Bug#1043599: transition: libunistring
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Control: affects -1 + src:libunistring Control: forwarded -1 https://release.debian.org/transitions/html/auto-libunistring.html Control: block -1 by 1026820 Hello, I'm looking for the transition from libunistring2 to libunistring5 due to an upstream SONAME bump in the new release. The build of the reverse-dependency fails with clisp. The corresponding ftbfs bug #1026820 was opened on December 21, 2022 and today the severity was raised to serious. The build of the other packages from testing for the reverse dependencies are ok: - boxes ok - gettext ok - gss-ntlmssp ok - guile-2.2 ok - guile-3.0 ok - libidn2 ok - libpodofo ok - libratbag ok - lxhotkey ok - rygel ok - termdebug ok - wcd ok - gnutls28 ok - libpsl ok - libt3window ok - gnunet ok - libt3widget ok - mailutils ok - sssd ok - tilde ok Ben file: Affected: .depends ~ /\b(libunistring5|libunistring2)\b/ Good: .depends ~ /\b(libunistring5)\b/ Bad: .depends ~ /\b(libunistring2)\b/ CU Jörg -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Jörg Frings-Fürst D-54470 Lieser git: https://git.jff.email/cgit/ Skype:jff-skype@jff.email Jami: joergfringsfuerst Telegram: @joergfringsfuerst Matrix: @joergff:matrix.snct-gmbh.de My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#988578: unblock: dmidecode/3.3-2
tags 988578 - moreinfo thanks Hello Sebastian, dmidecode is now in unstable. CU Jörg Am Mittwoch, dem 19.05.2021 um 20:28 +0200 schrieb Sebastian Ramacher: > Control: tags -1 moreinfo confirmed > > On 2021-05-17 19:04:20 +0200, Jörg Frings-Fürst wrote: > > Control: tags 988578 - moreinfo > > thanks > > > > > > Hello Sebastian, > > > > thanks for your review. I have revert the remove of unused patches. > > Again, please remove the moreinfo tag once the new version is > available > in unstable. > > Cheers > > > > > The new debdiff is attached. > > > > CU > > Jörg > > > > -- > > New: > > GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D > > GPG key (long) : 09F89F3C8CA1D25D > > GPG Key : 8CA1D25D > > CAcert Key S/N : 0E:D4:56 > > > > Old pgp Key: BE581B6E (revoked since 2014-12-31). > > > > Jörg Frings-Fürst > > D-54470 Lieser > > > > > > git: https://jff.email/cgit/ > > > > Threema: SYR8SJXB > > Wire: @joergfringsfuerst > > Skype: joergpenguin > > Ring: jff > > Telegram: @joergfringsfuerst > > > > > > My wish list: > > - Please send me a picture from the nature at your home. > > > > > > Am Sonntag, dem 16.05.2021 um 14:56 +0200 schrieb Sebastian > > Ramacher: > > > Control: tags -1 moreinfo > > > > > > On 2021-05-16 10:01:26, Jörg Frings-Fürst wrote: > > > > Package: release.debian.org > > > > Severity: normal > > > > User: release.debian@packages.debian.org > > > > Usertags: unblock > > > > X-Debbugs-Cc: Adrian Bunk > > > > > > > > Please unblock package dmidecode > > > > > > > > [ Reason ] > > > > This release fixes the bug that causes a segmentation fault > > > > (Debian > > > > Bug > > > > #987033). > > > > > > > > [ Impact ] > > > > Dmidecode terminates with a segmentation fault when certain > > > > parameters are > > > > used. > > > > > > > > [ Tests ] > > > > Before the fix dmidecode -u fails. > > > > After the fix, dmidecode -u runs as expected. > > > > > > > > [ Risks ] > > > > The changes aree trival. > > > > > > > > [ Checklist ] > > > > [X] all changes are documented in the d/changelog > > > > [X] I reviewed all changes and I approve them > > > > [X] attach debdiff against the package in testing > > > > > > > > [ Other info ] > > > > I ask about the unblock after a hint from Adrian Bunk. > > > > > > > > > > > > unblock dmidecode/3.3-2 > > > > > > > diff -Nru dmidecode-3.3/debian/changelog dmidecode- > > > > 3.3/debian/changelog > > > > --- dmidecode-3.3/debian/changelog 2020-10-17 > > > > 10:31:23.0 +0200 > > > > +++ dmidecode-3.3/debian/changelog 2021-05-07 > > > > 09:13:05.0 +0200 > > > > @@ -1,3 +1,15 @@ > > > > +dmidecode (3.3-2) unstable; urgency=medium > > > > + > > > > + * Add upstream recommended patches (Closes: #987033): > > > > + - New debian/patches/0145- > > > > Fix_condition_error_in_ascii_filter.patch. > > > > + - New debian/patches/0150-Fix_crash.patch. > > > > + * Declare compliance with Debian Policy 4.5.1 (No changes > > > > needed). > > > > + * debian/copyright: > > > > + - Add year 2021 to myself. > > > > + * Remove longer not used patches. > > > > > > I'd prefer an upload without the additional noise. > > > > > > Please remove the moreinfo tag once the new version is available > > > in > > > unstable. > > > > > > Cheers > > > > > [...] > > > > > > > diff -Nru dmidecode-3.3/debian/changelog dmidecode- > > 3.3/debian/changelog > > --- dmidecode-3.3/debian/changelog 2020-10-17 > > 10:31:23.0 +0200 > > +++ dmidecode-3.3/debian/changelog 2021-05-17 > > 18:53:43.0 +0200 > > @@ -1,3 +1,14 @@ > > +dmidecode (3.3-2) unstable; urgency=medium > > + > > + * Add upstream recommended patches (Closes: #987033): > > + - New debian/patches/0145- > > Fix_condition_error_in_ascii_filter.patch. > > + - New debian/pa
Bug#988578: unblock: dmidecode/3.3-2
Control: tags 988578 - moreinfo thanks Hello Sebastian, thanks for your review. I have revert the remove of unused patches. The new debdiff is attached. CU Jörg -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54470 Lieser git: https://jff.email/cgit/ Threema: SYR8SJXB Wire: @joergfringsfuerst Skype: joergpenguin Ring: jff Telegram: @joergfringsfuerst My wish list: - Please send me a picture from the nature at your home. Am Sonntag, dem 16.05.2021 um 14:56 +0200 schrieb Sebastian Ramacher: > Control: tags -1 moreinfo > > On 2021-05-16 10:01:26, Jörg Frings-Fürst wrote: > > Package: release.debian.org > > Severity: normal > > User: release.debian@packages.debian.org > > Usertags: unblock > > X-Debbugs-Cc: Adrian Bunk > > > > Please unblock package dmidecode > > > > [ Reason ] > > This release fixes the bug that causes a segmentation fault (Debian > > Bug > > #987033). > > > > [ Impact ] > > Dmidecode terminates with a segmentation fault when certain > > parameters are > > used. > > > > [ Tests ] > > Before the fix dmidecode -u fails. > > After the fix, dmidecode -u runs as expected. > > > > [ Risks ] > > The changes aree trival. > > > > [ Checklist ] > > [X] all changes are documented in the d/changelog > > [X] I reviewed all changes and I approve them > > [X] attach debdiff against the package in testing > > > > [ Other info ] > > I ask about the unblock after a hint from Adrian Bunk. > > > > > > unblock dmidecode/3.3-2 > > > diff -Nru dmidecode-3.3/debian/changelog dmidecode- > > 3.3/debian/changelog > > --- dmidecode-3.3/debian/changelog 2020-10-17 > > 10:31:23.0 +0200 > > +++ dmidecode-3.3/debian/changelog 2021-05-07 > > 09:13:05.0 +0200 > > @@ -1,3 +1,15 @@ > > +dmidecode (3.3-2) unstable; urgency=medium > > + > > + * Add upstream recommended patches (Closes: #987033): > > + - New debian/patches/0145- > > Fix_condition_error_in_ascii_filter.patch. > > + - New debian/patches/0150-Fix_crash.patch. > > + * Declare compliance with Debian Policy 4.5.1 (No changes > > needed). > > + * debian/copyright: > > + - Add year 2021 to myself. > > + * Remove longer not used patches. > > I'd prefer an upload without the additional noise. > > Please remove the moreinfo tag once the new version is available in > unstable. > > Cheers > [...] diff -Nru dmidecode-3.3/debian/changelog dmidecode-3.3/debian/changelog --- dmidecode-3.3/debian/changelog 2020-10-17 10:31:23.0 +0200 +++ dmidecode-3.3/debian/changelog 2021-05-17 18:53:43.0 +0200 @@ -1,3 +1,14 @@ +dmidecode (3.3-2) unstable; urgency=medium + + * Add upstream recommended patches (Closes: #987033): +- New debian/patches/0145-Fix_condition_error_in_ascii_filter.patch. +- New debian/patches/0150-Fix_crash.patch. + * Declare compliance with Debian Policy 4.5.1 (No changes needed). + * debian/copyright: +- Add year 2021 to myself. + + -- Jörg Frings-Fürst Mon, 17 May 2021 18:53:43 +0200 + dmidecode (3.3-1) unstable; urgency=medium * New upstream release. diff -Nru dmidecode-3.3/debian/control dmidecode-3.3/debian/control --- dmidecode-3.3/debian/control 2020-10-17 09:58:18.0 +0200 +++ dmidecode-3.3/debian/control 2021-05-07 08:54:34.0 +0200 @@ -3,7 +3,7 @@ Priority: optional Maintainer: Jörg Frings-Fürst Build-Depends: debhelper-compat (= 13) -Standards-Version: 4.5.0 +Standards-Version: 4.5.1 Rules-Requires-Root: no Vcs-Git: git://jff.email/opt/git/dmidecode.git Vcs-Browser: https://jff.email/cgit/dmidecode.git/ diff -Nru dmidecode-3.3/debian/copyright dmidecode-3.3/debian/copyright --- dmidecode-3.3/debian/copyright 2020-10-17 10:14:51.0 +0200 +++ dmidecode-3.3/debian/copyright 2021-05-07 08:56:16.0 +0200 @@ -13,7 +13,7 @@ Files: debian/* Copyright: 2003-2007 Petter Reinholdtsen 2011-2012 Daniel Baumann - 2014-2020 Jörg Frings-Fürst + 2014-2021 Jörg Frings-Fürst License: GPL-2+ License: GPL-2+ diff -Nru dmidecode-3.3/debian/patches/0145-Fix_condition_error_in_ascii_filter.patch dmidecode-3.3/debian/patches/0145-Fix_condition_error_in_ascii_filter.patch --- dmidecode-3.3/debian/patches/0145-Fix_condition_error_in_ascii_filter.patch 1970-01-01 01:00:00.0 +0100 +++ dmidecode-3.3/debian/patches/0145-Fix_condition_error_in_ascii_filter.patch 2021-05-07 08:41:39.0 +0200 @@ -0,0 +1,18 @@ +Description: Fix the con
Bug#988578: unblock: dmidecode/3.3-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: Adrian Bunk Please unblock package dmidecode [ Reason ] This release fixes the bug that causes a segmentation fault (Debian Bug #987033). [ Impact ] Dmidecode terminates with a segmentation fault when certain parameters are used. [ Tests ] Before the fix dmidecode -u fails. After the fix, dmidecode -u runs as expected. [ Risks ] The changes aree trival. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing [ Other info ] I ask about the unblock after a hint from Adrian Bunk. unblock dmidecode/3.3-2 diff -Nru dmidecode-3.3/debian/changelog dmidecode-3.3/debian/changelog --- dmidecode-3.3/debian/changelog 2020-10-17 10:31:23.0 +0200 +++ dmidecode-3.3/debian/changelog 2021-05-07 09:13:05.0 +0200 @@ -1,3 +1,15 @@ +dmidecode (3.3-2) unstable; urgency=medium + + * Add upstream recommended patches (Closes: #987033): +- New debian/patches/0145-Fix_condition_error_in_ascii_filter.patch. +- New debian/patches/0150-Fix_crash.patch. + * Declare compliance with Debian Policy 4.5.1 (No changes needed). + * debian/copyright: +- Add year 2021 to myself. + * Remove longer not used patches. + + -- Jörg Frings-Fürst Fri, 07 May 2021 09:13:05 +0200 + dmidecode (3.3-1) unstable; urgency=medium * New upstream release. diff -Nru dmidecode-3.3/debian/control dmidecode-3.3/debian/control --- dmidecode-3.3/debian/control2020-10-17 09:58:18.0 +0200 +++ dmidecode-3.3/debian/control2021-05-07 08:54:34.0 +0200 @@ -3,7 +3,7 @@ Priority: optional Maintainer: Jörg Frings-Fürst Build-Depends: debhelper-compat (= 13) -Standards-Version: 4.5.0 +Standards-Version: 4.5.1 Rules-Requires-Root: no Vcs-Git: git://jff.email/opt/git/dmidecode.git Vcs-Browser: https://jff.email/cgit/dmidecode.git/ diff -Nru dmidecode-3.3/debian/copyright dmidecode-3.3/debian/copyright --- dmidecode-3.3/debian/copyright 2020-10-17 10:14:51.0 +0200 +++ dmidecode-3.3/debian/copyright 2021-05-07 08:56:16.0 +0200 @@ -13,7 +13,7 @@ Files: debian/* Copyright: 2003-2007 Petter Reinholdtsen 2011-2012 Daniel Baumann - 2014-2020 Jörg Frings-Fürst + 2014-2021 Jörg Frings-Fürst License: GPL-2+ License: GPL-2+ diff -Nru dmidecode-3.3/debian/patches/0005-build.patch dmidecode-3.3/debian/patches/0005-build.patch --- dmidecode-3.3/debian/patches/0005-build.patch 2015-09-28 12:36:46.0 +0200 +++ dmidecode-3.3/debian/patches/0005-build.patch 1970-01-01 01:00:00.0 +0100 @@ -1,25 +0,0 @@ -Author: Daniel Baumann -Description: Avoid overwriting build environment rather than to just extend it. - -Index: trunk/Makefile -=== trunk.orig/Makefile -+++ trunk/Makefile -@@ -13,7 +13,7 @@ - # - - CC = gcc --CFLAGS = -W -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual \ -+CFLAGS += -W -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual \ - -Wcast-align -Wwrite-strings -Wmissing-prototypes -Winline -Wundef - - # Let lseek and mmap support 64-bit wide offsets -@@ -27,7 +27,7 @@ CFLAGS += -O2 - #CFLAGS += -g - - # Pass linker flags here --LDFLAGS = -+#LDFLAGS = - - DESTDIR = - prefix = /usr/local diff -Nru dmidecode-3.3/debian/patches/0105-dmidecode-avoid-sigbus.patch dmidecode-3.3/debian/patches/0105-dmidecode-avoid-sigbus.patch --- dmidecode-3.3/debian/patches/0105-dmidecode-avoid-sigbus.patch 2015-10-01 06:33:47.0 +0200 +++ dmidecode-3.3/debian/patches/0105-dmidecode-avoid-sigbus.patch 1970-01-01 01:00:00.0 +0100 @@ -1,50 +0,0 @@ -Description: Avoid SIGBUS on mmap failure - mmap will fail with SIGBUS if trying to map a non-existent portion of - a file. While this should never happen with /dev/mem, it can happen if - passing a regular file with option -d. While people should no longer - do that, failure gracefully seems better than crashing. So check for - the file size before calling mmap. -Author: Jean Delvare -Origin: https://savannah.nongnu.org/bugs/download.php?file_id=35008 -Bug: https://savannah.nongnu.org/bugs/index.php?46066 -Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796963 -Last-Update: 2015-10-01 - -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ dmidecode.orig/util.c 2015-09-29 11:27:02.136566009 +0200 -+++ dmidecode/util.c 2015-09-29 11:37:24.746191083 +0200 -@@ -152,6 +152,7 @@ void *mem_chunk(off_t base, size_t len, - void *p; - int fd; - #ifdef USE_MMAP -+ struct stat statbuf; - off_t mmoffset; - void *mmp; - #endif -@@ -169,6 +170,26 @@ void *mem_chunk(off_t base, size_t len, - } - - #ifdef USE_MMAP -+ if (fstat(fd, ) == -1
Bug#977028: buster-pu: package sane-backends/1.0.27-3.2
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu [ Reason ] The udev rule to change the owner/group of usb scanners are not included. [ Impact ] Scanner working only as root [ Risks ] Trivial. The same rule are included in older sane-backends releases. The same rule is working in bullseye [ Checklist ] [X] *all* changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in stable [X] the issue is verified as fixed in unstable [ Changes ] * Fix missing udev rules (Closes: #941038) - New debian/99-libsane.rules. -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.9.0-4-amd64 (SMP w/6 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash diff -Nru sane-backends-1.0.27/debian/99-libsane.rules sane-backends-1.0.27/debian/99-libsane.rules --- sane-backends-1.0.27/debian/99-libsane.rules1970-01-01 01:00:00.0 +0100 +++ sane-backends-1.0.27/debian/99-libsane.rules2019-04-27 17:25:19.0 +0200 @@ -0,0 +1,2 @@ + +ENV{libsane_matched}=="yes", RUN+="/bin/setfacl -m g:scanner:rw $env{DEVNAME}" diff -Nru sane-backends-1.0.27/debian/changelog sane-backends-1.0.27/debian/changelog --- sane-backends-1.0.27/debian/changelog 2019-03-23 17:38:37.0 +0100 +++ sane-backends-1.0.27/debian/changelog 2020-12-09 18:53:35.0 +0100 @@ -1,3 +1,10 @@ +sane-backends (1.0.27-3.2+deb10u1) buster; urgency=medium + + * Fix missing udev rules (Closes: #941038) +- New debian/99-libsane.rules. + + -- Jörg Frings-Fürst Wed, 09 Dec 2020 18:53:35 +0100 + sane-backends (1.0.27-3.2) unstable; urgency=medium * Non-maintainer upload. diff -Nru sane-backends-1.0.27/debian/libsane.install sane-backends-1.0.27/debian/libsane.install --- sane-backends-1.0.27/debian/libsane.install 2018-11-02 18:13:02.0 +0100 +++ sane-backends-1.0.27/debian/libsane.install 2019-10-02 08:15:37.0 +0200 @@ -1,2 +1,3 @@ usr/lib/*/*.so.* usr/lib/*/sane/*.so.* +debian/99-libsane.rules /lib/udev/rules.d/
Bug#971757: transition: libhx
Hello Sebastian, Am Dienstag, den 06.10.2020, 17:49 +0200 schrieb Sebastian Ramacher: > Control: forwarded -1 > https://release.debian.org/transitions/html/auto-libhx.html > Control: tags -1 + moreinfo > > Hi Jörg > > On 2020-10-06 17:33:21, Jörg Frings-Fürst wrote: > > Package: release.debian.org > > Severity: normal > > User: release.debian@packages.debian.org > > Usertags: transition > > > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA512 > > > > Hello, > > > > upstream has changed the SONAME from libHX.so.28 to libHX.so.32. > > Therefore I bump the library package name to libhx32. > > Why does libhx32 have a Break+Replaces relationship with libhx28? > libhx32 does not provide any files from libhx28. > Sorry, that's my mistake. I followed https://wiki.debian.org/PackageTransition #5. But this is only correct if a transitional package is available. The Break+Replaces are removed. I will upload the package into mentors today. > Cheers > CU Jörg > > Compiling the dependent programs against the > > new library was without errors: > > > > - hxtools > > - libpam-mount > > > > > > Only the package > > > > - kopanocore > > > > has an FTBFS (see bug #969297: FTBFS: undefined reference to symbol > > 'pthread_join@@GLIBC_2.2.5'). > > This bug is not caused by libhx. > > > > > > > > Ben file: > > > > title = "libhx"; > > is_affected = .depends ~ "libhx28" | .depends ~ "libhx32"; > > is_good = .depends ~ "libhx32"; > > is_bad = .depends ~ "libhx28"; > > > > > > CU > > Jörg > > > > > > > > -- System Information: > > Debian Release: bullseye/sid > > APT prefers testing > > APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental') > > Architecture: amd64 (x86_64) > > Foreign Architectures: i386 > > > > Kernel: Linux 5.8.0-2-amd64 (SMP w/6 CPU threads) > > Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, > > TAINT_UNSIGNED_MODULE > > Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE > > not set > > Shell: /bin/sh linked to /bin/dash > > Init: systemd (via /run/systemd/system) > > LSM: AppArmor: enabled > > -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54470 Lieser git: https://jff.email/cgit/ Threema: SYR8SJXB Wire: @joergfringsfuerst Skype:joergpenguin Ring: jff Telegram: @joergfringsfuerst My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#971757: transition: libhx
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, upstream has changed the SONAME from libHX.so.28 to libHX.so.32. Therefore I bump the library package name to libhx32. Compiling the dependent programs against the new library was without errors: - - hxtools - - libpam-mount Only the package - - kopanocore has an FTBFS (see bug #969297: FTBFS: undefined reference to symbol 'pthread_join@@GLIBC_2.2.5'). This bug is not caused by libhx. Ben file: title = "libhx"; is_affected = .depends ~ "libhx28" | .depends ~ "libhx32"; is_good = .depends ~ "libhx32"; is_bad = .depends ~ "libhx28"; CU Jörg - -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.8.0-2-amd64 (SMP w/6 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAl98jkEACgkQCfifPIyh 0l2xKhAApPWW30PuDvopESMpfttWLP8EkfLgl8ppTP5WTDhC9HFzMLdbCykmk2zp 9crirCNjKmTSj7d0lkTPqWveBKnFn1fNDfpyjFduw6HgIqC9Fiyj54UYmFXsU0iu 4ymuh8FrhYiVUKpmZpPCBAlnPCfUT6ugmHKpSw4TZXNBvAA1R5VnVN8X5NaIa0/O AfpCi1m74KCe7L2KFiynFgkpulXUvErOXU8KcltjiFBQKgUspBoIgC/FzajhW0VV Dgvjq//IQ4kJn74ukS+GdSBrRUSia8h29mYhszQ6hjtqFpJl3FlpnqcwZlLCyNh6 xgxTDymRGuLibVe5o/ivMfV0+xXlJmlH5L8LkBKzMVNbgeCBCWPw9C/oRdgR9zkg tOZUACdfs2LM4W7xPZ8b8YSEpQP5wCmW1pL8tFkVFOD8ceoJa+MNEVyuOAQHLp1J gQ/af8qNJS1UUcdvzmZJil1Ezspg20abGWMIeadIMmNZyPo1DpkWbCsMU+71C1a+ lLsSYk+fvtVKNBnD21+zmBMWFstFrJ7SZqp7uMLdOJETkBPcGv66W3HkAEn0Wo3V sG1S/NjOHh9WCyjOXSIQHSFg++z0di9vwN/nNX2zynlXP4+AVHC4FlJ9BLEh+Gok LYjqc5dWP+Cojy6zMEDvizI5wgje+wIRmzUMAl2NDgUelm80kMc= =ww3q -END PGP SIGNATURE-
Bug#971349: nmu: colord,gimagereader,haskell-bindings-sane,hplip,libimage-sane-perl,libinsane,libkf5sane,libreoffice,pike8.0,pillow-sane,sane-airscan,sane-frontends,scanbd,simple-scan,wine,xsane
Hello Sebastian, Am Sonntag, den 04.10.2020, 16:39 +0200 schrieb Sebastian Ramacher: > Control: tags -1 + moreinfo > > On 2020-09-29 08:36:46 +0200, Jörg Frings-Fürst wrote: > > Package: release.debian.org > > User: release.debian@packages.debian.org > > Usertags: binnmu > > Severity: normal > > > > Hello, > > > > please rebuild the following packages to use the new lib after rename > > libsane to > > libsane1. > > > > > > nmu colord_1.4.4-2 . ANY . -m 'Rebuild against new libsane1.' > > nmu gimagereader_3.3.1-1 . ANY . -m 'Rebuild against new libsane1.' > > nmu hplip_3.20.5+dfsg0-3 . ANY . -m 'Rebuild against new libsane1.' > > nmu haskell-bindings-sane_0.0.1-13 . ANY . -m 'Rebuild against new > > libsane1.' > > nmu libimage-sane-perl_5-1 . ANY . -m 'Rebuild against new libsane1.' > > nmu libinsane_1.0.7-1 . ANY . -m 'Rebuild against new libsane1.' > > nmu libkf5sane_20.08.0-1 . ANY . -m 'Rebuild against new libsane1.' > > nmu wine_5.0-4 . ANY . -m 'Rebuild against new libsane1.' > > nmu pike8.0_8.0.702-1 . ANY . -m 'Rebuild against new libsane1.' > > nmu pillow-sane_2.8.3-4 . ANY . -m 'Rebuild against new libsane1.' > > nmu libreoffice_1:7.0.1-1 . ANY . -m 'Rebuild against new libsane1.' > > nmu sane-frontends_1.0.14-16 . ANY . -m 'Rebuild against new libsane1.' > > nmu scanbd_1.5.1-6 . ANY . -m 'Rebuild against new libsane1.' > > nmu simple-scan_3.36.4-1 . ANY . -m 'Rebuild against new libsane1.' > > nmu xsane_0.999-9 . ANY . -m 'Rebuild against new libsane1.' > > I'm not really sure what you're trying to achieve here. You've asked > for a transition slot (#960046) but completely ignored the moreinfo tag > and then went ahead anways. In any case, for a proper transition we > would have tracked binNMUs in that bug report instead of a new one. > I refer to the mail from Raphael Hertzog. In [1] he says that the transition is no longer necessary and that I should ask for a binNMU. > I think that this effectively reopens #908681 which I will unarchive and > reopen. With the Upstream Release 1.0.31 7 functions have been removed. This was also entered in the changelog and the #MISSING was not removed from the symbols file. [quote] * debian/libsane1.symbols: - Remove 7 not longer available symbols. [/quote] > > Cheers CU Jörg [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969291#35 -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54470 Lieser git: https://jff.email/cgit/ Threema: SYR8SJXB Wire: @joergfringsfuerst Skype:joergpenguin Ring: jff Telegram: @joergfringsfuerst My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#971349: nmu: colord,gimagereader,haskell-bindings-sane,hplip,libimage-sane-perl,libinsane,libkf5sane,libreoffice,pike8.0,pillow-sane,sane-airscan,sane-frontends,scanbd,simple-scan,wine,xsane
Package: release.debian.org User: release.debian@packages.debian.org Usertags: binnmu Severity: normal Hello, please rebuild the following packages to use the new lib after rename libsane to libsane1. nmu colord_1.4.4-2 . ANY . -m 'Rebuild against new libsane1.' nmu gimagereader_3.3.1-1 . ANY . -m 'Rebuild against new libsane1.' nmu hplip_3.20.5+dfsg0-3 . ANY . -m 'Rebuild against new libsane1.' nmu haskell-bindings-sane_0.0.1-13 . ANY . -m 'Rebuild against new libsane1.' nmu libimage-sane-perl_5-1 . ANY . -m 'Rebuild against new libsane1.' nmu libinsane_1.0.7-1 . ANY . -m 'Rebuild against new libsane1.' nmu libkf5sane_20.08.0-1 . ANY . -m 'Rebuild against new libsane1.' nmu wine_5.0-4 . ANY . -m 'Rebuild against new libsane1.' nmu pike8.0_8.0.702-1 . ANY . -m 'Rebuild against new libsane1.' nmu pillow-sane_2.8.3-4 . ANY . -m 'Rebuild against new libsane1.' nmu libreoffice_1:7.0.1-1 . ANY . -m 'Rebuild against new libsane1.' nmu sane-frontends_1.0.14-16 . ANY . -m 'Rebuild against new libsane1.' nmu scanbd_1.5.1-6 . ANY . -m 'Rebuild against new libsane1.' nmu simple-scan_3.36.4-1 . ANY . -m 'Rebuild against new libsane1.' nmu xsane_0.999-9 . ANY . -m 'Rebuild against new libsane1.' CU Jörg -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54470 Lieser git: https://jff.email/cgit/ Threema: SYR8SJXB Wire: @joergfringsfuerst Skype:joergpenguin Ring: jff Telegram: @joergfringsfuerst My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#960046: transition: sane-backends
Hello, I close this bug after upload to unstable. CU Jörg -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54470 Lieser git: https://jff.email/cgit/ Threema: SYR8SJXB Wire: @joergfringsfuerst Skype:joergpenguin Ring: jff Telegram: @joergfringsfuerst My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#960046: transition: sane-backends
Hello Rene, Am Freitag, den 08.05.2020, 21:56 +0200 schrieb Rene Engelhard: > Hi, > > On Fri, May 08, 2020 at 07:11:09PM +0200, Jörg Frings-Fürst wrote: > > libreoffice > > Note libreoffice only Suggests it (and it dlopen()s libsane.so.1). > > A rebuild will change the Suggests since > https://salsa.debian.org/libreoffice-team/libreoffice/libreoffice/-/commit/a11f5b7381097ea0ae9a3e03db909f4075628935 > (2 years ago, when the last rename was attempted.) > but this hasn't to be done immediately. > > So you either can bin-NMU it or not, it will pick > the right library up on the next upload. > that's right.But it belongs in the list of packages to be checked. But if this leads to problems I can change the ben file. > regards, > > Rene CU Jörg -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54470 Lieser git: https://jff.email/cgit/ Threema: SYR8SJXB Wire: @joergfringsfuerst Skype:joergpenguin Ring: jff Telegram: @joergfringsfuerst My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#960046: transition: sane-backends
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, with the new upstream release I change the libname to the SONAME. Compiling the dependent programs against the new library was without errors: colord gimagereader haskell-bindings-sane hplip libimage-sane-perl libinsane libkf5sane libreoffice pike8.0 pillow-sane sane-frontends scanbd wine xsane simple-scan Affected packages will need a rebuild. Ben file: title = "sane-backends"; is_affected = .build-depends ~ /libsane-dev/; is_good = .depends ~ "libsane1"; is_bad = .depends ~ "libsane"; CU Jörg - -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.6.0-1-amd64 (SMP w/6 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAl61kq0ACgkQCfifPIyh 0l0XOA//V132vhdVr/3b2wmpS/Sp0lXzVjckKe/x6aoMX+GyjeMS0dR4ApG+CRZf aQB3wnNSU8+SG4DM5v1deSTbZ58Z9S5vM4zGZX62K+yob7bJJYdIwE3ZYlbtsLcX PlpQp0PPXrrn5/UoQA/AJS03+h5G0nj5tWN+iwvRFEip3/H/0tzH/hcqIPOaDvjA 4nir9UPg17Rb2B35N3PGdsmuh/53pDhWU2YqCCr8P23Bn6GeH2tqUxxFnvLetBf2 cZWuEPZ75q+PqOhiqzaVrHxx/JE/K4f2UzBwnaY+eRW3S3sAtKgrzVDXjqsYM7Pn 1ajg+4teWnAYA/NiLGNQ0J/3TSM2u1wCXzo814Z1W2gjaqjXbAi9J+pfAORVre58 gChY/zTGlwtciBbbDUj/PP/95KhVSJDq6CojU9Ilc/m4k06QwRkLjqNrlnCg14oB 8GsJynq0ENOmwcqxaAyesKi22maw9u0dH0jEJZWnV03P6APoMob2YepdkkQ9vU4S 47LNn1THsLyKYDhtrObcim4/IkMttls376V4q8MF6bmEJa+tYEpY6h0lVEWUgaYZ k7aD4n9r1gLW96CxherjdtdVTWFgVvVu5B4sU89CBPO9FaQmQpL4tCWasZVMxcbH 2LTImopieHgvWongkSbl52jahpLrMlSDqSmHuvW3LIoPwTd096w= =Zj/S -END PGP SIGNATURE-
Bug#941571: buster-pu: package sane-backends/1.0.27-3.2
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, the udev rules missing the group scanner. The new file debian/99-libsane.rules add them. A debdiff is attached. Many thanks CU Jörg - -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.2.0-2-amd64 (SMP w/6 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAl2US2wACgkQCfifPIyh 0l31pBAA0bDTl+QnJvGIgjKm/0UDZ9PJ3bysNjrlVJvSYRPaeuECNtgpVn5UQT6h zVUG0zx0m+xdDep7d+eOAtyeXub/tKgHe4VaLDj4MPavfQlLcgsOw7HCNf019t6F ihV6U2CV9GPnjUTNlBmF5SlCbEVg920OCex1fr67BuxFR8iULCFXcj4sOtZDfHRw /nRGkOotElYTB5XX3bXgG5Kf/L+9piyWuqDZgGOIBz4s9t2EbPCWv0DozqzPut9a TS5r9kPtF4n9sOWmfpIUlXqxJvmyuEvUvA93kP7U/BIFtcyesKVgcPtfURKYeHk5 CBhUF8+dcbl9r6s9OxVttWTM/mFpZJ3MV/C7adYtjZenl/K/ug0QAUuWxEASi058 QzICpm1iOJuTOxSha4+NPQhN5eCbS4uh0jWXpRO8RqyQzJQSjQQc4B9Vn205F6Jj ha0cwTKp6oZR8UcJl/gH2WpLy1n+TI5J78XFDn8RQA6tUoeHVTa93TqJdDzISCRB DU1P4H9Z2ghRPr+N81Mz3Oz449rhSWh9Xh/YuWUYM8X7vEIjEvbWBAoujWwbbxUZ g9Y85Eqm6eEZsgsyHdu5lG4g8Xm/UYLO35pv54Iu0wT6GhqaaskbiqqhTFZKgn8a 0VIzMrukAY4/+5p8FpV6GsbecPeXpMVXxByfL+CaH+dAWTSM3Ow= =5sPV -END PGP SIGNATURE- diff -Nru sane-backends-1.0.27/debian/99-libsane.rules sane-backends-1.0.27/debian/99-libsane.rules --- sane-backends-1.0.27/debian/99-libsane.rules1970-01-01 01:00:00.0 +0100 +++ sane-backends-1.0.27/debian/99-libsane.rules2019-04-27 17:25:19.0 +0200 @@ -0,0 +1,2 @@ + +ENV{libsane_matched}=="yes", RUN+="/bin/setfacl -m g:scanner:rw $env{DEVNAME}" diff -Nru sane-backends-1.0.27/debian/changelog sane-backends-1.0.27/debian/changelog --- sane-backends-1.0.27/debian/changelog 2019-03-23 17:38:37.0 +0100 +++ sane-backends-1.0.27/debian/changelog 2019-10-02 08:28:33.0 +0200 @@ -1,3 +1,10 @@ +sane-backends (1.0.27-3.2+deb10u1) buster; urgency=medium + + * Fix missing udev rules (Closes: #941038) +- New debian/99-libsane.rules. + + -- Jörg Frings-Fürst Wed, 02 Oct 2019 08:28:33 +0200 + sane-backends (1.0.27-3.2) unstable; urgency=medium * Non-maintainer upload. diff -Nru sane-backends-1.0.27/debian/libsane.install sane-backends-1.0.27/debian/libsane.install --- sane-backends-1.0.27/debian/libsane.install 2018-11-02 18:13:02.0 +0100 +++ sane-backends-1.0.27/debian/libsane.install 2019-10-02 08:15:37.0 +0200 @@ -1,2 +1,3 @@ usr/lib/*/*.so.* usr/lib/*/sane/*.so.* +debian/99-libsane.rules /lib/udev/rules.d/
Bug#913881: stretch-pu: package uriparser/0.8.4-1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, the attached debdiff fix the CVE-2018-19198, CVE-2018-19199 and CVE-2018-19200. The maintainer email address and the Vcs-* location are also changed. CU Jörg - -- System Information: Debian Release: buster/sid APT prefers testing-debug APT policy: (500, 'testing-debug'), (500, 'testing'), (300, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.18.0-2-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAlvuqgUACgkQCfifPIyh 0l2zqhAAq0bStaT+o8QELmNS2OZBFLGrv/Li3g5DHnEee5juZLQ9VgLIh5eXb96f ycgBpuItaCfLbMM5WnKGXnmEnB37gMlReYR8nMIF2eVLTeS124SUa6Qeyp/nh3bg 5waNanD9KbxuJDLKzNgeERdf1QKD78VPTnaIPvMQzb6k5ole6PqzxzgqLaOicR/X omYT26BvG9sDnLGtVPuyYqEeiZm575qTpjqUPJzHJd9styiRQiICwiWBfB7D02U0 OoorOWwm/rvDafhrlyxitpvj15pEg97gcyXkKdBhO+PYM5zIDGemDAGh1T/qlkyl FQTiZVgHj23udtS+UnpWeJgFpm9E+9/s6gcXdg+b3P/K/zNHFL6wfnlHNYzfp3mz 2OCHi7UKlkFxkkdn8uA50V2VpULUramKWupe2KGYPS7XXDn+Qh+6vbnNncqacAfp 8noPhUo2woT7Gd4HHUOf0size7BLLeDGL+HrbCQzmSKoIjhxBjQ7IjbXsw4Alstv WZJQWEov+n8ISSJvFuuYkbghbopzsmbDNJvIIUOhKmdbC1yBuGDpY2OaAxahohRy eG2fIg1ku0txTYgCyYk+5JeO3QQu6hvNGjzdanuVuCKJr+eVHQOKQ5gzx9XP/ffM 82myXAlVHITOUQTMR70NQQ4B4NEvPAMTaQYAWUiVEG03G2rovQ4= =HbnA -END PGP SIGNATURE- diff -Nru uriparser-0.8.4/debian/changelog uriparser-0.8.4/debian/changelog --- uriparser-0.8.4/debian/changelog2015-11-04 07:02:13.0 +0100 +++ uriparser-0.8.4/debian/changelog2018-11-16 09:43:24.0 +0100 @@ -1,3 +1,15 @@ +uriparser (0.8.4-1+deb9u1) stable; urgency=medium + + * Fix multiple CVEs (Closes: #913817): +- New debian/patches/CVE-2018-19198.patch to fix CVE-2018-19198. +- New debian/patches/CVE-2018-19199.patch to fix CVE-2018-19199. +- New debian/patches/CVE-2018-19200.patch to fix CVE-2018-19200. + * debian/control: +- Change to my new email address. +- Switch Vcs-* to new location. + + -- Jörg Frings-Fürst Fri, 16 Nov 2018 09:43:24 +0100 + uriparser (0.8.4-1) unstable; urgency=medium * New upstream release. diff -Nru uriparser-0.8.4/debian/control uriparser-0.8.4/debian/control --- uriparser-0.8.4/debian/control 2015-11-02 07:02:50.0 +0100 +++ uriparser-0.8.4/debian/control 2018-11-16 09:37:15.0 +0100 @@ -1,7 +1,7 @@ Source: uriparser Section: libs Priority: optional -Maintainer: Jörg Frings-Fürst +Maintainer: Jörg Frings-Fürst Build-Depends: debhelper (>= 9), dh-autoreconf, @@ -14,8 +14,8 @@ libqt5sql5-sqlite Standards-Version: 3.9.6 Homepage: http://uriparser.sourceforge.net -Vcs-Git: git://anonscm.debian.org/collab-maint/uriparser.git -Vcs-Browser: http://anonscm.debian.org/cgit/collab-maint/uriparser.git +Vcs-Git: git://jff.email/opt/git/uriparser.git +Vcs-Browser: https://jff.email/cgit/uriparser.git Package: liburiparser1 Architecture: any diff -Nru uriparser-0.8.4/debian/patches/CVE-2018-19198.patch uriparser-0.8.4/debian/patches/CVE-2018-19198.patch --- uriparser-0.8.4/debian/patches/CVE-2018-19198.patch 1970-01-01 01:00:00.0 +0100 +++ uriparser-0.8.4/debian/patches/CVE-2018-19198.patch 2018-11-16 09:19:24.0 +0100 @@ -0,0 +1,73 @@ +From 864f5d4c127def386dd5cc926ad96934b297f04e Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping +Date: Sun, 23 Sep 2018 20:07:25 +0200 +Subject: [PATCH] UriQuery.c: Fix out-of-bounds-write in ComposeQuery and ...Ex + +Reported by Google Autofuzz team +--- + src/UriQuery.c | 1 + + test/test.cpp | 32 + 2 files changed, 33 insertions(+) + +Index: stretch/src/UriQuery.c +=== +--- stretch.orig/src/UriQuery.c stretch/src/UriQuery.c +@@ -223,6 +223,7 @@ int URI_FUNC(ComposeQueryEngine)(URI_CHA + + /* Copy key */ + if (firstItem == URI_TRUE) { ++ ampersandLen = 1; + firstItem = URI_FALSE; + } else { + write[0] = _UT('&'); +Index: stretch/test/test.cpp +=== +--- stretch.orig/test/test.cpp stretch/test/test.cpp +@@ -102,6 +102,7 @@ public: + TEST_ADD(UriSuite::testQueryList) + TEST_ADD(UriSuite::testQueryListPair) + TEST_ADD(UriSuite::testQueryDissection_Bug3590761) ++ TEST_ADD(UriSuite::testQueryCompositionMathWrite_GoogleAutofuzz113244572) + TEST_ADD(UriSuite::testFreeCrash_Bug20080827) + TEST_ADD(UriSuite::testParseInvalid_Bug16) + TEST_ADD(UriSuite::testRangeCom
Bug#907796: RM: sane-backends-extras -- ROM; obsoleted, outdated, unmaintained
Package: ftp.debian.org Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, the package is obsoleted and outdated. The last upstream update is from 2011 and sane-backends has newer libs included. Since upload sane-backends/1.0.27-1 the package has no revers depends and recommends to other packages. So the package can removed from unstable and testing. CU Jörg -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAluLr8QACgkQCfifPIyh 0l16ExAAyYNZepbaPZwuf58+PQuTW7o2uUBYs6orWCWe8HzHFufOHdAKQsonwcTD y0snWiBXPIf5o84QdAOpsQPlsw0PFveyIN/BmeZMNdwywf5XbSdmh4zgBZRPWYBA wex6TMRZcvDiX6buMBmgE0EVAWMwhfKQ2MRhRtKbhDI+O6xpx4FfN2hCpgylV/Yu EhwD/bOzKAFsbGiA6Ss9k6T8TLpfYXSk40uhh6Ct0IUkWROTocExOqevs5/KEBFh tMyXmroCt9VAsD9yBZfCW1Us9hIRKqk0kBZifGv4BoR179zOOk+9br58ZwmUM5+m Sv1QDyE/P/Z59NTxznKQfxq51Zevrxkth9q4s4UREYWG62tTX2n06mXK0vG6YTQy O4azbkGRM2L1olhHgSagnZyOJoe/t6p9HCEsCN6EkKK7BpC9TJhgjsLUSr7J6z91 53kmol9L1Qq59iJvgIVBcrI3hh3+3FZujyCGMwGnCflfz3abd3K8lyPcBIPP4We/ uH48k3eVOLivN15a/1Ur1Ro41h7lo3auoqdw9qOgWDonGf4XzHqsCBQAXT3NLrkz 8GoHCk08HH8x0bas8jNfUzYlnITgXVy+yT/84g98+XetyGqgXe+g4PHFwuy52FCl p+FxTVfZtuNB7oS/txbBG5qMunL4WD3rr1a+HLQCRjnWa8ARyW8= =3xS8 -END PGP SIGNATURE-
Re: Transition sane-backends
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Am Freitag, den 17.08.2018, 00:34 +0200 schrieb Julien Cristau: > [re-adding debian-release] > > On Thu, Aug 16, 2018 at 22:34:47 +0200, Jörg Frings-Fürst wrote: > > > Am Donnerstag, den 16.08.2018, 10:10 +0200 schrieb Julien Cristau: > > > On 08/16/2018 07:32 AM, Jörg Frings-Fürst wrote: > > > > Hello, > > > > > > > > for the package sane-backends I ask my sponsor to upload it > > > > into > > > > experimental, but it was uploaded into sid. > > > > > > > > All rebuilds against libsane1 on amd64 are tested and ok. > > > > > > > > What further action is proposed by you? > > > > > > Did the ABI actually change from the previous version? > > > > Yes, see attached diff. A lot of functions are not longer > > available. > > > > That diff doesn't really prove anything by itself but OK. > > > > If yes, why did > > > the SONAME not change? > > > > I don't know. That's a question for upstream. > > > > No, it's a question for you as the packager of that > library. Answering > it properly may involve educating upstream about proper library > hygiene, > but it's not something you can just avoid answering. > > > > If not, then the package rename is wrong and > > > needs to be reverted. > > > > > > > It is certainly not wrong to reflect the SONAME in the name of the > > binary parcel. And it's a good programming style. > > > > Having package name reflect SONAME is good practice for a new > library. > It's absolutely bad practice to change package names for that single > reason, as your changelog implies happened here. > > Cheers, > Julien No problem, I have ask my sponsor to remove the 1.0.27 release from unstable and upload the lastest 1.0.25 again. CU Jörg - -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54470 Lieser git: https://jff.email/cgit/ Threema: SYR8SJXB Wire: @joergfringsfuerst Skype:joergpenguin Ring: jff Telegram: @joergfringsfuerst My wish list: - Please send me a picture from the nature at your home. -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAlt2WlkACgkQCfifPIyh 0l1wVhAAzRy8cd4M9fYkio1E/3m7tUTGV5kpAZJGrAAA4a2yYLGR9/qoX5hlUWiD FfyHTw+j0OwygRPDhfQntrGAWgpn2fDHaLqLBYHgp83jWMjtPT0Jehk9oL8202sx rEWfGiI8tLJm+PgBMms81hPwtJAdzDBptxa+nS4oExM+F86CfcoTEwu+orOxgV/G sI0xaw13JWqGaiApx9SDBMm7m0iSY5vt8McxlO2XCq5uSZQ3GVWWi5mUmjZ6JTqC dR9Kp+haAXcIbF52uohPFu5xIZqZv4gVh7DH2pxwbYfAabtYxgeW44WFvihirGW+ +6ggHVx8ysZNaE+K/e29gI2+E3kB5cVZN+LQ2fqMnWXs4KfJO2d879U3YH87QDT2 CPHixYeps5G4/yZlGZTNbvo1sUq3Y0DXoqhKsbH/9L4H5/b7fjsVDMb5IIVFCx15 pY6YSliYhV7j3sHoBkls5kMPNUvEkD9YQHhV9E3qw5t0Nd3iAaxib/99tmcUgQLp 73Ma62tNXx5TEd3r5pdVfDuo3C5BOyZJXk59hsB7ItUlQiZFnfa9PNb0JPY/qqFd VKZCUaGl0eTRUM44etojx+njVRrhIh+xZHBtOdaiku6gSymWIKv4xfNnX/0RtDMy 2019cfPcBE47WbJAKhCIwwZ1oqNSR8xyNtLhSd/iQ7xkS6/7dxI= =INGe -END PGP SIGNATURE-
Re: Transition sane-backends
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Am Donnerstag, den 16.08.2018, 10:10 +0200 schrieb Julien Cristau: > On 08/16/2018 07:32 AM, Jörg Frings-Fürst wrote: > > Hello, > > > > for the package sane-backends I ask my sponsor to upload it into > > experimental, but it was uploaded into sid. > > > > All rebuilds against libsane1 on amd64 are tested and ok. > > > > What further action is proposed by you? > > Did the ABI actually change from the previous version? Yes, see attached diff. A lot of functions are not longer available. > If yes, why did > the SONAME not change? I don't know. That's a question for upstream. > If not, then the package rename is wrong and > needs to be reverted. > It is certainly not wrong to reflect the SONAME in the name of the binary parcel. And it's a good programming style. > Cheers, > Julien CU Jörg - -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54470 Lieser git: https://jff.email/cgit/ Threema: SYR8SJXB Wire: @joergfringsfuerst Skype:joergpenguin Ring: jff Telegram: @joergfringsfuerst My wish list: - Please send me a picture from the nature at your home. -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAlt14DsACgkQCfifPIyh 0l0D5w//cKPl9R/PQt24CyMIhmgRkvOS2cQitGj5AD5YlEVDUgMiTXSocmjHmelB serKaYM31UFa5zcqD0p0fLRRwjE3moqz+qFnUgewdjPHLCJisolkUxEz/ioYAGEz tH9iRZ4sQE4c+GEZIQZKmWArQ1AyhF58bZNjrIvllXjFXH70ZQkpDy35v4+y3DDa p3uAtDtZK6qPYhuW6ceVJ+p1xNo9lFVAu4Iu4Hb0vudH8Qlai+2o10KkHqQrg8Fv DG+fwF9hchvzi8y0116zQQPtX9wbdOehwo9ZrDmWUrLxAb0h0tUFzO4ysVEevYIq uXfJw+St8OLut1NmTEewJ0KFbkEo69eytI1h69NCUIcV9DqvIReUPCo6to4NYZsK xus4Jfzs+KFFrL2YMVHXJv80uNphfQKfeDScroIRhjZ4c0uP3JNhkHxt2Bhh8ZCl JwGY1ZsIO4eyFMuq4QG7fUlnIv5lHhdNEkUdhPpVgrjZoeV1Y88gDnm/TVGiYnqz VQ3qAYOO8TpAtQFeBY7EkN7RX1neD2W6BhhTgzk+kWcqacp6vwly4ckn5ralnO2f agRQFSlEE/CGw2yAubERfEHq6vSIE9iOiBPMvzxp5QXBrdfLwtviedwPw9pJXqFU 5n2QQDK6jBXLx3oq1SfJbUqhxYnmloDEpel+0X3DgYihGgWDGjk= =P+cL -END PGP SIGNATURE-
Transition sane-backends
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, for the package sane-backends I ask my sponsor to upload it into experimental, but it was uploaded into sid. All rebuilds against libsane1 on amd64 are tested and ok. What further action is proposed by you? CU Jörg - -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54470 Lieser git: https://jff.email/cgit/ Threema: SYR8SJXB Wire: @joergfringsfuerst Skype:joergpenguin Ring: jff Telegram: @joergfringsfuerst My wish list: - Please send me a picture from the nature at your home. -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAlt1DHIACgkQCfifPIyh 0l1lwg/+Nqt/R59bKe5/wm4Vg7nV+Tew7W8W9c4FnsnFH9EIm4Jgq3265Esh2WPB hbvrL56N4QQoiJkp3/NHM8UOBaEbbklKZ9T1LN2oF9FhdUwyuW5uqhAuPpcAGw4I 1nf+ol/yazWLaOfYjeNo6dDk50BGx1Ifq9sr7TW/hRA6sDOQd8mbLqgxUTl9/dhP XPB69Nh8BXPcWHmPGdOs9Dkq6nbna9l6J1NS8xY3SwRw3+xiy9wQWjQixsiQFgt+ JYrXQeRuJPuSNuZk0QLea8wvqBUwNe8Mgkaf0hL0Hz+jKa3D7XHj5s3iVYJoBtsz 0TmqRvbIsndDMIgTNVUTvDAfQSlRJKuLa33hCLytXDgJBBK5xEvwOTpPaKTyxkeF T/3+83+PIOA81t6L/wW2UixILBK149R0TYcPWlCpcUGhj3K7ZOY8JNMFgMebPSIq V8/+hvIbNfLZivTg7ZDAn/SrrWOGs9J5xWsirRR4514ry/QwkFQTEeCZFkCwtTKq P6cpE0sbr4vQDycImcRZWbWJDhrsTgUBytprI44JfQkenIRz/1IQsOYoUqkyM1Jw gMr9xi+16JPVcdc8JHO6t0aaK/Q0nvVLQCA4adXXP9WBbzY6sIfbb/RIMNW9A99d sNZGss+2mE0BvfORzFwjroha2wftkRu+bqLLDP65gmakIIVScYk= =GUSQ -END PGP SIGNATURE-
Bug#897270: transition: libonig
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, I want to start the transiton from libonig4 to libonig5. The package libonig 6.8.1-1 is uploaded into experimental since 2018-03-22. The build tests for the revers depends are for all packages in testing ok: * jq, libjq1 1.5+dfsg-2 * libevhtp0 1.2.16-1 * libslang2-modules 2.3.2-1 * libsylph1 1.1.0-19 * lua-rex-onig 2.7.2-4 * sylpheed, sylpheed-plugins 3.7.0-3 The package * hhvm 3.21.0+dfsg-2 has an FTBFS https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897250. Hhvm isn't in testing. So I ask for a transition slot. Many thanks. CU Jörg Ben file: title = "libonig"; is_affected = .depends ~ "libonig4" | .depends ~ "libonig5"; is_good = .depends ~ "libonig5"; is_bad = .depends ~ "libonig4"; - -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.15.0-3-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAlroD1kACgkQCfifPIyh 0l0b0A/9G1Zz78vVBURtbH2M9xlRstptZB5bmy9RHbhh7J1cnjYYfcgF/yX28qEE T3xeyW24j20/dovjCyMU09J0yU/8YxFASK+UPX7Kj4ITLeQAO3ii7uPvtOc8QXGp BeQ5+TIEuJOb6LJZreGktQglI5N/ZK+F1pCyAEd91WGm+BQgybhm94BwILl5RqyI Yqbor5RwWlrDLVD+OpdTCN1ZmVLygPjqkPXJHo38EhzlI52yvSVH9kP+QK5ndj3K ItpZ70raGejMxh0kvAM88utQ1FNo42/IsnjYwdi4GJt5FRfiBeIASDbTopgHNIXM q3SJviOj49odmCa3/XDrsiVV1K+tGhGtdZiDpa4dmVLPM2mauZM+OflyveKGYiJJ TkjFXMiqfDu6/ScpbC53wXoonR99AKkQkMBkNvIcmj0Ps773NATZlkG4DnNFL5RQ CBv0B3JXphhexRws+3qNquyxyxg+CfJQXu+Jdfq4RsPvePJ/CEUIp+np0AkytSca ZgJn9oIUG8VbmHdveP93MBmQu0o5164fPFLV3CxjSRYdJKSB8w0miVsRohA2WOyC OSTI0PkvcegGVF+G7a6pAoMdkGwe+OcaR2VobiMjpBw6OhIbSAAMpnd4XqdLU8oe pkh782+fUJ9VXja331lI3WtlBSK4+eGutZch1chJbYdqdd03O9k= =y6GE -END PGP SIGNATURE-
Bug#894735: RM: simutrans/unstable [armhf] -- ROM; FTBFS
Package: ftp.debian.org Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, simutrans on armhf dont't build since more then 90 days. Please remove them from unstable. Many thanks CU Jörg -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAlrDuEQACgkQCfifPIyh 0l0tbA/+JJvg/j+byS69EpBzYidaf4i3BmjV409YCcDfk3sHa3luo37yZqh1WqB/ vYvL/Ae1vCvxxcA6t+3qXIdNrrMGUrJYvhv7v4+lMWkmHQ+o6Nns6bR0SAQqOPKw KeSEo2u39XkRTfmt5+qTQd0CHNIrOIARL2kJlz0PW/dnnWCTuuDaqz3c4Vkjtyuf DB/2L3/+jp9fqdX4RpQneCDaJCZX7FsNt6deMk9QslUFh481PSzN98EHj+1QhkUy yniMFc7ih0Hpu0yQmo23A1nO1hLlg9FLu5cjDw53PJaG11PpDqCNsX4hzrOewJgO WOTF9zyXWWvOtQuNsR+Z6d8DLagf9up8yt4wJmJtXvvye6y7FWfZLP53CQq+L5tv ZfV9ZRrYGeoYNdMnGxCg+TFhfLI6PBZhlmdRZnJvasqGs0f5iVIZ3pNMg4TgqtjJ BXwaLekuS8nj7LT0Iw/b6DpXOMUn8gArmAJ8R76QUWNqUxfoXc7MvUMyaRC8DlIa 7lnSMcgekEU4elC0TfcN2jUzLmIo03gPLUQhi2f9zJsE10fP9qHA88b1n52iDdSF wok7BrcmdeUhVje4DSXxDUXMLdwhv9AXGFxhH0p4k/hPek5QTmXcluZFVeHZoKWF 2v7zY0V/4DjwEY2krbkrxNbK7TqizGuAoG5FKHCdgYj3mYXM0tg= =r21I -END PGP SIGNATURE-
Bug#864968: transition: libunistring
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, I'd want to upload libunistring 0.9.7 to unstable. The ABI is bumped. I've test built the rdeps: - libpsl - forked-daapd - gettext - gss-ntlmssp - guile-2.0 - kamailio - libidn2-0 - lxhotkey - termdebug - tracker - wcd - freeipa - gnunet All builds are ok. CU Jörg Ben file: title = "libunistring"; is_affected = .depends ~ /\b(libunistring0)\b/ | .depends ~ /\b(libunistring2)\b/; is_good = .depends ~ /\b(libunistring2)\b/; is_bad = .depends ~ /\b(libunistring0)\b/; - -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (800, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAllGHNQACgkQCfifPIyh 0l3zmhAAg7m+kdJAbqXl3cGQkBVdbxAQiEBhlRanuhGDIl1GiQOaq8CG7gEwlF3X YLjt3JryoVVY1fJEd/jjbB0LXcWD+WXhnWVaT7TLeVcwd3bKixwzcWTT1w/yhT5J EtSXz9oeOGTU4/2q2B7A2cxcLWmpnnGnCueZEyMF7ZbswP1IPUGpPntlxglTZTAa q2kkQTMCOS+eDrICa1zqzXy1NTqoCRtGH7JRaLGEuFH4Q+6KGNf6HW577TI09Bqv N1nM9h5uKp4mZpYAy3bRbrzUL90NpqEnIkmgiJR3b3cs7fcPxCXKm04rnezS/j/Y TPvMAU7klJfDYTyt+aAJ38jwCagSE28PWYqmIhfdFtU9XeG4EMRd6ZcaJgaH1CXA MQYIaZ+bVCP/sbcG981x51UPxaOlaVVxu5VdvnPV+/zB/ebjrXf+6ffAiKV2LrAf VupCxaLlAI61M9kO7QGg6loFuWAlH/s6d0ClRs6IbXalN3a7yd9RbecRTwXogJvf 9oh6jOapf6yy7JtuArSWXbLi13dXpBFNFsNQNM1NMuIaN+uHdhy4QzPvwKc7LQcx Wx1b/FsqwXbtyBxG5mByb/Dmo0B9j2/mggZjJu1iITfcZoP+J4yez8cIvf+xghbb 0CEq7Ogpb8yCySxhS/u2BqQ1NSbgqeMVwbtc3eUv4vvaBQ39Ofk= =vAOK -END PGP SIGNATURE-
Bug#863562: jessie-pu: package libonig/5.9.5-3.2
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I have the release 5.9.5-3.2+deb8u1 with fixes for the CVE's: CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 ready, The debdiff is attached. - -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAlkq/Q4ACgkQCfifPIyh 0l3LkQ//UY/XbO0adWiAPyombGW3e+lSRikPyn+cZfroCGgkkp7W1ch+xqiB+TyT CU8sBMqiRGFEm9OY0gCljmaalZ1/Hoi7TGdTuo56pfu7/g/TPn8IUYef5NPGySRb /8+RUF1hFIBRWeHHwnhJ6mJ3f00FnzQK9i0j05Oew/upgzQpL+uaJv8Dzu+swgqI L+qlORuMN9V1sFkMwBMSaRmkLUkDw7C0LUYy21seb9ONmiCW+a3/7a/NuRYOE/S9 T2Kkn5moykCd87eW36DRoak7pFAbIdXMbzhAiQB2gd4cJRbpiN30TIX3YOMbnRPL 2S3jPrmsSIpbGYsfnn6ZkjfavwW9fwfjTUehrn6jX2bKwuwdRxIt5z57V1uuex9N MpBQWL8jKfMMscfz3YzOJPdz0XicVYAHBN0zswapHtZDfnlOwNoj3I6iPng0QEGj vQ2zD/P0wSoD8JeMfotOKeHaCXoWcQxmJmacGPS2BnA03OvKlSC7HGNyLnOu7Dws ye8oCglZNpLmF/1cr7nvrHSnpiPc4MvyYxnFDSTFvB15ugsgoMaNdf2gvEXiUHNo R+ZY2wCil3R4IKvpvKGYqpReNKOACjc+EhNU5KzrWvA39jdvJmkGZTc9IqV8E+Z+ q2q4ponTuPY47s2iB5SGBHIo5bpuhdwqREsB6VsCWyWde9gDm6A= =aAPj -END PGP SIGNATURE- diff -Nru libonig-5.9.5/debian/changelog libonig-5.9.5/debian/changelog --- libonig-5.9.5/debian/changelog 2014-12-28 12:11:12.0 +0100 +++ libonig-5.9.5/debian/changelog 2017-05-28 16:59:55.0 +0200 @@ -1,3 +1,15 @@ +libonig (5.9.5-3.2+deb8u1) stable; urgency=medium + + * New debian/patches/0500-CVE-2017-922[4-9].patch: +- Cherrypicked from upstream to correct: + + CVE-2017-9224 (Closes: #863312) + + CVE-2017-9226 (Closes: #863314) + + CVE-2017-9227 (Closes: #863315) + + CVE-2017-9228 (Closes: #863316) + + CVE-2017-9229 (Closes: #863318) + + -- Jörg Frings-Fürst <deb...@jff-webhosting.net> Sun, 28 May 2017 16:59:55 +0200 + libonig (5.9.5-3.2) unstable; urgency=medium * Non-maintainer upload. diff -Nru libonig-5.9.5/debian/patches/0500-CVE-2017-922[4-9].patch libonig-5.9.5/debian/patches/0500-CVE-2017-922[4-9].patch --- libonig-5.9.5/debian/patches/0500-CVE-2017-922[4-9].patch 1970-01-01 01:00:00.0 +0100 +++ libonig-5.9.5/debian/patches/0500-CVE-2017-922[4-9].patch 2017-05-26 07:07:41.0 +0200 @@ -0,0 +1,121 @@ +Correct CVE-2017-922[4-9] + Fix mutilple invalid pointer dereference, out-of-bounds write memory + corruption and stack buffer overflow, +Origin: Cheerypicked from upstream +Bug: https://github.com/kkos/oniguruma/issues/[55|56|57|58|59|60] +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=86331[2|3|4|5|6|8] +Forwarded: not-needed +Last-Update: 2017-05-25 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: 5.9.5-3.2-deb8u1/regexec.c +=== +--- 5.9.5-3.2-deb8u1.orig/regexec.c 5.9.5-3.2-deb8u1/regexec.c +@@ -1425,14 +1425,9 @@ match_at(regex_t* reg, const UChar* str, + break; + + case OP_EXACT1: MOP_IN(OP_EXACT1); +-#if 0 + DATA_ENSURE(1); + if (*p != *s) goto fail; + p++; s++; +-#endif +- if (*p != *s++) goto fail; +- DATA_ENSURE(0); +- p++; + MOP_OUT; + break; + +@@ -3128,6 +3123,8 @@ forward_search_range(regex_t* reg, const + } + else { + UChar *q = p + reg->dmin; ++ ++ if (q >= end) return 0; /* fail */ + while (p < q) p += enclen(reg->enc, p); + } + } +@@ -3207,18 +3204,25 @@ forward_search_range(regex_t* reg, const + } + else { + if (reg->dmax != ONIG_INFINITE_DISTANCE) { +- *low = p - reg->dmax; +- if (*low > s) { +-*low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s, +-*low, (const UChar** )low_prev); +-if (low_prev && IS_NULL(*low_prev)) +- *low_prev = onigenc_get_prev_char_head(reg->enc, +- (pprev ? pprev : s), *low); ++if (p - str < reg->dmax) { ++ *low = (UChar* )str; ++ if (low_prev) ++*low_prev = onigenc_get_prev_char_head(reg->enc, str, *low); + } + else { +-if (low_prev) +- *low_prev = onigenc_get_prev_char_head(reg->enc, +- (pprev ? pprev : str), *low); ++ *low = p - reg->dmax; ++ if (*low > s) { ++*low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s, ++ *low, (const UChar** )low_prev); ++
Bug#863538: unblock: libonig/6.1.3-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Please unblock package libonig The relase 6.1.3-2 fixes the CVE's: CVE-2017-9224 CVE-2017-9225 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 The debdiff is attached. Many thanks. CU Jörg unblock libonig/6.1.3-2 - -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAlkqqRMACgkQCfifPIyh 0l2e6Q//Tfg0j3UGGPgQHgPR3DdsCj5bdr0H+WFmBMbiwYYE5UqOBHEbBs2Z5Jfo /i0NV7z/+uc6rl4G5Swxsv4Rj43rs0c3xbVEcKGf5BTfPH8gGNTCBAMNhwi3m/9w Lxt7cSfO+6tJaI+89ysVONp0P2npSmTqHrdQrGJtVTsCHG/xchJB/y2ZAM99pyyQ adapg5GzOmTVhnCz7llTxjEXx6z4dveNzDngd+K7u9N3YFv6c36dXC01KWoVuKgW sQzjWpwpKakUOR1Lt6wWnUMqJG3SoVhXUp/s+OQ//98nWt8iFFwTPstQ4goaa/eY IklC6c/WJNGKg5eLOLCMAdBKT6Ds1Eoe7U61iprN/rWcckyeLbMvbAvNi/EqyKPR 4Rb9RDSSPyJsX5px2DlgdebYgyMPGk/MEg4r4z7nZcj1rSCdznwwxJlLgpW0MqQ1 HKnQn73HBkXxyfzXNyAIdfYp+JCU8gXvZfWw+rQSpdJh9EX49GRAL9M54VSLVNFJ TONrj31RDGhHmVLYFqrpA/FDxAVvZTEM8zWJm5XgvDxDV4MPZYz5RiW2Of8UyeNT jl6YC1MyWGl0KkXRLyGiT3WEeLQzXKgLp9rWye5epEbOP+eVH9AfsRTuDzNloDmK raKreqD10QBNIE4R7aFTlDCdtyPwjPPomt3359mQlSgiq1rkWhE= =qAlo -END PGP SIGNATURE- diff -Nru libonig-6.1.3/debian/changelog libonig-6.1.3/debian/changelog --- libonig-6.1.3/debian/changelog 2016-12-15 09:23:30.0 +0100 +++ libonig-6.1.3/debian/changelog 2017-05-27 12:05:50.0 +0200 @@ -1,3 +1,16 @@ +libonig (6.1.3-2) unstable; urgency=high + + * New debian/patches/0500-CVE-2017-922[4-9].patch: +- Cherrypicked from upstream to correct: + + CVE-2017-9224 (Closes: #863312) + + CVE-2017-9225 (Closes: #863313) + + CVE-2017-9226 (Closes: #863314) + + CVE-2017-9227 (Closes: #863315) + + CVE-2017-9228 (Closes: #863316) + + CVE-2017-9229 (Closes: #863318) + + -- Jörg Frings-Fürst <deb...@jff-webhosting.net> Sat, 27 May 2017 12:05:50 +0200 + libonig (6.1.3-1) unstable; urgency=medium * New upstream release. diff -Nru libonig-6.1.3/debian/patches/0500-CVE-2017-922[4-9].patch libonig-6.1.3/debian/patches/0500-CVE-2017-922[4-9].patch --- libonig-6.1.3/debian/patches/0500-CVE-2017-922[4-9].patch 1970-01-01 01:00:00.0 +0100 +++ libonig-6.1.3/debian/patches/0500-CVE-2017-922[4-9].patch 2017-05-27 12:00:03.0 +0200 @@ -0,0 +1,144 @@ +Correct CVE-2017-922[4-9] + Fix mutilple invalid pointer dereference, out-of-bounds write memory + corruption and stack buffer overflow, +Origin: Cheerypicked from upstream +Bug: https://github.com/kkos/oniguruma/issues/[55|56|57|58|59|60] +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=86331[2|3|4|5|6|8] +Forwarded: not-needed +Last-Update: 2017-05-25 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: 6.1.3-1+deb9u1/src/regexec.c +=== +--- 6.1.3-1+deb9u1.orig/src/regexec.c 6.1.3-1+deb9u1/src/regexec.c +@@ -1463,14 +1463,9 @@ match_at(regex_t* reg, const UChar* str, + break; + + case OP_EXACT1: MOP_IN(OP_EXACT1); +-#if 0 + DATA_ENSURE(1); + if (*p != *s) goto fail; + p++; s++; +-#endif +- if (*p != *s++) goto fail; +- DATA_ENSURE(0); +- p++; + MOP_OUT; + break; + +@@ -3149,6 +3144,8 @@ forward_search_range(regex_t* reg, const + } + else { + UChar *q = p + reg->dmin; ++ ++ if (q >= end) return 0; /* fail */ + while (p < q) p += enclen(reg->enc, p); + } + } +@@ -3228,18 +3225,25 @@ forward_search_range(regex_t* reg, const + } + else { + if (reg->dmax != ONIG_INFINITE_DISTANCE) { +-*low = p - reg->dmax; +-if (*low > s) { +- *low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s, +- *low, (const UChar** )low_prev); +- if (low_prev && IS_NULL(*low_prev)) +-*low_prev = onigenc_get_prev_char_head(reg->enc, +- (pprev ? pprev : s), *low); +-} +-else { ++if (p - str < reg->dmax) { ++ *low = (UChar* )str; + if (low_prev) +-*low_prev = onigenc_get_prev_char_head(reg->enc, +- (pprev ? pprev : str), *low); ++*low_prev = onigenc_get_prev_char_head(reg->enc, str, *low); ++ } ++ else { ++ *low = p - reg->dmax; ++ if (*low > s) { ++*low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s, ++
Bug#863302: RM: remmina/1.1.2-4 --RoM; buggy, unsupported by upstream
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, please remove remmina from testing. Remmina has only a few bugs, which however prevents at whole a regular work and therefore it doesn't meet any quality requirements. Since approx. 2 years the release 1.1.2[1][2] isn't longer supported by upstream. The new release 1.2.0 has ssl incompatibilities, which prevent that an important plugin can be build with[3]. So I think, it's the best way to remove remmina in Stretch. CU Jörg [1] https://github.com/FreeRDP/Remmina/wiki [2] https://github.com/FreeRDP/Remmina/issues/443 [3] https://anonscm.debian.org/cgit/collab- maint/remmina.git/tree/debian/control?h=experimental - -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAlkmgbwACgkQCfifPIyh 0l246A/6Aq3k2dkpmx/fX/Da2d2wUDUqYso3G9eSml6wQbkdMCGWRKXPAlN5Qnqw FjnFUbwajjebIvLzGqQc5GE7wt9Egma06j9kGXsVCFPqcvWkyErz8w38Cat/d9vu N4Txa1QDP9naLMZFAg4zKk0wMvXnj4kiVDvphqCnUaYbJ8h24W9M6qNRK5qDSLVf aH3i+bVjhL0K52Izk84EG3e/8tGU00jtwDmAkWl6RD30YcZ3HG9NLc+ElTX/ZhVD i4W6iPUNPoIXyLOOGeoOjOdLY+oMVvBwq/g6NF3GX/SrOfBLAywHB6k0C9fYkW6K 9d2tq6eSqz6IvoU3qndjN/MGp/QMYqSzNtd8GLbk2k18I4bD/+kYL75i12satyRC eeenZ7YGpQnXbVfwcrpwaolyg37IGQ/NAduFkWfTQlI+VVgh+Q6yOOvbXoW3k/64 35o9ihFB+p7ajeCNcyy6UZ3/zGhGieFlgzso8rh29mq16aWtZVudv16ls0S0sX3f OOTPqfuEw7mZLQivalX4vxAbZMyA9hwoGEdwo6NQGYHBL5stwAzc8YQlhXj0nwXr OZswbK4MH1CfpObFEfdkYegKXq53jWmobyHOLEu6mhsDEWI83zI1SyMWNxk4YfQV CDu+WBj4n3ap4hnhH+/3VPotTLKUGBVhdEr13IOhS19GUUTGqEo= =F+zS -END PGP SIGNATURE-
Package shotwell
Hello, Is there a way to get the old version shotwell / 0.24.0-1 back in testing. The current version 0.25.1-1 is to buggy. CU Jörg -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54470 Lieser Threema: SYR8SJXB IRC: j_...@freenode.net j_...@oftc.net My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#853118: unblock: sane-frontends/1.0.14-12
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Please unblock package sane-frontends It solved a FTBFS bug. sane-frontends (1.0.14-12) unstable; urgency=medium * New debian/patches/0001-fix_missing_sane-config.patch: - Add autoconf statements which were previously part of sane-config to detect the presence of sane-backends. * debian/compat: - Change compat level to 10. * debian/control: - Bump required version of debhelper to >= 10. - Bump Standards-Version to 3.9.8 (no changes required). - Change Vcs-Browser to secure URI. * debian/copyright: - Add year 2017 for debian/*. * Refresh debian/patches/25_manpages-typo.patch. -- Jörg Frings-Fürst <deb...@jff-webhosting.net> Sat, 28 Jan 2017 08:24:35 +0100 The debdiff is attached. unblock sane-frontends/1.0.14-12 - -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-1-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAliOWy4ACgkQCfifPIyh 0l3VMRAAqNElWz78qSfdOTmrKId+AfDXhzW56LLeehKdf4vO/Q5W9ITm65Icu2wE 3jJ4gb5WXnwxyP0aRs/wmlff56n0P4xOdzoatj3Zl9K0vqV6CwNg7JNPC8LVr4+6 m1aDPY6loutE5HbdB7h5UiaBy5qDHhXk+xQGl3ffjD0NrUe2gGXvXt2luboOoBxU 3ZRGkv6gewKa63hFcH7lGjOSm6L9UEGedhw7m0i3TBFCZqxVOfYvU8EbBIXIZyD8 4pu972pAy3ZlE50Id6Lq1Wv0OkXoRC7kRHirETi7NyCylfZuubvWtQdhWEB0YybH T3cUlCWia2Cr6KzH5RX+i0wDXw2PveEst4ZhWwCCT9vjs8A+3KezBWBtPrDieqCg Y2fhu38M9J64E/41mAPPib9OHvkodV1ff0UqW8eriT8lF+QebIyFHGRc4E9G2gfU quoXB88onx1atdBG29Py/Lkz/kEdx7lJsbjB2grkjV2lEiWise30bLg+K7enBtme mfMxjVZmLyMSvEcn46U/YjthGY27ftjWAl676GF8wkrW76iH4X4PArZ8tMuB8q4i cHRDPuY5qWWOdCn5QYiLpw+VOFFHezTeSVucA7keh0RRhzZjk3KIVVecc2is7FMD SyZI6oIFaVp3d9yjRdwGV0bppvVIK52QOG8Ep3nyWNr23Hirelk= =QJJP -END PGP SIGNATURE- diff -Nru sane-frontends-1.0.14/debian/changelog sane-frontends-1.0.14/debian/changelog --- sane-frontends-1.0.14/debian/changelog 2015-05-09 21:58:27.0 +0200 +++ sane-frontends-1.0.14/debian/changelog 2017-01-28 08:24:35.0 +0100 @@ -1,3 +1,20 @@ +sane-frontends (1.0.14-12) unstable; urgency=medium + + * New debian/patches/0001-fix_missing_sane-config.patch: +- Add autoconf statements which were previously part of + sane-config to detect the presence of sane-backends. + * debian/compat: +- Change compat level to 10. + * debian/control: +- Bump required version of debhelper to >= 10. +- Bump Standards-Version to 3.9.8 (no changes required). +- Change Vcs-Browser to secure URI. + * debian/copyright: +- Add year 2017 for debian/*. + * Refresh debian/patches/25_manpages-typo.patch. + + -- Jörg Frings-Fürst <deb...@jff-webhosting.net> Sat, 28 Jan 2017 08:24:35 +0100 + sane-frontends (1.0.14-11) unstable; urgency=medium * New debian/patch/30_gimp_init.patch: diff -Nru sane-frontends-1.0.14/debian/compat sane-frontends-1.0.14/debian/compat --- sane-frontends-1.0.14/debian/compat 2014-12-02 20:33:12.0 +0100 +++ sane-frontends-1.0.14/debian/compat 2017-01-28 08:08:20.0 +0100 @@ -1 +1 @@ -9 +10 diff -Nru sane-frontends-1.0.14/debian/control sane-frontends-1.0.14/debian/control --- sane-frontends-1.0.14/debian/control2014-12-04 13:33:55.0 +0100 +++ sane-frontends-1.0.14/debian/control2017-01-28 08:10:56.0 +0100 @@ -2,16 +2,16 @@ Section: graphics Priority: optional Maintainer: Jörg Frings-Fürst <deb...@jff-webhosting.net> -Standards-Version: 3.9.6 +Standards-Version: 3.9.8 Build-Depends: autotools-dev, - debhelper (>= 9), + debhelper (>= 10), libgimp2.0-dev (>= 2.0.0), libgtk2.0-dev, libsane-dev (>= 1.0.11-3), Homepage: http://www.sane-project.org Vcs-Git: git://anonscm.debian.org/collab-maint/sane-frontends.git -Vcs-Browser: http://anonscm.debian.org/cgit/collab-maint/sane-frontends.git +Vcs-Browser: https://anonscm.debian.org/cgit/collab-maint/sane-frontends.git Package: sane Architecture: any diff -Nru sane-frontends-1.0.14/debian/copyright sane-frontends-1.0.14/debian/copyright --- sane-frontends-1.0.14/debian/copyright 2015-05-09 21:32:19.0 +0200 +++ sane-frontends-1.0.14/debian/copyright 2017-01-28 08:13:27.0 +0100 @@ -15,7 +15,7 @@ Files: debian/* Copyright: 1997-2002 Kevin Dalley <kev...@rahul.net> 2002-2009 Julien BLACHE <jbla...@debian.org> - 2014-2015 Jörg Frings-Fürst <deb...@jff-webhosting.net> + 2014-2017 Jörg Frings-Fürst <deb...@jff-webhosting.net> License: GPL-2+ with sane exception Files: include/*.h diff -Nru sane-frontends-1.
Bug#853116: unblock: xsane/0.999-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Please unblock package xsane It solved a FTBFS RC bug. xsane (0.999-5) unstable; urgency=medium * New debian/patches/0010-fix_missing_sane-config.patch (Closes: #852840): - Add autoconf statements which were previously part of sane-config to detect the presence of sane-backends. Thanks to Andreas Metzler <ametz...@bebt.de>. * debian/copyright: - Add year 2017 for debian/*. -- Jörg Frings-Fürst <deb...@jff-webhosting.net> Sat, 28 Jan 2017 07:15:47 +0100 The debdiff is attached. unblock xsane/0.999-5 - -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-1-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAliOVycACgkQCfifPIyh 0l3I3RAAiLm3Dtum+tJuHefCRn7h9g4pfUL/Y9uqZEFpv27F+9Rcwt4/NMvH7YZI SvkMdM2YV6Q6Cvdr5xoIgcQMAg56KCjI48zy+4oUFfkDbqbfkRT4TiBSVXEykCcM HCscRn1Q/3IRCrPkNZzuFwOMg64iU0clkONHxX+6XWbr9RlzKuxmkBV3pnUsf3Tu MKuflRJkukUvbYC15tKDUbHaeVD2aNtaR2pt61hRV/J3XtkMLXrzAo9f3knJgdvF ZR8Lb9+G9KBQRktW6ppUPc3s1/EGEFSx49wNfj+iD8CMzlTX774lKX7MxAAdUu+f 0POptBzu1noI15dRwaiv3ZyUeQXvmhGxVJWZTuQ5murOLmVK8HN+GEv03ZDlzguf Mh1D1eKlI2Tf6TKYWdxLS/SLBcH/gy9MRbC/CHuliBp3e50iA9KICI5KBTYvDK/7 Bvu9vd2DH38TUOiMZQQo75C+hTb3emyw+L1ECYG1Pl00ef/kyUKyVLfBAngLbbDI BL8jtZvjTxJic3mmhQP/t2EnqjHmFECkF2b6T98XsStF+bYAIdfn0BBMRRcTPlct ETtbllb8r9n/HvJ4rQXswjx+tVfLn/696NaffWBrvlEdiAbZdr3kocKh5ABKmKlG AP6FRZG7wi1a6/RaZr3j4uNsLorZU+mv0/dsg+v/V3SRZ5SUFJg= =NmFN -END PGP SIGNATURE- diff -Nru xsane-0.999/debian/changelog xsane-0.999/debian/changelog --- xsane-0.999/debian/changelog2016-10-15 05:58:43.0 +0200 +++ xsane-0.999/debian/changelog2017-01-28 07:15:47.0 +0100 @@ -1,3 +1,14 @@ +xsane (0.999-5) unstable; urgency=medium + + * New debian/patches/0010-fix_missing_sane-config.patch (Closes: #852840): +- Add autoconf statements which were previously part of + sane-config to detect the presence of sane-backends. +Thanks to Andreas Metzler <ametz...@bebt.de>. + * debian/copyright: +- Add year 2017 for debian/*. + + -- Jörg Frings-Fürst <deb...@jff-webhosting.net> Sat, 28 Jan 2017 07:15:47 +0100 + xsane (0.999-4) unstable; urgency=medium * debian/control: diff -Nru xsane-0.999/debian/copyright xsane-0.999/debian/copyright --- xsane-0.999/debian/copyright2016-10-02 20:49:04.0 +0200 +++ xsane-0.999/debian/copyright2017-01-28 07:07:32.0 +0100 @@ -65,7 +65,7 @@ Files: debian/* Copyright: 1999-2002 Oliver Rauch <oliver.ra...@xsane.org> 2002-2011 Julien BLACHE <jbla...@debian.org> - 2014-2016 Jörg Frings-Fürst <deb...@jff-webhsoting.net> + 2014-2017 Jörg Frings-Fürst <deb...@jff-webhsoting.net> License: GPL-3+ Files: lib/alloca.c diff -Nru xsane-0.999/debian/patches/0010-fix_missing_sane-config.patch xsane-0.999/debian/patches/0010-fix_missing_sane-config.patch --- xsane-0.999/debian/patches/0010-fix_missing_sane-config.patch 1970-01-01 01:00:00.0 +0100 +++ xsane-0.999/debian/patches/0010-fix_missing_sane-config.patch 2017-01-28 06:54:32.0 +0100 @@ -0,0 +1,26 @@ +Description: Fix FTBFS against libsane-dev >= 1.0.25-3 + Fix missing sane-config +Author: Andreas Metzler <ametz...@bebt.de> +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852840 +Forwarded: https://github.com/nphilipp/xsane/issues/1 +Reviewed-by: Jörg Frings-Fürst <deb...@jff-webhosting.net> +Last-Update: 2017-01-28 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/configure.in +=== +--- trunk.orig/configure.in trunk/configure.in +@@ -165,8 +165,10 @@ fi + + AC_SUBST(INTLSUB) + +-AM_PATH_SANE(1.0.0, HAVE_SANE=yes, ) +- ++PKG_CHECK_MODULES([SANE], [sane-backends >= 1.0.0]) ++PKG_CHECK_VAR([SANE_PREFIX], [sane-backends >= 1.0.0], [prefix]) ++PKG_CHECK_VAR([SANE_LDFLAGS], [sane-backends >= 1.0.0], [ldflags], ++ [HAVE_SANE=yes]) + if test "${USE_GIMP}" = "yes"; then + if test "${TRY_GIMP_2}" = "yes"; then + AM_PATH_GIMP_2_0(1.3.23, HAVE_GIMP=yes, ) diff -Nru xsane-0.999/debian/patches/series xsane-0.999/debian/patches/series --- xsane-0.999/debian/patches/series 2016-10-03 20:52:20.0 +0200 +++ xsane-0.999/debian/patches/series 2017-01-28 06:21:08.0 +0100 @@ -21,3 +21,4 @@ 0165-xsane-0.999-lcms2.patch 0001-lcms2_configure.patch 0005-m4.patch +0010-fix_missing_sane-config.patch
Bug#837388: jessie-pu: package scons-doc/2.3.1-1
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, the version 2.3.1-1 contains non free svg files[1]. The attached debdiff replace them with free files from upstream. Many thanks! CU Jörg [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787356 - -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.6.0-1-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJX1SBOAAoJEAn4nzyModJdHwYP/jv3cY54s5BHSk3nk5Yrjxiv XcJVTzd2Xe15Sp8Mf56a9ggztVhJbMqEFIlkX8/0I+50yZDcjUaL7liZyjbq3lJB B4l4mt8eQL2a48u8xIPd3GCUqvLw0dJJTEEQgXgiZef+kF32rLciki/CrMXmAEIb 6eJsQkuWrwqEP+FWQXspKcM25VvieHKGBncZ9B315pk7aSaRZM21nhcBN5aYxWaH bn1iRXjDstYhqCJgriyNj9YcaBePALDtNW0BbPPFVjEr8AnyONGDupyf4C2Fi1Bw 8p6bDpLimDD3qVFsWeHTA5b+Gu7yvq0ajekiEZLUkTFTeKIw/LWA4+CH3IAWvA+o sTlDDapbMCoizP853jDfevlLFG6ajRnvo9PJ0zQRFn8DZwwr0SRiBU2udNOlxo7v 6XnSijYQ3lHdYz/B6fscjUSb018wZKJyn7d47srZ/6BjoYqBp6tZfpxbMkZ+TeB3 Y01ZSePI9WZYLk5iRuo+Pw7VaTh3qvV1NpWqiu9vSHem3mFA5y5/nFrkERVFsbmn tJDD0q6nb21CvWUtoK8B6TvvkhGxj07SoMd36LJ7J7+T/B26unPuQIgvkuDp7/Lc Hg6oPbaxJFa3DeWasj7Je3ZQmL1i7TAqk83oTW/d1M4oBGl1AdlndrJzeIs5OWpm xjwIj3m4ec7IitkMI3Al =ZaBr -END PGP SIGNATURE- diff -Nru scons-doc-2.3.1/debian/changelog scons-doc-2.3.1/debian/changelog --- scons-doc-2.3.1/debian/changelog 2014-04-27 12:05:51.0 +0200 +++ scons-doc-2.3.1/debian/changelog 2016-09-11 10:56:22.0 +0200 @@ -1,3 +1,10 @@ +scons-doc (2.3.1-1+deb8u1) stable; urgency=medium + + * New debian/patches/0100_replace_nonfree_svgs.patch (Closes: #787356); ++ Replace nonfree svg files with free from upstream. + + -- Jörg Frings-Fürst <deb...@jff-webhosting.net> Sun, 11 Sep 2016 10:56:22 +0200 + scons-doc (2.3.1-1) unstable; urgency=medium * New upstream release. diff -Nru scons-doc-2.3.1/debian/patches/0100_replace_nonfree_svgs.patch scons-doc-2.3.1/debian/patches/0100_replace_nonfree_svgs.patch --- scons-doc-2.3.1/debian/patches/0100_replace_nonfree_svgs.patch 1970-01-01 01:00:00.0 +0100 +++ scons-doc-2.3.1/debian/patches/0100_replace_nonfree_svgs.patch 2016-09-11 10:51:28.0 +0200 @@ -0,0 +1,196 @@ +Index: 2.3.1-1deb8u1/doc/design/titlepage/SConsBuildBricks_path.svg +=== +--- 2.3.1-1deb8u1.orig/doc/design/titlepage/SConsBuildBricks_path.svg 2.3.1-1deb8u1/doc/design/titlepage/SConsBuildBricks_path.svg +@@ -14,9 +14,9 @@ +height="80.330002" +id="svg2" +sodipodi:version="0.32" +- inkscape:version="0.48.1 r9760" ++ inkscape:version="0.48.4 r9939" +version="1.0" +- sodipodi:docname="SConsBuildBricks.svg" ++ sodipodi:docname="SConsBuildBricks_path.svg" +inkscape:export-filename="Constructs-using-SCons.png" +inkscape:export-xdpi="100" +inkscape:export-ydpi="100"> +@@ -77,24 +77,22 @@ + + + http://creativecommons.org/licenses/by-nc-sa/2.0/; /> ++ rdf:resource="http://creativecommons.org/licenses/by-sa/3.0/; /> + + http://creativecommons.org/licenses/by-nc-sa/2.5/;> ++ rdf:about="http://creativecommons.org/licenses/by-sa/3.0/;> + http://web.resource.org/cc/Reproduction; /> ++ rdf:resource="http://creativecommons.org/ns#Reproduction; /> + http://web.resource.org/cc/Distribution; /> ++ rdf:resource="http://creativecommons.org/ns#Distribution; /> + http://web.resource.org/cc/Notice; /> ++ rdf:resource="http://creativecommons.org/ns#Notice; /> + http://web.resource.org/cc/Attribution; /> +-http://web.resource.org/cc/CommercialUse; /> ++ rdf:resource="http://creativecommons.org/ns#Attribution; /> + http://web.resource.org/cc/DerivativeWorks; /> ++ rdf:resource="http://creativecommons.org/ns#DerivativeWorks; /> + http://web.resource.org/cc/ShareAlike; /> ++ rdf:resource="http://creativecommons.org/ns#ShareAlike; /> + + + +Index: 2.3.1-1deb8u1/doc/man/titlepage/SConsBuildBricks_path.svg +=== +--- 2.3.1-1deb8u1.orig/doc/man/titlepage/SConsBuildBricks_path.svg 2.3.1-1deb8u1/doc/man/titlepage/SConsBuildBricks_path.svg +@@ -14,9 +14,9 @@ +height="80.330002" +id="svg2" +sodipodi:version="0.32" +- inkscape:version="0.48.1 r9760" ++ inkscape:version="0.48.4 r9939&q
Bug#836593: transition: libonig
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Affected source packages: hhvm- FTBFS [1] jq - build ok libevhtp- build ok libsylph- build ok lua-rexlib - build ok with patch[2] php5- build ok slang2 - build ok sylpheed- build ok All packages with build ok needs only a binNMU. hhvm has a FTBFS by reason of cpp6. At lua-rexlib only one file at debian must patched. If you need more informations please ask me. CU Jörg [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812023 [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824909 Ben file: title = "libonig"; is_affected = .depends ~ "libonig2" | .depends ~ "libonig4"; is_good = .depends ~ "libonig4"; is_bad = .depends ~ "libonig2"; - -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.6.0-1-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJXzANKAAoJEAn4nzyModJd4xEP+gOe0Y7AMPTtod4HvEXTR6KS mTwkkZ3oB+jtoHTDllbHckYZkd8UQj+sGyA99MIGjFX1QM8jQ94NErG+PwZg8aZe 8R9ri/bv0wuukU+iQ2Ajnl0uxMxJeORJDPpb5X7qnJNLzC4qgTjeSH5vtWMARqlu 9xddD/WgIvDvEPzmH56z2lEHLevuIOFNk9lSThW2CZNUe+IDhCx8+3wWhns5CktN IGk8apA5PFTxxh4TEUjbBezB58TDbTtx/frJKOgIH1emEK12prIuPl3iLaNv+s0j 0L2JQpZLTwPZ2CJVBxai3S1qgLh8ixwyklUPazzGQ7PYp+iFz8cEnWCS8e38BBJ3 ohDZNqRv2tKhu1XbbS8IrTIL17cKT03n1PZ114kZihrA5YjV4SLgkT2BrdBxzygW I3il78ej+iNOgtTYW6iW0a0CGwNBbQSCWp3y0VXfSJYtCltWzp90yOIci+hqLxso YigozppO/rX1SmIQMsUbSJYxBVqhtHOzG1jJRHWoV6KEPoLIa/RlHPlwSRci0WTu XO7vUUVsUjCWFslICNOenfEKCCp2D5HzSezc5PZ8bNpCU0paZk5z5wVuFl1FkSlE vUw7fZMHQ4Mi6cQ3qNVEL0sll0feV4ZsBPkuE4/nw2uImbaPnHrdENLCYd0UoeDv l546XKGKDiJ7Izp1YpYe =rqH6 -END PGP SIGNATURE-
Bug#785047: vsftpd/3.0.2-17+deb8u1
Am Sonntag, den 21.02.2016, 09:50 +0100 schrieb John Paul Adrian Glaubitz: > On 02/20/2016 11:09 PM, Julien Cristau wrote: > > Doesn't look like that's happening. Closing. > > Sorry, I completely missed the pu updates Joerg prepared. That was > not > done intentionally, but it was rather somewhere lost in > communication. > > I'd be happy to take carre of vsftpd. > > @Joerg: Could you re-upload the package to mentors? > done.. [1] > Thanks, > Adrian > CU Jörg [1] http://mentors.debian.net/debian/pool/main/v/vsftpd/vsftpd_3.0.2-17+deb8u1.dsc -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54538 Bausendorf Threema: SYR8SJXB IRC: j_...@freenode.net j_...@oftc.net My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#809319: jessie-pu: package sane-backends/1.0.24-8
Hi Am Samstag, den 20.02.2016, 23:30 + schrieb Adam D. Barratt: > On Sun, 2016-02-21 at 00:01 +0100, Jörg Frings-Fürst wrote: > > Am Samstag, den 20.02.2016, 22:27 + schrieb Julien Cristau: > > > On Thu, Dec 31, 2015 at 11:42:49 +0100, Jörg Frings-Fürst wrote: > > > > > > > Hello, > > > > > > > > I have uploaded the version 1.0.24-8+deb8u1 of sane-backends to > > > > mentors[1]. > > > > > > > > Build with "sbuild -d jessie" and "DIST=jessie pdebuild" are > > > > ok. > > > > > > > > Test with piuparts are ok. Lintian has a lot of experimental, > > > > one pedantic, one warining and two info warnings. > > > > > > > > > > > > The debdiff was send in the first mail. > > > > > > > > Please can someone review and upload the package. > > > > > > > Is that upload still planned? > > > > The package is uploaded to mentors. Please ask my sponsor Adrian. > > Well, you requested that we accept the upload. So I'd say you should > ask > Adrian... > I have no upload rights. So I ask my sponsor to upload it. But he has a lot of work in his job. It's fine if someone can upload it. The package is on mentors[1]. > Regards, > > Adam > CU Jörg [1] http://mentors.debian.net/debian/pool/main/s/sane-backends/sane-backends_1.0.24-8+deb8u1.dsc -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54538 Bausendorf Threema: SYR8SJXB IRC: j_...@freenode.net j_...@oftc.net My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#809319: jessie-pu: package sane-backends/1.0.24-8
Am Samstag, den 20.02.2016, 22:27 + schrieb Julien Cristau: > On Thu, Dec 31, 2015 at 11:42:49 +0100, Jörg Frings-Fürst wrote: > > > Hello, > > > > I have uploaded the version 1.0.24-8+deb8u1 of sane-backends to > > mentors[1]. > > > > Build with "sbuild -d jessie" and "DIST=jessie pdebuild" are ok. > > > > Test with piuparts are ok. Lintian has a lot of experimental, > > one pedantic, one warining and two info warnings. > > > > > > The debdiff was send in the first mail. > > > > Please can someone review and upload the package. > > > Is that upload still planned? The package is uploaded to mentors. Please ask my sponsor Adrian. > > Cheers, > Julien CU Jörg -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54538 Bausendorf Threema: SYR8SJXB IRC: j_...@freenode.net j_...@oftc.net My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#809319: jessie-pu: package sane-backends/1.0.24-8
Hello, I have uploaded the version 1.0.24-8+deb8u1 of sane-backends to mentors[1]. Build with "sbuild -d jessie" and "DIST=jessie pdebuild" are ok. Test with piuparts are ok. Lintian has a lot of experimental, one pedantic, one warining and two info warnings. The debdiff was send in the first mail. Please can someone review and upload the package. Many thanks. CU Jörg [1] http://mentors.debian.net/debian/pool/main/s/sane-backends/sane-backends_1.0.24-8+deb8u1.dsc -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54526 Niederkail Threema: SYR8SJXB IRC: j_...@freenode.net j_...@oftc.net My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#807855: Debian bug: #807855
Hi, no response to my last mail. So I think the changes are too big. So I close this bug. CU Jörg -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54526 Niederkail Threema: SYR8SJXB IRC: j_...@freenode.net j_...@oftc.net My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#809319: jessie-pu: package sane-backends/1.0.24-8
Hi Adam, I have set the versions at unstable/testing and experimental as fixed. I hope thats ok. CU Jörg Am Dienstag, den 29.12.2015, 17:15 + schrieb Adam D. Barratt: > Control: tags -1 + moreinfo > > On 2015-12-29 10:15, Jörg Frings-Fürst wrote: > > To start saned with systemd (Debian bug #791961) I have make > > the following changes: > > > > Cherry-picked systemd handling from unstable (Closes: #791961): > > The metadata for #791961 indicates that it currently affects > unstable > (and experimental). If that's simply a case of missing "fixed" > versions, > please add those and let us know; otherwise, please resolve the > issues > in unstable first. > > Regards, > > Adam > -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54526 Niederkail Threema: SYR8SJXB IRC: j_...@freenode.net j_...@oftc.net My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#809319: jessie-pu: package sane-backends/1.0.24-8
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 To start saned with systemd (Debian bug #791961) I have make the following changes: Cherry-picked systemd handling from unstable (Closes: #791961): - Rewrite debian/saned@.service to prevent errors by network scaning. - New debian/sane-utils.links: + Add a link from /dev/null to /lib/systemd/system/saned.service to prevent start via fallback script /etc/init.d/saned. - Add 2015 to debian/copyright. A debdiff is attached. CU Jörg -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJWgl06AAoJEAn4nzyModJdJQIP/Rf3I8dd2ZFLqz1I1ybC5+d4 hzNuV6Mg7FjuGWQa4gnvsmtl9RrEMfH7li/tEvWPZTIjGgmSbUIJrNm4QJYcFN3f Mjhaf9X6hhZu+cVIhc5/YxIpIj3zQLe5hvi+4LnFS6M30aH5xv52hOPFgeQ3in4Z Uhqx4X8edxORM7IY8jkYtRLmFDrWiNiHhsin8kdaOaE3DFFbNRE/XreSGmoeXIwi ItOd9GbPPpY9bFPH50VQjq6ba4yIt/LJTpFXpnk6NB2ZrYMZ2ixMUN/nz3XXRuA3 pMOqFbEI9T8J9jphlYgFcKGP9PmVdKWVHFVWtf/ph/dA5jcVcgH0UU0mDcOc+arj APzgexHGNiV6teGHPHeO7I+dVCHjaLl6T8yPNE92GdlWjyzXmHgTvYw5Ecp86Bz/ cGnSmOfNRpS9Yc2tMyCGSWh80+K7CBx4Cha1eR7KEsV1UHy+qSmrqymlTiagFUhH ZeZUpAxZYmROA0pFfYxRsnCixG+apfW+d7zqA8EO6CnCGcXNdueq66zGjhVNLCUM 53O14xid76GCH4qgENSTUkjAD2y7cabjZG8n3NBaozIExkHS89Igdvzw146Jtfgq FkN/zFFT3nirIc0h3cDubX6Z9sUvaMBkRsI9CTIn4DZN6Q6E7G2EVm2Oz5711/LE Rb65Nm1Bv+E7+WBW0JUN =Hx1B -END PGP SIGNATURE- diff -Nru sane-backends-1.0.24/debian/changelog sane-backends-1.0.24/debian/changelog --- sane-backends-1.0.24/debian/changelog 2014-12-28 10:13:01.0 +0100 +++ sane-backends-1.0.24/debian/changelog 2015-12-29 10:44:03.0 +0100 @@ -1,3 +1,14 @@ +sane-backends (1.0.24-8+deb8u1) stable; urgency=medium + + * Cherry-picked systemd handling from unstable (Closes: #791961): +- Rewrite debian/saned@.service to prevent errors by network scaning. +- New debian/sane-utils.links: + + Add a link from /dev/null to /lib/systemd/system/saned.service +to prevent start via fallback script /etc/init.d/saned. +- Add 2015 to debian/copyright. + + -- Jörg Frings-Fürst <deb...@jff-webhosting.net> Tue, 29 Dec 2015 10:43:57 +0100 + sane-backends (1.0.24-8) unstable; urgency=medium * New debian/patches/0100-usb3-corrections.patch: diff -Nru sane-backends-1.0.24/debian/copyright sane-backends-1.0.24/debian/copyright --- sane-backends-1.0.24/debian/copyright 2014-10-13 19:37:49.0 +0200 +++ sane-backends-1.0.24/debian/copyright 2015-09-02 14:09:14.0 +0200 @@ -13,7 +13,7 @@ 2002-2011 Julien BLACHE <jbla...@debian.org> 2002-2006 Aurélien Jarno <aure...@debian.org> 2013 Mark Buda <her...@acm.org> - 2014 Jörg Frings-Fürst <deb...@jff-webhosting.net> + 2014-2015 Jörg Frings-Fürst <deb...@jff-webhosting.net> License: GPL-2+ with sane exception Files: backend/abaton.* diff -Nru sane-backends-1.0.24/debian/saned@.service sane-backends-1.0.24/debian/saned@.service --- sane-backends-1.0.24/debian/saned@.service 2014-12-26 12:51:32.0 +0100 +++ sane-backends-1.0.24/debian/saned@.service 2015-04-25 15:32:52.0 +0200 @@ -6,7 +6,7 @@ ExecStart=/usr/sbin/saned User=saned Group=saned -StandardInput=socket +StandardInput=null StandardOutput=syslog StandardError=syslog Environment=SANE_CONFIG_DIR=/etc/sane.d @@ -14,4 +14,3 @@ [Install] Also=saned.socket -Alias=saned diff -Nru sane-backends-1.0.24/debian/sane-utils.links sane-backends-1.0.24/debian/sane-utils.links --- sane-backends-1.0.24/debian/sane-utils.links 1970-01-01 01:00:00.0 +0100 +++ sane-backends-1.0.24/debian/sane-utils.links 2015-05-25 18:35:12.0 +0200 @@ -0,0 +1 @@ +/dev/null /lib/systemd/system/saned.service
Bug#807855: jessie-pu: package shotwell/0.20.1-1
Hello Adam, Am Sonntag, den 13.12.2015, 20:12 + schrieb Adam D. Barratt: > Control: tags -1 + moreinfo > > On Sun, 2015-12-13 at 20:59 +0100, Jörg Frings-Fürst wrote: > > Correct CVE TEMP-0807110-881366 > > + * CVE TEMP-0807110-881366 (Closes: #807110): > > Don't do that. For one thing, "CVE TEMP-*" makes no sense - it's > *not* a > CVE identifier. > > TEMP-* identifiers are not meaningful outside of (or even guaranteed > stable within) the Security Tracker and will cease to exist once a > CVE > has been assigned. The Security Team have explicitly asked for them > not > to be used in changelogs - see > https://lists.debian.org/20150514030904.GA30219@eldamar.local for > example. > Sorry, I don't known that :-( > + + 0500-Port-to-webkit2gtk-40.patch > [...] > +- Port to webkit2gtk-4.0: > + + debian/control Replace Build-Depeds libwebkitgtk-3.0-dev > +with libwebkit2gtk-4.0-dev. > > That's not really the sort of thing we'd expect to see in a stable > update, particularly when it results in: > > 7 files changed, 1152 insertions(+), 1 deletion(-) > > Is there really no way of fixing this using the existing webkit > version? > This has been discussed upstream controversial, but discarded. If the changes are too large, fell free to close this bug. > Regards, > > Adam > CU Jörg -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54526 Niederkail Threema: SYR8SJXB IRC: j_...@freenode.net j_...@oftc.net My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#807855: jessie-pu: package shotwell/0.20.1-1
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Correct CVE TEMP-0807110-881366 The debdiff between shotwell 0.20.1-1 and shotwell 0.20.1-1+deb8u1 is attached. - -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (500, 'testing-updates'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.2.0-1-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJWbc4sAAoJEAn4nzyModJdBGYQAJtA9Ofsc5CmLrJIleOt7mES 5l3MwUHmgfD3kusyI6pZNKEvUMa0aZmYhC3GgS1gGw5/S/t1dL9Qql7ixAeCq0HD gleJ98fiiAmcipbaKX50IJQvax2cTUfC/5309JFU11a78y0eJdDlYiCwbGv9ES6D tKRZJitsN2yov+Rh38feVGZtT3hneKyxD2xsHii6iWy9zglO73zPgr8baE5hXu4a WzkpEwVRWWfpjavYMurTLKBmFT0WddVqWk88T+wXVDetE+x5FBAQNCNVVFOCT6Ru sEkp74bgVetRPgJcxulWCDGEH8hIBKfr3kB43SmSoOZ6UI8zpeamutb//XdZGwKc G57G5hIxvvaz6Uh6w3xA0OmkKORgUhhntTp35HAUfU2MdvzdLpECVmunVASLrp5R 2QphutEHv10WGaidjDL+8Ggp8Izq4ZTv7MwPswAb85lcjs7grv1pCKdHRQByqTg7 L+uH1qVvjdt5JTH6obvXvW4EkB5iYucvaeC95uo7NVQuFvBBX+KYg7jfNm+2Q0dl twlP+8kVZALAOHOqRloq639tlq7ct0QR1QXxUHRcfQyXHcqYqGfyOzVP3kxG/4VB 53hwkgNFtx1csshXonVGbGSPAbcDYmOuxMC2sRmLp2b4oyOdSdQVdHPF1zay2gHm D88/Jy65CmNSaYCpK/P+ =V/aZ -END PGP SIGNATURE- diff -Nru shotwell-0.20.1/debian/changelog shotwell-0.20.1/debian/changelog --- shotwell-0.20.1/debian/changelog 2015-12-13 20:13:03.0 +0100 +++ shotwell-0.20.1/debian/changelog 2015-12-13 20:42:56.0 +0100 @@ -1,3 +1,17 @@ +shotwell (0.20.1-1+deb8u1) stable; urgency=medium + + * CVE TEMP-0807110-881366 (Closes: #807110): +- Add patches from upstream to debian/patches: + + 0500-Port-to-webkit2gtk-40.patch + + 0501-Dont-pack-webview-into-a-scrolled-window.patch + + 0502-Have-all-soup-sessions-validate-TLS-certificates.patch + + 0503-facebook-Dont-disable-XSS-auditor.patch +- Port to webkit2gtk-4.0: + + debian/control Replace Build-Depeds libwebkitgtk-3.0-dev +with libwebkit2gtk-4.0-dev. + + -- Jörg Frings-Fürst <deb...@jff-webhosting.net> Sun, 13 Dec 2015 20:14:54 +0100 + shotwell (0.20.1-1) unstable; urgency=medium * New upstream release. diff -Nru shotwell-0.20.1/debian/control shotwell-0.20.1/debian/control --- shotwell-0.20.1/debian/control 2015-12-13 20:13:03.0 +0100 +++ shotwell-0.20.1/debian/control 2015-12-13 20:19:43.0 +0100 @@ -20,7 +20,7 @@ librest-dev (>= 0.7), libsoup2.4-dev (>= 2.26.0), libsqlite3-dev (>= 3.5.9), - libwebkitgtk-3.0-dev (>= 1.4.0), + libwebkit2gtk-4.0-dev, libxml2 (>= 2.6.32), m4, valac (>= 0.22.0) diff -Nru shotwell-0.20.1/debian/patches/0500-Port-to-webkit2gtk-40.patch shotwell-0.20.1/debian/patches/0500-Port-to-webkit2gtk-40.patch --- shotwell-0.20.1/debian/patches/0500-Port-to-webkit2gtk-40.patch 1970-01-01 01:00:00.0 +0100 +++ shotwell-0.20.1/debian/patches/0500-Port-to-webkit2gtk-40.patch 2015-12-13 20:43:25.0 +0100 @@ -0,0 +1,1025 @@ +From afc5e103d2dd414f0d028565097d86c7e85fadbc Mon Sep 17 00:00:00 2001 +From: Iain Lane <i...@orangesquash.org.uk> +Date: Tue, 30 Jun 2015 10:43:15 +0100 +Subject: [PATCH] Port to webkit2gtk-4.0 + +https://bugzilla.gnome.org/show_bug.cgi?id=751709 +--- + Makefile | 8 +- + debian/control | 2 +- + plugins/common/RESTSupport.vala| 24 +- + plugins/shotwell-publishing-extras/Makefile| 2 +- + .../YandexPublishing.vala | 67 ++- + .../shotwell-publishing/FacebookPublishing.vala| 36 +- + plugins/shotwell-publishing/Makefile | 2 +- + vapi/webkitgtk-3.0.deps| 8 - + vapi/webkitgtk-3.0.vapi| 653 - + 9 files changed, 97 insertions(+), 705 deletions(-) + delete mode 100644 vapi/webkitgtk-3.0.deps + delete mode 100644 vapi/webkitgtk-3.0.vapi + +Index: jessie/Makefile +=== +--- jessie.orig/Makefile jessie/Makefile +@@ -14,7 +14,7 @@ VALAC := $(shell which $(VALAC)) + endif + + VALAC_VERSION := `$(VALAC) --version | awk '{print $$2}'` +-MIN_VALAC_VERSION := 0.20.1 ++MIN_VALAC_VERSION := 0.26.0 + INSTALL_PROGRAM := install + INSTALL_DATA := install -m 644 + +@@ -119,12 +119,10 @@ VAPI_FILES = \ + LConv.vapi \ + libexif.vapi \ + libraw.vapi \ +- webkitgtk-3.0.vapi \ + unique-3.0.vapi \ + unity.vapi + + DEPS_FILES = \ +- webkitgtk-3.0.deps \ + unique-3.0.deps \ + unity.deps + +@@ -269,7 +267,7 @@ EXT_PKGS = \ + libsoup-2.4 \ + libxml-2.0 \ + sqlite3 \ +- webkitgtk-3.0 ++ webkit2gtk-4.0 + ifdef UNITY_SUPPORT + EXT_PKGS += unity + endif +@@ -301,7 +299,7 @@ EXT_PKG_VERSIONS = \ + libxml-2.0
Bug#797769: jessie-pu: package sane-backends/1.0.24-8
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Bugfix error at start under systemd. The changes are cherry-picked from unstable The debdiff is attached. Thanks! CU Jörg - -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (500, 'testing-updates'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.1.0-1-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJV5ujSAAoJEAn4nzyModJdb7YQAIblXLQS1NCOrinLg4szC1/M 5cDjvKQOoWyecqyaArJlOET8LgB+HHUYDz0Bq6+JlWWFsiNzuKb56+it+1ntmr/S ExtCSS7cMwJPtlnwFBmtYdYHBPcTOvc6vGa8rqIwYf0L5lxBUj8iui2K/8HjNJ/Q iAecyC8Dtr/Rs4GBLpjmajSulqWmhlMli3MDzxUakiBTC9R/pLBP4v+b1n5m/AMU +SMinhtTlf7rhTUdmZ6rNx3peKXDCSXWP6xtceKhb4Fjd3u2VuYOu5RQ4YoBO4gz QnqensuTXgICY0wu5A5JuSz8E3O/0Cc8LXFT+i7VmSW0ZycWNti9UlAdPGG+jvUc Jwts4N5+qrT0SrCqDABbg9XU0rVMMju7EgfNBJctOfsWRr/X7ry5+uiz3jWHRysy jNIJPDgslNkWc9UW2VD2tshjPJaX8OaMVSxetvfnv3V07HJesDDWC2MvA8IDpNub YNhiNvpWkzJ/JosHw1rOnDlerXHSqmeq2J4zCWzD3z2OZIhb1o3q73i58Qde6enR ehZUAbSvtREVFjyTH4EexoXP6jxQRF4iFooVmVbJFp/WR9TdVXs4wCZ8SXtq7WTN WXerTLWRF5ibDrRQWT7V/EYzWP4gA+MFVgH/tJdEFIsnVVz4jgOG9kbd70nFSgi3 iy4P8WbIRlurINk56KD/ =jRbu -END PGP SIGNATURE- diff -Nru sane-backends-1.0.24/debian/changelog sane-backends-1.0.24/debian/changelog --- sane-backends-1.0.24/debian/changelog 2014-12-28 10:13:01.0 +0100 +++ sane-backends-1.0.24/debian/changelog 2015-09-02 14:10:07.0 +0200 @@ -1,3 +1,14 @@ +sane-backends (1.0.24-8+deb8u1) stable; urgency=medium + + * Cherry-picked systemd handling from unstable (Closes: #791961): +- Rewrite debian/saned@.service to prevent errors by network scaning. +- New debian/sane-utils.links: + + Add a link from /dev/null to /lib/systemd/system/saned.service +to prevent start via fallback script /etc/init.d/saned. +- Add 2015 to debian/copyright. + + -- Jörg Frings-Fürst <deb...@jff-webhosting.net> Wed, 02 Sep 2015 14:10:00 +0200 + sane-backends (1.0.24-8) unstable; urgency=medium * New debian/patches/0100-usb3-corrections.patch: diff -Nru sane-backends-1.0.24/debian/copyright sane-backends-1.0.24/debian/copyright --- sane-backends-1.0.24/debian/copyright 2014-10-13 19:37:49.0 +0200 +++ sane-backends-1.0.24/debian/copyright 2015-09-02 14:09:14.0 +0200 @@ -13,7 +13,7 @@ 2002-2011 Julien BLACHE <jbla...@debian.org> 2002-2006 Aurélien Jarno <aure...@debian.org> 2013 Mark Buda <her...@acm.org> - 2014 Jörg Frings-Fürst <deb...@jff-webhosting.net> + 2014-2015 Jörg Frings-Fürst <deb...@jff-webhosting.net> License: GPL-2+ with sane exception Files: backend/abaton.* diff -Nru sane-backends-1.0.24/debian/saned@.service sane-backends-1.0.24/debian/saned@.service --- sane-backends-1.0.24/debian/saned@.service 2014-12-26 12:51:32.0 +0100 +++ sane-backends-1.0.24/debian/saned@.service 2015-04-25 15:32:52.0 +0200 @@ -6,7 +6,7 @@ ExecStart=/usr/sbin/saned User=saned Group=saned -StandardInput=socket +StandardInput=null StandardOutput=syslog StandardError=syslog Environment=SANE_CONFIG_DIR=/etc/sane.d @@ -14,4 +14,3 @@ [Install] Also=saned.socket -Alias=saned diff -Nru sane-backends-1.0.24/debian/sane-utils.links sane-backends-1.0.24/debian/sane-utils.links --- sane-backends-1.0.24/debian/sane-utils.links 1970-01-01 01:00:00.0 +0100 +++ sane-backends-1.0.24/debian/sane-utils.links 2015-05-25 18:35:12.0 +0200 @@ -0,0 +1 @@ +/dev/null /lib/systemd/system/saned.service
Bug#785047: vsftpd/3.0.2-17+deb8u1
Hello Adrian, I have the vsftpd update package[1] for Jessie ready. My Changes: * Add patch debian/patches/0050-CVE-2015-1419.patch from 3.0.2-18: - Fix config option deny_file not always being handled correctly CVE-2015-1419 (Closes: #776922). * Add patch debian/patches/0055-set_default_listen.patch from 3.0.2-19: - Set the default value of tunable_listen to the same value of listen from the man page vsftpd.conf (Closes: #783077). * Add year 2015 to debian/copyright. Lintian has some warnings, piuparts are ok. I have the package uploaded to mentor[2]. Can you review and upload the package? Danke. CU Jörg [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785047 [2] http://mentors.debian.net/debian/pool/main/v/vsftpd/vsftpd_3.0.2-17+deb8u1.dsc -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54526 Niederkail Threema: SYR8SJXB IRC: j_...@freenode.net j_...@oftc.net My wish list: - Please send me a picture from the nature at your home. signature.asc Description: This is a digitally signed message part
Bug#785047: jessie-pu: package vsftpd/3.0.2-17
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, I have 2 patches for vsftpd 3.0.2-17+deb8u1: - - patch for CVE-2015-1419 - - patch for Debian bug #783077 A debdiff is attached. Thanks. CU Jörg - -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (500, 'testing-updates'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJVUPqxAAoJEAn4nzyModJdEp0QAJHTjE0lDWYKYSHm+mq9Q4Pe cvgfTDb1kVIEsG35cu4LKMhogNMsM0a3pHVOGtVvR3ioKjjCZO7BQca6lp42IMZO hIilFgtdmgyf/pnqXRmEz3zrLEq8YL5bmd2FpA5yAkVKHRhAAK9qYrECW5cXd5gY OpEOH5quZAAuVB+yDDfbbi/tzx45Lalr0OxyHurRFrshYT3YSyKzK0f/sSCRIEwY Ao7m71Y3/bYao035yjC29GU/ctS4Pdn3+TA1oGIqpx9umAzEMbs+0TPHlwKsZ423 n4RWcNHToMqMIkb+tvN+9QYMjtWzDGkxdu+CfRw6Bk51WGGHk4sxasrcupQoFoy5 cJirrSrJlgz7bJ1hPRe5Y+szaO8Jjacxl/raunCx4TgbR/pEtO3vc5OFMnAsp+Uv yt3VAN/EFLLng0A4CX2fu92NPL4We7a9U1jZ0cEYUvT1JlYrjF/PLFyDOe9FJFt3 0SACRc08Cd72F1D4ELHW/jpiVvAczHMfghPqFEA0zX+XbM2Gn2ekq0o4VRtzYoxr ocb3Dmy4kDzVmvGjK/ypbJTnPsuxAmxElY3wwozN6+W/zLU8Fzpxr90Rh4k/z4RQ 3hmOK+BWfkJFTMugOWzOYBL54E3/usU/gUc90R6XCQORNI4CsAXZghVfTqwYYALH /zsOUCgh7QAgoIWOXHlu =QBV+ -END PGP SIGNATURE- diff -Nru vsftpd-3.0.2/debian/changelog vsftpd-3.0.2/debian/changelog --- vsftpd-3.0.2/debian/changelog 2014-10-07 15:56:49.0 +0200 +++ vsftpd-3.0.2/debian/changelog 2015-05-11 20:51:26.0 +0200 @@ -1,3 +1,19 @@ +vsftpd (3.0.2-17+deb8u1) stable; urgency=medium + + * Add patch debian/patches/0050-CVE-2015-1419.patch from 3.0.2-18: +- Fix config option deny_file not always being handled correctly + CVE-2015-1419 (Closes: #776922). + * Add patch debian/patches/0055-set_default_listen.patch from 3.0.2-19: +- Set the default value of tunable_listen to the same value of listen from + the man page vsftpd.conf (Closes: #783077). + * Add year 2015 to debian/copyright. + * debian/vsftpd.postrm: +- Remove systemd files and directories when purging. +- Replace fixed path with a POSIX-compliant shell function to check + the existence of a command. + + -- Jörg Frings-Fürst deb...@jff-webhosting.net Mon, 11 May 2015 15:35:19 +0200 + vsftpd (3.0.2-17) unstable; urgency=medium * Add debian/patches/0035-address_space_limit.patch to increase the diff -Nru vsftpd-3.0.2/debian/copyright vsftpd-3.0.2/debian/copyright --- vsftpd-3.0.2/debian/copyright 2014-08-20 21:56:58.0 +0200 +++ vsftpd-3.0.2/debian/copyright 2015-05-11 15:47:38.0 +0200 @@ -10,7 +10,7 @@ Files: debian/* Copyright: 2009-2014 Daniel Baumann m...@daniel-baumann.ch - 2014 Jörg Frings-Fürst deb...@jff-webhosting.net + 2014-2015 Jörg Frings-Fürst deb...@jff-webhosting.net License: GPL-2 with SSL exception License: GPL-2 with SSL exception diff -Nru vsftpd-3.0.2/debian/patches/0050-CVE-2015-1419.patch vsftpd-3.0.2/debian/patches/0050-CVE-2015-1419.patch --- vsftpd-3.0.2/debian/patches/0050-CVE-2015-1419.patch 1970-01-01 01:00:00.0 +0100 +++ vsftpd-3.0.2/debian/patches/0050-CVE-2015-1419.patch 2015-02-24 16:41:52.0 +0100 @@ -0,0 +1,104 @@ +Description: CVE-2015-1419: config option deny_file is not handled correctly +Author: Marcus Meissner meiss...@suse.com +Origin: https://bugzilla.novell.com/show_bug.cgi?id=CVE-2015-1419 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776922 +Last-Update: 2015-02-24 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/ls.c +=== +--- trunk.orig/ls.c trunk/ls.c +@@ -7,6 +7,7 @@ + * Would you believe, code to handle directory listing. + */ + ++#include stdlib.h + #include ls.h + #include access.h + #include defs.h +@@ -243,11 +244,42 @@ vsf_filename_passes_filter(const struct + struct mystr temp_str = INIT_MYSTR; + struct mystr brace_list_str = INIT_MYSTR; + struct mystr new_filter_str = INIT_MYSTR; ++ struct mystr normalize_filename_str = INIT_MYSTR; ++ const char *normname; ++ const char *path; + int ret = 0; + char last_token = 0; + int must_match_at_current_pos = 1; ++ + str_copy(filter_remain_str, p_filter_str); +- str_copy(name_remain_str, p_filename_str); ++ ++ /* normalize filepath */ ++ path = str_strdup(p_filename_str); ++ normname = realpath(path, NULL); ++ if (normname == NULL) ++ goto out; ++ str_alloc_text(normalize_filename_str, normname); ++ ++ if (!str_isempty (filter_remain_str) !str_isempty(normalize_filename_str)) { ++if (str_get_char_at(p_filter_str, 0) == '/') { ++ if (str_get_char_at(normalize_filename_str, 0) != '/') { ++str_getcwd (name_remain_str); ++ ++if (str_getlen(name_remain_str) 1
Bug#785047: jessie-pu: package vsftpd/3.0.2-17
Hi Adam, first thanks for your comments. Am Montag, den 11.05.2015, 20:27 +0100 schrieb Adam D. Barratt: Control: tags -1 + moreinfo On Mon, 2015-05-11 at 20:53 +0200, Jörg Frings-Fürst wrote: I have 2 patches for vsftpd 3.0.2-17+deb8u1: - patch for CVE-2015-1419 - patch for Debian bug #783077 Well, you also included some packaging changes, which I'm not currently happy with. +- Remove systemd files and directories when purging. Why? What is this achieving that isn't already handled by deb-systemd-helper and dpkg? Yes. I have some piuparts messages about that. I check it again tomorrow. The changes at the .postrm file are reverted and a new debdiff is attached. In any case, https://piuparts.debian.org/jessie/pass/vsftpd_3.0.2-17.log indicates that -17 already purges cleanly with no left-over files. Regards Adam CU Jörg -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key: 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54526 Niederkail Threema: SYR8SJXB IRC: j_...@freenode.net j_...@oftc.net My wish list: - Please send me a picture from the nature at your home. diff -Nru vsftpd-3.0.2/debian/changelog vsftpd-3.0.2/debian/changelog --- vsftpd-3.0.2/debian/changelog 2014-10-07 15:56:49.0 +0200 +++ vsftpd-3.0.2/debian/changelog 2015-05-11 21:34:05.0 +0200 @@ -1,3 +1,15 @@ +vsftpd (3.0.2-17+deb8u1) stable; urgency=medium + + * Add patch debian/patches/0050-CVE-2015-1419.patch from 3.0.2-18: +- Fix config option deny_file not always being handled correctly + CVE-2015-1419 (Closes: #776922). + * Add patch debian/patches/0055-set_default_listen.patch from 3.0.2-19: +- Set the default value of tunable_listen to the same value of listen from + the man page vsftpd.conf (Closes: #783077). + * Add year 2015 to debian/copyright. + + -- Jörg Frings-Fürst deb...@jff-webhosting.net Mon, 11 May 2015 15:35:19 +0200 + vsftpd (3.0.2-17) unstable; urgency=medium * Add debian/patches/0035-address_space_limit.patch to increase the diff -Nru vsftpd-3.0.2/debian/copyright vsftpd-3.0.2/debian/copyright --- vsftpd-3.0.2/debian/copyright 2014-08-20 21:56:58.0 +0200 +++ vsftpd-3.0.2/debian/copyright 2015-05-11 15:47:38.0 +0200 @@ -10,7 +10,7 @@ Files: debian/* Copyright: 2009-2014 Daniel Baumann m...@daniel-baumann.ch - 2014 Jörg Frings-Fürst deb...@jff-webhosting.net + 2014-2015 Jörg Frings-Fürst deb...@jff-webhosting.net License: GPL-2 with SSL exception License: GPL-2 with SSL exception diff -Nru vsftpd-3.0.2/debian/patches/0050-CVE-2015-1419.patch vsftpd-3.0.2/debian/patches/0050-CVE-2015-1419.patch --- vsftpd-3.0.2/debian/patches/0050-CVE-2015-1419.patch 1970-01-01 01:00:00.0 +0100 +++ vsftpd-3.0.2/debian/patches/0050-CVE-2015-1419.patch 2015-02-24 16:41:52.0 +0100 @@ -0,0 +1,104 @@ +Description: CVE-2015-1419: config option deny_file is not handled correctly +Author: Marcus Meissner meiss...@suse.com +Origin: https://bugzilla.novell.com/show_bug.cgi?id=CVE-2015-1419 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776922 +Last-Update: 2015-02-24 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/ls.c +=== +--- trunk.orig/ls.c trunk/ls.c +@@ -7,6 +7,7 @@ + * Would you believe, code to handle directory listing. + */ + ++#include stdlib.h + #include ls.h + #include access.h + #include defs.h +@@ -243,11 +244,42 @@ vsf_filename_passes_filter(const struct + struct mystr temp_str = INIT_MYSTR; + struct mystr brace_list_str = INIT_MYSTR; + struct mystr new_filter_str = INIT_MYSTR; ++ struct mystr normalize_filename_str = INIT_MYSTR; ++ const char *normname; ++ const char *path; + int ret = 0; + char last_token = 0; + int must_match_at_current_pos = 1; ++ + str_copy(filter_remain_str, p_filter_str); +- str_copy(name_remain_str, p_filename_str); ++ ++ /* normalize filepath */ ++ path = str_strdup(p_filename_str); ++ normname = realpath(path, NULL); ++ if (normname == NULL) ++ goto out; ++ str_alloc_text(normalize_filename_str, normname); ++ ++ if (!str_isempty (filter_remain_str) !str_isempty(normalize_filename_str)) { ++if (str_get_char_at(p_filter_str, 0) == '/') { ++ if (str_get_char_at(normalize_filename_str, 0) != '/') { ++str_getcwd (name_remain_str); ++ ++if (str_getlen(name_remain_str) 1) /* cwd != root dir */ ++ str_append_char (name_remain_str, '/'); ++ ++str_append_str (name_remain_str, normalize_filename_str); ++ } ++ else ++ str_copy (name_remain_str, normalize_filename_str); ++} else { ++ if (str_get_char_at(p_filter_str, 0) != '{') ++str_basename (name_remain_str, normalize_filename_str); ++ else
Bug#769390: unblock: sane-backends/1.0.24-4
Hello Jonathan, Am Donnerstag, den 20.11.2014, 19:22 + schrieb Jonathan Wiltshire: On Sun, Nov 16, 2014 at 06:33:15PM +0100, Jörg Frings-Fürst wrote: Am Sonntag, den 16.11.2014, 15:46 + schrieb Jonathan Wiltshire: Control: tag -1 moreinfo On Thu, Nov 13, 2014 at 11:30:42AM +0100, Jörg Frings-Fürst wrote: diff -Nru sane-backends-1.0.24/debian/libsane-common.preinst sane-backends-1.0.24/debian/libsane-common.preinst --- sane-backends-1.0.24/debian/libsane-common.preinst 1970-01-01 01:00:00.0 +0100 +++ sane-backends-1.0.24/debian/libsane-common.preinst 2014-10-25 13:15:35.0 +0200 @@ -0,0 +1,32 @@ +#!/bin/sh +set -e + +# From http://wiki.debian.org/DpkgConffileHandling +# Remove a no-longer used conffile +rm_conffile() { [...] Would dpkg's maintscript helper be of use here? Yes. But I don't make to much changes in this version. I don't mind a change to use maintscripthelper, but I'm also ok with your current upload. Which would you prefer? At the moment there are no problems with the code. So I think it is better to make the changes in the next version with more time for testing. Many thanks CU Jörg -- pgp Fingerprint: 7D13 3C60 0A10 DBE1 51F8 EBCB 422B 44B0 BE58 1B6E pgp Key: BE581B6E CAcert Key S/N: 0E:D4:56 Jörg Frings-Fürst D-54526 Niederkail Threema: SYR8SJXB IRC: j_...@freenode.net j_...@oftc.net signature.asc Description: This is a digitally signed message part
Bug#769390: unblock: sane-backends/1.0.24-4
Hallo Jonathan, first thanks for your comments. Am Sonntag, den 16.11.2014, 15:46 + schrieb Jonathan Wiltshire: Control: tag -1 moreinfo On Thu, Nov 13, 2014 at 11:30:42AM +0100, Jörg Frings-Fürst wrote: diff -Nru sane-backends-1.0.24/debian/libsane-common.preinst sane-backends-1.0.24/debian/libsane-common.preinst --- sane-backends-1.0.24/debian/libsane-common.preinst 1970-01-01 01:00:00.0 +0100 +++ sane-backends-1.0.24/debian/libsane-common.preinst 2014-10-25 13:15:35.0 +0200 @@ -0,0 +1,32 @@ +#!/bin/sh +set -e + +# From http://wiki.debian.org/DpkgConffileHandling +# Remove a no-longer used conffile +rm_conffile() { [...] Would dpkg's maintscript helper be of use here? Yes. But I don't make to much changes in this version. diff -Nru sane-backends-1.0.24/debian/libsane.symbols.amd64.org sane-backends-1.0.24/debian/libsane.symbols.amd64.org --- sane-backends-1.0.24/debian/libsane.symbols.amd64.org 2014-10-08 12:55:49.0 +0200 +++ sane-backends-1.0.24/debian/libsane.symbols.amd64.org 1970-01-01 01:00:00.0 +0100 What's this file and why is it removed? It's not mentioned in your changelog, unless I've misunderstood. Sorry my error. I was thinking that I have deleted the file already in the last version. Normally I create the symbol file from my local logs. But I don't have any architectures / ports available. So I rename this files and delete them before upload. At last I build the files from debian logs. The symbol files are also not included, because I don't make to much changes. If you want I can make the changes shortly and upload the new packages to my sponsor. I wish you a nice Sunday evening. CU Jörg -- pgp Fingerprint: 7D13 3C60 0A10 DBE1 51F8 EBCB 422B 44B0 BE58 1B6E pgp Key: BE581B6E CAcert Key S/N: 0E:D4:56 Jörg Frings-Fürst D-54526 Niederkail Threema: SYR8SJXB IRC: j_...@freenode.net j_...@oftc.net signature.asc Description: This is a digitally signed message part
Bug#769198: unblock: mwc/1.7.2-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package mwc To fix the bug #764787 with the severity grave I have done the following changes: mwc (1.7.2-2) unstable; urgency=medium * debian/control: - Replace Depends python-cssselect with python3-cssselect (Closes: #764787). - Bump Standards-Version to 3.9.6 (no changes required). -- Jörg Frings-Fürst deb...@jff-webhosting.net Mon, 10 Nov 2014 09:37:29 +0100 The debdiff between 1.7.2-1 und 1.7.2-2 is attached unblock mwc/1.7.2-2 -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (500, 'testing-updates') Architecture: amd64 (x86_64) Kernel: Linux 3.16-3-amd64 (SMP w/6 CPU cores) diff -Nru mwc-1.7.2/debian/changelog mwc-1.7.2/debian/changelog --- mwc-1.7.2/debian/changelog 2014-09-18 21:28:18.0 +0200 +++ mwc-1.7.2/debian/changelog 2014-11-10 09:37:44.0 +0100 @@ -1,3 +1,12 @@ +mwc (1.7.2-2) unstable; urgency=medium + + * debian/control: +- Replace Depends python-cssselect with python3-cssselect + (Closes: #764787). +- Bump Standards-Version to 3.9.6 (no changes required). + + -- Jörg Frings-Fürst deb...@jff-webhosting.net Mon, 10 Nov 2014 09:37:29 +0100 + mwc (1.7.2-1) unstable; urgency=low * Initial release (Closes: #746556) diff -Nru mwc-1.7.2/debian/control mwc-1.7.2/debian/control --- mwc-1.7.2/debian/control 2014-09-18 21:48:47.0 +0200 +++ mwc-1.7.2/debian/control 2014-10-16 07:03:57.0 +0200 @@ -6,7 +6,7 @@ debhelper (= 9), dh-python, python3 | python3-all | python3-dev | python3-all-dev -Standards-Version: 3.9.5 +Standards-Version: 3.9.6 Homepage: https://github.com/Debianguru/MailWebsiteChanges Vcs-Git: git://anonscm.debian.org/collab-maint/mwc.git Vcs-Browser: http://anonscm.debian.org/cgit/collab-maint/mwc.git @@ -18,7 +18,7 @@ ${python3:Depends}, python3 | python3-all | python3-dev | python3-all-dev, python3-lxml, - python-cssselect + python3-cssselect Description: Powerful website-tracking tool MailWebsiteChanges is a Python script to keep track of website changes; sends email notifications on updates and/or also
Bug#768449: unblock: libonig/5.9.5-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package libonig To fix the bug #768267 with the severity serious I have done the following changes: libonig (5.9.5-3) unstable; urgency=medium * Add debian/libonig2-dbg.(preinst|postinst|postrm) to prevent error on upgrade wheezy to jessie. (Closes: #768267) -- Jörg Frings-Fürst deb...@jff-webhosting.net Thu, 06 Nov 2014 21:32:20 +0100 The debdiff between 5.9.5-2 und 5.9.5-3 is attached unblock libonig/5.9.5-3 -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (500, 'testing-updates') Architecture: amd64 (x86_64) Kernel: Linux 3.16-3-amd64 (SMP w/6 CPU cores) diff -Nru libonig-5.9.5/debian/changelog libonig-5.9.5/debian/changelog --- libonig-5.9.5/debian/changelog 2014-05-13 10:31:02.0 +0200 +++ libonig-5.9.5/debian/changelog 2014-11-06 21:32:27.0 +0100 @@ -1,3 +1,10 @@ +libonig (5.9.5-3) unstable; urgency=medium + + * Add debian/libonig2-dbg.(preinst|postinst|postrm) to prevent +error on upgrade wheezy to jessie. (Closes: #768267) + + -- Jörg Frings-Fürst deb...@jff-webhosting.net Thu, 06 Nov 2014 21:32:20 +0100 + libonig (5.9.5-2) unstable; urgency=medium * rename debian/*.doc-base diff -Nru libonig-5.9.5/debian/libonig2-dbg.postinst libonig-5.9.5/debian/libonig2-dbg.postinst --- libonig-5.9.5/debian/libonig2-dbg.postinst 1970-01-01 01:00:00.0 +0100 +++ libonig-5.9.5/debian/libonig2-dbg.postinst 2014-11-06 21:16:49.0 +0100 @@ -0,0 +1,40 @@ +#!/bin/sh +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +#* postinst `configure' most-recently-configured-version +#* old-postinst `abort-upgrade' new version +#* conflictor's-postinst `abort-remove' `in-favour' package +# new-version +#* postinst `abort-remove' +#* deconfigured's-postinst `abort-deconfigure' `in-favour' +# failed-install-package version `removing' +# conflicting-package version +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + +# source debconf library +#. /usr/share/debconf/confmodule + + +case $1 in + + configure|abort-upgrade|abort-remove|abort-deconfigure) +# Replace documentation directory symlink +dpkg-maintscript-helper symlink_to_dir /usr/share/doc/libonig2-dbg /usr/share/doc/libonig2 5.9.1-1~ -- $@ + ;; + + *) +echo postinst called with unknown argument \`$1' 2 +exit 1 + ;; + +esac + +#DEBHELPER# + + +exit 0 diff -Nru libonig-5.9.5/debian/libonig2-dbg.postrm libonig-5.9.5/debian/libonig2-dbg.postrm --- libonig-5.9.5/debian/libonig2-dbg.postrm 1970-01-01 01:00:00.0 +0100 +++ libonig-5.9.5/debian/libonig2-dbg.postrm 2014-11-06 21:15:56.0 +0100 @@ -0,0 +1,33 @@ +#! /bin/sh +# postrm script for argyll +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +#* postrm `remove' +#* postrm `purge' +#* old-postrm `upgrade' new-version +#* new-postrm `failed-upgrade' old-version +#* new-postrm `abort-install' +#* new-postrm `abort-install' old-version +#* new-postrm `abort-upgrade' old-version +#* disappearer's-postrm `disappear' roverwritr new-version +# for details, see /usr/share/doc/packaging-manual/ + +case $1 in +purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + dpkg-maintscript-helper symlink_to_dir /usr/share/doc/libonig2-dbg /usr/share/doc/libonig2 5.9.1-1~ -- $@ +;; + +*) +echo postrm called with unknown argument \`$1' 2 +exit 0 + +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# diff -Nru libonig-5.9.5/debian/libonig2-dbg.preinst libonig-5.9.5/debian/libonig2-dbg.preinst --- libonig-5.9.5/debian/libonig2-dbg.preinst 1970-01-01 01:00:00.0 +0100 +++ libonig-5.9.5/debian/libonig2-dbg.preinst 2014-11-06 21:00:55.0 +0100 @@ -0,0 +1,31 @@ +#!/bin/sh +# preinst script for #PACKAGE# +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +#* new-preinst `install' +#* new-preinst `install' old-version +#* new-preinst `upgrade' old-version +#* old-preinst `abort-upgrade' new-version +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + +case $1 in +install|upgrade|abort-upgrade) + dpkg-maintscript-helper symlink_to_dir /usr/share/doc/libonig2-dbg /usr/share/doc/libonig2 5.9.1-1~ -- $@ + ;; +*) +echo preinst called with unknown argument \`$1' 2 +exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0
Bug#768331: unblock: argyll/1.6.3-4
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package argyll To fix the bug #767837 with the severity serious I have done the following changes: argyll (1.6.3-4) unstable; urgency=medium * debian/control: - On package argyll replace the wrong Replaces Conflicts of argyll-bin with the right Breaks Replaces to icc-utils ( 1.6.3-1). (Closes: #767837) -- Jörg Frings-Fürst deb...@jff-webhosting.net Tue, 04 Nov 2014 07:59:20 +0100 The debdiff between 1.6.3-3 und 1.6.3-4 is attached unblock argyll/1.6.3-4 -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (900, 'testing'), (800, 'unstable'), (500, 'testing-updates') Architecture: amd64 (x86_64) Kernel: Linux 3.16-3-amd64 (SMP w/6 CPU cores) diff -Nru argyll-1.6.3/debian/changelog argyll-1.6.3/debian/changelog --- argyll-1.6.3/debian/changelog 2014-10-05 19:31:36.0 +0200 +++ argyll-1.6.3/debian/changelog 2014-11-05 12:26:06.0 +0100 @@ -1,3 +1,12 @@ +argyll (1.6.3-4) unstable; urgency=medium + + * debian/control: +- On package argyll replace the wrong Replaces Conflicts of argyll-bin + with the right Breaks Replaces to icc-utils ( 1.6.3-1). + (Closes: #767837) + + -- Jörg Frings-Fürst deb...@jff-webhosting.net Tue, 04 Nov 2014 07:59:20 +0100 + argyll (1.6.3-3) unstable; urgency=medium * debian/control: diff -Nru argyll-1.6.3/debian/control argyll-1.6.3/debian/control --- argyll-1.6.3/debian/control 2014-10-05 07:22:20.0 +0200 +++ argyll-1.6.3/debian/control 2014-11-04 07:39:54.0 +0100 @@ -27,10 +27,10 @@ Depends: ${misc:Depends}, ${shlibs:Depends}, argyll-ref Pre-Depends: dpkg (= 1.17.5) -Replaces: argyll-bin +Replaces: icc-utils ( 1.6.3-1) +Breaks: icc-utils ( 1.6.3-1) Recommends: libpam-systemd [linux-any], udev (= 196) [linux-any] Suggests: argyll-doc, colord, gir1.2-colordgtk-1.0 -Conflicts: argyll-bin Description: Color Management System, calibrator and profiler Argyll is an experimental, open source, ICC compatible color management system. It supports accurate ICC profile creation for scanners, CMYK
Bug#765618: RM: argyll/testing-proposed-updates [kfreebsd-amd64 kfreebsd-i386 hurd-i386] -- ANAIS; Upstream has changed the usb handling. Therefor I must disable the build for KfreeBSD-* and hurd-i386
Package: ftp.debian.org Severity: normal -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141016165453.23954.91263.reportbug@merkur