Re: reason for removal of zeroc-ice on armhf and arm64.
Greetings. I'd like to know the status of mumble-server on armhf and arm64 and whether it can be restored for those architectures, because mumble server is commonly run on that hardware and is one one of the base expected programs for the FreedomBox project which has a number of hardware targets for armhf and arm64. https://freedombox.org/ If there's a way I can help let me know, and please keep me in the loop if feasible. Thanks -- Chris -- Chris Knadle chris.kna...@coredump.us (maintainer of mumble in Debian) Adrian Bunk: On Tue, Feb 14, 2023 at 11:56:40AM +, Peter Green wrote: I recently became aware that mumble's build-dependencies were no longer satisfiable on armhf due to a missing zeroc-ice. I looked at the build logs for zeroc-ice and all were green. So I looked at the removal log and found the following. [Date: Sun, 12 Feb 2023 17:56:51 -] [ftpmaster: Scott Kitterman] Removed the following packages from unstable: libzeroc-ice-dev | 3.7.8-2.1 | arm64, armhf libzeroc-ice3.7 | 3.7.8-2.1 | arm64, armhf libzeroc-icestorm3.7 | 3.7.8-2.1 | arm64, armhf mumble-server |1.3.4-4 | arm64, armhf php-zeroc-ice | 3.7.8-2.1 | arm64, armhf python3-zeroc-ice | 3.7.8-2.1 | arm64, armhf zeroc-glacier2 | 3.7.8-2.1 | arm64, armhf zeroc-ice-compilers | 3.7.8-2.1 | arm64, armhf zeroc-ice-utils | 3.7.8-2.1 | arm64, armhf zeroc-icebox | 3.7.8-2.1 | arm64, armhf zeroc-icebridge | 3.7.8-2.1 | arm64, armhf zeroc-icegrid | 3.7.8-2.1 | arm64, armhf zeroc-icepatch2 | 3.7.8-2.1 | arm64, armhf Closed bugs: 1031160 --- Reason --- RoQA; openjfx no longer builds on arm64 and armhf, build-depends not available This strikes me as strange in a couple of ways. 1. The only relationships of zeroc-ice to openjfx are in build-depends-indep and in the binary dependencies of an arch all package. Afaict it is perfectly normal for build-depends-indep and the binary dependencies of arch all packages to only be satisfiable on a subset of the architectures where 2. Only one of the two binaries from the mumble source package was removed. Was this removal just a mistake? or was there a reason behind it that I am not seeing? As requestor of #1031160 I would say this was a mistake, perhaps due to https://tracker.debian.org/pkg/openjfx Issues preventing migration: ∙ ∙ removing openjfx/11.0.11+0-1.1/arm64 from testing makes beast2-mcmc/2.7.3+dfsg-1/arm64 uninstallable ∙ ∙ removing openjfx/11.0.11+0-1.1/arm64 from testing makes josm/0.0.svn18646+dfsg-1/arm64 uninstallable ∙ ∙ removing openjfx/11.0.11+0-1.1/arm64 from testing makes pdfsam/4.3.4-1/arm64 uninstallable This will require a hint from the release team I have not yet requested, since installability of binary-all packages is tested on amd64 and arm64 but there is no requirement that a binary-all package is installable on arm64 and several are not.[1] cu Adrian [1] https://release.debian.org/britney/testing_uninst.txt
Bug#987859: buster-pu: package mumble/1.3.0~git20190125.440b173+dfsg-2
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu Greetings. Attached is a debdiff for mumble to fix CVE-2021-27229 in Buster marked no-dsa by the security team, bug #982904. As the upload to buster-proposed-updates only contains one patch and a changelog entry (the same patch used for mumble in Sid), I'm going to go ahead and do the upload as suggested in Debian Developers Reference §5.5.1 paragraph 3. -- Chris -- Chris Knadle chris.kna...@coredump.us diff -Nru mumble-1.3.0~git20190125.440b173+dfsg/debian/changelog mumble-1.3.0~git20190125.440b173+dfsg/debian/changelog --- mumble-1.3.0~git20190125.440b173+dfsg/debian/changelog 2019-02-28 16:36:21.0 + +++ mumble-1.3.0~git20190125.440b173+dfsg/debian/changelog 2021-04-30 22:24:25.0 + @@ -1,3 +1,16 @@ +mumble (1.3.0~git20190125.440b173+dfsg-2+deb10u1) buster; urgency=medium + + * debian/patches: +- Add 67-only-http-https-URLs-in-Connect.diff to fix CVE-2021-27229 + "Mumble before 1.3.4 allows remote code execution if a victim navigates + to a crafted URL on a server list and clicks on the Open Webpage text." + This patch only allows "http"/"https" URLs in ConnectDialog + (Closes: #982904) + Thanks to Salvatore Bonaccorso for reporting the bug + and giving links to the fix. + + -- Christopher Knadle Fri, 30 Apr 2021 22:24:25 + + mumble (1.3.0~git20190125.440b173+dfsg-2) unstable; urgency=medium * debian/patches: diff -Nru mumble-1.3.0~git20190125.440b173+dfsg/debian/patches/67-only-http-https-URLs-in-Connect.diff mumble-1.3.0~git20190125.440b173+dfsg/debian/patches/67-only-http-https-URLs-in-Connect.diff --- mumble-1.3.0~git20190125.440b173+dfsg/debian/patches/67-only-http-https-URLs-in-Connect.diff 1970-01-01 00:00:00.0 + +++ mumble-1.3.0~git20190125.440b173+dfsg/debian/patches/67-only-http-https-URLs-in-Connect.diff 2021-03-04 08:44:10.0 + @@ -0,0 +1,61 @@ +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982904 +Last-Updated: 2021-03-04 +From e59ee87abe249f345908c7d568f6879d16bfd648 Mon Sep 17 00:00:00 2001 +From: Davide Beatrici +Date: Fri, 5 Feb 2021 20:01:04 +0100 +Subject: [PATCH] FIX(client): Only allow "http"/"https" for URLs in + ConnectDialog + +Our public server list registration script doesn't have an URL scheme +whitelist for the website field. + +Turns out a malicious server can register itself with a dangerous URL in +an attempt to attack a user's machine. + +User interaction is required, as the URL has to be opened by +right-clicking on the server entry and clicking on "Open Webpage". + +This commit introduces a client-side whitelist, which only allows "http" +and "https" schemes. We will also implement it in our public list. + +In future we should probably add a warning QMessageBox informing the +user that there's no guarantee the URL is safe (regardless of the +scheme). + +Thanks a lot to https://positive.security for reporting the RCE +vulnerability to us privately. +--- + src/mumble/ConnectDialog.cpp | 20 +--- + 1 file changed, 17 insertions(+), 3 deletions(-) + +--- a/src/mumble/ConnectDialog.cpp b/src/mumble/ConnectDialog.cpp +@@ -1259,11 +1259,25 @@ + } + + void ConnectDialog::on_qaUrl_triggered() { +- ServerItem *si = static_cast(qtwServers->currentItem()); +- if (! si || si->qsUrl.isEmpty()) ++ auto *si = static_cast< const ServerItem * >(qtwServers->currentItem()); ++ if (!si || si->qsUrl.isEmpty()) { + return; ++ } + +- QDesktopServices::openUrl(QUrl(si->qsUrl)); ++ const QStringList allowedSchemes = { QLatin1String("http"), QLatin1String("https") }; ++ ++ const auto url = QUrl(si->qsUrl); ++ if (allowedSchemes.contains(url.scheme())) { ++ QDesktopServices::openUrl(url); ++ } else { ++ // Inform user that the requested URL has been blocked ++ QMessageBox msgBox; ++ msgBox.setText(QObject::tr("Blocked URL scheme \"%1\"").arg(url.scheme())); ++ msgBox.setInformativeText(QObject::tr("The URL uses a scheme that has been blocked for security reasons.")); ++ msgBox.setDetailedText(QObject::tr("Blocked URL: \"%1\"").arg(url.toString())); ++ msgBox.setIcon(QMessageBox::Warning); ++ msgBox.exec(); ++ } + } + + void ConnectDialog::onFiltersTriggered(QAction *act) { diff -Nru mumble-1.3.0~git20190125.440b173+dfsg/debian/patches/series mumble-1.3.0~git20190125.440b173+dfsg/debian/patches/series --- mumble-1.3.0~git20190125.440b173+dfsg/debian/patches/series 2019-02-28 16:36:21.0 + +++ mumble-1.3.0~git20190125.440b173+dfsg/debian/patches/series 2021-03-04 08:21:39.0 + @@ -8,3 +8,4 @@ 52-use-update-rc.d-for-disable.diff 60-crossbuild.diff 65-fix-sample-path.diff +67-only-http-https-URLs-in-Connect.diff
Re: Qt and OpenSSL transition metadata in relation to Mumble package
Kurt Roeckx: > On Mon, Mar 21, 2016 at 10:20:43PM +0100, Julien Cristau wrote: >> I don't think dlopen(libssl) vs gcc -lssl makes any difference >> licensing-wise, I suspect either they're both ok or they're both not >> ok... > > I assume the problem is not with Qt itself, but with other > applications making use of Qt. That's my understanding of the situation too, yes. I've been discussing the mumble openssl transition issue with one of the Qt maintainers in #818943. There's a hackish idea of building a tiny dummy Qt application or library that has OpenSSL as a dependency that could be shipped alongside qtnetwork, in order to have part of Qt depend on OpenSSL and thus have it binNMUed for OpenSSL transitions. -- Chris -- Chris Knadle chris.kna...@coredump.us
Re: Qt and OpenSSL transition metadata in relation to Mumble package
Julien Cristau: > On Mon, Mar 21, 2016 at 20:20:22 +0000, Chris Knadle wrote: > >> Julien Cristau: >>> On Sun, Mar 20, 2016 at 01:55:55 +, Chris Knadle wrote: >>> >>>> Emilio Pozuelo Monfort: >>>>> On 19/03/16 19:23, Chris Knadle wrote: >>>>>> Greetings. >>>>>> >>>>>> Executive summary: >>>>>> I'd like to know if there is metadata that can be added to the Qt4 and >>>>>> Qt5 >>>>>> packages (qt4-x11 and qtbase-opensource-src) which will indicate that >>>>>> they >>>>>> need to be binNMUed for OpenSSL transitions at nearly the same time that >>>>>> Mumble gets binNMUed. >>>> [...] >>>>>> Is this possible? >>>>> >>>>> There's no way to express that kind of relationship. Not unless you get >>>>> into >>>>> complex territory which isn't really worth it in this case. Normally >>>>> binNMUs >>>>> are scheduled at the same time, so in theory this shouldn't be such a big >>>>> issue. And it would only affect unstable users, only for a short amount of >>>>> time. >>>> >>>> Ehhh... okay. The last OpenSSL binNMU had an 11-day difference between >>>> Mumble getting rebuilt and qt4-x11 being rebuilt in Sid. That's a short >>>> time in release terms, but a long time in terms of users finding Mumble >>>> broken and waiting for it to be fixed. >>>> >>>> Either way I have my answer. Thank you very much. >>>> >>> What would it take to fix qt to properly link with libssl? >> >> There's an -openssl-linked ./configure option for building Qt with: >> >>https://doc.qt.io/qt-4.8/ssl.html >> >> However it's thought that the -openssl-linked option isn't viable due to >> licensing concerns that would result: >> >>https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804487#147 >> > I don't think dlopen(libssl) vs gcc -lssl makes any difference > licensing-wise, I suspect either they're both ok or they're both not > ok... > > Cheers, > Julien I could try to talk to the maintainers of the Qt packages to see if they know if using -openssl-linked is possible... I've been wanting to talk to them about this for a while anyway. -- Chris -- Chris Knadle chris.kna...@coredump.us
Re: Qt and OpenSSL transition metadata in relation to Mumble package
Julien Cristau: > On Sun, Mar 20, 2016 at 01:55:55 +0000, Chris Knadle wrote: > >> Emilio Pozuelo Monfort: >>> On 19/03/16 19:23, Chris Knadle wrote: >>>> Greetings. >>>> >>>> Executive summary: >>>> I'd like to know if there is metadata that can be added to the Qt4 and Qt5 >>>> packages (qt4-x11 and qtbase-opensource-src) which will indicate that they >>>> need to be binNMUed for OpenSSL transitions at nearly the same time that >>>> Mumble gets binNMUed. >> [...] >>>> Is this possible? >>> >>> There's no way to express that kind of relationship. Not unless you get into >>> complex territory which isn't really worth it in this case. Normally binNMUs >>> are scheduled at the same time, so in theory this shouldn't be such a big >>> issue. And it would only affect unstable users, only for a short amount of >>> time. >> >> Ehhh... okay. The last OpenSSL binNMU had an 11-day difference between >> Mumble getting rebuilt and qt4-x11 being rebuilt in Sid. That's a short >> time in release terms, but a long time in terms of users finding Mumble >> broken and waiting for it to be fixed. >> >> Either way I have my answer. Thank you very much. >> > What would it take to fix qt to properly link with libssl? There's an -openssl-linked ./configure option for building Qt with: https://doc.qt.io/qt-4.8/ssl.html However it's thought that the -openssl-linked option isn't viable due to licensing concerns that would result: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804487#147 Right now Qt5 (qtbase-opensource-src) uses the -openssl ./configure option but not -openssl-linked, Qt4 (qt4-x11) uses neither. Both Qt4 and Qt5 pull in libssl-dev and libssl during the build, FWIW. -- Chris -- Chris Knadle chris.kna...@coredump.us
Re: Qt and OpenSSL transition metadata in relation to Mumble package
Emilio Pozuelo Monfort: > On 19/03/16 19:23, Chris Knadle wrote: >> Greetings. >> >> Executive summary: >> I'd like to know if there is metadata that can be added to the Qt4 and Qt5 >> packages (qt4-x11 and qtbase-opensource-src) which will indicate that they >> need to be binNMUed for OpenSSL transitions at nearly the same time that >> Mumble gets binNMUed. [...] >> Is this possible? > > There's no way to express that kind of relationship. Not unless you get into > complex territory which isn't really worth it in this case. Normally binNMUs > are scheduled at the same time, so in theory this shouldn't be such a big > issue. And it would only affect unstable users, only for a short amount of > time. Ehhh... okay. The last OpenSSL binNMU had an 11-day difference between Mumble getting rebuilt and qt4-x11 being rebuilt in Sid. That's a short time in release terms, but a long time in terms of users finding Mumble broken and waiting for it to be fixed. Either way I have my answer. Thank you very much. -- Chris -- Chris Knadle chris.kna...@coredump.us
Qt and OpenSSL transition metadata in relation to Mumble package
Greetings. Executive summary: I'd like to know if there is metadata that can be added to the Qt4 and Qt5 packages (qt4-x11 and qtbase-opensource-src) which will indicate that they need to be binNMUed for OpenSSL transitions at nearly the same time that Mumble gets binNMUed. More detail: Qt (both 4 and 5) use dlopen() to load libssl/libcrypto libraries [see lines 634-654]: https://github.com/qtproject/qtbase/blob/dev/src/network/ssl/qsslsocket_openssl_symbols.cpp#L624-L727 and as a result during OpenSSL transitions where there's a library rename, two different copies of libssl/libcrypto can get loaded when running Mumble... one version Qt is compiled with, and one version Mumble is compiled with, and they may have ABI differences. This situation is non-trivial and caused Mumble to break (#804363) because the SSL library wasn't getting initialized, and we believe the patch that was used to fix this bug may be initializing both copies of SSL during the transition period, and because of the unknown of what this might cause, Mumble upstream is likely to implement code to disallow Mumble to continue running when two different copies of libssl/libcrypto are loaded: https://github.com/mumble-voip/mumble/pull/2124 We're hoping that there's some way that metadata could be added (somewhere) such that the Qt source packages and Mumble can be binNMUed/rebuilt around the same time for OpenSSL transitions. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804487#97 Is this possible? Thanks much. P.S. Please To/CC me as I'm not on the [debian-release] mailing list. -- Chris -- Chris Knadle chris.kna...@coredump.us
Bug#808901: wheezy-pu: package libssh/0.5.4-1+deb7u1
Adam D. Barratt: > Control: tags -1 + pending > > On 2015-12-27 18:21, Adam D. Barratt wrote: >> Control: tags -1 + confirmed >> >> On 2015-12-24 9:03, Christopher Knadle wrote: >>> I would like to update libssh in Wheezy via a sponsored NMU to fix >>> CVE-2015-3146 and CVE-2015-8132, which are non-DSA security bugs and so >>> would >>> need to be fixed via stable-proposed-updates. I updated libssh in Sid via >>> sponsored NMU for these in Nov 2015. >> >> Please go ahead. > > Uploaded and flagged for acceptance. > > Regards, > > Adam Thank you very much. :) -- Chris -- Chris Knadle chris.kna...@coredump.us
Bug#808890: jessie-pu: package libssh/0.6.3-4
Adam D. Barratt: > Control: tags -1 + pending > > On 2015-12-27 18:15, Adam D. Barratt wrote: >> Control: tags -1 + confirmed >> >> On 2015-12-24 8:44, Chris Knadle wrote: >>> Oops... had trouble with reportbug and the patch I asked to be attached >>> wasn't sent. Attaching. >> >> Please go ahead. > > Uploaded and flagged for acceptance. > > Regards, > > Adam Thank you very much. :) -- Chris -- Chris Knadle chris.kna...@coredump.us
Bug#808890: jessie-pu: package libssh/0.6.3-4
Oops... had trouble with reportbug and the patch I asked to be attached wasn't sent. Attaching. Thanks -- Chris -- Chris Knadle chris.kna...@coredump.us diff -Nru libssh-0.6.3/debian/changelog libssh-0.6.3/debian/changelog --- libssh-0.6.3/debian/changelog 2015-01-26 18:28:06.0 -0500 +++ libssh-0.6.3/debian/changelog 2015-12-04 09:53:48.0 -0500 @@ -1,3 +1,14 @@ +libssh (0.6.3-4+deb8u1) jessie; urgency=medium + + * Non-maintainer upload. + * debian/patches: +- Add 0002_CVE-2015-3146.patch + Fix "null pointer dereference due to a logical error in the handling + of a SSH_MSG_NEWKEYS and KEXDH_REPLY packets" + (Closes: #784404, CVE-2015-3146) + + -- Christopher Knadle <chris.kna...@coredump.us> Mon, 23 Nov 2015 08:43:19 -0500 + libssh (0.6.3-4) unstable; urgency=medium * Add debian/patches/0001_CVE-2014-8132.patch: Fixup error path in diff -Nru libssh-0.6.3/debian/patches/0002_CVE-2015-3146.patch libssh-0.6.3/debian/patches/0002_CVE-2015-3146.patch --- libssh-0.6.3/debian/patches/0002_CVE-2015-3146.patch1969-12-31 19:00:00.0 -0500 +++ libssh-0.6.3/debian/patches/0002_CVE-2015-3146.patch2015-12-04 09:53:32.0 -0500 @@ -0,0 +1,129 @@ +From 94f6955fbaee6fda9385a23e505497efe21f5b4f Mon Sep 17 00:00:00 2001 +From: Aris Adamantiadis <a...@0xbadc0de.be> +Date: Wed, 15 Apr 2015 16:08:37 +0200 +Subject: [PATCH 1/2] CVE-2015-3146: Fix state validation in packet handlers + +The state validation in the packet handlers for SSH_MSG_NEWKEYS and +SSH_MSG_KEXDH_REPLY had a bug which did not raise an error. + +The issue has been found and reported by Mariusz Ziule. + +Signed-off-by: Aris Adamantiadis <a...@0xbadc0de.be> +Reviewed-by: Andreas Schneider <a...@cryptomilk.org> +(cherry picked from commit bf0c7ae0aeb0ebe661d11ea6785fff2cbf4f3dbe) +--- + src/packet_cb.c | 16 ++-- + src/server.c| 8 +--- + 2 files changed, 15 insertions(+), 9 deletions(-) + +diff --git a/src/packet_cb.c b/src/packet_cb.c +index a10dd1a..e6c613f 100644 +--- a/src/packet_cb.c b/src/packet_cb.c +@@ -94,7 +94,7 @@ SSH_PACKET_CALLBACK(ssh_packet_dh_reply){ + (void)type; + (void)user; + SSH_LOG(SSH_LOG_PROTOCOL,"Received SSH_KEXDH_REPLY"); +- if(session->session_state!= SSH_SESSION_STATE_DH && ++ if (session->session_state != SSH_SESSION_STATE_DH || + session->dh_handshake_state != DH_STATE_INIT_SENT){ + ssh_set_error(session,SSH_FATAL,"ssh_packet_dh_reply called in wrong state : %d:%d", + session->session_state,session->dh_handshake_state); +@@ -135,12 +135,16 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){ + (void)user; + (void)type; + SSH_LOG(SSH_LOG_PROTOCOL, "Received SSH_MSG_NEWKEYS"); +- if(session->session_state!= SSH_SESSION_STATE_DH && +- session->dh_handshake_state != DH_STATE_NEWKEYS_SENT){ +- ssh_set_error(session,SSH_FATAL,"ssh_packet_newkeys called in wrong state : %d:%d", +- session->session_state,session->dh_handshake_state); +- goto error; ++ ++ if (session->session_state != SSH_SESSION_STATE_DH || ++ session->dh_handshake_state != DH_STATE_NEWKEYS_SENT) { ++ ssh_set_error(session, ++SSH_FATAL, ++"ssh_packet_newkeys called in wrong state : %d:%d", ++session->session_state,session->dh_handshake_state); ++ goto error; + } ++ + if(session->server){ + /* server things are done in server.c */ + session->dh_handshake_state=DH_STATE_FINISHED; +diff --git a/src/server.c b/src/server.c +index 35281ca..1637cce 100644 +--- a/src/server.c b/src/server.c +@@ -165,7 +165,7 @@ static int ssh_server_kexdh_init(ssh_session session, ssh_buffer packet){ + } + + SSH_PACKET_CALLBACK(ssh_packet_kexdh_init){ +- int rc; ++ int rc = SSH_ERROR; + (void)type; + (void)user; + +@@ -193,9 +193,11 @@ SSH_PACKET_CALLBACK(ssh_packet_kexdh_init){ + ssh_set_error(session,SSH_FATAL,"Wrong kex type in ssh_packet_kexdh_init"); + rc = SSH_ERROR; + } +- if (rc == SSH_ERROR) ++ ++error: ++ if (rc == SSH_ERROR) { + session->session_state = SSH_SESSION_STATE_ERROR; +- error: ++ } + + return SSH_PACKET_USED; + } +-- +2.3.5 + + +From e9d16bd3439205ce7e75017405b1ac6ed5ead062 Mon Sep 17 00:00:00 2001 +From: Aris Adamantiadis <a...@0xbadc0de.be> +Date: Wed, 15 Apr 2015 16:25:29 +0200 +Subject: [PATCH 2/2] buffers: Fix a possible null pointer dereference + +This is an addition to CVE-2015-3146 to fix the null pointer +dereference. The patch is not required to fix the CVE but prevents +issues in future. + +Signed-off-by: Aris Adamantiadis <a...@0xbadc0de.be> +Reviewed-by: Andreas Schneider <a...@cryptomilk.org> +(cherry picked from commit 309102547208281215
Bug#808890: jessie-pu: package libssh/0.6.3-4
After filing #808901 I realize the source of the patch for #808890 is elsewhere than I had originally stated: for the 0.6.x series for CVE-20150-3146 the patch is within upstream tarball libssh-0.6.5.tar.xz: libssh-0.6.5/CVE-2015-3146-libssh-0.6.x.patch Link to tarball: https://red.libssh.org/attachments/download/121/libssh-0.6.5.tar.xz -- Chris -- Chris Knadle chris.kna...@coredump.us
Bug#768139: unblock: mumble/1.2.8-1
On Thu, Nov 06, 2014 at 02:24:20PM +, Adam D. Barratt wrote: On 2014-11-06 2:52, Chris Knadle wrote: On 05.11.14, Adam D. Barratt wrote: Control: tags -1 + moreinfo On Wed, 2014-11-05 at 05:43 -0500, Chris Knadle wrote: mumble_1.2.8-1 contains a bugfix of priority important for allowing installation with pre-allocated user/group and the package has been in Unstable for 6 days without new bugs reported. Additionally 1.2.8-1 is marked as a stable upstream version, where the current 1.2.8~7~g76f6870-2 in Jessie is a snapshot. The differences in code between the versions are small -- I believe it's literrally only two patches incorporated. There's also debian/mumble-server.init | 143 +++ which doesn't appear to be mentioned afaics. *sigh* Thanks for catching this: it wasn't mentioned because I didn't make this change (AFAIK) and was unaware of it concerning this upload; [...] At one time I had accidentily included a debian/mumble-server.init (in a prior version) because it's something upstream includes in their PPA package for Ubuntu so I was testing using the file but had not committed it to git. [...] Other than that, do you have a suggestion as to how I should proceed from here? If it can happen really soon, I'd be happy with an upload that matches what you intended. Okay, a new mumble 1.2.8-2 has been uploaded into Unstable, and I believe it matches what we would all want. I was asked to revert the Standards-Version back to 3.9.5 so this upload is just slightly different from the last debdiff I sent; as such I've attaching a new debdiff and an interdiff against the first debdiff (mumble_1.2.8~7_to_1.2.8-1.diff) that I had started the bug with. The interdiff is just slightly larger than expected because the time zone changed back an hour (-0400 to -0500) since the last upload. Thanks much. -- Chris -- Chris Knadle chris.kna...@coredump.us diffstat for mumble-1.2.8~7~g76f6870 mumble-1.2.8 CHANGES | 42 debian/changelog | 29 debian/control |1 debian/mumble-server.postinst|4 - debian/patches/23-fix-pulseaudio-segfault-pt1.diff | 66 --- debian/patches/24-fix-pulseaudio-segfault-pt2.diff | 48 - debian/patches/25-make-logfiles-readable-by-adm.diff | 15 debian/patches/series|3 src/Version.h|2 src/mumble/PulseAudio.cpp| 26 ++- 10 files changed, 112 insertions(+), 124 deletions(-) diff -Nru mumble-1.2.8~7~g76f6870/CHANGES mumble-1.2.8/CHANGES --- mumble-1.2.8~7~g76f6870/CHANGES 2014-07-04 06:15:44.0 -0400 +++ mumble-1.2.8/CHANGES 2014-08-08 11:51:59.0 -0400 @@ -1,3 +1,36 @@ +2014-08-08 + Mikkel Krautz mik...@krautz.dk +82c483e scripts: modify git2cl.pl to work on the currently checked-out + branch rather than origin/master. + +2014-07-23 + Mikkel Krautz mik...@krautz.dk +0bf4aa3 PulseAudio: don't call pa_stream_drop() for empty + pa_stream_peek(). + +2014-07-20 + Mikkel Krautz mik...@krautz.dk +633f905 PulseAudio: stricter pa_stream_peek() validation. + +2014-07-02 + Mikkel Krautz mik...@krautz.dk +76f6870 PulseAudio: fix access to protected enums in AudioInput and + AudioOutput. +9529651 installer: add the ability to use a custom bzip2 directory in + the Win32 installer. +8609912 installer: fix ability to use a custom OpenSslDir when + building the Win32 installer. + +2014-06-29 + Mikkel Krautz mik...@krautz.dk +196a6f7 Allow building 1.2.x on Windows with + mumble-releng/buildenv/1.2.x/win32 + +2014-06-14 + Mikkel Krautz mik...@krautz.dk +414494d Bump version to 1.2.8 +173ec2b Update changelog + 2014-06-13 Mikkel Krautz mik...@krautz.dk aef3509 Add CA certificate filter to MumbleSSL::addSystemCA() to work @@ -31,6 +64,15 @@ 8323bd4 mumble: allow Log_macx.mm to build against the OS X 10.4 SDK (for universal builds). +2013-08-02 + Mikkel Krautz mik...@krautz.dk +228f844 mumble: fix VoiceRecorderDialog build on Apple clang-500.1.70. + +2013-06-08 + Mikkel Krautz mik...@krautz.dk +9c06ecf bonjour: use Qt::AutoConnection for BonjourServiceResolver's + QSocketNotifier slot. + 2013-06-01 Stefan Hacker d...@users.sourceforge.net 5ff038e Update changelog diff -Nru mumble-1.2.8~7~g76f6870/debian/changelog mumble-1.2.8/debian/changelog --- mumble-1.2.8~7~g76f6870/debian/changelog 2014-07-23 22:32:00.0 -0400 +++ mumble-1.2.8/debian/changelog 2014-11-09 11:10:08.0 -0500 @@ -1,3 +1,32 @@ +mumble (1.2.8-2) unstable; urgency=medium + + * debian/mumble-server.init + - Remove file as it was included accidentily + + -- Christopher Knadle
Bug#768139: unblock: mumble/1.2.8-1
On 06.11.14, Adam D. Barratt wrote: On 2014-11-06 2:52, Chris Knadle wrote: On 05.11.14, Adam D. Barratt wrote: Control: tags -1 + moreinfo On Wed, 2014-11-05 at 05:43 -0500, Chris Knadle wrote: mumble_1.2.8-1 contains a bugfix of priority important for allowing installation with pre-allocated user/group and the package has been in Unstable for 6 days without new bugs reported. Additionally 1.2.8-1 is marked as a stable upstream version, where the current 1.2.8~7~g76f6870-2 in Jessie is a snapshot. The differences in code between the versions are small -- I believe it's literrally only two patches incorporated. There's also debian/mumble-server.init | 143 +++ which doesn't appear to be mentioned afaics. *sigh* Thanks for catching this: it wasn't mentioned because I didn't make this change (AFAIK) and was unaware of it concerning this upload; [...] At one time I had accidentily included a debian/mumble-server.init (in a prior version) because it's something upstream includes in their PPA package for Ubuntu so I was testing using the file but had not committed it to git. [...] Other than that, do you have a suggestion as to how I should proceed from here? If it can happen really soon, I'd be happy with an upload that matches what you intended. Thank you. I've just uploaded mumble 1.2.8-2 to mentors.debian.net and pinged my package sponsor. I've double-checked a debdiff between the downloaded versions between Jessie and the new upload to Mentors -- attached. I made one additional change to bump the Standards-Version to 3.9.6 because no changes were needed. Link to Mentors pacge in case you would like a look: https://mentors.debian.net/package/mumble This took me all night because the backup machine I'm using is experiencing disk corruption, but only when the disk is under load, so once I discovered that I had to be careful how and where I did the work. When lightly loaded such as mounted when running a Knoppix DVD or when doing low-level hard disk checks it shows no errors. Yet every time I attempt to load Jessie, the filesystem is corrupted on it's first use (or doesn't even survive the attempt to load it). :-( It's extremely frustrating. [And for obvious reasons this new upload was built on a different system.] Thanks for your work and for your diligence. -- Chris -- Chris Knadle chris.kna...@coredump.us diff -Nru mumble-1.2.8~7~g76f6870/CHANGES mumble-1.2.8/CHANGES --- mumble-1.2.8~7~g76f6870/CHANGES 2014-07-04 06:15:44.0 -0400 +++ mumble-1.2.8/CHANGES 2014-08-08 11:51:59.0 -0400 @@ -1,3 +1,36 @@ +2014-08-08 + Mikkel Krautz mik...@krautz.dk +82c483e scripts: modify git2cl.pl to work on the currently checked-out + branch rather than origin/master. + +2014-07-23 + Mikkel Krautz mik...@krautz.dk +0bf4aa3 PulseAudio: don't call pa_stream_drop() for empty + pa_stream_peek(). + +2014-07-20 + Mikkel Krautz mik...@krautz.dk +633f905 PulseAudio: stricter pa_stream_peek() validation. + +2014-07-02 + Mikkel Krautz mik...@krautz.dk +76f6870 PulseAudio: fix access to protected enums in AudioInput and + AudioOutput. +9529651 installer: add the ability to use a custom bzip2 directory in + the Win32 installer. +8609912 installer: fix ability to use a custom OpenSslDir when + building the Win32 installer. + +2014-06-29 + Mikkel Krautz mik...@krautz.dk +196a6f7 Allow building 1.2.x on Windows with + mumble-releng/buildenv/1.2.x/win32 + +2014-06-14 + Mikkel Krautz mik...@krautz.dk +414494d Bump version to 1.2.8 +173ec2b Update changelog + 2014-06-13 Mikkel Krautz mik...@krautz.dk aef3509 Add CA certificate filter to MumbleSSL::addSystemCA() to work @@ -31,6 +64,15 @@ 8323bd4 mumble: allow Log_macx.mm to build against the OS X 10.4 SDK (for universal builds). +2013-08-02 + Mikkel Krautz mik...@krautz.dk +228f844 mumble: fix VoiceRecorderDialog build on Apple clang-500.1.70. + +2013-06-08 + Mikkel Krautz mik...@krautz.dk +9c06ecf bonjour: use Qt::AutoConnection for BonjourServiceResolver's + QSocketNotifier slot. + 2013-06-01 Stefan Hacker d...@users.sourceforge.net 5ff038e Update changelog diff -Nru mumble-1.2.8~7~g76f6870/debian/changelog mumble-1.2.8/debian/changelog --- mumble-1.2.8~7~g76f6870/debian/changelog 2014-07-23 22:32:00.0 -0400 +++ mumble-1.2.8/debian/changelog 2014-11-07 04:29:22.0 -0500 @@ -1,3 +1,34 @@ +mumble (1.2.8-2) unstable; urgency=medium + + * debian/mumble-server.init + - Remove file as it was included accidentily + * debian/control: + - Standards-Version updated to 3.9.6 (no changes needed) + + -- Christopher Knadle chris.kna...@coredump.us Fri, 07 Nov 2014 03:40:00 -0500 + +mumble (1.2.8-1) unstable; urgency=medium + + * New upstream stable release from 2014-08-09 + * debian/control: + - Remove uploader Thorvald Natvig thorv
Bug#768139: unblock: mumble/1.2.8-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package mumble mumble_1.2.8-1 contains a bugfix of priority important for allowing installation with pre-allocated user/group and the package has been in Unstable for 6 days without new bugs reported. Additionally 1.2.8-1 is marked as a stable upstream version, where the current 1.2.8~7~g76f6870-2 in Jessie is a snapshot. The differences in code between the versions are small -- I believe it's literrally only two patches incorporated. debdiff attached. I would have uploaded 1.2.8-1 earlier but my laptop had a hardware failure and didn't have other hardware to read the disk. [The Lenovo T61p uses an Nvidia G84 GPU which was misdesigned such that it eventually fails, requiring motherboard replacement.] I and my package sponsor were unaware that the sid-jessie transition time had been extended from 5 to 10 days for October. Thanks much. -- Chris -- Chris Knadle chris.kna...@coredump.us diffstat for mumble-1.2.8~7~g76f6870 mumble-1.2.8 CHANGES | 42 debian/changelog | 22 ++ debian/control |1 debian/mumble-server.postinst|4 - debian/patches/23-fix-pulseaudio-segfault-pt1.diff | 66 --- debian/patches/24-fix-pulseaudio-segfault-pt2.diff | 48 - debian/patches/25-make-logfiles-readable-by-adm.diff | 15 debian/patches/series|3 src/Version.h|2 src/mumble/PulseAudio.cpp| 26 ++- 10 files changed, 105 insertions(+), 124 deletions(-) diff -Nru mumble-1.2.8~7~g76f6870/CHANGES mumble-1.2.8/CHANGES --- mumble-1.2.8~7~g76f6870/CHANGES 2014-07-04 06:15:44.0 -0400 +++ mumble-1.2.8/CHANGES 2014-08-08 11:51:59.0 -0400 @@ -1,3 +1,36 @@ +2014-08-08 + Mikkel Krautz mik...@krautz.dk +82c483e scripts: modify git2cl.pl to work on the currently checked-out + branch rather than origin/master. + +2014-07-23 + Mikkel Krautz mik...@krautz.dk +0bf4aa3 PulseAudio: don't call pa_stream_drop() for empty + pa_stream_peek(). + +2014-07-20 + Mikkel Krautz mik...@krautz.dk +633f905 PulseAudio: stricter pa_stream_peek() validation. + +2014-07-02 + Mikkel Krautz mik...@krautz.dk +76f6870 PulseAudio: fix access to protected enums in AudioInput and + AudioOutput. +9529651 installer: add the ability to use a custom bzip2 directory in + the Win32 installer. +8609912 installer: fix ability to use a custom OpenSslDir when + building the Win32 installer. + +2014-06-29 + Mikkel Krautz mik...@krautz.dk +196a6f7 Allow building 1.2.x on Windows with + mumble-releng/buildenv/1.2.x/win32 + +2014-06-14 + Mikkel Krautz mik...@krautz.dk +414494d Bump version to 1.2.8 +173ec2b Update changelog + 2014-06-13 Mikkel Krautz mik...@krautz.dk aef3509 Add CA certificate filter to MumbleSSL::addSystemCA() to work @@ -31,6 +64,15 @@ 8323bd4 mumble: allow Log_macx.mm to build against the OS X 10.4 SDK (for universal builds). +2013-08-02 + Mikkel Krautz mik...@krautz.dk +228f844 mumble: fix VoiceRecorderDialog build on Apple clang-500.1.70. + +2013-06-08 + Mikkel Krautz mik...@krautz.dk +9c06ecf bonjour: use Qt::AutoConnection for BonjourServiceResolver's + QSocketNotifier slot. + 2013-06-01 Stefan Hacker d...@users.sourceforge.net 5ff038e Update changelog diff -Nru mumble-1.2.8~7~g76f6870/debian/changelog mumble-1.2.8/debian/changelog --- mumble-1.2.8~7~g76f6870/debian/changelog 2014-07-23 22:32:00.0 -0400 +++ mumble-1.2.8/debian/changelog 2014-10-28 15:54:13.0 -0400 @@ -1,3 +1,25 @@ +mumble (1.2.8-1) unstable; urgency=medium + + * New upstream stable release from 2014-08-09 + * debian/control: + - Remove uploader Thorvald Natvig thorv...@debian.org due to +inactivity; thanks very much for your prior contributions. + * debian/patches: + - Remove 23-fix-pulseaudio-segfault-pt1.diff + 24-fix-pulseaudio-segfault-pt2.diff +Both patches incorporated upstream in 1.2.8 + - Add 25-make-logfiles-readable-by-adm.diff to make mumble-server log +files readable by group adm. Closes: #759287 +Thanks to Jan Braun janbr...@gmx.net for reporting the bug and +submitting a patch. + * debian/mumble-server.postinst: + - Add check for existance of mumble-server group entry before creation +of group and user. Closes: #758833 +Thanks to William Martin william.mar...@power-lan.com for reporting +the bug and discussing a fix. + + -- Christopher Knadle chris.kna...@coredump.us Thu, 28 Aug 2014 16:23:17 -0400 + mumble (1.2.8~7~g76f6870-2) unstable; urgency=medium
Bug#768139: unblock: mumble/1.2.8-1
On 05.11.14, Adam D. Barratt wrote: Control: tags -1 + moreinfo On Wed, 2014-11-05 at 05:43 -0500, Chris Knadle wrote: mumble_1.2.8-1 contains a bugfix of priority important for allowing installation with pre-allocated user/group and the package has been in Unstable for 6 days without new bugs reported. Additionally 1.2.8-1 is marked as a stable upstream version, where the current 1.2.8~7~g76f6870-2 in Jessie is a snapshot. The differences in code between the versions are small -- I believe it's literrally only two patches incorporated. There's also debian/mumble-server.init | 143 +++ which doesn't appear to be mentioned afaics. *sigh* Thanks for catching this: it wasn't mentioned because I didn't make this change (AFAIK) and was unaware of it concerning this upload; I believe what I uploaded to mentors.debian.net for 1.2.8-1 was this: ftp://ftp.coredump.us/debian-packages/mumble/mumble-1.2.8/ but I see that indeed the package now in unstable contains this file, and a debdiff between that and the package linked to above shows the debian/mumble-server.init (and no other differences). At one time I had accidentily included a debian/mumble-server.init (in a prior version) because it's something upstream includes in their PPA package for Ubuntu so I was testing using the file but had not committed it to git. I had also configured git-buildpackage with export = WC to export the working copy rather than only what's in git to allow doing a debuild of things I'm not sure I want to commit yet, so the file got included in one of the uploads -- I removed it on the next upload which is why 1.2.8~7~g76f6870-2 in Jessie doesn't contain it. I'll double-check with my package sponsor to see if he has any insight on what happened in this case. Other than that, do you have a suggestion as to how I should proceed from here? debdiff attached. I would have uploaded 1.2.8-1 earlier but my laptop had a hardware failure and didn't have other hardware to read the disk. [The Lenovo T61p uses an Nvidia G84 GPU which was misdesigned such that it eventually fails, requiring motherboard replacement.] I and my package sponsor were unaware that the sid-jessie transition time had been extended from 5 to 10 days for October. Hmmm, it was mentioned on d-d-a five times. Yes I see that (Johnathan -- thanks for the links). Ugh. Sorry I missed this, but now that we've caught an error in thie upload, I'm sort of glad that I did. -- Chris -- Chris Knadle chris.kna...@coredump.us -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141106025217.ga16...@anan7.coredump.us
Bug#760620: wheezy-pu: mumble/1.2.3-349-g315b5f5-2.2+deb7u2
On Wednesday, September 17, 2014 19:07:48 Adam D. Barratt wrote: Control: tags -1 + moreinfo On Sat, 2014-09-06 at 02:02 -0400, Chris Knadle wrote: Dear release team: I'd like to update the Mumble package in Wheezy for the following: For the record, this never made it to debian-release@, most likely due to the size of the diff. Thanks for finding it and having a look. [...] - Add 37-fix-connect-dialog-hang-dee463ef.diff. Closes: #688444 Fix crashing when connecting to a server. According to the bug's metadata, this issue applies to the package in unstable and is not currently fixed there; is that correct? No, it was fixed in unstable some time ago (version 1.2.4-0.1). Thanks for pointing this out -- I'll look through the list of other bugs to see if they also need updating for the metadata. If the unstable package is not affected, please correct the metadata; if it is affected, please resolve the issue there first. I believe I've corrected the metadata; the graph of the versions affected by #688444 look correct now. Thanks. -- Chris -- Chris Knadle chris.kna...@coredump.us -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/2378730.WRm9hRuhnu@trelane
Bug#726165: mumble +b1 with protobuf 2.5.0-9 works
On Wednesday, February 05, 2014 11:49:16 Robert Edmonds wrote: Chris Knadle wrote: On Monday, February 03, 2014 22:25:23 Robert Edmonds wrote: I've uploaded protobuf 2.5.0-8 to experimental, which has the exact same ABI/API as protobuf 2.5.0-5. Can you tell me if the current version of mumble in the archive works with libprotobuf8 2.5.0-8, once it's available at your mirror? (I suspect that it will, but just want to make sure.) Yes, the existing 1.2.4-0.1+b1 in Unstable works with libprotobuf8 2.5.0-8. OK, I've uploaded -9 to unstable. libprotobuf8's .so is byte identical, at least on amd64. Can you check that mumble still works? (I would be surprised if it did not.) Yep, mumble 1.2.4-0.1+b1 works fine with libprotobuf8 2.5.0-9. Thanks. There are other fixes for mumble pending requiring a new upload so I'm glad to have the protobuf transition done. -- Chris -- Chris Knadle chris.kna...@coredump.us -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2729161.Tl8zacaL8u@trelane
Bug#726165: mumble +b1 with protobuf 2.5.0-8 works
On Monday, February 03, 2014 22:25:23 Robert Edmonds wrote: Chris Knadle wrote: On Friday, January 31, 2014 15:18:18 Robert Edmonds wrote: [...] Chris Knadle's input in #737246 makes me believe that the changes in 2.5.0-6 / -7 just aren't correct. I'm thinking we should probably go back to the approach in 2.5.0-5 (though with a fallback atomic implementation for architectures where the default gcc is 4.7). Unfortunately the feedback I gave you about protobuf 2.5.0-6 / -7 turns out to have been wrong; my local cowbuilder had something weird going on. That mumble works when built against protobuf 2.5.0-7 got reported to me in #737223 by Gonéri Le Bouder, with after some efforts was able to replicate with cowbuilder. Hi, Chris: After further investigation, reading upstream bug #351, and commits r409, r410, r413, r414, and r415 [1], I'm not convinced that the changes I made in protobuf 2.5.0-6 / -7 are complete, and in any case I'm now no longer convinced that it's feasible to forward port the once implementation from protobuf = 2.4.1 to later versions. Okay. Yeah I looked at #351 I see what you mean. I've uploaded protobuf 2.5.0-8 to experimental, which has the exact same ABI/API as protobuf 2.5.0-5. Can you tell me if the current version of mumble in the archive works with libprotobuf8 2.5.0-8, once it's available at your mirror? (I suspect that it will, but just want to make sure.) Yes, the existing 1.2.4-0.1+b1 in Unstable works with libprotobuf8 2.5.0-8. I am pretty sure 2.5.0-8 will not work on ia64 or sparc, where the default compiler is gcc-4.6, but it also seems that this problem is not so serious now. Right. Should I file a release.debian.org bug to binNMU mumble? I think this is a problem in the protobuf transition, so #726165 is the right bug for this discussion :-) ;-) Makes sense. That is, with protobuf 2.5.0-8 there should be no additional binNMUs required. If that's the case, I'll upload -8 to unstable as -9, provided it is acceptable to break the architectures with the old gcc-4.6 compiler. I think thats fine concerning mumble. -- Chris -- Chris Knadle chris.kna...@coredump.us -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/10019212.SdvrCvNV5g@trelane
Bug#726165: mumble with protobuf 2.5.0-7 works
On Friday, January 31, 2014 15:18:18 Robert Edmonds wrote: [...] Chris Knadle's input in #737246 makes me believe that the changes in 2.5.0-6 / -7 just aren't correct. I'm thinking we should probably go back to the approach in 2.5.0-5 (though with a fallback atomic implementation for architectures where the default gcc is 4.7). Unfortunately the feedback I gave you about protobuf 2.5.0-6 / -7 turns out to have been wrong; my local cowbuilder had something weird going on. That mumble works when built against protobuf 2.5.0-7 got reported to me in #737223 by Gonéri Le Bouder, with after some efforts was able to replicate with cowbuilder. Should I file a release.debian.org bug to binNMU mumble? -- Chris -- Chris Knadle chris.kna...@coredump.us -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5877870.eFpzdOdMrl@trelane
Bug#693351: RM: kismet/2008-05-R1-4.3
On Wednesday, December 12, 2012 10:18:54, Nick Andrik wrote: 2012/12/12 intrigeri intrig...@debian.org: Hi, Nick Andrik wrote (12 Dec 2012 14:32:35 GMT) : I don't have strong feelings in any case, I don't expect someone to be using this version of the package nowadays. On the other hand, I don't also see the clear benefits from removing it. OK. I think the key question then becomes: as the upcoming maintainer of kismet in Debian, do you want to commit to maintain 2008-05-R1-4.3 in stable once Wheezy is released? (as in: dealing with security issues, fixing RC bugs through stable updates, answering bug reports, etc.) If there are any bugs reported on functionality (which I doubt) then it makes no sense trying to fix the 2008 version. Ubuntu has several SIGSEGV crashes reported on kismet 2008-05-R1-4.3: https://launchpad.net/ubuntu/+source/kismet/+bugs Upstream (Mike Kershaw, who I see at MHVLUG meetings) is frustrated by the fact that this old version of kismet is still being shipped in Ubuntu, because he regularly gets bugs reported to him directly from users that he isn't able to help with because the version is ancient. I'm adding Mike to the list of recipients so that he can have a chance to offer an opinion on whether 2008-06-R1-4.3 should be shipped in Wheezy (and thus shipped for another two years in Debian). It'll be good to get a newer Kismet package in Unstable, since Ubuntu is based on Unstable. All other bugs are OK. BTW, I guess there is no chance to have the new package in wheezy once it gets released, is this correct? To get a new version in it would have had to have been in Unstable before the freeze in June. Around that time I made a newer Kismet package using debhelper v9, but it wasn't ready before the freeze and the package I made still needs a couple of tweaks, which is why I hadn't tried to file an ITA. Nick -- let me know if you'd like to see what I did re: /debian/* files. The main thing that needs tweaking in the package I came up with had to do with the menu shortcut and how to handle access permissions correctly. If we need to fix anything then I will have to keep different branches, i.e. one for stable and one for testing, right? Maybe. There will be different package versions, but branches implies using a version control system which isn't a requirement AFAIK. -- Chris -- Chris Knadle chris.kna...@coredump.us signature.asc Description: This is a digitally signed message part.
Re: Bug#693351: RM: kismet/2008-05-R1-4.3
be to use backports.debian.org for having an upgraded package for Stable available, which could thus stick with the packages in Stable as much as possible, and thus continue to get security updates. -- Chris -- Chris Knadle chris.kna...@coredump.us signature.asc Description: This is a digitally signed message part.
Bug#691098: unblock: mumble/1.2.3-349-g315b5f5-2.1 [pre-approval request]
On Monday, October 22, 2012 07:39:24, Julien Cristau wrote: On Mon, Oct 22, 2012 at 13:35:09 +0200, gregor herrmann wrote: On Mon, 22 Oct 2012 12:30:34 +0200, Julien Cristau wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock I'd like to request a pre-approval for a future unblock of a not-yet-uploaded NMU of mumble. IMO the package needs to be in sid before we consider it. Thanks for your quick reply! I was under the impression that the release team prefers to assess the situation before an upload in more complicated situations, but I'm happy to upload the NMU to a DELAYED queue later today. I guess I don't consider this a complicated situation. Either the new version is ok, or we release without mumble. Neither the current version in sid nor the current version in wheezy are suitable anyway, AIUI. That's correct. The 348-1 currently in Wheezy will not build due to library changes in Wheezy, and the 349-2 in Sid cannot communicate with the existing Mumble userbase. Thanks much. -- Chris -- Chris Knadle chris.kna...@coredump.us signature.asc Description: This is a digitally signed message part.
patches for fixing RC bug, intent to upload NMU
tags 675971 patch thanks Greetings. CCing the tech-ctte and release-team, as the intent is to coordinate with both for approval to upload this NMU. Ron, I tried contacting you about a month ago but I haven't heard back from you since the TC decision on Aug 30th. I tried contacting Thorvald (the only other uploader) in early Sept (he is very busy so I knew this was a long shot) and he replied that he wanted a few days to try to contact you, but I haven't heard back from him since then either. I contacted Gregor Hermann and with his help we created a minimal diff for a new upload targeted for Wheezy, as requested in TC #682010. I'm posting it here to give you a chance to review it if you wish. Unless you wish to discuss it, this will be uploaded soon to a DELAYED/XX queue at which time there will be an additional notification posted here. Three patches attached: mumble-celt.diff-- the fix for #675971 mumble-349-rules.diff -- (optional) fix debian/rules to remove the Ice/ directory in the 'clean' target to allow repeat building mumble-349-defuzz.diff -- (optional) Removes fuzz from two quilt patches in the current package Thanks. -- Chris -- Chris Knadle chris.kna...@coredump.us diff -Nru mumble-1.2.3-349-g315b5f5/debian/changelog mumble-1.2.3-349-g315b5f5/debian/changelog --- mumble-1.2.3-349-g315b5f5/debian/changelog 2012-07-08 13:42:05.0 -0400 +++ mumble-1.2.3-349-g315b5f5/debian/changelog 2012-10-04 21:03:18.0 -0400 @@ -1,3 +1,31 @@ +mumble (1.2.3-349-g315b5f5-2.1) unstable; urgency=low + + * Non-maintainer upload. + * Fix Cannot communicate with the vast majority of Mumble servers due +to lack of required baseline codec: +re-enable using the bundled celt library: + debian/patches/series: + - add 07-use-embedded-celt-baseline patch + debian/patches/07-use-embedded-celt-baseline: + - build Celt 0.7.1 and not 0.11.0 + debian/mumble.install: + - ship Celt 0.7.1 library from the embedded source + debian/rules: + - re-enable Celt using the bundled 0.7.1 version + debian/patches/20-add-opus-threshold-option: + - fix src/murmur/Meta.cpp to set default iOpusThreshold=100 to only + switch from Celt to Opus if 100% of connected clients support Opus + (instead of 1%) + - fix murmur.ini example for opusthreshold option to =100 + (instead of =1) + - add #opusthreshold=100 comments to murmur.ini.system (shipped as + etc/mumble-server.ini) to match murmur.ini example +Closes: #675971. +This implements the TC decision in #682010. +[Thanks to Gregor Hermann for his help and guidance.] + + -- Christopher Knadle chris.kna...@coredump.us Thu, 04 Oct 2012 11:45:05 -0400 + mumble (1.2.3-349-g315b5f5-2) unstable; urgency=low * Drop the hard dep on boost-1.46, that's been removed now. Closes: #678759 diff -Nru mumble-1.2.3-349-g315b5f5/debian/mumble.install mumble-1.2.3-349-g315b5f5/debian/mumble.install --- mumble-1.2.3-349-g315b5f5/debian/mumble.install 2012-07-08 13:42:05.0 -0400 +++ mumble-1.2.3-349-g315b5f5/debian/mumble.install 2012-10-04 21:02:08.0 -0400 @@ -1,6 +1,6 @@ release/mumble usr/bin/ release/libmumble.so* usr/lib/mumble/ -#release/libcelt0.so.?.?.? usr/lib/mumble/ +release/libcelt0.so.?.?.? usr/lib/mumble/ release/plugins/lib*.so usr/lib/mumble/ icons/mumble.xpm usr/share/pixmaps/ icons/mumble.svg usr/share/icons/hicolor/scalable/apps/ diff -Nru mumble-1.2.3-349-g315b5f5/debian/patches/07-use-embedded-celt-baseline mumble-1.2.3-349-g315b5f5/debian/patches/07-use-embedded-celt-baseline --- mumble-1.2.3-349-g315b5f5/debian/patches/07-use-embedded-celt-baseline 1969-12-31 19:00:00.0 -0500 +++ mumble-1.2.3-349-g315b5f5/debian/patches/07-use-embedded-celt-baseline 2012-10-04 21:02:08.0 -0400 @@ -0,0 +1,13 @@ +# build and bundle in only celt 0.7.1 if celt is embedded +--- a/main.pro b/main.pro +@@ -12,7 +12,8 @@ + SUBDIRS *= speexbuild + } + !CONFIG(no-bundled-celt) { +-SUBDIRS *= celt-0.7.0-build celt-0.11.0-build ++SUBDIRS *= celt-0.7.0-build ++SUBDIRS -= celt-0.11.0-build + } + + CONFIG(opus) { diff -Nru mumble-1.2.3-349-g315b5f5/debian/patches/20-add-opus-threshold-option mumble-1.2.3-349-g315b5f5/debian/patches/20-add-opus-threshold-option --- mumble-1.2.3-349-g315b5f5/debian/patches/20-add-opus-threshold-option 2012-07-08 13:42:05.0 -0400 +++ mumble-1.2.3-349-g315b5f5/debian/patches/20-add-opus-threshold-option 2012-10-04 21:02:08.0 -0400 @@ -8,7 +8,7 @@ +# Amount of users with Opus support needed to force Opus usage, in percent. +# 0 = Always enable Opus, 100 = enable Opus if it's supported by all clients. -+#opusthreshold=1 ++#opusthreshold=100 + # Regular expression used to validate channel names # (note that you
Re: mumble and celt, #682010, TC
On Thursday, July 19, 2012 12:56:05, Neil McGovern wrote: [resent... signed this time. Again] On Thu, Jul 19, 2012 at 05:45:27PM +0100, Ian Jackson wrote: * That the package is likely to be able to communicate with non-debian derived distributions. The information we seem to be getting is that it is indeed likely that the mumble we have will be able to do so, because mumble upstream have somehow nominated or blessed 0.7.1. The above may, or may not conflict with: * If we cannot find a maintainer for celt who looks like they'll be able to handle it for the lifetime of wheezy then we need to allow the current mumble (and perhaps other rdepends) in sid to propagate and will then be able to remove celt from wheezy. I would be concerned if the mumble client in wheezy isn't able to call non-debian derived mumble servers. I just did additional testing and using the version of Mumble from Wheezy (along with libcelt0-0) I'm able to get server loopback working on public servers that report versions of: 1.2.3 (Win) Protocol 1.2.3 (FreeBSD 8.0-RELEASE) Protocol 1.2.3. (Linux 2.6.38.6-nfo) Protocol 1.2.4 (Fedora release 14) Protocol 1.2.3 (Gentoo Base System release 2.0.3) -- Chris -- Chris Knadle chris.kna...@coredump.us GPG Key: 4096R/0x1E759A726A9FDD74 signature.asc Description: This is a digitally signed message part.