from:"Michael Gilbert"

Bug#926031: unblock: chromium/73.0.3683.75-1

2019-03-30 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: unblock

Please consider unblocking chromium.  This is a large upstream release
with a bunch of security fixes.  As has been done for the past few
stable releases, the plan is to push ongoing upstream security updates
to buster(-security).

Best wishes,
Mike

unblock chromium/73.0.3683.75-1

Bug#864286: unblock: chromium-browser/59.0.3071.86-1

2017-06-06 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: unblock

I apologize for this coming right after the previous unblock request.
Upstream released a new large security update yesterday that I had not
anticipated would be out before the stretch window closed, but now it
is.  Please consider unblocking this version of chromium.

Best wishes,
Mike

unblock chromium-browser/59.0.3071.86-1

Bug#864193: unblock: chromium-browser/58.0.3029.96-1

2017-06-04 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: unblock

Please consider unblocking chromium ahead of the stretch window
closing.  This updates corrects a single security issue that could
lead to remote code execution by visiting a malicious web page.

Best wishes,
Mike

unblock chromium-browser/58.0.3029.96-1

Bug#861290: unblock: chromium-browser/58.0.3029.81-1

2017-04-26 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: unblock

Please consider unblocking chromium.  This updates to the latest
stable upstream security release again and also reenables remote
extensions by default (bug #856183).

Best wishes,
Mike

unblock chromium-browser/58.0.3029.81-1

Bug#860349: unblock: chromium-browser/57.0.2987.133-1

2017-04-14 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: unblock

Please consider unblocking chromium.  This updates to the latest
stable upstream security release with no other changes.

Best wishes,
Mike

Bug#855352: unblock: chromium-browser/56.0.2924.76-1

2017-02-16 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: unblock

Please consider unblocking chromium.  This is a large upstream release
like usual with a bunch of security fixes.  As is done for jessie, the
plan is to push ongoing upstream security updates to
stretch(-security).

Best wishes,
Mike

Bug#819770: transition: bind9

2016-04-01 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: transition
severity: normal
x-debbugs-cc: lam...@debian.org

Hi,

I would like to request a transition for bind9.  Here is the status of the
reverse build dependencies:

bind-dyndb-ldap: a new version is staged in experimental.
isc-dhcp: a new version is staged in experimental.
libnss-lwres: no source changes are needed, will need a binnmu

Ben file:

title = "bind9";
is_affected = .build-depends ~ "libbind-dev" | .build-depends ~
"libbind-export-dev";
is_good = .depends ~
/\b(libbind9\-140|libdns\-export162|libdns\-export162\-udeb|libdns162|libirs\-export141|libirs\-export141\-udeb|libirs141|libisc\-export160|libisc\-export160\-udeb|libisc160|libisccc\-export140|libisccc\-export140\-udeb|libisccc140|libisccfg\-export140|libisccfg\-export140\-udeb|libisccfg140|liblwres141)\b/;
is_bad = .depends ~
/\b(libbind9\-90|libdns\-export100|libdns\-export100\-udeb|libdns100|libirs\-export91|libirs\-export91\-udeb|libisc\-export95|libisc\-export95\-udeb|libisc95|libisccc90|libisccfg\-export90|libisccfg\-export90\-udeb|libisccfg90|liblwres90)\b/;

Re: Kernel version for stretch

2016-02-04 Thread Michael Gilbert

On Thu, Feb 4, 2016 at 11:45 AM, Antonio Terceiro wrote:
> Yet another data point: Ruby makes stable releases every Christmas

Wine also plans their freeze in the fall now, which ended up in a
release near Christmas this year.  If the same holds this year, that
will be too late for the Debian freeze.

Best wishes,
Mike

Bug#800006: jessie-pu: package isc-dhcp/4.3.1-6

2015-10-10 Thread Michael Gilbert

On Sat, Oct 10, 2015 at 1:14 PM, Michael Gilbert wrote:
> On Wed, Oct 7, 2015 at 5:46 AM, Bastian Blank wrote:
>> On Fri, Sep 25, 2015 at 08:19:53AM +, Martin Zobel-Helas wrote:
>>> i wonder if #795227 warrants an upload to jessie-pu (and maybe also to
>>> wheezy-pu) to be fixed with the next point release. We run into that
>>> issue at work, when we want to effectivly publish static IP addresses in
>>> cloud environments.
>>
>> Can you please take a look at this update request and yell if you have
>> problems with fixing this in stable and oldstable.
>
> Where is the debdiff?

Nevermind, I just looked at the bug log.  Looks fine to me also, maybe
state that this is an NMU with maintainer approval?

Best wishes,
Mike

Bug#800006: jessie-pu: package isc-dhcp/4.3.1-6

2015-10-10 Thread Michael Gilbert

On Wed, Oct 7, 2015 at 5:46 AM, Bastian Blank wrote:
> On Fri, Sep 25, 2015 at 08:19:53AM +, Martin Zobel-Helas wrote:
>> i wonder if #795227 warrants an upload to jessie-pu (and maybe also to
>> wheezy-pu) to be fixed with the next point release. We run into that
>> issue at work, when we want to effectivly publish static IP addresses in
>> cloud environments.
>
> Can you please take a look at this update request and yell if you have
> problems with fixing this in stable and oldstable.

Where is the debdiff?

Best wishes,
Mike

Bug#782381: Bug#781995: motif/2.3.4-6.1 failed to build

2015-04-15 Thread Michael Gilbert

On Wed, Apr 15, 2015 at 3:12 PM, Paul Gevers wrote:
 Hi all,

 All the builds of motif failed [1] due to a missing symbol. What are we
 going to do? I saw that Graham already choose to just remove the symbol
 from the Ubuntu package. I believe that this is really a no-no,
 especially without careful investigation if other packages are using
 this symbol and this late in the release process. Can we come up with a
 better solution?

Upstream intends that symbol to be private, so it should be unused in
other packages.  But for confidence that it doesn't lead to breakage,
someone should build test the reverse dependencies, which is a large
number.  Graham can you do that?

It's rather late in the release cycle, so maybe leave things alone for
now, and plan to do a jessie-pu once that testing is complete?

 @Michael, how did you build the package that you didn't notice this
 issue in your build?

I only did debian/rules build while testing, and debian/rules
binary-indep to finish up, which missed the dpkg-gensymbols step.
That was a mistake on my part.  I should have done a test of the
binary-arch step also, but it slipped my mind, apologies.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MOB1-=oafvmosyvrfcc0twvmryfnn7csfcyt3tfjy_...@mail.gmail.com

Bug#782381: Bug#781995: motif/2.3.4-6.1 failed to build

2015-04-15 Thread Michael Gilbert

On Thu, Apr 16, 2015 at 1:31 AM, Graham Inggs wrote:
 If you uploaded 2.3.4-6.2 now, could it cause any harm?  At least this
 will get the package built and Release Team can still decide whether
 to grant the unblock request or not.

If you can talk the release team into pre approving an unblock, then
I'm willing to do the upload.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MNZOQ9GCDOrFOT2+Rjsf=tx4vjiaohhnhujywz9tup...@mail.gmail.com

Bug#781292: unblock: binutils/2.25-6

2015-04-12 Thread Michael Gilbert

On Sun, Apr 12, 2015 at 10:15 PM, Matthias Klose wrote:
 That wasn't really the point.  The point was more about why not keep
 the existing patches untouched, but add a final diff that could
 possibly be reviewable.

 so you would feel better if I create my own diff to the current state of the
 branch, from the point where I stopped backporting patches?  How would you
 review these?

Well, the diff between what's currently in testing and what might
replace it is what the release team cares about, so yes that would be
helpful.  Reviewing a rewrite is inherently more complex than
reviewing a final incremental diff.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MNBJ0biDP=_muf4_pzsgan1uu-iuysasn7wvnkmoaz...@mail.gmail.com

Bug#781292: unblock: binutils/2.25-6

2015-04-12 Thread Michael Gilbert

On Sun, Apr 12, 2015 at 9:36 PM, Matthias Klose wrote:
 because upstream backport patches were done by component for the 2.25 branch,
 and don't have any equivalent to the single patches on the trunk.  Feel free 
 to
 prove me wrong.

That wasn't really the point.  The point was more about why not keep
the existing patches untouched, but add a final diff that could
possibly be reviewable.

 Please resist the urge to count lines of the diff

 no, you couldn't resist :-/

The size of course is important because as is it's basically an
unreviewable change, which is why no one from the release team is
looking at it, and why stands little chance for making it into jessie.

Anyway it's not my call, I was just trying to help.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MPiOuK8Uh43S0uU15oR6YPNFAKFY+MOJ+FFH_Jt=n6...@mail.gmail.com

Bug#781292: unblock: binutils/2.25-6

2015-04-12 Thread Michael Gilbert

On Thu, Mar 26, 2015 at 8:59 PM, Matthias Klose wrote:
  * Configure with --enable-deterministic-archives. Closes: #774429.

#774429 is wishlist, so not appropriate at this point for jessie.

 --- binutils-2.25/debian/patches/series
 +++ binutils-2.25/debian/patches/series
 @@ -34,13 +34,3 @@
  pr17742.diff
 -pr17531-1.diff
 -pr17531-2.diff
 -pr17531-3.diff
 -pr17531-4.diff
 -pr17531-5.diff
 -pr17531-6.diff
 -# these need some real backports ...
 -#pr17531-7.diff
 -#pr17531-8.diff
 -#pr17531-9.diff
 -
 +pr17531.diff

Why couldn't the changes be applied incrementally to the existing
patches rather than an entirely new 15k line patch?

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mornt9twzbpstkij6p91br+k7gxnscngjrcyo2pynq...@mail.gmail.com

Bug#782381: pre-approval: unblock: motif/2.3.4-8

2015-04-12 Thread Michael Gilbert

control: tag 781995 pending

On Sat, Apr 11, 2015 at 7:41 AM, Graham Inggs wrote:
 Hi release team

 In order to fix RC bug #781995, I would like to upload a version of
 Motif with upstream's fix for their bug #1565 reverted.  I plan to
 replace debian/patches/18-updated-fix1565.patch with the following:

 --- a/lib/Xm/XmI.h
 +++ b/lib/Xm/XmI.h
 @@ -297,7 +297,6 @@
  #define FIX_1501
  #define FIX_1521
  #define FIX_1505
 -#define FIX_1565

  #endif /* _XmI_h */
  /* DON'T ADD ANYTHING AFTER THIS #endif */

 Not defining FIX_1565 causes popup menus and keyboard navigation in
 menus to revert to their behaviour in Motif 2.3.3.  This fixes #781995
 and #730026 remains fixed.

I just caught this message after preparing an nmu today.  I applied
your suggested changes (in a more minimal way than you suggest),
tested the problem was fixed, and uploaded the nmu to delayed/5.

If you would prefer it to be a sponsored upload, or if you want me to
delay/alter the nmu please let me know.

Best wishes,
Mike
diff -Nru motif-2.3.4/debian/changelog motif-2.3.4/debian/changelog
--- motif-2.3.4/debian/changelog	2014-10-13 07:27:43.0 +
+++ motif-2.3.4/debian/changelog	2015-04-12 19:34:03.0 +
@@ -1,3 +1,10 @@
+motif (2.3.4-6.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Disable buggy fix for upstream bug #1565 (closes: #781995).
+
+ -- Michael Gilbert mgilb...@debian.org  Sun, 12 Apr 2015 19:25:51 +
+
 motif (2.3.4-6) unstable; urgency=medium
 
   * Bump standards-version to 3.9.6 (no changes).
diff -Nru motif-2.3.4/debian/patches/22-disable-1565.patch motif-2.3.4/debian/patches/22-disable-1565.patch
--- motif-2.3.4/debian/patches/22-disable-1565.patch	1970-01-01 00:00:00.0 +
+++ motif-2.3.4/debian/patches/22-disable-1565.patch	2015-04-12 19:31:45.0 +
@@ -0,0 +1,14 @@
+Description: Fix for upstream 1565 causes segfaults in motif applications, so disable it
+Author: Graham Inggs gra...@nerve.org.za
+Bug-Debian: https://bugs.debian.org/781995
+
+--- a/lib/Xm/XmI.h
 b/lib/Xm/XmI.h
+@@ -299,7 +299,6 @@ extern Pixel _XmAssignInsensitiveColor(W
+ #define FIX_1501
+ #define FIX_1521
+ #define FIX_1505
+-#define FIX_1565
+ 
+ #endif /* _XmI_h */
+ /* DON'T ADD ANYTHING AFTER THIS #endif */
diff -Nru motif-2.3.4/debian/patches/series motif-2.3.4/debian/patches/series
--- motif-2.3.4/debian/patches/series	2014-10-13 07:27:43.0 +
+++ motif-2.3.4/debian/patches/series	2015-04-12 19:29:28.0 +
@@ -19,3 +19,4 @@
 19-fix-type-inconsistencies.patch
 20-fix-1612.patch
 21-fix-1636.patch
+22-disable-1565.patch

Bug#782381: pre-approval: unblock: motif/2.3.4-8

2015-04-12 Thread Michael Gilbert

On Sun, Apr 12, 2015 at 5:14 PM, Graham Inggs wrote:
 So what is the best way forward?

 I have no problems with Michael's upload (thanks!) apart from the delay.

I can reschedule to delayed/0 if as the maintainer you say that's ok.

 Paul and I were just considering adding the line:
 Recommends: xfonts-100dpi | xfonts-75dpi | xfonts-100dpi-transcoded |
 xfonts-75dpi-transcoded
 to libxm4 in motif (see LP: #1415309).  I haven't decided yet if it's
 better to go in libxm4 or nedit.

If there isn't an RC bug about that, then it's likely not appropriate
at this point in the freeze.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=molprvxfex4o2xkrgw07bzu+xag+dx0vgb7jzmauu3...@mail.gmail.com

Bug#778492: unblock: ndisc6/1.0.1-2

2015-04-11 Thread Michael Gilbert

control: tag -1 - moreinfo

On Mon, Mar 30, 2015 at 12:58 AM, Cyril Brulebois wrote:
 Thanks for trying, but no, that's not sufficient. I really would
 like having a real use case where the bug gets reproduced without
 “cheating” (for the lack of a better wording), so that we can actually
 check that the change isn't worse than the bug it's supposed to fix.

It turns out the difficulty getting rdnssd automatically installed is a bug:
http://bugs.debian.org/782299

Steve will be uploading a debian-cd fix soon, but in the meantime I
tested a mini.iso (since it configures networking sufficiently early
to be able to fetch the package) for a sid gnome install.  Here is the
installer syslog relevant to rdnssd;

netcfg[1369]: rdnssd started; PID: 1384
[...]
apt-install: Queueing package rdnssd for later installation
netcfg[1369]: DEBUG: Stopping rdnssd, PID 1384
[...]
in-target: The following NEW packages will be installed:
in-target:   rdnssd
[...]
in-target: Unpacking rdnssd (1.0.1-2)
[...]
in-target: Setting up rdnssd (1.0.1-2)
[...]
in-target: pkgsel: starting tasksel [selected gnome as the desktop environment]
[...]
in-target: The following packages will be REMOVED:
in-target:   rdnssd
[...]
in-target: Removing rdnssd (1.0.1-2)
[...]
in-target: Setting up network-manager-gnome (0.9.10.0-2)

In conclusion again everything works entirely as expected.  Is this
now sufficient?

Best wishes,
Mike


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MOT3OVGaZcDJVejLwu10G466tsMMir=1vvlt63n-th...@mail.gmail.com

Bug#778492: unblock: ndisc6/1.0.1-2

2015-03-29 Thread Michael Gilbert

control: tag -1 - moreinfo

On Wed, Feb 25, 2015 at 11:23 PM, Cyril Brulebois wrote:
 It would be nice to compare what happens when one installs gnome/jessie
 vs. gnome/sid. I really wouldn't want this conflict to trigger having
 rdnssd installed and network-manager/gnome not…

Everything seems to turn out fine.

I couldn't get netcfg to trigger rdnssd installation with my set up,
so here is what I did to mimic the process:

boot from jessie RC2
nothing special up through pkgsel
before pkgsel, manually install rdnssd 1.0.1-2 from sid
proceed with pkgsel (making sure to select gnome in tasksel)

To resolve the rdnssd/nm conflict, apt concludes that nm should be
installed and rdnssd removed, which then happens.  Afterwards:

$ dpkg -l | grep -e network-manager -e rdnssd | cut -d' ' -f1,2,3
ii  network-manager
ii  network-manager-gnome
rc  rdnssd

On reboot, networking with nm works correctly.

This effectively mimics the configurations where netcfg automatically
adds in rdnssd.  Is this sufficient?

Best wishes,
Mike


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mmryvzhubwjcn+7ivy2k9jfwteou9_r4-xafehs+pf...@mail.gmail.com

Bug#781431: RM: makehuman/1.0.0~alpha6-5

2015-03-28 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: rm
severity: normal

Please consider removing makehuman from testing.  Upstream says the
old version there is not fit for use (#781306).

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MNx_MvCkfAAL_GKP=aeyes0djn3smy2iqprwx5wja1...@mail.gmail.com

Re: Hints for d-i jessie RC2, part 1

2015-03-08 Thread Michael Gilbert

On Thu, Mar 5, 2015 at 1:07 AM, Cyril Brulebois wrote:
 Hi people,

 here's a first round of unblock/unblock-udeb hints for the upcoming d-i
 jessie RC2. Don't hesitate to ask questions if anything looks fishy.

Cyril,

Would it be possible also to unblock ndisc6 in time for RC2?  I saw no
problems in my test installs (bug #778492), but I guess it could be
good to get wider testing before the final jessie d-i.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mn3uasvke2kiz5bn65-+atgwxev1zp3u_nfrghromn...@mail.gmail.com

Bug#778492: unblock: ndisc6/1.0.1-2

2015-03-01 Thread Michael Gilbert

On Sun, Mar 1, 2015 at 12:32 AM, Michael Gilbert wrote:
 It would be nice to compare what happens when one installs gnome/jessie
 vs. gnome/sid. I really wouldn't want this conflict to trigger having
 rdnssd installed and network-manager/gnome not…

 After a successful jessie gnome install over ipv6

 $ dpkg -l | grep rdnssd
 $ dpkg -l | grep network-manager
 network-manager
 network-manager-gnome

 After a successful sid gnome install over ipv6

 $ dpkg -l | grep rdnssd
 $ dpkg -l | grep network-manager
 network-manager
 network-manager-gnome

I had retyped that in from another computer, and I just now noticed
the commands are incorrect for the shown output.  For completeness,
the actual commands were

$ dpkg -l | grep package | cut -d' ' -f3


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MMF0�wr6zkwlhfz8nc+roqzrxl39ofwhripcyf...@mail.gmail.com

Bug#779466: unblock: e2fsprogs/1.42.12-1.1

2015-02-28 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: unblock
severity: normal
x-debbugs-cc: debian-b...@lists.debian.org

Please consider unblocking e2fsprogs.  A security issue is fixed.

unblock e2fsprogs/1.42.12-1.1
unblock-udeb e2fsprogs/1.42.12-1.1
diff -Nru e2fsprogs-1.42.12/debian/changelog e2fsprogs-1.42.12/debian/changelog
--- e2fsprogs-1.42.12/debian/changelog	2014-08-29 12:51:13.0 +
+++ e2fsprogs-1.42.12/debian/changelog	2015-02-22 02:18:20.0 +
@@ -1,3 +1,10 @@
+e2fsprogs (1.42.12-1.1) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Fix CVE-2015-1572: incomplete fix for CVE-2015-0247 (closes: #778948).
+
+ -- Michael Gilbert mgilb...@debian.org  Sun, 22 Feb 2015 01:50:57 +
+
 e2fsprogs (1.42.12-1) unstable; urgency=low
 
   * New upstream version
diff -Nru e2fsprogs-1.42.12/debian/patches/CVE-2015-1572.patch e2fsprogs-1.42.12/debian/patches/CVE-2015-1572.patch
--- e2fsprogs-1.42.12/debian/patches/CVE-2015-1572.patch	1970-01-01 00:00:00.0 +
+++ e2fsprogs-1.42.12/debian/patches/CVE-2015-1572.patch	2015-02-22 02:18:20.0 +
@@ -0,0 +1,48 @@
+From 49d0fe2a14f2a23da2fe299643379b8c1d37df73
+From: Theodore Ts'o ty...@mit.edu
+Date: Fri, 6 Feb 2015 12:46:39 -0500
+Subject: libext2fs: fix potential buffer overflow in closefs()
+
+The bug fix in f66e6ce4446: libext2fs: avoid buffer overflow if
+s_first_meta_bg is too big had a typo in the fix for
+ext2fs_closefs().  In practice most of the security exposure was from
+the openfs path, since this meant if there was a carefully crafted
+file system, buffer overrun would be triggered when the file system was
+opened.
+
+However, if corrupted file system didn't trip over some corruption
+check, and then the file system was modified via tune2fs or debugfs,
+such that the superblock was marked dirty and then written out via the
+closefs() path, it's possible that the buffer overrun could be
+triggered when the file system is closed.
+
+Also clear up a signed vs unsigned warning while we're at it.
+
+Thanks to Nick Kralevich n...@google.com for asking me to look at
+compiler warning in the code in question, which led me to notice the
+bug in f66e6ce4446.
+
+Addresses: CVE-2015-1572
+
+Signed-off-by: Theodore Ts'o ty...@mit.edu
+
+--- a/lib/ext2fs/closefs.c
 b/lib/ext2fs/closefs.c
+@@ -287,7 +287,7 @@ errcode_t ext2fs_flush2(ext2_filsys fs, int flags)
+ 	dgrp_t		j;
+ #endif
+ 	char	*group_ptr;
+-	int	old_desc_blocks;
++	blk64_t	old_desc_blocks;
+ 	struct ext2fs_numeric_progress_struct progress;
+ 
+ 	EXT2_CHECK_MAGIC(fs, EXT2_ET_MAGIC_EXT2FS_FILSYS);
+@@ -346,7 +346,7 @@ errcode_t ext2fs_flush2(ext2_filsys fs, int flags)
+ 	group_ptr = (char *) group_shadow;
+ 	if (fs-super-s_feature_incompat  EXT2_FEATURE_INCOMPAT_META_BG) {
+ 		old_desc_blocks = fs-super-s_first_meta_bg;
+-		if (old_desc_blocks  fs-super-s_first_meta_bg)
++		if (old_desc_blocks  fs-desc_blocks)
+ 			old_desc_blocks = fs-desc_blocks;
+ 	} else
+ 		old_desc_blocks = fs-desc_blocks;
diff -Nru e2fsprogs-1.42.12/debian/patches/series e2fsprogs-1.42.12/debian/patches/series
--- e2fsprogs-1.42.12/debian/patches/series	1970-01-01 00:00:00.0 +
+++ e2fsprogs-1.42.12/debian/patches/series	2015-02-22 02:18:20.0 +
@@ -0,0 +1 @@
+CVE-2015-1572.patch

Bug#778492: unblock: ndisc6/1.0.1-2

2015-02-28 Thread Michael Gilbert

 It would be nice to compare what happens when one installs gnome/jessie
 vs. gnome/sid. I really wouldn't want this conflict to trigger having
 rdnssd installed and network-manager/gnome not…

After a successful jessie gnome install over ipv6

$ dpkg -l | grep rdnssd
$ dpkg -l | grep network-manager
network-manager
network-manager-gnome

After a successful sid gnome install over ipv6

$ dpkg -l | grep rdnssd
$ dpkg -l | grep network-manager
network-manager
network-manager-gnome

Best wishes,
Mike


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MNJN7RUa5o=udsy8ah1ofsoxnjkmqqy9f7iq3lb_pk...@mail.gmail.com

Bug#779067: unblock: wine/1.6.2-20

2015-02-23 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: unblock
severity: normal

Please consider unblocking wine.  I know its rather late for fixing
important bugs, but this one was just filed.  There is currently a
missing relationship to libasound2-plugins, which can leave users
without working audio by default (bug #779002).

This change has been present in wine-development for almost a year.

unblock wine/1.6.2-20
diff -Nru wine-1.6.2/debian/changelog wine-1.6.2/debian/changelog
--- wine-1.6.2/debian/changelog	2015-01-18 13:01:44.0 -0500
+++ wine-1.6.2/debian/changelog	2015-02-23 01:08:22.0 -0500
@@ -1,3 +1,9 @@
+wine (1.6.2-20) unstable; urgency=medium
+
+  * Recommend libasound2-plugins (closes: #779002).
+
+ -- Michael Gilbert mgilb...@debian.org  Mon, 23 Feb 2015 06:07:16 +
+
 wine (1.6.2-19) unstable; urgency=medium
 
   * Fix typo in libwine-alsa.maintscript (closes: #774861).
diff -Nru wine-1.6.2/debian/control wine-1.6.2/debian/control
--- wine-1.6.2/debian/control	2015-01-18 13:02:52.0 -0500
+++ wine-1.6.2/debian/control	2015-02-23 01:08:55.0 -0500
@@ -116,6 +116,8 @@
  libfreetype6,
  libgl1-mesa-dri,
  libwine-gecko-2.21
+Recommends:
+ libasound2-plugins,
 Breaks:
  wine ( 1.6.1-9),
  wine-bin ( 1.5.31-1),
@@ -142,6 +144,7 @@
 Replaces:
  wine ( 1.6.1-9),
 Recommends:
+ libasound2-plugins,
  wine32 (= ${source:Version}),
 Description: Windows API implementation - 64-bit binary loader
  Wine is a free MS-Windows API implementation.
diff -Nru wine-1.6.2/debian/control.in wine-1.6.2/debian/control.in
--- wine-1.6.2/debian/control.in	2015-01-10 14:21:31.0 -0500
+++ wine-1.6.2/debian/control.in	2015-02-23 01:06:52.0 -0500
@@ -116,6 +116,8 @@
  libfreetype6,
  libgl1-mesa-dri,
  libwine-gecko-2.21
+Recommends:
+ libasound2-plugins,
 Breaks:
  wine ( 1.6.1-9),
  wine-bin ( 1.5.31-1),
@@ -142,6 +144,7 @@
 Replaces:
  wine ( 1.6.1-9),
 Recommends:
+ libasound2-plugins,
  wine32 (= ${source:Version}),
 Description: Windows API implementation - 64-bit binary loader
  Wine is a free MS-Windows API implementation.

Bug#778934: unblock: icu/52.1-7.1

2015-02-21 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: unblock
severity: normal

Please consider unblocking icu.  It fixes a few security issues.

unblock icu/52.1-7.1
diff -Nru icu-52.1/debian/changelog icu-52.1/debian/changelog
--- icu-52.1/debian/changelog	2015-01-22 02:47:39.0 +
+++ icu-52.1/debian/changelog	2015-02-16 02:35:11.0 +
@@ -1,3 +1,16 @@
+icu (52.1-7.1) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Unfixed issue from the previous upload (closes: #776264)
+- CVE-2014-6585: out-of-bounds read.
+  * Issues fixed in chromium 40.0.2214.91 (closes: #776265, #776719).
+- CVE-2014-7923: memory corruption in regular expression comparison.
+- CVE-2014-7926: memory corruption in regular expression comparison.
+- CVE-2014-7940: uninitialized memory in i18n/icol.cpp.
+- CVE-2014-9654: more regular expression handling issues.
+
+ -- Michael Gilbert mgilb...@debian.org  Sun, 15 Feb 2015 22:19:14 +
+
 icu (52.1-7) unstable; urgency=high
 
   * Patch to CVE-2014-6591, CVE-2014-6585 a font parsing bug.
diff -Nru icu-52.1/debian/patches/CVE-2014-6585.patch icu-52.1/debian/patches/CVE-2014-6585.patch
--- icu-52.1/debian/patches/CVE-2014-6585.patch	1970-01-01 00:00:00.0 +
+++ icu-52.1/debian/patches/CVE-2014-6585.patch	2015-02-16 02:35:11.0 +
@@ -0,0 +1,19 @@
+description: out-of-bounds read
+origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6585
+
+--- a/source/layout/LETableReference.h
 b/source/layout/LETableReference.h
+@@ -317,7 +317,12 @@ LE_TRACE_TR(INFO: new RTAO)
+   }
+   
+   const T operator()(le_uint32 i, LEErrorCode success) const {
+-return *getAlias(i,success);
++const T *ret = getAlias(i,success);
++if (LE_FAILURE(success) || ret==NULL) {
++  return *(new T());
++} else {
++  return *ret;
++}
+   }
+ 
+   size_t getOffsetFor(le_uint32 i, LEErrorCode success) const {
diff -Nru icu-52.1/debian/patches/CVE-2014-7923+7926.patch icu-52.1/debian/patches/CVE-2014-7923+7926.patch
--- icu-52.1/debian/patches/CVE-2014-7923+7926.patch	1970-01-01 00:00:00.0 +
+++ icu-52.1/debian/patches/CVE-2014-7923+7926.patch	2015-02-16 02:35:11.0 +
@@ -0,0 +1,45 @@
+description: memory corruption issues
+origin: http://bugs.icu-project.org/trac/ticket/11369
+origin: http://bugs.icu-project.org/trac/ticket/11370
+origin: https://chromium.googlesource.com/chromium/deps/icu52/+/3af4ce5982311035e5f36803d547c0befa576c8c
+
+--- a/source/i18n/regexcmp.cpp
 b/source/i18n/regexcmp.cpp
+@@ -2133,6 +2133,10 @@ void  RegexCompile::handleCloseParen() {
+ int32_t patEnd   = fRXPat-fCompiledPat-size() - 1;
+ int32_t minML= minMatchLength(fMatchOpenParen, patEnd);
+ int32_t maxML= maxMatchLength(fMatchOpenParen, patEnd);
++if (URX_TYPE(maxML) != 0) {
++error(U_REGEX_LOOK_BEHIND_LIMIT);
++break;
++}
+ if (maxML == INT32_MAX) {
+ error(U_REGEX_LOOK_BEHIND_LIMIT);
+ break;
+@@ -2166,6 +2170,10 @@ void  RegexCompile::handleCloseParen() {
+ int32_t patEnd   = fRXPat-fCompiledPat-size() - 1;
+ int32_t minML= minMatchLength(fMatchOpenParen, patEnd);
+ int32_t maxML= maxMatchLength(fMatchOpenParen, patEnd);
++if (URX_TYPE(maxML) != 0) {
++error(U_REGEX_LOOK_BEHIND_LIMIT);
++break;
++}
+ if (maxML == INT32_MAX) {
+ error(U_REGEX_LOOK_BEHIND_LIMIT);
+ break;
+@@ -2329,7 +2337,15 @@ UBool RegexCompile::compileInlineInterva
+ int32_t   topOfBlock = blockTopLoc(FALSE);
+ if (fIntervalUpper == 0) {
+ // Pathological case.  Attempt no matches, as if the block doesn't exist.
++// Discard the generated code for the block.
++// If the block included parens, discard the info pertaining to them as well.
+ fRXPat-fCompiledPat-setSize(topOfBlock);
++if (fMatchOpenParen = topOfBlock) {
++fMatchOpenParen = -1;
++}
++if (fMatchCloseParen = topOfBlock) {
++fMatchCloseParen = -1;
++}
+ return TRUE;
+ }
+ 
diff -Nru icu-52.1/debian/patches/CVE-2014-7940.patch icu-52.1/debian/patches/CVE-2014-7940.patch
--- icu-52.1/debian/patches/CVE-2014-7940.patch	1970-01-01 00:00:00.0 +
+++ icu-52.1/debian/patches/CVE-2014-7940.patch	2015-02-16 02:35:11.0 +
@@ -0,0 +1,30 @@
+description: uninitialized memory issue
+origin: https://chromium.googlesource.com/chromium/deps/icu/+/866ff696e9022a6000afbab516fba62cfa306075
+
+--- icu-52.1.orig/source/i18n/ucol.cpp
 icu-52.1/source/i18n/ucol.cpp
+@@ -2259,6 +2259,9 @@ inline UChar getNextNormalizedChar(collI
+ if (data-pos + 1 == data-endp) {
+ return *(data-pos ++);
+ }
++if (data

Bug#778734: unblock: bind9/9.9.5.dfsg-9

2015-02-18 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: unblock
severity: normal
x-debbugs-cc: debian-b...@lists.debian.org

Please consider unblocking bind9.  It fixes a new security issue.

unblock bind9/9.9.5.dfsg-9
unblock-udeb bind9/9.9.5.dfsg-9
diff -u bind9-9.9.5.dfsg/debian/changelog bind9-9.9.5.dfsg/debian/changelog
--- bind9-9.9.5.dfsg/debian/changelog
+++ bind9-9.9.5.dfsg/debian/changelog
@@ -1,3 +1,10 @@
+bind9 (1:9.9.5.dfsg-9) unstable; urgency=high
+
+  * Fix CVE-2015-1349: named crash due to managed key rollover, primarily only
+affecting setups using DNSSEC (closes: #778733).
+
+ -- Michael Gilbert mgilb...@debian.org  Thu, 19 Feb 2015 03:42:21 +
+
 bind9 (1:9.9.5.dfsg-8) unstable; urgency=medium
 
   * Launch rndc command in the background in networking scripts to avoid a
only in patch2:
unchanged:
--- bind9-9.9.5.dfsg.orig/lib/dns/zone.c
+++ bind9-9.9.5.dfsg/lib/dns/zone.c
@@ -8496,6 +8496,12 @@
 	 namebuf, tag);
 trustkey = ISC_TRUE;
 			}
+		} else {
+			/*
+			 * No previously known key, and the key is not
+			 * secure, so skip it.
+			 */
+			continue;
 		}
 
 		/* Delete old version */
@@ -8544,7 +8550,7 @@
 			trust_key(zone, keyname, dnskey, mctx);
 		}
 
-		if (!deletekey)
+		if (secure  !deletekey)
 			set_refreshkeytimer(zone, keydata, now);
 	}

Bug#778492: unblock: ndisc6/1.0.1-2

2015-02-18 Thread Michael Gilbert

On Tue, Feb 17, 2015 at 10:03 AM, Mehdi Dogguy  wrote:
 Wouldn't that break the installer? ... since netcfg is installing rdnssd
 and network-manager is being installed by default.

I don't see why it would.  Yes, rdnssd-udeb is used by netcfg in the
d-i environment but network-manager is not present there, and
in-target network-manager will certainly get installed for most
tasksel options, but rdnssd will not.

So I don't see any reason to expect conflict.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mngg4n5bzg4js1qd9gurq7qtwxfrndmufh+myolcem...@mail.gmail.com

Bug#778492: unblock: ndisc6/1.0.1-2

2015-02-15 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: unblock
severity: normal
x-debbugs-cc: debian-b...@lists.debian.org

Please consider unblocking ndisc6.  I did a QA upload to fix bug #740998.

The kfreebsd builds are missing because of #764692, which sounds
unlikely to be fixed for jessie.

unblock ndisc6/1.0.1-2
unblock-udeb ndisc6/1.0.1-2
diff -u ndisc6-1.0.1/debian/control ndisc6-1.0.1/debian/control
--- ndisc6-1.0.1/debian/control
+++ ndisc6-1.0.1/debian/control
@@ -1,7 +1,7 @@
 Source: ndisc6
 Section: net
 Priority: optional
-Maintainer: Rémi Denis-Courmont r...@remlab.net
+Maintainer: Debian QA Group packa...@qa.debian.org
 Build-Depends: cdbs, debhelper (= 7), autotools-dev, gettext
 Standards-Version: 3.9.1
 Homepage: http://www.remlab.net/ndisc6/
@@ -40,6 +40,7 @@
 Depends: ${shlibs:Depends}, ${perl:Depends}, ${misc:Depends}
 Recommends: resolvconf
 Suggests: ndisc6
+Conflicts: network-manager
 Description: IPv6 recursive DNS server discovery daemon
  rdnssd autoconfigures recursive DNS servers on IPv6 networks
  using ICMPv6 Neighbor Discovery (RFC 5006), and can update the
diff -u ndisc6-1.0.1/debian/changelog ndisc6-1.0.1/debian/changelog
--- ndisc6-1.0.1/debian/changelog
+++ ndisc6-1.0.1/debian/changelog
@@ -1,3 +1,11 @@
+ndisc6 (1.0.1-2) unstable; urgency=medium
+
+  * QA upload.
+  * Set maintainer to the Debian QA Group (see #713004).
+  * Add conflicts between rdnssd and network-manager (closes: #740998).
+
+ -- Michael Gilbert mgilb...@debian.org  Sat, 14 Feb 2015 01:16:37 +
+
 ndisc6 (1.0.1-1) unstable; urgency=low
 
   * New upstream release:

Bug#771944: closed by Michael Gilbert mgilb...@debian.org (Re: Bug#771944: Following FusionForge 5.3 stable branch)

2015-02-14 Thread Michael Gilbert

On Sat, Feb 14, 2015 at 8:24 AM:
 You got it all wrong.

So other than the typo s/font/fusion/, I don't really understand that
statement.  There were two unstable fusionforge uploads post-freeze
that were in fact accepted into testing [0], and there are no other
proposed changes currently to review, so I'm not sure what you're
asking for.

If you want more changes to be considered, don't they need to be
uploaded first?  In that case, now is quite late.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MPrm9OTDku7wgRWjA=cr1LA=0dlpuzzu8tvvv2hnlt...@mail.gmail.com

Bug#778351: unblock: isc-dhcp/4.3.1-6

2015-02-13 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
x-debbugs-cc: debian-b...@lists.debian.org

Please consider unblocking isc-dhcp.  It fixes a regression in init
script error handling (bug #755834, unfortunate bug # typo in the
changelog).

There are no changes to the udebs.

unblock isc-dhcp/4.3.1-6
unblock-udeb isc-dhcp/4.3.1-6
diff --git a/debian/changelog b/debian/changelog
index 4fd1f35..5f5c568 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+isc-dhcp (4.3.1-6) unstable; urgency=medium
+
+  * Fix a regression in error handling for the server's init script
+(closes: #775834).
+- Thanks to François-Régis Vuillemin.
+
+ -- Michael Gilbert mgilb...@debian.org  Fri, 13 Feb 2015 05:13:19 +
+
 isc-dhcp (4.3.1-5) unstable; urgency=medium
 
   * Dynamically link against system bind libraries.
diff --git a/debian/rules b/debian/rules
index be0317e..780bc4a 100755
--- a/debian/rules
+++ b/debian/rules
@@ -62,6 +62,10 @@ override_dh_install:
 	cp contrib/dhcp-lease-list.pl \
 	debian/isc-dhcp-server/usr/sbin/dhcp-lease-list
 
+override_dh_installinit:
+	dh_installinit -Nisc-dhcp-server
+	dh_installinit -pisc-dhcp-server --error-handler=init_script_error_handler
+
 override_dh_strip:
 	dh_strip --dbg-package=isc-dhcp-dbg

Bug#778350: unblock: chromium-browser/40.0.2214.111-1

2015-02-13 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please consider unblocking chromium.  This is a new upstream
release that fixes a few security issues.

unblock chromium-browser/40.0.2214.111-1


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MNfsOdYRA1ZdeXMaXdywt=0bsetl68w40bwjjjf006...@mail.gmail.com

Bug#767781: unblock: matplotlib/1.4.2-3

2015-02-13 Thread Michael Gilbert

control: tag -1 moreinfo
control: retitle -1 unblock: matplotlib/1.4.2-3.1

On Wed, Dec 17, 2014 at 2:54 PM, Jonathan Wiltshire wrote:
 Looks like this got lost among the floorboards, sorry about that. No, the
 unblock is not realistic right now; could you pick targetted fixes please?

It seems like it might be worse to go with an unsupported and untested
wx/matplotlib configuration, so even though the changes are big
between testing and unstable, 1.4 is probably a much better choice for
jessie.

Also, it may not count for much, but that version has been in unstable
for over 100 days without any severe bugs, disregarding the just fixed
security issue that affected all matplotlib versions.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mpa6o9o5v4-2g8vd9hlalommvm7zd395ltmst2+ere...@mail.gmail.com

Bug#778364: unblock: glibc/2.19-15

2015-02-13 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
x-debbugs-cc: debian-b...@lists.debian.org

Please consider unblocking glibc.  It fixes 5 security issues:
https://security-tracker.debian.org/tracker/source-package/glibc

unblock glibc/2.19-15
unblock-udeb glibc/2.19-15


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MPTyhd=riPdP=_yhfoueqe0lk8fs2vjoxdj_kqvzh5...@mail.gmail.com

Bug#774221: freeze exception for gcc-4.8, gcc-4.9, and gcc-defaults

2015-02-13 Thread Michael Gilbert

control: retitle -1 unblock: gcc-4.8, gcc-4.9, gcc-defaults
control: user release.debian@packages.debian.org
control: usertag -1 unblock

On Tue, Dec 30, 2014 at 8:08 AM, Matthias Klose wrote:
 The only RC fix is #771647, resolving a file conflict in the libphobos 
 packages
 built by gcc-4.8 and gcc-4.9.

I just tested this, that bug doesn't affect the gcc packages currently
in testing, so it doesn't need fixing there.

 I don't agree with the severity of gcc-4.9's #764732, however the ARM
 porters are quiet about this one.

That didn't turn out to be a problem for anything except unzip, and
has been deescalated.

 as stated in the binutils freeze exception, there are no regressions in the 
 4.8
 and 4.9 testsuites on all release architectures.

It doesn't look like any of the proposed changes are absolutely
necessary for jessie, so can this bug be closed?

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mngan5qpvv6z+gl3gerca9nfgxftkxm_ratodrcxqd...@mail.gmail.com

Bug#778366: unblock: kfreebsd-10/10.1~svn274115-2

2015-02-13 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
x-debbugs-cc: debian-b...@lists.debian.org

Please consider unblocking kfreebsd-10.  It fixes 2 security issues:
https://security-tracker.debian.org/kfreebsd-10

unblock kfreebsd-10/10.1~svn274115-2
unblock-udeb kfreebsd-10/10.1~svn274115-2


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MNj5zAqn8SsLZUAS_9VHfqVr05shefViaG=q=9VsRD=j...@mail.gmail.com

Bug#778365: unblock: python3.4/3.4.2-4

2015-02-13 Thread Michael Gilbert

package: release.debian.org
user: release.debian@packages.debian.org
usertags: unblock
severity: normal

Please consider unblocking python3.4.  The -3 upload is unfortunately
quite big, but there are 2 security issues that are fixed by upstream
changes:
https://security-tracker.debian.org/python3.4

unblock python3.4/3.4.2-4


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MPw0ueGXBSK37EQg=AOvh_CoS9y8XgSGuP3hYvmdO2=n...@mail.gmail.com

Bug#777649: cgmanager security update for jessie

2015-02-13 Thread Michael Gilbert

control: retitle -1 unblock: cgmanager/0.33-2+deb8u1

On Thu, Feb 12, 2015 at 11:36 PM, Serge Hallyn wrote:
 Sorry, I'm not sure what you mean.  I don't actually have upload rights.
 Should I ask someone to sponsor such a package, or just post the debdiff
 here?  (It could be the same as the last debdiff I posted, with the version
 number changed, or I could squash the two patches as I mentioned before)

You can post the debdiff here and ask for sponsorship.  CCing -mentors
and your past sponsors may be wise also.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MMUJCV=lzuigzf8rfgjp0ifdokfldsm7gqmemd3rsj...@mail.gmail.com

Bug#776733: unblock: libsndfile/1.0.25-9.1

2015-01-31 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please consider unblocking libsndfile.  It fixes buffer overrun issues
(bug #774162).

unblock libsndfile/1.0.25-9.1
diff -Nru libsndfile-1.0.25/debian/changelog libsndfile-1.0.25/debian/changelog
--- libsndfile-1.0.25/debian/changelog	2014-01-29 19:43:08.0 +
+++ libsndfile-1.0.25/debian/changelog	2015-01-06 01:19:30.0 +
@@ -1,3 +1,10 @@
+libsndfile (1.0.25-9.1) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Fix CVE-2014-9496: buffer overread issues (closes: #774162).
+
+ -- Michael Gilbert mgilb...@debian.org  Sun, 04 Jan 2015 20:38:25 +
+
 libsndfile (1.0.25-9) unstable; urgency=low
 
   * debian/rules: Switch from autotools-dev to dh-autoreconf.
diff -Nru libsndfile-1.0.25/debian/patches/CVE-2014-9496.patch libsndfile-1.0.25/debian/patches/CVE-2014-9496.patch
--- libsndfile-1.0.25/debian/patches/CVE-2014-9496.patch	1970-01-01 00:00:00.0 +
+++ libsndfile-1.0.25/debian/patches/CVE-2014-9496.patch	2015-01-06 01:19:50.0 +
@@ -0,0 +1,31 @@
+description: fix buffer overread issues
+origin: https://github.com/erikd/libsndfile/commit/dbe14f00030af5d3577f4cabbf9861db59e9c378
+
+--- a/src/sd2.c
 b/src/sd2.c
+@@ -513,6 +513,11 @@ sd2_parse_rsrc_fork (SF_PRIVATE *psf)
+ 
+ 	rsrc.type_offset = rsrc.map_offset + 30 ;
+ 
++	if (rsrc.map_offset + 28  rsrc.rsrc_len)
++	{   psf_log_printf (psf, Bad map offset.\n) ;
++		goto parse_rsrc_fork_cleanup ;
++		} ;
++
+ 	rsrc.type_count = read_rsrc_short (rsrc, rsrc.map_offset + 28) + 1 ;
+ 	if (rsrc.type_count  1)
+ 	{	psf_log_printf (psf, Bad type count.\n) ;
+@@ -529,7 +534,12 @@ sd2_parse_rsrc_fork (SF_PRIVATE *psf)
+ 
+ 	rsrc.str_index = -1 ;
+ 	for (k = 0 ; k  rsrc.type_count ; k ++)
+-	{	marker = read_rsrc_marker (rsrc, rsrc.type_offset + k * 8) ;
++	{   if (rsrc.type_offset + k * 8  rsrc.rsrc_len)
++		{   psf_log_printf (psf, Bad rsrc marker.\n) ;
++			goto parse_rsrc_fork_cleanup ;
++			} ;
++
++		marker = read_rsrc_marker (rsrc, rsrc.type_offset + k * 8) ;
+ 
+ 		if (marker == STR_MARKER)
+ 		{	rsrc.str_index = k ;
diff -Nru libsndfile-1.0.25/debian/patches/series libsndfile-1.0.25/debian/patches/series
--- libsndfile-1.0.25/debian/patches/series	2014-01-29 19:43:08.0 +
+++ libsndfile-1.0.25/debian/patches/series	2015-01-06 01:19:14.0 +
@@ -1,2 +1,3 @@
 00lossy_comp_test-overflow.diff
 01_sd2_rsrc_segfault.diff
+CVE-2014-9496.patch

Bug#773319: pre-approval: unblock: sudo/1.8.10p3-1.1; possibly sudo/1.8.11p2-1.1?

2015-01-27 Thread Michael Gilbert

On Tue, Jan 27, 2015 at 4:24 AM, Christian Kastner wrote:
 Control: tags -1 - moreinfo

 Hi,

 On 2015-01-17 20:38, Ivo De Decker wrote:
 Don't remove the moreinfo tag from this bug when the upload enters t-p-u
 (unless you have other info to add to the discussion). Leave it there for at
 least 5 days. After that, remove the moreinfo tag from this bug and let us
 know whether you had any reports about the upload (good or bad). We will
 review the situation at that point.

 sudo 1.8.10p3-1+deb8u1 was uploaded to t-p-u on 2015-01-19. In the week
 since then, no new bugs were reported, nor have I become aware of any
 other issues.

There is a new sudo RC bug #776137 (not related to this issue).  That
also needs fixing before an unblock will likely be granted.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MOOVuw-==_TkbVp10VT_BoZVU2b8tEHYCkXFEBC42=u...@mail.gmail.com

Bug#776247: unblock: chromium-browser/40.0.2214.91-1

2015-01-25 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please consider unblocking chromium.  This is a new upstream release
that fixes a bunch of security issues.

unblock chromium-browser/40.0.2214.91-1


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MNK4_kKt-fqPXMNjV9H7ge0m_OST=8sxoksjujhvje...@mail.gmail.com

Bug#776258: unblock: minizip/1.1-5

2015-01-25 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please consider unblocking minizip.  It fixes a directory traversal
security flaw (bug #774321).

unblock minizip/1.1-5


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mnqf3hqola1is3p9seyj6upjtuepyo356fbks-yjs8...@mail.gmail.com

Bug#776258: unblock: minizip/1.1-5

2015-01-25 Thread Michael Gilbert

Here is the diff between testing and unstable.
diff -Nru minizip-1.1/debian/changelog minizip-1.1/debian/changelog
--- minizip-1.1/debian/changelog	2014-06-28 20:09:22.0 +
+++ minizip-1.1/debian/changelog	2015-01-26 00:37:35.0 +
@@ -1,3 +1,16 @@
+minizip (1.1-5) unstable; urgency=medium
+
+  * Complete fix for CVE-2014-9485: also handle relative path directory
+traversal condition (closes: #774321).
+
+ -- Michael Gilbert mgilb...@debian.org  Mon, 26 Jan 2015 00:35:05 +
+
+minizip (1.1-4) unstable; urgency=medium
+
+  * Fix a directory traversal issue in miniunzip (closes: #774321).
+
+ -- Michael Gilbert mgilb...@debian.org  Wed, 31 Dec 2014 21:14:01 +
+
 minizip (1.1-3) unstable; urgency=medium
 
   * Conflict with libkml-dev (closes: #752926).
diff -Nru minizip-1.1/debian/patches/series minizip-1.1/debian/patches/series
--- minizip-1.1/debian/patches/series	2014-06-08 05:50:21.0 +
+++ minizip-1.1/debian/patches/series	2014-12-31 21:28:42.0 +
@@ -1 +1,2 @@
 automake.patch
+traversal.patch
diff -Nru minizip-1.1/debian/patches/traversal.patch minizip-1.1/debian/patches/traversal.patch
--- minizip-1.1/debian/patches/traversal.patch	1970-01-01 00:00:00.0 +
+++ minizip-1.1/debian/patches/traversal.patch	2015-01-26 00:38:04.0 +
@@ -0,0 +1,16 @@
+description: fix directory traversal issue in miniunzip
+author: Michael Gilbert mgilb...@debian.org
+Bug-Debian: https://bugs.debian.org/774321
+
+--- a/miniunz.c
 b/miniunz.c
+@@ -354,6 +354,9 @@ int do_extract_currentfile(uf,popt_extra
+ else
+ write_filename = filename_withoutpath;
+ 
++while (write_filename[0]=='/' || write_filename[0]=='.')
++write_filename++;
++
+ err = unzOpenCurrentFilePassword(uf,password);
+ if (err!=UNZ_OK)
+ {

Bug#774569: unblock: libgit2/0.21.1-1

2015-01-06 Thread Michael Gilbert

On Tue, Jan 6, 2015 at 3:39 PM, Niels Thykier wrote:
 I guess this is a request for a TPU upload given 0.21.2-1 is in unstable
 and you (per your follow up mail) want to upload 0.21.1-2?

 The change looks reasonable, but the bug #761539 is still open in
 unstable.  If this is indeed intended as a TPU upload, please NMU the
 unstable version first so we can have the patch tested before applying
 it to testing.

Is it worth the trouble?  The bug doesn't sound like it needs to be RC
since the package builds fine when TMP_DIR is on the same mount as the
build directory.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mnrta63vev0xrohryfyj56-w3a4gdopghujxg9veqw...@mail.gmail.com

Bug#774585: unblock: bind9/1:9.9.5.dfsg-8

2015-01-04 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock bind9.  It fixes an issue where a hang in named could
bring down the entire network #760555.

This only touches files in the bind9 binary package, so nothing in the
udebs has changed.

unblock bind9/1:9.9.5.dfsg-8
unblock-udeb bind9/1:9.9.5.dfsg-8


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MMwuKXytrKOc8O0YF-S=oz9f3w6kryqonyl1if17xb...@mail.gmail.com

Bug#774334: unblock: tcos/0.89.93+deb8u1

2015-01-01 Thread Michael Gilbert

control: usertag -1 -unblock +rm
control: retitle -1 RM: tcos/0.89.93

On Thu, Jan 1, 2015 at 5:06 AM, Adam D. Barratt wrote:
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765129#91 also suggests
 that the package doesn't really work afterwards and that we might be better
 not shipping it.

Somehow missed that.  Since the maintainer suggests removal, let's do
that instead.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mpnalvih3nzbstfw_b96rexnvchq2hkh7uqi8zc2ae...@mail.gmail.com

Bug#774334: unblock: tcos/0.89.93+deb8u1

2014-12-31 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Hi,

I would like to upload a targeted fix for the RC bug in tcos to tpu.
Please let me know if the attached changes look ok.

unblock tcos/0.89.93+deb8u1
diff -Nru tcos-0.89.93/debian/changelog tcos-0.89.93+deb8u1/debian/changelog
--- tcos-0.89.93/debian/changelog	2013-12-31 13:28:27.0 +
+++ tcos-0.89.93+deb8u1/debian/changelog	2015-01-01 00:50:39.0 +
@@ -1,3 +1,10 @@
+tcos (0.89.93+deb8u1) testing-proposed-updates; urgency=medium
+
+  * Non-maintainer upload.
+  * Switch libxmlrpc build-dependency order (closes: #765129).
+
+ -- Michael Gilbert mgilb...@debian.org  Thu, 01 Jan 2015 00:33:56 +
+
 tcos (0.89.93) unstable; urgency=low
 
   * Bump standards version to 3.9.4, no changes needed
diff -Nru tcos-0.89.93/debian/control tcos-0.89.93+deb8u1/debian/control
--- tcos-0.89.93/debian/control	2013-12-31 13:28:27.0 +
+++ tcos-0.89.93+deb8u1/debian/control	2015-01-01 00:36:22.0 +
@@ -4,7 +4,7 @@
 Maintainer: Mario Izquierdo (mariodebian) mariodeb...@gmail.com
 Build-Depends: debhelper (= 7.0.50~),
python (= 2.6.6-3~),
-   libxmlrpc-c3-dev | libxmlrpc-core-c3-dev,
+   libxmlrpc-core-c3-dev | libxmlrpc-c3-dev,
libxau-dev,
libxaw7-dev,
libimlib2-dev,

Bug#773572: RM: python-weblib/1.3.9-1

2014-12-19 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

The upstream developer wants it to not ship with jessie.  I guess the
reasoning is somewhat questionable, but it's what has been asked for
in #771505.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mp7uovoh-tkg+bs5lt3uxhs-qbly68wqjn5ise306g...@mail.gmail.com

Bug#771875: unblock: chromium-browser/39.0.2171.71-2

2014-12-02 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock chromium-browser.  It fixes some security issues and
fixes two RC issues: removing some non-free files and displaying info
about lack of support for  sse2.

Also a couple important issues were fixed: API keys for google
services were reenabled and some icon problems were corrected.

New upstream version because security updates for chromium in jessie
will stay in sync with upstream releases.

unblock chromium-browser/39.0.2171.71-2


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mp_pouctaw6e043texcvwycvr8p4dtffkddh4q5reh...@mail.gmail.com

Bug#771751: unblock: wine-development/1.7.29-4

2014-12-01 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock wine-development.  It fixes four important issues: a
texture corruption bug, a missing recommends on i386, a bug in the
launcher script, and depending rather than recommending gecko.

unblock wine-development/1.7.29-4
diff -Nru wine-development-1.7.29/debian/changelog wine-development-1.7.29/debian/changelog
--- wine-development-1.7.29/debian/changelog	2014-10-19 17:22:34.0 -0400
+++ wine-development-1.7.29/debian/changelog	2014-11-30 19:58:43.0 -0500
@@ -1,3 +1,17 @@
+wine-development (1.7.29-4) unstable; urgency=medium
+
+  * Fix upstream texture corruption bug (closes: #770483).
+  * Add libgl1-mesa-dri recommends to wine32 (closes: #771613).
+
+ -- Michael Gilbert mgilb...@debian.org  Mon, 01 Dec 2014 00:53:30 +
+
+wine-development (1.7.29-3) unstable; urgency=medium
+
+  * Add missing test in wine launcher script (closes: #767011).
+  * Recommend instead of depending wine-gecko (closes: #767717).
+
+ -- Michael Gilbert mgilb...@debian.org  Sun, 02 Nov 2014 03:41:35 +
+
 wine-development (1.7.29-2) unstable; urgency=medium
 
   * Build-depend on libgnutls28-dev to restore SSL support; enforce it at
diff -Nru wine-development-1.7.29/debian/control wine-development-1.7.29/debian/control
--- wine-development-1.7.29/debian/control	2014-10-19 17:28:12.0 -0400
+++ wine-development-1.7.29/debian/control	2014-12-01 01:09:05.0 -0500
@@ -84,8 +84,9 @@
  x11-utils,
  libncurses5,
  libfreetype6,
- libwine-gecko-2.24,
 Recommends:
+ libgl1-mesa-dri,
+ libwine-gecko-2.24,
  libasound2-plugins,
 Suggests:
  wine32-development-preloader,
@@ -101,8 +102,8 @@
  ${misc:Depends},
  ${shlibs:Depends},
  x11-utils,
- libwine-gecko-2.24,
 Recommends:
+ libwine-gecko-2.24,
  libasound2-plugins,
  wine32-development (= ${source:Version}),
 Suggests:
diff -Nru wine-development-1.7.29/debian/control.in wine-development-1.7.29/debian/control.in
--- wine-development-1.7.29/debian/control.in	2014-10-19 17:08:55.0 -0400
+++ wine-development-1.7.29/debian/control.in	2014-11-30 19:49:45.0 -0500
@@ -84,8 +84,9 @@
  x11-utils,
  libncurses5,
  libfreetype6,
- libwine-gecko-2.24,
 Recommends:
+ libgl1-mesa-dri,
+ libwine-gecko-2.24,
  libasound2-plugins,
 Suggests:
  wine32VERSION-preloader,
@@ -101,8 +102,8 @@
  ${misc:Depends},
  ${shlibs:Depends},
  x11-utils,
- libwine-gecko-2.24,
 Recommends:
+ libwine-gecko-2.24,
  libasound2-plugins,
  wine32VERSION (= ${source:Version}),
 Suggests:
diff -Nru wine-development-1.7.29/debian/patches/series wine-development-1.7.29/debian/patches/series
--- wine-development-1.7.29/debian/patches/series	2014-10-19 17:08:55.0 -0400
+++ wine-development-1.7.29/debian/patches/series	2014-11-30 19:52:03.0 -0500
@@ -14,3 +14,5 @@
 glu32-link.patch
 
 debian-gnutls.patch
+
+upstream-37406.patch
diff -Nru wine-development-1.7.29/debian/patches/upstream-37406.patch wine-development-1.7.29/debian/patches/upstream-37406.patch
--- wine-development-1.7.29/debian/patches/upstream-37406.patch	1969-12-31 19:00:00.0 -0500
+++ wine-development-1.7.29/debian/patches/upstream-37406.patch	2014-11-30 19:53:07.0 -0500
@@ -0,0 +1,36 @@
+commit aad1997dff990ceeba90ece0d535c7826044a5cf
+Author: Stefan Dösinger ste...@codeweavers.com
+Date:   Wed Oct 22 21:56:38 2014 +0200
+
+wined3d: Remove texture locations after downloading all subresources.
+
+--- a/dlls/wined3d/surface.c
 b/dlls/wined3d/surface.c
+@@ -1207,7 +1207,6 @@ static void surface_unload(struct wined3d_resource *resource)
+ surface_load_location(surface, surface-resource.map_binding);
+ surface_invalidate_location(surface, ~surface-resource.map_binding);
+ }
+-wined3d_texture_force_reload(surface-container);
+ 
+ context = context_acquire(device, NULL);
+ gl_info = context-gl_info;
+--- a/dlls/wined3d/texture.c
 b/dlls/wined3d/texture.c
+@@ -979,6 +979,7 @@ static void wined3d_texture_unload(struct wined3d_resource *resource)
+ sub_resource-resource_ops-resource_unload(sub_resource);
+ }
+ 
++wined3d_texture_force_reload(texture);
+ wined3d_texture_unload_gl_texture(texture);
+ }
+ 
+--- a/dlls/wined3d/volume.c
 b/dlls/wined3d/volume.c
+@@ -451,7 +451,6 @@ static void volume_unload(struct wined3d_resource *resource)
+ }
+ 
+ /* The texture name is managed by the container. */
+-wined3d_texture_force_reload(volume-container);
+ volume-flags = ~WINED3D_VFLAG_CLIENT_STORAGE;
+ 
+ resource_unload(resource);
diff -Nru wine-development-1.7.29/debian/scripts/wine wine-development-1.7.29/debian/scripts/wine
--- wine-development-1.7.29/debian/scripts/wine	2014-10-19 17:08:55.0 -0400
+++ wine-development-1.7.29/debian/scripts/wine	2014-11-30 19:37:00.0 -0500
@@ -21,7 +21,7 @@
 fi
 
 if test -z $WINEPREFIX; then
-if $wine = $wine64; then
+if test $wine

Bug#771639: unblock: wine/1.6.2-17

2014-11-30 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock wine.  An RC issue is fixed, an important dependency on
i386 is added, and binfmt set up is documented.

unblock wine/1.6.2-17


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mpqno9te7nlzv4mt6rxgmfujei-woq7xajpp2xebsb...@mail.gmail.com

Bug#771639: unblock: wine/1.6.2-17

2014-11-30 Thread Michael Gilbert

On Mon, Dec 1, 2014 at 12:39 AM, Adam D. Barratt wrote:
 Please unblock wine.  An RC issue is fixed, an important dependency on
 i386 is added, and binfmt set up is documented.

 Unblocked.

Thanks! :)


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=molgapze3xq+jcl8wz2ptt_n2_xwygc9qtrwcqczpv...@mail.gmail.com

Bug#769116: unblock: guake/0.5.0-2

2014-11-11 Thread Michael Gilbert

On Tue, Nov 11, 2014 at 3:24 PM, Jonathan Wiltshire wrote:
 guake (0.5.0-2) unstable; urgency=low
  .
* debian/patches
  + fix_floating_point_exception.diff patch
 + floating point exception when system fixed font set. Closes: 
 #761430

 Your works looks fine, but unfortunately the version in testing is
 currently 0.4.4-1. Can your fix be backported to this version so we can
 handle it through testing-proposed-updates?

Guakein testing was never affected by that bug (the bts version
tracking is in fact correct), so there is no need for that.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MOeFzvN-V5JN6P+r-a00=hi1tzbegzoyrufuvg4svf...@mail.gmail.com

Re: Bug#767411: torque: should not be released with jessie

2014-11-01 Thread Michael Gilbert

On Sat, Nov 1, 2014 at 11:46 AM, Salvatore Bonaccorso wrote:
 Given Dominique's reply on #767411, from my POV I think the best
 solution would be to remove torque completely for jessie (i.e. first
 drop support from openmpi to be able to remove the package and
 remaining reverse dependencies).

4 wheezy DSAs doesn't necessarily sound that horrible, so I don't
think we're clearly at the point where torque should be considered
unsupportable.  Maybe the patch backports were an incredible amount of
work?

The package does clearly need to be orphaned, so someone can step up
post-jessie to get the package in sync with upstream.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MNGM0XsNCWTAGe5FEO05sfiX6y91Hm2M=630sy14wb...@mail.gmail.com

Bug#767314: unblock: lwjgl/2.7.1+dfsg-4

2014-10-29 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please consider unblocking/aging lwjgl.

There is no version currently in testing due to because of autoremoval
related to openjdk bug #765037, which was just fixed about a couple
days before the new lwjgl upload.

The debdiff from the prior lwjgl version in testing/wheezy is
attached.  I guess its probably undesirably large due to the packaging
modernization and cleanup that had been staged previously.  If you
want another upload without that, I'll do it.

unblock lwjgl/2.7.1+dfsg-4
diff -Nru lwjgl-2.7.1+dfsg/debian/changelog lwjgl-2.7.1+dfsg/debian/changelog
--- lwjgl-2.7.1+dfsg/debian/changelog	2012-05-07 15:06:44.0 -0400
+++ lwjgl-2.7.1+dfsg/debian/changelog	2014-10-26 20:43:24.0 -0400
@@ -1,3 +1,11 @@
+lwjgl (2.7.1+dfsg-4) unstable; urgency=low
+
+  * Update packaging standards.
+  * Remove binutils-gold build conflict (closes: #749957).
+  * Build-depend openjdk-7 = 7u71-2.5.3-1 (closes: #761269).
+
+ -- Michael Gilbert mgilb...@debian.org  Mon, 13 Oct 2014 06:05:00 +
+
 lwjgl (2.7.1+dfsg-3) unstable; urgency=low
 
   * add java bin dir to the PATH environment (closes: #664180)
diff -Nru lwjgl-2.7.1+dfsg/debian/compat lwjgl-2.7.1+dfsg/debian/compat
--- lwjgl-2.7.1+dfsg/debian/compat	2012-05-07 14:41:00.0 -0400
+++ lwjgl-2.7.1+dfsg/debian/compat	2014-10-26 20:05:02.0 -0400
@@ -1 +1 @@
-7
+9
diff -Nru lwjgl-2.7.1+dfsg/debian/control lwjgl-2.7.1+dfsg/debian/control
--- lwjgl-2.7.1+dfsg/debian/control	2012-05-07 14:45:05.0 -0400
+++ lwjgl-2.7.1+dfsg/debian/control	2014-10-26 20:42:09.0 -0400
@@ -6,11 +6,11 @@
  Gabriele Giacone 1o5g4...@gmail.com,
  Michael Gilbert mgilb...@debian.org,
 Build-Depends:
- debhelper (= 8),
+ debhelper (= 9),
  javahelper,
  ant,
  ant-optional,
- default-jdk,
+ openjdk-7-jdk (= 7u71-2.5.3),
  libjinput-java,
  libxrandr-dev,
  libxxf86vm-dev,
@@ -18,13 +18,10 @@
  libxt-dev,
 Build-Depends-Indep:
  default-jdk-doc,
-Build-Conflicts:
- binutils-gold,
-Standards-Version: 3.9.3
-Vcs-Git: git://git.debian.org/git/pkg-java/lwjgl.git
-Vcs-Browser: http://git.debian.org/?p=pkg-java/lwjgl.git
-Homepage: http://lwjgl.org/
-DM-Upload-Allowed: yes
+Standards-Version: 3.9.6
+Vcs-Git: git://anonscm.debian.org/pkg-java/lwjgl.git
+Vcs-Browser: https://anonscm.debian.org/cgit/pkg-java/lwjgl.git
+Homepage: http://lwjgl.org
 
 Package: liblwjgl-java
 Architecture: all
diff -Nru lwjgl-2.7.1+dfsg/debian/copyright lwjgl-2.7.1+dfsg/debian/copyright
--- lwjgl-2.7.1+dfsg/debian/copyright	2012-05-07 13:33:31.0 -0400
+++ lwjgl-2.7.1+dfsg/debian/copyright	2014-10-26 20:43:48.0 -0400
@@ -1,11 +1,10 @@
-Format: http://anonscm.debian.org/viewvc/dep/web/deps/dep5.mdwn?revision=202 
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0
 Upstream-Name: lwjgl - Lightweight Java Game Library
 Upstream-Contact: LWJGL developers i...@lwjgl.org
-Source: http://java-game-lib.svn.sourceforge.net/viewvc/java-game-lib/
 
 Files: *
 Copyright: 2002-2010, Lightweight Java Game Library Project
-License: BSD
+License: BSD-3-clause
  Redistribution and use in source and binary forms, with or without
  modification, are permitted provided that the following conditions are
  met:
@@ -31,7 +30,7 @@
 
 Files: ./src/native/common/extgl.c ./src/native/windows/extgl_wgl.c
 Copyright: 2001-2002, Lev Povalahev l...@gmx.net
-License: BSD
+License: BSD-3-clause
  Redistribution and use in source and binary forms, with or without
  modification, are permitted provided that the following conditions are
  met:
@@ -56,8 +55,10 @@
  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 Files: debian/*
-Copyright: 2010, Gabriele Giacone 1o5g4...@gmail.com
-License: BSD
+Copyright:
+ 2010 Gabriele Giacone 1o5g4...@gmail.com
+ 2011-2014 Michael Gilbert mgilb...@debian.org
+License: BSD-3-clause
  Redistribution and use in source and binary forms, with or without
  modification, are permitted provided that the following conditions are
  met:
diff -Nru lwjgl-2.7.1+dfsg/debian/patches/allarchs.patch lwjgl-2.7.1+dfsg/debian/patches/allarchs.patch
--- lwjgl-2.7.1+dfsg/debian/patches/allarchs.patch	1969-12-31 19:00:00.0 -0500
+++ lwjgl-2.7.1+dfsg/debian/patches/allarchs.patch	2014-10-26 20:37:01.0 -0400
@@ -0,0 +1,73 @@
+Author: Gabriele Giacone 1o5g4...@gmail.com
+Description: support for building on all architectures
+
+--- a/platform_build/linux_ant/build.xml
 b/platform_build/linux_ant/build.xml
+@@ -6,12 +6,14 @@
+ 	property name=libname64 value=liblwjgl64.so/
+ 	property name=libs32 value=-L/usr/X11R6/lib -L/usr/X11/lib -lm -lX11 -lXext -lXcursor -lXrandr -lpthread -L${java.home}/lib/i386 -ljawt /
+ 	property name=libs64 value=-L/usr/X11R6/lib64 -L/usr/X11/lib64 -lm -lX11 -lXext -lXcursor -lXrandr -lXxf86vm -lpthread -L${java.home}/lib/amd64 -ljawt /
++	property name=libs value=-L/usr/X11R6/lib -L/usr/X11/lib -lm

Bug#763278: gcc 4.9 wheezy-pu?

2014-10-10 Thread Michael Gilbert

On Fri, Oct 10, 2014 at 3:23 AM, Matthias Klose wrote:
 Am 10.10.2014 um 06:39 schrieb Adam D. Barratt:
 On Thu, 2014-10-09 at 23:01 -0400, Michael Gilbert wrote:
 Note that the window for the next stable update is closing in about a
 week, so there isn't a lot of time.

 Actually, the /point release/ is in about a week. The advertised window
 for getting updates in to it closes this weekend.

 I don't think updating all the shared libraries in a stable release is a good
 thing.

That would only happen if gcc-defaults were changed to default to the
new package and the release team somehow ok'd binnmus of a bunch of
stable packages, which is rather unlikely, right?

 What you might want to do is to package the current 4.9 as a
 gcc-snapshot package, and use this one, probably with static libgcc and 
 libstdc++.

Isn't -snapshot meant to indicate experimental versions?  The plan is
more to do an exact backport of the current gcc 4.9 package in
testing.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MP=fdhjwedzd_r2rgx5kr0754b7ufehjwol2exsa5e...@mail.gmail.com

Bug#763278: gcc 4.9 wheezy-pu?

2014-10-09 Thread Michael Gilbert

Hi,

I would like to ask for your opinion about uploading a newer gcc
version to wheezy?

This is to be able to continue building chromium security updates,
which has been discussed with the release team [0].  They've requested
that I discuss it with gcc maintainers, which is the reason for this
message.

I would be responsible for building and maintaining it.

Anyway, any thoughts?

Note that the window for the next stable update is closing in about a
week, so there isn't a lot of time.

Best wishes,
Mike

[0] http://bugs.debian.org/763278


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MNYx9hQTv1bC=5LsZDFGSJ=y9ws0dqfleufuvencgc...@mail.gmail.com

Bug#758492: RM: lcms/1.19.dfsg2-1.5

2014-10-05 Thread Michael Gilbert

control: tag -1 -moreinfo
control: unblock -1 by 740495
control: unblock -1 by 757384

On Mon, Aug 18, 2014 at 1:11 AM, Niels Thykier wrote:
 Are we (really) ready for this?  Removal of lcms in testing would break
 several packages including gimp and libmagickcore-dev[1]

lcms no longer has any reverse dependencies or reverse build
dependencies in testing, so it is ready to be removed now.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MOetUfo_GfQF_OcVkRjv9dMY-Q=krNS=dyxbeheenk...@mail.gmail.com

Re: Bug#762762: Updating isc-dhcp udeb to dynamically link bind (was: Bug#762762: nmu fixing bind issues)

2014-10-05 Thread Michael Gilbert

On Sun, Oct 5, 2014 at 9:59 PM, Cyril Brulebois wrote:
 I'm not going to go through building this on a kfreebsd porterbox to try
 and figure out how isc-dhcp would look if rebuilt against such packages,
 but that looks a saner base for porters to build upon.

 That doesn't make the timing issues I've mentioned disappear though. I'm
 OK with thinking about it again if porters endorse/welcome/successfully
 test the resulting packages and installation images.

Thanks for the feedback.

Would it be ok to stage the changes in unstable to make it somewhat
easy for porters to test?

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mpb5cgpq1oe6d_vpsoggyk6o3y2bqrrxwba_ozlh6m...@mail.gmail.com

Re: Bug#763278: wheezy-pu: gcc-4.9/4.9.1-14~deb7u1

2014-10-02 Thread Michael Gilbert

On Thu, Oct 2, 2014 at 5:48 AM, Adam D. Barratt  wrote:
 Well, someone could attempt to persuade upstream to delay the change, or
 work on fixing things up to work with 4.7 where required.

Starting with chromium 38, they're using C++ features only implemented
in gcc = 4.8, and it seems like they're gung-ho about that, brazenly
announcing that they don't care about breaking old os versions in the
process.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mozfwogerts95be_3zjeenay87eglv4_wrql82ngkd...@mail.gmail.com

Bug#763278: wheezy-pu: gcc-4.9/4.9.1-14~deb7u1

2014-10-02 Thread Michael Gilbert

On Tue, Sep 30, 2014 at 2:10 PM, Adam D. Barratt wrote:
 Control: tags -1 + moreinfo

 On Sun, 2014-09-28 at 16:00 -0400, Michael Gilbert wrote:
 chromium 38 is currently planning to drop support for all compilers
 less than gcc 4.8 (and all clang not built against = gcc 4.8).  So
 wheezy will soon have no way to compile an up to date chromium.

 Can we quantify soon?

38 will be released in he next couple weeks, which is quite soon.

 In order to continue providing security updates for chromium in
 wheezy, I would like to propose a gcc wheezy-pu.  I haven't tried to
 get this working yet, and am sending this to see whether the release
 team would even consider this.

 Have you discussed this with the gcc maintainers? What's their opinion
 on the idea, in terms of feasibility and supportability?

Haven't yet, but I'll start a conversation.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=moyxkwflj4+xpyyo_+wpurs3ovtxlpyf4guan+xkus...@mail.gmail.com

Bug#763278: wheezy-pu: gcc-4.9/4.9.1-14~deb7u1

2014-09-28 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: pu
Severity: normal
Tags: security

chromium 38 is currently planning to drop support for all compilers
less than gcc 4.8 (and all clang not built against = gcc 4.8).  So
wheezy will soon have no way to compile an up to date chromium.

In order to continue providing security updates for chromium in
wheezy, I would like to propose a gcc wheezy-pu.  I haven't tried to
get this working yet, and am sending this to see whether the release
team would even consider this.

The alternative is to drop chromium security support for wheezy way too soon.

I'm proposing gcc 4.9 to hedge against future upstream compiler
requirements, but gcc 4.8 would also be an option.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MMZ=5frqktmpdjnfz9wv45jy0nh+dm8mzwp-gns955...@mail.gmail.com

Re: [SRM] proposed krb5 upload for stable

2014-09-20 Thread Michael Gilbert

On Sat, Sep 20, 2014 at 12:24 PM, Julien Cristau wrote:
On Thu, Apr 25, 2013 at 15:53:40 -0400, Benjamin Kaduk wrote:

Hi all,

I've been working with hartmans to get some updates to krb5 into Debian (he
is pretty busy these days, and I'm at upstream). A couple of issues are
serious enough that I think they merit being fixed in stable:

#704775 - KDC crash by authenticated user with unmodified client tools
#704647 - use of reverse DNS cannot be disabled, which breaks many
configurations

CVE-2013-1415 (KDC null pointer dereference with PKINIT) was not assigned a
Debian bug number because we imported the fix right away. It is less
serious than #704775, but the patch is very small and it seemed worth
including if an upload was to happen.

These patches are all taken from upstream, and are already in wheezy.

Per the quoted mail below (from #704775), Sam is prepared to upload the
attached debdiff given SRM approval.

Hi Benjamin,

I'm really sorry we didn't reply to this mail in anywhere close to a
reasonable time. As squeeze is now EOL I guess this is now moot. In
the future, please open bugs against the release.debian.org
pseudo-package for proposed stable or oldstable updates, there's less
chance of something slipping through the cracks that way.

Hi Benjamin,

You can do a squeeze LTS upload on your own now. Please see:
https://wiki.debian.org/LTS/Development

Best wishes,
Mike

--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/CANTw=motkzfmjb8wwwt1ldahgswx4kujs-uay_duckraimy...@mail.gmail.com

Bug#759036: RM: wine-doc/1.0.0-1

2014-08-23 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please remove src:wine-doc from testing.  It's no longer provided
upstream as a tarball.  The the wine packages now have a url included
in the README.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=mm8n_rnwbdcxuvkkeajsd194y8bxizt27eewo80zms...@mail.gmail.com

Bug#759036: RM: wine-doc/1.0.0-1

2014-08-23 Thread Michael Gilbert

control: reassign -1 ftp.debian.org
control: retitle -1 RM: wine-doc -- ROM; obsolete package

On Sat, Aug 23, 2014 at 7:19 PM, Adam D. Barratt wrote:
 If the package is obsolete, should it be removed from unstable?

Yes, reassigning.


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MMPXoNFUXW8LV4KTrvLg=xqy3cxYbi9kvKFeNEUEd+==w...@mail.gmail.com

Bug#758492: RM: lcms/1.19.dfsg2-1.5

2014-08-17 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please remove src:lcms from testing.  Some reverse dependencies still
need to be migrated to lcms2 (see #717928).

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MNPz+XSrojFgcO6tSK+7UpvnFcpCDaxTxWs2RMhK=y...@mail.gmail.com

Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4

2013-05-29 Thread Michael Gilbert

On Sun, May 26, 2013 at 6:59 AM, Adam D. Barratt wrote:
 Control: tags -1 + confirmed

 On Sun, 2013-05-12 at 12:58 -0400, Michael Gilbert wrote:
 On Tue, Apr 16, 2013 at 8:08 AM, Adam D. Barratt wrote:
 It's now after.  How would you like me to approach this?  Do I need to
 do a new upload to spu?  If so, should the version be +deb70u5 or
 +deb70u6?  It looks like the tpu didn't get automatically moved over
 to spu [0]?

 Yes, the latter and no, in that order. :-)

 There is one issue, which is that testing still has +deb70u3, as there
 doesn't seem to be any movement on #692808; that'll need resolving
 somehow before the point release.

Here is a proposed spu patch addressing all of the above.  Please let
me know if it is ok to upload.

Best wishes,
Mike


isc-dhcp.patch
Description: Binary data

Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4

2013-05-12 Thread Michael Gilbert

On Tue, Apr 16, 2013 at 8:08 AM, Adam D. Barratt wrote:
 user release.debian@packages.debian.org
 usertags 704566 = pu
 tags 704566 = wheezy
 retitle 704566 pu: isc-dhcp/4.2.2.dfsg.1-5+deb70u4
 tags 704426 + wheezy-ignore
 usertags 704426 + wheezy-can-defer
 thanks


 On 13.04.2013 17:28, Cyril Brulebois wrote:

 Adam D. Barratt a...@adam-barratt.org.uk (13/04/2013):

 Thanks. I'd be happy to unblock that version, but it'll need a d-i ack

 if it's to get in to wheezy. I'm not sure how feasible getting any more
 changes is on that side right now, but let's see...


 Advisory says:
 | libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to
 | cause a denial of service (memory consumption) via vectors involving a
 | regular expression, as demonstrated by a memory-exhaustion attack
 | against a machine running a dhcpd process, a related issue to
 | CVE-2013-2266.

 I'd rather avoid taking chances at this very late stage. Before rc2
 would have been doable, but now… not so much.


 In which case, let's look at this again after the release?

It's now after.  How would you like me to approach this?  Do I need to
do a new upload to spu?  If so, should the version be +deb70u5 or
+deb70u6?  It looks like the tpu didn't get automatically moved over
to spu [0]?

Best wishes,
Mike

[0] http://packages.qa.debian.org/i/isc-dhcp.html


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MPLznqnQb8EnK3V0g2nL4Ao3kOG+Q0DW==t0nbt+to...@mail.gmail.com

Re: piuparts squeeze-wheezy [i386] tests

2013-05-05 Thread Michael Gilbert

On Thu, May 2, 2013 at 7:17 AM, Andreas Beckmann wrote:
Hi,

Julien asked me about running piuparts tests for i386 (especially for
the multiarch-support libc6 dependency) ... I patched piuparts a bit to
support doing this on an amd64 host and started running distupgrade
tests now. squeeze2wheezy --with-recommends for amd64 took 5 days, so
this here (without recommends) should be faster. 27500 binary packages
to go ... :-)

Hi Andreas,

On a related topic, have you thought about possibly integrating
piuparts.debian.org into britney's testing transition decision making
logic?

Looking only at your bug page [0] (not taking into account other
people doing piuparts bug reporting), there were almost 200 bugs
submitted with serious severity for wheezy, and almost all of them
were piuparts related (an non-rigorous count gives about 20 were not).

I wonder if there isn't a huge opportunity to avoid a vast majority of
these issues for the upcoming cycle by automatically keeping them out
of jessie?

There were around 500 rc bugs at the freeze, and that number went up
and down a lot, so lets conservatively estimate the total number of rc
bugs handled during the freeze at 1,000. If the piuparts ones were
automatically prevented from affecting testing, that would be a 20%
reduction in the total work required to get the release done.

Finally, over the past 5 years (since piuparts bug tagging started in
earnest), there have been over 1,100 rc bugs tagged piuparts [1].
That's enormous. Automatically keeping all of those out of testing
would be a huge win.

So, I wonder if you have interest in working on this? The sooner it
gets started, the more rc issues there are that can be kept out of
jessie from the start. I also may be able to find some time to help.

Best wishes,
Mike

[0]
http://bugs.debian.org/cgi-bin/pkgreport.cgi?archive=both;include=severity%3Aserious;submitter=anbe%40debian.org
[1]
http://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=piuparts;users=debian...@lists.debian.orgarchive=both

--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/CANTw=mmsmbpe7w_xsu02lcko9aqblj_ci7za5-mez4kbbxt...@mail.gmail.com

Bug#705716: RM: dovecot-solr/1:2.1.7-7

2013-04-18 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please consider removing dovecot-solr.  It's had an open RC bug
(#704422) for three weeks now and no activity at all except for the
bug submission.  It has no reverse-dependencies and has never been in
a stable release.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mn8b3sc3esdpnr3ecgtqmnbpvs0_g0jadc0xszmbk-...@mail.gmail.com

Bug#705717: RM: gnustep-dl2/0.12.0-9

2013-04-18 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please consider removing gnustep-dl2.  It seems to be incompatible
with gobjc 4.7 (bug #705602).  It has no reverse dependencies.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mmay7qllp-fwoadbpjcmsobz-sa+wtyue26+ouhgi7...@mail.gmail.com

Bug#705718: RM: openvpn-auth-ldap/2.0.3-5

2013-04-18 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please consider removing openvpn-auth-ldap.  It seems to be incompatible
with gobjc 4.7 (bug #641811).  It has no reverse dependencies.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mm3tujaecvbhywdbbsssjvfuz9b95qtbv6ad57r2gy...@mail.gmail.com

Bug#705717: RM: gnustep-dl2/0.12.0-9

2013-04-18 Thread Michael Gilbert

On Thu, Apr 18, 2013 at 9:09 PM, Michael Gilbert wrote:
 Package: release.debian.org
 User: release.debian@packages.debian.org
 Usertags: rm
 Severity: normal

 Please consider removing gnustep-dl2.  It seems to be incompatible
 with gobjc 4.7 (bug #705602).  It has no reverse dependencies.

Missed this.  steptalk is a reverse dependency that would also need removed.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mmd9ds6sudzx43ygeru3-mgpdgujjsxrmdmbuohvnu...@mail.gmail.com

Bug#705353: RM: tomboy-latex/0.5-3

2013-04-13 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please consider removing tomboy-latex.  The current version is
incompatible with tomboy in testing (bug #705314).  The only way to
fix this situation is to bring a new upstream version into testing,
which is of course unacceptable.

It has no reverse dependencies.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MOEjZiKKw=tmay-bmyyaw-p4gqcrmkwep10svc0pgt...@mail.gmail.com

Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4

2013-04-13 Thread Michael Gilbert

On Fri, Apr 12, 2013 at 3:26 AM, Jonathan Wiltshire wrote:
 Control: tag -1 + confirmed

 On Thu, Apr 11, 2013 at 10:21:52PM -0400, Michael Gilbert wrote:

 I've attached a proposed patch-using patch, and will wait for an ack.


 Thanks, please go ahead and ping this bug when uploaded.

Uploaded.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MM4zdCAsVZVhWKbEZGT4nc_u4SHB-4HzRcE=9-m96y...@mail.gmail.com

Bug#705358: RM: xgraph/12.1-16

2013-04-13 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please consider removing xgraph.  The package contains non-free code
(bug #705152).  There is mention in the bug traffic that removing the
PW code may be easy, but looking it over a bit, it probably won't be,
and it will involve risk since it is spattered around in a lot of the
source files.

This would also affect its reverse dependencies ns2 and cl-rlc

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mmejrhhp0oijaabvpw+4mprt4zjb-vl0jfa2r2oyre...@mail.gmail.com

Bug#705365: unblock: chromium-browser/26.0.1410.43-1

2013-04-13 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock package chromium-browser

Please unblock chromium-browser. It fixes a lot of security issues,
and new upstream versions will be continually uploaded during wheezy's
release cycle.

unblock chromium-browser/26.0.1410.43-1


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=moyzp8_iuq2jry5+9chwasq2za6bajrdc13fjeixv-...@mail.gmail.com

Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4

2013-04-11 Thread Michael Gilbert

control: retitle -1 unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u5

On Mon, Apr 8, 2013 at 6:42 PM, Jonathan Wiltshire wrote:
 (sorry for the delay, which was to avoid a rash reply)
 (quotes have been re-ordered)

 On Wed, Apr 03, 2013 at 08:12:15PM -0400, Michael Gilbert wrote:
 On Wed, Apr 3, 2013 at 1:47 PM, Jonathan Wiltshire wrote:
  On Tue, Apr 02, 2013 at 09:07:44PM -0400, Michael Gilbert wrote:
  Please unblock package isc-dhcp
 
  This upload fixes a security issue in the embedded bind library.  It's
  a bit large due to the addition of a secondary patch system for
  patching bind issues.  Please see attached patch.
 
  unblock isc-dhcp/4.2.2.dfsg.1-5+deb70u4
 
  Nack with the patch system change. You can upload without it if you like.
 

 Anyway, adding the secondary bind patching system is actually not
 unrelated to the bug being fixed.  It is the sanest solution of 3 ugly
 possibilities:

 1.  Add the separate bind patching system
 2.  Extract bind.tar.gz (adding probably around 300,000 lines to the
 diff) and use the existing patching system

 Thank you, that is the missing explanation that would have saved a round
 trip mail.

 You are right that the first option is the better. However, I discussed it
 with Adam and we'd prefer the direct use of patch rather than added
 build-dependencies at this point. You get patch for free because dpkg-dev
 depends on it.

I've attached a proposed patch-using patch, and will wait for an ack.

Best wishes,
Mike


dhcp.patch
Description: Binary data

Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4

2013-04-03 Thread Michael Gilbert

On Wed, Apr 3, 2013 at 1:47 PM, Jonathan Wiltshire wrote:
 On Tue, Apr 02, 2013 at 09:07:44PM -0400, Michael Gilbert wrote:
 Please unblock package isc-dhcp

 This upload fixes a security issue in the embedded bind library.  It's
 a bit large due to the addition of a secondary patch system for
 patching bind issues.  Please see attached patch.

 unblock isc-dhcp/4.2.2.dfsg.1-5+deb70u4

 Nack with the patch system change. You can upload without it if you like.

 http://release.debian.org/wheezy/freeze_policy.html

So, yeah I'm of course aware of the freeze policy by now...

Anyway, adding the secondary bind patching system is actually not
unrelated to the bug being fixed.  It is the sanest solution of 3 ugly
possibilities:

1.  Add the separate bind patching system
2.  Extract bind.tar.gz (adding probably around 300,000 lines to the
diff) and use the existing patching system
3.  Avoid release team dogma and do the right thing with a DSA after
the release.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mp7hhqrkrij3km2jmiecm5czfuvebbzltyoxcghcc1...@mail.gmail.com

Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4

2013-04-03 Thread Michael Gilbert

On Wed, Apr 3, 2013 at 8:21 PM, Cyril Brulebois  wrote:
 Michael Gilbert mgilb...@debian.org (03/04/2013):
 So, yeah I'm of course aware of the freeze policy by now...

 Feel free to learn about the tpu “dogma” now; thank you very much.

Thank you.

Best wishes,
Mike


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MModD_gA5_v3he6j1q6EycJxLyGGm3pTpk51SdfGs=z...@mail.gmail.com

Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4

2013-04-02 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock package isc-dhcp

This upload fixes a security issue in the embedded bind library.  It's
a bit large due to the addition of a secondary patch system for
patching bind issues.  Please see attached patch.

unblock isc-dhcp/4.2.2.dfsg.1-5+deb70u4


dhcp.patch
Description: Binary data

Bug#704218: unblock: bind9/1:9.8.4.dfsg.P1-6+nmu1

2013-03-29 Thread Michael Gilbert

On Fri, Mar 29, 2013 at 4:08 PM, Adam D. Barratt wrote:

 Control: tags -1 + moreinfo


 On 29.03.2013 15:01, Salvatore Bonaccorso wrote:

  bind9 (1:9.8.4.dfsg.P1-6+nmu1) unstable; urgency=high
  .
* Non-maintainer upload by the Security Team.
* Fix cve-2012-5689: issue in nameservers using DNS64 to perform a 
  lookup for a record with an A record overwrite rule in a Response
 Policy
  Zone (closes: #699145).


 fwiw, this issue isn't marked as RC currently. The bug log notes that
 there wasn't a production quality patch available and instead the plan was
 to document how to avoid the issue, which Moritz seemed happy with. What
 changed?


A production-ready patch.


 * Fix cve-2013-2266: issues in regular expression handling
 (closes: #704174).


 and that one appears to have been NMUed around four hours after it was
 filed, which I'm not overjoyed about.


You're aware that this is easily exploited in the wild already?

Best wishes,
Mike

Bug#703257: RM: libnet-twitter-lite-perl/0.11002-1

2013-03-17 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please consider removing libnet-twitter-lite-perl.  The current
twitter API is being disable this month requiring large changes to the
codebase (bug #702523), which are likely unacceptable at this point in
the freeze.

Note that this will also require removing its reverse-dependency tircd.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mon16kuebutmiiyvdsikz3n4tosa9hafjcapn9atb8...@mail.gmail.com

Bug#703258: RM: libnet-twitter-perl/3.18003-1

2013-03-17 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please consider removing libnet-twitter-perl.  The current twitter API
is being disable this month requiring large changes to the codebase
(bug #702486, which are likely unacceptable at this point in the
freeze.

Note that this will also require removing its reverse-dependency webgui.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MNcFi7ULbET1pA=oeobd_v8hhg6wf4_a6ybe1fhykn...@mail.gmail.com

Re: openjdk maintenance for wheezy and squeeze

2013-03-17 Thread Michael Gilbert

On Tue, Mar 5, 2013 at 11:46 AM, Matthias Klose wrote:
Am 01.03.2013 04:35, schrieb Moritz Mühlenhoff:
Backporting security fixes with Java has turned out to be more of less
unfeasible. I tried this once with DSA 2507 and I think that amounted to at
least
two man days of work for that update alone. Also, Ubuntu has shipped
backports to all suites in USN-1724 and AFAICS the world hasn't stopped.
After all, everyone using Oracle Java will be exposed to the same
behaviourial changes.

So we should proceed with providing backports for openjdk in the future.

will that be in backports, stable updates, or security?

Via stable-security (i.e. DSAs).

If Matthias keeps the Debian/Ubuntu packaging in a state that it's easily
buildable on squeeze/wheezy for ojdk6 and for wheezy on ojdk7 I think
we should be able to handle Java updates resource-wise.

I do not intend to break that intentionally. Some back-porting may show some
issues, like patches not updated for older releases. There is a chance to
break
zero on some architectures, however if you feel that might become an issue,
just
disable zero for powerpc, ppc64, s390, s390x, as done for mips/mipsel. The
hotspot port for sparc/sparc64 seems to work currently, so your call how to
maintain it for wheezy.

Based on that and the below, it sounds like zero is troublesome, so it
should be disabled.

I'm not familiar with the Java internals, but if we're following that
approach
it would make sense to upgrade Wheezy to the version in experimental
(i.e. 7u15 instead of 7u3).

I won't upload this myself. IcedTea 7-2.3 uses two hotspot versions, one for
the
zero ports, one for the hotspot runtimes. From my point of view it would be
good
to update to a 7-2.[45] with a unified hotspot version capable to build both
zero and hotspot, and keep the current 7-2.1.x for now.

It looks like icedtea is currently at 1.3.1 and you want to bump it to
a 2.x version? I don't think the release team will like that very
much. Do you have any ideas on a solution that gets to openjdk 7u15
while sticking with icedtea 1.3.1?

Thanks,
Mike

--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/CANTw=mnwpa6jwriyeykd_a4ja6fyajzjw9-9guwird6+yey...@mail.gmail.com

Re: openjdk maintenance for wheezy and squeeze

2013-03-17 Thread Michael Gilbert

 I won't upload this myself. IcedTea 7-2.3 uses two hotspot versions, one for 
 the
 zero ports, one for the hotspot runtimes. From my point of view it would be 
 good
 to update to a 7-2.[45] with a unified hotspot version capable to build both
 zero and hotspot, and keep the current 7-2.1.x for now.

 It looks like icedtea is currently at 1.3.1 and you want to bump it to
 a 2.x version?  I don't think the release team will like that very
 much.  Do you have any ideas on a solution that gets to openjdk 7u15
 while sticking with icedtea 1.3.1?

Nevermind, so you're refering to icedtea, which is part of the openjdk
source, not icedtea-web.  Since that is part of the source package,
you're certainly free to choose whichever version you think best.
Would you mind doing that and uploading your choice to unstable?

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mpvfry4zpexmx+pqi0hdhn5h1-3bps86bxbaccyke9...@mail.gmail.com

Bug#703267: RM: rinputd/1.0.5-2

2013-03-17 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please remove rinputd.  It fails to install (#581999) and has no
reverse-dependencies.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MP9KGxjt4gLkjssSNsmuVRU4pTkgZmwMru6=fkdqcv...@mail.gmail.com

Bug#703270: RM: tcos/0.89.90

2013-03-17 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please remove tcos (RC bug #694870).  It has no reverse-dependencies
and has yet to be included in a stable release.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MPxCDgVk7X5d7=wnbhFiO17qCU+JqiG7P2S=JeHF=5...@mail.gmail.com

Bug#703257: RM: libnet-twitter-lite-perl/0.11002-1

2013-03-17 Thread Michael Gilbert

On Sun, Mar 17, 2013 at 4:38 PM, Jonathan Wiltshire j...@debian.org wrote:
I do not like this pattern of unannounced removal requests without
consulting maintainers. In these two cases I probably agree with the
intention, but not with the way you are going about it.

I also really dislike your recent habit of making discussions hard to
follow by opening new bugs. Please keep things in one place so everyone can
follow along.

I fail to follow this line of reasoning. Does the bts not make
everything more nice and tidy? Instead of discussions about removals
taking place in bug reports, and stagnating, the bts has a nice tidy
section on those.

Anyway, RM bugs are just like any other bug: they're only suggestions.
That's why I often say please consider. The release team is of
course going to investigate (i.e. talk to maintainers if needed)
before jumping the gun and ticking people off.

I've also found that RM bugs often light fires under people, resulting
in problems solved faster. So, that's all positive (except for the
maintainers that don't react).

Package removals are a healthy part of the release process. Let's not
slow that down.

NACK until the maintainers have chance to comment.

Completely understandable. I knew that would be part of the process.

Thanks for the feedback.

Best wishes,
Mike

--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/CANTw=mmg-ajfft2wuxizw2ojyjen6pvxk0terqumvt+4pnj...@mail.gmail.com

Bug#702465: RM: tty-clock/1.1-1

2013-03-16 Thread Michael Gilbert

On Wed, Mar 6, 2013 at 6:13 PM, Michael Gilbert wrote:
 Anyway, assuming things get figured out and fixed in a timely manner,
 this removal request can happily go away.

My opinion is that things aren't moving fast enough.  Some fixes were
uploaded (only) to experimental and new issues with how the code was
written keep being noticed in that bug report...

I think tty-clock should be removed at this point.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MNnGYtwoB+OzMHM4nrgCaBR3YeZ=JJ5U=Uf3wR4vFq=x...@mail.gmail.com

Bug#702186: RM: owncloud/4.0.4debian2-3.3

2013-03-16 Thread Michael Gilbert

On Sun, Mar 3, 2013 at 11:50 AM, Michael Gilbert wrote:
 As was brought up recently, owncloud is anticipated to be a nightmare
 security-wise during wheezy's lifetime:
 http://lists.debian.org/debian-release/2013/03/msg00042.html

 It has yet to land in a stable release and has no reverse-dependencies.

There are good 3 reasons to do this: #703094, #703084, and #692627.

703094 is being worked on, but I think that is a waste of time.

Can owncloud please be removed now?

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mmjpwsxnaikwufajyhb__rvm6gy+290_motx3rmf8g...@mail.gmail.com

Re: Advice needed: update-manager in wheezy considered dangerous

2013-03-11 Thread Michael Gilbert

On Mon, Mar 11, 2013 at 7:42 PM, Julian Andres Klode  wrote:
 Dear release team, I report this problem as we have switched our package 
 management
 stack in wheezy from update-manager and other components to PackageKit. Those
 old components are still in wheezy however, and especially update-manager can
 be considered to be horribly dangerous: It might break systems or contain 
 extreme
 security issues as it has not seen someone really care about it since 2 years.

In my opinion, it is really way too late for this.  If you want to
discourage people from using update-manager in wheezy, a patch to the
release notes would be most helpful.  Otherwise, let's not waste time
on a rather disruptive change when it can wait till the start of
jessie.

Best wishes
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mps-ohh04odfe42jflyudaehwp+caeuadht9qzwb9o...@mail.gmail.com

Bug#702465: RM: tty-clock/1.1-1

2013-03-06 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please remove tty-clock.  It's got lots of issues that aren't really
being worked on (bug #700738).  It also has no reverse-dependencies
and has yet to be included in a stable release.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MO2kZem8rv0OHNgrtedkBsopS0dcR=t0exk9a10vsr...@mail.gmail.com

Bug#702465: RM: tty-clock/1.1-1

2013-03-06 Thread Michael Gilbert

On Wed, Mar 6, 2013 at 5:47 PM, Antoine Beaupré anar...@debian.org wrote:
On 2013-03-06, Jonathan Wiltshire wrote:
On Wed, Mar 06, 2013 at 04:45:45PM -0500, Michael Gilbert wrote:
Please remove tty-clock. It's got lots of issues that aren't really
being worked on (bug #700738). It also has no reverse-dependencies
and has yet to be included in a stable release.

The bug you quote was filed on 16th Feb, and the most recent message was
from the maintainer just two days ago. I see little evidence that the
problems aren't being dealt with, just that they haven't been fixed as
quickly as you would like.

You should also include the maintainer, or at least the bug you quote, in
your RM proposal. It's not like Antoine is MIA. I would be a bit insulted
if this were my package.

I am CCing Antoine to give a chance to rebut your request.

Right... I am not sure what issues you are refering to, but if it's only
#700738, this addresses unsafeties in the code. One very specific
issue with use after free calls has been addressed and David
mentionned something about there being other issues when ran under
valgrind.

I don't believe those should warrant a complete removal from wheezy. At
most, if the known use-after-free issues are *not* patched in a timely
manner, I agree the package should be removed, but those already have a
patch.

If you know what the other issues are, I suggest you make a clearer
explanation of what those are instead of asking for a complete exclusion
of this package.

My statement was about only to those issues as described in the bug
report. The statement in [0] made it sound like there's more
(importantly) unknown work to be done. Its that unknown part that
made me concerned that not enough was going to happen before release.

Anyway, assuming things get figured out and fixed in a timely manner,
this removal request can happily go away.

Best wishes,
Mike

[0] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700738#23

--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/CANTw=mor0i8h3mbietiszmda9osqi74aquwzf07+z-ha4jk...@mail.gmail.com

Bug#702151: RM: haskell-tls-extra/0.4.6.1-1

2013-03-03 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please consider removing haskell-tls-extra.  The security backport
caused a regression that pretty much completely breaks the package
(#701593), and the upstream bug log seems to indicate a lack of
interest in supporting older versions:
https://github.com/vincenthz/hs-tls/issues/32

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mpsbh7ex7nnzambdowkevxhc75ntokwfxm6mfxnkmm...@mail.gmail.com

Bug#702153: Please tag #699301 and #699304 wheezy-ignore

2013-03-03 Thread Michael Gilbert

package: release.debian.org
severity: normal

Bugs #699301 and #699304 are about non-free sRGB files.  #699305,
#699306, etc.about the same issue recently got marked wheezy-ignore. I
believe these bugs should get the same treatment.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MMVkjRskV=y1sk7r67jbzbufs2entooqdn5uv07p5j...@mail.gmail.com

Bug#702013: unblock: chromium-browser/25.0.1364.97-1

2013-03-02 Thread Michael Gilbert

 That means somebody needs to get it to build on arm{el,hf}, or get the
 binaries removed, though.
 https://buildd.debian.org/status/package.php?p=chromium-browser

 Guiseppe, Michael?

 IMO, if there's no official upstream support for arm by upstream, we should
 drop arm support to prevent unpleasant surprises and delays when updating to
 current upstream releases in wheezy-security.

The arm builds have been nothing but trouble so far, and without
upstream interest they are likely to continue to break with most
upstream releases.

My vote is removal, but its really Guiseppe's call.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MNUkvL_MZQ4_gyhFuPgAhX0e2smoP=096h6a=5O3=s...@mail.gmail.com

Bug#702123: RM: python-selenium/2.2.0-1

2013-03-02 Thread Michael Gilbert

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal

Please remove python-selenium.  It doesn't work at all for the
browsers that it is supposed to support (bug #700061).  It also has
yet to be included in a stable release and has no
reverse-dependencies.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=MOJ7jOeyq7f6W9oduTRu4_S=jzrdtaotfpdjgadt6o...@mail.gmail.com

Re: Dropping owncloud from Wheezy?

2013-03-01 Thread Michael Gilbert

On Fri, Mar 1, 2013 at 11:54 AM, Moritz Mühlenhoff wrote:
 I'm skeptical that owncloud should be shipped in Wheezy. It has
 frequent security issues and the initial maintainers appear to
 be inactive, all updates after October have been NMUs...

I agree.  Let's remove it until its demonstrably supportable security-wise.

Best wishes,
Mike


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mplhoiwh7p4rlttnbncz95xrs2ny_uhcjnugvciypd...@mail.gmail.com

Bug#696671: tpu: isc-dhcp/4.2.2.dfsg.1-5+deb70u3

2013-02-20 Thread Michael Gilbert

On Sun, Feb 17, 2013 at 8:50 AM, Philipp Kern wrote:
 On Sat, Feb 16, 2013 at 04:20:45PM -0500, Michael Gilbert wrote:
 On Sat, Feb 16, 2013 at 4:18 PM, Michael Gilbert wrote:
  I've attached an updated proposed patch, which also fixes #698582 (and
  consequentially #700363).
  File attached.
 Really attached this time ...

 thanks. Please go ahead.

Uploaded.


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CANTw=mp96aou1rtudivm2cjbfijj+g_z5dqfpszgfcj+ftz...@mail.gmail.com

1 2 3 >

1 - 100 of 269 matches

Mail list logo