoughts on this plan? Good plan. I just uploaded pqiv, so this will appear in NEW soon. I chose to package pqiv without "Conflicts/Provides/Replaces qiv". At least for now. I see that qiv upstream has a new developer, so maybe the imlib problem in qiv gets solved before squeeze freeze. http://www.klografx.net/qiv/ "Qiv is not longer supported by me (Adam Kopacz), please visit the new Homepage: spiegl.de/qiv" http://spiegl.de/qiv/ qiv.a...@spiegl.de Regards, Bart Martens signature.asc Description: This is a digitally signed message part
upload to stable: berusky
Hello,
I would like to apply the attached patch to the game package "berusky"
in lenny stable.
| Problem description: The level hint shown is the hint for
| the first level of the level set, not the hint for the
| selected level.
| Solution: Set the level number before the level hint is shown,
| so that the shown hint corresponds to the level number.
OK for upload to stable ?
Regards,
Bart Martens
Problem description: The level hint shown is the hint for
the first level of the level set, not the hint for the
selected level.
Solution: Set the level number before the level hint is shown,
so that the shown hint corresponds to the level number.
diff -ruN -x '*.png' -x '*.jpg' -x '*.ogg' -x '*_image_archive' ../orig/berusky-1.1/src/berusky.cpp ./src/berusky.cpp
--- ../orig/berusky-1.1/src/berusky.cpp 2007-03-13 18:34:21.0 +0100
+++ ./src/berusky.cpp 2009-06-13 21:15:53.0 +0200
@@ -121,6 +121,11 @@
return(FALSE);
}
+void berusky::levelset_set_level( int level )
+{
+ state.level_num = level;
+}
+
int berusky::levelset_get_level(void)
{
return(state.level_num);
diff -ruN -x '*.png' -x '*.jpg' -x '*.ogg' -x '*_image_archive' ../orig/berusky-1.1/src/berusky_gui.cpp ./src/berusky_gui.cpp
--- ../orig/berusky-1.1/src/berusky_gui.cpp 2007-04-22 09:47:30.0 +0200
+++ ./src/berusky_gui.cpp 2009-06-13 21:18:52.0 +0200
@@ -874,6 +874,7 @@
bool ret = p_ber->levelset_load(set);
assert(ret);
+p_ber->levelset_set_level(level);
p_grf->fill(0,0,GAME_RESOLUTION_X,GAME_RESOLUTION_Y,0);
p_font->alignment_set(CENTER);
diff -ruN -x '*.png' -x '*.jpg' -x '*.ogg' -x '*_image_archive' ../orig/berusky-1.1/src/berusky.h ./src/berusky.h
--- ../orig/berusky-1.1/src/berusky.h 2007-04-23 21:10:03.0 +0200
+++ ./src/berusky.h 2009-06-13 20:43:19.0 +0200
@@ -143,6 +143,7 @@
bool levelset_load(int set);
bool levelset_is_custom(void);
+ void levelset_set_level(int level);
intlevelset_get_level(void);
intlevelset_get_set(void);
intlevelset_get_levelnum(void);
please binnmu klavaro
Hi, Please binNMU klavaro 1.3.4-1. Closes: #554376. Regards, Bart Martens signature.asc Description: This is a digitally signed message part
please unblock klavaro 1.9.4-2
Hello,
Please unblock klavaro 1.9.4-2. This package fixes one important bug, 675386.
Debdiff attached.
Regards,
Bart Martens
diff -Nru klavaro-1.9.4/debian/changelog klavaro-1.9.4/debian/changelog
--- klavaro-1.9.4/debian/changelog 2012-05-08 20:50:27.0 +
+++ klavaro-1.9.4/debian/changelog 2012-07-12 19:45:26.0 +
@@ -1,3 +1,9 @@
+klavaro (1.9.4-2) unstable; urgency=low
+
+ * debian/patches/blinking_cursor_fix.diff: Added. Closes: #675386.
+
+ -- Bart Martens Thu, 12 Jul 2012 19:00:51 +
+
klavaro (1.9.4-1) unstable; urgency=low
* New upstream release.
diff -Nru klavaro-1.9.4/debian/patches/blinking_cursor_fix.diff klavaro-1.9.4/debian/patches/blinking_cursor_fix.diff
--- klavaro-1.9.4/debian/patches/blinking_cursor_fix.diff 1970-01-01 00:00:00.0 +
+++ klavaro-1.9.4/debian/patches/blinking_cursor_fix.diff 2012-07-12 19:44:32.0 +
@@ -0,0 +1,58 @@
+From: Felipe Castro
+Subject: Re: Bug#675386: klavaro: (Blinking) cursor lags makes klavaro difficult to use
+Date: Thu, 12 Jul 2012 09:27:23 -0300
+
+diff -b -B -u -r klavaro-1.9.4/src/cursor.c klavaro-1.9.5/src/cursor.c
+--- klavaro-1.9.4/src/cursor.c 2011-07-03 12:30:30.0 -0300
klavaro-1.9.5/src/cursor.c 2012-06-02 21:15:47.0 -0300
+@@ -222,9 +222,9 @@
+ gtk_text_buffer_get_iter_at_mark (buf, &end, gtk_text_buffer_get_insert (buf));
+ gtk_text_iter_forward_char (&end);
+ if (tutor_get_correcting ())
+- gtk_text_buffer_apply_tag_by_name (buf, "cursor_blink", &start, &end);
+- else
+ gtk_text_buffer_remove_tag_by_name (buf, "cursor_blink", &start, &end);
++ else
++ gtk_text_buffer_apply_tag_by_name (buf, "cursor_blink", &start, &end);
+ }
+
+ /**
+@@ -245,7 +245,7 @@
+ gtk_text_buffer_get_iter_at_mark (buf, &end, gtk_text_buffer_get_insert (buf));
+ gtk_text_iter_forward_char (&end);
+ if (tutor_get_correcting ())
+- gtk_text_buffer_remove_tag_by_name (buf, "cursor_blink", &start, &end);
+- else
+ gtk_text_buffer_apply_tag_by_name (buf, "cursor_blink", &start, &end);
++ else
++ gtk_text_buffer_remove_tag_by_name (buf, "cursor_blink", &start, &end);
+ }
+diff -b -B -u -r klavaro-1.9.4/src/tutor.c klavaro-1.9.5/src/tutor.c
+--- klavaro-1.9.4/src/tutor.c 2011-12-23 22:35:08.0 -0200
klavaro-1.9.5/src/tutor.c 2012-06-02 21:24:36.0 -0300
+@@ -574,21 +575,23 @@
+ }
+ else
+ {
+- cursor_on (NULL);
+-
+ switch (tutor.type)
+ {
+ case TT_BASIC:
++ cursor_on (NULL);
+ hints_update_from_char (cursor_get_char ());
+ tutor_speak_char ();
+ return;
+ case TT_ADAPT:
++ cursor_on (NULL);
+ tutor_speak_char ();
+ return;
+ case TT_VELO:
++ cursor_on (NULL);
+ tutor_speak_word ();
+ return;
+ case TT_FLUID:
++ cursor_off (NULL);
+ return;
+ }
+ }
diff -Nru klavaro-1.9.4/debian/patches/series klavaro-1.9.4/debian/patches/series
--- klavaro-1.9.4/debian/patches/series 2012-05-08 21:12:38.0 +
+++ klavaro-1.9.4/debian/patches/series 2012-07-12 19:44:46.0 +
@@ -1 +1,2 @@
02_en_C.diff
+blinking_cursor_fix.diff
please unblock gtkterm 0.99.7~rc1-0.2
Hello,
Please unblock gtkterm 0.99.7~rc1-0.2.
* Non-maintainer upload.
* src/serie.c: Added use of "#ifdef __linux__". Closes: #675835. Patch by
Petr Salinger .
* debian/copyright: Updated.
Debdiff attached.
Regards,
Bart Martens
diff -u gtkterm-0.99.7~rc1/debian/copyright gtkterm-0.99.7~rc1/debian/copyright
--- gtkterm-0.99.7~rc1/debian/copyright
+++ gtkterm-0.99.7~rc1/debian/copyright
@@ -5,10 +5,52 @@
-Upstream Author: Julien Schmitt
+Upstream authors:
+
+Julien Schmitt
+Zach Davis
Copyright:
-You are free to redistribute this software under the terms of the GNU
-General Public License.
-On Debian systems, the complete text of the GNU General Public License can
-be found at /usr/share/common-licenses/GPL.
+Original Code by: (c) Julien Schmitt
+
+License:
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+On Debian systems, the complete text of the GNU General Public License
+version 3 can be found at /usr/share/common-licenses/GPL-3.
+
+The files src/parsecfg.c and src/parsecfg.h have this copyright and license :
+
+Copyright (C) 1999-2001 Yuuki NINOMIYA
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the
+Free Software Foundation, Inc.
+
+The address of the Free Software Foundation, Inc. is 51 Franklin St, Fifth
+Floor, Boston, MA 02110-1301, USA.
+
+On Debian systems, the complete text of the GNU General Public License
+version 2 can be found at /usr/share/common-licenses/GPL-2.
diff -u gtkterm-0.99.7~rc1/debian/changelog gtkterm-0.99.7~rc1/debian/changelog
--- gtkterm-0.99.7~rc1/debian/changelog
+++ gtkterm-0.99.7~rc1/debian/changelog
@@ -1,3 +1,12 @@
+gtkterm (0.99.7~rc1-0.2) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * src/serie.c: Added use of "#ifdef __linux__". Closes: #675835. Patch by
+Petr Salinger .
+ * debian/copyright: Updated.
+
+ -- Bart Martens Fri, 13 Jul 2012 06:17:16 +
+
gtkterm (0.99.7~rc1-0.1) unstable; urgency=medium
* Non-Maintainer upload
only in patch2:
unchanged:
--- gtkterm-0.99.7~rc1.orig/src/serie.c
+++ gtkterm-0.99.7~rc1/src/serie.c
@@ -25,7 +25,9 @@
#include
#include
#include
+#ifdef __linux__
#include
+#endif
#include
#include
#include
@@ -215,8 +217,12 @@
break;
default:
+#ifdef __linux__
set_custom_speed(config.vitesse, serial_port_fd);
termios_p.c_cflag |= B38400;
+#else
+ return NULL;
+#endif
}
@@ -521,6 +527,7 @@
tcsendbreak(serial_port_fd, 0);
}
+#ifdef __linux__
gint set_custom_speed(int speed, int port_fd)
{
@@ -540,6 +547,7 @@
return 0;
}
+#endif
gchar* get_port_string(void)
{
Re: please unblock gtkterm 0.99.7~rc1-0.2
On Sun, Jul 15, 2012 at 11:08:34PM +0200, Cyril Brulebois wrote: > Hello, > > Bart Martens (13/07/2012): > > Please unblock gtkterm 0.99.7~rc1-0.2. > > > >* Non-maintainer upload. > >* src/serie.c: Added use of "#ifdef __linux__". Closes: #675835. Patch > > by > > Petr Salinger . > >* debian/copyright: Updated. > > > > Debdiff attached. > > not quite. Diff against testing is that instead: > 125 files changed, 13434 insertions(+), 41060 deletions(-) Version 0.99.7~rc1-0.1 already has an unblock, so I compared 0.99.7~rc1-0.1 with 0.99.7~rc1-0.2 when requesting an unblock for 0.99.7~rc1-0.2. Regards, Bart Martens -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120715212053.ga2...@master.debian.org
please unblock obexftp 0.23-1.1
Hello, Please unblock obexftp 0.23-1.1. This packages fixes FTBFS #676084 with two small patches. Debdiff attached. Regards, Bart Martens diff -u obexftp-0.23/debian/changelog obexftp-0.23/debian/changelog --- obexftp-0.23/debian/changelog +++ obexftp-0.23/debian/changelog @@ -1,3 +1,12 @@ +obexftp (0.23-1.1) unstable; urgency=low + + * Non-maintainer upload. + * Added patches to fix FTBFS. Closes: #676084. ++ debian/patches/format.diff ++ debian/patches/rstring.diff + + -- Bart Martens Wed, 18 Jul 2012 05:46:10 + + obexftp (0.23-1) unstable; urgency=low * New upstream release diff -u obexftp-0.23/debian/patches/series obexftp-0.23/debian/patches/series --- obexftp-0.23/debian/patches/series +++ obexftp-0.23/debian/patches/series @@ -1 +1,2 @@ - +format.diff +rstring.diff only in patch2: unchanged: --- obexftp-0.23.orig/debian/patches/rstring.diff +++ obexftp-0.23/debian/patches/rstring.diff @@ -0,0 +1,11 @@ +--- ../orig/obexftp-0.23/swig/ruby/ruby_wrap.c 2009-02-17 18:30:40.0 + ./swig/ruby/ruby_wrap.c 2012-07-18 06:56:05.0 + +@@ -2580,7 +2580,7 @@ + + /* VALUE str = StringValue(argv[0]); // perhaps better? */ + arg2 = STR2CSTR(argv[0]); +-arg3 = (int) RSTRING(argv[0])->len; ++arg3 = (int) RSTRING_LEN(argv[0]); + + + only in patch2: unchanged: --- obexftp-0.23.orig/debian/patches/format.diff +++ obexftp-0.23/debian/patches/format.diff @@ -0,0 +1,11 @@ +--- ./swig/ruby/ruby_wrap.c_orig 2009-02-17 18:30:40.0 + ./swig/ruby/ruby_wrap.c 2012-07-18 06:43:04.0 + +@@ -1309,7 +1309,7 @@ + /* Error manipulation */ + + #define SWIG_ErrorType(code)SWIG_Ruby_ErrorType(code) +-#define SWIG_Error(code, msg) rb_raise(SWIG_Ruby_ErrorType(code), msg) ++#define SWIG_Error(code, msg) rb_raise(SWIG_Ruby_ErrorType(code), "%s", msg) + #define SWIG_fail goto fail + +
Bug#675762: I don't see the license violation here
On Fri, Jul 27, 2012 at 10:11:59PM +0200, Rune Tendal Kock wrote: > Most of the files in DJB's original tarball are marked "public > domain". There seems no doubt to me that DJB has in that way given > permission to do anything to the files. The text is clearly "You may distribute unmodified copies of the cdb package", not "you may do anything to the files". > > Were anyone else to write "You may distribute unmodified copies of the > cdb package", it would be natural to assume that they intend that you > may not distribute modified copies. But DJB is a man who is > exceptionally careful with his wordings in such cases. He writes > EXACTLY what he means. Then you confirm that he meant exactly "distribute unmodified copies". > And as he does not actually forbid > distribution of modified copies, The text "You may distribute unmodified copies of the cdb package" clearly allows to distribute unmodified copies, not modified copies. > he has not contradicted his public > domain comments. "Public domain" is not always unconditional. In this case the restriction "unmodified" applies. Regards, Bart Martens -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120727205639.gk14...@master.debian.org
Bug#608805: unblock: gmorgan/0.27-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock gmorgan 0.27-2. The only change: * debian/rules: Replace po/Makefile.in.in. Closes: #583466. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110103164044.ga8...@master.debian.org
flashplugin-nonfree broken in sarge
Hello debian-release@lists.debian.org, http://www.us.debian.org/doc/developers-reference/ch-pkgs.en.html#s-upload-stable > It's best practice to speak with the stable release manager before > uploading to stable/stable-proposed-updates, so that the uploaded > package fits the needs of the next point release. Version 7.0.25-5 of flashplugin-nonfree is broken. It cannot be fixed with minimal changes. Version 7.0.63.1 is reported to work on sarge, but is very different and very young. I would appreciate your advice on what I should/must/may do for the sarge users. Regards, Bart Martens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: flashplugin-nonfree broken in sarge
Hi Bill, About this old thread on debian-release: http://lists.debian.org/debian-release/2006/03/msg00170.html You wrote on Thu, 30 Mar 2006 15:42:01 -0600 on debian-release: > I would suggest to provide a 7.0.25 version with an updated > /etc/update-flashplugin.conf.rb that point to a fixed plugin. I think that this would cause the reopening of old bugs. I understand that you prefer a solution with minimal changes, but in the case of flashplugin-nonfree version 7.0.25 that's not enough, in my opinion. We're a few months later now. Today I suggest to consider version 7.0.63.7sarge1 as documented here: http://wiki.debian.org/FlashPlayer You'll probably want to review it: http://knars.be/bartm/debian/flashplugin-nonfree_7.0.63.7sarge1.dsc http://knars.be/bartm/debian/flashplugin-nonfree_7.0.63.7sarge1.tar.gz If version 7.0.63.7sarge1 is too different from version 7.0.25 to be allowed in stable-proposed-updates, then I suggest that version 7.0.25 is removed from stable, or that I prepare version 7.0.25remove to be distributed in stable to remove the old insecure plugin from sarge installations. Your opinion on this? Regards, Bart Martens signature.asc Description: Digital signature
Re: freeze upstream releases
On Thu, 2006-11-16 at 18:43 -0800, Steve Langasek wrote: > On Thu, Nov 16, 2006 at 02:33:24PM +0100, Bart Martens wrote: > > About this message: > > http://lists.debian.org/debian-devel-announce/2006/11/msg4.html > > > You wrote: > > > We do expect to freeze the full archive soon now that > > > the installer RC 1 is out > > > But also: > > > Please do not upload new upstream releases (...) > > > without discussing with the release team > > > I just agreed with Stephen Quinney to adopt a few perl packages. > > http://lists.debian.org/debian-perl/2006/11/msg00042.html > > > Of course :) I picked a few packages for which new upstream releases are > > available. Some packages are already on their way to my sponsor (cc) > > for verification and upload. > > > Is it OK to upload new upstream releases for these packages? > > > libclass-dbi-loader-relationship-perl > > This one's ok, it only has one reverse-dependency. OK. > > > libexporter-lite-perl > > libxml-simple-perl > > libclass-dbi-perl > > These each have multiple reverse-dependencies. What steps will you take to > ensure that the new upstream versions don't cause regressions in these other > packages? Let's not risk such regressions. It is not so important to me to get the newest upstream releases shipped with etch. Thanks for the feedback. Bart Martens signature.asc Description: This is a digitally signed message part
translation update for "epos" (Re: Etch frozen!)
On Mon, 2006-12-11 at 11:08 +0100, Andreas Barth wrote: > here are the guidelines for changes that will be > accepted into testing during the freeze: > - translation updates and Package "epos" version 1:2.5.37-3 is in unstable. The only difference with testing is a translation update. It would be nice to see this version released with etch. http://packages.qa.debian.org/e/epos.html http://packages.qa.debian.org/e/epos/news/20061210T000202Z.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=402310 Regards, Bart Martens signature.asc Description: This is a digitally signed message part
documentation updates and bug fix for "qiv" (Re: Etch frozen!)
On Mon, 2006-12-11 at 11:08 +0100, Andreas Barth wrote: > here are the guidelines for changes that will be > accepted into testing during the freeze: > - fixes for severity: important bugs in packages of priority: optional > or extra, only when this can be done via unstable; > - documentation fixes. Package "qiv" version 2.0-7 is in unstable. It would be nice to see this version released with etch. The changes with the version in testing are: * debian/README.Debian: Removed. * debian/NEWS.Debian: Added. * debian/patches/10_qiv-nosort_2.diff: Added. Closes: #383110. * debian/patches/11_no_background_opts_2.diff: Added. Closes: #351816. The first two changes are documentation updates. The third change is also a documentation update. It documents "--no_sort, -D" in the usage information shown with "qiv -h". The fourth change is a bug fix. It makes "qiv" no longer silently ignore the removed switches "xyzo". http://packages.qa.debian.org/q/qiv.html http://packages.qa.debian.org/q/qiv/news/20061209T071702Z.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=383110 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=351816 Regards, Bart Martens signature.asc Description: This is a digitally signed message part
regression fix for "xchat" (Re: Etch frozen!)
On Mon, 2006-12-11 at 11:08 +0100, Andreas Barth wrote: > This means that, for all packages that still need to be updated for > Etch, the rules are as follows: > > - If your package needs to be updated for Etch, and the version in > unstable doesn't contain extraneous changes (e.g, the version is the > same between testing and unstable), please upload your fix to > unstable and contact [EMAIL PROTECTED] Package "xchat" version 2.6.8-0.3 is in unstable. It would be nice to see this version released with etch. The changes with the version in testing are: * NMU. * debian/rules, debian/control: Fixed spell checking. Closes: #399143. Removed the option --enable-spell and build-depends on libsexy-dev to use the by default enabled spell checking using libsexy2. * debian/rules: Removed obsolete --enable-japanese-conv and --enable-zvt switches. Closes: #353007. * debian/patches/04_patch361525.dpatch: Added. Activates the busy cursor while xchat is loading. Closes: #361525. * debian/rules: Clean some more in the clean rule. Version 2.6.8-0.1 broke spell checking. The --enable-spell configure option behaves slightly different in the newest upstream version, and I overlooked that. This regression is fixed in version 2.6.8-0.3. The other changes are quite trivial I guess. My three NMU's are with permission from the maintainer (cc). He welcomed my help, and he answered my e-mails within 24 hours. http://packages.qa.debian.org/x/xchat.html http://packages.qa.debian.org/x/xchat/news/20061209T013214Z.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=399143 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=353007 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=361525 Regards, Bart Martens signature.asc Description: This is a digitally signed message part
translation update for "phalanx" (Re: Etch frozen!)
On Mon, 2006-12-11 at 11:08 +0100, Andreas Barth wrote: > here are the guidelines for changes that will be > accepted into testing during the freeze: > - translation updates and Package "phalanx" version 22+d051004-4 is in unstable. The only difference with testing is a translation update. It would be nice to see this version released with etch. http://packages.qa.debian.org/p/phalanx.html http://packages.qa.debian.org/p/phalanx/news/20061219T051702Z.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=401767 Regards, Bart Martens signature.asc Description: This is a digitally signed message part
fix for segfault in "nethogs" (Re: Etch frozen!)
On Mon, 2006-12-11 at 11:08 +0100, Andreas Barth wrote: > - If your package needs to be updated for Etch, and the version in > unstable doesn't contain extraneous changes (e.g, the version is the > same between testing and unstable), please upload your fix to > unstable and contact [EMAIL PROTECTED] Package "nethogs" version 0.6.0-2 is in unstable. The only difference with testing is a fix for a segfault. It would be nice to see this version released with etch. http://packages.qa.debian.org/n/nethogs.html http://packages.qa.debian.org/n/nethogs/news/20070106T230203Z.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405609 Regards, Bart Martens signature.asc Description: This is a digitally signed message part
please don't release open-cobol version 0.32-3 with etch
Hi Debian-Release, I have set the severity of bug 405597 to "grave". I suggest that you remove open-cobol from testing and don't include open-cobol in the etch release unless I get it fixed in time. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405597 Thanks to Dennis Boone <[EMAIL PROTECTED]> for reporting this problem. Regards, Bart Martens signature.asc Description: This is a digitally signed message part
documentation updates and bug fix for "angrydd" (Re: Etch frozen!)
On Mon, 2006-12-11 at 11:08 +0100, Andreas Barth wrote: > - If your package needs to be updated for Etch, and the version in > unstable doesn't contain extraneous changes (e.g, the version is the > same between testing and unstable), please upload your fix to > unstable and contact [EMAIL PROTECTED] > Now, so as not to have everyone contact us at once about packages we > know we won't approve, here are the guidelines for changes that will be > accepted into testing during the freeze: > - documentation fixes. Package "angrydd" version 1.0.1-5 is in unstable. The differences with testing are: angrydd (1.0.1-5) unstable; urgency=low * debian/patches/03_bug405368.diff: Documented keys. Closes: #405368. * debian/patches/04_bug406548.diff: Documented the fullscreen toggle in the manpage, and added this toggle to the config menu. Closes: #406548. * debian/copyright: Updated. -- Bart Martens <[EMAIL PROTECTED]> Sat, 13 Jan 2007 18:37:16 +0100 angrydd (1.0.1-4) unstable; urgency=low * debian/patches/02_unixbros.diff: Breaking a crystal of "over 16 gems" unlocks "unixbros". Closes: #403023. * debian/angrydd.xpm, debian/menu: Added menu icon and long title. -- Bart Martens <[EMAIL PROTECTED]> Fri, 15 Dec 2006 22:00:13 +0100 The patch debian/patches/03_bug405368.diff fixes incomplete documentation. The patch debian/patches/04_bug406548.diff fixes incomplete documentation and adds switching fullscreen/window to the config menu. The code for switching fullscreen/window was already possible with the "f" key or the F11 key; the same code is now added to the config menu. The patch debian/patches/02_unixbros.diff fixes a difference between the documentation and the software (16 != 25 gems). I chose to modify the software to match the documentation, as suggest by the bug submitter. I've also added a menu icon and a long title shown at mouse-over. I think that all changes are safe to be added to etch, but feel free to ask me to throw out some changes if you're not sure. Regards, Bart Martens signature.asc Description: This is a digitally signed message part
Re: Etch frozen!
On Mon, 2006-12-11 at 11:08 +0100, Andreas Barth wrote: > Now, so as not to have everyone contact us at once about packages we > know we won't approve, here are the guidelines for changes that will be > accepted into testing during the freeze: > > - fixes for release critical bugs (i.e., bugs of severity critical, > grave, and serious) in all packages; > > - changes for release goals, if they are not invasive; > > - fixes for severity: important bugs in packages of priority: optional > or extra, only when this can be done via unstable; > > - translation updates and > > - documentation fixes. Hi Debian-Release, The package "flashplugin-nonfree" version 9.0.31.0.1 is in unstable (contrib). I suggest to allow that version to go to stable when etch is released. Differences with testing are: flashplugin-nonfree (9.0.31.0.1) unstable; urgency=low * debian/config, debian/links, debian/postinst, debian/prerm: New plugin release 9,0,31,0. Closes: #407243. * debian/control: Updated "Depends:" with "ldd libflashplayer.so". * debian/po/lt.po: Replaced. Closes: #405326. Thanks to Gintautas Miliauskas <[EMAIL PROTECTED]>. * debian/control: Suggests konqueror-nsplugins. Closes: #405933. * debian/links: Removed symbolic link "/etc/X11/fs /usr/X11R6/lib/X11/fs". See version 7.0.63.6 and bug #363378. Closes: #405567. * debian/copyright: Updated. -- Bart Martens <[EMAIL PROTECTED]> Wed, 17 Jan 2007 19:40:04 +0100 flashplugin-nonfree (9.0.21.78.4) unstable; urgency=low * debian/control: Updated "Depends:". Closes: #402373. * debian/dirs, debian/links: Added support for iceweasel. Closes: #402528. -- Bart Martens <[EMAIL PROTECTED]> Mon, 11 Dec 2006 08:03:50 +0100 The flashplugin-nonfree package is not heavily modified, but it does downloads and installs a new upstream Flash plugin release. Flash plugin 9,0,21,78 is upstream "beta". Flash plugin 9,0,31,0 is upstream "stable". So I think that 9,0,31,0 is the best choice. Regards, Bart Martens signature.asc Description: This is a digitally signed message part
updated flashplugin-nonfree package (Re: Etch frozen!)
On Mon, 2007-01-22 at 08:02 +0100, Bart Martens wrote: > On Mon, 2006-12-11 at 11:08 +0100, Andreas Barth wrote: > > Now, so as not to have everyone contact us at once about packages we > > know we won't approve, here are the guidelines for changes that will be > > accepted into testing during the freeze: > > > > - fixes for release critical bugs (i.e., bugs of severity critical, > > grave, and serious) in all packages; > > > > - changes for release goals, if they are not invasive; > > > > - fixes for severity: important bugs in packages of priority: optional > > or extra, only when this can be done via unstable; > > > > - translation updates and > > > > - documentation fixes. And now for a better "subject" (sorry): Hi Debian-Release, The package "flashplugin-nonfree" version 9.0.31.0.1 is in unstable (contrib). I suggest to allow that version to go to stable when etch is released. Differences with testing are: flashplugin-nonfree (9.0.31.0.1) unstable; urgency=low * debian/config, debian/links, debian/postinst, debian/prerm: New plugin release 9,0,31,0. Closes: #407243. * debian/control: Updated "Depends:" with "ldd libflashplayer.so". * debian/po/lt.po: Replaced. Closes: #405326. Thanks to Gintautas Miliauskas <[EMAIL PROTECTED]>. * debian/control: Suggests konqueror-nsplugins. Closes: #405933. * debian/links: Removed symbolic link "/etc/X11/fs /usr/X11R6/lib/X11/fs". See version 7.0.63.6 and bug #363378. Closes: #405567. * debian/copyright: Updated. -- Bart Martens <[EMAIL PROTECTED]> Wed, 17 Jan 2007 19:40:04 +0100 flashplugin-nonfree (9.0.21.78.4) unstable; urgency=low * debian/control: Updated "Depends:". Closes: #402373. * debian/dirs, debian/links: Added support for iceweasel. Closes: #402528. -- Bart Martens <[EMAIL PROTECTED]> Mon, 11 Dec 2006 08:03:50 +0100 The flashplugin-nonfree package is not heavily modified, but it does downloads and installs a new upstream Flash plugin release. Flash plugin 9,0,21,78 is upstream "beta". Flash plugin 9,0,31,0 is upstream "stable". So I think that 9,0,31,0 is the best choice. Regards, Bart Martens signature.asc Description: This is a digitally signed message part
fixes for "epos"
Hi Debian-Release, I've fixed a few bugs in the package "epos". I suggest that you allow version 1:2.5.37-4 to enter testing. These are the differences: * src/say-epos.cc: Handle -H and -h like --help. Closes: #407058. * src/say-epos.cc: Disabled -k and -r options to forbid normal users to shutdown or restart the epos daemon. * debian/epos.init: Removed the "--name" option from "stop". * debian/control: List supported languages in description. Regards, Bart Martens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
updated package "libiodbc2"
Hi Debian-Release, Package "libiodbc2" version 3.52.4-4 is in unstable. It would be nice to see this version released with etch. These are the differences: * debian/control: Added "m4 (>= 1.4.7)" to Build-Depends. Closes: #404093. Thanks to Martin Guy <[EMAIL PROTECTED]>. * Rebuilding this package makes iodbc depend on libiodbc2. Closes: #405077. Thanks to Martin Guy <[EMAIL PROTECTED]>. * debian/control: Removed duplicate Build-Depends on autotools-dev. * debian/control, debian/compat: Standards version and debhelper version. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404093 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405077 Regards, Bart Martens signature.asc Description: This is a digitally signed message part
unblock requests for young packages
Hi Debian-Release, These packages entered Debian recently. It would be nice to see them added to Etch, if they match your criteria. freedroidrpg 0.10.0+d070110-1 http://packages.qa.debian.org/f/freedroidrpg.html 10 days old (needed 10 days) 0 bug reports popcon 52 Comment: This is a large package, but it's a nice and very playable game. I had lots of hours of fun "testing" this package. :) gwhere 0.2.3.dfsg.1-2 http://packages.qa.debian.org/g/gwhere.html 11 days old (needed 10 days) 0 bug reports popcon 48 Comment: Nice catalog program for CDs and other removable media. I've tested this program only briefly, but it looks fine. gmorgan 0.25-2 http://packages.qa.debian.org/g/gmorgan.html 41 days old (needed 10 days) 0 bug reports popcon 25 Comment: For musicians. Looks nice. I'm still learning how to use it. grhino 0.15.2-3 http://packages.qa.debian.org/g/grhino.html 11 days old (needed 10 days) 0 bug reports popcon 21 Comment: I packaged this game because it can be used as a "gtp-engine" with "quarry". I intend to update "quarry" to depend on "gnugo" and "grhino" (and later also "gamazons") for the "gtp-engines". gamazons 0.83-2 http://packages.qa.debian.org/g/gamazons.html 32 days old (needed 10 days) 1 wishlist bug report popcon 27 Comment: I packaged this game for the AI to be wrapped in a "gtp-engine" for "quarry", see the open wishlist bug. kcheckers 0.8.1-1 http://packages.qa.debian.org/k/kcheckers.html 59 days old (needed 10 days) 0 bug reports popcon 34 Comment: Just another board game. I packaged this game because someone requested a package (RFP). Will you consider these packages for Etch? Thanks in advance, Bart Martens signature.asc Description: This is a digitally signed message part
unblock request for io-stringy 2.110-2
Hi Debian-Release, Package io-stringy version 2.110-2 is in unstable. The differences with testing are: * New maintainer. Closes: #399676. * lib/IO/AtomicFile.pm: Check "close" exit code. Closes: #409947. Patch by Eduardo Pérez Ureta <[EMAIL PROTECTED]>, thanks. RC bug, urgency=medium. * debian/control: Added homepage to description, updated standards version, and fixed "build-depends-indep-should-be-build-depends debhelper". * debian/watch: Updated. It would be nice to see this package enter etch. Regards, Bart Martens signature.asc Description: This is a digitally signed message part
Re: unblock request for io-stringy 2.110-2
On Mon, 2007-02-19 at 15:18 -0800, Steve Langasek wrote: > On Mon, Feb 19, 2007 at 07:55:40PM +0100, Bart Martens wrote: > > Hi Debian-Release, > > > Package io-stringy version 2.110-2 is in unstable. The differences with > > testing are: > > >* New maintainer. Closes: #399676. > >* lib/IO/AtomicFile.pm: Check "close" exit code. Closes: #409947. > > Patch by > > Eduardo Pérez Ureta <[EMAIL PROTECTED]>, thanks. RC bug, > > urgency=medium. > > In fact, this is not an RC bug because I downgraded it. The fix was packaged before the severity was downgraded. > > I don't see any real rationale in the bug report for this being a grave bug > in the first place. How is a call to close *failing*, that not checking its > return value could be such a significant problem? I agree that "grave" is a bit too severe. Anyway, the added error checking seems OK to me, so this fix feels safe. I accept any choice you make about whether or not to add this fix to etch. signature.asc Description: This is a digitally signed message part
Re: updated package "libiodbc2"
On Wed, 2007-02-28 at 19:55 +0100, Luk Claes wrote: > Luk Claes wrote: > > Bart Martens wrote: > >> Hi Debian-Release, > >> > >> Package "libiodbc2" version 3.52.4-4 is in unstable. It would be nice > >> to see this version released with etch. These are the differences: > >> > >>* debian/control: Added "m4 (>= 1.4.7)" to Build-Depends. Closes: > >> #404093. > >> Thanks to Martin Guy <[EMAIL PROTECTED]>. > >>* Rebuilding this package makes iodbc depend on libiodbc2. Closes: > >> #405077. > >> Thanks to Martin Guy <[EMAIL PROTECTED]>. > >>* debian/control: Removed duplicate Build-Depends on autotools-dev. > >>* debian/control, debian/compat: Standards version and debhelper > >> version. > > > > Changing debhelper compat level can introduce subtle changes that can have > > unforseen effects, so we don't accept that in this stage. So, not unblocked. > > Can you please revert the debhelper compat bump to get this fixed version into > testing? Yes, see bug 410706, tagged pending, and here's the modified source package: http://knars.be/bartm/debian/etch/libiodbc2_3.52.4-5.dsc signature.asc Description: This is a digitally signed message part
sarge contrib - flashplugin-nonfree: HTTP header injection vulnerabilities (CVE-2006-5330)
Hi Stable Release Manager(s), Any suggestions on how to handle this bug? http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=402822 Regards, Bart Martens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
unblock request for epos 1:2.5.37-5
Hi Debian-Release, The package "epos" version 1:2.5.37-5 is now in unstable. The difference with testing: * debian/po/pt.po: Added. Closes: #414366. Thanks to Miguel Figueiredo <[EMAIL PROTECTED]>. It would be nice to see this translation update added to etch. Thanks, Bart Martens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
unblock request for gnubik 2.2-7
Hi Debian-Release, The package "gnubik" version 2.2-7 is now in unstable. The differences with testing: * src/colour-sel-gtk.c: Don't abort when closing the colour selection window. Closes: #409090. * debian/copyright: Updated. It would be nice to see these changes added to etch. Thanks, Bart Martens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
unblock request for num-utils 0.5-7
Hi Debian-Release, The package "num-utils" version 0.5-7 is now in unstable. The differences with testing: * numsum: Allow decimals and minus signs with -c and -r. Closes: #410128. * numsum: Added function "decimals_friendly_sum". * debian/copyright: Updated. It would be nice to see these changes added to etch. Thanks, Bart Martens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
unblock request for qiv 2.0-8
Hi Debian-Release, The package "qiv" version 2.0-8 is now in unstable. The differences with testing: * debian/README.Debian, debian/docs: Removed README.Debian, and install debian/NEWS.Debian. Closes: #403936. * debian/qiv.mime: Updated. Closes: #404220. Thanks to Roman Galeyev <[EMAIL PROTECTED]>. It would be nice to see these changes added to etch. Thanks, Bart Martens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Uploading to unstable for an adoption ?
On Fri, 2007-03-16 at 05:04 -0700, Steve Langasek wrote: > On Fri, Mar 16, 2007 at 09:54:06AM +0100, Vincent Fourmond wrote: > > I was wondering if it is reasonable to upload to unstable now for a > > package adoption ? The package (libintl-gettext-ruby) has a high > > popcon rate (around 1800), and modifications to the previous (QA) > > release are rather small (adoption and switch to cdbs and dpatch). > > Yes, nothing at this point prevents you from uploading this package to > unstable. Hi Steve, Would the switch to cdbs still be OK if Vincent would request an unblock? Regards, Bart Martens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
request to cancel unblock requests + request for removal of num-utils
On Fri, 2007-03-16 at 12:33 -0700, Steve Langasek wrote: > we're only unblocking RC > bugfixes at this point, as stated in the last release team update mail. Oops, it seems that I had overlooked this update mail: http://lists.debian.org/debian-devel-announce/2007/03/msg00012.html Feel free to ignore these recent unblock requests: - unblock request for epos 1:2.5.37-5 - unblock request for gnubik 2.2-7 - unblock request for qiv 2.0-8 About the unblock request for num-utils 0.5-7 : Please consider removing num-utils from the etch release. Version 0.5-6 is not good enough in my opinion. Thanks, Bart Martens signature.asc Description: This is a digitally signed message part
flashplugin-nonfree 9.0.48.0.1etch1 for Stable
Hi Stable Debian-Release, Hi Security Team, On 11 July I was notified of a newer upstream release of the Adobe Flash plugin. I updated flashplugin-nonfree in Unstable on the same day. On 12 July I uploaded flashplugin-nonfree 9.0.48.0.1etch1 to Stable. I did not go via the Security Team because last time I was told that the Security Team does not support "contrib" so that such updates should go via Stable release. On 18 July I uploaded flashplugin-nonfree 9.0.48.0.2~bpo.1 to Backports, just in case the Stable release would take time. Now I read this: http://ftp-master.debian.org/proposed-updates.html NOK flashplugin-nonfree - Fix download patch This should probably better go via volatile/backports as one doesn't necessarily want to upgrade the installed version... I don't know when that was written. Did I overlook an e-mail? Going via Volatile and/or Backports is interesting, but that does not inform Stable users who don't have Volatile or Backports in their /etc/apt/sources.list. So I guess that many Debian Stable users are still unknownly using an insecure version of the Flash plugin, installed via the Debian package flashplugin-nonfree in Stable. And that is Not Good. The question now is, do we have a short term solution for the Stable users ? Possible approaches: 1. We could flashplugin-nonfree 9.0.48.0.1etch1 to Stable soon. The only change is the update of the MD5 checksums. Obviously the upstream Flash plugin itself may have been modified heavily, no idea. 2. I can create a special flashplugin-nonfree package for Stable to remove the insecure plugin from the Stable systems, notifying the users of this removal, and suggesting them to use Backports. Can you contact me about further steps that fit your policies please? Regards, Bart Martens signature.asc Description: This is a digitally signed message part
Re: flashplugin-nonfree 9.0.48.0.1etch1 for Stable
On Thu, 2007-08-16 at 17:20 +0200, Luk Claes wrote: > Holger Levsen wrote: > > Hi, > > > > flashplugin-nonfree is still unusable in stable :-( > > > > Remove the package from etch or upload a fixed version? > > I vote for the later. > > So can you please either show that the fixed tarball would only have few > differences with the existing one or that the new version is tested > enough to be considered? If "fixed tarball" means flashplugin-nonfree_9.0.48.0.1etch1.tar.gz then I can confirm that the changes are minimal. See also this bug report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432755 Regards, Bart Martens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
request to remove dosemu-freedos from stable
Please remove dosemu-freedos version 1:0.0.b9r5a-3 from Stable. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442208 signature.asc Description: This is a digitally signed message part
Re: request to remove dosemu-freedos from stable
On Fri, 2007-09-14 at 08:24 +0200, Mike Hommey wrote: > On Fri, Sep 14, 2007 at 08:11:07AM +0200, Bart Martens <[EMAIL PROTECTED]> > wrote: > > Please remove dosemu-freedos version 1:0.0.b9r5a-3 from Stable. > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442208 > > Isn't it simply possible to remove the rerror source and binary ? Or move the package in Stable from contrib to non-free ? Regards, Bart Martens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
please remove old versions of flashplugin-nonfree
Hello Release Managers, Please remove these versions of flashplugin-nonfree: - 7.0.25-5 - 9.0.31.0.1 - 9.0.48.0.1etch1 - 9.0.48.0.3 Regards, Bart Martens signature.asc Description: This is a digitally signed message part
long term solution for flashplugin-nonfree in stable
On Wed, 2007-12-19 at 23:34 +0100, Luk Claes wrote:
> Scott Kitterman wrote:
> > On Wednesday 19 December 2007 12:06, Holger Levsen wrote:
> >> Hi,
> >>
> >> I would like to know what the stable release managers plan to do regarding
> >> flashplugin-nonfree in etch.
> >>
> >> As I see it, there are three options:
> >>
> >> 1. do nothing, keep a broken package in etch
> >>
> >> 2. remove the broken package from etch
> >>
> >> 3. request another upload, as the version currently in stable-proposed
> >> updates has broken since it was uploaded (which was before r1)
> >>
> >>
> >> Additionally I would like to ("officially") ask the volatile team about
> >> their opinion of including flashplugin-nonfree in volatile/contrib. As I
> >> read the requierements for volatile, the package fully fulfills them. (The
> >> package is rock stable and just an installer for (the latest) nonfree flash
> >> (from adobe) - so it does exactly what the users expect.)
> >>
> >>
> > The new Flash is *known* to break konqueror but works as intended on
> > FireFox, the reason for this is konqueror does not support XEmbed. For a
> > stable distribution, I'm not sure what the best solution would be.
>
> I would go for 2
Yes, I agree about removing broken packages.
http://lists.debian.org/debian-release/2007/12/msg00088.html
> if there is an updated version in volatile we point
> people at in the Release Notes.
I'm not convinced that the typical updates of flashplugin-nonfree should
go via volatile. Updating flashplugin-nonfree from 9.0.48.0.* to
9.0.115.0.* involves a new release of closed source software, so it can
include surprises that are very not welcome in Debian stable. Volatile
is meant for fast/frequent/safe updates, for example for updating data
for spam filters or virus scanners. Anything in volatile should be
(almost?) as safe as stable.
http://www.debian.org/volatile/
If we consider volatile-sloppy, even then we should keep in mind that
this won't work for every update of the Adobe Flash Player in the
future, because sometimes newer shared libraries might be required -
libraries that are in testing and unstable but not yet in stable. So
then users of Debian stable would never be sure that their sources.list
guarantees completeness regarding flashplugin-nonfree. So even
volatile-sloppy is not the long term solution I'm looking for, for
flashplugin-nonfree in Debian stable.
The approach that is, in my opinion, closest to reality, is to maintain
flashplugin-nonfree in unstable, allow it to enter testing, keep
flashplugin-nonfree out of stable and oldstable, and maintain a working
package of flashplugin-nonfree for Debian stable at backports.org .
Then users of Debian stable can edit their sources.list once and then
forget about flashplugin-nonfree.
> We should also mention that it breaks
> with konqueror and maybe describe what to do in the case people want to
> use both konqueror and a fixed flashplugin-nonfree. I would use a
> versioned conflicts in the latest flashplugin-nonfree if it doesn't work
> with the konqueror in stable btw.
This feels like regression that should be avoided in stable thus also in
volatile. I think that volatile means fast/frequent updates for Debian
stable but not risky updates.
>
> It would be good if someone could make sure the newest version (with the
> conflicts) gets accepted in volatile and file a bug against
> release-notes including a patch IMHO.
At this point I'm not convinced that uploading flashplugin-nonfree to
volatile would be the best approach.
Much more important, in my opinion, is that the security problem for
Debian stable is not yet solved. See possible approach number 2 in this
message:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432755&msg=40
If that approach number 2 is not acceptable for some reason, then please
at least remove the old versions of flashplugin-nonfree from the
archives, to prevent users wasting time on trying to install these
packages.
http://lists.debian.org/debian-release/2007/12/msg00088.html
Regards,
Bart Martens
signature.asc
Description: This is a digitally signed message part
Re: Preparation of the next stable Debian GNU/Linux update
On Mon, 2007-12-24 at 22:50 +0100, Ina Zobel wrote: > If you disagree with one bit or another, please reply to this mail and > explain why these things should be handled differently. > flashplugin-nonfree stable9.0.31.0.1 i386 source > flashplugin-nonfree updates 9.0.48.0.1etch1 i386 source > > flashplugin-nonfree - New upstream release fixes security problems This should be version 9.0.115.0.1~etch1. Regards, Bart Martens signature.asc Description: This is a digitally signed message part
request for binNMU of ocamlsdl
Hello RM's, I hereby request a binNMU for the package ocamlsdl. Following the instructions "be kind to the RMs" at http://wiki.debian.org/binNMU : ocamlsdl_0.7.2-7, fixes FTBFS #456840, 1, alpha amd64 arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc Regards, Bart Martens --- Begin Message --- Hi, Bart Martens wrote: > Do you agree with Sylvain about this bug ? > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456840 Yes, I think that rebuilding ocamlsdl should solve the problem too. Cheers, Samuel. --- End Message --- signature.asc Description: This is a digitally signed message part
http://release.debian.org/stable/4.0/4.0r3/
Hello, The planned removal of flashplugin-nonfree from stable is missing on http://release.debian.org/stable/4.0/4.0r3/ . Please include the removal of flashplugin-nonfree and update the release-notes accordingly. See: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458550 Regards, Bart Martens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: http://release.debian.org/stable/4.0/4.0r3/
Now signed. :) On Fri, 2008-02-01 at 07:09 +0100, Bart Martens wrote: > Hello, > > The planned removal of flashplugin-nonfree from stable is missing on > http://release.debian.org/stable/4.0/4.0r3/ . > > Please include the removal of flashplugin-nonfree and update the > release-notes accordingly. See: > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458550 > > Regards, > > Bart Martens > signature.asc Description: This is a digitally signed message part
Re: Preparation of the next oldstable Debian GNU/Linux update
On Sat, 2008-03-29 at 19:00 +, Philipp Kern - automated mail wrote: > Preparation of Debian GNU/Linux 3.1r8 > = Can the removal of flashplugin-nonfree be included ? Regards, Bart Martens -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
cmus/2.2.0-3 being uploaded to unstable (Re: Unblock cmus/2.2.0-1.1)
On Mon, 2008-12-29 at 21:38 +0100, Sandro Tosi wrote: > Hi all, > > On Mon, Dec 29, 2008 at 21:00, Moritz Muehlenhoff wrote: > > Please unblock cmus/2.2.0-1.1, which fixes a minor security issue. > > It seems that recent upload of -2 didn't acknowledge that NMU. CCed > the new maintainer and sponsor, that might want to fix this. I'll fix this now. Thanks to Sandro Tosi for noticing this. Moritz, please confirm your unblock request for 2.2.0-3. Regards, Bart Martens signature.asc Description: This is a digitally signed message part
Re: RFC: gThumb upload for Lenny
On Wed, 2009-02-25 at 19:29 +0100, Luk Claes wrote:
> David Paleino wrote:
> > Hello Luk,
> >
> > On Sun, 22 Feb 2009 16:03:22 +0100, Luk Claes wrote:
> >
> >> David Paleino wrote:
> >> [..]
> >>
> >> I guess you should use a version number higher than the one currently in
> >> stable, but please do upload and add an entry on [1].
> >
> > I did, but I got a REJECT:
> >
> > Mapping stable-proposed-updates to proposed-updates.
> > Rejected: gthumb-data_2.10.8-1+lenny1_all.deb: old version (3:2.10.8-1) in
> > testing <= new version (3:2.10.8-1+lenny1) targeted at proposed-updates.
> > Rejected: gthumb_2.10.8-1+lenny1_i386.deb: old version (3:2.10.8-1) in
> > testing <= new version (3:2.10.8-1+lenny1) targeted at proposed-updates.
> > Rejected: gthumb_2.10.8-1+lenny1.dsc: old version (3:2.10.8-1) in testing
> > <= new version (3:2.10.8-1+lenny1) targeted at proposed-updates.
> >
> >>> By the way, should I upload a -2 to sid before going proposed-updates?
> >> Done in the meantime and it's indeed required atm.
> >
> > Obviously, this means I should wait for gthumb 2.10.10-1 to migrate to
> > Squeeze? Isn't this a bit broken? :)
>
> Yes, we're thinking of how to be able to change this behaviour without
> introducing any other problems. Though currently it's indeed the case
> that testing needs a higher version than what you want to upload to
> proposed-updates.
Hello Luk,
I suggest that David follows this approach for getting the critical bug
fixed in stable :
1. file a temporary "serious" bug against gthumb 3:2.10.10-2
to prevent it from entering testing,
2. create gthumb 3:2.10.8-2, starting from 3:2.10.8-1,
with the fix for the critical bug as the only change,
with urgency=high, built with dependencies already in testing,
and upload it to testing-proposed-updates,
3. wait for that package to enter testing,
4. upload his previously prepared package to stable-proposed-updates.
OK for you ? Or can you suggest a different approach ?
Regards,
Bart Martens
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
flashplugin-nonfree in Debian
Hello debian-release team, debian-volatile team, debian-security team, I have updated bug report 457291 "flashplugin-nonfree: decision 2007-12-21: keep this package out of stable starting with lenny". http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457291 I hereby invite you to evaluate how my newest comments on that bug report match or conflict with your policies, and to share your thoughts with me, replies preferably sent to 457291-qu...@bugs.debian.org . Thanks in advance, Bart Martens signature.asc Description: This is a digitally signed message part
